//============================================================ // Loads the PKCS#11 driver and // tests if the driver loaded correctly // Returns 0 for ok otherwise error code //============================================================ int loadAndTestDriver(const char* driver, LIBHANDLE* pLibrary, CK_SLOT_ID* slotids, int slots, CK_ULONG slot) { CK_TOKEN_INFO tokinfo; CK_SLOT_INFO slotinfo; CK_ULONG idlen, i, ok; CK_RV rv; int err = ERR_OK; // initialize *pLibrary = NULL; memset(slotids, 0, sizeof(CK_SLOT_ID) * slots); // try to load the driver *pLibrary = initPKCS11Library(driver); if(!(*pLibrary)) SET_LAST_ERROR_RETURN_CODE(ERR_PKCS_LIB_LOAD); idlen = slots; rv = GetSlotIds(slotids, &idlen); ddocDebug(3, "loadAndTestDriver", "RV: %d slots: %ld", (int)rv, (long)idlen); if (rv != CKR_OK) { err = ERR_PKCS_SLOT_LIST; SET_LAST_ERROR(err); } if ((slot < 0) || (slot >= idlen)) { err = ERR_PKCS_WRONG_SLOT; SET_LAST_ERROR(err); } // it's useful to test DLL load status this way: ok = 0; for(i = 0; i < idlen; i++) { rv = GetSlotInfo(&slotinfo, slotids[i]); if(slotinfo.flags & CKF_TOKEN_PRESENT) { ddocDebug(3, "loadAndTestDriver", "Read Token: %ld", (long)i); rv = GetTokenInfo(&tokinfo, slotids[i]); // if !CKR_OK test tokinfo.label[31] = 0; ddocDebug(3, "loadAndTestDriver", "RV: %d Token: %s", (int)rv, tokinfo.label); if(rv != CKR_OK) slotids[i] = INVALID_SLOTIID; // set bad slotids to 0 else ok++; // count the good slots } else { slotids[i] = INVALID_SLOTIID; // no tokne in this slot } } // fill other slotid's with invalid slotid for(i = idlen; i < (CK_ULONG)slots; i++) slotids[i] = INVALID_SLOTIID; if(ok < slot) { err = ERR_PKCS_CARD_READ; // if not enough good slots SET_LAST_ERROR(err); } // in case of error try to unload the module and notify caller if (err) { if (*pLibrary) closePKCS11Library(*pLibrary, 0); *pLibrary = NULL; } return err; }
void CAuthDlg::FillTokenList() { m_TokenList.ResetContent(); CStringArray tokenInfo; if (!GetTokenInfo(tokenInfo)) return; for (int i = 0; i < tokenInfo.GetSize(); i++) m_TokenList.AddString(tokenInfo[i]); }
unsigned int GetProcessIntegrityLevel(HANDLE hToken) { std::vector<unsigned char> tokenIL = GetTokenInfo(hToken, TokenIntegrityLevel); if (tokenIL.size() > 0) { PTOKEN_MANDATORY_LABEL il = reinterpret_cast<PTOKEN_MANDATORY_LABEL>(&tokenIL[0]); return *GetSidSubAuthority(il->Label.Sid, 0); } else { return 0xFFFFFFFF; } }
String^ GetTokenUsername(HANDLE hToken) { std::vector<unsigned char> tokenUsername = GetTokenInfo(hToken, TokenUser); if (tokenUsername.size() > 0) { PTOKEN_USER user = reinterpret_cast<PTOKEN_USER>(&tokenUsername[0]); std::vector<wchar_t> name(MAX_NAME); std::vector<wchar_t> domain(MAX_NAME); DWORD dwNameSize = MAX_NAME; DWORD dwDomainSize = MAX_NAME; SID_NAME_USE sidNameUse; String^ ret = ""; if (LookupAccountSid(nullptr, user->User.Sid, &name[0], &dwNameSize, &domain[0], &dwDomainSize, &sidNameUse)) { ret = gcnew String(&domain[0]); ret += "\\"; ret += gcnew String(&name[0]); } else { LPWSTR lpSid; if (ConvertSidToStringSidW(user->User.Sid, &lpSid)) { ret = gcnew String(lpSid); LocalFree(lpSid); } } return ret; } return ""; }
BOOL ReadMyToken( HANDLE hMyToken) { HANDLE Token; PMYTOKEN pMyToken = (PMYTOKEN)hMyToken; Token = OpenToken(hMyToken, TOKEN_QUERY); if (Token == NULL) { DbgPrint("SECEDIT : Failed to open the token with TOKEN_QUERY access\n"); return(FALSE); } if (!GetTokenInfo(Token, TokenStatistics, (PPVOID)&(pMyToken->TokenStats))) { DbgPrint("SECEDIT : Failed to read token statistics from token\n"); } if (!GetTokenInfo(Token, TokenGroups, (PPVOID)&(pMyToken->Groups))) { DbgPrint("SECEDIT : Failed to read group info from token\n"); } if (!GetTokenInfo(Token, TokenUser, (PPVOID)&(pMyToken->UserId))) { DbgPrint("SECEDIT : Failed to read userid from token\n"); } if (!GetTokenInfo(Token, TokenOwner, (PPVOID)&(pMyToken->DefaultOwner))) { DbgPrint("SECEDIT : Failed to read default owner from token\n"); } if (!GetTokenInfo(Token, TokenPrimaryGroup, (PPVOID)&(pMyToken->PrimaryGroup))) { DbgPrint("SECEDIT : Failed to read primary group from token\n"); } if (!GetTokenInfo(Token, TokenPrivileges, (PPVOID)&(pMyToken->Privileges))) { DbgPrint("SECEDIT : Failed to read privilege info from token\n"); } CloseToken(Token); return(TRUE); }
// // Create a primary access token for specified user account // HANDLE CreateToken(LPCTSTR szUserName) { SID_IDENTIFIER_AUTHORITY nt = SECURITY_NT_AUTHORITY; SECURITY_QUALITY_OF_SERVICE sqos = { sizeof(sqos), SecurityAnonymous, SECURITY_STATIC_TRACKING, FALSE }; HANDLE hToken; PSID sid; TOKEN_USER user; LUID authid = SYSTEM_LUID; OBJECT_ATTRIBUTES oa = { sizeof(oa), 0, 0, 0, 0, &sqos }; TOKEN_SOURCE source = {{'*', '*', 'A', 'N', 'O', 'N', '*', '*'}, {0, 0}}; HANDLE hToken2 = 0; PTOKEN_STATISTICS stats; PVOID tokarr[5]; int i; DWORD status; // Get address of Nt/ZwCreateToken from NTDLL.DLL ZwCreateToken = (PVOID)GetProcAddress(GetModuleHandle("ntdll.dll"), "ZwCreateToken"); RtlNtStatusToDosError = (PVOID)GetProcAddress(GetModuleHandle("ntdll.dll"), "RtlNtStatusToDosError"); if(ZwCreateToken == 0 || RtlNtStatusToDosError == 0) return 0; // Must have SeCreateToken privilege if(!EnablePrivilege(SE_CREATE_TOKEN_NAME, TRUE)){ DBG("EnablePrivilege failed\n"); } // Use an existing process token as our basic for a new token if(!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_QUERY_SOURCE, &hToken)) return 0; // Convert username to a SID if((sid = GetUserSid(szUserName)) == 0) { CloseHandle(hToken); return 0; } user.User.Attributes = 0; user.User.Sid = sid; if(!AllocateLocallyUniqueId(&source.SourceIdentifier)) { free(sid); CloseHandle(hToken); return 0; } if(!GetTokenInfo(hToken, TokenStatistics, &stats)) { free(sid); CloseHandle(hToken); return 0; } // // Undocumented ZwCreateToken service: will not work for us // under WIN2003, will need to do this from WINLOGON process in future? // status = ZwCreateToken(&hToken2, TOKEN_ALL_ACCESS, &oa, TokenPrimary, (PLUID)&authid, (PLARGE_INTEGER)&stats->ExpirationTime, &user, (PTOKEN_GROUPS) GetTokenInfo(hToken, TokenGroups, &tokarr[0]), (PTOKEN_PRIVILEGES) GetTokenInfo(hToken, TokenPrivileges, &tokarr[1]), (PTOKEN_OWNER) GetTokenInfo(hToken, TokenOwner, &tokarr[2]), (PTOKEN_PRIMARY_GROUP) GetTokenInfo(hToken, TokenPrimaryGroup, &tokarr[3]), (PTOKEN_DEFAULT_DACL) GetTokenInfo(hToken, TokenDefaultDacl, &tokarr[4]), &source); for(i = 0; i < 5; i++) free(tokarr[i]); free(stats); free(sid); CloseHandle(hToken); SetLastError(RtlNtStatusToDosError(status)); return hToken2; }
BOOL GetOnePidFromSession(DWORD& dwPid, DWORD dwSessionId) { HANDLE hProcessSnap = NULL; HANDLE hProcess = NULL; HANDLE hToken = NULL; BOOL bRetCode = FALSE; PROCESSENTRY32 pe32 = {0}; // DWORD dwActiveSessionId = 0; DWORD dwProcessSessionId = 0; PVOID pTokenUserBuf = NULL; DWORD size = 0; // 得到 active session id 先 //if ( ! GetActiveSessionID(dwActiveSessionId) ) //{ // return FALSE; //} hProcessSnap = ::CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if (hProcessSnap == INVALID_HANDLE_VALUE) { return FALSE; } pe32.dwSize = sizeof(PROCESSENTRY32); if (::Process32First(hProcessSnap, &pe32)) { do { if (hProcess != NULL) { ::CloseHandle(hProcess); hProcess = NULL; } if (hToken != NULL) { ::CloseHandle(hToken); hToken = NULL; } // 不是explorer.exe进程就直接 continue if (0 != _tcsicmp(pe32.szExeFile, _T("explorer.exe"))) continue; // 找到一个PID, whoes session id is identical with the active session id if (FALSE == ::ProcessIdToSessionId(pe32.th32ProcessID, &dwProcessSessionId) || dwProcessSessionId != dwSessionId ) continue; // 打开进程并且成功得到了token名柄 if (NULL == (hProcess = ::OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, pe32.th32ProcessID))) continue; if (FALSE == ::OpenProcessToken(hProcess, TOKEN_ALL_ACCESS, &hToken)) continue; pTokenUserBuf = NULL; size = 0; // 成功检索到token的信息 if (FALSE == GetTokenInfo(hToken, TokenUser, &pTokenUserBuf, &size)) continue; // 从token里拿到sid // 这个进程的用户不是system时才中止 if (!IsSystemUserSid(((PTOKEN_USER)pTokenUserBuf)->User.Sid)) { dwPid = pe32.th32ProcessID; bRetCode = TRUE; FreeTokenInfo(pTokenUserBuf); pTokenUserBuf = NULL; break; } FreeTokenInfo(pTokenUserBuf); pTokenUserBuf = NULL; }while (::Process32Next(hProcessSnap, &pe32)); } if (hProcess != NULL) { ::CloseHandle(hProcess); hProcess = NULL; } if (hToken != NULL) { ::CloseHandle(hToken); hToken = NULL; } if (hProcessSnap != INVALID_HANDLE_VALUE) { ::CloseHandle(hProcessSnap); } return (bRetCode); }
BOOL EditDefaultDacl( HWND hwndOwner, HANDLE Instance, HANDLE MyToken ) { NTSTATUS Status; BOOL Success = FALSE; DWORD EditResult; HANDLE Token = NULL; PTOKEN_DEFAULT_DACL DefaultDacl = NULL; PSECURITY_DESCRIPTOR SecurityDescriptor = NULL; PTOKEN_OWNER Owner = NULL; PTOKEN_PRIMARY_GROUP PrimaryGroup = NULL; WCHAR string[MAX_STRING_LENGTH]; // // Get the window text so we can use it as the token name // GetWindowTextW(((PMYTOKEN)MyToken)->hwnd, string, sizeof(string)/sizeof(*string)); // // Get a handle to the token // Token = OpenToken(MyToken, TOKEN_QUERY); if (Token == NULL) { DbgPrint("SECEDIT : Failed to open the token with TOKEN_QUERY access\n"); goto CleanupAndExit; } // // Read the default DACL from the token // if (!GetTokenInfo(Token, TokenDefaultDacl, (PPVOID)&DefaultDacl)) { DbgPrint("SECEDIT : Failed to read default DACL from token\n"); goto CleanupAndExit; } // // Get the owner and group of the token // if (!GetTokenInfo(Token, TokenOwner, (PPVOID)&Owner)) { DbgPrint("SECEDIT : Failed to read owner from token\n"); goto CleanupAndExit; } if (!GetTokenInfo(Token, TokenPrimaryGroup, (PPVOID)&PrimaryGroup)) { DbgPrint("SECEDIT : Failed to read primary group from token\n"); goto CleanupAndExit; } // // Create a security descriptor // SecurityDescriptor = Alloc(SECURITY_DESCRIPTOR_MIN_LENGTH); if (SecurityDescriptor == NULL) { DbgPrint("SECEDIT : Failed to allocate security descriptor\n"); goto CleanupAndExit; } Status = RtlCreateSecurityDescriptor(SecurityDescriptor, SECURITY_DESCRIPTOR_REVISION); ASSERT(NT_SUCCESS(Status)); // // Set the DACL on the security descriptor // Status = RtlSetDaclSecurityDescriptor( SecurityDescriptor, TRUE, // DACL present DefaultDacl->DefaultDacl, FALSE // DACL defaulted ); ASSERT(NT_SUCCESS(Status)); // // Put the owner and group in the security descriptor to keep the // ACL editor happy // Status = RtlSetOwnerSecurityDescriptor( SecurityDescriptor, Owner->Owner, FALSE // Owner defaulted ); ASSERT(NT_SUCCESS(Status)); Status = RtlSetGroupSecurityDescriptor( SecurityDescriptor, PrimaryGroup->PrimaryGroup, FALSE // Owner defaulted ); ASSERT(NT_SUCCESS(Status)); ASSERT(RtlValidSecurityDescriptor(SecurityDescriptor)); // // Call the ACL editor, it will call our ApplySecurity function // to store any ACL changes in the token. // Success = EditTokenDefaultAcl( hwndOwner, Instance, string, MyToken, SecurityDescriptor, &EditResult ); if (!Success) { DbgPrint("SECEDIT: Failed to edit token DACL\n"); } CleanupAndExit: if (DefaultDacl != NULL) { FreeTokenInfo(DefaultDacl); } if (SecurityDescriptor != NULL) { FreeTokenInfo(SecurityDescriptor); } if (PrimaryGroup != NULL) { FreeTokenInfo(PrimaryGroup); } if (Owner != NULL) { FreeTokenInfo(Owner); } if (Token != NULL) { CloseToken(Token); } return(Success); }