/// <summary>
/// Initializes a new instance of the RegistryHive class.
/// </summary>
/// <param name="hive">The stream containing the registry hive</param>
/// <param name="ownership">Whether the new object assumes object of the stream</param>
public RegistryHive(Stream hive, Ownership ownership)
{
_fileStream = hive;
_fileStream.Position = 0;
_ownsStream = ownership;
byte[] buffer = Utilities.ReadFully(_fileStream, HiveHeader.HeaderSize);
_header = new HiveHeader();
_header.ReadFrom(buffer, 0);
_bins = new List <BinHeader>();
int pos = 0;
while (pos < _header.Length)
{
_fileStream.Position = BinStart + pos;
byte[] headerBuffer = Utilities.ReadFully(_fileStream, BinHeader.HeaderSize);
BinHeader header = new BinHeader();
header.ReadFrom(headerBuffer, 0);
_bins.Add(header);
pos += header.BinSize;
}
}
/// <summary>
/// Creates a new (empty) registry hive.
/// </summary>
/// <param name="stream">The stream to contain the new hive</param>
/// <param name="ownership">Whether the returned object owns the stream</param>
/// <returns>The new hive</returns>
public static RegistryHive Create(Stream stream, Ownership ownership)
{
if (stream == null)
{
throw new ArgumentNullException("stream", "Attempt to create registry hive in null stream");
}
// Construct a file with minimal structure - hive header, plus one (empty) bin
BinHeader binHeader = new BinHeader();
binHeader.FileOffset = 0;
binHeader.BinSize = (int)(4 * Sizes.OneKiB);
HiveHeader hiveHeader = new HiveHeader();
hiveHeader.Length = binHeader.BinSize;
stream.Position = 0;
byte[] buffer = new byte[hiveHeader.Size];
hiveHeader.WriteTo(buffer, 0);
stream.Write(buffer, 0, buffer.Length);
buffer = new byte[binHeader.Size];
binHeader.WriteTo(buffer, 0);
stream.Position = BinStart;
stream.Write(buffer, 0, buffer.Length);
buffer = new byte[4];
Utilities.WriteBytesLittleEndian(binHeader.BinSize - binHeader.Size, buffer, 0);
stream.Write(buffer, 0, buffer.Length);
// Make sure the file is initialized out to the end of the firs bin
stream.Position = BinStart + binHeader.BinSize - 1;
stream.WriteByte(0);
// Temporary hive to perform construction of higher-level structures
RegistryHive newHive = new RegistryHive(stream);
KeyNodeCell rootCell = new KeyNodeCell("root", -1);
rootCell.Flags = RegistryKeyFlags.Normal | RegistryKeyFlags.Root;
newHive.UpdateCell(rootCell, true);
RegistrySecurity sd = new RegistrySecurity();
sd.SetSecurityDescriptorSddlForm("O:BAG:BAD:PAI(A;;KA;;;SY)(A;CI;KA;;;BA)", AccessControlSections.All);
SecurityCell secCell = new SecurityCell(sd);
newHive.UpdateCell(secCell, true);
secCell.NextIndex = secCell.Index;
secCell.PreviousIndex = secCell.Index;
newHive.UpdateCell(secCell, false);
rootCell.SecurityIndex = secCell.Index;
newHive.UpdateCell(rootCell, false);
// Ref the root cell from the hive header
hiveHeader.RootCell = rootCell.Index;
buffer = new byte[hiveHeader.Size];
hiveHeader.WriteTo(buffer, 0);
stream.Position = 0;
stream.Write(buffer, 0, buffer.Length);
// Finally, return the new hive
return(new RegistryHive(stream, ownership));
}
