aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src/sid.hpp
blob: a8ee3aaeaacb394b5523f309e3bdd8c822bf52dc (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
// Copyright (c) 2016 Egor Tensin <Egor.Tensin@gmail.com>
// This file is part of the "Privilege test" project.
// For details, see https://github.com/egor-tensin/privilege-test.
// Distributed under the MIT License.

#pragma once

#include "error.hpp"

#include <Windows.h>
#include <sddl.h>

#include <array>
#include <memory>
#include <string>

constexpr DWORD max_sid_size = SECURITY_MAX_SID_SIZE;
typedef std::array<unsigned char, max_sid_size> SidBuffer;

namespace sid
{
    SidBuffer well_known(WELL_KNOWN_SID_TYPE type)
    {
        SidBuffer buffer;
        DWORD cb = static_cast<DWORD>(buffer.size());

        if (!CreateWellKnownSid(type, NULL, buffer.data(), &cb))
            error::raise("CreateWellKnownSid");

        return buffer;
    }

    SidBuffer builtin_administrators()
    {
        /*
        void* sid = nullptr;
        SID_IDENTIFIER_AUTHORITY authority = SECURITY_NT_AUTHORITY;

        if (!AllocateAndInitializeSid(
            &authority,
            2,
            SECURITY_BUILTIN_DOMAIN_RID,
            DOMAIN_ALIAS_RID_ADMINS,
            0, 0, 0, 0, 0, 0,
            &sid))
        {
            error::raise("AllocateAndInitializeSid");
        }

        return std::unique_ptr<void, FreeSid>{sid};
        */

        return well_known(WinBuiltinAdministratorsSid);
    }

    struct DeleteSidString
    {
        void operator()(wchar_t* s) const
        {
            LocalFree(s);
        }
    };

    std::wstring to_string(const SidBuffer& sid)
    {
        wchar_t* s = nullptr;

        if (!ConvertSidToStringSidW(const_cast<unsigned char*>(sid.data()), &s))
            error::raise("ConvertSidToStringSidW");

        return std::unique_ptr<wchar_t, DeleteSidString>{s}.get();
    }
}