/// <summary>
/// Derive a package sid from a name.
/// </summary>
/// <param name="name">The name of the package.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The derived Sid</returns>
public static NtResult <Sid> DerivePackageSidFromName(string name, bool throw_on_error)
{
int hr = Win32NativeMethods.DeriveAppContainerSidFromAppContainerName(name, out SafeSidBufferHandle sid);
if (hr == 0)
{
using (sid)
{
Sid result = new Sid(sid);
NtSecurity.CacheSidName(result, name, SidNameSource.Package);
return(result.CreateResult());
}
}
return(((NtStatus)hr).CreateResultFromError <Sid>(throw_on_error));
}
/// <summary>
/// Derive a restricted package sid from an existing pacakge sid.
/// </summary>
/// <param name="package_sid">The base package sid.</param>
/// <param name="restricted_name">The restricted name for the sid.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The derived Sid.</returns>
public static NtResult <Sid> DeriveRestrictedPackageSidFromSid(Sid package_sid, string restricted_name, bool throw_on_error)
{
using (var sid_buf = package_sid.ToSafeBuffer()) {
int hr = Win32NativeMethods.DeriveRestrictedAppContainerSidFromAppContainerSidAndRestrictedName(sid_buf,
restricted_name, out SafeSidBufferHandle sid);
if (hr == 0)
{
using (sid) {
Sid result = new Sid(sid);
NtSecurity.CacheSidName(result, string.Empty, $"{package_sid.Name}/{restricted_name}",
SidNameSource.Package, SidNameUse.User);
return(result.CreateResult());
}
}
return(((NtStatus)hr).CreateResultFromError <Sid>(throw_on_error));
}
}
