public static uint ApiRegSetKeySecurity(RegistryHive hive,
string _sObjectname,
IntPtr pSecurityDescriptor)
{
uint iRet = 0;
Logger.Log(string.Format("RegistryInteropWrapperWindows.ApiRegSetKeySecurity() is called", Logger.LogLevel.Verbose));
IntPtr hKey = (IntPtr)0, phSubKey = (IntPtr)0; IntPtr hProv = (IntPtr)0;
if ((RegistryInteropWindows.RegConnectRegistry(RegistryInteropWrapperWindows.sHostName, hive, out hKey)) == 0)
{
try
{
iRet = (uint)RegistryInteropWindows.RegOpenKeyEx(
hKey,
_sObjectname,
0,
(uint)(RegistryApi.RegSAM.Execute),
out phSubKey);
iRet = RegistryInteropWindows.RegSetKeySecurity(phSubKey,
SecurityDescriptorApi.SECURITY_INFORMATION.DACL_SECURITY_INFORMATION |
SecurityDescriptorApi.SECURITY_INFORMATION.PROTECTED_DACL_SECURITY_INFORMATION |
SecurityDescriptorApi.SECURITY_INFORMATION.UNPROTECTED_DACL_SECURITY_INFORMATION,
//SecurityDescriptorApi.SECURITY_INFORMATION.SACL_SECURITY_INFORMATION, //Commented this since the Api is returning the Access denied error code=5
pSecurityDescriptor);
}
catch (Exception ex) { Logger.LogException("RegistryInteropWrapperWindows.ApiRegSetKeySecurity()", ex); }
finally
{
if ((int)phSubKey > 0)
{
// Attempt to dispose of key
RegistryInteropWindows.RegCloseKey(phSubKey);
}
if ((int)hKey > 0)
{
// Attempt to dispose of hive
RegistryInteropWindows.RegCloseKey(hKey);
}
if ((int)pSecurityDescriptor > 0)
{
// Attempt to dispose of hive
SecurityDescriptorApi.CloseHandle(pSecurityDescriptor);
}
}
}
return(iRet);
}
public static IntPtr ApiRegGetKeySecurity(RegistryHive hive, string _sObjectname)
{
uint iRet = 0;
Logger.Log(string.Format("RegistryInteropWrapperWindows.ApiRegGetKeySecurity(_sObjectname = {0})", _sObjectname), Logger.LogLevel.Verbose);
IntPtr hKey = (IntPtr)0, phSubKey = (IntPtr)0; IntPtr hProv = (IntPtr)0;
IntPtr pSecurityDescriptor = IntPtr.Zero;
IntPtr pProcessHandle = IntPtr.Zero;
ulong lpcbSecurityDescriptor = 0;
if ((RegistryInteropWindows.RegConnectRegistry(RegistryInteropWrapperWindows.sHostName, hive, out hKey)) == 0)
{
try
{
iRet = SecurityDescriptorWrapper.ApiGetCurrentProcessHandle(
SecurityDescriptorApi.TOKEN_ALL_ACCESS,
out pProcessHandle);
iRet = (uint)RegistryInteropWindows.RegOpenKeyEx(
hKey,
_sObjectname,
0,
(uint)(RegistryApi.RegSAM.AllAccess),
out phSubKey);
SecurityDescriptorWrapper.ApiGetHandleToCSP(_sObjectname, out hProv);
if ((iRet) == 0)
{
iRet = RegistryInteropWindows.RegGetKeySecurity(phSubKey,
SecurityDescriptorApi.SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION |
SecurityDescriptorApi.SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION |
SecurityDescriptorApi.SECURITY_INFORMATION.DACL_SECURITY_INFORMATION,
//SecurityDescriptorApi.SECURITY_INFORMATION.SACL_SECURITY_INFORMATION, //Commented this since the Api is returning the Access denied error code=5
IntPtr.Zero,
ref lpcbSecurityDescriptor);
if (iRet == (uint)122) //Insufficient buffer
{
pSecurityDescriptor = Marshal.AllocHGlobal((int)lpcbSecurityDescriptor);
iRet = RegistryInteropWindows.RegGetKeySecurity(phSubKey,
SecurityDescriptorApi.SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION |
SecurityDescriptorApi.SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION |
SecurityDescriptorApi.SECURITY_INFORMATION.DACL_SECURITY_INFORMATION,
//SecurityDescriptorApi.SECURITY_INFORMATION.SACL_SECURITY_INFORMATION,
pSecurityDescriptor,
ref lpcbSecurityDescriptor);
}
SecurityDescriptor.objectType = SecurityDescriptorApi.SE_OBJECT_TYPE.SE_REGISTRY_KEY;
if (iRet != 0)
{
Logger.Log(string.Format("RegistryInteropWrapperWindows.ApiRegGetKeySecurity returns error code; " + iRet), Logger.LogLevel.Verbose);
return(IntPtr.Zero);
}
}
}
catch (Exception ex) { Logger.LogException("RegistryInteropWrapperWindows.ApiRegGetKeySecurity()", ex); }
finally
{
if ((int)phSubKey > 0)
{
// Attempt to dispose of key
RegistryInteropWindows.RegCloseKey(phSubKey);
}
if ((int)hKey > 0)
{
// Attempt to dispose of hive
RegistryInteropWindows.RegCloseKey(hKey);
}
}
}
return(pSecurityDescriptor);
}
