2 * Credential Management APIs
4 * Copyright 2007 Robert Shearman for CodeWeavers
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
29 #include "../crypt/crypt.h"
31 #include "wine/unicode.h"
32 #include "wine/debug.h"
34 WINE_DEFAULT_DEBUG_CHANNEL(cred
);
36 /* the size of the ARC4 key used to encrypt the password data */
39 static const WCHAR wszCredentialManagerKey
[] = {'S','o','f','t','w','a','r','e','\\','W','i','n','e','\\',
40 'C','r','e','d','e','n','t','i','a','l',' ','M','a','n','a','g','e','r',0};
41 static const WCHAR wszEncryptionKeyValue
[] = {'E','n','c','r','y','p','t','i','o','n','K','e','y',0};
43 static const WCHAR wszFlagsValue
[] = {'F','l','a','g','s',0};
44 static const WCHAR wszTypeValue
[] = {'T','y','p','e',0};
45 static const WCHAR wszCommentValue
[] = {'C','o','m','m','e','n','t',0};
46 static const WCHAR wszLastWrittenValue
[] = {'L','a','s','t','W','r','i','t','t','e','n',0};
47 static const WCHAR wszPersistValue
[] = {'P','e','r','s','i','s','t',0};
48 static const WCHAR wszTargetAliasValue
[] = {'T','a','r','g','e','t','A','l','i','a','s',0};
49 static const WCHAR wszUserNameValue
[] = {'U','s','e','r','N','a','m','e',0};
50 static const WCHAR wszPasswordValue
[] = {'P','a','s','s','w','o','r','d',0};
52 static DWORD
read_credential_blob(HKEY hkey
, const BYTE key_data
[KEY_SIZE
],
53 LPBYTE credential_blob
,
54 DWORD
*credential_blob_size
)
59 *credential_blob_size
= 0;
60 ret
= RegQueryValueExW(hkey
, wszPasswordValue
, 0, &type
, NULL
, credential_blob_size
);
61 if (ret
!= ERROR_SUCCESS
)
63 else if (type
!= REG_BINARY
)
64 return ERROR_REGISTRY_CORRUPT
;
70 ret
= RegQueryValueExW(hkey
, wszPasswordValue
, 0, &type
, credential_blob
,
71 credential_blob_size
);
72 if (ret
!= ERROR_SUCCESS
)
74 else if (type
!= REG_BINARY
)
75 return ERROR_REGISTRY_CORRUPT
;
77 key
.Length
= key
.MaximumLength
= KEY_SIZE
;
78 key
.Buffer
= (unsigned char *)key_data
;
80 data
.Length
= data
.MaximumLength
= *credential_blob_size
;
81 data
.Buffer
= credential_blob
;
82 SystemFunction032(&data
, &key
);
87 static DWORD
registry_read_credential(HKEY hkey
, PCREDENTIALW credential
,
88 const BYTE key_data
[KEY_SIZE
],
89 char *buffer
, DWORD
*len
)
95 ret
= RegQueryValueExW(hkey
, NULL
, 0, &type
, NULL
, &count
);
96 if (ret
!= ERROR_SUCCESS
)
98 else if (type
!= REG_SZ
)
99 return ERROR_REGISTRY_CORRUPT
;
103 credential
->TargetName
= (LPWSTR
)buffer
;
104 ret
= RegQueryValueExW(hkey
, NULL
, 0, &type
, (LPVOID
)credential
->TargetName
,
106 if (ret
!= ERROR_SUCCESS
)
108 else if (type
!= REG_SZ
)
109 return ERROR_REGISTRY_CORRUPT
;
113 ret
= RegQueryValueExW(hkey
, wszCommentValue
, 0, &type
, NULL
, &count
);
114 if (ret
!= ERROR_FILE_NOT_FOUND
)
116 if (ret
!= ERROR_SUCCESS
)
118 else if (type
!= REG_SZ
)
119 return ERROR_REGISTRY_CORRUPT
;
124 credential
->Comment
= (LPWSTR
)buffer
;
125 ret
= RegQueryValueExW(hkey
, wszCommentValue
, 0, &type
, (LPVOID
)credential
->Comment
,
127 if (ret
== ERROR_FILE_NOT_FOUND
)
128 credential
->Comment
= NULL
;
129 else if (ret
!= ERROR_SUCCESS
)
131 else if (type
!= REG_SZ
)
132 return ERROR_REGISTRY_CORRUPT
;
137 ret
= RegQueryValueExW(hkey
, wszTargetAliasValue
, 0, &type
, NULL
, &count
);
138 if (ret
!= ERROR_FILE_NOT_FOUND
)
140 if (ret
!= ERROR_SUCCESS
)
142 else if (type
!= REG_SZ
)
143 return ERROR_REGISTRY_CORRUPT
;
148 credential
->TargetAlias
= (LPWSTR
)buffer
;
149 ret
= RegQueryValueExW(hkey
, wszTargetAliasValue
, 0, &type
, (LPVOID
)credential
->TargetAlias
,
151 if (ret
== ERROR_FILE_NOT_FOUND
)
152 credential
->TargetAlias
= NULL
;
153 else if (ret
!= ERROR_SUCCESS
)
155 else if (type
!= REG_SZ
)
156 return ERROR_REGISTRY_CORRUPT
;
161 ret
= RegQueryValueExW(hkey
, wszUserNameValue
, 0, &type
, NULL
, &count
);
162 if (ret
!= ERROR_FILE_NOT_FOUND
)
164 if (ret
!= ERROR_SUCCESS
)
166 else if (type
!= REG_SZ
)
167 return ERROR_REGISTRY_CORRUPT
;
172 credential
->UserName
= (LPWSTR
)buffer
;
173 ret
= RegQueryValueExW(hkey
, wszUserNameValue
, 0, &type
, (LPVOID
)credential
->UserName
,
175 if (ret
== ERROR_FILE_NOT_FOUND
)
176 credential
->UserName
= NULL
;
177 else if (ret
!= ERROR_SUCCESS
)
179 else if (type
!= REG_SZ
)
180 return ERROR_REGISTRY_CORRUPT
;
185 ret
= read_credential_blob(hkey
, key_data
, NULL
, &count
);
186 if (ret
!= ERROR_FILE_NOT_FOUND
)
188 if (ret
!= ERROR_SUCCESS
)
194 credential
->CredentialBlob
= (LPBYTE
)buffer
;
195 ret
= read_credential_blob(hkey
, key_data
, credential
->CredentialBlob
, &count
);
196 if (ret
== ERROR_FILE_NOT_FOUND
)
197 credential
->CredentialBlob
= NULL
;
198 else if (ret
!= ERROR_SUCCESS
)
200 credential
->CredentialBlobSize
= count
;
204 /* FIXME: Attributes */
207 credential
->AttributeCount
= 0;
208 credential
->Attributes
= NULL
;
211 if (!credential
) return ERROR_SUCCESS
;
213 count
= sizeof(credential
->Flags
);
214 ret
= RegQueryValueExW(hkey
, wszFlagsValue
, NULL
, &type
, (LPVOID
)&credential
->Flags
,
216 if (ret
!= ERROR_SUCCESS
)
218 else if (type
!= REG_DWORD
)
219 return ERROR_REGISTRY_CORRUPT
;
220 count
= sizeof(credential
->Type
);
221 ret
= RegQueryValueExW(hkey
, wszTypeValue
, NULL
, &type
, (LPVOID
)&credential
->Type
,
223 if (ret
!= ERROR_SUCCESS
)
225 else if (type
!= REG_DWORD
)
226 return ERROR_REGISTRY_CORRUPT
;
228 count
= sizeof(credential
->LastWritten
);
229 ret
= RegQueryValueExW(hkey
, wszLastWrittenValue
, NULL
, &type
, (LPVOID
)&credential
->LastWritten
,
231 if (ret
!= ERROR_SUCCESS
)
233 else if (type
!= REG_BINARY
)
234 return ERROR_REGISTRY_CORRUPT
;
235 count
= sizeof(credential
->Persist
);
236 ret
= RegQueryValueExW(hkey
, wszPersistValue
, NULL
, &type
, (LPVOID
)&credential
->Persist
,
238 if (ret
== ERROR_SUCCESS
&& type
!= REG_DWORD
)
239 return ERROR_REGISTRY_CORRUPT
;
244 static DWORD
mac_read_credential_from_item(SecKeychainItemRef item
, BOOL require_password
,
245 PCREDENTIALW credential
, char *buffer
,
250 UInt32 cred_blob_len
;
252 LPWSTR domain
= NULL
;
254 BOOL user_name_present
= FALSE
;
255 SecKeychainAttributeInfo info
;
256 SecKeychainAttributeList
*attr_list
;
257 UInt32 info_tags
[] = { kSecServerItemAttr
, kSecSecurityDomainItemAttr
, kSecAccountItemAttr
,
258 kSecCommentItemAttr
, kSecCreationDateItemAttr
};
259 info
.count
= sizeof(info_tags
)/sizeof(info_tags
[0]);
260 info
.tag
= info_tags
;
262 status
= SecKeychainItemCopyAttributesAndData(item
, &info
, NULL
, &attr_list
, &cred_blob_len
, &cred_blob
);
263 if (status
== errSecAuthFailed
&& !require_password
)
267 status
= SecKeychainItemCopyAttributesAndData(item
, &info
, NULL
, &attr_list
, &cred_blob_len
, NULL
);
271 WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status
);
272 return ERROR_NOT_FOUND
;
275 for (i
= 0; i
< attr_list
->count
; i
++)
276 if (attr_list
->attr
[i
].tag
== kSecAccountItemAttr
&& attr_list
->attr
[i
].data
)
278 user_name_present
= TRUE
;
281 if (!user_name_present
)
283 WARN("no kSecAccountItemAttr for item\n");
284 return ERROR_NOT_FOUND
;
289 credential
->Flags
= 0;
290 credential
->Type
= CRED_TYPE_DOMAIN_PASSWORD
;
291 credential
->TargetName
= NULL
;
292 credential
->Comment
= NULL
;
293 memset(&credential
->LastWritten
, 0, sizeof(credential
->LastWritten
));
294 credential
->CredentialBlobSize
= 0;
295 credential
->CredentialBlob
= NULL
;
296 credential
->Persist
= CRED_PERSIST_LOCAL_MACHINE
;
297 credential
->AttributeCount
= 0;
298 credential
->Attributes
= NULL
;
299 credential
->TargetAlias
= NULL
;
300 credential
->UserName
= NULL
;
302 for (i
= 0; i
< attr_list
->count
; i
++)
304 switch (attr_list
->attr
[i
].tag
)
306 case kSecServerItemAttr
:
307 TRACE("kSecServerItemAttr: %.*s\n", (int)attr_list
->attr
[i
].length
,
308 (char *)attr_list
->attr
[i
].data
);
309 if (!attr_list
->attr
[i
].data
) continue;
313 credential
->TargetName
= (LPWSTR
)buffer
;
314 str_len
= MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[i
].data
,
315 attr_list
->attr
[i
].length
, (LPWSTR
)buffer
, 0xffff);
316 credential
->TargetName
[str_len
] = '\0';
317 buffer
+= (str_len
+ 1) * sizeof(WCHAR
);
318 *len
+= (str_len
+ 1) * sizeof(WCHAR
);
323 str_len
= MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[i
].data
,
324 attr_list
->attr
[i
].length
, NULL
, 0);
325 *len
+= (str_len
+ 1) * sizeof(WCHAR
);
328 case kSecAccountItemAttr
:
331 TRACE("kSecAccountItemAttr: %.*s\n", (int)attr_list
->attr
[i
].length
,
332 (char *)attr_list
->attr
[i
].data
);
333 if (!attr_list
->attr
[i
].data
) continue;
334 str_len
= MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[i
].data
,
335 attr_list
->attr
[i
].length
, NULL
, 0);
336 user
= HeapAlloc(GetProcessHeap(), 0, (str_len
+ 1) * sizeof(WCHAR
));
337 MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[i
].data
,
338 attr_list
->attr
[i
].length
, user
, str_len
);
339 user
[str_len
] = '\0';
342 case kSecCommentItemAttr
:
343 TRACE("kSecCommentItemAttr: %.*s\n", (int)attr_list
->attr
[i
].length
,
344 (char *)attr_list
->attr
[i
].data
);
345 if (!attr_list
->attr
[i
].data
) continue;
349 credential
->Comment
= (LPWSTR
)buffer
;
350 str_len
= MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[i
].data
,
351 attr_list
->attr
[i
].length
, (LPWSTR
)buffer
, 0xffff);
352 credential
->Comment
[str_len
] = '\0';
353 buffer
+= (str_len
+ 1) * sizeof(WCHAR
);
354 *len
+= (str_len
+ 1) * sizeof(WCHAR
);
359 str_len
= MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[i
].data
,
360 attr_list
->attr
[i
].length
, NULL
, 0);
361 *len
+= (str_len
+ 1) * sizeof(WCHAR
);
364 case kSecSecurityDomainItemAttr
:
367 TRACE("kSecSecurityDomainItemAttr: %.*s\n", (int)attr_list
->attr
[i
].length
,
368 (char *)attr_list
->attr
[i
].data
);
369 if (!attr_list
->attr
[i
].data
) continue;
370 str_len
= MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[i
].data
,
371 attr_list
->attr
[i
].length
, NULL
, 0);
372 domain
= HeapAlloc(GetProcessHeap(), 0, (str_len
+ 1) * sizeof(WCHAR
));
373 MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[i
].data
,
374 attr_list
->attr
[i
].length
, domain
, str_len
);
375 domain
[str_len
] = '\0';
378 case kSecCreationDateItemAttr
:
379 TRACE("kSecCreationDateItemAttr: %.*s\n", (int)attr_list
->attr
[i
].length
,
380 (char *)attr_list
->attr
[i
].data
);
383 LARGE_INTEGER win_time
;
386 memset(&tm
, 0, sizeof(tm
));
387 strptime(attr_list
->attr
[i
].data
, "%Y%m%d%H%M%SZ", &tm
);
389 RtlSecondsSince1970ToTime(time
, &win_time
);
390 credential
->LastWritten
.dwLowDateTime
= win_time
.u
.LowPart
;
391 credential
->LastWritten
.dwHighDateTime
= win_time
.u
.HighPart
;
401 credential
->UserName
= (LPWSTR
)buffer
;
404 str_len
= strlenW(domain
);
405 *len
+= (str_len
+ 1) * sizeof(WCHAR
);
408 memcpy(credential
->UserName
, domain
, str_len
* sizeof(WCHAR
));
409 /* FIXME: figure out when to use an '@' */
410 credential
->UserName
[str_len
] = '\\';
411 buffer
+= (str_len
+ 1) * sizeof(WCHAR
);
414 str_len
= strlenW(user
);
415 *len
+= (str_len
+ 1) * sizeof(WCHAR
);
418 memcpy(buffer
, user
, (str_len
+ 1) * sizeof(WCHAR
));
419 buffer
+= (str_len
+ 1) * sizeof(WCHAR
);
420 TRACE("UserName = %s\n", debugstr_w(credential
->UserName
));
423 HeapFree(GetProcessHeap(), 0, user
);
424 HeapFree(GetProcessHeap(), 0, domain
);
431 credential
->CredentialBlob
= (BYTE
*)buffer
;
432 str_len
= MultiByteToWideChar(CP_UTF8
, 0, cred_blob
, cred_blob_len
,
433 (LPWSTR
)buffer
, 0xffff);
434 credential
->CredentialBlobSize
= str_len
* sizeof(WCHAR
);
435 buffer
+= str_len
* sizeof(WCHAR
);
436 *len
+= str_len
* sizeof(WCHAR
);
441 str_len
= MultiByteToWideChar(CP_UTF8
, 0, cred_blob
, cred_blob_len
,
443 *len
+= str_len
* sizeof(WCHAR
);
446 SecKeychainItemFreeAttributesAndData(attr_list
, cred_blob
);
447 return ERROR_SUCCESS
;
451 static DWORD
write_credential_blob(HKEY hkey
, LPCWSTR target_name
, DWORD type
,
452 const BYTE key_data
[KEY_SIZE
],
453 const BYTE
*credential_blob
, DWORD credential_blob_size
)
455 LPBYTE encrypted_credential_blob
;
460 key
.Length
= key
.MaximumLength
= KEY_SIZE
;
461 key
.Buffer
= (unsigned char *)key_data
;
463 encrypted_credential_blob
= HeapAlloc(GetProcessHeap(), 0, credential_blob_size
);
464 if (!encrypted_credential_blob
) return ERROR_OUTOFMEMORY
;
466 memcpy(encrypted_credential_blob
, credential_blob
, credential_blob_size
);
467 data
.Length
= data
.MaximumLength
= credential_blob_size
;
468 data
.Buffer
= encrypted_credential_blob
;
469 SystemFunction032(&data
, &key
);
471 ret
= RegSetValueExW(hkey
, wszPasswordValue
, 0, REG_BINARY
, encrypted_credential_blob
, credential_blob_size
);
472 HeapFree(GetProcessHeap(), 0, encrypted_credential_blob
);
477 static DWORD
registry_write_credential(HKEY hkey
, const CREDENTIALW
*credential
,
478 const BYTE key_data
[KEY_SIZE
], BOOL preserve_blob
)
481 FILETIME LastWritten
;
483 GetSystemTimeAsFileTime(&LastWritten
);
485 ret
= RegSetValueExW(hkey
, wszFlagsValue
, 0, REG_DWORD
, (LPVOID
)&credential
->Flags
,
486 sizeof(credential
->Flags
));
487 if (ret
!= ERROR_SUCCESS
) return ret
;
488 ret
= RegSetValueExW(hkey
, wszTypeValue
, 0, REG_DWORD
, (LPVOID
)&credential
->Type
,
489 sizeof(credential
->Type
));
490 if (ret
!= ERROR_SUCCESS
) return ret
;
491 ret
= RegSetValueExW(hkey
, NULL
, 0, REG_SZ
, (LPVOID
)credential
->TargetName
,
492 sizeof(WCHAR
)*(strlenW(credential
->TargetName
)+1));
493 if (ret
!= ERROR_SUCCESS
) return ret
;
494 if (credential
->Comment
)
496 ret
= RegSetValueExW(hkey
, wszCommentValue
, 0, REG_SZ
, (LPVOID
)credential
->Comment
,
497 sizeof(WCHAR
)*(strlenW(credential
->Comment
)+1));
498 if (ret
!= ERROR_SUCCESS
) return ret
;
500 ret
= RegSetValueExW(hkey
, wszLastWrittenValue
, 0, REG_BINARY
, (LPVOID
)&LastWritten
,
501 sizeof(LastWritten
));
502 if (ret
!= ERROR_SUCCESS
) return ret
;
503 ret
= RegSetValueExW(hkey
, wszPersistValue
, 0, REG_DWORD
, (LPVOID
)&credential
->Persist
,
504 sizeof(credential
->Persist
));
505 if (ret
!= ERROR_SUCCESS
) return ret
;
506 /* FIXME: Attributes */
507 if (credential
->TargetAlias
)
509 ret
= RegSetValueExW(hkey
, wszTargetAliasValue
, 0, REG_SZ
, (LPVOID
)credential
->TargetAlias
,
510 sizeof(WCHAR
)*(strlenW(credential
->TargetAlias
)+1));
511 if (ret
!= ERROR_SUCCESS
) return ret
;
513 if (credential
->UserName
)
515 ret
= RegSetValueExW(hkey
, wszUserNameValue
, 0, REG_SZ
, (LPVOID
)credential
->UserName
,
516 sizeof(WCHAR
)*(strlenW(credential
->UserName
)+1));
517 if (ret
!= ERROR_SUCCESS
) return ret
;
521 ret
= write_credential_blob(hkey
, credential
->TargetName
, credential
->Type
,
522 key_data
, credential
->CredentialBlob
,
523 credential
->CredentialBlobSize
);
529 static DWORD
mac_write_credential(const CREDENTIALW
*credential
, BOOL preserve_blob
)
532 SecKeychainItemRef keychain_item
;
538 UInt32 domainlen
= 0;
542 SecKeychainAttribute attrs
[1];
543 SecKeychainAttributeList attr_list
;
545 if (credential
->Flags
)
546 FIXME("Flags 0x%x not written\n", credential
->Flags
);
547 if (credential
->Type
!= CRED_TYPE_DOMAIN_PASSWORD
)
548 FIXME("credential type of %d not supported\n", credential
->Type
);
549 if (credential
->Persist
!= CRED_PERSIST_LOCAL_MACHINE
)
550 FIXME("persist value of %d not supported\n", credential
->Persist
);
551 if (credential
->AttributeCount
)
552 FIXME("custom attributes not supported\n");
554 p
= strchrW(credential
->UserName
, '\\');
557 domainlen
= WideCharToMultiByte(CP_UTF8
, 0, credential
->UserName
,
558 p
- credential
->UserName
, NULL
, 0, NULL
, NULL
);
559 domain
= HeapAlloc(GetProcessHeap(), 0, (domainlen
+ 1) * sizeof(*domain
));
560 WideCharToMultiByte(CP_UTF8
, 0, credential
->UserName
, p
- credential
->UserName
,
561 domain
, domainlen
, NULL
, NULL
);
562 domain
[domainlen
] = '\0';
566 p
= credential
->UserName
;
567 userlen
= WideCharToMultiByte(CP_UTF8
, 0, p
, -1, NULL
, 0, NULL
, NULL
);
568 username
= HeapAlloc(GetProcessHeap(), 0, userlen
* sizeof(*username
));
569 WideCharToMultiByte(CP_UTF8
, 0, p
, -1, username
, userlen
, NULL
, NULL
);
571 serverlen
= WideCharToMultiByte(CP_UTF8
, 0, credential
->TargetName
, -1, NULL
, 0, NULL
, NULL
);
572 servername
= HeapAlloc(GetProcessHeap(), 0, serverlen
* sizeof(*servername
));
573 WideCharToMultiByte(CP_UTF8
, 0, credential
->TargetName
, -1, servername
, serverlen
, NULL
, NULL
);
574 pwlen
= WideCharToMultiByte(CP_UTF8
, 0, (LPCWSTR
)credential
->CredentialBlob
,
575 credential
->CredentialBlobSize
/ sizeof(WCHAR
), NULL
, 0, NULL
, NULL
);
576 password
= HeapAlloc(GetProcessHeap(), 0, pwlen
* sizeof(*domain
));
577 WideCharToMultiByte(CP_UTF8
, 0, (LPCWSTR
)credential
->CredentialBlob
,
578 credential
->CredentialBlobSize
/ sizeof(WCHAR
), password
, pwlen
, NULL
, NULL
);
580 TRACE("adding server %s, domain %s, username %s using Keychain\n", servername
, domain
, username
);
581 status
= SecKeychainAddInternetPassword(NULL
, strlen(servername
), servername
,
582 strlen(domain
), domain
, strlen(username
),
583 username
, 0, NULL
, 0,
585 kSecAuthenticationTypeDefault
,
586 strlen(password
), password
, &keychain_item
);
588 ERR("SecKeychainAddInternetPassword returned %ld\n", status
);
589 if (status
== errSecDuplicateItem
)
591 SecKeychainItemRef keychain_item
;
593 status
= SecKeychainFindInternetPassword(NULL
, strlen(servername
), servername
,
594 strlen(domain
), domain
,
595 strlen(username
), username
,
596 0, NULL
/* any path */, 0,
597 0 /* any protocol */,
598 0 /* any authentication type */,
599 0, NULL
, &keychain_item
);
601 ERR("SecKeychainFindInternetPassword returned %ld\n", status
);
603 HeapFree(GetProcessHeap(), 0, domain
);
604 HeapFree(GetProcessHeap(), 0, username
);
605 HeapFree(GetProcessHeap(), 0, servername
);
608 HeapFree(GetProcessHeap(), 0, password
);
609 return ERROR_GEN_FAILURE
;
611 if (credential
->Comment
)
614 attr_list
.attr
= attrs
;
615 attrs
[0].tag
= kSecCommentItemAttr
;
616 attrs
[0].length
= WideCharToMultiByte(CP_UTF8
, 0, credential
->Comment
, -1, NULL
, 0, NULL
, NULL
);
617 if (attrs
[0].length
) attrs
[0].length
--;
618 attrs
[0].data
= HeapAlloc(GetProcessHeap(), 0, attrs
[0].length
);
619 WideCharToMultiByte(CP_UTF8
, 0, credential
->Comment
, -1, attrs
[0].data
, attrs
[0].length
, NULL
, NULL
);
624 attr_list
.attr
= NULL
;
626 status
= SecKeychainItemModifyAttributesAndData(keychain_item
, &attr_list
,
627 preserve_blob
? 0 : strlen(password
),
628 preserve_blob
? NULL
: password
);
629 if (credential
->Comment
)
630 HeapFree(GetProcessHeap(), 0, attrs
[0].data
);
631 HeapFree(GetProcessHeap(), 0, password
);
632 /* FIXME: set TargetAlias attribute */
633 CFRelease(keychain_item
);
634 return ERROR_SUCCESS
;
638 static DWORD
open_cred_mgr_key(HKEY
*hkey
, BOOL open_for_write
)
640 return RegCreateKeyExW(HKEY_CURRENT_USER
, wszCredentialManagerKey
, 0,
641 NULL
, REG_OPTION_NON_VOLATILE
,
642 KEY_READ
| (open_for_write
? KEY_WRITE
: 0), NULL
, hkey
, NULL
);
645 static DWORD
get_cred_mgr_encryption_key(HKEY hkeyMgr
, BYTE key_data
[KEY_SIZE
])
647 static const BYTE my_key_data
[KEY_SIZE
] = { 0 };
655 memcpy(key_data
, my_key_data
, KEY_SIZE
);
658 ret
= RegQueryValueExW(hkeyMgr
, wszEncryptionKeyValue
, NULL
, &type
, key_data
,
660 if (ret
== ERROR_SUCCESS
)
662 if (type
!= REG_BINARY
)
663 return ERROR_REGISTRY_CORRUPT
;
665 return ERROR_SUCCESS
;
667 if (ret
!= ERROR_FILE_NOT_FOUND
)
670 GetSystemTimeAsFileTime(&ft
);
671 seed
= ft
.dwLowDateTime
;
672 value
= RtlUniform(&seed
);
673 *(DWORD
*)key_data
= value
;
674 seed
= ft
.dwHighDateTime
;
675 value
= RtlUniform(&seed
);
676 *(DWORD
*)(key_data
+ 4) = value
;
678 ret
= RegSetValueExW(hkeyMgr
, wszEncryptionKeyValue
, 0, REG_BINARY
,
680 if (ret
== ERROR_ACCESS_DENIED
)
682 ret
= open_cred_mgr_key(&hkeyMgr
, TRUE
);
683 if (ret
== ERROR_SUCCESS
)
685 ret
= RegSetValueExW(hkeyMgr
, wszEncryptionKeyValue
, 0, REG_BINARY
,
687 RegCloseKey(hkeyMgr
);
693 static LPWSTR
get_key_name_for_target(LPCWSTR target_name
, DWORD type
)
695 static const WCHAR wszGenericPrefix
[] = {'G','e','n','e','r','i','c',':',' ',0};
696 static const WCHAR wszDomPasswdPrefix
[] = {'D','o','m','P','a','s','s','w','d',':',' ',0};
698 LPCWSTR prefix
= NULL
;
701 len
= strlenW(target_name
);
702 if (type
== CRED_TYPE_GENERIC
)
704 prefix
= wszGenericPrefix
;
705 len
+= sizeof(wszGenericPrefix
)/sizeof(wszGenericPrefix
[0]);
709 prefix
= wszDomPasswdPrefix
;
710 len
+= sizeof(wszDomPasswdPrefix
)/sizeof(wszDomPasswdPrefix
[0]);
713 key_name
= HeapAlloc(GetProcessHeap(), 0, len
* sizeof(WCHAR
));
714 if (!key_name
) return NULL
;
716 strcpyW(key_name
, prefix
);
717 strcatW(key_name
, target_name
);
719 for (p
= key_name
; *p
; p
++)
720 if (*p
== '\\') *p
= '_';
725 static BOOL
credential_matches_filter(HKEY hkeyCred
, LPCWSTR filter
)
733 if (!filter
) return TRUE
;
735 ret
= RegQueryValueExW(hkeyCred
, NULL
, 0, &type
, NULL
, &count
);
736 if (ret
!= ERROR_SUCCESS
)
738 else if (type
!= REG_SZ
)
741 target_name
= HeapAlloc(GetProcessHeap(), 0, count
);
744 ret
= RegQueryValueExW(hkeyCred
, NULL
, 0, &type
, (LPVOID
)target_name
, &count
);
745 if (ret
!= ERROR_SUCCESS
|| type
!= REG_SZ
)
747 HeapFree(GetProcessHeap(), 0, target_name
);
751 TRACE("comparing filter %s to target name %s\n", debugstr_w(filter
),
752 debugstr_w(target_name
));
754 p
= strchrW(filter
, '*');
755 ret
= CompareStringW(GetThreadLocale(), 0, filter
,
756 (p
&& !p
[1] ? p
- filter
: -1), target_name
,
757 (p
&& !p
[1] ? p
- filter
: -1)) == CSTR_EQUAL
;
759 HeapFree(GetProcessHeap(), 0, target_name
);
763 static DWORD
registry_enumerate_credentials(HKEY hkeyMgr
, LPCWSTR filter
,
765 DWORD target_name_len
, BYTE key_data
[KEY_SIZE
],
766 PCREDENTIALW
*credentials
, char **buffer
,
767 DWORD
*len
, DWORD
*count
)
774 ret
= RegEnumKeyW(hkeyMgr
, i
, target_name
, target_name_len
+1);
775 if (ret
== ERROR_NO_MORE_ITEMS
)
780 else if (ret
!= ERROR_SUCCESS
)
785 TRACE("target_name = %s\n", debugstr_w(target_name
));
786 ret
= RegOpenKeyExW(hkeyMgr
, target_name
, 0, KEY_QUERY_VALUE
, &hkeyCred
);
787 if (ret
!= ERROR_SUCCESS
)
792 if (!credential_matches_filter(hkeyCred
, filter
))
794 RegCloseKey(hkeyCred
);
799 *len
= sizeof(CREDENTIALW
);
800 credentials
[*count
] = (PCREDENTIALW
)*buffer
;
803 *len
+= sizeof(CREDENTIALW
);
804 ret
= registry_read_credential(hkeyCred
, buffer
? credentials
[*count
] : NULL
,
805 key_data
, buffer
? *buffer
+ sizeof(CREDENTIALW
) : NULL
,
807 RegCloseKey(hkeyCred
);
808 if (ret
!= ERROR_SUCCESS
) break;
809 if (buffer
) *buffer
+= *len
;
816 static DWORD
mac_enumerate_credentials(LPCWSTR filter
, PCREDENTIALW
*credentials
,
817 char *buffer
, DWORD
*len
, DWORD
*count
)
819 SecKeychainSearchRef search
;
820 SecKeychainItemRef item
;
822 Boolean saved_user_interaction_allowed
;
825 SecKeychainGetUserInteractionAllowed(&saved_user_interaction_allowed
);
826 SecKeychainSetUserInteractionAllowed(false);
828 status
= SecKeychainSearchCreateFromAttributes(NULL
, kSecInternetPasswordItemClass
, NULL
, &search
);
831 while (SecKeychainSearchCopyNext(search
, &item
) == noErr
)
833 SecKeychainAttributeInfo info
;
834 SecKeychainAttributeList
*attr_list
;
835 UInt32 info_tags
[] = { kSecServerItemAttr
};
836 info
.count
= sizeof(info_tags
)/sizeof(info_tags
[0]);
837 info
.tag
= info_tags
;
839 status
= SecKeychainItemCopyAttributesAndData(item
, &info
, NULL
, &attr_list
, NULL
, NULL
);
842 WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status
);
847 *len
= sizeof(CREDENTIALW
);
848 credentials
[*count
] = (PCREDENTIALW
)buffer
;
851 *len
+= sizeof(CREDENTIALW
);
852 if (attr_list
->count
!= 1 || attr_list
->attr
[0].tag
!= kSecServerItemAttr
) continue;
853 TRACE("server item: %.*s\n", (int)attr_list
->attr
[0].length
, (char *)attr_list
->attr
[0].data
);
854 /* FIXME: filter based on attr_list->attr[0].data */
855 SecKeychainItemFreeAttributesAndData(attr_list
, NULL
);
856 ret
= mac_read_credential_from_item(item
, FALSE
,
857 buffer
? credentials
[*count
] : NULL
,
858 buffer
? buffer
+ sizeof(CREDENTIALW
) : NULL
,
861 if (ret
== ERROR_SUCCESS
)
864 if (buffer
) buffer
+= *len
;
870 ERR("SecKeychainSearchCreateFromAttributes returned status %ld\n", status
);
871 SecKeychainSetUserInteractionAllowed(saved_user_interaction_allowed
);
872 return ERROR_SUCCESS
;
875 static DWORD
mac_delete_credential(LPCWSTR TargetName
)
878 SecKeychainSearchRef search
;
879 status
= SecKeychainSearchCreateFromAttributes(NULL
, kSecInternetPasswordItemClass
, NULL
, &search
);
882 SecKeychainItemRef item
;
883 while (SecKeychainSearchCopyNext(search
, &item
) == noErr
)
885 SecKeychainAttributeInfo info
;
886 SecKeychainAttributeList
*attr_list
;
887 UInt32 info_tags
[] = { kSecServerItemAttr
};
890 info
.count
= sizeof(info_tags
)/sizeof(info_tags
[0]);
891 info
.tag
= info_tags
;
893 status
= SecKeychainItemCopyAttributesAndData(item
, &info
, NULL
, &attr_list
, NULL
, NULL
);
896 WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status
);
899 if (attr_list
->count
!= 1 || attr_list
->attr
[0].tag
!= kSecServerItemAttr
)
904 str_len
= MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[0].data
, attr_list
->attr
[0].length
, NULL
, 0);
905 target_name
= HeapAlloc(GetProcessHeap(), 0, (str_len
+ 1) * sizeof(WCHAR
));
906 MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[0].data
, attr_list
->attr
[0].length
, target_name
, str_len
);
908 target_name
[str_len
] = '\0';
909 if (strcmpiW(TargetName
, target_name
))
912 HeapFree(GetProcessHeap(), 0, target_name
);
915 HeapFree(GetProcessHeap(), 0, target_name
);
916 SecKeychainItemFreeAttributesAndData(attr_list
, NULL
);
917 SecKeychainItemDelete(item
);
921 return ERROR_SUCCESS
;
925 return ERROR_NOT_FOUND
;
929 /******************************************************************************
930 * convert_PCREDENTIALW_to_PCREDENTIALA [internal]
932 * convert a Credential struct from UNICODE to ANSI and return the needed size in Bytes
936 static INT
convert_PCREDENTIALW_to_PCREDENTIALA(const CREDENTIALW
*CredentialW
, PCREDENTIALA CredentialA
, INT len
)
940 INT needed
= sizeof(CREDENTIALA
);
944 if (CredentialW
->TargetName
)
945 needed
+= WideCharToMultiByte(CP_ACP
, 0, CredentialW
->TargetName
, -1, NULL
, 0, NULL
, NULL
);
946 if (CredentialW
->Comment
)
947 needed
+= WideCharToMultiByte(CP_ACP
, 0, CredentialW
->Comment
, -1, NULL
, 0, NULL
, NULL
);
948 needed
+= CredentialW
->CredentialBlobSize
;
949 if (CredentialW
->TargetAlias
)
950 needed
+= WideCharToMultiByte(CP_ACP
, 0, CredentialW
->TargetAlias
, -1, NULL
, 0, NULL
, NULL
);
951 if (CredentialW
->UserName
)
952 needed
+= WideCharToMultiByte(CP_ACP
, 0, CredentialW
->UserName
, -1, NULL
, 0, NULL
, NULL
);
958 buffer
= (char *)CredentialA
+ sizeof(CREDENTIALA
);
959 len
-= sizeof(CREDENTIALA
);
960 CredentialA
->Flags
= CredentialW
->Flags
;
961 CredentialA
->Type
= CredentialW
->Type
;
963 if (CredentialW
->TargetName
)
965 CredentialA
->TargetName
= buffer
;
966 string_len
= WideCharToMultiByte(CP_ACP
, 0, CredentialW
->TargetName
, -1, buffer
, len
, NULL
, NULL
);
967 buffer
+= string_len
;
968 needed
+= string_len
;
972 CredentialA
->TargetName
= NULL
;
973 if (CredentialW
->Comment
)
975 CredentialA
->Comment
= buffer
;
976 string_len
= WideCharToMultiByte(CP_ACP
, 0, CredentialW
->Comment
, -1, buffer
, len
, NULL
, NULL
);
977 buffer
+= string_len
;
978 needed
+= string_len
;
982 CredentialA
->Comment
= NULL
;
983 CredentialA
->LastWritten
= CredentialW
->LastWritten
;
984 CredentialA
->CredentialBlobSize
= CredentialW
->CredentialBlobSize
;
985 if (CredentialW
->CredentialBlobSize
&& (CredentialW
->CredentialBlobSize
<= len
))
987 CredentialA
->CredentialBlob
=(LPBYTE
)buffer
;
988 memcpy(CredentialA
->CredentialBlob
, CredentialW
->CredentialBlob
,
989 CredentialW
->CredentialBlobSize
);
990 buffer
+= CredentialW
->CredentialBlobSize
;
991 needed
+= CredentialW
->CredentialBlobSize
;
992 len
-= CredentialW
->CredentialBlobSize
;
995 CredentialA
->CredentialBlob
= NULL
;
996 CredentialA
->Persist
= CredentialW
->Persist
;
997 CredentialA
->AttributeCount
= 0;
998 CredentialA
->Attributes
= NULL
; /* FIXME */
999 if (CredentialW
->TargetAlias
)
1001 CredentialA
->TargetAlias
= buffer
;
1002 string_len
= WideCharToMultiByte(CP_ACP
, 0, CredentialW
->TargetAlias
, -1, buffer
, len
, NULL
, NULL
);
1003 buffer
+= string_len
;
1004 needed
+= string_len
;
1008 CredentialA
->TargetAlias
= NULL
;
1009 if (CredentialW
->UserName
)
1011 CredentialA
->UserName
= buffer
;
1012 string_len
= WideCharToMultiByte(CP_ACP
, 0, CredentialW
->UserName
, -1, buffer
, len
, NULL
, NULL
);
1013 needed
+= string_len
;
1016 CredentialA
->UserName
= NULL
;
1021 /******************************************************************************
1022 * convert_PCREDENTIALA_to_PCREDENTIALW [internal]
1024 * convert a Credential struct from ANSI to UNICODE and return the needed size in Bytes
1027 static INT
convert_PCREDENTIALA_to_PCREDENTIALW(const CREDENTIALA
*CredentialA
, PCREDENTIALW CredentialW
, INT len
)
1031 INT needed
= sizeof(CREDENTIALW
);
1035 if (CredentialA
->TargetName
)
1036 needed
+= sizeof(WCHAR
) * MultiByteToWideChar(CP_ACP
, 0, CredentialA
->TargetName
, -1, NULL
, 0);
1037 if (CredentialA
->Comment
)
1038 needed
+= sizeof(WCHAR
) * MultiByteToWideChar(CP_ACP
, 0, CredentialA
->Comment
, -1, NULL
, 0);
1039 needed
+= CredentialA
->CredentialBlobSize
;
1040 if (CredentialA
->TargetAlias
)
1041 needed
+= sizeof(WCHAR
) * MultiByteToWideChar(CP_ACP
, 0, CredentialA
->TargetAlias
, -1, NULL
, 0);
1042 if (CredentialA
->UserName
)
1043 needed
+= sizeof(WCHAR
) * MultiByteToWideChar(CP_ACP
, 0, CredentialA
->UserName
, -1, NULL
, 0);
1048 buffer
= (char *)CredentialW
+ sizeof(CREDENTIALW
);
1049 len
-= sizeof(CREDENTIALW
);
1050 CredentialW
->Flags
= CredentialA
->Flags
;
1051 CredentialW
->Type
= CredentialA
->Type
;
1052 if (CredentialA
->TargetName
)
1054 CredentialW
->TargetName
= (LPWSTR
)buffer
;
1055 string_len
= MultiByteToWideChar(CP_ACP
, 0, CredentialA
->TargetName
, -1, CredentialW
->TargetName
, len
/ sizeof(WCHAR
));
1056 buffer
+= sizeof(WCHAR
) * string_len
;
1057 needed
+= sizeof(WCHAR
) * string_len
;
1058 len
-= sizeof(WCHAR
) * string_len
;
1061 CredentialW
->TargetName
= NULL
;
1062 if (CredentialA
->Comment
)
1064 CredentialW
->Comment
= (LPWSTR
)buffer
;
1065 string_len
= MultiByteToWideChar(CP_ACP
, 0, CredentialA
->Comment
, -1, CredentialW
->Comment
, len
/ sizeof(WCHAR
));
1066 buffer
+= sizeof(WCHAR
) * string_len
;
1067 needed
+= sizeof(WCHAR
) * string_len
;
1068 len
-= sizeof(WCHAR
) * string_len
;
1071 CredentialW
->Comment
= NULL
;
1072 CredentialW
->LastWritten
= CredentialA
->LastWritten
;
1073 CredentialW
->CredentialBlobSize
= CredentialA
->CredentialBlobSize
;
1074 if (CredentialA
->CredentialBlobSize
)
1076 CredentialW
->CredentialBlob
=(LPBYTE
)buffer
;
1077 memcpy(CredentialW
->CredentialBlob
, CredentialA
->CredentialBlob
,
1078 CredentialA
->CredentialBlobSize
);
1079 buffer
+= CredentialA
->CredentialBlobSize
;
1080 needed
+= CredentialA
->CredentialBlobSize
;
1081 len
-= CredentialA
->CredentialBlobSize
;
1084 CredentialW
->CredentialBlob
= NULL
;
1085 CredentialW
->Persist
= CredentialA
->Persist
;
1086 CredentialW
->AttributeCount
= 0;
1087 CredentialW
->Attributes
= NULL
; /* FIXME */
1088 if (CredentialA
->TargetAlias
)
1090 CredentialW
->TargetAlias
= (LPWSTR
)buffer
;
1091 string_len
= MultiByteToWideChar(CP_ACP
, 0, CredentialA
->TargetAlias
, -1, CredentialW
->TargetAlias
, len
/ sizeof(WCHAR
));
1092 buffer
+= sizeof(WCHAR
) * string_len
;
1093 needed
+= sizeof(WCHAR
) * string_len
;
1094 len
-= sizeof(WCHAR
) * string_len
;
1097 CredentialW
->TargetAlias
= NULL
;
1098 if (CredentialA
->UserName
)
1100 CredentialW
->UserName
= (LPWSTR
)buffer
;
1101 string_len
= MultiByteToWideChar(CP_ACP
, 0, CredentialA
->UserName
, -1, CredentialW
->UserName
, len
/ sizeof(WCHAR
));
1102 needed
+= sizeof(WCHAR
) * string_len
;
1105 CredentialW
->UserName
= NULL
;
1110 /******************************************************************************
1111 * CredDeleteA [ADVAPI32.@]
1113 BOOL WINAPI
CredDeleteA(LPCSTR TargetName
, DWORD Type
, DWORD Flags
)
1119 TRACE("(%s, %d, 0x%x)\n", debugstr_a(TargetName
), Type
, Flags
);
1123 SetLastError(ERROR_INVALID_PARAMETER
);
1127 len
= MultiByteToWideChar(CP_ACP
, 0, TargetName
, -1, NULL
, 0);
1128 TargetNameW
= HeapAlloc(GetProcessHeap(), 0, len
* sizeof(WCHAR
));
1131 SetLastError(ERROR_OUTOFMEMORY
);
1134 MultiByteToWideChar(CP_ACP
, 0, TargetName
, -1, TargetNameW
, len
);
1136 ret
= CredDeleteW(TargetNameW
, Type
, Flags
);
1138 HeapFree(GetProcessHeap(), 0, TargetNameW
);
1143 /******************************************************************************
1144 * CredDeleteW [ADVAPI32.@]
1146 BOOL WINAPI
CredDeleteW(LPCWSTR TargetName
, DWORD Type
, DWORD Flags
)
1152 TRACE("(%s, %d, 0x%x)\n", debugstr_w(TargetName
), Type
, Flags
);
1156 SetLastError(ERROR_INVALID_PARAMETER
);
1160 if (Type
!= CRED_TYPE_GENERIC
&& Type
!= CRED_TYPE_DOMAIN_PASSWORD
)
1162 FIXME("unhandled type %d\n", Type
);
1163 SetLastError(ERROR_INVALID_PARAMETER
);
1169 FIXME("unhandled flags 0x%x\n", Flags
);
1170 SetLastError(ERROR_INVALID_FLAGS
);
1175 if (Type
== CRED_TYPE_DOMAIN_PASSWORD
)
1177 ret
= mac_delete_credential(TargetName
);
1178 if (ret
== ERROR_SUCCESS
)
1183 ret
= open_cred_mgr_key(&hkeyMgr
, TRUE
);
1184 if (ret
!= ERROR_SUCCESS
)
1186 WARN("couldn't open/create manager key, error %d\n", ret
);
1187 SetLastError(ERROR_NO_SUCH_LOGON_SESSION
);
1191 key_name
= get_key_name_for_target(TargetName
, Type
);
1192 ret
= RegDeleteKeyW(hkeyMgr
, key_name
);
1193 HeapFree(GetProcessHeap(), 0, key_name
);
1194 RegCloseKey(hkeyMgr
);
1195 if (ret
!= ERROR_SUCCESS
)
1197 SetLastError(ERROR_NOT_FOUND
);
1204 /******************************************************************************
1205 * CredEnumerateA [ADVAPI32.@]
1207 BOOL WINAPI
CredEnumerateA(LPCSTR Filter
, DWORD Flags
, DWORD
*Count
,
1208 PCREDENTIALA
**Credentials
)
1211 PCREDENTIALW
*CredentialsW
;
1217 TRACE("(%s, 0x%x, %p, %p)\n", debugstr_a(Filter
), Flags
, Count
, Credentials
);
1221 len
= MultiByteToWideChar(CP_ACP
, 0, Filter
, -1, NULL
, 0);
1222 FilterW
= HeapAlloc(GetProcessHeap(), 0, len
* sizeof(WCHAR
));
1225 SetLastError(ERROR_OUTOFMEMORY
);
1228 MultiByteToWideChar(CP_ACP
, 0, Filter
, -1, FilterW
, len
);
1233 if (!CredEnumerateW(FilterW
, Flags
, Count
, &CredentialsW
))
1235 HeapFree(GetProcessHeap(), 0, FilterW
);
1238 HeapFree(GetProcessHeap(), 0, FilterW
);
1240 len
= *Count
* sizeof(PCREDENTIALA
);
1241 for (i
= 0; i
< *Count
; i
++)
1242 len
+= convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW
[i
], NULL
, 0);
1244 *Credentials
= HeapAlloc(GetProcessHeap(), 0, len
);
1247 CredFree(CredentialsW
);
1248 SetLastError(ERROR_OUTOFMEMORY
);
1252 buffer
= (char *)&(*Credentials
)[*Count
];
1253 len
-= *Count
* sizeof(PCREDENTIALA
);
1254 for (i
= 0; i
< *Count
; i
++)
1256 (*Credentials
)[i
] = (PCREDENTIALA
)buffer
;
1257 needed
= convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW
[i
], (*Credentials
)[i
], len
);
1262 CredFree(CredentialsW
);
1267 /******************************************************************************
1268 * CredEnumerateW [ADVAPI32.@]
1270 BOOL WINAPI
CredEnumerateW(LPCWSTR Filter
, DWORD Flags
, DWORD
*Count
,
1271 PCREDENTIALW
**Credentials
)
1276 DWORD target_name_len
;
1279 BYTE key_data
[KEY_SIZE
];
1281 TRACE("(%s, 0x%x, %p, %p)\n", debugstr_w(Filter
), Flags
, Count
, Credentials
);
1285 SetLastError(ERROR_INVALID_FLAGS
);
1289 ret
= open_cred_mgr_key(&hkeyMgr
, FALSE
);
1290 if (ret
!= ERROR_SUCCESS
)
1292 WARN("couldn't open/create manager key, error %d\n", ret
);
1293 SetLastError(ERROR_NO_SUCH_LOGON_SESSION
);
1297 ret
= get_cred_mgr_encryption_key(hkeyMgr
, key_data
);
1298 if (ret
!= ERROR_SUCCESS
)
1300 RegCloseKey(hkeyMgr
);
1305 ret
= RegQueryInfoKeyW(hkeyMgr
, NULL
, NULL
, NULL
, NULL
, &target_name_len
, NULL
, NULL
, NULL
, NULL
, NULL
, NULL
);
1306 if (ret
!= ERROR_SUCCESS
)
1308 RegCloseKey(hkeyMgr
);
1313 target_name
= HeapAlloc(GetProcessHeap(), 0, (target_name_len
+1)*sizeof(WCHAR
));
1316 RegCloseKey(hkeyMgr
);
1317 SetLastError(ERROR_OUTOFMEMORY
);
1323 ret
= registry_enumerate_credentials(hkeyMgr
, Filter
, target_name
, target_name_len
,
1324 key_data
, NULL
, NULL
, &len
, Count
);
1326 if (ret
== ERROR_SUCCESS
)
1327 ret
= mac_enumerate_credentials(Filter
, NULL
, NULL
, &len
, Count
);
1329 if (ret
== ERROR_SUCCESS
&& *Count
== 0)
1330 ret
= ERROR_NOT_FOUND
;
1331 if (ret
!= ERROR_SUCCESS
)
1333 HeapFree(GetProcessHeap(), 0, target_name
);
1334 RegCloseKey(hkeyMgr
);
1338 len
+= *Count
* sizeof(PCREDENTIALW
);
1340 if (ret
== ERROR_SUCCESS
)
1342 buffer
= HeapAlloc(GetProcessHeap(), 0, len
);
1343 *Credentials
= (PCREDENTIALW
*)buffer
;
1346 buffer
+= *Count
* sizeof(PCREDENTIALW
);
1348 ret
= registry_enumerate_credentials(hkeyMgr
, Filter
, target_name
,
1349 target_name_len
, key_data
,
1350 *Credentials
, &buffer
, &len
,
1353 if (ret
== ERROR_SUCCESS
)
1354 ret
= mac_enumerate_credentials(Filter
, *Credentials
,
1355 buffer
, &len
, Count
);
1359 ret
= ERROR_OUTOFMEMORY
;
1362 HeapFree(GetProcessHeap(), 0, target_name
);
1363 RegCloseKey(hkeyMgr
);
1365 if (ret
!= ERROR_SUCCESS
)
1373 /******************************************************************************
1374 * CredFree [ADVAPI32.@]
1376 VOID WINAPI
CredFree(PVOID Buffer
)
1378 HeapFree(GetProcessHeap(), 0, Buffer
);
1381 /******************************************************************************
1382 * CredReadA [ADVAPI32.@]
1384 BOOL WINAPI
CredReadA(LPCSTR TargetName
, DWORD Type
, DWORD Flags
, PCREDENTIALA
*Credential
)
1387 PCREDENTIALW CredentialW
;
1390 TRACE("(%s, %d, 0x%x, %p)\n", debugstr_a(TargetName
), Type
, Flags
, Credential
);
1394 SetLastError(ERROR_INVALID_PARAMETER
);
1398 len
= MultiByteToWideChar(CP_ACP
, 0, TargetName
, -1, NULL
, 0);
1399 TargetNameW
= HeapAlloc(GetProcessHeap(), 0, len
* sizeof(WCHAR
));
1402 SetLastError(ERROR_OUTOFMEMORY
);
1405 MultiByteToWideChar(CP_ACP
, 0, TargetName
, -1, TargetNameW
, len
);
1407 if (!CredReadW(TargetNameW
, Type
, Flags
, &CredentialW
))
1409 HeapFree(GetProcessHeap(), 0, TargetNameW
);
1412 HeapFree(GetProcessHeap(), 0, TargetNameW
);
1414 len
= convert_PCREDENTIALW_to_PCREDENTIALA(CredentialW
, NULL
, 0);
1415 *Credential
= HeapAlloc(GetProcessHeap(), 0, len
);
1418 SetLastError(ERROR_OUTOFMEMORY
);
1421 convert_PCREDENTIALW_to_PCREDENTIALA(CredentialW
, *Credential
, len
);
1423 CredFree(CredentialW
);
1428 /******************************************************************************
1429 * CredReadW [ADVAPI32.@]
1431 BOOL WINAPI
CredReadW(LPCWSTR TargetName
, DWORD Type
, DWORD Flags
, PCREDENTIALW
*Credential
)
1438 BYTE key_data
[KEY_SIZE
];
1440 TRACE("(%s, %d, 0x%x, %p)\n", debugstr_w(TargetName
), Type
, Flags
, Credential
);
1444 SetLastError(ERROR_INVALID_PARAMETER
);
1448 if (Type
!= CRED_TYPE_GENERIC
&& Type
!= CRED_TYPE_DOMAIN_PASSWORD
)
1450 FIXME("unhandled type %d\n", Type
);
1451 SetLastError(ERROR_INVALID_PARAMETER
);
1457 FIXME("unhandled flags 0x%x\n", Flags
);
1458 SetLastError(ERROR_INVALID_FLAGS
);
1463 if (Type
== CRED_TYPE_DOMAIN_PASSWORD
)
1466 SecKeychainSearchRef search
;
1467 status
= SecKeychainSearchCreateFromAttributes(NULL
, kSecInternetPasswordItemClass
, NULL
, &search
);
1468 if (status
== noErr
)
1470 SecKeychainItemRef item
;
1471 while (SecKeychainSearchCopyNext(search
, &item
) == noErr
)
1473 SecKeychainAttributeInfo info
;
1474 SecKeychainAttributeList
*attr_list
;
1475 UInt32 info_tags
[] = { kSecServerItemAttr
};
1478 info
.count
= sizeof(info_tags
)/sizeof(info_tags
[0]);
1479 info
.tag
= info_tags
;
1481 status
= SecKeychainItemCopyAttributesAndData(item
, &info
, NULL
, &attr_list
, NULL
, NULL
);
1482 len
= sizeof(**Credential
);
1483 if (status
!= noErr
)
1485 WARN("SecKeychainItemCopyAttributesAndData returned status %ld\n", status
);
1488 if (attr_list
->count
!= 1 || attr_list
->attr
[0].tag
!= kSecServerItemAttr
)
1493 str_len
= MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[0].data
, attr_list
->attr
[0].length
, NULL
, 0);
1494 target_name
= HeapAlloc(GetProcessHeap(), 0, (str_len
+ 1) * sizeof(WCHAR
));
1495 MultiByteToWideChar(CP_UTF8
, 0, attr_list
->attr
[0].data
, attr_list
->attr
[0].length
, target_name
, str_len
);
1497 target_name
[str_len
] = '\0';
1498 if (strcmpiW(TargetName
, target_name
))
1501 HeapFree(GetProcessHeap(), 0, target_name
);
1504 HeapFree(GetProcessHeap(), 0, target_name
);
1505 SecKeychainItemFreeAttributesAndData(attr_list
, NULL
);
1506 ret
= mac_read_credential_from_item(item
, TRUE
, NULL
, NULL
, &len
);
1507 if (ret
== ERROR_SUCCESS
)
1509 *Credential
= HeapAlloc(GetProcessHeap(), 0, len
);
1512 len
= sizeof(**Credential
);
1513 ret
= mac_read_credential_from_item(item
, TRUE
, *Credential
,
1514 (char *)(*Credential
+ 1), &len
);
1517 ret
= ERROR_OUTOFMEMORY
;
1520 if (ret
!= ERROR_SUCCESS
)
1534 ret
= open_cred_mgr_key(&hkeyMgr
, FALSE
);
1535 if (ret
!= ERROR_SUCCESS
)
1537 WARN("couldn't open/create manager key, error %d\n", ret
);
1538 SetLastError(ERROR_NO_SUCH_LOGON_SESSION
);
1542 ret
= get_cred_mgr_encryption_key(hkeyMgr
, key_data
);
1543 if (ret
!= ERROR_SUCCESS
)
1545 RegCloseKey(hkeyMgr
);
1550 key_name
= get_key_name_for_target(TargetName
, Type
);
1551 ret
= RegOpenKeyExW(hkeyMgr
, key_name
, 0, KEY_QUERY_VALUE
, &hkeyCred
);
1552 HeapFree(GetProcessHeap(), 0, key_name
);
1553 if (ret
!= ERROR_SUCCESS
)
1555 TRACE("credentials for target name %s not found\n", debugstr_w(TargetName
));
1556 SetLastError(ERROR_NOT_FOUND
);
1560 len
= sizeof(**Credential
);
1561 ret
= registry_read_credential(hkeyCred
, NULL
, key_data
, NULL
, &len
);
1562 if (ret
== ERROR_SUCCESS
)
1564 *Credential
= HeapAlloc(GetProcessHeap(), 0, len
);
1567 len
= sizeof(**Credential
);
1568 ret
= registry_read_credential(hkeyCred
, *Credential
, key_data
,
1569 (char *)(*Credential
+ 1), &len
);
1572 ret
= ERROR_OUTOFMEMORY
;
1575 RegCloseKey(hkeyCred
);
1576 RegCloseKey(hkeyMgr
);
1578 if (ret
!= ERROR_SUCCESS
)
1586 /******************************************************************************
1587 * CredReadDomainCredentialsA [ADVAPI32.@]
1589 BOOL WINAPI
CredReadDomainCredentialsA(PCREDENTIAL_TARGET_INFORMATIONA TargetInformation
,
1590 DWORD Flags
, DWORD
*Size
, PCREDENTIALA
**Credentials
)
1592 PCREDENTIAL_TARGET_INFORMATIONW TargetInformationW
;
1594 WCHAR
*buffer
, *end
;
1596 PCREDENTIALW
* CredentialsW
;
1598 TRACE("(%p, 0x%x, %p, %p)\n", TargetInformation
, Flags
, Size
, Credentials
);
1600 /* follow Windows behavior - do not test for NULL, initialize early */
1602 *Credentials
= NULL
;
1604 if (!TargetInformation
)
1606 SetLastError(ERROR_INVALID_PARAMETER
);
1610 len
= sizeof(*TargetInformationW
);
1611 if (TargetInformation
->TargetName
)
1612 len
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->TargetName
, -1, NULL
, 0) * sizeof(WCHAR
);
1613 if (TargetInformation
->NetbiosServerName
)
1614 len
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->NetbiosServerName
, -1, NULL
, 0) * sizeof(WCHAR
);
1615 if (TargetInformation
->DnsServerName
)
1616 len
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->DnsServerName
, -1, NULL
, 0) * sizeof(WCHAR
);
1617 if (TargetInformation
->NetbiosDomainName
)
1618 len
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->NetbiosDomainName
, -1, NULL
, 0) * sizeof(WCHAR
);
1619 if (TargetInformation
->DnsDomainName
)
1620 len
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->DnsDomainName
, -1, NULL
, 0) * sizeof(WCHAR
);
1621 if (TargetInformation
->DnsTreeName
)
1622 len
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->DnsTreeName
, -1, NULL
, 0) * sizeof(WCHAR
);
1623 if (TargetInformation
->PackageName
)
1624 len
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->PackageName
, -1, NULL
, 0) * sizeof(WCHAR
);
1626 TargetInformationW
= HeapAlloc(GetProcessHeap(), 0, len
);
1627 if (!TargetInformationW
)
1629 SetLastError(ERROR_OUTOFMEMORY
);
1632 buffer
= (WCHAR
*)(TargetInformationW
+ 1);
1633 end
= (WCHAR
*)((char *)TargetInformationW
+ len
);
1635 if (TargetInformation
->TargetName
)
1637 TargetInformationW
->TargetName
= buffer
;
1638 buffer
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->TargetName
, -1,
1639 TargetInformationW
->TargetName
, end
- buffer
);
1641 TargetInformationW
->TargetName
= NULL
;
1643 if (TargetInformation
->NetbiosServerName
)
1645 TargetInformationW
->NetbiosServerName
= buffer
;
1646 buffer
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->NetbiosServerName
, -1,
1647 TargetInformationW
->NetbiosServerName
, end
- buffer
);
1649 TargetInformationW
->NetbiosServerName
= NULL
;
1651 if (TargetInformation
->DnsServerName
)
1653 TargetInformationW
->DnsServerName
= buffer
;
1654 buffer
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->DnsServerName
, -1,
1655 TargetInformationW
->DnsServerName
, end
- buffer
);
1657 TargetInformationW
->DnsServerName
= NULL
;
1659 if (TargetInformation
->NetbiosDomainName
)
1661 TargetInformationW
->NetbiosDomainName
= buffer
;
1662 buffer
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->NetbiosDomainName
, -1,
1663 TargetInformationW
->NetbiosDomainName
, end
- buffer
);
1665 TargetInformationW
->NetbiosDomainName
= NULL
;
1667 if (TargetInformation
->DnsDomainName
)
1669 TargetInformationW
->DnsDomainName
= buffer
;
1670 buffer
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->DnsDomainName
, -1,
1671 TargetInformationW
->DnsDomainName
, end
- buffer
);
1673 TargetInformationW
->DnsDomainName
= NULL
;
1675 if (TargetInformation
->DnsTreeName
)
1677 TargetInformationW
->DnsTreeName
= buffer
;
1678 buffer
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->DnsTreeName
, -1,
1679 TargetInformationW
->DnsTreeName
, end
- buffer
);
1681 TargetInformationW
->DnsTreeName
= NULL
;
1683 if (TargetInformation
->PackageName
)
1685 TargetInformationW
->PackageName
= buffer
;
1686 buffer
+= MultiByteToWideChar(CP_ACP
, 0, TargetInformation
->PackageName
, -1,
1687 TargetInformationW
->PackageName
, end
- buffer
);
1689 TargetInformationW
->PackageName
= NULL
;
1691 TargetInformationW
->Flags
= TargetInformation
->Flags
;
1692 TargetInformationW
->CredTypeCount
= TargetInformation
->CredTypeCount
;
1693 TargetInformationW
->CredTypes
= TargetInformation
->CredTypes
;
1695 ret
= CredReadDomainCredentialsW(TargetInformationW
, Flags
, Size
, &CredentialsW
);
1697 HeapFree(GetProcessHeap(), 0, TargetInformationW
);
1704 len
= *Size
* sizeof(PCREDENTIALA
);
1705 for (i
= 0; i
< *Size
; i
++)
1706 len
+= convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW
[i
], NULL
, 0);
1708 *Credentials
= HeapAlloc(GetProcessHeap(), 0, len
);
1711 CredFree(CredentialsW
);
1712 SetLastError(ERROR_OUTOFMEMORY
);
1716 buf
= (char *)&(*Credentials
)[*Size
];
1717 len
-= *Size
* sizeof(PCREDENTIALA
);
1718 for (i
= 0; i
< *Size
; i
++)
1720 (*Credentials
)[i
] = (PCREDENTIALA
)buf
;
1721 needed
= convert_PCREDENTIALW_to_PCREDENTIALA(CredentialsW
[i
], (*Credentials
)[i
], len
);
1726 CredFree(CredentialsW
);
1731 /******************************************************************************
1732 * CredReadDomainCredentialsW [ADVAPI32.@]
1734 BOOL WINAPI
CredReadDomainCredentialsW(PCREDENTIAL_TARGET_INFORMATIONW TargetInformation
, DWORD Flags
,
1735 DWORD
*Size
, PCREDENTIALW
**Credentials
)
1737 FIXME("(%p, 0x%x, %p, %p) stub\n", TargetInformation
, Flags
, Size
, Credentials
);
1739 /* follow Windows behavior - do not test for NULL, initialize early */
1741 *Credentials
= NULL
;
1742 if (!TargetInformation
)
1744 SetLastError(ERROR_INVALID_PARAMETER
);
1748 SetLastError(ERROR_NOT_FOUND
);
1752 /******************************************************************************
1753 * CredWriteA [ADVAPI32.@]
1755 BOOL WINAPI
CredWriteA(PCREDENTIALA Credential
, DWORD Flags
)
1759 PCREDENTIALW CredentialW
;
1761 TRACE("(%p, 0x%x)\n", Credential
, Flags
);
1763 if (!Credential
|| !Credential
->TargetName
)
1765 SetLastError(ERROR_INVALID_PARAMETER
);
1769 len
= convert_PCREDENTIALA_to_PCREDENTIALW(Credential
, NULL
, 0);
1770 CredentialW
= HeapAlloc(GetProcessHeap(), 0, len
);
1773 SetLastError(ERROR_OUTOFMEMORY
);
1777 convert_PCREDENTIALA_to_PCREDENTIALW(Credential
, CredentialW
, len
);
1779 ret
= CredWriteW(CredentialW
, Flags
);
1781 HeapFree(GetProcessHeap(), 0, CredentialW
);
1786 /******************************************************************************
1787 * CredWriteW [ADVAPI32.@]
1789 BOOL WINAPI
CredWriteW(PCREDENTIALW Credential
, DWORD Flags
)
1795 BYTE key_data
[KEY_SIZE
];
1797 TRACE("(%p, 0x%x)\n", Credential
, Flags
);
1799 if (!Credential
|| !Credential
->TargetName
)
1801 SetLastError(ERROR_INVALID_PARAMETER
);
1805 if (Flags
& ~CRED_PRESERVE_CREDENTIAL_BLOB
)
1807 FIXME("unhandled flags 0x%x\n", Flags
);
1808 SetLastError(ERROR_INVALID_FLAGS
);
1812 if (Credential
->Type
!= CRED_TYPE_GENERIC
&& Credential
->Type
!= CRED_TYPE_DOMAIN_PASSWORD
)
1814 FIXME("unhandled type %d\n", Credential
->Type
);
1815 SetLastError(ERROR_INVALID_PARAMETER
);
1819 TRACE("Credential->TargetName = %s\n", debugstr_w(Credential
->TargetName
));
1820 TRACE("Credential->UserName = %s\n", debugstr_w(Credential
->UserName
));
1822 if (Credential
->Type
== CRED_TYPE_DOMAIN_PASSWORD
)
1824 if (!Credential
->UserName
||
1825 (!strchrW(Credential
->UserName
, '\\') && !strchrW(Credential
->UserName
, '@')))
1827 ERR("bad username %s\n", debugstr_w(Credential
->UserName
));
1828 SetLastError(ERROR_BAD_USERNAME
);
1834 if (!Credential
->AttributeCount
&&
1835 Credential
->Type
== CRED_TYPE_DOMAIN_PASSWORD
&&
1836 (Credential
->Persist
== CRED_PERSIST_LOCAL_MACHINE
|| Credential
->Persist
== CRED_PERSIST_ENTERPRISE
))
1838 ret
= mac_write_credential(Credential
, Flags
& CRED_PRESERVE_CREDENTIAL_BLOB
);
1839 if (ret
!= ERROR_SUCCESS
)
1848 ret
= open_cred_mgr_key(&hkeyMgr
, FALSE
);
1849 if (ret
!= ERROR_SUCCESS
)
1851 WARN("couldn't open/create manager key, error %d\n", ret
);
1852 SetLastError(ERROR_NO_SUCH_LOGON_SESSION
);
1856 ret
= get_cred_mgr_encryption_key(hkeyMgr
, key_data
);
1857 if (ret
!= ERROR_SUCCESS
)
1859 RegCloseKey(hkeyMgr
);
1864 key_name
= get_key_name_for_target(Credential
->TargetName
, Credential
->Type
);
1865 ret
= RegCreateKeyExW(hkeyMgr
, key_name
, 0, NULL
,
1866 Credential
->Persist
== CRED_PERSIST_SESSION
? REG_OPTION_VOLATILE
: REG_OPTION_NON_VOLATILE
,
1867 KEY_READ
|KEY_WRITE
, NULL
, &hkeyCred
, NULL
);
1868 HeapFree(GetProcessHeap(), 0, key_name
);
1869 if (ret
!= ERROR_SUCCESS
)
1871 TRACE("credentials for target name %s not found\n",
1872 debugstr_w(Credential
->TargetName
));
1873 SetLastError(ERROR_NOT_FOUND
);
1877 ret
= registry_write_credential(hkeyCred
, Credential
, key_data
,
1878 Flags
& CRED_PRESERVE_CREDENTIAL_BLOB
);
1880 RegCloseKey(hkeyCred
);
1881 RegCloseKey(hkeyMgr
);
1883 if (ret
!= ERROR_SUCCESS
)
1891 /******************************************************************************
1892 * CredGetSessionTypes [ADVAPI32.@]
1894 BOOL WINAPI
CredGetSessionTypes(DWORD persistCount
, LPDWORD persists
)
1896 TRACE("(%u, %p)\n", persistCount
, persists
);
1898 memset(persists
, CRED_PERSIST_NONE
, persistCount
*sizeof(*persists
));
1899 if (CRED_TYPE_GENERIC
< persistCount
)
1901 persists
[CRED_TYPE_GENERIC
] = CRED_PERSIST_ENTERPRISE
;
1903 if (CRED_TYPE_DOMAIN_PASSWORD
< persistCount
)
1905 persists
[CRED_TYPE_DOMAIN_PASSWORD
] = CRED_PERSIST_ENTERPRISE
;
1913 CredWriteDomainCredentialsW(PCREDENTIAL_TARGET_INFORMATIONW TargetInfo
,
1914 PCREDENTIALW Credential
,
1917 WARN("Not implemented\n");
1923 CredWriteDomainCredentialsA(PCREDENTIAL_TARGET_INFORMATIONA TargetInfo
,
1924 PCREDENTIALA Credential
,
1927 WARN("Not implemented\n");
1933 CredUnmarshalCredentialW(LPCWSTR MarshaledCredential
,
1934 PCRED_MARSHAL_TYPE CredType
,
1937 WARN("Not implemented\n");
1943 CredUnmarshalCredentialA(LPCSTR MarshaledCredential
,
1944 PCRED_MARSHAL_TYPE CredType
,
1947 WARN("Not implemented\n");