2 using Microsoft.Win32.SafeHandles;
14 internal static readonly
long MaxIdentifierAuthority = 281474976710655
L;
16 internal static readonly
byte MaxSubAuthorities = 15;
24 private IdentifierAuthority _IdentifierAuthority;
26 private int[] _SubAuthorities;
28 private byte[] _BinaryForm;
32 private bool _AccountDomainSidInitialized;
34 private string _SddlForm;
36 internal static byte Revision => 1;
38 internal byte[] BinaryForm => _BinaryForm;
40 internal IdentifierAuthority IdentifierAuthority => _IdentifierAuthority;
42 internal int SubAuthorityCount => _SubAuthorities.Length;
52 [SecuritySafeCritical]
55 if (!_AccountDomainSidInitialized)
57 _AccountDomainSid = GetAccountDomainSid();
58 _AccountDomainSidInitialized =
true;
60 return _AccountDomainSid;
68 private void CreateFromParts(IdentifierAuthority identifierAuthority,
int[] subAuthorities)
70 if (subAuthorities ==
null)
74 if (subAuthorities.Length > MaxSubAuthorities)
76 throw new ArgumentOutOfRangeException(
"subAuthorities.Length", subAuthorities.Length,
Environment.GetResourceString(
"IdentityReference_InvalidNumberOfSubauthorities", MaxSubAuthorities));
78 if (identifierAuthority < IdentifierAuthority.NullAuthority || (
long)identifierAuthority > MaxIdentifierAuthority)
82 _IdentifierAuthority = identifierAuthority;
83 _SubAuthorities =
new int[subAuthorities.Length];
84 subAuthorities.CopyTo(_SubAuthorities, 0);
85 _BinaryForm =
new byte[8 + 4 * SubAuthorityCount];
86 _BinaryForm[0] = Revision;
87 _BinaryForm[1] = (byte)SubAuthorityCount;
88 for (
byte b = 0; b < 6; b = (byte)(b + 1))
90 _BinaryForm[2 + b] = (byte)(((ulong)_IdentifierAuthority >> (5 - b) * 8) & 0xFF);
92 for (
byte b = 0; b < SubAuthorityCount; b = (byte)(b + 1))
94 for (
byte b2 = 0; b2 < 4; b2 = (byte)(b2 + 1))
96 _BinaryForm[8 + 4 * b + b2] = (byte)((ulong)_SubAuthorities[b] >> b2 * 8);
101 private void CreateFromBinaryForm(
byte[] binaryForm,
int offset)
103 if (binaryForm ==
null)
115 if (binaryForm[offset] != Revision)
117 throw new ArgumentException(Environment.GetResourceString(
"IdentityReference_InvalidSidRevision"),
"binaryForm");
119 if (binaryForm[offset + 1] > MaxSubAuthorities)
121 throw new ArgumentException(Environment.GetResourceString(
"IdentityReference_InvalidNumberOfSubauthorities", MaxSubAuthorities),
"binaryForm");
123 int num = 8 + 4 * binaryForm[offset + 1];
124 if (binaryForm.Length - offset < num)
126 throw new ArgumentException(Environment.GetResourceString(
"ArgumentOutOfRange_ArrayTooSmall"),
"binaryForm");
128 IdentifierAuthority identifierAuthority = (IdentifierAuthority)(((ulong)binaryForm[offset + 2] << 40) + ((ulong)binaryForm[offset + 3] << 32) + ((ulong)binaryForm[offset + 4] << 24) + ((ulong)binaryForm[offset + 5] << 16) + ((ulong)binaryForm[offset + 6] << 8) + binaryForm[offset + 7]);
129 int[] array =
new int[binaryForm[offset + 1]];
130 for (
byte b = 0; b < binaryForm[offset + 1]; b = (byte)(b + 1))
132 array[b] = binaryForm[offset + 8 + 4 * b + 0] + (binaryForm[offset + 8 + 4 * b + 1] << 8) + (binaryForm[offset + 8 + 4 * b + 2] << 16) + (binaryForm[offset + 8 + 4 * b + 3] << 24);
134 CreateFromParts(identifierAuthority, array);
139 [SecuritySafeCritical]
142 if (sddlForm ==
null)
147 int num = Win32.CreateSidFromString(sddlForm, out resultSid);
157 CreateFromBinaryForm(resultSid, 0);
167 CreateFromBinaryForm(binaryForm, offset);
172 [SecuritySafeCritical]
175 : this(binaryForm, noDemand: true)
181 : this(Win32.ConvertIntPtrSidToByteArraySid(binaryForm), 0)
188 [SecuritySafeCritical]
195 if (!Win32.WellKnownSidApisSupported)
217 if (domainSid ==
null)
222 int windowsAccountDomainSid = Win32.GetWindowsAccountDomainSid(domainSid, out resultSid);
223 switch (windowsAccountDomainSid)
230 throw new SystemException(Win32Native.GetMessage(windowsAccountDomainSid));
234 if (resultSid != domainSid)
291 int num = Win32.CreateWellKnownSid(sidType, domainSid, out resultSid2);
299 CreateFromBinaryForm(resultSid2, 0);
306 int[] array =
new int[domainSid.SubAuthorityCount + 1];
308 for (i = 0; i < domainSid.SubAuthorityCount; i++)
310 array[i] = domainSid.GetSubAuthority(i);
313 CreateFromParts(domainSid.IdentifierAuthority, array);
316 internal SecurityIdentifier(IdentifierAuthority identifierAuthority,
int[] subAuthorities)
318 CreateFromParts(identifierAuthority, subAuthorities);
332 if (securityIdentifier ==
null)
336 return this == securityIdentifier;
356 int num = ((long)IdentifierAuthority).GetHashCode();
357 for (
int i = 0; i < SubAuthorityCount; i++)
359 num ^= GetSubAuthority(i);
368 if (_SddlForm ==
null)
371 stringBuilder.
AppendFormat(
"S-1-{0}", (
long)_IdentifierAuthority);
372 for (
int i = 0; i < SubAuthorityCount; i++)
374 stringBuilder.
AppendFormat(
"-{0}", (uint)_SubAuthorities[i]);
376 _SddlForm = stringBuilder.
ToString();
381 internal static bool IsValidTargetTypeStatic(
Type targetType)
400 return IsValidTargetTypeStatic(targetType);
407 int windowsAccountDomainSid = Win32.GetWindowsAccountDomainSid(
this, out resultSid);
408 switch (windowsAccountDomainSid)
415 throw new SystemException(Win32Native.GetMessage(windowsAccountDomainSid));
424 [SecuritySafeCritical]
427 if (!_AccountDomainSidInitialized)
429 _AccountDomainSid = GetAccountDomainSid();
430 _AccountDomainSidInitialized =
true;
432 if (_AccountDomainSid ==
null)
448 [SecuritySafeCritical]
452 if (targetType ==
null)
463 identityReferenceCollection.
Add(
this);
465 return identityReferenceCollection2[0];
477 if ((
object)left ==
null && (
object)right ==
null)
481 if ((
object)left ==
null || (
object)right ==
null)
495 return !(left == right);
507 if (IdentifierAuthority < sid.IdentifierAuthority)
511 if (IdentifierAuthority > sid.IdentifierAuthority)
515 if (SubAuthorityCount < sid.SubAuthorityCount)
519 if (SubAuthorityCount > sid.SubAuthorityCount)
523 for (
int i = 0; i < SubAuthorityCount; i++)
525 int num = GetSubAuthority(i) - sid.GetSubAuthority(i);
534 internal int GetSubAuthority(
int index)
536 return _SubAuthorities[index];
543 [SecuritySafeCritical]
546 return Win32.IsWellKnownSid(
this, type);
554 _BinaryForm.CopyTo(binaryForm, offset);
561 [SecuritySafeCritical]
564 return Win32.IsEqualDomainSid(
this, sid);
570 if (sourceSids ==
null)
574 if (sourceSids.
Count == 0)
580 SafeLsaPolicyHandle safeLsaPolicyHandle = SafeLsaPolicyHandle.InvalidHandle;
581 SafeLsaMemoryHandle referencedDomains = SafeLsaMemoryHandle.InvalidHandle;
582 SafeLsaMemoryHandle names = SafeLsaMemoryHandle.InvalidHandle;
586 foreach (IdentityReference sourceSid
in sourceSids)
589 if (securityIdentifier ==
null)
597 safeLsaPolicyHandle = Win32.LsaOpenPolicy(
null, PolicyRights.POLICY_LOOKUP_NAMES);
599 uint num2 = Win32Native.LsaLookupSids(safeLsaPolicyHandle, sourceSids.Count, array, ref referencedDomains, ref names);
604 throw new OutOfMemoryException();
606 throw new UnauthorizedAccessException();
613 int errorCode = Win32Native.LsaNtStatusToWinError((
int)num2);
614 throw new SystemException(Win32Native.GetMessage(errorCode));
619 names.Initialize((uint)sourceSids.Count, (uint)
Marshal.
SizeOf(typeof(Win32Native.LSA_TRANSLATED_NAME)));
620 Win32.InitializeReferencedDomainsPointer(referencedDomains);
621 IdentityReferenceCollection identityReferenceCollection =
new IdentityReferenceCollection(sourceSids.Count);
622 if (num2 == 0 || num2 == 263)
624 Win32Native.LSA_REFERENCED_DOMAIN_LIST lSA_REFERENCED_DOMAIN_LIST = referencedDomains.Read<Win32Native.LSA_REFERENCED_DOMAIN_LIST>(0uL);
625 string[] array3 =
new string[lSA_REFERENCED_DOMAIN_LIST.Entries];
626 for (
int i = 0; i < lSA_REFERENCED_DOMAIN_LIST.Entries; i++)
628 Win32Native.LSA_TRUST_INFORMATION lSA_TRUST_INFORMATION = (Win32Native.LSA_TRUST_INFORMATION)
Marshal.
PtrToStructure(
new IntPtr((
long)lSA_REFERENCED_DOMAIN_LIST.Domains + i *
Marshal.
SizeOf(typeof(Win32Native.LSA_TRUST_INFORMATION))), typeof(Win32Native.LSA_TRUST_INFORMATION));
629 array3[i] =
Marshal.
PtrToStringUni(lSA_TRUST_INFORMATION.Name.Buffer, (
int)lSA_TRUST_INFORMATION.Name.Length / 2);
631 Win32Native.LSA_TRANSLATED_NAME[] array4 =
new Win32Native.LSA_TRANSLATED_NAME[sourceSids.Count];
632 names.ReadArray(0uL, array4, 0, array4.Length);
633 for (
int j = 0; j < sourceSids.Count; j++)
635 Win32Native.LSA_TRANSLATED_NAME lSA_TRANSLATED_NAME = array4[j];
636 switch (lSA_TRANSLATED_NAME.Use)
644 string accountName =
Marshal.
PtrToStringUni(lSA_TRANSLATED_NAME.Name.Buffer, (
int)lSA_TRANSLATED_NAME.Name.Length / 2);
645 string domainName = array3[lSA_TRANSLATED_NAME.DomainIndex];
646 identityReferenceCollection.Add(
new NTAccount(domainName, accountName));
651 identityReferenceCollection.Add(sourceSids[j]);
658 for (
int k = 0; k < sourceSids.Count; k++)
660 identityReferenceCollection.Add(sourceSids[k]);
663 return identityReferenceCollection;
667 for (
int l = 0; l < sourceSids.Count; l++)
669 if (array2[l].IsAllocated)
674 safeLsaPolicyHandle.Dispose();
675 referencedDomains.Dispose();
681 internal static IdentityReferenceCollection
Translate(IdentityReferenceCollection sourceSids, Type targetType,
bool forceSuccess)
683 bool someFailed =
false;
684 IdentityReferenceCollection identityReferenceCollection =
Translate(sourceSids, targetType, out someFailed);
685 if (forceSuccess && someFailed)
687 IdentityReferenceCollection identityReferenceCollection2 =
new IdentityReferenceCollection();
688 foreach (IdentityReference item
in identityReferenceCollection)
690 if (item.GetType() != targetType)
692 identityReferenceCollection2.Add(item);
695 throw new IdentityNotMappedException(Environment.GetResourceString(
"IdentityReference_IdentityNotMapped"), identityReferenceCollection2);
697 return identityReferenceCollection;
701 internal static IdentityReferenceCollection
Translate(IdentityReferenceCollection sourceSids, Type targetType, out
bool someFailed)
703 if (sourceSids ==
null)
705 throw new ArgumentNullException(
"sourceSids");
707 if (targetType == typeof(NTAccount))
709 return TranslateToNTAccounts(sourceSids, out someFailed);
711 throw new ArgumentException(Environment.GetResourceString(
"IdentityReference_MustBeIdentityReference"),
"targetType");
static CultureInfo InvariantCulture
Gets the T:System.Globalization.CultureInfo object that is culture-independent (invariant).
override string Value
Returns an uppercase Security Descriptor Definition Language (SDDL) string for the security identifie...
The exception that is thrown when a null reference (Nothing in Visual Basic) is passed to a method th...
Describes a set of security permissions applied to code. This class cannot be inherited.
unsafe override string ToString()
Converts the value of this instance to a T:System.String.
Represents an identity and is the base class for the T:System.Security.Principal.NTAccount and T:Syst...
Serves as the base class for system exceptions namespace.
void Add(IdentityReference identity)
Adds an T:System.Security.Principal.IdentityReference object to the T:System.Security....
The exception that is thrown when the value of an argument is outside the allowable range of values a...
static int SizeOf(object structure)
Returns the unmanaged size of an object in bytes.
int Count
Gets the number of items in the T:System.Security.Principal.IdentityReferenceCollection collection.
override string ToString()
Returns the security identifier (SID), in Security Descriptor Definition Language (SDDL) format,...
bool IsEqualDomainSid(SecurityIdentifier sid)
Returns a value that indicates whether the security identifier (SID) represented by this T:System....
Represents a user or group account.
Defines a generalized type-specific comparison method that a value type or class implements to order ...
StringBuilder AppendFormat(string format, object arg0)
Appends the string returned by processing a composite format string, which contains zero or more form...
bool Equals(SecurityIdentifier sid)
Indicates whether the specified T:System.Security.Principal.SecurityIdentifier object is equal to the...
SecurityAction
Specifies the security actions that can be performed using declarative security.
Provides information about, and means to manipulate, the current environment and platform....
int BinaryLength
Returns the length, in bytes, of the security identifier (SID) represented by the T:System....
A platform-specific type that is used to represent a pointer or a handle.
static readonly int MaxBinaryLength
Returns the maximum size, in bytes, of the binary representation of the security identifier.
The exception that is thrown when there is not enough memory to continue the execution of a program.
Represents type declarations: class types, interface types, array types, value types,...
static GCHandle Alloc(object value)
Allocates a F:System.Runtime.InteropServices.GCHandleType.Normal handle for the specified object.
Provides a collection of methods for allocating unmanaged memory, copying unmanaged memory blocks,...
int CompareTo(SecurityIdentifier sid)
Compares the current T:System.Security.Principal.SecurityIdentifier object with the specified T:Syste...
GCHandleType
Represents the types of handles the T:System.Runtime.InteropServices.GCHandle class can allocate.
bool IsAccountSid()
Returns a value that indicates whether the security identifier (SID) represented by this T:System....
Provides a way to access a managed object from unmanaged memory.
IntPtr AddrOfPinnedObject()
Retrieves the address of an object in a F:System.Runtime.InteropServices.GCHandleType....
SecurityIdentifier(IntPtr binaryForm)
Initializes a new instance of the T:System.Security.Principal.SecurityIdentifier class by using an in...
Represents a collection of T:System.Security.Principal.IdentityReference objects and provides a means...
static bool operator==(SecurityIdentifier left, SecurityIdentifier right)
Compares two T:System.Security.Principal.SecurityIdentifier objects to determine whether they are equ...
Represents a mutable string of characters. This class cannot be inherited.To browse the ....
SecurityIdentifier AccountDomainSid
Returns the account domain security identifier (SID) portion from the SID represented by the T:System...
SecurityIdentifier(byte[] binaryForm, int offset)
Initializes a new instance of the T:System.Security.Principal.SecurityIdentifier class by using a spe...
override int GetHashCode()
Serves as a hash function for the current T:System.Security.Principal.SecurityIdentifier object....
The exception that is thrown when one of the arguments provided to a method is not valid.
void Free()
Releases a T:System.Runtime.InteropServices.GCHandle.
static unsafe string PtrToStringUni(IntPtr ptr, int len)
Allocates a managed T:System.String and copies a specified number of characters from an unmanaged Uni...
static void PtrToStructure(IntPtr ptr, object structure)
Marshals data from an unmanaged block of memory to a managed object.
void GetBinaryForm(byte[] binaryForm, int offset)
Copies the binary representation of the specified security identifier (SID) represented by the T:Syst...
SecurityIdentifier(WellKnownSidType sidType, SecurityIdentifier domainSid)
Initializes a new instance of the T:System.Security.Principal.SecurityIdentifier class by using the s...
Represents a security identifier (SID) and provides marshaling and comparison operations for SIDs.
SecurityIdentifier(string sddlForm)
Initializes a new instance of the T:System.Security.Principal.SecurityIdentifier class by using the s...
Provides information about a specific culture (called a locale for unmanaged code development)....
override bool Equals(object o)
Returns a value that indicates whether this T:System.Security.Principal.SecurityIdentifier object is ...
override bool IsValidTargetType(Type targetType)
Returns a value that indicates whether the specified type is a valid translation type for the T:Syste...
bool IsWellKnown(WellKnownSidType type)
Returns a value that indicates whether the T:System.Security.Principal.SecurityIdentifier object matc...
WellKnownSidType
Defines a set of commonly used security identifiers (SIDs).
override IdentityReference Translate(Type targetType)
Translates the account name represented by the T:System.Security.Principal.SecurityIdentifier object ...
static readonly int MinBinaryLength
Returns the minimum size, in bytes, of the binary representation of the security identifier.
static bool operator !=(SecurityIdentifier left, SecurityIdentifier right)
Compares two T:System.Security.Principal.SecurityIdentifier objects to determine whether they are not...
1.8.15