Powershell-Modules
/
NTFSSecurity-Module
mirror of https://github.com/raandree/NTFSSecurity
1
0
Fork 0
Code Issues 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10 Commits
3 Branches
14 MiB
 
 
Tree: c5d00cc7cc
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c5d00cc7cc'
${ noResults }
NTFSSecurity-Module/AlphaFS/Security/NativeMethods.cs

275 lines
17 KiB
Raw Blame History 

  1. /*  Copyright (C) 2008-2016 Peter Palotas, Jeffrey Jangli, Alexandr Normuradov

  2.  *  

  3.  *  Permission is hereby granted, free of charge, to any person obtaining a copy 

  4.  *  of this software and associated documentation files (the "Software"), to deal 

  5.  *  in the Software without restriction, including without limitation the rights 

  6.  *  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 

  7.  *  copies of the Software, and to permit persons to whom the Software is 

  8.  *  furnished to do so, subject to the following conditions:

  9.  *  

  10.  *  The above copyright notice and this permission notice shall be included in 

  11.  *  all copies or substantial portions of the Software.

  12.  *  

  13.  *  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 

  14.  *  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 

  15.  *  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 

  16.  *  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 

  17.  *  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 

  18.  *  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 

  19.  *  THE SOFTWARE. 

  20.  */

  21. 

  22. using System;

  23. using System.Diagnostics.CodeAnalysis;

  24. using System.Runtime.InteropServices;

  25. using System.Security;

  26. using System.Text;

  27. 

  28. namespace Alphaleonis.Win32.Security

  29. {

  30.    internal static partial class NativeMethods

  31.    {

  32.       #region AdjustTokenPrivileges

  33. 

  34.       /// <summary>The AdjustTokenPrivileges function enables or disables privileges in the specified access token. Enabling or disabling privileges in an access token requires TOKEN_ADJUST_PRIVILEGES access.</summary>

  35.       /// <returns>

  36.       /// If the function succeeds, the return value is nonzero.

  37.       /// To determine whether the function adjusted all of the specified privileges, call GetLastError.

  38.       /// </returns>

  39.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  40.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  41.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  42.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode), SuppressUnmanagedCodeSecurity]

  43.       [return: MarshalAs(UnmanagedType.Bool)]

  44.       internal static extern bool AdjustTokenPrivileges(IntPtr tokenHandle, [MarshalAs(UnmanagedType.Bool)] bool disableAllPrivileges, ref TokenPrivileges newState, uint bufferLength, out TokenPrivileges previousState, out uint returnLength);

  45. 

  46.       #endregion // AdjustTokenPrivileges

  47. 

  48.       #region LookupPrivilegeDisplayName

  49. 

  50.       /// <summary>The LookupPrivilegeDisplayName function retrieves the display name that represents a specified privilege.</summary>

  51.       /// <returns>

  52.       /// If the function succeeds, the return value is nonzero.

  53.       /// If the function fails, it returns zero. To get extended error information, call GetLastError.

  54.       /// </returns>

  55.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  56.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  57.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  58.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode, EntryPoint = "LookupPrivilegeDisplayNameW"), SuppressUnmanagedCodeSecurity]

  59.       [return: MarshalAs(UnmanagedType.Bool)]

  60.       internal static extern bool LookupPrivilegeDisplayName([MarshalAs(UnmanagedType.LPWStr)] string lpSystemName, [MarshalAs(UnmanagedType.LPWStr)] string lpName, ref StringBuilder lpDisplayName, ref uint cchDisplayName, out uint lpLanguageId);

  61. 

  62.       #endregion // LookupPrivilegeDisplayName

  63. 

  64.       #region LookupPrivilegeValue

  65. 

  66.       /// <summary>The LookupPrivilegeValue function retrieves the locally unique identifier (LUID) used on a specified system to locally represent the specified privilege name.</summary>

  67.       /// <returns>

  68.       /// If the function succeeds, the function returns nonzero.

  69.       /// If the function fails, it returns zero. To get extended error information, call GetLastError.

  70.       /// </returns>

  71.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  72.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  73.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  74.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode, EntryPoint = "LookupPrivilegeValueW"), SuppressUnmanagedCodeSecurity]

  75.       [return: MarshalAs(UnmanagedType.Bool)]

  76.       internal static extern bool LookupPrivilegeValue([MarshalAs(UnmanagedType.LPWStr)] string lpSystemName, [MarshalAs(UnmanagedType.LPWStr)] string lpName, out Luid lpLuid);

  77. 

  78.       #endregion // LookupPrivilegeValue

  79. 

  80.       

  81.       #region GetNamedSecurityInfo

  82. 

  83.       /// <summary>The GetNamedSecurityInfo function retrieves a copy of the security descriptor for an object specified by name.

  84.       /// <para>&#160;</para>

  85.       /// <returns>

  86.       /// <para>If the function succeeds, the return value is ERROR_SUCCESS.</para>

  87.       /// <para>If the function fails, the return value is a nonzero error code defined in WinError.h.</para>

  88.       /// </returns>

  89.       /// <para>&#160;</para>

  90.       /// <remarks>

  91.       /// <para>Minimum supported client: Windows XP [desktop apps only]</para>

  92.       /// <para>Minimum supported server: Windows Server 2003 [desktop apps only]</para>

  93.       /// </remarks>

  94.       /// </summary>

  95.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  96.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode, EntryPoint = "GetNamedSecurityInfoW"), SuppressUnmanagedCodeSecurity]

  97.       [return: MarshalAs(UnmanagedType.U4)]

  98.       internal static extern uint GetNamedSecurityInfo([MarshalAs(UnmanagedType.LPWStr)] string pObjectName, ObjectType objectType, SecurityInformation securityInfo, out IntPtr pSidOwner, out IntPtr pSidGroup, out IntPtr pDacl, out IntPtr pSacl, out SafeGlobalMemoryBufferHandle pSecurityDescriptor);

  99. 

  100.       #endregion // GetNamedSecurityInfo

  101. 

  102.       #region GetSecurityInfo

  103. 

  104.       /// <summary>The GetSecurityInfo function retrieves a copy of the security descriptor for an object specified by a handle.</summary>

  105.       /// <returns>

  106.       /// If the function succeeds, the function returns nonzero.

  107.       /// If the function fails, it returns zero. To get extended error information, call GetLastError.

  108.       /// </returns>

  109.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  110.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  111.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  112.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode), SuppressUnmanagedCodeSecurity]

  113.       [return: MarshalAs(UnmanagedType.U4)]

  114.       internal static extern uint GetSecurityInfo(SafeHandle handle, ObjectType objectType, SecurityInformation securityInfo, out IntPtr pSidOwner, out IntPtr pSidGroup, out IntPtr pDacl, out IntPtr pSacl, out SafeGlobalMemoryBufferHandle pSecurityDescriptor);

  115. 

  116.       #endregion // GetSecurityInfo

  117. 

  118.       #region SetSecurityInfo

  119. 

  120.       /// <summary>The SetSecurityInfo function sets specified security information in the security descriptor of a specified object. 

  121.       /// The caller identifies the object by a handle.</summary>

  122.       /// <returns>

  123.       /// If the function succeeds, the function returns ERROR_SUCCESS.

  124.       /// If the function fails, it returns a nonzero error code defined in WinError.h.

  125.       /// </returns>

  126.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  127.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  128.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  129.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode), SuppressUnmanagedCodeSecurity]

  130.       [return: MarshalAs(UnmanagedType.U4)]

  131.       internal static extern uint SetSecurityInfo(SafeHandle handle, ObjectType objectType, SecurityInformation securityInfo, IntPtr psidOwner, IntPtr psidGroup, IntPtr pDacl, IntPtr pSacl);

  132. 

  133.       #endregion // SetSecurityInfo

  134. 

  135.       #region SetNamedSecurityInfo

  136. 

  137.       /// <summary>The SetNamedSecurityInfo function sets specified security information in the security descriptor of a specified object. The caller identifies the object by name.

  138.       /// <para>&#160;</para>

  139.       /// <returns>

  140.       /// <para>If the function succeeds, the function returns ERROR_SUCCESS.</para>

  141.       /// <para>If the function fails, it returns a nonzero error code defined in WinError.h.</para>

  142.       /// </returns>

  143.       /// <para>&#160;</para>

  144.       /// <remarks>

  145.       /// <para>Minimum supported client: Windows XP [desktop apps only]</para>

  146.       /// <para>Minimum supported server: Windows Server 2003 [desktop apps only]</para>

  147.       /// </remarks>

  148.       /// </summary>

  149.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  150.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode, EntryPoint = "SetNamedSecurityInfoW"), SuppressUnmanagedCodeSecurity]

  151.       [return: MarshalAs(UnmanagedType.U4)]

  152.       internal static extern uint SetNamedSecurityInfo([MarshalAs(UnmanagedType.LPWStr)] string pObjectName, ObjectType objectType, SecurityInformation securityInfo, IntPtr pSidOwner, IntPtr pSidGroup, IntPtr pDacl, IntPtr pSacl);

  153. 

  154.       #endregion // SetNamedSecurityInfo

  155. 

  156. 

  157.       #region GetSecurityDescriptorDacl

  158. 

  159.       /// <summary>The GetSecurityDescriptorDacl function retrieves a pointer to the discretionary access control list (DACL) in a specified security descriptor.</summary>

  160.       /// <returns>

  161.       /// If the function succeeds, the function returns nonzero.

  162.       /// If the function fails, it returns zero. To get extended error information, call GetLastError.

  163.       /// </returns>

  164.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  165.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  166.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  167.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode), SuppressUnmanagedCodeSecurity]

  168.       [return: MarshalAs(UnmanagedType.Bool)]

  169.       internal static extern bool GetSecurityDescriptorDacl(SafeGlobalMemoryBufferHandle pSecurityDescriptor, [MarshalAs(UnmanagedType.Bool)] out bool lpbDaclPresent, out IntPtr pDacl, [MarshalAs(UnmanagedType.Bool)] out bool lpbDaclDefaulted);

  170. 

  171.       #endregion // GetSecurityDescriptorDacl

  172. 

  173.       #region GetSecurityDescriptorSacl

  174. 

  175.       /// <summary>The GetSecurityDescriptorSacl function retrieves a pointer to the system access control list (SACL) in a specified security descriptor.</summary>

  176.       /// <returns>

  177.       /// If the function succeeds, the function returns nonzero.

  178.       /// If the function fails, it returns zero. To get extended error information, call GetLastError.

  179.       /// </returns>

  180.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  181.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  182.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  183.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode), SuppressUnmanagedCodeSecurity]

  184.       [return: MarshalAs(UnmanagedType.Bool)]

  185.       internal static extern bool GetSecurityDescriptorSacl(SafeGlobalMemoryBufferHandle pSecurityDescriptor, [MarshalAs(UnmanagedType.Bool)] out bool lpbSaclPresent, out IntPtr pSacl, [MarshalAs(UnmanagedType.Bool)] out bool lpbSaclDefaulted);

  186. 

  187.       #endregion // GetSecurityDescriptorSacl

  188. 

  189.       #region GetSecurityDescriptorGroup

  190. 

  191.       /// <summary>The GetSecurityDescriptorGroup function retrieves the primary group information from a security descriptor.</summary>

  192.       /// <returns>

  193.       /// If the function succeeds, the function returns nonzero.

  194.       /// If the function fails, it returns zero. To get extended error information, call GetLastError.

  195.       /// </returns>

  196.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  197.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  198.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  199.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode), SuppressUnmanagedCodeSecurity]

  200.       [return: MarshalAs(UnmanagedType.Bool)]

  201.       internal static extern bool GetSecurityDescriptorGroup(SafeGlobalMemoryBufferHandle pSecurityDescriptor, out IntPtr pGroup, [MarshalAs(UnmanagedType.Bool)] out bool lpbGroupDefaulted);

  202. 

  203.       #endregion // GetSecurityDescriptorGroup

  204. 

  205.       #region GetSecurityDescriptorControl

  206. 

  207.       /// <summary>The GetSecurityDescriptorControl function retrieves a security descriptor control and revision information.</summary>

  208.       /// <returns>

  209.       /// If the function succeeds, the function returns nonzero.

  210.       /// If the function fails, it returns zero. To get extended error information, call GetLastError.

  211.       /// </returns>

  212.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  213.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  214.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  215.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode), SuppressUnmanagedCodeSecurity]

  216.       [return: MarshalAs(UnmanagedType.Bool)]

  217.       internal static extern bool GetSecurityDescriptorControl(SafeGlobalMemoryBufferHandle pSecurityDescriptor, out SecurityDescriptorControl pControl, out uint lpdwRevision);

  218. 

  219.       #endregion // GetSecurityDescriptorControl

  220. 

  221.       #region GetSecurityDescriptorOwner

  222. 

  223.       /// <summary>The GetSecurityDescriptorOwner function retrieves the owner information from a security descriptor.</summary>

  224.       /// <returns>

  225.       /// If the function succeeds, the function returns nonzero.

  226.       /// If the function fails, it returns zero. To get extended error information, call GetLastError.

  227.       /// </returns>

  228.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  229.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  230.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  231.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode), SuppressUnmanagedCodeSecurity]

  232.       [return: MarshalAs(UnmanagedType.Bool)]

  233.       internal static extern bool GetSecurityDescriptorOwner(SafeGlobalMemoryBufferHandle pSecurityDescriptor, out IntPtr pOwner, [MarshalAs(UnmanagedType.Bool)] out bool lpbOwnerDefaulted);

  234. 

  235.       #endregion // GetSecurityDescriptorOwner

  236. 

  237.       #region GetSecurityDescriptorLength

  238. 

  239.       /// <summary>The GetSecurityDescriptorLength function returns the length, in bytes, of a structurally valid security descriptor. The length includes the length of all associated structures.</summary>

  240.       /// <returns>

  241.       /// If the function succeeds, the function returns the length, in bytes, of the SECURITY_DESCRIPTOR structure.

  242.       /// If the SECURITY_DESCRIPTOR structure is not valid, the return value is undefined.

  243.       /// </returns>

  244.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  245.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  246.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  247.       [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode), SuppressUnmanagedCodeSecurity]

  248.       [return: MarshalAs(UnmanagedType.U4)]

  249.       internal static extern uint GetSecurityDescriptorLength(SafeGlobalMemoryBufferHandle pSecurityDescriptor);

  250. 

  251.       #endregion // GetSecurityDescriptorLength

  252. 

  253. 

  254.       #region LocalFree

  255. 

  256.       /// <summary>Frees the specified local memory object and invalidates its handle.</summary>

  257.       /// <returns>

  258.       /// If the function succeeds, the return value is <see langword="null"/>.

  259.       /// If the function fails, the return value is equal to a handle to the local memory object. To get extended error information, call GetLastError.

  260.       /// </returns>

  261.       /// <remarks>SetLastError is set to <see langword="false"/>.</remarks>

  262.       /// <remarks>

  263.       /// Note  The local functions have greater overhead and provide fewer features than other memory management functions.

  264.       /// New applications should use the heap functions unless documentation states that a local function should be used.

  265.       /// For more information, see Global and Local Functions.

  266.       /// </remarks>

  267.       /// <remarks>Minimum supported client: Windows XP [desktop apps only]</remarks>

  268.       /// <remarks>Minimum supported server: Windows Server 2003 [desktop apps only]</remarks>

  269.       [SuppressMessage("Microsoft.Security", "CA5122:PInvokesShouldNotBeSafeCriticalFxCopRule")]

  270.       [DllImport("kernel32.dll", SetLastError = false, CharSet = CharSet.Unicode), SuppressUnmanagedCodeSecurity]

  271.       internal static extern IntPtr LocalFree(IntPtr hMem);

  272. 

  273.       #endregion // LocalFree

  274.    }

  275. }