/// <summary>
/// Restore key from a file.
/// </summary>
/// <param name="path">The file path to restore from</param>
/// <param name="flags">Restore key flags</param>
public void Restore(string path, RestoreKeyFlags flags)
{
using (NtFile file = NtFile.Open(path, null, FileAccessRights.GenericRead | FileAccessRights.Synchronize,
FileShareMode.Read, FileOpenOptions.SynchronousIoNonAlert))
{
Restore(file, flags);
}
}
/// <summary>
/// Open an NT object with a specified type.
/// </summary>
/// <param name="typename">The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type.</param>
/// <param name="path">The path to the object to open.</param>
/// <param name="root">A root directory to open from.</param>
/// <param name="access">Generic access rights to the object.</param>
/// <returns>The opened object.</returns>
/// <exception cref="NtException">Thrown if an error occurred opening the object.</exception>
/// <exception cref="ArgumentException">Thrown if type of resource couldn't be found.</exception>
public static NtObject OpenWithType(string typename, string path, NtObject root, GenericAccessRights access)
{
if (typename == null)
{
typename = NtDirectory.GetDirectoryEntryType(path, root);
if (typename == null)
{
throw new ArgumentException(String.Format("Can't find type for path {0}", path));
}
}
switch (typename.ToLower())
{
case "device":
return(NtFile.Open(path, root, (FileAccessRights)access, FileShareMode.None, FileOpenOptions.None));
case "file":
return(NtFile.Open(path, root, (FileAccessRights)access, FileShareMode.Read | FileShareMode.Write | FileShareMode.Delete, FileOpenOptions.None));
case "event":
return(NtEvent.Open(path, root, (EventAccessRights)access));
case "directory":
return(NtDirectory.Open(path, root, (DirectoryAccessRights)access));
case "symboliclink":
return(NtSymbolicLink.Open(path, root, (SymbolicLinkAccessRights)access));
case "mutant":
return(NtMutant.Open(path, root, (MutantAccessRights)access));
case "semaphore":
return(NtSemaphore.Open(path, root, (SemaphoreAccessRights)access));
case "section":
return(NtSection.Open(path, root, (SectionAccessRights)access));
case "job":
return(NtJob.Open(path, root, (JobAccessRights)access));
case "key":
return(NtKey.Open(path, root, (KeyAccessRights)access));
default:
throw new ArgumentException(String.Format("Can't open type {0}", typename));
}
}
/// <summary>
/// Create a Window Station by name.
/// </summary>
/// <param name="object_attributes">Object attributes for the Window Station.</param>
/// <param name="desired_access">Desired access for the Window Station.</param>
/// <param name="kbd_dll_path">Path to Keyboard DLL e.g. kbusa.dll.</param>
/// <param name="keyboard_locale">Locale ID, e.g. 0x4090409.</param>
/// <param name="language_id">Language ID e.g. 0x409.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The Window Station.</returns>
public static NtResult <NtWindowStation> Create(ObjectAttributes object_attributes, WindowStationAccessRights desired_access, string kbd_dll_path,
int language_id, int keyboard_locale, bool throw_on_error)
{
string dll_path;
IntPtr layout_offset;
IntPtr nls_offset;
using (var kbd_dll = SafeLoadLibraryHandle.LoadLibrary(kbd_dll_path, LoadLibraryFlags.None, throw_on_error))
{
if (!kbd_dll.IsSuccess)
{
return(kbd_dll.Cast <NtWindowStation>());
}
dll_path = kbd_dll.Result.FullPath;
layout_offset = GetKdbLayoutOffset(kbd_dll.Result, 1);
nls_offset = GetKdbLayoutOffset(kbd_dll.Result, 2);
}
using (var buffer = new SafeHGlobalBuffer(0x318))
{
BufferUtils.FillBuffer(buffer, 0);
using (var file = NtFile.Open(NtFileUtils.DosFileNameToNt(dll_path), null,
FileAccessRights.GenericRead | FileAccessRights.Synchronize, FileShareMode.Read | FileShareMode.Delete,
FileOpenOptions.NonDirectoryFile | FileOpenOptions.SynchronousIoNonAlert, throw_on_error))
{
if (!file.IsSuccess)
{
return(file.Cast <NtWindowStation>());
}
var handle = NtSystemCalls.NtUserCreateWindowStation(object_attributes, desired_access, file.Result.Handle,
layout_offset, nls_offset, buffer, new UnicodeString($"{language_id:X08}"), keyboard_locale);
if (handle.IsInvalid)
{
return(NtObjectUtils.CreateResultFromDosError <NtWindowStation>(throw_on_error));
}
return(new NtWindowStation(handle).CreateResult());
}
}
}
