From ad2d67e680eaa8c5ce9caee6a424ec464daa4440 Mon Sep 17 00:00:00 2001
From: Simon Rozman <simon@rozman.si>
Date: Mon, 17 Oct 2022 14:19:55 +0200
Subject: [PATCH] Add AllocateAndInitializeSid()

Signed-off-by: Simon Rozman <simon@rozman.si>
---
 UnitTests/Win.cpp    | 14 ++++++++++++++
 include/WinStd/Win.h | 15 +++++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/UnitTests/Win.cpp b/UnitTests/Win.cpp
index 0db67539..2677eb80 100644
--- a/UnitTests/Win.cpp
+++ b/UnitTests/Win.cpp
@@ -80,5 +80,19 @@ namespace UnitTests
 			else
 				Assert::IsTrue(!system_impersonator && GetLastError() == ERROR_ACCESS_DENIED);
 		}
+
+		TEST_METHOD(AllocateAndInitializeSid)
+		{
+			SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;
+			winstd::security_id pSIDEveryone;
+			Assert::IsTrue(::AllocateAndInitializeSid(&SIDAuthWorld, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, pSIDEveryone));
+
+			SID_IDENTIFIER_AUTHORITY SIDAuthNT = SECURITY_NT_AUTHORITY;
+			winstd::security_id pSIDSystem;
+			Assert::IsTrue(::AllocateAndInitializeSid(&SIDAuthNT, 1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, pSIDSystem));
+
+			winstd::security_id pSIDAdmin;
+			Assert::IsTrue(::AllocateAndInitializeSid(&SIDAuthNT, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, pSIDAdmin));
+		}
 	};
 }
diff --git a/include/WinStd/Win.h b/include/WinStd/Win.h
index 32485b83..e5c9c9bf 100644
--- a/include/WinStd/Win.h
+++ b/include/WinStd/Win.h
@@ -2429,6 +2429,21 @@ static BOOL DuplicateTokenEx(_In_ HANDLE hExistingToken, _In_ DWORD dwDesiredAcc
     return FALSE;
 }
 
+///
+/// Allocates and initializes a security identifier (SID) with up to eight subauthorities.
+///
+/// \sa [AllocateAndInitializeSid function](https://learn.microsoft.com/en-us/windows/win32/api/securitybaseapi/nf-securitybaseapi-allocateandinitializesid)
+///
+static BOOL AllocateAndInitializeSid(_In_ PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, _In_ BYTE nSubAuthorityCount, _In_ DWORD nSubAuthority0, _In_ DWORD nSubAuthority1, _In_ DWORD nSubAuthority2, _In_ DWORD nSubAuthority3, _In_ DWORD nSubAuthority4, _In_ DWORD nSubAuthority5, _In_ DWORD nSubAuthority6, _In_ DWORD nSubAuthority7, _Inout_ winstd::security_id& Sid)
+{
+    PSID h;
+    if (AllocateAndInitializeSid(pIdentifierAuthority, nSubAuthorityCount, nSubAuthority0, nSubAuthority1, nSubAuthority2, nSubAuthority3, nSubAuthority4, nSubAuthority5, nSubAuthority6, nSubAuthority7, &h)) {
+        Sid.attach(h);
+        return TRUE;
+    }
+    return FALSE;
+}
+
 #pragma warning(pop)
 
 /// @}