search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ntdll: Implement stack unwinding for x86_64 builtin modules based on the Dwarf data.
[wine.git] / dlls / advapi32 / cred.c
blob0fb36e6e1fbde4bad6ab2242a11c2e7577a44e90
1 /*
2 * Credential Management APIs
3 *
4 * Copyright 2007 Robert Shearman for CodeWeavers
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 */
20
21 #include <stdarg.h>
22 #include <time.h>
23
24 #include "windef.h"
25 #include "winbase.h"
26 #include "winreg.h"
27 #include "wincred.h"
28 #include "winternl.h"
29
30 #ifdef __APPLE__
31 # include <Security/SecKeychain.h>
32 # include <Security/SecKeychainItem.h>
33 # include <Security/SecKeychainSearch.h>
34 #endif
35
36 #include "crypt.h"
37
38 #include "wine/unicode.h"
39 #include "wine/debug.h"
40
41 WINE_DEFAULT_DEBUG_CHANNEL(cred);
42
43 /* the size of the ARC4 key used to encrypt the password data */
44 #define KEY_SIZE 8
45
46 static const WCHAR wszCredentialManagerKey[] = {'S','o','f','t','w','a','r','e','\\','W','i','n','e','\\',
47 'C','r','e','d','e','n','t','i','a','l',' ','M','a','n','a','g','e','r',0};
48 static const WCHAR wszEncryptionKeyValue[] = {'E','n','c','r','y','p','t','i','o','n','K','e','y',0};
49
50 static const WCHAR wszFlagsValue[] = {'F','l','a','g','s',0};
51 static const WCHAR wszTypeValue[] = {'T','y','p','e',0};
52 static const WCHAR wszCommentValue[] = {'C','o','m','m','e','n','t',0};
53 static const WCHAR wszLastWrittenValue[] = {'L','a','s','t','W','r','i','t','t','e','n',0};
54 static const WCHAR wszPersistValue[] = {'P','e','r','s','i','s','t',0};
55 static const WCHAR wszTargetAliasValue[] = {'T','a','r','g','e','t','A','l','i','a','s',0};
56 static const WCHAR wszUserNameValue[] = {'U','s','e','r','N','a','m','e',0};
57 static const WCHAR wszPasswordValue[] = {'P','a','s','s','w','o','r','d',0};
58
59 static DWORD read_credential_blob(HKEY hkey, const BYTE key_data[KEY_SIZE],
60 LPBYTE credential_blob,
61 DWORD *credential_blob_size)
62 {
63 DWORD ret;
64 DWORD type;
65
66 *credential_blob_size = 0;
67 ret = RegQueryValueExW(hkey, wszPasswordValue, 0, &type, NULL, credential_blob_size);
68 if (ret != ERROR_SUCCESS)
69 return ret;
70 else if (type != REG_BINARY)
71 return ERROR_REGISTRY_CORRUPT;
72 if (credential_blob)
73 {
74 struct ustring data;
75 struct ustring key;
76
77 ret = RegQueryValueExW(hkey, wszPasswordValue, 0, &type, credential_blob,
78 credential_blob_size);
79 if (ret != ERROR_SUCCESS)
80 return ret;
81 else if (type != REG_BINARY)
82 return ERROR_REGISTRY_CORRUPT;
83
84 key.Length = key.MaximumLength = KEY_SIZE;
85 key.Buffer = (unsigned char *)key_data;
86
87 data.Length = data.MaximumLength = *credential_blob_size;
88 data.Buffer = credential_blob;
89 SystemFunction032(&data, &key);
90 }
91 return ERROR_SUCCESS;
92 }
93
94 static DWORD registry_read_credential(HKEY hkey, PCREDENTIALW credential,
95 const BYTE key_data[KEY_SIZE],
96 char *buffer, DWORD *len)
97 {
98 DWORD type;
99 DWORD ret;
100 DWORD count;
101
102 ret = RegQueryValueExW(hkey, NULL, 0, &type, NULL, &count);
103 if (ret != ERROR_SUCCESS)
104 return ret;
105 else if (type != REG_SZ)
106 return ERROR_REGISTRY_CORRUPT;
107 *len += count;
108 if (credential)
109 {
110 credential->TargetName = (LPWSTR)buffer;
111 ret = RegQueryValueExW(hkey, NULL, 0, &type, (LPVOID)credential->TargetName,
112 &count);
113 if (ret != ERROR_SUCCESS || type != REG_SZ) return ret;
114 buffer += count;
115 }
116
117 ret = RegQueryValueExW(hkey, wszCommentValue, 0, &type, NULL, &count);
118 if (ret != ERROR_FILE_NOT_FOUND && ret != ERROR_SUCCESS)
119 return ret;
120 else if (type != REG_SZ)
121 return ERROR_REGISTRY_CORRUPT;
122 *len += count;
123 if (credential)
124 {
125 credential->Comment = (LPWSTR)buffer;
126 ret = RegQueryValueExW(hkey, wszCommentValue, 0, &type, (LPVOID)credential->Comment,
127 &count);
128 if (ret == ERROR_FILE_NOT_FOUND)
129 credential->Comment = NULL;
130 else if (ret != ERROR_SUCCESS)
131 return ret;
132 else if (type != REG_SZ)
133 return ERROR_REGISTRY_CORRUPT;
134 else
135 buffer += count;
136 }
137
138 ret = RegQueryValueExW(hkey, wszTargetAliasValue, 0, &type, NULL, &count);
139 if (ret != ERROR_FILE_NOT_FOUND && ret != ERROR_SUCCESS)
140 return ret;
141 else if (type != REG_SZ)
142 return ERROR_REGISTRY_CORRUPT;
143 *len += count;
144 if (credential)
145 {
146 credential->TargetAlias = (LPWSTR)buffer;
147 ret = RegQueryValueExW(hkey, wszTargetAliasValue, 0, &type, (LPVOID)credential->TargetAlias,
148 &count);
149 if (ret == ERROR_FILE_NOT_FOUND)
150 credential->TargetAlias = NULL;
151 else if (ret != ERROR_SUCCESS)
152 return ret;
153 else if (type != REG_SZ)
154 return ERROR_REGISTRY_CORRUPT;
155 else
156 buffer += count;
157 }
158
159 ret = RegQueryValueExW(hkey, wszUserNameValue, 0, &type, NULL, &count);
160 if (ret != ERROR_FILE_NOT_FOUND && ret != ERROR_SUCCESS)
161 return ret;
162 else if (type != REG_SZ)
163 return ERROR_REGISTRY_CORRUPT;
164 *len += count;
165 if (credential)
166 {
167 credential->UserName = (LPWSTR)buffer;
168 ret = RegQueryValueExW(hkey, wszUserNameValue, 0, &type, (LPVOID)credential->UserName,
169 &count);
170 if (ret == ERROR_FILE_NOT_FOUND)
171 credential->UserName = NULL;
172 else if (ret != ERROR_SUCCESS)
173 return ret;
174 else if (type != REG_SZ)
175 return ERROR_REGISTRY_CORRUPT;
176 else
177 buffer += count;
178 }
179
180 ret = read_credential_blob(hkey, key_data, NULL, &count);
181 if (ret != ERROR_FILE_NOT_FOUND && ret != ERROR_SUCCESS)
182 return ret;
183 *len += count;
184 if (credential)
185 {
186 credential->CredentialBlob = (LPBYTE)buffer;
187 ret = read_credential_blob(hkey, key_data, credential->CredentialBlob, &count);
188 if (ret == ERROR_FILE_NOT_FOUND)
189 credential->CredentialBlob = NULL;
190 else if (ret != ERROR_SUCCESS)
191 return ret;
192 credential->CredentialBlobSize = count;
193 buffer += count;
194 }
195
196 /* FIXME: Attributes */
197 if (credential)
198 {
199 credential->AttributeCount = 0;
200 credential->Attributes = NULL;
201 }
202
203 if (!credential) return ERROR_SUCCESS;
204
205 count = sizeof(credential->Flags);
206 ret = RegQueryValueExW(hkey, wszFlagsValue, NULL, &type, (LPVOID)&credential->Flags,
207 &count);
208 if (ret != ERROR_SUCCESS)
209 return ret;
210 else if (type != REG_DWORD)
211 return ERROR_REGISTRY_CORRUPT;
212 count = sizeof(credential->Type);
213 ret = RegQueryValueExW(hkey, wszTypeValue, NULL, &type, (LPVOID)&credential->Type,
214 &count);
215 if (ret != ERROR_SUCCESS)
216 return ret;
217 else if (type != REG_DWORD)
218 return ERROR_REGISTRY_CORRUPT;
219
220 count = sizeof(credential->LastWritten);
221 ret = RegQueryValueExW(hkey, wszLastWrittenValue, NULL, &type, (LPVOID)&credential->LastWritten,
222 &count);
223 if (ret != ERROR_SUCCESS)
224 return ret;
225 else if (type != REG_BINARY)
226 return ERROR_REGISTRY_CORRUPT;
227 count = sizeof(credential->Persist);
228 ret = RegQueryValueExW(hkey, wszPersistValue, NULL, &type, (LPVOID)&credential->Persist,
229 &count);
230 if (ret == ERROR_SUCCESS && type != REG_DWORD)
231 return ERROR_REGISTRY_CORRUPT;
232 return ret;
233 }
234
235 #ifdef __APPLE__
236 static DWORD mac_read_credential_from_item(SecKeychainItemRef item, BOOL require_password,
237 PCREDENTIALW credential, char *buffer,
238 DWORD *len)
239 {
240 OSStatus status;
241 UInt32 i;
242 UInt32 cred_blob_len;
243 void *cred_blob;
244 LPWSTR domain = NULL;
245 LPWSTR user = NULL;
246 BOOL user_name_present = FALSE;
247 SecKeychainAttributeInfo info;
248 SecKeychainAttributeList *attr_list;
249 UInt32 info_tags[] = { kSecServerItemAttr, kSecSecurityDomainItemAttr, kSecAccountItemAttr,
250 kSecCommentItemAttr, kSecCreationDateItemAttr };
251 info.count = sizeof(info_tags)/sizeof(info_tags[0]);
252 info.tag = info_tags;
253 info.format = NULL;
254 status = SecKeychainItemCopyAttributesAndData(item, &info, NULL, &attr_list, &cred_blob_len, &cred_blob);
255 if (status == errSecAuthFailed && !require_password)
256 {
257 cred_blob_len = 0;
258 cred_blob = NULL;
259 status = SecKeychainItemCopyAttributesAndData(item, &info, NULL, &attr_list, &cred_blob_len, NULL);
260 }
261 if (status != noErr)
262 {
263 WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status);
264 return ERROR_NOT_FOUND;
265 }
266
267 for (i = 0; i < attr_list->count; i++)
268 if (attr_list->attr[i].tag == kSecAccountItemAttr && attr_list->attr[i].data)
269 {
270 user_name_present = TRUE;
271 break;
272 }
273 if (!user_name_present)
274 {
275 WARN("no kSecAccountItemAttr for item\n");
276 return ERROR_NOT_FOUND;
277 }
278
279 if (buffer)
280 {
281 credential->Flags = 0;
282 credential->Type = CRED_TYPE_DOMAIN_PASSWORD;
283 credential->TargetName = NULL;
284 credential->Comment = NULL;
285 memset(&credential->LastWritten, 0, sizeof(credential->LastWritten));
286 credential->CredentialBlobSize = 0;
287 credential->CredentialBlob = NULL;
288 credential->Persist = CRED_PERSIST_LOCAL_MACHINE;
289 credential->AttributeCount = 0;
290 credential->Attributes = NULL;
291 credential->TargetAlias = NULL;
292 credential->UserName = NULL;
293 }
294 for (i = 0; i < attr_list->count; i++)
295 {
296 switch (attr_list->attr[i].tag)
297 {
298 case kSecServerItemAttr:
299 TRACE("kSecServerItemAttr: %.*s\n", (int)attr_list->attr[i].length,
300 (char *)attr_list->attr[i].data);
301 if (!attr_list->attr[i].data) continue;
302 if (buffer)
303 {
304 INT str_len;
305 credential->TargetName = (LPWSTR)buffer;
306 str_len = MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[i].data,
307 attr_list->attr[i].length, (LPWSTR)buffer, 0xffff);
308 credential->TargetName[str_len] = '\0';
309 buffer += (str_len + 1) * sizeof(WCHAR);
310 *len += (str_len + 1) * sizeof(WCHAR);
311 }
312 else
313 {
314 INT str_len;
315 str_len = MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[i].data,
316 attr_list->attr[i].length, NULL, 0);
317 *len += (str_len + 1) * sizeof(WCHAR);
318 }
319 break;
320 case kSecAccountItemAttr:
321 {
322 INT str_len;
323 TRACE("kSecAccountItemAttr: %.*s\n", (int)attr_list->attr[i].length,
324 (char *)attr_list->attr[i].data);
325 if (!attr_list->attr[i].data) continue;
326 str_len = MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[i].data,
327 attr_list->attr[i].length, NULL, 0);
328 user = HeapAlloc(GetProcessHeap(), 0, (str_len + 1) * sizeof(WCHAR));
329 MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[i].data,
330 attr_list->attr[i].length, user, str_len);
331 user[str_len] = '\0';
332 break;
333 }
334 case kSecCommentItemAttr:
335 TRACE("kSecCommentItemAttr: %.*s\n", (int)attr_list->attr[i].length,
336 (char *)attr_list->attr[i].data);
337 if (!attr_list->attr[i].data) continue;
338 if (buffer)
339 {
340 INT str_len;
341 credential->Comment = (LPWSTR)buffer;
342 str_len = MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[i].data,
343 attr_list->attr[i].length, (LPWSTR)buffer, 0xffff);
344 credential->Comment[str_len] = '\0';
345 buffer += (str_len + 1) * sizeof(WCHAR);
346 *len += (str_len + 1) * sizeof(WCHAR);
347 }
348 else
349 {
350 INT str_len;
351 str_len = MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[i].data,
352 attr_list->attr[i].length, NULL, 0);
353 *len += (str_len + 1) * sizeof(WCHAR);
354 }
355 break;
356 case kSecSecurityDomainItemAttr:
357 {
358 INT str_len;
359 TRACE("kSecSecurityDomainItemAttr: %.*s\n", (int)attr_list->attr[i].length,
360 (char *)attr_list->attr[i].data);
361 if (!attr_list->attr[i].data) continue;
362 str_len = MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[i].data,
363 attr_list->attr[i].length, NULL, 0);
364 domain = HeapAlloc(GetProcessHeap(), 0, (str_len + 1) * sizeof(WCHAR));
365 MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[i].data,
366 attr_list->attr[i].length, domain, str_len);
367 domain[str_len] = '\0';
368 break;
369 }
370 case kSecCreationDateItemAttr:
371 TRACE("kSecCreationDateItemAttr: %.*s\n", (int)attr_list->attr[i].length,
372 (char *)attr_list->attr[i].data);
373 if (buffer)
374 {
375 LARGE_INTEGER win_time;
376 struct tm tm;
377 time_t time;
378 memset(&tm, 0, sizeof(tm));
379 strptime(attr_list->attr[i].data, "%Y%m%d%H%M%SZ", &tm);
380 time = mktime(&tm);
381 RtlSecondsSince1970ToTime(time, &win_time);
382 credential->LastWritten.dwLowDateTime = win_time.u.LowPart;
383 credential->LastWritten.dwHighDateTime = win_time.u.HighPart;
384 }
385 break;
386 }
387 }
388
389 if (user)
390 {
391 INT str_len;
392 if (buffer)
393 credential->UserName = (LPWSTR)buffer;
394 if (domain)
395 {
396 str_len = strlenW(domain);
397 *len += (str_len + 1) * sizeof(WCHAR);
398 if (buffer)
399 {
400 memcpy(credential->UserName, domain, str_len * sizeof(WCHAR));
401 /* FIXME: figure out when to use an '@' */
402 credential->UserName[str_len] = '\\';
403 buffer += (str_len + 1) * sizeof(WCHAR);
404 }
405 }
406 str_len = strlenW(user);
407 *len += (str_len + 1) * sizeof(WCHAR);
408 if (buffer)
409 {
410 memcpy(buffer, user, (str_len + 1) * sizeof(WCHAR));
411 buffer += (str_len + 1) * sizeof(WCHAR);
412 TRACE("UserName = %s\n", debugstr_w(credential->UserName));
413 }
414 }
415 HeapFree(GetProcessHeap(), 0, user);
416 HeapFree(GetProcessHeap(), 0, domain);
417
418 if (cred_blob)
419 {
420 if (buffer)
421 {
422 INT str_len;
423 credential->CredentialBlob = (BYTE *)buffer;
424 str_len = MultiByteToWideChar(CP_UTF8, 0, cred_blob, cred_blob_len,
425 (LPWSTR)buffer, 0xffff);
426 credential->CredentialBlobSize = str_len * sizeof(WCHAR);
427 buffer += str_len * sizeof(WCHAR);
428 *len += str_len * sizeof(WCHAR);
429 }
430 else
431 {
432 INT str_len;
433 str_len = MultiByteToWideChar(CP_UTF8, 0, cred_blob, cred_blob_len,
434 NULL, 0);
435 *len += str_len * sizeof(WCHAR);
436 }
437 }
438 SecKeychainItemFreeAttributesAndData(attr_list, cred_blob);
439 return ERROR_SUCCESS;
440 }
441 #endif
442
443 static DWORD write_credential_blob(HKEY hkey, LPCWSTR target_name, DWORD type,
444 const BYTE key_data[KEY_SIZE],
445 const BYTE *credential_blob, DWORD credential_blob_size)
446 {
447 LPBYTE encrypted_credential_blob;
448 struct ustring data;
449 struct ustring key;
450 DWORD ret;
451
452 key.Length = key.MaximumLength = KEY_SIZE;
453 key.Buffer = (unsigned char *)key_data;
454
455 encrypted_credential_blob = HeapAlloc(GetProcessHeap(), 0, credential_blob_size);
456 if (!encrypted_credential_blob) return ERROR_OUTOFMEMORY;
457
458 memcpy(encrypted_credential_blob, credential_blob, credential_blob_size);
459 data.Length = data.MaximumLength = credential_blob_size;
460 data.Buffer = encrypted_credential_blob;
461 SystemFunction032(&data, &key);
462
463 ret = RegSetValueExW(hkey, wszPasswordValue, 0, REG_BINARY, encrypted_credential_blob, credential_blob_size);
464 HeapFree(GetProcessHeap(), 0, encrypted_credential_blob);
465
466 return ret;
467 }
468
469 static DWORD registry_write_credential(HKEY hkey, const CREDENTIALW *credential,
470 const BYTE key_data[KEY_SIZE], BOOL preserve_blob)
471 {
472 DWORD ret;
473 FILETIME LastWritten;
474
475 GetSystemTimeAsFileTime(&LastWritten);
476
477 ret = RegSetValueExW(hkey, wszFlagsValue, 0, REG_DWORD, (LPVOID)&credential->Flags,
478 sizeof(credential->Flags));
479 if (ret != ERROR_SUCCESS) return ret;
480 ret = RegSetValueExW(hkey, wszTypeValue, 0, REG_DWORD, (LPVOID)&credential->Type,
481 sizeof(credential->Type));
482 if (ret != ERROR_SUCCESS) return ret;
483 ret = RegSetValueExW(hkey, NULL, 0, REG_SZ, (LPVOID)credential->TargetName,
484 sizeof(WCHAR)*(strlenW(credential->TargetName)+1));
485 if (ret != ERROR_SUCCESS) return ret;
486 if (credential->Comment)
487 {
488 ret = RegSetValueExW(hkey, wszCommentValue, 0, REG_SZ, (LPVOID)credential->Comment,
489 sizeof(WCHAR)*(strlenW(credential->Comment)+1));
490 if (ret != ERROR_SUCCESS) return ret;
491 }
492 ret = RegSetValueExW(hkey, wszLastWrittenValue, 0, REG_BINARY, (LPVOID)&LastWritten,
493 sizeof(LastWritten));
494 if (ret != ERROR_SUCCESS) return ret;
495 ret = RegSetValueExW(hkey, wszPersistValue, 0, REG_DWORD, (LPVOID)&credential->Persist,
496 sizeof(credential->Persist));
497 if (ret != ERROR_SUCCESS) return ret;
498 /* FIXME: Attributes */
499 if (credential->TargetAlias)
500 {
501 ret = RegSetValueExW(hkey, wszTargetAliasValue, 0, REG_SZ, (LPVOID)credential->TargetAlias,
502 sizeof(WCHAR)*(strlenW(credential->TargetAlias)+1));
503 if (ret != ERROR_SUCCESS) return ret;
504 }
505 if (credential->UserName)
506 {
507 ret = RegSetValueExW(hkey, wszUserNameValue, 0, REG_SZ, (LPVOID)credential->UserName,
508 sizeof(WCHAR)*(strlenW(credential->UserName)+1));
509 if (ret != ERROR_SUCCESS) return ret;
510 }
511 if (!preserve_blob)
512 {
513 ret = write_credential_blob(hkey, credential->TargetName, credential->Type,
514 key_data, credential->CredentialBlob,
515 credential->CredentialBlobSize);
516 }
517 return ret;
518 }
519
520 #ifdef __APPLE__
521 static DWORD mac_write_credential(const CREDENTIALW *credential, BOOL preserve_blob)
522 {
523 OSStatus status;
524 SecKeychainItemRef keychain_item;
525 char *username;
526 char *domain = NULL;
527 char *password;
528 char *servername;
529 UInt32 userlen;
530 UInt32 domainlen = 0;
531 UInt32 pwlen;
532 UInt32 serverlen;
533 LPCWSTR p;
534 SecKeychainAttribute attrs[1];
535 SecKeychainAttributeList attr_list;
536
537 if (credential->Flags)
538 FIXME("Flags 0x%x not written\n", credential->Flags);
539 if (credential->Type != CRED_TYPE_DOMAIN_PASSWORD)
540 FIXME("credential type of %d not supported\n", credential->Type);
541 if (credential->Persist != CRED_PERSIST_LOCAL_MACHINE)
542 FIXME("persist value of %d not supported\n", credential->Persist);
543 if (credential->AttributeCount)
544 FIXME("custom attributes not supported\n");
545
546 p = strchrW(credential->UserName, '\\');
547 if (p)
548 {
549 domainlen = WideCharToMultiByte(CP_UTF8, 0, credential->UserName,
550 p - credential->UserName, NULL, 0, NULL, NULL);
551 domain = HeapAlloc(GetProcessHeap(), 0, (domainlen + 1) * sizeof(*domain));
552 WideCharToMultiByte(CP_UTF8, 0, credential->UserName, p - credential->UserName,
553 domain, domainlen, NULL, NULL);
554 domain[domainlen] = '\0';
555 p++;
556 }
557 else
558 p = credential->UserName;
559 userlen = WideCharToMultiByte(CP_UTF8, 0, p, -1, NULL, 0, NULL, NULL);
560 username = HeapAlloc(GetProcessHeap(), 0, userlen * sizeof(*username));
561 WideCharToMultiByte(CP_UTF8, 0, p, -1, username, userlen, NULL, NULL);
562
563 serverlen = WideCharToMultiByte(CP_UTF8, 0, credential->TargetName, -1, NULL, 0, NULL, NULL);
564 servername = HeapAlloc(GetProcessHeap(), 0, serverlen * sizeof(*servername));
565 WideCharToMultiByte(CP_UTF8, 0, credential->TargetName, -1, servername, serverlen, NULL, NULL);
566 pwlen = WideCharToMultiByte(CP_UTF8, 0, (LPCWSTR)credential->CredentialBlob,
567 credential->CredentialBlobSize / sizeof(WCHAR), NULL, 0, NULL, NULL);
568 password = HeapAlloc(GetProcessHeap(), 0, pwlen * sizeof(*domain));
569 WideCharToMultiByte(CP_UTF8, 0, (LPCWSTR)credential->CredentialBlob,
570 credential->CredentialBlobSize / sizeof(WCHAR), password, pwlen, NULL, NULL);
571
572 TRACE("adding server %s, domain %s, username %s using Keychain\n", servername, domain, username);
573 status = SecKeychainAddInternetPassword(NULL, strlen(servername), servername,
574 strlen(domain), domain, strlen(username),
575 username, 0, NULL, 0,
576 0 /* no protocol */,
577 kSecAuthenticationTypeDefault,
578 strlen(password), password, &keychain_item);
579 if (status != noErr)
580 ERR("SecKeychainAddInternetPassword returned %ld\n", status);
581 if (status == errSecDuplicateItem)
582 {
583 SecKeychainItemRef keychain_item;
584
585 status = SecKeychainFindInternetPassword(NULL, strlen(servername), servername,
586 strlen(domain), domain,
587 strlen(username), username,
588 0, NULL /* any path */, 0,
589 0 /* any protocol */,
590 0 /* any authentication type */,
591 0, NULL, &keychain_item);
592 if (status != noErr)
593 ERR("SecKeychainFindInternetPassword returned %ld\n", status);
594 }
595 HeapFree(GetProcessHeap(), 0, domain);
596 HeapFree(GetProcessHeap(), 0, username);
597 HeapFree(GetProcessHeap(), 0, servername);
598 if (status != noErr)
599 {
600 HeapFree(GetProcessHeap(), 0, password);
601 return ERROR_GEN_FAILURE;
602 }
603 if (credential->Comment)
604 {
605 attr_list.count = 1;
606 attr_list.attr = attrs;
607 attrs[0].tag = kSecCommentItemAttr;
608 attrs[0].length = WideCharToMultiByte(CP_UTF8, 0, credential->Comment, -1, NULL, 0, NULL, NULL);
609 if (attrs[0].length) attrs[0].length--;
610 attrs[0].data = HeapAlloc(GetProcessHeap(), 0, attrs[0].length);
611 WideCharToMultiByte(CP_UTF8, 0, credential->Comment, -1, attrs[0].data, attrs[0].length, NULL, NULL);
612 }
613 else
614 {
615 attr_list.count = 0;
616 attr_list.attr = NULL;
617 }
618 status = SecKeychainItemModifyAttributesAndData(keychain_item, &attr_list,
619 preserve_blob ? 0 : strlen(password),
620 preserve_blob ? NULL : password);
621 if (credential->Comment)
622 HeapFree(GetProcessHeap(), 0, attrs[0].data);
623 HeapFree(GetProcessHeap(), 0, password);
624 /* FIXME: set TargetAlias attribute */
625 CFRelease(keychain_item);
626 return ERROR_SUCCESS;
627 }
628 #endif
629
630 static DWORD open_cred_mgr_key(HKEY *hkey, BOOL open_for_write)
631 {
632 return RegCreateKeyExW(HKEY_CURRENT_USER, wszCredentialManagerKey, 0,
633 NULL, REG_OPTION_NON_VOLATILE,
634 KEY_READ | (open_for_write ? KEY_WRITE : 0), NULL, hkey, NULL);
635 }
636
637 static DWORD get_cred_mgr_encryption_key(HKEY hkeyMgr, BYTE key_data[KEY_SIZE])
638 {
639 static const BYTE my_key_data[KEY_SIZE] = { 0 };
640 DWORD type;
641 DWORD count;
642 FILETIME ft;
643 ULONG seed;
644 ULONG value;
645 DWORD ret;
646
647 memcpy(key_data, my_key_data, KEY_SIZE);
648
649 count = KEY_SIZE;
650 ret = RegQueryValueExW(hkeyMgr, wszEncryptionKeyValue, NULL, &type, key_data,
651 &count);
652 if (ret == ERROR_SUCCESS)
653 {
654 if (type != REG_BINARY)
655 return ERROR_REGISTRY_CORRUPT;
656 else
657 return ERROR_SUCCESS;
658 }
659 if (ret != ERROR_FILE_NOT_FOUND)
660 return ret;
661
662 GetSystemTimeAsFileTime(&ft);
663 seed = ft.dwLowDateTime;
664 value = RtlUniform(&seed);
665 *(DWORD *)key_data = value;
666 seed = ft.dwHighDateTime;
667 value = RtlUniform(&seed);
668 *(DWORD *)(key_data + 4) = value;
669
670 ret = RegSetValueExW(hkeyMgr, wszEncryptionKeyValue, 0, REG_BINARY,
671 key_data, KEY_SIZE);
672 if (ret == ERROR_ACCESS_DENIED)
673 {
674 ret = open_cred_mgr_key(&hkeyMgr, TRUE);
675 if (ret == ERROR_SUCCESS)
676 {
677 ret = RegSetValueExW(hkeyMgr, wszEncryptionKeyValue, 0, REG_BINARY,
678 key_data, KEY_SIZE);
679 RegCloseKey(hkeyMgr);
680 }
681 }
682 return ret;
683 }
684
685 static LPWSTR get_key_name_for_target(LPCWSTR target_name, DWORD type)
686 {
687 static const WCHAR wszGenericPrefix[] = {'G','e','n','e','r','i','c',':',' ',0};
688 static const WCHAR wszDomPasswdPrefix[] = {'D','o','m','P','a','s','s','w','d',':',' ',0};
689 INT len;
690 LPCWSTR prefix = NULL;
691 LPWSTR key_name, p;
692
693 len = strlenW(target_name);
694 if (type == CRED_TYPE_GENERIC)
695 {
696 prefix = wszGenericPrefix;
697 len += sizeof(wszGenericPrefix)/sizeof(wszGenericPrefix[0]);
698 }
699 else
700 {
701 prefix = wszDomPasswdPrefix;
702 len += sizeof(wszDomPasswdPrefix)/sizeof(wszDomPasswdPrefix[0]);
703 }
704
705 key_name = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
706 if (!key_name) return NULL;
707
708 strcpyW(key_name, prefix);
709 strcatW(key_name, target_name);
710
711 for (p = key_name; *p; p++)
712 if (*p == '\\') *p = '_';
713
714 return key_name;
715 }
716
717 static BOOL credential_matches_filter(HKEY hkeyCred, LPCWSTR filter)
718 {
719 LPWSTR target_name;
720 DWORD ret;
721 DWORD type;
722 DWORD count;
723 LPCWSTR p;
724
725 if (!filter) return TRUE;
726
727 ret = RegQueryValueExW(hkeyCred, NULL, 0, &type, NULL, &count);
728 if (ret != ERROR_SUCCESS)
729 return FALSE;
730 else if (type != REG_SZ)
731 return FALSE;
732
733 target_name = HeapAlloc(GetProcessHeap(), 0, count);
734 if (!target_name)
735 return FALSE;
736 ret = RegQueryValueExW(hkeyCred, NULL, 0, &type, (LPVOID)target_name, &count);
737 if (ret != ERROR_SUCCESS || type != REG_SZ)
738 {
739 HeapFree(GetProcessHeap(), 0, target_name);
740 return FALSE;
741 }
742
743 TRACE("comparing filter %s to target name %s\n", debugstr_w(filter),
744 debugstr_w(target_name));
745
746 p = strchrW(filter, '*');
747 ret = CompareStringW(GetThreadLocale(), 0, filter,
748 (p && !p[1] ? p - filter : -1), target_name,
749 (p && !p[1] ? p - filter : -1)) == CSTR_EQUAL;
750
751 HeapFree(GetProcessHeap(), 0, target_name);
752 return ret;
753 }
754
755 static DWORD registry_enumerate_credentials(HKEY hkeyMgr, LPCWSTR filter,
756 LPWSTR target_name,
757 DWORD target_name_len, BYTE key_data[KEY_SIZE],
758 PCREDENTIALW *credentials, char **buffer,
759 DWORD *len, DWORD *count)
760 {
761 DWORD i;
762 DWORD ret;
763 for (i = 0;; i++)
764 {
765 HKEY hkeyCred;
766 ret = RegEnumKeyW(hkeyMgr, i, target_name, target_name_len+1);
767 if (ret == ERROR_NO_MORE_ITEMS)
768 {
769 ret = ERROR_SUCCESS;
770 break;
771 }
772 else if (ret != ERROR_SUCCESS)
773 {
774 ret = ERROR_SUCCESS;
775 continue;
776 }
777 TRACE("target_name = %s\n", debugstr_w(target_name));
778 ret = RegOpenKeyExW(hkeyMgr, target_name, 0, KEY_QUERY_VALUE, &hkeyCred);
779 if (ret != ERROR_SUCCESS)
780 {
781 ret = ERROR_SUCCESS;
782 continue;
783 }
784 if (!credential_matches_filter(hkeyCred, filter))
785 {
786 RegCloseKey(hkeyCred);
787 continue;
788 }
789 if (buffer)
790 {
791 *len = sizeof(CREDENTIALW);
792 credentials[*count] = (PCREDENTIALW)*buffer;
793 }
794 else
795 *len += sizeof(CREDENTIALW);
796 ret = registry_read_credential(hkeyCred, buffer ? credentials[*count] : NULL,
797 key_data, buffer ? *buffer + sizeof(CREDENTIALW) : NULL,
798 len);
799 RegCloseKey(hkeyCred);
800 if (ret != ERROR_SUCCESS) break;
801 if (buffer) *buffer += *len;
802 (*count)++;
803 }
804 return ret;
805 }
806
807 #ifdef __APPLE__
808 static DWORD mac_enumerate_credentials(LPCWSTR filter, PCREDENTIALW *credentials,
809 char *buffer, DWORD *len, DWORD *count)
810 {
811 SecKeychainSearchRef search;
812 SecKeychainItemRef item;
813 OSStatus status;
814 Boolean saved_user_interaction_allowed;
815 DWORD ret;
816
817 SecKeychainGetUserInteractionAllowed(&saved_user_interaction_allowed);
818 SecKeychainSetUserInteractionAllowed(false);
819
820 status = SecKeychainSearchCreateFromAttributes(NULL, kSecInternetPasswordItemClass, NULL, &search);
821 if (status == noErr)
822 {
823 while (SecKeychainSearchCopyNext(search, &item) == noErr)
824 {
825 SecKeychainAttributeInfo info;
826 SecKeychainAttributeList *attr_list;
827 UInt32 info_tags[] = { kSecServerItemAttr };
828 info.count = sizeof(info_tags)/sizeof(info_tags[0]);
829 info.tag = info_tags;
830 info.format = NULL;
831 status = SecKeychainItemCopyAttributesAndData(item, &info, NULL, &attr_list, NULL, NULL);
832 if (status != noErr)
833 {
834 WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status);
835 continue;
836 }
837 if (buffer)
838 {
839 *len = sizeof(CREDENTIALW);
840 credentials[*count] = (PCREDENTIALW)buffer;
841 }
842 else
843 *len += sizeof(CREDENTIALW);
844 if (attr_list->count != 1 || attr_list->attr[0].tag != kSecServerItemAttr) continue;
845 TRACE("server item: %.*s\n", (int)attr_list->attr[0].length, (char *)attr_list->attr[0].data);
846 /* FIXME: filter based on attr_list->attr[0].data */
847 SecKeychainItemFreeAttributesAndData(attr_list, NULL);
848 ret = mac_read_credential_from_item(item, FALSE,
849 buffer ? credentials[*count] : NULL,
850 buffer ? buffer + sizeof(CREDENTIALW) : NULL,
851 len);
852 CFRelease(item);
853 if (ret == ERROR_SUCCESS)
854 {
855 (*count)++;
856 if (buffer) buffer += *len;
857 }
858 }
859 CFRelease(search);
860 }
861 else
862 ERR("SecKeychainSearchCreateFromAttributes returned status %ld\n", status);
863 SecKeychainSetUserInteractionAllowed(saved_user_interaction_allowed);
864 return ERROR_SUCCESS;
865 }
866
867 static DWORD mac_delete_credential(LPCWSTR TargetName)
868 {
869 OSStatus status;
870 SecKeychainSearchRef search;
871 status = SecKeychainSearchCreateFromAttributes(NULL, kSecInternetPasswordItemClass, NULL, &search);
872 if (status == noErr)
873 {
874 SecKeychainItemRef item;
875 while (SecKeychainSearchCopyNext(search, &item) == noErr)
876 {
877 SecKeychainAttributeInfo info;
878 SecKeychainAttributeList *attr_list;
879 UInt32 info_tags[] = { kSecServerItemAttr };
880 LPWSTR target_name;
881 INT str_len;
882 info.count = sizeof(info_tags)/sizeof(info_tags[0]);
883 info.tag = info_tags;
884 info.format = NULL;
885 status = SecKeychainItemCopyAttributesAndData(item, &info, NULL, &attr_list, NULL, NULL);
886 if (status != noErr)
887 {
888 WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status);
889 continue;
890 }
891 if (attr_list->count != 1 || attr_list->attr[0].tag != kSecServerItemAttr)
892 {
893 CFRelease(item);
894 continue;
895 }
896 str_len = MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[0].data, attr_list->attr[0].length, NULL, 0);
897 target_name = HeapAlloc(GetProcessHeap(), 0, (str_len + 1) * sizeof(WCHAR));
898 MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[0].data, attr_list->attr[0].length, target_name, str_len);
899 /* nul terminate */
900 target_name[str_len] = '\0';
901 if (strcmpiW(TargetName, target_name))
902 {
903 CFRelease(item);
904 HeapFree(GetProcessHeap(), 0, target_name);
905 continue;
906 }
907 HeapFree(GetProcessHeap(), 0, target_name);
908 SecKeychainItemFreeAttributesAndData(attr_list, NULL);
909 SecKeychainItemDelete(item);
910 CFRelease(item);
911 CFRelease(search);
912
913 return ERROR_SUCCESS;
914 }
915 CFRelease(search);
916 }
917 return ERROR_NOT_FOUND;
918 }
919 #endif
920
921 static void convert_PCREDENTIALW_to_PCREDENTIALA(const CREDENTIALW *CredentialW, PCREDENTIALA CredentialA, DWORD *len)
922 {
923 char *buffer = (char *)CredentialA + sizeof(CREDENTIALA);
924 INT string_len;
925
926 *len += sizeof(CREDENTIALA);
927 if (!CredentialA)
928 {
929 if (CredentialW->TargetName) *len += WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetName, -1, NULL, 0, NULL, NULL);
930 if (CredentialW->Comment) *len += WideCharToMultiByte(CP_ACP, 0, CredentialW->Comment, -1, NULL, 0, NULL, NULL);
931 *len += CredentialW->CredentialBlobSize;
932 if (CredentialW->TargetAlias) *len += WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetAlias, -1, NULL, 0, NULL, NULL);
933 if (CredentialW->UserName) *len += WideCharToMultiByte(CP_ACP, 0, CredentialW->UserName, -1, NULL, 0, NULL, NULL);
934
935 return;
936 }
937
938 CredentialA->Flags = CredentialW->Flags;
939 CredentialA->Type = CredentialW->Type;
940 if (CredentialW->TargetName)
941 {
942 CredentialA->TargetName = buffer;
943 string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetName, -1, CredentialA->TargetName, -1, NULL, NULL);
944 buffer += string_len;
945 *len += string_len;
946 }
947 else
948 CredentialA->TargetName = NULL;
949 if (CredentialW->Comment)
950 {
951 CredentialA->Comment = buffer;
952 string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->Comment, -1, CredentialA->Comment, -1, NULL, NULL);
953 buffer += string_len;
954 *len += string_len;
955 }
956 else
957 CredentialA->Comment = NULL;
958 CredentialA->LastWritten = CredentialW->LastWritten;
959 CredentialA->CredentialBlobSize = CredentialW->CredentialBlobSize;
960 if (CredentialW->CredentialBlobSize)
961 {
962 CredentialA->CredentialBlob =(LPBYTE)buffer;
963 memcpy(CredentialA->CredentialBlob, CredentialW->CredentialBlob,
964 CredentialW->CredentialBlobSize);
965 buffer += CredentialW->CredentialBlobSize;
966 *len += CredentialW->CredentialBlobSize;
967 }
968 else
969 CredentialA->CredentialBlob = NULL;
970 CredentialA->Persist = CredentialW->Persist;
971 CredentialA->AttributeCount = 0;
972 CredentialA->Attributes = NULL; /* FIXME */
973 if (CredentialW->TargetAlias)
974 {
975 CredentialA->TargetAlias = buffer;
976 string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->TargetAlias, -1, CredentialA->TargetAlias, -1, NULL, NULL);
977 buffer += string_len;
978 *len += string_len;
979 }
980 else
981 CredentialA->TargetAlias = NULL;
982 if (CredentialW->UserName)
983 {
984 CredentialA->UserName = buffer;
985 string_len = WideCharToMultiByte(CP_ACP, 0, CredentialW->UserName, -1, CredentialA->UserName, -1, NULL, NULL);
986 buffer += string_len;
987 *len += string_len;
988 }
989 else
990 CredentialA->UserName = NULL;
991 }
992
993 static void convert_PCREDENTIALA_to_PCREDENTIALW(const CREDENTIALA *CredentialA, PCREDENTIALW CredentialW, DWORD *len)
994 {
995 char *buffer = (char *)CredentialW + sizeof(CREDENTIALW);
996 INT string_len;
997
998 *len += sizeof(CREDENTIALW);
999 if (!CredentialW)
1000 {
1001 if (CredentialA->TargetName) *len += sizeof(WCHAR) * MultiByteToWideChar(CP_ACP, 0, CredentialA->TargetName, -1, NULL, 0);
1002 if (CredentialA->Comment) *len += sizeof(WCHAR) * MultiByteToWideChar(CP_ACP, 0, CredentialA->Comment, -1, NULL, 0);
1003 *len += CredentialA->CredentialBlobSize;
1004 if (CredentialA->TargetAlias) *len += sizeof(WCHAR) * MultiByteToWideChar(CP_ACP, 0, CredentialA->TargetAlias, -1, NULL, 0);
1005 if (CredentialA->UserName) *len += sizeof(WCHAR) * MultiByteToWideChar(CP_ACP, 0, CredentialA->UserName, -1, NULL, 0);
1006
1007 return;
1008 }
1009
1010 CredentialW->Flags = CredentialA->Flags;
1011 CredentialW->Type = CredentialA->Type;
1012 if (CredentialA->TargetName)
1013 {
1014 CredentialW->TargetName = (LPWSTR)buffer;
1015 string_len = MultiByteToWideChar(CP_ACP, 0, CredentialA->TargetName, -1, CredentialW->TargetName, -1);
1016 buffer += sizeof(WCHAR) * string_len;
1017 *len += sizeof(WCHAR) * string_len;
1018 }
1019 else
1020 CredentialW->TargetName = NULL;
1021 if (CredentialA->Comment)
1022 {
1023 CredentialW->Comment = (LPWSTR)buffer;
1024 string_len = MultiByteToWideChar(CP_ACP, 0, CredentialA->Comment, -1, CredentialW->Comment, -1);
1025 buffer += sizeof(WCHAR) * string_len;
1026 *len += sizeof(WCHAR) * string_len;
1027 }
1028 else
1029 CredentialW->Comment = NULL;
1030 CredentialW->LastWritten = CredentialA->LastWritten;
1031 CredentialW->CredentialBlobSize = CredentialA->CredentialBlobSize;
1032 if (CredentialA->CredentialBlobSize)
1033 {
1034 CredentialW->CredentialBlob =(LPBYTE)buffer;
1035 memcpy(CredentialW->CredentialBlob, CredentialA->CredentialBlob,
1036 CredentialA->CredentialBlobSize);
1037 buffer += CredentialA->CredentialBlobSize;
1038 *len += CredentialA->CredentialBlobSize;
1039 }
1040 else
1041 CredentialW->CredentialBlob = NULL;
1042 CredentialW->Persist = CredentialA->Persist;
1043 CredentialW->AttributeCount = 0;
1044 CredentialW->Attributes = NULL; /* FIXME */
1045 if (CredentialA->TargetAlias)
1046 {
1047 CredentialW->TargetAlias = (LPWSTR)buffer;
1048 string_len = MultiByteToWideChar(CP_ACP, 0, CredentialA->TargetAlias, -1, CredentialW->TargetAlias, -1);
1049 buffer += sizeof(WCHAR) * string_len;
1050 *len += sizeof(WCHAR) * string_len;
1051 }
1052 else
1053 CredentialW->TargetAlias = NULL;
1054 if (CredentialA->UserName)
1055 {
1056 CredentialW->UserName = (LPWSTR)buffer;
1057 string_len = MultiByteToWideChar(CP_ACP, 0, CredentialA->UserName, -1, CredentialW->UserName, -1);
1058 buffer += sizeof(WCHAR) * string_len;
1059 *len += sizeof(WCHAR) * string_len;
1060 }
1061 else
1062 CredentialW->UserName = NULL;
1063 }
1064
1065 /******************************************************************************
1066 * CredDeleteA [ADVAPI32.@]
1067 */
1068 BOOL WINAPI CredDeleteA(LPCSTR TargetName, DWORD Type, DWORD Flags)
1069 {
1070 LPWSTR TargetNameW;
1071 DWORD len;
1072 BOOL ret;
1073
1074 TRACE("(%s, %d, 0x%x)\n", debugstr_a(TargetName), Type, Flags);
1075
1076 if (!TargetName)
1077 {
1078 SetLastError(ERROR_INVALID_PARAMETER);
1079 return FALSE;
1080 }
1081
1082 len = MultiByteToWideChar(CP_ACP, 0, TargetName, -1, NULL, 0);
1083 TargetNameW = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1084 if (!TargetNameW)
1085 {
1086 SetLastError(ERROR_OUTOFMEMORY);
1087 return FALSE;
1088 }
1089 MultiByteToWideChar(CP_ACP, 0, TargetName, -1, TargetNameW, len);
1090
1091 ret = CredDeleteW(TargetNameW, Type, Flags);
1092
1093 HeapFree(GetProcessHeap(), 0, TargetNameW);
1094
1095 return ret;
1096 }
1097
1098 /******************************************************************************
1099 * CredDeleteW [ADVAPI32.@]
1100 */
1101 BOOL WINAPI CredDeleteW(LPCWSTR TargetName, DWORD Type, DWORD Flags)
1102 {
1103 HKEY hkeyMgr;
1104 DWORD ret;
1105 LPWSTR key_name;
1106
1107 TRACE("(%s, %d, 0x%x)\n", debugstr_w(TargetName), Type, Flags);
1108
1109 if (!TargetName)
1110 {
1111 SetLastError(ERROR_INVALID_PARAMETER);
1112 return FALSE;
1113 }
1114
1115 if (Type != CRED_TYPE_GENERIC && Type != CRED_TYPE_DOMAIN_PASSWORD)
1116 {
1117 FIXME("unhandled type %d\n", Type);
1118 SetLastError(ERROR_INVALID_PARAMETER);
1119 return FALSE;
1120 }
1121
1122 if (Flags)
1123 {
1124 FIXME("unhandled flags 0x%x\n", Flags);
1125 SetLastError(ERROR_INVALID_FLAGS);
1126 return FALSE;
1127 }
1128
1129 #ifdef __APPLE__
1130 if (Type == CRED_TYPE_DOMAIN_PASSWORD)
1131 {
1132 ret = mac_delete_credential(TargetName);
1133 if (ret == ERROR_SUCCESS)
1134 return TRUE;
1135 }
1136 #endif
1137
1138 ret = open_cred_mgr_key(&hkeyMgr, TRUE);
1139 if (ret != ERROR_SUCCESS)
1140 {
1141 WARN("couldn't open/create manager key, error %d\n", ret);
1142 SetLastError(ERROR_NO_SUCH_LOGON_SESSION);
1143 return FALSE;
1144 }
1145
1146 key_name = get_key_name_for_target(TargetName, Type);
1147 ret = RegDeleteKeyW(hkeyMgr, key_name);
1148 HeapFree(GetProcessHeap(), 0, key_name);
1149 RegCloseKey(hkeyMgr);
1150 if (ret != ERROR_SUCCESS)
1151 {
1152 SetLastError(ERROR_NOT_FOUND);
1153 return FALSE;
1154 }
1155
1156 return TRUE;
1157 }
1158
1159 /******************************************************************************
1160 * CredEnumerateA [ADVAPI32.@]
1161 */
1162 BOOL WINAPI CredEnumerateA(LPCSTR Filter, DWORD Flags, DWORD *Count,
1163 PCREDENTIALA **Credentials)
1164 {
1165 LPWSTR FilterW;
1166 PCREDENTIALW *CredentialsW;
1167 DWORD i;
1168 DWORD len;
1169 char *buffer;
1170
1171 TRACE("(%s, 0x%x, %p, %p)\n", debugstr_a(Filter), Flags, Count, Credentials);
1172
1173 if (Filter)
1174 {
1175 len = MultiByteToWideChar(CP_ACP, 0, Filter, -1, NULL, 0);
1176 FilterW = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1177 if (!FilterW)
1178 {
1179 SetLastError(ERROR_OUTOFMEMORY);
1180 return FALSE;
1181 }
1182 MultiByteToWideChar(CP_ACP, 0, Filter, -1, FilterW, len);
1183 }
1184 else
1185 FilterW = NULL;
1186
1187 if (!CredEnumerateW(FilterW, Flags, Count, &CredentialsW))
1188 {
1189 HeapFree(GetProcessHeap(), 0, FilterW);
1190 return FALSE;
1191 }
1192 HeapFree(GetProcessHeap(), 0, FilterW);
1193
1194 len = *Count * sizeof(PCREDENTIALA);
1195 for (i = 0; i < *Count; i++)
1196 convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], NULL, &len);
1197
1198 *Credentials = HeapAlloc(GetProcessHeap(), 0, len);
1199 if (!*Credentials)
1200 {
1201 CredFree(CredentialsW);
1202 SetLastError(ERROR_OUTOFMEMORY);
1203 return FALSE;
1204 }
1205
1206 buffer = (char *)&(*Credentials)[*Count];
1207 for (i = 0; i < *Count; i++)
1208 {
1209 len = 0;
1210 (*Credentials)[i] = (PCREDENTIALA)buffer;
1211 convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], (*Credentials)[i], &len);
1212 buffer += len;
1213 }
1214
1215 CredFree(CredentialsW);
1216
1217 return TRUE;
1218 }
1219
1220 /******************************************************************************
1221 * CredEnumerateW [ADVAPI32.@]
1222 */
1223 BOOL WINAPI CredEnumerateW(LPCWSTR Filter, DWORD Flags, DWORD *Count,
1224 PCREDENTIALW **Credentials)
1225 {
1226 HKEY hkeyMgr;
1227 DWORD ret;
1228 LPWSTR target_name;
1229 DWORD target_name_len;
1230 DWORD len;
1231 char *buffer;
1232 BYTE key_data[KEY_SIZE];
1233
1234 TRACE("(%s, 0x%x, %p, %p)\n", debugstr_w(Filter), Flags, Count, Credentials);
1235
1236 if (Flags)
1237 {
1238 SetLastError(ERROR_INVALID_FLAGS);
1239 return FALSE;
1240 }
1241
1242 ret = open_cred_mgr_key(&hkeyMgr, FALSE);
1243 if (ret != ERROR_SUCCESS)
1244 {
1245 WARN("couldn't open/create manager key, error %d\n", ret);
1246 SetLastError(ERROR_NO_SUCH_LOGON_SESSION);
1247 return FALSE;
1248 }
1249
1250 ret = get_cred_mgr_encryption_key(hkeyMgr, key_data);
1251 if (ret != ERROR_SUCCESS)
1252 {
1253 RegCloseKey(hkeyMgr);
1254 SetLastError(ret);
1255 return FALSE;
1256 }
1257
1258 ret = RegQueryInfoKeyW(hkeyMgr, NULL, NULL, NULL, NULL, &target_name_len, NULL, NULL, NULL, NULL, NULL, NULL);
1259 if (ret != ERROR_SUCCESS)
1260 {
1261 RegCloseKey(hkeyMgr);
1262 SetLastError(ret);
1263 return FALSE;
1264 }
1265
1266 target_name = HeapAlloc(GetProcessHeap(), 0, (target_name_len+1)*sizeof(WCHAR));
1267 if (!target_name)
1268 {
1269 RegCloseKey(hkeyMgr);
1270 SetLastError(ERROR_OUTOFMEMORY);
1271 return FALSE;
1272 }
1273
1274 *Count = 0;
1275 len = 0;
1276 ret = registry_enumerate_credentials(hkeyMgr, Filter, target_name, target_name_len,
1277 key_data, NULL, NULL, &len, Count);
1278 #ifdef __APPLE__
1279 if (ret == ERROR_SUCCESS)
1280 ret = mac_enumerate_credentials(Filter, NULL, NULL, &len, Count);
1281 #endif
1282 if (ret == ERROR_SUCCESS && *Count == 0)
1283 ret = ERROR_NOT_FOUND;
1284 if (ret != ERROR_SUCCESS)
1285 {
1286 HeapFree(GetProcessHeap(), 0, target_name);
1287 RegCloseKey(hkeyMgr);
1288 SetLastError(ret);
1289 return FALSE;
1290 }
1291 len += *Count * sizeof(PCREDENTIALW);
1292
1293 if (ret == ERROR_SUCCESS)
1294 {
1295 buffer = HeapAlloc(GetProcessHeap(), 0, len);
1296 *Credentials = (PCREDENTIALW *)buffer;
1297 if (buffer)
1298 {
1299 buffer += *Count * sizeof(PCREDENTIALW);
1300 *Count = 0;
1301 ret = registry_enumerate_credentials(hkeyMgr, Filter, target_name,
1302 target_name_len, key_data,
1303 *Credentials, &buffer, &len,
1304 Count);
1305 #ifdef __APPLE__
1306 if (ret == ERROR_SUCCESS)
1307 ret = mac_enumerate_credentials(Filter, *Credentials,
1308 buffer, &len, Count);
1309 #endif
1310 }
1311 else
1312 ret = ERROR_OUTOFMEMORY;
1313 }
1314
1315 HeapFree(GetProcessHeap(), 0, target_name);
1316 RegCloseKey(hkeyMgr);
1317
1318 if (ret != ERROR_SUCCESS)
1319 {
1320 SetLastError(ret);
1321 return FALSE;
1322 }
1323 return TRUE;
1324 }
1325
1326 /******************************************************************************
1327 * CredFree [ADVAPI32.@]
1328 */
1329 VOID WINAPI CredFree(PVOID Buffer)
1330 {
1331 HeapFree(GetProcessHeap(), 0, Buffer);
1332 }
1333
1334 /******************************************************************************
1335 * CredReadA [ADVAPI32.@]
1336 */
1337 BOOL WINAPI CredReadA(LPCSTR TargetName, DWORD Type, DWORD Flags, PCREDENTIALA *Credential)
1338 {
1339 LPWSTR TargetNameW;
1340 PCREDENTIALW CredentialW;
1341 DWORD len;
1342
1343 TRACE("(%s, %d, 0x%x, %p)\n", debugstr_a(TargetName), Type, Flags, Credential);
1344
1345 if (!TargetName)
1346 {
1347 SetLastError(ERROR_INVALID_PARAMETER);
1348 return FALSE;
1349 }
1350
1351 len = MultiByteToWideChar(CP_ACP, 0, TargetName, -1, NULL, 0);
1352 TargetNameW = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1353 if (!TargetNameW)
1354 {
1355 SetLastError(ERROR_OUTOFMEMORY);
1356 return FALSE;
1357 }
1358 MultiByteToWideChar(CP_ACP, 0, TargetName, -1, TargetNameW, len);
1359
1360 if (!CredReadW(TargetNameW, Type, Flags, &CredentialW))
1361 {
1362 HeapFree(GetProcessHeap(), 0, TargetNameW);
1363 return FALSE;
1364 }
1365 HeapFree(GetProcessHeap(), 0, TargetNameW);
1366
1367 len = 0;
1368 convert_PCREDENTIALW_to_PCREDENTIALA(CredentialW, NULL, &len);
1369 *Credential = HeapAlloc(GetProcessHeap(), 0, len);
1370 if (!*Credential)
1371 {
1372 SetLastError(ERROR_OUTOFMEMORY);
1373 return FALSE;
1374 }
1375 len = 0;
1376 convert_PCREDENTIALW_to_PCREDENTIALA(CredentialW, *Credential, &len);
1377
1378 CredFree(CredentialW);
1379
1380 return TRUE;
1381 }
1382
1383 /******************************************************************************
1384 * CredReadW [ADVAPI32.@]
1385 */
1386 BOOL WINAPI CredReadW(LPCWSTR TargetName, DWORD Type, DWORD Flags, PCREDENTIALW *Credential)
1387 {
1388 HKEY hkeyMgr;
1389 HKEY hkeyCred;
1390 DWORD ret;
1391 LPWSTR key_name;
1392 DWORD len;
1393 BYTE key_data[KEY_SIZE];
1394
1395 TRACE("(%s, %d, 0x%x, %p)\n", debugstr_w(TargetName), Type, Flags, Credential);
1396
1397 if (!TargetName)
1398 {
1399 SetLastError(ERROR_INVALID_PARAMETER);
1400 return FALSE;
1401 }
1402
1403 if (Type != CRED_TYPE_GENERIC && Type != CRED_TYPE_DOMAIN_PASSWORD)
1404 {
1405 FIXME("unhandled type %d\n", Type);
1406 SetLastError(ERROR_INVALID_PARAMETER);
1407 return FALSE;
1408 }
1409
1410 if (Flags)
1411 {
1412 FIXME("unhandled flags 0x%x\n", Flags);
1413 SetLastError(ERROR_INVALID_FLAGS);
1414 return FALSE;
1415 }
1416
1417 #ifdef __APPLE__
1418 if (Type == CRED_TYPE_DOMAIN_PASSWORD)
1419 {
1420 OSStatus status;
1421 SecKeychainSearchRef search;
1422 status = SecKeychainSearchCreateFromAttributes(NULL, kSecInternetPasswordItemClass, NULL, &search);
1423 if (status == noErr)
1424 {
1425 SecKeychainItemRef item;
1426 while (SecKeychainSearchCopyNext(search, &item) == noErr)
1427 {
1428 SecKeychainAttributeInfo info;
1429 SecKeychainAttributeList *attr_list;
1430 UInt32 info_tags[] = { kSecServerItemAttr };
1431 LPWSTR target_name;
1432 INT str_len;
1433 info.count = sizeof(info_tags)/sizeof(info_tags[0]);
1434 info.tag = info_tags;
1435 info.format = NULL;
1436 status = SecKeychainItemCopyAttributesAndData(item, &info, NULL, &attr_list, NULL, NULL);
1437 len = sizeof(**Credential);
1438 if (status != noErr)
1439 {
1440 WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status);
1441 continue;
1442 }
1443 if (attr_list->count != 1 || attr_list->attr[0].tag != kSecServerItemAttr)
1444 {
1445 CFRelease(item);
1446 continue;
1447 }
1448 str_len = MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[0].data, attr_list->attr[0].length, NULL, 0);
1449 target_name = HeapAlloc(GetProcessHeap(), 0, (str_len + 1) * sizeof(WCHAR));
1450 MultiByteToWideChar(CP_UTF8, 0, attr_list->attr[0].data, attr_list->attr[0].length, target_name, str_len);
1451 /* nul terminate */
1452 target_name[str_len] = '\0';
1453 if (strcmpiW(TargetName, target_name))
1454 {
1455 CFRelease(item);
1456 HeapFree(GetProcessHeap(), 0, target_name);
1457 continue;
1458 }
1459 HeapFree(GetProcessHeap(), 0, target_name);
1460 SecKeychainItemFreeAttributesAndData(attr_list, NULL);
1461 ret = mac_read_credential_from_item(item, TRUE, NULL, NULL, &len);
1462 if (ret == ERROR_SUCCESS)
1463 {
1464 *Credential = HeapAlloc(GetProcessHeap(), 0, len);
1465 if (*Credential)
1466 {
1467 len = sizeof(**Credential);
1468 ret = mac_read_credential_from_item(item, TRUE, *Credential,
1469 (char *)(*Credential + 1), &len);
1470 }
1471 else
1472 ret = ERROR_OUTOFMEMORY;
1473 CFRelease(item);
1474 CFRelease(search);
1475 if (ret != ERROR_SUCCESS)
1476 {
1477 SetLastError(ret);
1478 return FALSE;
1479 }
1480 return TRUE;
1481 }
1482 CFRelease(item);
1483 }
1484 CFRelease(search);
1485 }
1486 }
1487 #endif
1488
1489 ret = open_cred_mgr_key(&hkeyMgr, FALSE);
1490 if (ret != ERROR_SUCCESS)
1491 {
1492 WARN("couldn't open/create manager key, error %d\n", ret);
1493 SetLastError(ERROR_NO_SUCH_LOGON_SESSION);
1494 return FALSE;
1495 }
1496
1497 ret = get_cred_mgr_encryption_key(hkeyMgr, key_data);
1498 if (ret != ERROR_SUCCESS)
1499 {
1500 RegCloseKey(hkeyMgr);
1501 SetLastError(ret);
1502 return FALSE;
1503 }
1504
1505 key_name = get_key_name_for_target(TargetName, Type);
1506 ret = RegOpenKeyExW(hkeyMgr, key_name, 0, KEY_QUERY_VALUE, &hkeyCred);
1507 HeapFree(GetProcessHeap(), 0, key_name);
1508 if (ret != ERROR_SUCCESS)
1509 {
1510 TRACE("credentials for target name %s not found\n", debugstr_w(TargetName));
1511 SetLastError(ERROR_NOT_FOUND);
1512 return FALSE;
1513 }
1514
1515 len = sizeof(**Credential);
1516 ret = registry_read_credential(hkeyCred, NULL, key_data, NULL, &len);
1517 if (ret == ERROR_SUCCESS)
1518 {
1519 *Credential = HeapAlloc(GetProcessHeap(), 0, len);
1520 if (*Credential)
1521 {
1522 len = sizeof(**Credential);
1523 ret = registry_read_credential(hkeyCred, *Credential, key_data,
1524 (char *)(*Credential + 1), &len);
1525 }
1526 else
1527 ret = ERROR_OUTOFMEMORY;
1528 }
1529
1530 RegCloseKey(hkeyCred);
1531 RegCloseKey(hkeyMgr);
1532
1533 if (ret != ERROR_SUCCESS)
1534 {
1535 SetLastError(ret);
1536 return FALSE;
1537 }
1538 return TRUE;
1539 }
1540
1541 /******************************************************************************
1542 * CredReadDomainCredentialsA [ADVAPI32.@]
1543 */
1544 BOOL WINAPI CredReadDomainCredentialsA(PCREDENTIAL_TARGET_INFORMATIONA TargetInformation,
1545 DWORD Flags, DWORD *Size, PCREDENTIALA **Credentials)
1546 {
1547 PCREDENTIAL_TARGET_INFORMATIONW TargetInformationW;
1548 DWORD len, i;
1549 WCHAR *buffer, *end;
1550 BOOL ret;
1551 PCREDENTIALW* CredentialsW;
1552
1553 TRACE("(%p, 0x%x, %p, %p)\n", TargetInformation, Flags, Size, Credentials);
1554
1555 /* follow Windows behavior - do not test for NULL, initialize early */
1556 *Size = 0;
1557 *Credentials = NULL;
1558
1559 if (!TargetInformation)
1560 {
1561 SetLastError(ERROR_INVALID_PARAMETER);
1562 return FALSE;
1563 }
1564
1565 len = sizeof(*TargetInformationW);
1566 if (TargetInformation->TargetName)
1567 len += MultiByteToWideChar(CP_ACP, 0, TargetInformation->TargetName, -1, NULL, 0) * sizeof(WCHAR);
1568 if (TargetInformation->NetbiosServerName)
1569 len += MultiByteToWideChar(CP_ACP, 0, TargetInformation->NetbiosServerName, -1, NULL, 0) * sizeof(WCHAR);
1570 if (TargetInformation->DnsServerName)
1571 len += MultiByteToWideChar(CP_ACP, 0, TargetInformation->DnsServerName, -1, NULL, 0) * sizeof(WCHAR);
1572 if (TargetInformation->NetbiosDomainName)
1573 len += MultiByteToWideChar(CP_ACP, 0, TargetInformation->NetbiosDomainName, -1, NULL, 0) * sizeof(WCHAR);
1574 if (TargetInformation->DnsDomainName)
1575 len += MultiByteToWideChar(CP_ACP, 0, TargetInformation->DnsDomainName, -1, NULL, 0) * sizeof(WCHAR);
1576 if (TargetInformation->DnsTreeName)
1577 len += MultiByteToWideChar(CP_ACP, 0, TargetInformation->DnsTreeName, -1, NULL, 0) * sizeof(WCHAR);
1578 if (TargetInformation->PackageName)
1579 len += MultiByteToWideChar(CP_ACP, 0, TargetInformation->PackageName, -1, NULL, 0) * sizeof(WCHAR);
1580
1581 TargetInformationW = HeapAlloc(GetProcessHeap(), 0, len);
1582 if (!TargetInformationW)
1583 {
1584 SetLastError(ERROR_OUTOFMEMORY);
1585 return FALSE;
1586 }
1587 buffer = (WCHAR*)(TargetInformationW + 1);
1588 end = (WCHAR *)((char *)TargetInformationW + len);
1589
1590 if (TargetInformation->TargetName)
1591 {
1592 TargetInformationW->TargetName = buffer;
1593 buffer += MultiByteToWideChar(CP_ACP, 0, TargetInformation->TargetName, -1,
1594 TargetInformationW->TargetName, end - buffer);
1595 } else
1596 TargetInformationW->TargetName = NULL;
1597
1598 if (TargetInformation->NetbiosServerName)
1599 {
1600 TargetInformationW->NetbiosServerName = buffer;
1601 buffer += MultiByteToWideChar(CP_ACP, 0, TargetInformation->NetbiosServerName, -1,
1602 TargetInformationW->NetbiosServerName, end - buffer);
1603 } else
1604 TargetInformationW->NetbiosServerName = NULL;
1605
1606 if (TargetInformation->DnsServerName)
1607 {
1608 TargetInformationW->DnsServerName = buffer;
1609 buffer += MultiByteToWideChar(CP_ACP, 0, TargetInformation->DnsServerName, -1,
1610 TargetInformationW->DnsServerName, end - buffer);
1611 } else
1612 TargetInformationW->DnsServerName = NULL;
1613
1614 if (TargetInformation->NetbiosDomainName)
1615 {
1616 TargetInformationW->NetbiosDomainName = buffer;
1617 buffer += MultiByteToWideChar(CP_ACP, 0, TargetInformation->NetbiosDomainName, -1,
1618 TargetInformationW->NetbiosDomainName, end - buffer);
1619 } else
1620 TargetInformationW->NetbiosDomainName = NULL;
1621
1622 if (TargetInformation->DnsDomainName)
1623 {
1624 TargetInformationW->DnsDomainName = buffer;
1625 buffer += MultiByteToWideChar(CP_ACP, 0, TargetInformation->DnsDomainName, -1,
1626 TargetInformationW->DnsDomainName, end - buffer);
1627 } else
1628 TargetInformationW->DnsDomainName = NULL;
1629
1630 if (TargetInformation->DnsTreeName)
1631 {
1632 TargetInformationW->DnsTreeName = buffer;
1633 buffer += MultiByteToWideChar(CP_ACP, 0, TargetInformation->DnsTreeName, -1,
1634 TargetInformationW->DnsTreeName, end - buffer);
1635 } else
1636 TargetInformationW->DnsTreeName = NULL;
1637
1638 if (TargetInformation->PackageName)
1639 {
1640 TargetInformationW->PackageName = buffer;
1641 buffer += MultiByteToWideChar(CP_ACP, 0, TargetInformation->PackageName, -1,
1642 TargetInformationW->PackageName, end - buffer);
1643 } else
1644 TargetInformationW->PackageName = NULL;
1645
1646 TargetInformationW->Flags = TargetInformation->Flags;
1647 TargetInformationW->CredTypeCount = TargetInformation->CredTypeCount;
1648 TargetInformationW->CredTypes = TargetInformation->CredTypes;
1649
1650 ret = CredReadDomainCredentialsW(TargetInformationW, Flags, Size, &CredentialsW);
1651
1652 HeapFree(GetProcessHeap(), 0, TargetInformationW);
1653
1654 if (ret)
1655 {
1656 char *buf;
1657
1658 len = *Size * sizeof(PCREDENTIALA);
1659 for (i = 0; i < *Size; i++)
1660 convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], NULL, &len);
1661
1662 *Credentials = HeapAlloc(GetProcessHeap(), 0, len);
1663 if (!*Credentials)
1664 {
1665 CredFree(CredentialsW);
1666 SetLastError(ERROR_OUTOFMEMORY);
1667 return FALSE;
1668 }
1669
1670 buf = (char *)&(*Credentials)[*Size];
1671 for (i = 0; i < *Size; i++)
1672 {
1673 len = 0;
1674 (*Credentials)[i] = (PCREDENTIALA)buf;
1675 convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW[i], (*Credentials)[i], &len);
1676 buf += len;
1677 }
1678
1679 CredFree(CredentialsW);
1680 }
1681 return ret;
1682 }
1683
1684 /******************************************************************************
1685 * CredReadDomainCredentialsW [ADVAPI32.@]
1686 */
1687 BOOL WINAPI CredReadDomainCredentialsW(PCREDENTIAL_TARGET_INFORMATIONW TargetInformation, DWORD Flags,
1688 DWORD *Size, PCREDENTIALW **Credentials)
1689 {
1690 FIXME("(%p, 0x%x, %p, %p) stub\n", TargetInformation, Flags, Size, Credentials);
1691
1692 /* follow Windows behavior - do not test for NULL, initialize early */
1693 *Size = 0;
1694 *Credentials = NULL;
1695 if (!TargetInformation)
1696 {
1697 SetLastError(ERROR_INVALID_PARAMETER);
1698 return FALSE;
1699 }
1700
1701 SetLastError(ERROR_NOT_FOUND);
1702 return FALSE;
1703 }
1704
1705 /******************************************************************************
1706 * CredWriteA [ADVAPI32.@]
1707 */
1708 BOOL WINAPI CredWriteA(PCREDENTIALA Credential, DWORD Flags)
1709 {
1710 BOOL ret;
1711 DWORD len;
1712 PCREDENTIALW CredentialW;
1713
1714 TRACE("(%p, 0x%x)\n", Credential, Flags);
1715
1716 if (!Credential || !Credential->TargetName)
1717 {
1718 SetLastError(ERROR_INVALID_PARAMETER);
1719 return FALSE;
1720 }
1721
1722 len = 0;
1723 convert_PCREDENTIALA_to_PCREDENTIALW(Credential, NULL, &len);
1724 CredentialW = HeapAlloc(GetProcessHeap(), 0, len);
1725 if (!CredentialW)
1726 {
1727 SetLastError(ERROR_OUTOFMEMORY);
1728 return FALSE;
1729 }
1730 len = 0;
1731 convert_PCREDENTIALA_to_PCREDENTIALW(Credential, CredentialW, &len);
1732
1733 ret = CredWriteW(CredentialW, Flags);
1734
1735 HeapFree(GetProcessHeap(), 0, CredentialW);
1736
1737 return ret;
1738 }
1739
1740 /******************************************************************************
1741 * CredWriteW [ADVAPI32.@]
1742 */
1743 BOOL WINAPI CredWriteW(PCREDENTIALW Credential, DWORD Flags)
1744 {
1745 HKEY hkeyMgr;
1746 HKEY hkeyCred;
1747 DWORD ret;
1748 LPWSTR key_name;
1749 BYTE key_data[KEY_SIZE];
1750
1751 TRACE("(%p, 0x%x)\n", Credential, Flags);
1752
1753 if (!Credential || !Credential->TargetName)
1754 {
1755 SetLastError(ERROR_INVALID_PARAMETER);
1756 return FALSE;
1757 }
1758
1759 if (Flags & ~CRED_PRESERVE_CREDENTIAL_BLOB)
1760 {
1761 FIXME("unhandled flags 0x%x\n", Flags);
1762 SetLastError(ERROR_INVALID_FLAGS);
1763 return FALSE;
1764 }
1765
1766 if (Credential->Type != CRED_TYPE_GENERIC && Credential->Type != CRED_TYPE_DOMAIN_PASSWORD)
1767 {
1768 FIXME("unhandled type %d\n", Credential->Type);
1769 SetLastError(ERROR_INVALID_PARAMETER);
1770 return FALSE;
1771 }
1772
1773 TRACE("Credential->TargetName = %s\n", debugstr_w(Credential->TargetName));
1774 TRACE("Credential->UserName = %s\n", debugstr_w(Credential->UserName));
1775
1776 if (Credential->Type == CRED_TYPE_DOMAIN_PASSWORD)
1777 {
1778 if (!Credential->UserName ||
1779 (!strchrW(Credential->UserName, '\\') && !strchrW(Credential->UserName, '@')))
1780 {
1781 ERR("bad username %s\n", debugstr_w(Credential->UserName));
1782 SetLastError(ERROR_BAD_USERNAME);
1783 return FALSE;
1784 }
1785 }
1786
1787 #ifdef __APPLE__
1788 if (!Credential->AttributeCount &&
1789 Credential->Type == CRED_TYPE_DOMAIN_PASSWORD &&
1790 (Credential->Persist == CRED_PERSIST_LOCAL_MACHINE || Credential->Persist == CRED_PERSIST_ENTERPRISE))
1791 {
1792 ret = mac_write_credential(Credential, Flags & CRED_PRESERVE_CREDENTIAL_BLOB);
1793 if (ret != ERROR_SUCCESS)
1794 {
1795 SetLastError(ret);
1796 return FALSE;
1797 }
1798 return TRUE;
1799 }
1800 #endif
1801
1802 ret = open_cred_mgr_key(&hkeyMgr, FALSE);
1803 if (ret != ERROR_SUCCESS)
1804 {
1805 WARN("couldn't open/create manager key, error %d\n", ret);
1806 SetLastError(ERROR_NO_SUCH_LOGON_SESSION);
1807 return FALSE;
1808 }
1809
1810 ret = get_cred_mgr_encryption_key(hkeyMgr, key_data);
1811 if (ret != ERROR_SUCCESS)
1812 {
1813 RegCloseKey(hkeyMgr);
1814 SetLastError(ret);
1815 return FALSE;
1816 }
1817
1818 key_name = get_key_name_for_target(Credential->TargetName, Credential->Type);
1819 ret = RegCreateKeyExW(hkeyMgr, key_name, 0, NULL,
1820 Credential->Persist == CRED_PERSIST_SESSION ? REG_OPTION_VOLATILE : REG_OPTION_NON_VOLATILE,
1821 KEY_READ|KEY_WRITE, NULL, &hkeyCred, NULL);
1822 HeapFree(GetProcessHeap(), 0, key_name);
1823 if (ret != ERROR_SUCCESS)
1824 {
1825 TRACE("credentials for target name %s not found\n",
1826 debugstr_w(Credential->TargetName));
1827 SetLastError(ERROR_NOT_FOUND);
1828 return FALSE;
1829 }
1830
1831 ret = registry_write_credential(hkeyCred, Credential, key_data,
1832 Flags & CRED_PRESERVE_CREDENTIAL_BLOB);
1833
1834 RegCloseKey(hkeyCred);
1835 RegCloseKey(hkeyMgr);
1836
1837 if (ret != ERROR_SUCCESS)
1838 {
1839 SetLastError(ret);
1840 return FALSE;
1841 }
1842 return TRUE;
1843 }
1844
1845 /******************************************************************************
1846 * CredGetSessionTypes [ADVAPI32.@]
1847 */
1848 WINADVAPI BOOL WINAPI CredGetSessionTypes(DWORD persistCount, LPDWORD persists)
1849 {
1850 TRACE("(%u, %p)\n", persistCount, persists);
1851
1852 memset(persists, CRED_PERSIST_NONE, persistCount*sizeof(*persists));
1853 if (CRED_TYPE_GENERIC < persistCount)
1854 {
1855 persists[CRED_TYPE_GENERIC] = CRED_PERSIST_ENTERPRISE;
1856
1857 if (CRED_TYPE_DOMAIN_PASSWORD < persistCount)
1858 {
1859 persists[CRED_TYPE_DOMAIN_PASSWORD] = CRED_PERSIST_ENTERPRISE;
1860 }
1861 }
1862 return TRUE;
1863 }
Windows API implementation