NTFileStore: Completed implementation of SECURITY_DESCRIPTOR

SMBLibrary/NTFileStore/Structures/SecurityInformation/ACE/ACE.cs

@@ -1,4 +1,4 @@
-/* Copyright (C) 2014 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
+/* Copyright (C) 2014-2017 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
  * 
  * You can redistribute this program and/or modify it under the terms of
  * the GNU Lesser Public License as published by the Free Software Foundation,
@@ -16,6 +16,8 @@ namespace SMBLibrary
     /// </summary>
     public abstract class ACE
     {
+        public abstract void WriteBytes(byte[] buffer, ref int offset);
+
         public abstract int Length
         {
             get;

SMBLibrary/NTFileStore/Structures/SecurityInformation/ACE/AccessAllowedACE.cs

@@ -6,7 +6,6 @@
  */
 using System;
 using System.Collections.Generic;
-using System.Text;
 using Utilities;
 
 namespace SMBLibrary
@@ -16,6 +15,8 @@ namespace SMBLibrary
     /// </summary>
     public class AccessAllowedACE : ACE
     {
+        public const int FixedLength = 8;
+
         public AceHeader Header;
         public AccessMask Mask;
         public SID Sid;
@@ -33,11 +34,19 @@ namespace SMBLibrary
             Sid = new SID(buffer, offset + 8);
         }
 
+        public override void WriteBytes(byte[] buffer, ref int offset)
+        {
+            Header.AceSize = (ushort)this.Length;
+            Header.WriteBytes(buffer, ref offset);
+            LittleEndianWriter.WriteUInt32(buffer, ref offset, (uint)Mask);
+            Sid.WriteBytes(buffer, ref offset);
+        }
+
         public override int Length
         {
             get
             {
-                return 8 + Sid.Length;
+                return FixedLength + Sid.Length;
             }
         }
     }

SMBLibrary/NTFileStore/Structures/SecurityInformation/ACE/AceHeader.cs

@@ -1,4 +1,4 @@
-/* Copyright (C) 2014 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
+/* Copyright (C) 2014-2017 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
  * 
  * You can redistribute this program and/or modify it under the terms of
  * the GNU Lesser Public License as published by the Free Software Foundation,
@@ -6,7 +6,6 @@
  */
 using System;
 using System.Collections.Generic;
-using System.Text;
 using Utilities;
 
 namespace SMBLibrary
@@ -25,11 +24,19 @@ namespace SMBLibrary
         public AceHeader()
         {
         }
+
         public AceHeader(byte[] buffer, int offset)
         {
             AceType = (AceType)ByteReader.ReadByte(buffer, offset + 0);
             AceFlags = (AceFlags)ByteReader.ReadByte(buffer, offset + 1);
             AceSize = LittleEndianConverter.ToUInt16(buffer, offset + 2);
         }
+
+        public void WriteBytes(byte[] buffer, ref int offset)
+        {
+            ByteWriter.WriteByte(buffer, ref offset, (byte)AceType);
+            ByteWriter.WriteByte(buffer, ref offset, (byte)AceFlags);
+            LittleEndianWriter.WriteUInt16(buffer, ref offset, AceSize);
+        }
     }
 }

SMBLibrary/NTFileStore/Structures/SecurityInformation/ACL.cs

@@ -1,4 +1,4 @@
-/* Copyright (C) 2014 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
+/* Copyright (C) 2014-2017 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
  * 
  * You can redistribute this program and/or modify it under the terms of
  * the GNU Lesser Public License as published by the Free Software Foundation,
@@ -6,7 +6,6 @@
  */
 using System;
 using System.Collections.Generic;
-using System.Text;
 using Utilities;
 
 namespace SMBLibrary
@@ -16,26 +15,29 @@ namespace SMBLibrary
     /// </summary>
     public class ACL : List<ACE>
     {
+        public const int FixedLength = 8;
+
         public byte AclRevision;
         public byte Sbz1;
-        //ushort AclSize;
-        //ushort AceCount;
+        // ushort AclSize;
+        // ushort AceCount;
         public ushort Sbz2;
 
         public ACL()
         {
+            AclRevision = 0x02;
         }
 
         public ACL(byte[] buffer, int offset)
         {
             AclRevision = ByteReader.ReadByte(buffer, offset + 0);
             Sbz1 = ByteReader.ReadByte(buffer, offset + 1);
-            ushort AclSize = LittleEndianConverter.ToUInt16(buffer, offset + 2);
-            ushort AceCount = LittleEndianConverter.ToUInt16(buffer, offset + 4);
+            ushort aclSize = LittleEndianConverter.ToUInt16(buffer, offset + 2);
+            ushort aceCount = LittleEndianConverter.ToUInt16(buffer, offset + 4);
             Sbz2 = LittleEndianConverter.ToUInt16(buffer, offset + 6);
 
             offset += 8;
-            for (int index = 0; index < AceCount; index++)
+            for (int index = 0; index < aceCount; index++)
             {
                 ACE ace = ACE.GetAce(buffer, offset);
                 this.Add(ace);
@@ -45,14 +47,27 @@ namespace SMBLibrary
 
         public void WriteBytes(byte[] buffer, ref int offset)
         {
-            throw new NotImplementedException();
+            ByteWriter.WriteByte(buffer, ref offset, AclRevision);
+            ByteWriter.WriteByte(buffer, ref offset, Sbz1);
+            LittleEndianWriter.WriteUInt16(buffer, ref offset, (ushort)Length);
+            LittleEndianWriter.WriteUInt16(buffer, ref offset, (ushort)Count);
+            LittleEndianWriter.WriteUInt16(buffer, ref offset, Sbz2);
+            foreach (ACE ace in this)
+            {
+                ace.WriteBytes(buffer, ref offset);
+            }
         }
 
         public int Length
         {
             get
             {
-                throw new NotImplementedException();
+                int length = FixedLength;
+                foreach (ACE ace in this)
+                {
+                    length += ace.Length;
+                }
+                return length;
             }
         }
     }

SMBLibrary/NTFileStore/Structures/SecurityInformation/Enums/SecurityDescriptorControl.cs

@@ -0,0 +1,28 @@
+using System;
+
+namespace SMBLibrary
+{
+    /// <summary>
+    /// SECURITY_DESCRIPTOR_CONTROL
+    /// </summary>
+    [Flags]
+    public enum SecurityDescriptorControl : ushort
+    {
+        OwnerDefaulted = 0x0001,       // SE_OWNER_DEFAULTED
+        GroupDefaulted = 0x0002,       // SE_GROUP_DEFAULTED
+        DaclPresent = 0x0004,          // SE_DACL_PRESENT
+        DaclDefaulted = 0x0008,        // SE_DACL_DEFAULTED
+        SaclPresent = 0x0010,          // SE_SACL_PRESENT
+        SaclDefaulted = 0x0020,        // SE_SACL_DEFAULTED
+        DaclUntrusted = 0x0040,        // SE_DACL_UNTRUSTED
+        ServerSecurity = 0x0080,       // SE_SERVER_SECURITY
+        DaclAutoInheritedReq = 0x0100, // SE_DACL_AUTO_INHERIT_REQ
+        SaclAutoInheritedReq = 0x0200, // SE_SACL_AUTO_INHERIT_REQ
+        DaclAutoInherited = 0x0400,    // SE_DACL_AUTO_INHERITED
+        SaclAutoInherited = 0x0800,    // SE_SACL_AUTO_INHERITED
+        DaclProtected = 0x1000,        // SE_DACL_PROTECTED
+        SaclProtected = 0x2000,        // SE_SACL_PROTECTED
+        RMControlValid = 0x4000,       // SE_RM_CONTROL_VALID
+        SelfRelative = 0x8000,         // SE_SELF_RELATIVE
+    }
+}

SMBLibrary/NTFileStore/Structures/SecurityInformation/SID.cs

@@ -1,4 +1,4 @@
-/* Copyright (C) 2014 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
+/* Copyright (C) 2014-2017 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
  * 
  * You can redistribute this program and/or modify it under the terms of
  * the GNU Lesser Public License as published by the Free Software Foundation,
@@ -6,7 +6,6 @@
  */
 using System;
 using System.Collections.Generic;
-using System.Text;
 using Utilities;
 
 namespace SMBLibrary
@@ -16,15 +15,21 @@ namespace SMBLibrary
     /// </summary>
     public class SID
     {
+        public static readonly byte[] WORLD_SID_AUTHORITY = new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 };
+        public static readonly byte[] LOCAL_SID_AUTHORITY = new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 };
+        public static readonly byte[] CREATOR_SID_AUTHORITY = new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 };
+        public static readonly byte[] SECURITY_NT_AUTHORITY = new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x05 };
+
+        public const int FixedLength = 8;
+
         public byte Revision;
-        //byte SubAuthorityCount;
-        public byte[] IdentifierAuthority;
+        // byte SubAuthorityCount;
+        public byte[] IdentifierAuthority; // 6 bytes
         public List<uint> SubAuthority = new List<uint>();
 
         public SID()
         {
             Revision = 0x01;
-            IdentifierAuthority = new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x05 };
         }
 
         public SID(byte[] buffer, int offset)
@@ -55,7 +60,29 @@ namespace SMBLibrary
         {
             get
             {
-                return 8 + SubAuthority.Count * 4;
+                return FixedLength + SubAuthority.Count * 4;
+            }
+        }
+
+        public static SID Everyone
+        {
+            get
+            {
+                SID sid = new SID();
+                sid.IdentifierAuthority = WORLD_SID_AUTHORITY;
+                sid.SubAuthority.Add(0);
+                return sid;
+            }
+        }
+
+        public static SID LocalSystem
+        {
+            get
+            {
+                SID sid = new SID();
+                sid.IdentifierAuthority = SECURITY_NT_AUTHORITY;
+                sid.SubAuthority.Add(18);
+                return sid;
             }
         }
     }

SMBLibrary/NTFileStore/Structures/SecurityInformation/SecurityDescriptor.cs

@@ -6,7 +6,6 @@
  */
 using System;
 using System.Collections.Generic;
-using System.Text;
 using Utilities;
 
 namespace SMBLibrary
@@ -16,13 +15,15 @@ namespace SMBLibrary
     /// </summary>
     public class SecurityDescriptor
     {
+        public const int FixedLength = 20;
+
         public byte Revision;
         public byte Sbz1;
-        public ushort Control;
-        //uint OffsetOwner;
-        //uint OffsetGroup;
-        //uint OffsetSacl;
-        //uint OffsetDacl;
+        public SecurityDescriptorControl Control;
+        // uint OffsetOwner;
+        // uint OffsetGroup;
+        // uint OffsetSacl;
+        // uint OffsetDacl;
         public SID OwnerSid;
         public SID GroupSid;
         public ACL Sacl;
@@ -37,7 +38,7 @@ namespace SMBLibrary
         {
             Revision = ByteReader.ReadByte(buffer, ref offset);
             Sbz1 = ByteReader.ReadByte(buffer, ref offset);
-            Control = LittleEndianReader.ReadUInt16(buffer, ref offset);
+            Control = (SecurityDescriptorControl)LittleEndianReader.ReadUInt16(buffer, ref offset);
             uint offsetOwner = LittleEndianReader.ReadUInt32(buffer, ref offset);
             uint offsetGroup = LittleEndianReader.ReadUInt32(buffer, ref offset);
             uint offsetSacl = LittleEndianReader.ReadUInt32(buffer, ref offset);
@@ -65,14 +66,93 @@ namespace SMBLibrary
 
         public byte[] GetBytes()
         {
-            throw new NotImplementedException();
+            byte[] buffer = new byte[Length];
+            uint offsetOwner = 0;
+            uint offsetGroup = 0;
+            uint offsetSacl = 0;
+            uint offsetDacl = 0;
+            int offset = FixedLength;
+            if (OwnerSid != null)
+            {
+                offsetOwner = (uint)offset;
+                offset += OwnerSid.Length;
+            }
+
+            if (GroupSid != null)
+            {
+                offsetGroup = (uint)offset;
+                offset += GroupSid.Length;
+            }
+
+            if (Sacl != null)
+            {
+                offsetSacl = (uint)offset;
+                offset += Sacl.Length;
+            }
+
+            if (Dacl != null)
+            {
+                offsetDacl = (uint)offset;
+                offset += Dacl.Length;
+            }
+
+            offset = 0;
+            ByteWriter.WriteByte(buffer, ref offset, Revision);
+            ByteWriter.WriteByte(buffer, ref offset, Sbz1);
+            LittleEndianWriter.WriteUInt16(buffer, ref offset, (ushort)Control);
+            LittleEndianWriter.WriteUInt32(buffer, ref offset, offsetOwner);
+            LittleEndianWriter.WriteUInt32(buffer, ref offset, offsetGroup);
+            LittleEndianWriter.WriteUInt32(buffer, ref offset, offsetSacl);
+            LittleEndianWriter.WriteUInt32(buffer, ref offset, offsetDacl);
+            if (OwnerSid != null)
+            {
+                OwnerSid.WriteBytes(buffer, ref offset);
+            }
+
+            if (GroupSid != null)
+            {
+                GroupSid.WriteBytes(buffer, ref offset);
+            }
+
+            if (Sacl != null)
+            {
+                Sacl.WriteBytes(buffer, ref offset);
+            }
+
+            if (Dacl != null)
+            {
+                Dacl.WriteBytes(buffer, ref offset);
+            }
+
+            return buffer;
         }
 
         public int Length
         {
             get
             {
-                throw new NotImplementedException();
+                int length = FixedLength;
+                if (OwnerSid != null)
+                {
+                    length += OwnerSid.Length;
+                }
+
+                if (GroupSid != null)
+                {
+                    length += GroupSid.Length;
+                }
+
+                if (Sacl != null)
+                {
+                    length += Sacl.Length;
+                }
+
+                if (Dacl != null)
+                {
+                    length += Dacl.Length;
+                }
+
+                return length;
             }
         }
     }

SMBLibrary/SMBLibrary.csproj

@@ -176,6 +176,7 @@
     <Compile Include="NTFileStore\Structures\SecurityInformation\ACE\Enums\AceFlags.cs" />
     <Compile Include="NTFileStore\Structures\SecurityInformation\ACE\Enums\AceType.cs" />
     <Compile Include="NTFileStore\Structures\SecurityInformation\ACL.cs" />
+    <Compile Include="NTFileStore\Structures\SecurityInformation\Enums\SecurityDescriptorControl.cs" />
     <Compile Include="NTFileStore\Structures\SecurityInformation\SecurityDescriptor.cs" />
     <Compile Include="NTFileStore\Structures\SecurityInformation\SID.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />