Inheritance: KnownAce
Example #1
0
        //
        // Instantiates the most-derived ACE type based on the binary
        // representation of an ACE
        //

        public static GenericAce CreateFromBinaryForm(byte[] binaryForm, int offset)
        {
            GenericAce result;
            AceType type;

            //
            // Sanity check the header
            //

            VerifyHeader(binaryForm, offset);

            type = (AceType)binaryForm[offset];

            if (type == AceType.AccessAllowed ||
                type == AceType.AccessDenied ||
                type == AceType.SystemAudit ||
                type == AceType.SystemAlarm ||
                type == AceType.AccessAllowedCallback ||
                type == AceType.AccessDeniedCallback ||
                type == AceType.SystemAuditCallback ||
                type == AceType.SystemAlarmCallback)
            {
                AceQualifier qualifier;
                int accessMask;
                SecurityIdentifier sid;
                bool isCallback;
                byte[] opaque;

                if (true == CommonAce.ParseBinaryForm(binaryForm, offset, out qualifier, out accessMask, out sid, out isCallback, out opaque))
                {
                    AceFlags flags = (AceFlags)binaryForm[offset + 1];
                    result = new CommonAce(flags, qualifier, accessMask, sid, isCallback, opaque);
                }
                else
                {
                    goto InvalidParameter;
                }
            }
            else if (type == AceType.AccessAllowedObject ||
                type == AceType.AccessDeniedObject ||
                type == AceType.SystemAuditObject ||
                type == AceType.SystemAlarmObject ||
                type == AceType.AccessAllowedCallbackObject ||
                type == AceType.AccessDeniedCallbackObject ||
                type == AceType.SystemAuditCallbackObject ||
                type == AceType.SystemAlarmCallbackObject)
            {
                AceQualifier qualifier;
                int accessMask;
                SecurityIdentifier sid;
                ObjectAceFlags objectFlags;
                Guid objectAceType;
                Guid inheritedObjectAceType;
                bool isCallback;
                byte[] opaque;

                if (true == ObjectAce.ParseBinaryForm(binaryForm, offset, out qualifier, out accessMask, out sid, out objectFlags, out objectAceType, out inheritedObjectAceType, out isCallback, out opaque))
                {
                    AceFlags flags = (AceFlags)binaryForm[offset + 1];
                    result = new ObjectAce(flags, qualifier, accessMask, sid, objectFlags, objectAceType, inheritedObjectAceType, isCallback, opaque);
                }
                else
                {
                    goto InvalidParameter;
                }
            }
            else if (type == AceType.AccessAllowedCompound)
            {
                int accessMask;
                CompoundAceType compoundAceType;
                SecurityIdentifier sid;

                if (true == CompoundAce.ParseBinaryForm(binaryForm, offset, out accessMask, out compoundAceType, out sid))
                {
                    AceFlags flags = (AceFlags)binaryForm[offset + 1];
                    result = new CompoundAce(flags, accessMask, compoundAceType, sid);
                }
                else
                {
                    goto InvalidParameter;
                }
            }
            else
            {
                AceFlags flags = (AceFlags)binaryForm[offset + 1];
                byte[] opaque = null;
                int aceLength = (binaryForm[offset + 2] << 0) + (binaryForm[offset + 3] << 8);

                if (aceLength % 4 != 0)
                {
                    goto InvalidParameter;
                }

                int opaqueLength = aceLength - HeaderLength;

                if (opaqueLength > 0)
                {
                    opaque = new byte[opaqueLength];

                    for (int i = 0; i < opaqueLength; i++)
                    {
                        opaque[i] = binaryForm[offset + aceLength - opaqueLength + i];
                    }
                }

                result = new CustomAce(type, flags, opaque);
            }

            //
            // As a final check, confirm that the advertised ACE header length
            // was the actual parsed length
            //

            if (((!(result is ObjectAce)) && ((binaryForm[offset + 2] << 0) + (binaryForm[offset + 3] << 8) != result.BinaryLength))
                //
                // This is needed because object aces created through ADSI have the advertised ACE length
                // greater than the actual length by 32 (bug in ADSI).
                //
                || ((result is ObjectAce) && ((binaryForm[offset + 2] << 0) + (binaryForm[offset + 3] << 8) != result.BinaryLength) && (((binaryForm[offset + 2] << 0) + (binaryForm[offset + 3] << 8) - 32) != result.BinaryLength)))
            {
                goto InvalidParameter;
            }

            return result;

        InvalidParameter:

            throw new ArgumentException(
                 SR.ArgumentException_InvalidAceBinaryForm,
nameof(binaryForm));
        }
 public static GenericAce CreateFromBinaryForm(byte[] binaryForm, int offset)
 {
     GenericAce ace;
     VerifyHeader(binaryForm, offset);
     System.Security.AccessControl.AceType type = (System.Security.AccessControl.AceType) binaryForm[offset];
     switch (type)
     {
         case System.Security.AccessControl.AceType.AccessAllowed:
         case System.Security.AccessControl.AceType.AccessDenied:
         case System.Security.AccessControl.AceType.SystemAudit:
         case System.Security.AccessControl.AceType.SystemAlarm:
         case System.Security.AccessControl.AceType.AccessAllowedCallback:
         case System.Security.AccessControl.AceType.AccessDeniedCallback:
         case System.Security.AccessControl.AceType.SystemAuditCallback:
         case System.Security.AccessControl.AceType.SystemAlarmCallback:
         {
             AceQualifier qualifier;
             int num;
             SecurityIdentifier identifier;
             bool flag;
             byte[] buffer;
             if (!CommonAce.ParseBinaryForm(binaryForm, offset, out qualifier, out num, out identifier, out flag, out buffer))
             {
                 goto Label_01A8;
             }
             System.Security.AccessControl.AceFlags flags = (System.Security.AccessControl.AceFlags) binaryForm[offset + 1];
             ace = new CommonAce(flags, qualifier, num, identifier, flag, buffer);
             break;
         }
         case System.Security.AccessControl.AceType.AccessAllowedObject:
         case System.Security.AccessControl.AceType.AccessDeniedObject:
         case System.Security.AccessControl.AceType.SystemAuditObject:
         case System.Security.AccessControl.AceType.SystemAlarmObject:
         case System.Security.AccessControl.AceType.AccessAllowedCallbackObject:
         case System.Security.AccessControl.AceType.AccessDeniedCallbackObject:
         case System.Security.AccessControl.AceType.SystemAuditCallbackObject:
         case System.Security.AccessControl.AceType.SystemAlarmCallbackObject:
         {
             AceQualifier qualifier2;
             int num2;
             SecurityIdentifier identifier2;
             ObjectAceFlags flags2;
             Guid guid;
             Guid guid2;
             bool flag2;
             byte[] buffer2;
             if (!ObjectAce.ParseBinaryForm(binaryForm, offset, out qualifier2, out num2, out identifier2, out flags2, out guid, out guid2, out flag2, out buffer2))
             {
                 goto Label_01A8;
             }
             System.Security.AccessControl.AceFlags aceFlags = (System.Security.AccessControl.AceFlags) binaryForm[offset + 1];
             ace = new ObjectAce(aceFlags, qualifier2, num2, identifier2, flags2, guid, guid2, flag2, buffer2);
             break;
         }
         case System.Security.AccessControl.AceType.AccessAllowedCompound:
         {
             int num3;
             CompoundAceType type2;
             SecurityIdentifier identifier3;
             if (!CompoundAce.ParseBinaryForm(binaryForm, offset, out num3, out type2, out identifier3))
             {
                 goto Label_01A8;
             }
             System.Security.AccessControl.AceFlags flags4 = (System.Security.AccessControl.AceFlags) binaryForm[offset + 1];
             ace = new CompoundAce(flags4, num3, type2, identifier3);
             break;
         }
         default:
         {
             System.Security.AccessControl.AceFlags flags5 = (System.Security.AccessControl.AceFlags) binaryForm[offset + 1];
             byte[] opaque = null;
             int num4 = binaryForm[offset + 2] + (binaryForm[offset + 3] << 8);
             if ((num4 % 4) != 0)
             {
                 goto Label_01A8;
             }
             int num5 = num4 - 4;
             if (num5 > 0)
             {
                 opaque = new byte[num5];
                 for (int i = 0; i < num5; i++)
                 {
                     opaque[i] = binaryForm[((offset + num4) - num5) + i];
                 }
             }
             ace = new CustomAce(type, flags5, opaque);
             break;
         }
     }
     if (((ace is ObjectAce) || ((binaryForm[offset + 2] + (binaryForm[offset + 3] << 8)) == ace.BinaryLength)) && ((!(ace is ObjectAce) || ((binaryForm[offset + 2] + (binaryForm[offset + 3] << 8)) == ace.BinaryLength)) || (((binaryForm[offset + 2] + (binaryForm[offset + 3] << 8)) - 0x20) == ace.BinaryLength)))
     {
         return ace;
     }
 Label_01A8:
     throw new ArgumentException(Environment.GetResourceString("ArgumentException_InvalidAceBinaryForm"), "binaryForm");
 }