+ KEYCONTAINER *pKeyContainer;
+ HKEY hKey;
+
+ TRACE("(hProv=%08lx, dwParam=%08x, pbData=%p, dwFlags=%08x)\n", hProv, dwParam, pbData, dwFlags);
+
+ if (!lookup_handle(&handle_table, hProv, RSAENH_MAGIC_CONTAINER, (OBJECTHDR **)&pKeyContainer))
+ {
+ SetLastError(NTE_BAD_UID);
+ return FALSE;
+ }
+
+ switch (dwParam)
+ {
+ case PP_KEYSET_SEC_DESCR:
+ {
+ SECURITY_DESCRIPTOR *sd = (SECURITY_DESCRIPTOR *)pbData;
+ DWORD err, flags = (pKeyContainer->dwFlags & CRYPT_MACHINE_KEYSET);
+ BOOL def, present;
+ REGSAM access = WRITE_DAC | WRITE_OWNER | ACCESS_SYSTEM_SECURITY;
+ PSID owner = NULL, group = NULL;
+ PACL dacl = NULL, sacl = NULL;
+
+ if (!open_container_key(pKeyContainer->szName, flags, access, &hKey))
+ {
+ SetLastError(NTE_BAD_KEYSET);
+ return FALSE;
+ }
+
+ if ((dwFlags & OWNER_SECURITY_INFORMATION && !GetSecurityDescriptorOwner(sd, &owner, &def)) ||
+ (dwFlags & GROUP_SECURITY_INFORMATION && !GetSecurityDescriptorGroup(sd, &group, &def)) ||
+ (dwFlags & DACL_SECURITY_INFORMATION && !GetSecurityDescriptorDacl(sd, &present, &dacl, &def)) ||
+ (dwFlags & SACL_SECURITY_INFORMATION && !GetSecurityDescriptorSacl(sd, &present, &sacl, &def)))
+ {
+ RegCloseKey(hKey);
+ return FALSE;
+ }
+
+ err = SetSecurityInfo(hKey, SE_REGISTRY_KEY, dwFlags, owner, group, dacl, sacl);
+ RegCloseKey(hKey);
+ if (err)
+ {
+ SetLastError(err);
+ return FALSE;
+ }
+ return TRUE;
+ }
+ default:
+ FIXME("unimplemented parameter %08x\n", dwParam);
+ return FALSE;
+ }