public int GetSerialization(out _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE pcpgsr, out _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs, out string ppszOptionalStatusText, out _CREDENTIAL_PROVIDER_STATUS_ICON pcpsiOptionalStatusIcon) { Log.LogMethodCall(); try { pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_RETURN_CREDENTIAL_FINISHED; pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION(); var username = "******"; var password = "******"; var inCredSize = 0; var inCredBuffer = Marshal.AllocCoTaskMem(0); if (!PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize)) { Marshal.FreeCoTaskMem(inCredBuffer); inCredBuffer = Marshal.AllocCoTaskMem(inCredSize); if (PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize)) { ppszOptionalStatusText = string.Empty; pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_SUCCESS; pcpcs.clsidCredentialProvider = Guid.Parse(Constants.CredentialProviderUID); pcpcs.rgbSerialization = inCredBuffer; pcpcs.cbSerialization = (uint)inCredSize; RetrieveNegotiateAuthPackage(out var authPackage); pcpcs.ulAuthenticationPackage = authPackage; return(HResultValues.S_OK); } ppszOptionalStatusText = "Failed to pack credentials"; pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR; return(HResultValues.E_FAIL); } } catch (Exception) { // In case of any error, do not bring down winlogon } finally { shouldAutoLogin = false; // Block auto-login from going full-retard } pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED; pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION(); ppszOptionalStatusText = string.Empty; pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_NONE; return(HResultValues.E_NOTIMPL); }
public int GetSerialization(out _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE pcpgsr, out _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs, out string ppszOptionalStatusText, out _CREDENTIAL_PROVIDER_STATUS_ICON pcpsiOptionalStatusIcon) { Log.Debug("GetSerialization()"); try { pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_RETURN_CREDENTIAL_FINISHED; pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION(); var username = @"intercede\ben.arnold"; var password = "******"; var inCredSize = 0; var inCredBuffer = Marshal.AllocCoTaskMem(0); if (!PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize)) { Marshal.FreeCoTaskMem(inCredBuffer); inCredBuffer = Marshal.AllocCoTaskMem(inCredSize); if (PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize)) { ppszOptionalStatusText = string.Empty; pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_SUCCESS; pcpcs.clsidCredentialProvider = Guid.Parse("82416BBE-EDF3-4B54-9E23-2E306FB4D11E"); pcpcs.rgbSerialization = inCredBuffer; pcpcs.cbSerialization = (uint)inCredSize; RetrieveNegotiateAuthPackage(out var authPackage); pcpcs.ulAuthenticationPackage = authPackage; return(HResultValues.S_OK); } ppszOptionalStatusText = "Failed to pack credentials"; pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR; return(HResultValues.E_FAIL); } } catch (Exception e) { // In case of any error, do not bring down winlogon Log.Error(e, "Ignored"); } finally { //shouldAutoLogin = false; // Block auto-login from going full-retard } pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED; pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION(); ppszOptionalStatusText = string.Empty; pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_NONE; return(HResultValues.E_NOTIMPL); }
public virtual int GetSerialization( out _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE pcpgsr, out _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs, out string ppszOptionalStatusText, out _CREDENTIAL_PROVIDER_STATUS_ICON pcpsiOptionalStatusIcon ) { Logger.Write(); pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED; pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION() { ulAuthenticationPackage = 1234 }; ppszOptionalStatusText = ""; pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_NONE; return(HRESULT.S_OK); }
public int SetSerialization(ref _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs) { Log.LogMethodCall(); return(HResultValues.E_NOTIMPL); }
public int SetSerialization(ref _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs) { Log.Debug("SetSerialization({pcpcs})", pcpcs); throw new NotImplementedException(); }
public virtual int GetSerialization( out _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE pcpgsr, out _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs, out string ppszOptionalStatusText, out _CREDENTIAL_PROVIDER_STATUS_ICON pcpsiOptionalStatusIcon ) { Logger.Write(); var usage = this.view.Provider.GetUsage(); pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_NOT_FINISHED; pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION(); ppszOptionalStatusText = ""; pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_NONE; //Serialization can be called before the user has entered any values. Only applies to logon usage scenarios if (usage == _CREDENTIAL_PROVIDER_USAGE_SCENARIO.CPUS_LOGON || usage == _CREDENTIAL_PROVIDER_USAGE_SCENARIO.CPUS_UNLOCK_WORKSTATION) { //Determine the authentication package Common.RetrieveNegotiateAuthPackage(out var authPackage); //Only credential packing for msv1_0 is supported using this code Logger.Write($"Got authentication package: {authPackage}. Only local authenticsation package 0 (msv1_0) is supported."); //Get username and password var username = Common.GetNameFromSid(this.sid); GetStringValue(2, out var password); Logger.Write($"Preparing to serialise credential with password..."); pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_RETURN_CREDENTIAL_FINISHED; pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION(); var inCredSize = 0; var inCredBuffer = Marshal.AllocCoTaskMem(0); //This should work fine in Windows 10 that only uses the Logon scenario //But it could fail for the workstation unlock scanario on older OS's if (!PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize)) { Marshal.FreeCoTaskMem(inCredBuffer); inCredBuffer = Marshal.AllocCoTaskMem(inCredSize); if (PInvoke.CredPackAuthenticationBuffer(0, username, password, inCredBuffer, ref inCredSize)) { ppszOptionalStatusText = string.Empty; pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_SUCCESS; //Better to move the CLSID to a constant (but currently used in the .reg file) pcpcs.clsidCredentialProvider = Guid.Parse("00006d50-0000-0000-b090-00006b0b0000"); pcpcs.rgbSerialization = inCredBuffer; pcpcs.cbSerialization = (uint)inCredSize; pcpcs.ulAuthenticationPackage = authPackage; return(HRESULT.S_OK); } ppszOptionalStatusText = "Failed to pack credentials"; pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_ERROR; return(HRESULT.E_FAIL); } } //Implement code to change password here. This is not handled natively. else if (usage == _CREDENTIAL_PROVIDER_USAGE_SCENARIO.CPUS_CHANGE_PASSWORD) { pcpgsr = _CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE.CPGSR_NO_CREDENTIAL_FINISHED; pcpcs = new _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION(); ppszOptionalStatusText = "Password changed success message."; pcpsiOptionalStatusIcon = _CREDENTIAL_PROVIDER_STATUS_ICON.CPSI_SUCCESS; } Logger.Write("Returning S_OK"); return(HRESULT.S_OK); }
/// <summary> /// Sets the serialization characteristics of the credential provider. /// <inheritdoc path="https://docs.microsoft.com/en-us/windows/win32/api/credentialprovider/nf-credentialprovider-icredentialprovider-setserialization"/> /// </summary> /// <param name="pcpcs">A pointer to a <see cref="_CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION"/> structure that stores the serialization characteristics of the credential provider.</param> /// <returns><see cref="HRESULT"/></returns> public virtual int SetSerialization(ref _CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION pcpcs) { Logger.Write($"ulAuthenticationPackage: {pcpcs.ulAuthenticationPackage}"); return(HRESULT.S_OK); }