/// <summary>
/// Convert the ACL to a byte array
/// </summary>
/// <returns>The ACL as a byte array</returns>
public byte[] ToByteArray()
{
MemoryStream ace_stm = new MemoryStream();
BinaryWriter writer = new BinaryWriter(ace_stm);
AclRevision revision = Revision;
if (revision != AclRevision.Revision || revision != AclRevision.RevisionDS)
{
revision = AclRevision.Revision;
}
foreach (Ace ace in this)
{
ace.Serialize(writer);
if (ace.IsObjectAce())
{
revision = AclRevision.RevisionDS;
}
}
byte[] aces = ace_stm.ToArray();
using (SafeHGlobalBuffer buffer = new SafeHGlobalBuffer(Marshal.SizeOf(typeof(AclStructure)) + aces.Length))
{
NtRtl.RtlCreateAcl(buffer, buffer.Length, revision).ToNtException();
NtRtl.RtlAddAce(buffer, revision, uint.MaxValue, aces, aces.Length).ToNtException();
return(buffer.ToArray());
}
}
public void LdapConnection_GetNtSecurityDescriptor()
{
Sddl sddl = new Sddl(File.ReadAllBytes(Config.GetLocation("AdsddlTest.bin")));
// sddl test
byte revision = sddl.GetRevision();
Assert.Equal(0x01, revision);
byte[] flags = sddl.GetControlFlags();
Assert.Equal(new byte[] { 0x84, 0x14 }, flags);
int sddlSize = sddl.GetSize();
Assert.Equal(2688, sddlSize);
SID group = sddl.GetGroup();
Assert.Equal("S-1-5-32-544", group.ToString());
SID owner = sddl.GetOwner();
Assert.Equal("S-1-5-32-544", owner.ToString());
// dacl test
Acl dacl = sddl.GetDacl();
Assert.Equal("P(D;;Dc;;;S-1-1-0)(OA;CIIO;Rp;4c164200-20c0-11d0-a768-00aa006e0529;4828cc14-1437-45bc-9b07-ad6f015e5f28;S-1-5-32-554)(OA;CIIO;Rp;4c164200-20c0-11d0-a768-00aa006e0529;bf967aba-0de6-11d0-a285-00aa003049e2;S-1-5-32-554)(OA;CIIO;Rp;5f202010-79a5-11d0-9020-00c04fc2d4cf;4828cc14-1437-45bc-9b07-ad6f015e5f28;S-1-5-32-554)(OA;CIIO;Rp;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;S-1-5-32-554)(OA;CIIO;Rp;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;4828cc14-1437-45bc-9b07-ad6f015e5f28;S-1-5-32-554)(OA;CIIO;Rp;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;S-1-5-32-554)(OA;CIIO;Rp;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;4828cc14-1437-45bc-9b07-ad6f015e5f28;S-1-5-32-554)(OA;CIIO;Rp;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;bf967aba-0de6-11d0-a285-00aa003049e2;S-1-5-32-554)(OA;CIIO;Rp;037088f8-0ae1-11d2-b422-00a0c968f939;4828cc14-1437-45bc-9b07-ad6f015e5f28;S-1-5-32-554)(OA;CIIO;Rp;037088f8-0ae1-11d2-b422-00a0c968f939;bf967aba-0de6-11d0-a285-00aa003049e2;S-1-5-32-554)(OA;;Cr;3e0f7e18-2c7a-4c10-ba82-4d926db99a3e;;S-1-5-21-3915767550-1135939244-3079240635-522)(OA;;Cr;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-21-3915767550-1135939244-3079240635-498)(OA;;Cr;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-21-3915767550-1135939244-3079240635-516)(OA;CI;RpWp;5b47d60f-6090-40b2-9f37-2a4de88f3063;;S-1-5-21-3915767550-1135939244-3079240635-526)(OA;CI;RpWp;5b47d60f-6090-40b2-9f37-2a4de88f3063;;S-1-5-21-3915767550-1135939244-3079240635-527)(OA;CIIO;SW;9b026da6-0d3c-465c-8bee-5199d7165cba;bf967a86-0de6-11d0-a285-00aa003049e2;S-1-3-0)(OA;CIIO;SW;9b026da6-0d3c-465c-8bee-5199d7165cba;bf967a86-0de6-11d0-a285-00aa003049e2;S-1-5-10)(OA;CIIO;Rp;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a86-0de6-11d0-a285-00aa003049e2;S-1-5-9)(OA;CIIO;Rp;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a9c-0de6-11d0-a285-00aa003049e2;S-1-5-9)(OA;CIIO;Rp;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967aba-0de6-11d0-a285-00aa003049e2;S-1-5-9)(OA;CIIO;Wp;ea1b7b93-5e48-46d5-bc6c-4df4fda78a35;bf967a86-0de6-11d0-a285-00aa003049e2;S-1-5-10)(OA;;Cr;89e95b76-444d-4c62-991a-0facbeda640c;;S-1-5-32-544)(OA;;Cr;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-32-544)(OA;;Cr;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-32-544)(OA;;Cr;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-32-544)(OA;;Cr;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-32-544)(OA;;Cr;1131f6ae-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-32-544)(OA;;Cr;e2a36dc9-ae17-47c3-b58b-be34c55ba633;;S-1-5-32-557)(OA;;Rp;c7407360-20bf-11d0-a768-00aa006e0529;;S-1-5-32-554)(OA;;Rp;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;S-1-5-32-554)(OA;CIIO;LcRpLoRc;;4828cc14-1437-45bc-9b07-ad6f015e5f28;S-1-5-32-554)(OA;CIIO;LcRpLoRc;;bf967a9c-0de6-11d0-a285-00aa003049e2;S-1-5-32-554)(OA;CIIO;LcRpLoRc;;bf967aba-0de6-11d0-a285-00aa003049e2;S-1-5-32-554)(OA;;Cr;05c74c5e-4deb-43b4-bd9f-86664c2a7fd5;;S-1-5-11)(OA;;Cr;89e95b76-444d-4c62-991a-0facbeda640c;;S-1-5-9)(OA;;Cr;ccc2dc7d-a6ad-4a7a-8846-c04e3cc53501;;S-1-5-11)(OA;;Cr;280f369c-67c7-438e-ae98-1d46f3c6f541;;S-1-5-11)(OA;;Cr;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-9)(OA;;Cr;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-9)(OA;;Cr;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-9)(OA;;Cr;1131f6ae-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-9)(OA;;Rp;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;S-1-5-11)(OA;OICI;RpWp;3f78c3e5-f79a-46bd-a0b8-9d18116ddc79;;S-1-5-10)(OA;CIIO;RpWpCr;91e647de-d96f-4b70-9557-d63ff4f3ccd8;;S-1-5-10)(A;;CcLcSWRpWpLoCrRcWdWo;;;S-1-5-21-3915767550-1135939244-3079240635-512)(A;CI;CcDcLcSWRpWpDtLoCrSdRcWdWo;;;S-1-5-21-3915767550-1135939244-3079240635-519)(A;;RpRc;;;S-1-5-32-554)(A;CI;Lc;;;S-1-5-32-554)(A;CI;CcLcSWRpWpLoCrSdRcWdWo;;;S-1-5-32-544)(A;;Rp;;;S-1-1-0)(A;;LcRpLoRc;;;S-1-5-9)(A;;LcRpLoRc;;;S-1-5-11)(A;;CcDcLcSWRpWpDtLoCrSdRcWdWo;;;S-1-5-18)", dacl.ToString());
AclRevision daclRevision = dacl.GetRevision();
Assert.Equal(AclRevision.AclRevisionDs, daclRevision);
int acesCount = dacl.GetAceCount();
Assert.Equal(54, acesCount);
int daclSize = dacl.GetSize();
Assert.Equal(2436, daclSize);
// sacl test
Acl sacl = sddl.GetSacl();
Assert.Equal("P(OU;CISA;Wp;;;S-1-3191541491-0)(OU;CISA;Wp;;;S-1-3208318707-0)(AU;SA;Cr;;;S-1-5-21-3915767550-1135939244-3079240635-513)(AU;SA;Cr;;;S-1-5-32-544)(AU;SA;WpWdWo;;;S-1-1-0)", sacl.ToString());
AclRevision saclRevision = sacl.GetRevision();
Assert.Equal(AclRevision.AclRevisionDs, saclRevision);
int saclAcesCount = sacl.GetAceCount();
Assert.Equal(5, saclAcesCount);
int saclSize = sacl.GetSize();
Assert.Equal(200, saclSize);
}
protected internal Acl(IntPtr pacl)
{
// If NULL for the pacl, create an empty DACL
if (pacl == IntPtr.Zero)
{
_revision = AclRevision.ACL_REVISION;
return;
}
MemoryMarshaler m = new MemoryMarshaler(pacl);
ACL acl = (ACL)m.ParseStruct(typeof(ACL));
_revision = acl.AclRevision;
for(int i = 0; i < acl.AceCount; i++)
{
Ace ace = Ace.Create(m);
_aces.Add(ace);
}
}
internal protected Acl(IntPtr pacl)
{
// If NULL for the pacl, create an empty DACL
if (pacl == IntPtr.Zero)
{
_revision = AclRevision.ACL_REVISION;
return;
}
MemoryMarshaler m = new MemoryMarshaler(pacl);
ACL acl = (ACL)m.ParseStruct(typeof(ACL));
_revision = acl.AclRevision;
for (int i = 0; i < acl.AceCount; i++)
{
Ace ace = Ace.Create(m);
_aces.Add(ace);
}
}
/// <summary>
/// Load the ACL from the buffer returning the last ACL segment position into the buffer.
/// @param buff source buffer.
/// @param start start loading position.
/// @return last loading position.
/// </summary>
public void Parse(BinaryReader buff, long start)
{
buff.BaseStream.Seek(start, SeekOrigin.Begin);
// read for Dacl
byte[] bytes = NumberFacility.GetBytes(buff.ReadInt32());
this.revision = AclRevisionExtension.ParseValue(bytes[0]);
bytes = NumberFacility.GetBytes(buff.ReadInt32());
int aceCount = NumberFacility.GetInt(bytes[1], bytes[0]);
for (var i = 0; i < aceCount; i++)
{
Ace ace = new Ace();
this.aces.Add(ace);
ace.Parse(buff);
}
}
public static extern NtStatus RtlAddAce(SafeBuffer Acl, AclRevision AceRevision, uint StartingAceIndex, byte[] AceList, int AceListLength);
public static extern NtStatus RtlCreateAcl(SafeBuffer Acl, int AclLength, AclRevision AclRevision);
/// <summary>
/// Create an empty ACL with a specific revision
/// </summary>
public Acl(AclRevision revision)
{
_revision = revision;
}
/// <summary>
/// Create an empty ACL with a the default revision
/// </summary>
protected Acl()
{
_revision = AclRevision.ACL_REVISION;
}
/// <summary>
/// Create an empty ACL with a the default revision
/// </summary>
protected Acl()
{
_revision = AclRevision.ACL_REVISION;
}
/// <summary>
/// Create an empty ACL with a specific revision
/// </summary>
public Acl(AclRevision revision)
{
_revision = revision;
}
