Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

3247 lines
76 KiB

/*++
Copyright (c) 2000 Microsoft Corporation
Module Name:
credapi.c
Abstract:
This module contains the RPC client side routines for the credential manager.
Author:
Cliff Van Dyke (CliffV) January 11, 2000
Revision History:
--*/
#include "lsaclip.h"
#include "align.h"
#include "credp.h"
#include <rpcasync.h>
DWORD
CredpNtStatusToWinStatus(
IN NTSTATUS Status
)
/*++
Routine Description:
Covert an NT Status code to a windows status code.
There a enough funky status codes to justify this routine.
Arguments:
Status - NT Status code to convert
Return Values:
Windows status code.
--*/
{
//
// Some HRESULTS should simply be returned to the caller
//
if ( HRESULT_FACILITY(Status) == FACILITY_SCARD ) {
return Status;
}
//
// Translate all other status codes
//
switch ( Status ) {
case STATUS_SUCCESS:
return NO_ERROR;
case STATUS_INVALID_ACCOUNT_NAME:
return ERROR_BAD_USERNAME;
case STATUS_INVALID_PARAMETER_1:
return ERROR_INVALID_FLAGS;
default:
return RtlNtStatusToDosError( Status );
}
}
BOOL
APIENTRY
CredpEncodeCredential (
IN OUT PENCRYPTED_CREDENTIALW Credential
)
/*++
Routine Description:
This routine encodes sensitive credential data for passing via LPC to
the LSA process.
Arguments:
Credential - Specifies the credential to be encode.
Encode the buffer in-place. The caller must ensure there is extra space
available in the buffer pointed to by Credential->CredentialBlob by allocating
a buffer AlocatedCredBlobSize() bytes long.
Return Values:
TRUE on success
None
--*/
{
NTSTATUS Status;
//
// If there is no credential blob,
// we're done.
//
if ( Credential->Cred.CredentialBlob == NULL ||
Credential->Cred.CredentialBlobSize == 0 ) {
Credential->Cred.CredentialBlob = NULL;
Credential->Cred.CredentialBlobSize = 0;
Credential->ClearCredentialBlobSize = 0;
//
// Otherwise RtlEncryptMemory it.
// (That's all we need since we're passing the buffer via LPC.)
//
} else {
ULONG PaddingSize;
//
// Compute the real size of the passed in buffer
//
Credential->Cred.CredentialBlobSize = AllocatedCredBlobSize( Credential->ClearCredentialBlobSize );
//
// Clear the padding at the end to ensure we can compare encrypted blobs
//
PaddingSize = Credential->Cred.CredentialBlobSize - Credential->ClearCredentialBlobSize;
if ( PaddingSize != 0 ) {
RtlZeroMemory( &Credential->Cred.CredentialBlob[Credential->ClearCredentialBlobSize],
PaddingSize );
}
Status = RtlEncryptMemory( Credential->Cred.CredentialBlob,
Credential->Cred.CredentialBlobSize,
RTL_ENCRYPT_OPTION_CROSS_PROCESS );
if ( !NT_SUCCESS(Status)) {
return FALSE;
}
}
return TRUE;
}
BOOL
APIENTRY
CredpDecodeCredential (
IN OUT PENCRYPTED_CREDENTIALW Credential
)
/*++
Routine Description:
This routine decodes sensitive credential data passed via LPC from
the LSA process.
The credential is decoded in-place.
Arguments:
Credential - Specifies the credential to be decode.
Return Values:
None
--*/
{
NTSTATUS Status;
//
// Only decode data if it is there
//
if ( Credential->Cred.CredentialBlobSize != 0 ) {
//
// Sanity check the data
//
if ( Credential->Cred.CredentialBlobSize <
Credential->ClearCredentialBlobSize ) {
return FALSE;
}
//
// Decrypt the data.
//
Status = RtlDecryptMemory( Credential->Cred.CredentialBlob,
Credential->Cred.CredentialBlobSize,
RTL_ENCRYPT_OPTION_CROSS_PROCESS );
if ( !NT_SUCCESS(Status)) {
return FALSE;
}
//
// Set the used size of the buffer.
//
Credential->Cred.CredentialBlobSize = Credential->ClearCredentialBlobSize;
}
return TRUE;
}
//
// Include shared credential conversion ruotines
//
#include <crconv.c>
DWORD
CredpAllocStrFromStr(
IN WTOA_ENUM WtoA,
IN LPCWSTR InputString,
IN BOOLEAN NullOk,
OUT LPWSTR *OutString
)
/*++
Routine Description:
Convert a string to another format.
Exceptions are caught. So this routine can be used to capture user data.
Arguments:
WtoA - Specifies the direction of the string conversion.
InputString - Specifies the zero terminated string to convert.
NullOk - if TRUE, a NULL string or zero length string is OK.
OutputString - Converted zero terminated string.
The buffer must be freed using MIDL_user_free.
Return Value:
Status of the operation.
--*/
{
DWORD WinStatus;
ULONG Size;
LPWSTR LocalString = NULL;
LPBYTE Where;
*OutString = NULL;
//
// Use an exception handle to prevent bad user parameter from AVing in our code.
//
try {
//
// Determine the size of the string buffer.
//
Size = CredpConvertStringSize ( WtoA, (LPWSTR)InputString );
if ( Size == 0 ) {
if ( NullOk ) {
WinStatus = NO_ERROR;
} else {
WinStatus = ERROR_INVALID_PARAMETER;
}
goto Cleanup;
}
//
// Allocate a buffer for the converted string
//
*OutString = MIDL_user_allocate( Size );
if ( *OutString == NULL ) {
WinStatus = ERROR_NOT_ENOUGH_MEMORY;
goto Cleanup;
}
//
// Covert the string
//
Where = (LPBYTE) *OutString;
WinStatus = CredpConvertString ( WtoA,
(LPWSTR)InputString,
OutString,
&Where );
Cleanup: NOTHING;
} except( EXCEPTION_EXECUTE_HANDLER ) {
WinStatus = ERROR_INVALID_PARAMETER;
}
//
// Clean up
//
if ( WinStatus != NO_ERROR ) {
if ( *OutString != NULL ) {
MIDL_user_free( *OutString );
*OutString = NULL;
}
}
return WinStatus;
}
BOOL
APIENTRY
CredWriteA (
IN PCREDENTIALA Credential,
IN DWORD Flags
)
/*++
Routine Description:
The ANSI version of CredWriteW.
Arguments:
See CredWriteW.
Return Values:
See CredWriteW.
--*/
{
DWORD WinStatus;
PCREDENTIALW EncodedCredential = NULL;
//
// Encode the credential before LPCing it to the LSA process and convert to UNICODE
//
WinStatus = CredpConvertCredential ( DoAtoW, // Ansi to Unicode
DoBlobEncode, // Encode
(PCREDENTIALW)Credential, // Input credential
&EncodedCredential ); // Output credential
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrWrite(
NULL, // This API is always local.
(PENCRYPTED_CREDENTIALW)EncodedCredential,
Flags );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
MIDL_user_free( EncodedCredential );
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredWriteW (
IN PCREDENTIALW Credential,
IN DWORD Flags
)
/*++
Routine Description:
The CredWrite API creates a new credential or modifies an existing
credential in the user's credential set. The new credential is
associated with the logon session of the current token. The token
must not have the user's SID disabled.
The CredWrite API creates a credential if none already exists by the
specified TargetName. If the specified TargetName already exists, the
specified credential replaces the existing one.
The CredWrite API is available in ANSI and UNICODE versions.
Arguments:
Credential - Specifies the credential to be written.
Flags - Specifies flags to control the operation of the API.
The following flags are defined:
CRED_PRESERVE_CREDENTIAL_BLOB: The credential blob should be preserved from the
already existing credential with the same credential name and credential type.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_NO_SUCH_LOGON_SESSION - The logon session does not exist or
there is no credential set associated with this logon session.
Network logon sessions do not have an associated credential set.
ERROR_INVALID_PARAMETER - Certain fields may not be changed in an
existing credential. If such a field does not match the value
specified in the existing credential, this error is returned.
ERROR_NOT_FOUND - There is no credential with the specified TargetName.
Returned only if CRED_PRESERVE_CREDENTIAL_BLOB was specified.
--*/
{
DWORD WinStatus;
PCREDENTIALW EncodedCredential = NULL;
//
// Encode the credential before LPCing it to the LSA process.
//
WinStatus = CredpConvertCredential ( DoWtoW, // Unicode to Unicode
DoBlobEncode, // Encode
(PCREDENTIALW)Credential, // Input credential
&EncodedCredential ); // Output credential
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrWrite(
NULL, // This API is always local.
(PENCRYPTED_CREDENTIALW)EncodedCredential,
Flags );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
MIDL_user_free( EncodedCredential );
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredReadA (
IN LPCSTR TargetName,
IN ULONG Type,
IN DWORD Flags,
OUT PCREDENTIALA *Credential
)
/*++
Routine Description:
The ANSI version of CredReadW.
Arguments:
See CredReadW.
Return Values:
See CredReadW.
--*/
{
DWORD WinStatus;
PCREDENTIALW LocalCredential = NULL;
LPWSTR UnicodeTargetName = NULL;
//
// Convert input args to Unicode
//
WinStatus = CredpAllocStrFromStr( DoAtoW, (LPWSTR) TargetName, FALSE, &UnicodeTargetName );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrRead(
NULL, // This API is always local.
UnicodeTargetName,
Type,
Flags,
(PENCRYPTED_CREDENTIALW *)&LocalCredential );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
//
// Decode the returned credential and align appropriate blobs to ALIGN_WORST bounday
//
if ( WinStatus == NO_ERROR ) {
WinStatus = CredpConvertCredential ( DoWtoA, // Unicode to Ansi
DoBlobDecode, // Decode the credential blob
LocalCredential,
(PCREDENTIALW *)Credential );
}
Cleanup:
if ( UnicodeTargetName != NULL ) {
MIDL_user_free( UnicodeTargetName );
}
if ( LocalCredential != NULL ) {
MIDL_user_free( LocalCredential );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredReadW (
IN LPCWSTR TargetName,
IN ULONG Type,
IN DWORD Flags,
OUT PCREDENTIALW *Credential
)
/*++
Routine Description:
The CredRead API reads a credential from the user's credential set.
The credential set used is the one associated with the logon session
of the current token. The token must not have the user's SID disabled.
The CredRead API is available in ANSI and UNICODE versions.
Arguments:
TargetName - Specifies the name of the credential to read.
Type - Specifies the Type of the credential to find.
One of the CRED_TYPE_* values should be specified.
Flags - Specifies flags to control the operation of the API.
Reserved. Must be zero.
Credential - Returns a pointer to the credential. The returned buffer
must be freed by calling CredFree.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_NOT_FOUND - There is no credential with the specified TargetName.
ERROR_NO_SUCH_LOGON_SESSION - The logon session does not exist or
there is no credential set associated with this logon session.
Network logon sessions do not have an associated credential set.
--*/
{
DWORD WinStatus;
PCREDENTIALW LocalCredential = NULL;
LPWSTR UnicodeTargetName = NULL;
//
// Capture the input args
//
WinStatus = CredpAllocStrFromStr( DoWtoW, TargetName, FALSE, &UnicodeTargetName );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrRead(
NULL, // This API is always local.
UnicodeTargetName,
Type,
Flags,
(PENCRYPTED_CREDENTIALW *)&LocalCredential );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
//
// Decode the returned credential and align appropriate blobs to ALIGN_WORST bounday
//
if ( WinStatus == NO_ERROR ) {
WinStatus = CredpConvertCredential ( DoWtoW, // Unicode to Unicode
DoBlobDecode, // Decode the credential blob
LocalCredential,
Credential );
}
Cleanup:
if ( UnicodeTargetName != NULL ) {
MIDL_user_free( UnicodeTargetName );
}
if ( LocalCredential != NULL ) {
MIDL_user_free( LocalCredential );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredEnumerateA (
IN LPCSTR Filter,
IN DWORD Flags,
OUT LPDWORD Count,
OUT PCREDENTIALA **Credentials
)
/*++
Routine Description:
The ANSI version of CredEnumerateW
Arguments:
See CredEnumerateW
Return Values:
See CredEnumerateW
--*/
{
DWORD WinStatus;
CREDENTIAL_ARRAY CredentialArray;
LPWSTR UnicodeFilter = NULL;
//
// Force RPC to allocate the return structure
//
*Count = 0;
*Credentials = NULL;
CredentialArray.CredentialCount = 0;
CredentialArray.Credentials = NULL;
//
// Convert input args to Unicode
//
WinStatus = CredpAllocStrFromStr( DoAtoW, (LPWSTR)Filter, TRUE, &UnicodeFilter );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrEnumerate(
NULL, // This API is always local.
UnicodeFilter,
Flags,
&CredentialArray );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
//
// Decode the returned credentials and align appropriate blobs to ALIGN_WORST bounday
//
if ( WinStatus == NO_ERROR ) {
WinStatus = CredpConvertCredentials ( DoWtoA, // Unicode to Ansi
DoBlobDecode, // Decode the credential blob
(PCREDENTIALW *)CredentialArray.Credentials,
CredentialArray.CredentialCount,
(PCREDENTIALW **)Credentials );
if ( WinStatus == NO_ERROR ) {
*Count = CredentialArray.CredentialCount;
}
}
Cleanup:
if ( CredentialArray.Credentials != NULL ) {
MIDL_user_free( CredentialArray.Credentials );
}
if ( UnicodeFilter != NULL ) {
MIDL_user_free( UnicodeFilter );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus) ;
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredEnumerateW (
IN LPCWSTR Filter,
IN DWORD Flags,
OUT LPDWORD Count,
OUT PCREDENTIALW **Credentials
)
/*++
Routine Description:
The CredEnumerate API enumerates the credentials from the user's credential set.
The credential set used is the one associated with the logon session
of the current token. The token must not have the user's SID disabled.
The CredEnumerate API is available in ANSI and UNICODE versions.
Arguments:
Filter - Specifies a filter for the returned credentials. Only credentials
with a TargetName matching the filter will be returned. The filter specifies
a name prefix followed by an asterisk. For instance, the filter "FRED*" will
return all credentials with a TargetName beginning with the string "FRED".
If NULL is specified, all credentials will be returned.
Flags - Specifies flags to control the operation of the API.
Reserved. Must be zero.
Count - Returns a count of the number of credentials returned in Credentials.
Credentials - Returns a pointer to an array of pointers to credentials.
The returned buffer must be freed by calling CredFree.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_NOT_FOUND - There is no credentials matching the specified Filter.
ERROR_NO_SUCH_LOGON_SESSION - The logon session does not exist or
there is no credential set associated with this logon session.
Network logon sessions do not have an associated credential set.
--*/
{
DWORD WinStatus;
CREDENTIAL_ARRAY CredentialArray;
LPWSTR UnicodeFilter = NULL;
//
// Force RPC to allocate the return structure
//
*Count = 0;
*Credentials = NULL;
CredentialArray.CredentialCount = 0;
CredentialArray.Credentials = NULL;
//
// Capture the user's input parameters
//
WinStatus = CredpAllocStrFromStr( DoWtoW, Filter, TRUE, &UnicodeFilter );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrEnumerate(
NULL, // This API is always local.
UnicodeFilter,
Flags,
&CredentialArray );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
//
// Decode the returned credentials and align appropriate blobs to ALIGN_WORST bounday
//
if ( WinStatus == NO_ERROR ) {
WinStatus = CredpConvertCredentials ( DoWtoW, // Unicode to Unicode
DoBlobDecode, // Decode the credential blob
(PCREDENTIALW *)CredentialArray.Credentials,
CredentialArray.CredentialCount,
Credentials );
if ( WinStatus == NO_ERROR ) {
*Count = CredentialArray.CredentialCount;
}
}
Cleanup:
if ( CredentialArray.Credentials != NULL ) {
MIDL_user_free( CredentialArray.Credentials );
}
if ( UnicodeFilter != NULL ) {
MIDL_user_free( UnicodeFilter );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus) ;
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredWriteDomainCredentialsA (
IN PCREDENTIAL_TARGET_INFORMATIONA TargetInfo,
IN PCREDENTIALA Credential,
IN DWORD Flags
)
/*++
Routine Description:
The ANSI version of CredWriteDomainCredentialsW
Arguments:
See CredWriteDomainCredentialsW
Return Values:
See CredWriteDomainCredentialsW
--*/
{
DWORD WinStatus;
PCREDENTIAL_TARGET_INFORMATIONW UnicodeTargetInfo = NULL;
PCREDENTIALW EncodedCredential = NULL;
//
// Encode the credential before LPCing it to the LSA process and convert to UNICODE
//
WinStatus = CredpConvertCredential ( DoAtoW, // Ansi to Unicode
DoBlobEncode, // Encode
(PCREDENTIALW)Credential, // Input credential
&EncodedCredential ); // Output credential
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Convert the target info to Unicode
//
WinStatus = CredpConvertTargetInfo( DoAtoW, // Ansi to Unicode
(PCREDENTIAL_TARGET_INFORMATIONW) TargetInfo,
&UnicodeTargetInfo,
NULL );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrWriteDomainCredentials(
NULL, // This API is always local.
UnicodeTargetInfo,
(PENCRYPTED_CREDENTIALW)EncodedCredential,
Flags );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
Cleanup:
if ( EncodedCredential != NULL ) {
MIDL_user_free( EncodedCredential );
}
if ( UnicodeTargetInfo != NULL ) {
MIDL_user_free( UnicodeTargetInfo );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredWriteDomainCredentialsW (
IN PCREDENTIAL_TARGET_INFORMATIONW TargetInfo,
IN PCREDENTIALW Credential,
IN DWORD Flags
)
/*++
Routine Description:
The CredWriteDomainCredentials API writes a new domain
credential to the user's credential set. The new credential is
associated with the logon session of the current token. The token
must not have the user's SID disabled.
CredWriteDomainCredentials differs from CredWrite in that it handles
the idiosyncrasies of domain (CRED_TYPE_DOMAIN_PASSWORD or CRED_TYPE_DOMAIN_CERTIFICATE)
credentials. Domain credentials contain more than one target field.
At least one of the naming parameters must be specified: NetbiosServerName,
DnsServerName, NetbiosDomainName, DnsDomainName or DnsForestName.
The CredWriteDomainCredentials API is available in ANSI and UNICODE versions.
Arguments:
TargetInfo - Specifies the target information identifying the target server.
Credential - Specifies the credential to be written.
Flags - Specifies flags to control the operation of the API.
Reserved. Must be zero.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_NO_SUCH_LOGON_SESSION - The logon session does not exist or
there is no credential set associated with this logon session.
Network logon sessions do not have an associated credential set.
ERROR_INVALID_PARAMETER - Certain fields may not be changed in an
existing credential. If such a field does not match the value
specified in the existing credential, this error is returned.
ERROR_INVALID_PARAMETER - None of the naming parameters were specified
or the credential specified did not have the Type field set to
CRED_TYPE_DOMAIN_PASSWORD or CRED_TYPE_DOMAIN_CERTIFICATE.
--*/
{
DWORD WinStatus;
PCREDENTIALW EncodedCredential = NULL;
PCREDENTIAL_TARGET_INFORMATIONW UnicodeTargetInfo = NULL;
//
// Encode the credential before LPCing it to the LSA process
//
WinStatus = CredpConvertCredential ( DoWtoW, // Unicode to Unicode
DoBlobEncode, // Encode
(PCREDENTIALW)Credential, // Input credential
&EncodedCredential ); // Output credential
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Capture the target info to prevent us from AVing in our code.
//
WinStatus = CredpConvertTargetInfo( DoWtoW, // Unicode to Unicode
(PCREDENTIAL_TARGET_INFORMATIONW) TargetInfo,
&UnicodeTargetInfo,
NULL );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrWriteDomainCredentials(
NULL, // This API is always local.
TargetInfo,
(PENCRYPTED_CREDENTIALW)EncodedCredential,
Flags );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
Cleanup:
if ( EncodedCredential != NULL ) {
MIDL_user_free( EncodedCredential );
}
if ( UnicodeTargetInfo != NULL ) {
MIDL_user_free( UnicodeTargetInfo );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredReadDomainCredentialsA (
IN PCREDENTIAL_TARGET_INFORMATIONA TargetInfo,
IN DWORD Flags,
OUT LPDWORD Count,
OUT PCREDENTIALA **Credentials
)
/*++
Routine Description:
The ANSI version of CredReadDomainCredentialsW
Arguments:
See CredReadDomainCredentialsW
Return Values:
See CredReadDomainCredentialsW
--*/
{
DWORD WinStatus;
CREDENTIAL_ARRAY CredentialArray;
PCREDENTIAL_TARGET_INFORMATIONW UnicodeTargetInfo = NULL;
//
// Force RPC to allocate the return structure
//
*Count = 0;
*Credentials = NULL;
CredentialArray.CredentialCount = 0;
CredentialArray.Credentials = NULL;
//
// Convert the target info to Unicode
//
WinStatus = CredpConvertTargetInfo( DoAtoW, // Ansi to Unicode
(PCREDENTIAL_TARGET_INFORMATIONW) TargetInfo,
&UnicodeTargetInfo,
NULL );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
Status = CredrReadDomainCredentials(
NULL, // This API is always local.
UnicodeTargetInfo,
Flags,
&CredentialArray );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
//
// Decode the returned credentials and align appropriate blobs to ALIGN_WORST bounday
//
if ( WinStatus == NO_ERROR ) {
WinStatus = CredpConvertCredentials ( DoWtoA, // Unicode to Ansi
DoBlobDecode, // Decode the credential blob
(PCREDENTIALW *)CredentialArray.Credentials,
CredentialArray.CredentialCount,
(PCREDENTIALW **)Credentials );
if ( WinStatus == NO_ERROR ) {
*Count = CredentialArray.CredentialCount;
}
}
Cleanup:
if ( CredentialArray.Credentials != NULL ) {
MIDL_user_free( CredentialArray.Credentials );
}
if ( UnicodeTargetInfo != NULL ) {
MIDL_user_free( UnicodeTargetInfo );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus) ;
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredReadDomainCredentialsW (
IN PCREDENTIAL_TARGET_INFORMATIONW TargetInfo,
IN DWORD Flags,
OUT LPDWORD Count,
OUT PCREDENTIALW **Credentials
)
/*++
Routine Description:
The CredReadDomainCredentials API reads the domain credentials from the user's credential set.
The credential set used is the one associated with the logon session
of the current token. The token must not have the user's SID disabled.
CredReadDomainCredentials differs from CredRead in that it handles the
idiosyncrasies of domain (CRED_TYPE_DOMAIN_PASSWORD or CRED_TYPE_DOMAIN_CERTIFICATE)
credentials. Domain credentials contain more than one target field.
At least one of the naming parameters must be specified: NetbiosServerName,
DnsServerName, NetbiosDomainName, DnsDomainName or DnsForestName. This API returns
the most specific credentials that match the naming parameters. That is, if there
is a credential that matches the target server name and a credential that matches
the target domain name, only the server specific credential is returned. This is
the credential that would be used.
The CredReadDomainCredentials API is available in ANSI and UNICODE versions.
Arguments:
TargetInfo - Specifies the target information identifying the target ser
Flags - Specifies flags to control the operation of the API.
The following flags are defined:
CRED_CACHE_TARGET_INFORMATION: The TargetInfo should be cached for a subsequent read via
CredGetTargetInfo.
Count - Returns a count of the number of credentials returned in Credentials.
Credentials - Returns a pointer to an array of pointers to credentials.
The most specific existing credential matching the TargetInfo is returned.
If there is both a CRED_TYPE_DOMAIN_PASSWORD and CRED_TYPE_DOMAIN_CERTIFICATE
credential, both are returned. If a connection were to be made to the named
target, this most-specific credential would be used.
The returned buffer must be freed by calling CredFree.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_INVALID_PARAMETER - None of the naming parameters were specified.
ERROR_NOT_FOUND - There are no credentials matching the specified naming parameters.
ERROR_NO_SUCH_LOGON_SESSION - The logon session does not exist or
there is no credential set associated with this logon session.
Network logon sessions do not have an associated credential set.
--*/
{
DWORD WinStatus;
CREDENTIAL_ARRAY CredentialArray;
PCREDENTIAL_TARGET_INFORMATIONW UnicodeTargetInfo = NULL;
//
// Force RPC to allocate the return structure
//
*Count = 0;
*Credentials = NULL;
CredentialArray.CredentialCount = 0;
CredentialArray.Credentials = NULL;
//
// Capture the user's parameters to prevent AVing in our code.
//
WinStatus = CredpConvertTargetInfo( DoWtoW, // Unicode to Unicode
(PCREDENTIAL_TARGET_INFORMATIONW) TargetInfo,
&UnicodeTargetInfo,
NULL );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
Status = CredrReadDomainCredentials(
NULL, // This API is always local.
TargetInfo,
Flags,
&CredentialArray );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
//
// Decode the returned credentials and align appropriate blobs to ALIGN_WORST bounday
//
if ( WinStatus == NO_ERROR ) {
WinStatus = CredpConvertCredentials ( DoWtoW, // Unicode to Unicode
DoBlobDecode, // Decode the credential blob
(PCREDENTIALW *)CredentialArray.Credentials,
CredentialArray.CredentialCount,
Credentials );
if ( WinStatus == NO_ERROR ) {
*Count = CredentialArray.CredentialCount;
}
}
Cleanup:
if ( CredentialArray.Credentials != NULL ) {
MIDL_user_free( CredentialArray.Credentials );
}
if ( UnicodeTargetInfo != NULL ) {
MIDL_user_free( UnicodeTargetInfo );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus) ;
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredDeleteA (
IN LPCSTR TargetName,
IN ULONG Type,
IN DWORD Flags
)
/*++
Routine Description:
The ANSI version of CredDeleteW
Arguments:
See CredDeleteW
Return Values:
See CredDeleteW
--*/
{
DWORD WinStatus;
LPWSTR UnicodeTargetName = NULL;
//
// Convert input args to Unicode
//
WinStatus = CredpAllocStrFromStr( DoAtoW, (LPWSTR)TargetName, FALSE, &UnicodeTargetName );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrDelete(
NULL, // This API is always local.
UnicodeTargetName,
Type,
Flags );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
//
// Be Tidy
//
Cleanup:
if ( UnicodeTargetName != NULL ) {
MIDL_user_free( UnicodeTargetName );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredDeleteW (
IN LPCWSTR TargetName,
IN ULONG Type,
IN DWORD Flags
)
/*++
Routine Description:
The CredDelete API deletes a credential from the user's credential set.
The credential set used is the one associated with the logon session
of the current token. The token must not have the user's SID disabled.
The CredDelete API is available in ANSI and UNICODE versions.
Arguments:
TargetName - Specifies the name of the credential to delete.
Type - Specifies the Type of the credential to find.
One of the CRED_TYPE_* values should be specified.
Flags - Specifies flags to control the operation of the API.
Reserved. Must be zero.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_NOT_FOUND - There is no credential with the specified TargetName.
ERROR_NO_SUCH_LOGON_SESSION - The logon session does not exist or
there is no credential set associated with this logon session.
Network logon sessions do not have an associated credential set.
--*/
{
DWORD WinStatus;
LPWSTR UnicodeTargetName = NULL;
//
// Capture the input arguments
//
WinStatus = CredpAllocStrFromStr( DoWtoW, TargetName, FALSE, &UnicodeTargetName );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrDelete(
NULL, // This API is always local.
UnicodeTargetName,
Type,
Flags );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
//
// Be Tidy
//
Cleanup:
if ( UnicodeTargetName != NULL ) {
MIDL_user_free( UnicodeTargetName );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredRenameA (
IN LPCSTR OldTargetName,
IN LPCSTR NewTargetName,
IN ULONG Type,
IN DWORD Flags
)
/*++
Routine Description:
The ANSI version of CredRenameW
Arguments:
See CredRenameW
Return Values:
See CredRenameW
--*/
{
DWORD WinStatus;
LPWSTR UnicodeOldTargetName = NULL;
LPWSTR UnicodeNewTargetName = NULL;
//
// Capture the input arguments
//
WinStatus = CredpAllocStrFromStr( DoAtoW, (LPCWSTR)OldTargetName, FALSE, &UnicodeOldTargetName );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
WinStatus = CredpAllocStrFromStr( DoAtoW, (LPCWSTR)NewTargetName, FALSE, &UnicodeNewTargetName );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrRename(
NULL, // This API is always local.
UnicodeOldTargetName,
UnicodeNewTargetName,
Type,
Flags );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
//
// Be Tidy
//
Cleanup:
if ( UnicodeOldTargetName != NULL ) {
MIDL_user_free( UnicodeOldTargetName );
}
if ( UnicodeNewTargetName != NULL ) {
MIDL_user_free( UnicodeNewTargetName );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredRenameW (
IN LPCWSTR OldTargetName,
IN LPCWSTR NewTargetName,
IN ULONG Type,
IN DWORD Flags
)
/*++
Routine Description:
The CredRename API renames a credential in the user's credential set.
The credential set used is the one associated with the logon session
of the current token. The token must not have the user's SID disabled.
The CredRename API is available in ANSI and UNICODE versions.
Arguments:
OldTargetName - Specifies the current name of the credential to rename.
NewTargetName - Specifies the new name of the credential.
Type - Specifies the Type of the credential to rename
One of the CRED_TYPE_* values should be specified.
Flags - Specifies flags to control the operation of the API.
Reserved. Must be zero.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_NOT_FOUND - There is no credential with the specified OldTargetName.
ERROR_ALREADY_EXISTS - There is already a credential named NewTargetName.
ERROR_NO_SUCH_LOGON_SESSION - The logon session does not exist or
there is no credential set associated with this logon session.
Network logon sessions do not have an associated credential set.
--*/
{
DWORD WinStatus;
LPWSTR UnicodeOldTargetName = NULL;
LPWSTR UnicodeNewTargetName = NULL;
//
// Capture the input arguments
//
WinStatus = CredpAllocStrFromStr( DoWtoW, OldTargetName, FALSE, &UnicodeOldTargetName );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
WinStatus = CredpAllocStrFromStr( DoWtoW, NewTargetName, FALSE, &UnicodeNewTargetName );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrRename(
NULL, // This API is always local.
UnicodeOldTargetName,
UnicodeNewTargetName,
Type,
Flags );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
//
// Be Tidy
//
Cleanup:
if ( UnicodeOldTargetName != NULL ) {
MIDL_user_free( UnicodeOldTargetName );
}
if ( UnicodeNewTargetName != NULL ) {
MIDL_user_free( UnicodeNewTargetName );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
VOID
APIENTRY
CredFree (
IN PVOID Buffer
)
/*++
Routine Description:
The CredFree API de-allocates a buffer returned from the various other Credential API.
Arguments:
Buffer -Specifies the buffer to be de-allocated.
Return Values:
None
--*/
{
MIDL_user_free( Buffer );
}
BOOL
APIENTRY
CredGetTargetInfoA (
IN LPCSTR ServerName,
IN DWORD Flags,
OUT PCREDENTIAL_TARGET_INFORMATIONA *TargetInfo
)
/*++
Routine Description:
The ANSI version of CredGetTargetInfoW
Arguments:
See CredGetTargetInfoW
Return Values:
See CredGetTargetInfoW
--*/
{
DWORD WinStatus;
LPWSTR UnicodeServerName = NULL;
PCREDENTIAL_TARGET_INFORMATIONW UnicodeTargetInfo = NULL;
//
// Convert input args to Unicode
//
WinStatus = CredpAllocStrFromStr( DoAtoW, (LPWSTR)ServerName, FALSE, &UnicodeServerName );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrGetTargetInfo(
NULL, // This API is always local.
UnicodeServerName,
Flags,
&UnicodeTargetInfo );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Convert the target info to ANSI
//
WinStatus = CredpConvertTargetInfo( DoWtoA, // Unicode to Ansi
UnicodeTargetInfo,
(PCREDENTIAL_TARGET_INFORMATIONW *)TargetInfo,
NULL );
Cleanup:
if ( UnicodeTargetInfo != NULL ) {
MIDL_user_free( UnicodeTargetInfo );
}
if ( UnicodeServerName != NULL ) {
MIDL_user_free( UnicodeServerName );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredGetTargetInfoW (
IN LPCWSTR ServerName,
IN DWORD Flags,
OUT PCREDENTIAL_TARGET_INFORMATIONW *TargetInfo
)
/*++
Routine Description:
The CredGetTargetInfo API gets all of the known target name information
for the named target machine. This executed locally
and does not need any particular privilege. The information returned is expected
to be passed to the CredReadDomainCredentials and CredWriteDomainCredentials APIs.
The information should not be used for any other purpose.
Authentication packages compute TargetInfo when attempting to authenticate to
ServerName. The authentication packages cache this target information to make it
available to CredGetTargetInfo. Therefore, the target information will only be
available if we've recently attempted to authenticate to ServerName.
Arguments:
ServerName - This parameter specifies the name of the machine to get the information
for.
Flags - Specifies flags to control the operation of the API.
CRED_ALLOW_NAME_RESOLUTION - Specifies that if no target info can be found for
TargetName, then name resolution should be done on TargetName to convert it
to other forms. If target info exists for any of those other forms, that
target info is returned. Currently only DNS name resolution is done.
This bit is useful if the application doesn't call the authentication package
directly. The application might pass the TargetName to another layer of software
to authenticate to the server. That layer of software might resolve the name and
pass the resolved name to the authentication package. As such, there will be no
target info for the original TargetName.
TargetInfo - Returns a pointer to the target information.
At least one of the returned fields of TargetInfo will be non-NULL.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_NOT_FOUND - There is no target info for the named server.
--*/
{
DWORD WinStatus;
LPWSTR UnicodeServerName = NULL;
PCREDENTIAL_TARGET_INFORMATIONW UnicodeTargetInfo = NULL;
//
// Capture the input arguments
//
WinStatus = CredpAllocStrFromStr( DoWtoW, ServerName, FALSE, &UnicodeServerName );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrGetTargetInfo(
NULL, // This API is always local.
UnicodeServerName,
Flags,
&UnicodeTargetInfo );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Convert the target info to ANSI
//
WinStatus = CredpConvertTargetInfo( DoWtoW, // Unicode to Unicode
UnicodeTargetInfo,
TargetInfo,
NULL );
Cleanup:
if ( UnicodeTargetInfo != NULL ) {
MIDL_user_free( UnicodeTargetInfo );
}
if ( UnicodeServerName != NULL ) {
MIDL_user_free( UnicodeServerName );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredGetSessionTypes (
IN DWORD MaximumPersistCount,
OUT LPDWORD MaximumPersist
)
/*++
Routine Description:
CredGetSessionTypes returns the maximum persistence supported by the current logon
session.
For whistler, CRED_PERSIST_LOCAL_MACHINE and CRED_PERSIST_ENTERPRISE credentials can not
be stored for sessions where the profile is not loaded. If future releases, credentials
might not be associated with the user's profile.
Arguments:
MaximumPersistCount - Specifies the number of elements in the MaximumPersist array.
The caller should specify CRED_TYPE_MAXIMUM for this parameter.
MaximumPersist - Returns the maximum persistance supported by the current logon session for
each credential type. Index into the array with one of the CRED_TYPE_* defines.
Returns CRED_PERSIST_NONE if no credential of this type can be stored.
Returns CRED_PERSIST_SESSION if only session specific credential may be stored.
Returns CRED_PERSIST_LOCAL_MACHINE if session specific and machine specific credentials
may be stored.
Returns CRED_PERSIST_ENTERPRISE if any credential may be stored.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_NO_SUCH_LOGON_SESSION - The logon session does not exist or
there is no credential set associated with this logon session.
Network logon sessions do not have an associated credential set.
--*/
{
DWORD WinStatus;
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrGetSessionTypes(
NULL, // This API is always local.
MaximumPersistCount,
MaximumPersist );
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredProfileLoaded (
VOID
)
/*++
Routine Description:
The CredProfileLoaded API is a private API used by LoadUserProfile to notify the
credential manager that the profile for the current user has been loaded.
The caller must be impersonating the logged on user.
Arguments:
None.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_NO_SUCH_LOGON_SESSION - The logon session does not exist or
there is no credential set associated with this logon session.
Network logon sessions do not have an associated credential set.
--*/
{
DWORD WinStatus;
//
// Do the RPC call with an exception handler since RPC will raise an
// exception if anything fails. It is up to us to figure out what
// to do once the exception is raised.
//
RpcTryExcept {
NTSTATUS Status;
//
// Call RPC version of the API.
//
Status = CredrProfileLoaded(
NULL ); // This API is always local.
WinStatus = CredpNtStatusToWinStatus( Status );
} RpcExcept( I_RpcExceptionFilter( RpcExceptionCode()) ) {
WinStatus = RpcExceptionCode();
} RpcEndExcept;
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
VOID
CredpMarshalChar(
IN OUT LPWSTR *Current,
IN ULONG Byte
)
/*++
Routine Description:
This routine marshals 6 bits into a buffer.
Arguments:
Current - On input, points to a pointer of the current location in the marshaled buffer.
On output, is modified to point to the next available location in the marshaled buffer.
Byte - Specifies the 6 bits to marshal
Return Values:
None.
--*/
{
UCHAR MappingTable[] = {
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v',
'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '#', '-'
};
if ( Byte > 0x3F ) {
*(*Current) = '=';
} else {
*(*Current) = MappingTable[Byte];
}
(*Current)++;
}
ULONG
CredpMarshalSize(
IN ULONG ByteCount
)
/*++
Routine Description:
This routine returns the number of bytes that would be marshaled by
CredpMarshalBytes when passed a buffer ByteCount bytes long.
Arguments:
ByteCount - Specifies the number of bytes to marshal
Return Values:
The number of bytes that would be marshaled.
--*/
{
ULONG CharCount;
ULONG ExtraBytes;
//
// If byte count is a multiple of 3, the char count is straight forward
//
CharCount = ByteCount / 3 * 4;
ExtraBytes = ByteCount % 3;
if ( ExtraBytes == 1 ) {
CharCount += 2;
} else if ( ExtraBytes == 2 ) {
CharCount += 3;
}
return CharCount * sizeof(WCHAR);
}
VOID
CredpMarshalBytes(
IN OUT LPWSTR *Current,
IN LPBYTE Bytes,
IN ULONG ByteCount
)
/*++
Routine Description:
This routine marshals bytes into a buffer.
Arguments:
Current - On input, points to a pointer of the current location in the marshaled buffer.
On output, is modified to point to the next available location in the marshaled buffer.
Bytes - Specifies the buffer to marshal
ByteCount - Specifies the number of bytes to marshal
Return Values:
None.
--*/
{
ULONG i;
union {
BYTE ByteValues[3];
struct {
ULONG Bits1 :6;
ULONG Bits2 :6;
ULONG Bits3 :6;
ULONG Bits4 :6;
} BitValues;
} Bits;
//
// Loop through marshaling 3 bytes at a time.
//
for ( i=0; i<ByteCount; i+=3 ) {
ULONG BytesToCopy;
//
// Grab up to 3 bytes from the input buffer.
//
BytesToCopy = min( 3, ByteCount-i );
if ( BytesToCopy != 3 ) {
RtlZeroMemory( Bits.ByteValues, 3);
}
RtlCopyMemory( Bits.ByteValues, &Bytes[i], BytesToCopy );
//
// Marshal the first twelve bits
//
CredpMarshalChar( Current, Bits.BitValues.Bits1 );
CredpMarshalChar( Current, Bits.BitValues.Bits2 );
//
// Optionally marshal the next bits.
//
if ( BytesToCopy > 1 ) {
CredpMarshalChar( Current, Bits.BitValues.Bits3 );
if ( BytesToCopy > 2 ) {
CredpMarshalChar( Current, Bits.BitValues.Bits4 );
}
}
}
}
BOOL
CredpUnmarshalChar(
IN OUT LPWSTR *Current,
IN LPCWSTR End,
OUT PULONG Value
)
/*++
Routine Description:
This routine unmarshals 6 bits from a buffer.
Arguments:
Current - On input, points to a pointer of the current location in the marshaled buffer.
On output, is modified to point to the next available location in the marshaled buffer.
End - Points to the first character beyond the end of the marshaled buffer.
Value - returns the unmarshaled 6 bits value.
Return Values:
TRUE - if the bytes we're unmarshaled sucessfully
FALSE - if the byte could not be unmarshaled from the buffer.
--*/
{
WCHAR CurrentChar;
//
// Ensure the character is available in the buffer
//
if ( *Current >= End ) {
return FALSE;
}
//
// Grab the character
//
CurrentChar = *(*Current);
(*Current)++;
//
// Map it the 6 bit value
//
switch ( CurrentChar ) {
case 'A':
case 'B':
case 'C':
case 'D':
case 'E':
case 'F':
case 'G':
case 'H':
case 'I':
case 'J':
case 'K':
case 'L':
case 'M':
case 'N':
case 'O':
case 'P':
case 'Q':
case 'R':
case 'S':
case 'T':
case 'U':
case 'V':
case 'W':
case 'X':
case 'Y':
case 'Z':
*Value = CurrentChar - 'A';
break;
case 'a':
case 'b':
case 'c':
case 'd':
case 'e':
case 'f':
case 'g':
case 'h':
case 'i':
case 'j':
case 'k':
case 'l':
case 'm':
case 'n':
case 'o':
case 'p':
case 'q':
case 'r':
case 's':
case 't':
case 'u':
case 'v':
case 'w':
case 'x':
case 'y':
case 'z':
*Value = CurrentChar - 'a' + 26;
break;
case '0':
case '1':
case '2':
case '3':
case '4':
case '5':
case '6':
case '7':
case '8':
case '9':
*Value = CurrentChar - '0' + 26 + 26;
break;
case '#':
*Value = 26 + 26 + 10;
break;
case '-':
*Value = 26 + 26 + 10 + 1;
break;
default:
return FALSE;
}
return TRUE;
}
BOOL
CredpUnmarshalBytes(
IN OUT LPWSTR *Current,
IN LPCWSTR End,
IN LPBYTE Bytes,
IN ULONG ByteCount
)
/*++
Routine Description:
This routine unmarshals bytes bytes from a buffer.
Arguments:
Current - On input, points to a pointer of the current location in the marshaled buffer.
On output, is modified to point to the next available location in the marshaled buffer.
End - Points to the first character beyond the end of the marshaled buffer.
Bytes - Specifies the buffer to unmarsal into
ByteCount - Specifies the number of bytes to unmarshal
Return Values:
TRUE - if the bytes we're unmarshaled sucessfully
FALSE - if the byte could not be unmarshaled from the buffer.
--*/
{
ULONG i;
ULONG Value;
union {
BYTE ByteValues[3];
struct {
ULONG Bits1 :6;
ULONG Bits2 :6;
ULONG Bits3 :6;
ULONG Bits4 :6;
} BitValues;
} Bits;
//
// Loop through unmarshaling 3 bytes at a time.
//
for ( i=0; i<ByteCount; i+=3 ) {
ULONG BytesToCopy;
//
// Grab up to 3 bytes from the input buffer.
//
BytesToCopy = min( 3, ByteCount-i );
if ( BytesToCopy != 3 ) {
RtlZeroMemory( Bits.ByteValues, 3);
}
//
// Unarshal the first twelve bits
//
if ( !CredpUnmarshalChar( Current, End, &Value ) ) {
return FALSE;
}
Bits.BitValues.Bits1 = Value;
if ( !CredpUnmarshalChar( Current, End, &Value ) ) {
return FALSE;
}
Bits.BitValues.Bits2 = Value;
//
// Optionally marshal the next bits.
//
if ( BytesToCopy > 1 ) {
if ( !CredpUnmarshalChar( Current, End, &Value ) ) {
return FALSE;
}
Bits.BitValues.Bits3 = Value;
if ( BytesToCopy > 2 ) {
if ( !CredpUnmarshalChar( Current, End, &Value ) ) {
return FALSE;
}
Bits.BitValues.Bits4 = Value;
}
}
//
// Copy the unmarshaled bytes to the caller's buffer.
//
RtlCopyMemory( &Bytes[i], Bits.ByteValues, BytesToCopy );
}
return TRUE;
}
BOOL
APIENTRY
CredMarshalCredentialA(
IN CRED_MARSHAL_TYPE CredType,
IN PVOID Credential,
OUT LPSTR *MarshaledCredential
)
/*++
Routine Description:
The ANSI version of CredMarshalCredentialW
Arguments:
See CredMarshalCredentialW.
Return Values:
See CredMarshalCredentialW.
--*/
{
BOOL RetVal;
DWORD WinStatus;
LPWSTR UnicodeMarshaledCredential;
RetVal = CredMarshalCredentialW( CredType, Credential, &UnicodeMarshaledCredential );
if ( RetVal ) {
//
// Convert the value to ANSI.
//
WinStatus = CredpAllocStrFromStr( DoWtoA, UnicodeMarshaledCredential, FALSE, (LPWSTR *)MarshaledCredential );
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
RetVal = FALSE;
}
CredFree( UnicodeMarshaledCredential );
}
return RetVal;
}
BOOL
APIENTRY
CredMarshalCredentialW(
IN CRED_MARSHAL_TYPE CredType,
IN PVOID Credential,
OUT LPWSTR *MarshaledCredential
)
/*++
Routine Description:
The CredMarshalCredential API is a private API used by the keyring UI to marshal a
credential. The keyring UI needs to be able to pass a certificate credential through
interfaces (e.g., NetUseAdd) that have historically accepted DomainName UserName and Password.
Arguments:
CredType - Specifies the type of credential to marshal.
This enum will be expanded in the future.
Credential - Specifies the credential to marshal.
If CredType is CertCredential, then Credential points to a CERT_CREDENTIAL_INFO structure.
MarshaledCredential - Returns a text string containing the marshaled credential.
The marshaled credential should be passed as the UserName string to any API that
is currently passed credentials. If that API is currently passed a
password, the password should be passed as NULL or empty. If that API is
currently passed a domain name, that domain name should be passed as NULL or empty.
The caller should free the returned buffer using CredFree.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_INVALID_PARAMETER - CredType is invalid.
--*/
{
DWORD WinStatus;
ULONG Size;
LPWSTR RetCredential = NULL;
LPWSTR Current;
PCERT_CREDENTIAL_INFO CertCredentialInfo = NULL;
PUSERNAME_TARGET_CREDENTIAL_INFO UsernameTargetCredentialInfo = NULL;
ULONG UsernameTargetUserNameSize;
#define CRED_MARSHAL_HEADER L"@@"
#define CRED_MARSHAL_HEADER_LENGTH 2
//
// Ensure credential isn't null
//
if ( Credential == NULL ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
//
// Validate CredType
//
Size = (CRED_MARSHAL_HEADER_LENGTH+2) * sizeof(WCHAR);
switch ( CredType ) {
case CertCredential:
CertCredentialInfo = (PCERT_CREDENTIAL_INFO) Credential;
if ( CertCredentialInfo->cbSize < sizeof(CERT_CREDENTIAL_INFO) ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
Size += CredpMarshalSize( sizeof(CertCredentialInfo->rgbHashOfCert) );
break;
case UsernameTargetCredential:
UsernameTargetCredentialInfo = (PUSERNAME_TARGET_CREDENTIAL_INFO) Credential;
if ( UsernameTargetCredentialInfo->UserName == NULL ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
UsernameTargetUserNameSize = wcslen(UsernameTargetCredentialInfo->UserName)*sizeof(WCHAR);
if ( UsernameTargetUserNameSize == 0 ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
Size += CredpMarshalSize( sizeof(UsernameTargetUserNameSize) ) +
CredpMarshalSize( UsernameTargetUserNameSize );
break;
default:
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
//
// Allocate a buffer to put the marshaled string into.
//
RetCredential = (LPWSTR) MIDL_user_allocate( Size );
if ( RetCredential == NULL ) {
WinStatus = ERROR_NOT_ENOUGH_MEMORY;
goto Cleanup;
}
//
// Add the header onto the marshaled string
//
Current = RetCredential;
RtlCopyMemory( Current, CRED_MARSHAL_HEADER, CRED_MARSHAL_HEADER_LENGTH*sizeof(WCHAR) );
Current += CRED_MARSHAL_HEADER_LENGTH;
//
// Add the CredType
//
CredpMarshalChar( &Current, CredType );
//
// Marshal the CredType specific data
//
switch ( CredType ) {
case CertCredential:
CredpMarshalBytes( &Current, CertCredentialInfo->rgbHashOfCert, sizeof(CertCredentialInfo->rgbHashOfCert) );
break;
case UsernameTargetCredential:
CredpMarshalBytes( &Current, (LPBYTE)&UsernameTargetUserNameSize, sizeof(UsernameTargetUserNameSize) );
CredpMarshalBytes( &Current, (LPBYTE)UsernameTargetCredentialInfo->UserName, UsernameTargetUserNameSize );
break;
}
//
// Finally, zero terminate the string
//
*Current = L'\0';
Current ++;
//
// Return the marshaled credential to the caller.
//
ASSERT( Current == &RetCredential[Size/sizeof(WCHAR)] );
*MarshaledCredential = RetCredential;
RetCredential = NULL;
WinStatus = NO_ERROR;
Cleanup:
if ( RetCredential != NULL ) {
MIDL_user_free( RetCredential );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredUnmarshalCredentialA(
IN LPCSTR MarshaledCredential,
OUT PCRED_MARSHAL_TYPE CredType,
OUT PVOID *Credential
)
/*++
Routine Description:
The ANSI version of CredUnmarshalCredentialW
Arguments:
See CredUnmarshalCredentialW.
Return Values:
See CredUnmarshalCredentialW.
--*/
{
DWORD WinStatus;
LPWSTR UnicodeMarshaledCredential = NULL;
//
// Convert input args to Unicode
//
WinStatus = CredpAllocStrFromStr( DoAtoW, (LPWSTR)MarshaledCredential, FALSE, &UnicodeMarshaledCredential );
if ( WinStatus != NO_ERROR ) {
goto Cleanup;
}
//
// Do the unmarshaling
//
if ( !CredUnmarshalCredentialW( UnicodeMarshaledCredential,
CredType,
Credential ) ) {
WinStatus = GetLastError();
goto Cleanup;
}
WinStatus = NO_ERROR;
Cleanup:
if ( UnicodeMarshaledCredential != NULL ) {
MIDL_user_free( UnicodeMarshaledCredential );
}
if ( WinStatus != NO_ERROR ) {
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredUnmarshalCredentialW(
IN LPCWSTR MarshaledCredential,
OUT PCRED_MARSHAL_TYPE CredType,
OUT PVOID *Credential
)
/*++
Routine Description:
The CredMarshalCredential API is a private API used by an authentication package to unmarshal a
credential. The keyring UI needs to be able to pass a certificate credential through
interfaces (e.g., NetUseAdd) that have historically accepted DomainName UserName and Password.
Arguments:
MarshaledCredential - Specifies a text string containing the marshaled credential.
CredType - Returns the type of credential.
Credential - Returns a pointer to the unmarshaled credential.
If CredType is CertCredential, then the returned pointer is to a CERT_CREDENTIAL_INFO structure.
The caller should free the returned buffer using CredFree.
Return Values:
On success, TRUE is returned. On failure, FALSE is returned.
GetLastError() may be called to get a more specific status code.
The following status codes may be returned:
ERROR_INVALID_PARAMETER - MarshaledCredential is not valid
--*/
{
DWORD WinStatus;
LPWSTR Current;
LPCWSTR End;
PCERT_CREDENTIAL_INFO CertCredentialInfo;
PUSERNAME_TARGET_CREDENTIAL_INFO UsernameTargetCredentialInfo;
PVOID RetCredential = NULL;
ULONG UsernameTargetUserNameSize;
LPBYTE Where;
ULONG MarshaledCredentialLength;
//
// Validate the passed in buffer.
//
if ( MarshaledCredential == NULL ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
//
// Ensure the first few bytes are the appropriate header
//
if ( MarshaledCredential[0] != CRED_MARSHAL_HEADER[0] || MarshaledCredential[1] != CRED_MARSHAL_HEADER[1] ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
//
// Validate the credential type
//
MarshaledCredentialLength = wcslen(MarshaledCredential);
Current = (LPWSTR) &MarshaledCredential[2];
End = &MarshaledCredential[MarshaledCredentialLength];
if ( !CredpUnmarshalChar( &Current, End, (PULONG)CredType ) ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
switch ( *CredType ) {
case CertCredential:
//
// Allocate a buffer that will be more than big enough
//
CertCredentialInfo = MIDL_user_allocate(
sizeof(*CertCredentialInfo) +
MarshaledCredentialLength*sizeof(WCHAR) );
if ( CertCredentialInfo == NULL ) {
WinStatus = ERROR_NOT_ENOUGH_MEMORY;
goto Cleanup;
}
RetCredential = CertCredentialInfo;
CertCredentialInfo->cbSize = sizeof(*CertCredentialInfo);
//
// Unmarshal the data
//
if ( !CredpUnmarshalBytes( &Current, End, CertCredentialInfo->rgbHashOfCert, sizeof(CertCredentialInfo->rgbHashOfCert) ) ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
break;
case UsernameTargetCredential:
//
// Allocate a buffer that will be more than big enough
//
UsernameTargetCredentialInfo = MIDL_user_allocate(
sizeof(*UsernameTargetCredentialInfo) +
MarshaledCredentialLength*sizeof(WCHAR) +
sizeof(WCHAR) );
if ( UsernameTargetCredentialInfo == NULL ) {
WinStatus = ERROR_NOT_ENOUGH_MEMORY;
goto Cleanup;
}
RetCredential = UsernameTargetCredentialInfo;
Where = (LPBYTE)(UsernameTargetCredentialInfo+1);
//
// Unmarshal the size of the data
//
if ( !CredpUnmarshalBytes( &Current, End, (LPBYTE)&UsernameTargetUserNameSize, sizeof(UsernameTargetUserNameSize) ) ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
if ( UsernameTargetUserNameSize != ROUND_UP_COUNT( UsernameTargetUserNameSize, sizeof(WCHAR)) ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
if ( UsernameTargetUserNameSize == 0 ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
//
// Unmarshal the data
//
UsernameTargetCredentialInfo->UserName = (LPWSTR)Where;
if ( !CredpUnmarshalBytes( &Current, End, Where, UsernameTargetUserNameSize ) ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
Where += UsernameTargetUserNameSize;
//
// Zero terminate it
//
*((PWCHAR)Where) = L'\0';
break;
default:
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
//
// Ensure we've unmarshalled the entire string
//
if ( Current != End ) {
WinStatus = ERROR_INVALID_PARAMETER;
goto Cleanup;
}
WinStatus = NO_ERROR;
*Credential = RetCredential;
Cleanup:
if ( WinStatus != NO_ERROR ) {
*Credential = NULL;
if ( RetCredential != NULL ) {
MIDL_user_free( RetCredential );
}
SetLastError( WinStatus );
return FALSE;
}
return TRUE;
}
BOOL
APIENTRY
CredIsMarshaledCredentialA(
IN LPCSTR MarshaledCredential
)
/*++
Routine Description:
The ANSI version of CredIsMarshaledCredentialW
Arguments:
MarshaledCredential - Specifies a text string containing the marshaled credential.
Return Values:
Returns TRUE if the credential is a marshalled credential.
--*/
{
DWORD WinStatus;
CRED_MARSHAL_TYPE CredType;
PVOID UnmarshalledUsername;
if ( !CredUnmarshalCredentialA( MarshaledCredential, &CredType, &UnmarshalledUsername ) ) {
return FALSE;
}
CredFree( UnmarshalledUsername );
return TRUE;
}
BOOL
APIENTRY
CredIsMarshaledCredentialW(
IN LPCWSTR MarshaledCredential
)
/*++
Routine Description:
The CredIsMarshaledCredential API is a private API used by an authentication package to
determine if a credential is a unmarshaled credential or not.
Arguments:
MarshaledCredential - Specifies a text string containing the marshaled credential.
Return Values:
Returns TRUE if the credential is a marshalled credential.
--*/
{
DWORD WinStatus;
CRED_MARSHAL_TYPE CredType;
PVOID UnmarshalledUsername;
if ( !CredUnmarshalCredentialW( MarshaledCredential, &CredType, &UnmarshalledUsername ) ) {
return FALSE;
}
CredFree( UnmarshalledUsername );
return TRUE;
}