public static List <LogInfo> RegWrite(EngineState s, CodeCommand cmd)
{ // RegWrite,<HKey>,<ValueType>,<KeyPath>,<ValueName>,<ValueData>,[OptionalData]
List <LogInfo> logs = new List <LogInfo>();
CodeInfo_RegWrite info = cmd.Info.Cast <CodeInfo_RegWrite>();
string keyPath = StringEscaper.Preprocess(s, info.KeyPath);
string valueName = null;
if (info.ValueName != null)
{
valueName = StringEscaper.Preprocess(s, info.ValueName);
}
if (info.HKey == null)
{
throw new InternalException("Internal Logic Error");
}
string hKeyStr = RegistryHelper.RegKeyToString(info.HKey);
string fullKeyPath = $"{hKeyStr}\\{keyPath}";
string fullValuePath = $"{hKeyStr}\\{keyPath}\\{valueName}";
(byte[] BinData, string ValueData) ParseByteArrayFromString()
{
if (info.ValueData == null)
{ // Use info.ValueDataList
string[] binStrs = StringEscaper.Preprocess(s, info.ValueDataList).ToArray();
string valueData = StringEscaper.PackRegBinary(binStrs);
if (!StringEscaper.UnpackRegBinary(binStrs, out byte[] binData))
public void PackRegBinary_2()
{
byte[] src = new byte[] { 0x43, 0x00, 0x3A, 0x00, 0x5C, 0x00 };
string dest = StringEscaper.PackRegBinary(src);
string comp = "43,00,3A,00,5C,00";
Assert.IsTrue(dest.Equals(comp, StringComparison.Ordinal));
}
public void PackRegBinary_1()
{
byte[] src = Encoding.Unicode.GetBytes("C:\\");
string dest = StringEscaper.PackRegBinary(src);
string comp = "43,00,3A,00,5C,00";
Assert.IsTrue(dest.Equals(comp, StringComparison.Ordinal));
}
public static List <LogInfo> RegWrite(EngineState s, CodeCommand cmd)
{ // RegWrite,<HKey>,<ValueType>,<KeyPath>,<ValueName>,<ValueData>,[OptionalData]
List <LogInfo> logs = new List <LogInfo>();
CodeInfo_RegWrite info = cmd.Info.Cast <CodeInfo_RegWrite>();
string keyPath = StringEscaper.Preprocess(s, info.KeyPath);
string valueName = null;
if (info.ValueName != null)
{
valueName = StringEscaper.Preprocess(s, info.ValueName);
}
if (info.HKey == null)
{
throw new InternalException("Internal Logic Error");
}
string hKeyStr = RegistryHelper.RegKeyToString(info.HKey);
string fullKeyPath = $"{hKeyStr}\\{keyPath}";
string fullValuePath = $"{hKeyStr}\\{keyPath}\\{valueName}";
using (RegistryKey subKey = info.HKey.CreateSubKey(keyPath, true))
{
if (valueName == null)
{
logs.Add(new LogInfo(LogState.Success, $"Registry subkey [{fullKeyPath}] created"));
return(logs);
}
object checkData = subKey.GetValue(valueName);
if (checkData != null)
{
logs.Add(new LogInfo(info.NoWarn ? LogState.Ignore : LogState.Overwrite, $"Registry value [{fullValuePath}] already exists"));
}
switch (info.ValueType)
{
case RegistryValueKind.None:
{
subKey.SetValue(valueName, new byte[0], RegistryValueKind.None);
logs.Add(new LogInfo(LogState.Success, $"Registry value [{fullValuePath}] set to REG_NONE"));
}
break;
case RegistryValueKind.String:
{
string valueData = StringEscaper.Preprocess(s, info.ValueData);
subKey.SetValue(valueName, valueData, RegistryValueKind.String);
logs.Add(new LogInfo(LogState.Success, $"Registry value [{fullValuePath}] set to REG_SZ [{valueData}]"));
}
break;
case RegistryValueKind.ExpandString:
{
string valueData = StringEscaper.Preprocess(s, info.ValueData);
subKey.SetValue(valueName, valueData, RegistryValueKind.ExpandString);
logs.Add(new LogInfo(LogState.Success, $"Registry value [{fullValuePath}] set to REG_EXPAND_SZ [{valueData}]"));
}
break;
case RegistryValueKind.MultiString:
{
string[] multiStrs = StringEscaper.Preprocess(s, info.ValueDatas).ToArray();
subKey.SetValue(valueName, multiStrs, RegistryValueKind.MultiString);
string valueData = StringEscaper.PackRegMultiBinary(multiStrs);
logs.Add(new LogInfo(LogState.Success, $"Registry value [{fullValuePath}] set to REG_MULTI_SZ [{valueData}]"));
}
break;
case RegistryValueKind.Binary:
{
if (info.ValueData == null)
{ // Use info.ValueDatas
string[] binStrs = StringEscaper.Preprocess(s, info.ValueDatas).ToArray();
string valueData = StringEscaper.PackRegBinary(binStrs);
if (!StringEscaper.UnpackRegBinary(binStrs, out byte[] binData))
public static List <LogInfo> RegRead(EngineState s, CodeCommand cmd)
{ // RegRead,<HKey>,<KeyPath>,<ValueName>,<DestVar>
List <LogInfo> logs = new List <LogInfo>();
CodeInfo_RegRead info = cmd.Info.Cast <CodeInfo_RegRead>();
string keyPath = StringEscaper.Preprocess(s, info.KeyPath);
string valueName = StringEscaper.Preprocess(s, info.ValueName);
string hKeyStr = RegistryHelper.RegKeyToString(info.HKey);
if (hKeyStr == null)
{
throw new InternalException("Internal Logic Error");
}
string fullKeyPath = $"{hKeyStr}\\{keyPath}";
string valueDataStr;
using (RegistryKey subKey = info.HKey.OpenSubKey(keyPath, false))
{
if (subKey == null)
{
return(LogInfo.LogErrorMessage(logs, $"Registry key [{fullKeyPath}] does not exist"));
}
object valueData = subKey.GetValue(valueName, null, RegistryValueOptions.DoNotExpandEnvironmentNames);
if (valueData == null)
{
return(LogInfo.LogErrorMessage(logs, $"Cannot read registry key [{fullKeyPath}]"));
}
RegistryValueKind kind = subKey.GetValueKind(valueName);
switch (kind)
{
case RegistryValueKind.None:
return(LogInfo.LogErrorMessage(logs, $"Cannot read empty value [{fullKeyPath}\\{valueName}]"));
case RegistryValueKind.String:
case RegistryValueKind.ExpandString:
valueDataStr = (string)valueData;
break;
case RegistryValueKind.Binary:
valueDataStr = StringEscaper.PackRegBinary((byte[])valueData);
break;
case RegistryValueKind.DWord:
valueDataStr = ((uint)(int)valueData).ToString();
break;
case RegistryValueKind.MultiString:
valueDataStr = StringEscaper.PackRegMultiString((string[])valueData);
break;
case RegistryValueKind.QWord:
valueDataStr = ((ulong)(long)valueData).ToString();
break;
default:
return(LogInfo.LogErrorMessage(logs, $"Unsupported registry value type [0x{(int)kind:0:X}]"));
}
}
logs.Add(new LogInfo(LogState.Success, $"Registry value [{fullKeyPath}\\{valueName}]'s data is [{valueDataStr}]"));
List <LogInfo> varLogs = Variables.SetVariable(s, info.DestVar, valueDataStr);
logs.AddRange(varLogs);
return(logs);
}
