Hi there,
I'm trying to encrypt Files with EFS, by using functions of the advapi32
dll.
But I have problems with the function 'AddUsersToEncr yptFile'.
I have the name of the file which I want to encrypt and the accountname of
the users who should added to the file as an allowed user.
Now I try with the function 'LookupAccountN ame' to get the SID of the user,
that works fine. But now I don't know how to get the certificate of the user
and add this in a ENCRYPTION_CERT IFICATE_LIST which I can use for the
function 'AddUsersToEncr yptedFile'.
My code I have still written:
Setup:
[StructLayout(La youtKind.Sequen tial)]
internal struct ENCRYPTION_CERT IFICATE_LIST
{
internal int nUsers;
internal IntPtr pUsers;
}
[DllImport("adva pi32.dll", EntryPoint = "AddUsersToEncr yptedFile", CharSet =
CharSet.Unicode , SetLastError = true)]
private static extern bool addUsersToEncry ptedFile(string lpFilename, IntPtr
pUsers);
[DllImport("adva pi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
static extern bool LookupAccountNa me(
string lpSystemName,
string lpAccountName,
[MarshalAs(Unman agedType.LPArra y)] byte[] Sid,
ref uint cbSid,
StringBuilder ReferencedDomai nName,
ref uint cchReferencedDo mainName,
out SID_NAME_USE peUse);
Logic:
int counter = 0;
foreach (FileInfo file in files)
{
//certificates is a list of the users which have to be added
IntPtr[] iptArray = new IntPtr[certificates.Co unt];
int zaehler = 0;
foreach (CertUser u in certificates)
{
//RegName is the user accountname
string accountName = u.RegName;
byte[] Sid = null;
uint cbSid = 0;
StringBuilder referencedDomai nName = new StringBuilder() ;
uint cchReferencedDo mainName = (uint)reference dDomainName.Cap acity;
SID_NAME_USE sidUse;
int err = NO_ERROR;
if (!LookupAccount Name(null, accountName, Sid, ref cbSid,
referencedDomai nName, ref cchReferencedDo mainName, out sidUse))
{
err = Marshal.GetLast Win32Error();
if (err == ERROR_INSUFFICI ENT_BUFFER || err == ERROR_INVALID_F LAGS)
{
Sid = new byte[cbSid];
referencedDomai nName.EnsureCap acity((int)cchR eferencedDomain Name);
err = NO_ERROR;
if (!LookupAccount Name(null, accountName, Sid, ref cbSid,
referencedDomai nName, ref cchReferencedDo mainName, out sidUse))
err = Marshal.GetLast Win32Error();
}
}
int size = Marshal.SizeOf( Sid[0]) * Sid.Length;
IntPtr iptr = Marshal.AllocHG lobal(size);
Marshal.Copy(Si d, 0, iptr, Sid.Length);
iptArray[counter] = iptr;
counter++;
}
//Here I want to create the Encryption_Cert ificate_List and fill it
(needless to say it doesn't work ;-) )
IntPtr pointerAufPoint erArray =
Marshal.AllocHG lobal(Marshal.S izeOf(iptArray[0]));
Marshal.Copy(ip tArray, 0, pointerAufPoint erArray, iptArray.Length );
ENCRYPTION_CERT IFICATE_LIST ecl =
(ENCRYPTION_CER TIFICATE_LIST)M arshal.PtrToStr ucture(pointerA ufPointerArray,
typeof(ENCRYPTI ON_CERTIFICATE_ LIST));
IntPtr pEcl =
Marshal.AllocHG lobal(Marshal.S izeOf(typeof(EN CRYPTION_CERTIF ICATE_LIST)));
Marshal.Copy(po interAufPointer Array, bla.ToArray(), 0,
Marshal.SizeOf( typeof(ENCRYPTI ON_CERTIFICATE_ LIST)));
addUsersToEncry ptedFile(file.F ullName.ToStrin g(), pEcl);
}
Thanks in advance for your help!
Kind regards
Silke
I'm trying to encrypt Files with EFS, by using functions of the advapi32
dll.
But I have problems with the function 'AddUsersToEncr yptFile'.
I have the name of the file which I want to encrypt and the accountname of
the users who should added to the file as an allowed user.
Now I try with the function 'LookupAccountN ame' to get the SID of the user,
that works fine. But now I don't know how to get the certificate of the user
and add this in a ENCRYPTION_CERT IFICATE_LIST which I can use for the
function 'AddUsersToEncr yptedFile'.
My code I have still written:
Setup:
[StructLayout(La youtKind.Sequen tial)]
internal struct ENCRYPTION_CERT IFICATE_LIST
{
internal int nUsers;
internal IntPtr pUsers;
}
[DllImport("adva pi32.dll", EntryPoint = "AddUsersToEncr yptedFile", CharSet =
CharSet.Unicode , SetLastError = true)]
private static extern bool addUsersToEncry ptedFile(string lpFilename, IntPtr
pUsers);
[DllImport("adva pi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
static extern bool LookupAccountNa me(
string lpSystemName,
string lpAccountName,
[MarshalAs(Unman agedType.LPArra y)] byte[] Sid,
ref uint cbSid,
StringBuilder ReferencedDomai nName,
ref uint cchReferencedDo mainName,
out SID_NAME_USE peUse);
Logic:
int counter = 0;
foreach (FileInfo file in files)
{
//certificates is a list of the users which have to be added
IntPtr[] iptArray = new IntPtr[certificates.Co unt];
int zaehler = 0;
foreach (CertUser u in certificates)
{
//RegName is the user accountname
string accountName = u.RegName;
byte[] Sid = null;
uint cbSid = 0;
StringBuilder referencedDomai nName = new StringBuilder() ;
uint cchReferencedDo mainName = (uint)reference dDomainName.Cap acity;
SID_NAME_USE sidUse;
int err = NO_ERROR;
if (!LookupAccount Name(null, accountName, Sid, ref cbSid,
referencedDomai nName, ref cchReferencedDo mainName, out sidUse))
{
err = Marshal.GetLast Win32Error();
if (err == ERROR_INSUFFICI ENT_BUFFER || err == ERROR_INVALID_F LAGS)
{
Sid = new byte[cbSid];
referencedDomai nName.EnsureCap acity((int)cchR eferencedDomain Name);
err = NO_ERROR;
if (!LookupAccount Name(null, accountName, Sid, ref cbSid,
referencedDomai nName, ref cchReferencedDo mainName, out sidUse))
err = Marshal.GetLast Win32Error();
}
}
int size = Marshal.SizeOf( Sid[0]) * Sid.Length;
IntPtr iptr = Marshal.AllocHG lobal(size);
Marshal.Copy(Si d, 0, iptr, Sid.Length);
iptArray[counter] = iptr;
counter++;
}
//Here I want to create the Encryption_Cert ificate_List and fill it
(needless to say it doesn't work ;-) )
IntPtr pointerAufPoint erArray =
Marshal.AllocHG lobal(Marshal.S izeOf(iptArray[0]));
Marshal.Copy(ip tArray, 0, pointerAufPoint erArray, iptArray.Length );
ENCRYPTION_CERT IFICATE_LIST ecl =
(ENCRYPTION_CER TIFICATE_LIST)M arshal.PtrToStr ucture(pointerA ufPointerArray,
typeof(ENCRYPTI ON_CERTIFICATE_ LIST));
IntPtr pEcl =
Marshal.AllocHG lobal(Marshal.S izeOf(typeof(EN CRYPTION_CERTIF ICATE_LIST)));
Marshal.Copy(po interAufPointer Array, bla.ToArray(), 0,
Marshal.SizeOf( typeof(ENCRYPTI ON_CERTIFICATE_ LIST)));
addUsersToEncry ptedFile(file.F ullName.ToStrin g(), pEcl);
}
Thanks in advance for your help!
Kind regards
Silke