mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
150 lines
3.8 KiB
150 lines
3.8 KiB
// this file provides a wrapper api to get to the NT specific LSA routines
|
|
|
|
#include "stdafx.h"
|
|
#include "KMLsa.h"
|
|
|
|
|
|
|
|
|
|
//=============================================================
|
|
|
|
//-------------------------------------------------------------
|
|
// pass in a NULL pszwServer name to open the local machine
|
|
HANDLE HOpenLSAPolicy( WCHAR *pszwServer, DWORD *pErr )
|
|
{
|
|
NTSTATUS ntStatus;
|
|
LSA_OBJECT_ATTRIBUTES objectAttributs;
|
|
LSA_HANDLE hPolicy;
|
|
|
|
LSA_UNICODE_STRING unicodeServer;
|
|
|
|
// prepare the object attributes
|
|
InitializeObjectAttributes( &objectAttributs, NULL, 0L, NULL, NULL );
|
|
|
|
// prepare the lsa_unicode name of the server
|
|
if ( pszwServer )
|
|
{
|
|
unicodeServer.Buffer = pszwServer;
|
|
unicodeServer.Length = wcslen(pszwServer) * sizeof(WCHAR);
|
|
unicodeServer.MaximumLength = unicodeServer.Length + sizeof(WCHAR);
|
|
}
|
|
|
|
|
|
// attempt to open the policy
|
|
ntStatus = LsaOpenPolicy( pszwServer ? &unicodeServer : NULL,
|
|
&objectAttributs, POLICY_ALL_ACCESS, &hPolicy );
|
|
|
|
// check for an error
|
|
if ( !NT_SUCCESS(ntStatus) )
|
|
{
|
|
*pErr = LsaNtStatusToWinError( ntStatus );
|
|
return NULL;
|
|
}
|
|
|
|
// success, so return the policy handle as a regular handle
|
|
*pErr = 0;
|
|
return hPolicy;
|
|
}
|
|
|
|
|
|
//-------------------------------------------------------------
|
|
BOOL FCloseLSAPolicy( HANDLE hPolicy, DWORD *pErr )
|
|
{
|
|
NTSTATUS ntStatus;
|
|
|
|
// close the policy
|
|
ntStatus = LsaClose( hPolicy );
|
|
|
|
// check for an error
|
|
if ( !NT_SUCCESS(ntStatus) )
|
|
{
|
|
*pErr = LsaNtStatusToWinError( ntStatus );
|
|
return FALSE;
|
|
}
|
|
|
|
// success, so return the policy handle as a regular handle
|
|
*pErr = 0;
|
|
return TRUE;
|
|
}
|
|
|
|
//-------------------------------------------------------------
|
|
// passing NULL in for pvData deletes the secret
|
|
BOOL FStoreLSASecret( HANDLE hPolicy, WCHAR* pszwSecretName, void* pvData, WORD cbData, DWORD *pErr )
|
|
{
|
|
LSA_UNICODE_STRING unicodeSecretName;
|
|
LSA_UNICODE_STRING unicodeData;
|
|
NTSTATUS ntStatus;
|
|
|
|
// make sure we have a policy and a secret name
|
|
if ( !hPolicy || !pszwSecretName )
|
|
{
|
|
*pErr = 1;
|
|
return FALSE;
|
|
}
|
|
|
|
// prepare the lsa_unicode name of the server
|
|
unicodeSecretName.Buffer = pszwSecretName;
|
|
unicodeSecretName.Length = wcslen(pszwSecretName) * sizeof(WCHAR);
|
|
unicodeSecretName.MaximumLength = unicodeSecretName.Length + sizeof(WCHAR);
|
|
|
|
// prepare the unicode data record
|
|
if ( pvData )
|
|
{
|
|
unicodeData.Buffer = (WCHAR*)pvData;
|
|
unicodeData.Length = cbData;
|
|
unicodeData.MaximumLength = cbData;
|
|
}
|
|
|
|
// it is now time to store the secret
|
|
ntStatus = LsaStorePrivateData( hPolicy, &unicodeSecretName, pvData ? &unicodeData : NULL );
|
|
|
|
// check for an error
|
|
if ( !NT_SUCCESS(ntStatus) )
|
|
{
|
|
*pErr = LsaNtStatusToWinError( ntStatus );
|
|
return FALSE;
|
|
}
|
|
|
|
// success, so return the policy handle as a regular handle
|
|
*pErr = 0;
|
|
return TRUE;
|
|
}
|
|
|
|
|
|
|
|
//-------------------------------------------------------------
|
|
// passing NULL in for pvData deletes the secret
|
|
PLSA_UNICODE_STRING FRetrieveLSASecret( HANDLE hPolicy, WCHAR* pszwSecretName, DWORD *pErr )
|
|
{
|
|
LSA_UNICODE_STRING unicodeSecretName;
|
|
LSA_UNICODE_STRING* pUnicodeData = NULL;
|
|
NTSTATUS ntStatus;
|
|
|
|
// make sure we have a policy and a secret name
|
|
if ( !hPolicy || !pszwSecretName )
|
|
{
|
|
*pErr = 1;
|
|
return FALSE;
|
|
}
|
|
|
|
// prepare the lsa_unicode name of the server
|
|
unicodeSecretName.Buffer = pszwSecretName;
|
|
unicodeSecretName.Length = wcslen(pszwSecretName) * sizeof(WCHAR);
|
|
unicodeSecretName.MaximumLength = unicodeSecretName.Length + sizeof(WCHAR);
|
|
|
|
// it is now time to store the secret
|
|
ntStatus = LsaRetrievePrivateData( hPolicy, &unicodeSecretName, &pUnicodeData );
|
|
|
|
// check for an error
|
|
if ( !NT_SUCCESS(ntStatus) )
|
|
{
|
|
*pErr = LsaNtStatusToWinError( ntStatus );
|
|
return NULL;
|
|
}
|
|
|
|
// success, so return the policy handle as a regular handle
|
|
*pErr = 0;
|
|
return (PLSA_UNICODE_STRING)pUnicodeData;
|
|
}
|
|
|
|
|