public int GetSerialization(out _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE pcpgsr,
out _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs, out string ppszOptionalStatusText,
out _CREDENTIAL_PROVIDER_STATUS_ICON pcpsiOptionalStatusIcon)
{
Log.LogMethodCall();
try
{
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_RETURN_CREDENTIAL_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
var username = "******";
var password = "******";
var inCredSize = 0;
var inCredBuffer = Marshal.AllocCoTaskMem(0);
if (!PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize))
{
Marshal.FreeCoTaskMem(inCredBuffer);
inCredBuffer = Marshal.AllocCoTaskMem(inCredSize);
if (PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize))
{
ppszOptionalStatusText = string.Empty;
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_SUCCESS;
pcpcs.clsidCredentialProvider = Guid.Parse(Constants.CredentialProviderUID);
pcpcs.rgbSerialization = inCredBuffer;
pcpcs.cbSerialization = (uint)inCredSize;
RetrieveNegotiateAuthPackage(out var authPackage);
pcpcs.ulAuthenticationPackage = authPackage;
return(HResultValues.S_OK);
}
ppszOptionalStatusText = "Failed to pack credentials";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR;
return(HResultValues.E_FAIL);
}
}
catch (Exception)
{
// In case of any error, do not bring down winlogon
}
finally
{
shouldAutoLogin = false; // Block auto-login from going full-retard
}
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
ppszOptionalStatusText = string.Empty;
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_NONE;
return(HResultValues.E_NOTIMPL);
}
public int GetSerialization(out _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE pcpgsr, out _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs, out string ppszOptionalStatusText, out _CREDENTIAL_PROVIDER_STATUS_ICON pcpsiOptionalStatusIcon)
{
Log.Debug("GetSerialization()");
try
{
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_RETURN_CREDENTIAL_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
var username = @"intercede\ben.arnold";
var password = "******";
var inCredSize = 0;
var inCredBuffer = Marshal.AllocCoTaskMem(0);
if (!PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize))
{
Marshal.FreeCoTaskMem(inCredBuffer);
inCredBuffer = Marshal.AllocCoTaskMem(inCredSize);
if (PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize))
{
ppszOptionalStatusText = string.Empty;
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_SUCCESS;
pcpcs.clsidCredentialProvider = Guid.Parse("82416BBE-EDF3-4B54-9E23-2E306FB4D11E");
pcpcs.rgbSerialization = inCredBuffer;
pcpcs.cbSerialization = (uint)inCredSize;
RetrieveNegotiateAuthPackage(out var authPackage);
pcpcs.ulAuthenticationPackage = authPackage;
return(HResultValues.S_OK);
}
ppszOptionalStatusText = "Failed to pack credentials";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR;
return(HResultValues.E_FAIL);
}
}
catch (Exception e)
{
// In case of any error, do not bring down winlogon
Log.Error(e, "Ignored");
}
finally
{
//shouldAutoLogin = false; // Block auto-login from going full-retard
}
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
ppszOptionalStatusText = string.Empty;
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_NONE;
return(HResultValues.E_NOTIMPL);
}
public virtual int GetSerialization(
out _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE pcpgsr,
out _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs,
out string ppszOptionalStatusText,
out _CREDENTIAL_PROVIDER_STATUS_ICON pcpsiOptionalStatusIcon
)
{
Logger.Write();
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION()
{
ulAuthenticationPackage = 1234
};
ppszOptionalStatusText = "";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_NONE;
return(HRESULT.S_OK);
}
public int SetSerialization(ref _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs)
{
Log.LogMethodCall();
return(HResultValues.E_NOTIMPL);
}
public int SetSerialization(ref _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs)
{
Log.Debug("SetSerialization({pcpcs})", pcpcs);
throw new NotImplementedException();
}
public virtual int GetSerialization(
out _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE pcpgsr,
out _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs,
out string ppszOptionalStatusText,
out _CREDENTIAL_PROVIDER_STATUS_ICON pcpsiOptionalStatusIcon
)
{
Logger.Write();
var usage = this.view.Provider.GetUsage();
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
ppszOptionalStatusText = "";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_NONE;
//Serialization can be called before the user has entered any values. Only applies to logon usage scenarios
if (usage == _CREDENTIAL_PROVIDER_USAGE_SCENARIO.CPUS_LOGON || usage == _CREDENTIAL_PROVIDER_USAGE_SCENARIO.CPUS_UNLOCK_WORKSTATION)
{
//Determine the authentication package
Common.RetrieveNegotiateAuthPackage(out var authPackage);
//Only credential packing for msv1_0 is supported using this code
Logger.Write($"Got authentication package: {authPackage}. Only local authenticsation package 0 (msv1_0) is supported.");
//Get username and password
var username = Common.GetNameFromSid(this.sid);
GetStringValue(2, out var password);
Logger.Write($"Preparing to serialise credential with password...");
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_RETURN_CREDENTIAL_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
var inCredSize = 0;
var inCredBuffer = Marshal.AllocCoTaskMem(0);
//This should work fine in Windows 10 that only uses the Logon scenario
//But it could fail for the workstation unlock scanario on older OS's
if (!PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize))
{
Marshal.FreeCoTaskMem(inCredBuffer);
inCredBuffer = Marshal.AllocCoTaskMem(inCredSize);
if (PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize))
{
ppszOptionalStatusText = string.Empty;
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_SUCCESS;
//Better to move the CLSID to a constant (but currently used in the .reg file)
pcpcs.clsidCredentialProvider = Guid.Parse("00006d50-0000-0000-b090-00006b0b0000");
pcpcs.rgbSerialization = inCredBuffer;
pcpcs.cbSerialization = (uint)inCredSize;
pcpcs.ulAuthenticationPackage = authPackage;
return(HRESULT.S_OK);
}
ppszOptionalStatusText = "Failed to pack credentials";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR;
return(HRESULT.E_FAIL);
}
}
//Implement code to change password here. This is not handled natively.
else if (usage == _CREDENTIAL_PROVIDER_USAGE_SCENARIO.CPUS_CHANGE_PASSWORD)
{
pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_FINISHED;
pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION();
ppszOptionalStatusText = "Password changed success message.";
pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_SUCCESS;
}
Logger.Write("Returning S_OK");
return(HRESULT.S_OK);
}
/// <summary>
/// Sets the serialization characteristics of the credential provider.
/// <inheritdoc path="https://docs.microsoft.com/en-us/windows/win32/api/credentialprovider/nf-credentialprovider-icredentialprovider-setserialization"/>
/// </summary>
/// <param name="pcpcs">A pointer to a <see cref="_CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION"/> structure that stores the serialization characteristics of the credential provider.</param>
/// <returns><see cref="HRESULT"/></returns>
public virtual int SetSerialization(ref _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs)
{
Logger.Write($"ulAuthenticationPackage: {pcpcs.ulAuthenticationPackage}");
return(HRESULT.S_OK);
}
