private IntPtr GetSaclWithCapId(string capStr)
{
IntPtr zero;
IntPtr cAPID = IntPtr.Zero;
IntPtr intPtr = IntPtr.Zero;
IntPtr zero1 = IntPtr.Zero;
bool sid = true;
bool flag = true;
int num = 0;
try
{
sid = NativeMethods.ConvertStringSidToSid(capStr, out cAPID);
if (!sid)
{
flag = false;
int num1 = 0;
num = NativeMethods.LsaQueryCAPs(null, 0, out zero1, out num1);
if (num == 0)
{
if (num1 == 0 || zero1 == IntPtr.Zero)
{
zero = IntPtr.Zero;
return zero;
}
else
{
IntPtr intPtr1 = zero1;
uint num2 = 0;
while (num2 < num1)
{
NativeMethods.CENTRAL_ACCESS_POLICY structure = (NativeMethods.CENTRAL_ACCESS_POLICY)Marshal.PtrToStructure(intPtr1, typeof(NativeMethods.CENTRAL_ACCESS_POLICY));
string stringUni = Marshal.PtrToStringUni(structure.Name.Buffer, structure.Name.Length / 2);
if (!stringUni.Equals(capStr, StringComparison.OrdinalIgnoreCase))
{
intPtr1 = intPtr1 + Marshal.SizeOf(structure);
num2++;
}
else
{
cAPID = structure.CAPID;
break;
}
}
}
}
else
{
throw new Win32Exception(num);
}
}
if (cAPID != IntPtr.Zero)
{
sid = NativeMethods.IsValidSid(cAPID);
if (sid)
{
uint lengthSid = NativeMethods.GetLengthSid(cAPID);
NativeMethods.ACL aCL = new NativeMethods.ACL();
NativeMethods.SYSTEM_AUDIT_ACE sYSTEMAUDITACE = new NativeMethods.SYSTEM_AUDIT_ACE();
int num3 = (int)((long)(Marshal.SizeOf(aCL) + Marshal.SizeOf(sYSTEMAUDITACE)) + (long)lengthSid - (long)1) & -4;
intPtr = Marshal.AllocHGlobal(num3);
sid = NativeMethods.InitializeAcl(intPtr, num3, 2);
if (sid)
{
num = NativeMethods.RtlAddScopedPolicyIDAce(intPtr, 2, 3, 0, cAPID);
if (num == 0)
{
return intPtr;
}
else
{
if (num != -1073741811)
{
throw new Win32Exception(num);
}
else
{
throw new ArgumentException(UtilsStrings.InvalidCentralAccessPolicyIdentifier);
}
}
}
else
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
}
else
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
}
else
{
Exception argumentException = new ArgumentException(UtilsStrings.InvalidCentralAccessPolicyIdentifier);
base.WriteError(new ErrorRecord(argumentException, "SetAcl_CentralAccessPolicy", ErrorCategory.InvalidArgument, this.AclObject));
zero = IntPtr.Zero;
}
}
finally
{
if (!sid || num != 0)
{
Marshal.FreeHGlobal(intPtr);
}
num = NativeMethods.LsaFreeMemory(zero1);
if (flag)
{
NativeMethods.LocalFree(cAPID);
}
}
return zero;
}
public static SecurityIdentifier GetCentralAccessPolicyId(PSObject instance)
{
SecurityIdentifier securityIdentifier;
SessionState sessionState = new SessionState();
string unresolvedProviderPathFromPSPath = sessionState.Path.GetUnresolvedProviderPathFromPSPath(SecurityDescriptorCommandsBase.GetPath(instance));
IntPtr zero = IntPtr.Zero;
IntPtr intPtr = IntPtr.Zero;
IntPtr zero1 = IntPtr.Zero;
IntPtr intPtr1 = IntPtr.Zero;
IntPtr zero2 = IntPtr.Zero;
try
{
int namedSecurityInfo = NativeMethods.GetNamedSecurityInfo(unresolvedProviderPathFromPSPath, NativeMethods.SeObjectType.SE_FILE_OBJECT, NativeMethods.SecurityInformation.SCOPE_SECURITY_INFORMATION, out zero, out intPtr, out zero1, out intPtr1, out zero2);
if (namedSecurityInfo == 0)
{
if (intPtr1 != IntPtr.Zero)
{
NativeMethods.ACL structure = (NativeMethods.ACL)Marshal.PtrToStructure(intPtr1, typeof(NativeMethods.ACL));
if (structure.AceCount != 0)
{
NativeMethods.ACL aCL = new NativeMethods.ACL();
IntPtr aceSize = intPtr1 + Marshal.SizeOf(aCL);
for (uint i = 0; i < structure.AceCount; i++)
{
NativeMethods.ACE_HEADER aCEHEADER = (NativeMethods.ACE_HEADER)Marshal.PtrToStructure(aceSize, typeof(NativeMethods.ACE_HEADER));
if ((aCEHEADER.AceFlags & 8) == 0)
{
break;
}
aceSize = aceSize + aCEHEADER.AceSize;
}
NativeMethods.SYSTEM_AUDIT_ACE sYSTEMAUDITACE = new NativeMethods.SYSTEM_AUDIT_ACE();
IntPtr intPtr2 = aceSize + Marshal.SizeOf(sYSTEMAUDITACE) - Marshal.SizeOf((uint)0);
bool flag = NativeMethods.IsValidSid(intPtr2);
if (flag)
{
securityIdentifier = new SecurityIdentifier(intPtr2);
}
else
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
}
else
{
securityIdentifier = null;
}
}
else
{
securityIdentifier = null;
}
}
else
{
throw new Win32Exception(namedSecurityInfo);
}
}
finally
{
NativeMethods.LocalFree(zero2);
}
return securityIdentifier;
}
