private CwXML.RegistryGuidSignature[] GetAllRegistryGuidSignatures()
{
int numRegGuidSigs = RegistryGuidSignatures_Listview.Items.Count;
CwXML.RegistryGuidSignature[] rsg = new CwXML.RegistryGuidSignature[numRegGuidSigs];
for (int i= 0; i < numRegGuidSigs; i++)
{
rsg[i] = new CwXML.RegistryGuidSignature();
rsg[i].GuidValue = RegistryGuidSignatures_Listview.Items[i].SubItems[0].Text;
rsg[i].GuidType = RegistryGuidSignatures_Listview.Items[i].SubItems[1].Text;
}
return rsg;
}
/////////////////////////////////////////////////////
// //
// LoadDynamicGUIDs() //
// //
/////////////////////////////////////////////////////
//Description: loads all dynamic GUIDs supplied and adds
// a static guid to our registry guid signatures
// object for each expanded value.
//
//Returns: true if successful
/////////////////////////////////////////////////////
internal bool LoadDynamicGUIDs(ref CwXML.RegistryGuidSignature[] GuidSignatures)
{
Regex GUIDvalidator = new Regex(@"^(\{){0,1}[0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12}(\}){0,1}$", RegexOptions.Compiled);
//first get a count of how many Dynamic Guids there are
int NumDynamicGuids = 0;
foreach (CwXML.RegistryGuidSignature sig in GuidSignatures)
if (sig.GuidType == "Dynamic")
NumDynamicGuids++;
//none to process.
if (NumDynamicGuids == 0)
return true;
//allocate a new object to store that many dynamic guids
ArrayList DynamicSigsToAdd = new ArrayList(NumDynamicGuids);
//loop through all our GUID signatures and extract GUIDs from this live system's registry
//that are stored at the registry key indicated by the given Dynamic GUID signature
foreach (CwXML.RegistryGuidSignature sig in GuidSignatures)
{
string keyName = sig.GuidValue;
string type = sig.GuidType;//"Static" or "Dynamic"
string GUID = keyName; //by default, we assume it's static
string valueName = "";
//skip any static Guid Signatures -- our goal here is to MAKE static sigs
//from dynamic sigs that must be populated at runtime
if (type == "Static")
continue;
//hive parsing vars
int firstSlashInKeyName = keyName.IndexOf('\\');
string hive = keyName.Substring(0, firstSlashInKeyName);
string keyWithoutHive = keyName.Substring(firstSlashInKeyName, keyName.Length - firstSlashInKeyName);
keyName = keyWithoutHive;
RegistryKey key;
if (hive == "HKLM")
key = Registry.LocalMachine;
else if (hive == "HKCR")
key = Registry.ClassesRoot;
else if (hive == "HKU")
key = Registry.Users;
else if (hive == "HKCC")
key = Registry.CurrentConfig;
else
{
RegistryHelperLog.AppendLine("ERROR: Invalid hive supplied in GUID: '" + keyName + "', skipping..");
continue;
}
//it is possible this Dynamic Guid signature has an embedded {SID} expansion var.
//so try to expand this key.
string[] expandedKeys = ExpandRegistryKey(keyName, GuidSignatures);
string thisKeyName;
//if nothing was expanded, use the original key
if (expandedKeys == null)
expandedKeys = new string[] { keyName };
//loop through all resulting records that were expanded,
foreach (string expandedKey in expandedKeys)
{
thisKeyName = expandedKey.Trim(new char[] { ' ', '\\' });
//try to open the (by now chopped up) keyName ..
RegistryKey loadedKey = key.OpenSubKey(thisKeyName);
//bail if cant open key
if (loadedKey == null)
{
RegistryHelperLog.AppendLine("ERROR: Could not load GUID, invalid key specified: '" + thisKeyName + "', skipping...");
continue;
}
//great! loaded the key.. now try to get the value data stored at the value Name
object obj = loadedKey.GetValue(valueName);
if (obj == null)
{
RegistryHelperLog.AppendLine("ERROR: Could not load GUID, invalid value name specified: '" + valueName + "', skipping...");
continue;
}
//sweet! got the value name data..make sure it's a legit GUID
if (!GUIDvalidator.IsMatch(obj.ToString()))
{
RegistryHelperLog.AppendLine("ERROR: Found a GUID value, but it's invalid: '" + obj.ToString() + "', skipping...");
continue;
}
//store the value
GUID = (string)obj.ToString();
//strip out curly braces from GUID if present
GUID = GUID.Replace("{", "");
GUID = GUID.Replace("}", "");
//add it as a static GUID to our tmp signatures
CwXML.RegistryGuidSignature g = new CwXML.RegistryGuidSignature();
g.GuidType = "Static";
g.GuidValue = GUID;
DynamicSigsToAdd.Add(g);
}
}
//add all dynamic guids that are now static guids into our guid sigs array
foreach (CwXML.RegistryGuidSignature g in DynamicSigsToAdd)
{
if (g.GuidType != null && g.GuidValue != null)
{
//resize our permanent array by 1
Array.Resize(ref GuidSignatures, GuidSignatures.Length + 1);
GuidSignatures[GuidSignatures.Length] = g;
}
}
return true;
}
/////////////////////////////////////////////////////
// //
// LoadDynamicGUIDs() //
// //
/////////////////////////////////////////////////////
//Description: loads all dynamic GUIDs supplied and adds
// a static guid to our registry guid signatures
// object for each expanded value.
//
//Returns: true if successful
/////////////////////////////////////////////////////
internal bool LoadDynamicGUIDs(ref CwXML.RegistryGuidSignature[] GuidSignatures)
{
Regex GUIDvalidator = new Regex(@"^(\{){0,1}[0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12}(\}){0,1}$", RegexOptions.Compiled);
//first get a count of how many Dynamic Guids there are
int NumDynamicGuids = 0;
foreach (CwXML.RegistryGuidSignature sig in GuidSignatures)
{
if (sig.GuidType == "Dynamic")
{
NumDynamicGuids++;
}
}
//none to process.
if (NumDynamicGuids == 0)
{
return(true);
}
//allocate a new object to store that many dynamic guids
ArrayList DynamicSigsToAdd = new ArrayList(NumDynamicGuids);
//loop through all our GUID signatures and extract GUIDs from this live system's registry
//that are stored at the registry key indicated by the given Dynamic GUID signature
foreach (CwXML.RegistryGuidSignature sig in GuidSignatures)
{
string keyName = sig.GuidValue;
string type = sig.GuidType; //"Static" or "Dynamic"
string GUID = keyName; //by default, we assume it's static
string valueName = "";
//skip any static Guid Signatures -- our goal here is to MAKE static sigs
//from dynamic sigs that must be populated at runtime
if (type == "Static")
{
continue;
}
//hive parsing vars
int firstSlashInKeyName = keyName.IndexOf('\\');
string hive = keyName.Substring(0, firstSlashInKeyName);
string keyWithoutHive = keyName.Substring(firstSlashInKeyName, keyName.Length - firstSlashInKeyName);
keyName = keyWithoutHive;
RegistryKey key;
if (hive == "HKLM")
{
key = Registry.LocalMachine;
}
else if (hive == "HKCR")
{
key = Registry.ClassesRoot;
}
else if (hive == "HKU")
{
key = Registry.Users;
}
else if (hive == "HKCC")
{
key = Registry.CurrentConfig;
}
else
{
RegistryHelperLog.AppendLine("ERROR: Invalid hive supplied in GUID: '" + keyName + "', skipping..");
continue;
}
//it is possible this Dynamic Guid signature has an embedded {SID} expansion var.
//so try to expand this key.
string[] expandedKeys = ExpandRegistryKey(keyName, GuidSignatures);
string thisKeyName;
//if nothing was expanded, use the original key
if (expandedKeys == null)
{
expandedKeys = new string[] { keyName }
}
;
//loop through all resulting records that were expanded,
foreach (string expandedKey in expandedKeys)
{
thisKeyName = expandedKey.Trim(new char[] { ' ', '\\' });
//try to open the (by now chopped up) keyName ..
RegistryKey loadedKey = key.OpenSubKey(thisKeyName);
//bail if cant open key
if (loadedKey == null)
{
RegistryHelperLog.AppendLine("ERROR: Could not load GUID, invalid key specified: '" + thisKeyName + "', skipping...");
continue;
}
//great! loaded the key.. now try to get the value data stored at the value Name
object obj = loadedKey.GetValue(valueName);
if (obj == null)
{
RegistryHelperLog.AppendLine("ERROR: Could not load GUID, invalid value name specified: '" + valueName + "', skipping...");
continue;
}
//sweet! got the value name data..make sure it's a legit GUID
if (!GUIDvalidator.IsMatch(obj.ToString()))
{
RegistryHelperLog.AppendLine("ERROR: Found a GUID value, but it's invalid: '" + obj.ToString() + "', skipping...");
continue;
}
//store the value
GUID = (string)obj.ToString();
//strip out curly braces from GUID if present
GUID = GUID.Replace("{", "");
GUID = GUID.Replace("}", "");
//add it as a static GUID to our tmp signatures
CwXML.RegistryGuidSignature g = new CwXML.RegistryGuidSignature();
g.GuidType = "Static";
g.GuidValue = GUID;
DynamicSigsToAdd.Add(g);
}
}
//add all dynamic guids that are now static guids into our guid sigs array
foreach (CwXML.RegistryGuidSignature g in DynamicSigsToAdd)
{
if (g.GuidType != null && g.GuidValue != null)
{
//resize our permanent array by 1
Array.Resize(ref GuidSignatures, GuidSignatures.Length + 1);
GuidSignatures[GuidSignatures.Length] = g;
}
}
return(true);
}
