rsaenh: Add support for setting the security descriptor on key containers.
Hans Leidekker
hans at codeweavers.com
Mon Sep 23 03:04:34 CDT 2013
---
dlls/rsaenh/rsaenh.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++------
1 file changed, 55 insertions(+), 7 deletions(-)
diff --git a/dlls/rsaenh/rsaenh.c b/dlls/rsaenh/rsaenh.c
index df2db42..971ada5 100644
--- a/dlls/rsaenh/rsaenh.c
+++ b/dlls/rsaenh/rsaenh.c
@@ -1096,7 +1096,7 @@ static BOOL create_container_key(KEYCONTAINER *pKeyContainer, REGSAM sam, HKEY *
* dwFlags [I] Flags indicating which keyset to be opened.
* phKey [O] Returned key
*/
-static BOOL open_container_key(LPCSTR pszContainerName, DWORD dwFlags, HKEY *phKey)
+static BOOL open_container_key(LPCSTR pszContainerName, DWORD dwFlags, REGSAM access, HKEY *phKey)
{
CHAR szRSABase[MAX_PATH];
HKEY hRootKey;
@@ -1110,7 +1110,7 @@ static BOOL open_container_key(LPCSTR pszContainerName, DWORD dwFlags, HKEY *phK
/* @@ Wine registry key: HKLM\Software\Wine\Crypto\RSA */
/* @@ Wine registry key: HKCU\Software\Wine\Crypto\RSA */
- return RegOpenKeyExA(hRootKey, szRSABase, 0, KEY_READ, phKey) ==
+ return RegOpenKeyExA(hRootKey, szRSABase, 0, access, phKey) ==
ERROR_SUCCESS;
}
@@ -1380,7 +1380,7 @@ static HCRYPTPROV read_key_container(PCHAR pszContainerName, DWORD dwFlags, cons
HCRYPTPROV hKeyContainer;
HCRYPTKEY hCryptKey;
- if (!open_container_key(pszContainerName, dwFlags, &hKey))
+ if (!open_container_key(pszContainerName, dwFlags, KEY_READ, &hKey))
{
SetLastError(NTE_BAD_KEYSET);
return (HCRYPTPROV)INVALID_HANDLE_VALUE;
@@ -3769,7 +3769,7 @@ BOOL WINAPI RSAENH_CPGetProvParam(HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData,
return TRUE;
}
- if (!open_container_key("", dwFlags, &hKey))
+ if (!open_container_key("", dwFlags, KEY_READ, &hKey))
{
SetLastError(ERROR_NO_MORE_ITEMS);
return FALSE;
@@ -3841,7 +3841,7 @@ BOOL WINAPI RSAENH_CPGetProvParam(HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData,
SECURITY_DESCRIPTOR *sd;
DWORD err, len, flags = (pKeyContainer->dwFlags & CRYPT_MACHINE_KEYSET);
- if (!open_container_key(pKeyContainer->szName, flags, &hKey))
+ if (!open_container_key(pKeyContainer->szName, flags, KEY_READ, &hKey))
{
SetLastError(NTE_BAD_KEYSET);
return FALSE;
@@ -4339,8 +4339,56 @@ BOOL WINAPI RSAENH_CPSetHashParam(HCRYPTPROV hProv, HCRYPTHASH hHash, DWORD dwPa
*/
BOOL WINAPI RSAENH_CPSetProvParam(HCRYPTPROV hProv, DWORD dwParam, BYTE *pbData, DWORD dwFlags)
{
- FIXME("(stub)\n");
- return FALSE;
+ KEYCONTAINER *pKeyContainer;
+ HKEY hKey;
+
+ TRACE("(hProv=%08lx, dwParam=%08x, pbData=%p, dwFlags=%08x)\n", hProv, dwParam, pbData, dwFlags);
+
+ if (!lookup_handle(&handle_table, hProv, RSAENH_MAGIC_CONTAINER, (OBJECTHDR **)&pKeyContainer))
+ {
+ SetLastError(NTE_BAD_UID);
+ return FALSE;
+ }
+
+ switch (dwParam)
+ {
+ case PP_KEYSET_SEC_DESCR:
+ {
+ SECURITY_DESCRIPTOR *sd = (SECURITY_DESCRIPTOR *)pbData;
+ DWORD err, flags = (pKeyContainer->dwFlags & CRYPT_MACHINE_KEYSET);
+ BOOL def, present;
+ REGSAM access = WRITE_DAC | WRITE_OWNER | ACCESS_SYSTEM_SECURITY;
+ PSID owner = NULL, group = NULL;
+ PACL dacl = NULL, sacl = NULL;
+
+ if (!open_container_key(pKeyContainer->szName, flags, access, &hKey))
+ {
+ SetLastError(NTE_BAD_KEYSET);
+ return FALSE;
+ }
+
+ if ((dwFlags & OWNER_SECURITY_INFORMATION && !GetSecurityDescriptorOwner(sd, &owner, &def)) ||
+ (dwFlags & GROUP_SECURITY_INFORMATION && !GetSecurityDescriptorGroup(sd, &group, &def)) ||
+ (dwFlags & DACL_SECURITY_INFORMATION && !GetSecurityDescriptorDacl(sd, &present, &dacl, &def)) ||
+ (dwFlags & SACL_SECURITY_INFORMATION && !GetSecurityDescriptorSacl(sd, &present, &sacl, &def)))
+ {
+ RegCloseKey(hKey);
+ return FALSE;
+ }
+
+ err = SetSecurityInfo(hKey, SE_REGISTRY_KEY, dwFlags, owner, group, dacl, sacl);
+ RegCloseKey(hKey);
+ if (err)
+ {
+ SetLastError(err);
+ return FALSE;
+ }
+ return TRUE;
+ }
+ default:
+ FIXME("unimplemented parameter %08x\n", dwParam);
+ return FALSE;
+ }
}
/******************************************************************************
--
1.8.1.5
More information about the wine-patches
mailing list