diff --git a/build/WinStd.vcxproj b/build/WinStd.vcxproj
index d03f1eb2..03fa496d 100644
--- a/build/WinStd.vcxproj
+++ b/build/WinStd.vcxproj
@@ -77,6 +77,7 @@
+
Create
Create
diff --git a/build/WinStd.vcxproj.filters b/build/WinStd.vcxproj.filters
index b6f30e9f..3305e639 100644
--- a/build/WinStd.vcxproj.filters
+++ b/build/WinStd.vcxproj.filters
@@ -32,6 +32,9 @@
Source Files
+
+ Source Files
+
diff --git a/include/WinStd/Sec.h b/include/WinStd/Sec.h
index e00b4ef6..55e862f2 100644
--- a/include/WinStd/Sec.h
+++ b/include/WinStd/Sec.h
@@ -26,6 +26,25 @@
template BOOLEAN GetUserNameExA(_In_ EXTENDED_NAME_FORMAT NameFormat, _Out_ std::basic_string<_Elem, _Traits, _Ax> &sName);
template BOOLEAN GetUserNameExW(_In_ EXTENDED_NAME_FORMAT NameFormat, _Out_ std::basic_string<_Elem, _Traits, _Ax> &sName);
+namespace winstd
+{
+ class WINSTD_API sec_credentials;
+ class WINSTD_API sec_context;
+ class WINSTD_API sec_buffer_desc;
+
+ ///
+ /// \defgroup WinStdExceptions Exceptions
+ /// Additional exceptions
+ ///
+ /// @{
+
+ ///
+ /// COM runtime error
+ ///
+ typedef num_runtime_error sec_runtime_error;
+
+ /// @}
+}
#pragma once
@@ -104,3 +123,239 @@ BOOLEAN GetUserNameExW(_In_ EXTENDED_NAME_FORMAT NameFormat, _Out_ std::basic_st
}
/// @}
+
+
+namespace winstd
+{
+ /// \addtogroup WinStdSecurityAPI
+ /// @{
+
+ class WINSTD_API sec_credentials : public handle
+ {
+ public:
+ ///
+ /// Initializes a new class instance with the object handle set to NULL.
+ ///
+ inline sec_credentials() : handle()
+ {
+ m_expires.QuadPart = -1;
+ }
+
+ ///
+ /// Move constructor
+ ///
+ /// \param[inout] h A rvalue reference of another object
+ ///
+ inline sec_credentials(_Inout_ sec_credentials &&h) :
+ m_expires(std::move(h.m_expires)),
+ handle(std::move(h))
+ {
+ }
+
+ ///
+ /// Frees the security credentials.
+ ///
+ /// \sa [FreeCredentialsHandle function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375417.aspx)
+ ///
+ virtual ~sec_credentials();
+
+ ///
+ /// Move assignment
+ ///
+ /// \param[inout] h A rvalue reference of another object
+ ///
+ sec_credentials& operator=(_Inout_ sec_credentials &&h)
+ {
+ if (this != std::addressof(h)) {
+ *(handle*)this = std::move(h);
+ m_expires = std::move(h.m_expires);
+ }
+ return *this;
+ }
+
+ ///
+ /// Acquires the security credentials.
+ ///
+ /// \return
+ /// - \c SEC_E_OK when succeeds;
+ /// - Error code when fails.
+ ///
+ /// \sa [AcquireCredentialsHandle (General) function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa374712.aspx)
+ ///
+ inline SECURITY_STATUS acquire(
+ _In_opt_ LPTSTR pszPrincipal,
+ _In_ LPTSTR pszPackage,
+ _In_ unsigned long fCredentialUse,
+ _In_opt_ void *pvLogonId,
+ _In_opt_ void *pAuthData,
+ _In_opt_ SEC_GET_KEY_FN pGetKeyFn = NULL,
+ _In_opt_ void *pvGetKeyArgument = NULL)
+ {
+ handle_type h = new CredHandle;
+ TimeStamp exp;
+ SECURITY_STATUS res = AcquireCredentialsHandle(pszPrincipal, pszPackage, fCredentialUse, pvLogonId, pAuthData, pGetKeyFn, pvGetKeyArgument, h, &exp);
+ if (SUCCEEDED(res)) {
+ attach(h);
+ m_expires = exp;
+ } else
+ delete h;
+ return res;
+ }
+
+ protected:
+ ///
+ /// Frees the security credentials.
+ ///
+ /// \sa [FreeCredentialsHandle function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375417.aspx)
+ ///
+ virtual void free_internal();
+
+ private:
+ // This class is noncopyable.
+ sec_credentials(_In_ const sec_credentials &h);
+ sec_credentials& operator=(_In_ const sec_credentials &h);
+
+ public:
+ TimeStamp m_expires; ///< Credentials expiration time
+ };
+
+
+ class WINSTD_API sec_context : public handle
+ {
+ public:
+ ///
+ /// Initializes a new class instance with the object handle set to NULL.
+ ///
+ inline sec_context() :
+ m_attrib(0),
+ handle()
+ {
+ m_expires.QuadPart = -1;
+ }
+
+ ///
+ /// Move constructor
+ ///
+ /// \param[inout] h A rvalue reference of another object
+ ///
+ inline sec_context(_Inout_ sec_context &&h) :
+ m_attrib (std::move(h.m_attrib )),
+ m_expires(std::move(h.m_expires)),
+ handle(std::move(h))
+ {
+ }
+
+ ///
+ /// Frees the security context.
+ ///
+ /// \sa [DeleteSecurityContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375354.aspx)
+ ///
+ virtual ~sec_context();
+
+ ///
+ /// Move assignment
+ ///
+ /// \param[inout] h A rvalue reference of another object
+ ///
+ sec_context& operator=(_Inout_ sec_context &&h)
+ {
+ if (this != std::addressof(h)) {
+ *(handle*)this = std::move(h);
+ m_attrib = std::move(h.m_attrib);
+ m_expires = std::move(h.m_expires);
+ }
+ return *this;
+ }
+
+ ///
+ /// Initializes security context.
+ ///
+ /// \return
+ /// - \c SEC_E_OK when succeeds;
+ /// - Error code when fails.
+ ///
+ /// \sa [InitializeSecurityContext (General) function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375506.aspx)
+ ///
+ inline SECURITY_STATUS initialize(
+ _In_opt_ PCredHandle phCredential,
+ _In_opt_ LPCTSTR pszTargetName,
+ _In_ ULONG fContextReq,
+ _In_ ULONG TargetDataRep,
+ _In_opt_ PSecBufferDesc pInput,
+ _Inout_opt_ PSecBufferDesc pOutput)
+ {
+ handle_type h = new CtxtHandle;
+ ULONG attr;
+ TimeStamp exp;
+ SECURITY_STATUS res = InitializeSecurityContext(phCredential, NULL, (LPTSTR)pszTargetName, fContextReq, 0, TargetDataRep, pInput, 0, h, pOutput, &attr, &exp);
+ if (SUCCEEDED(res)) {
+ attach(h);
+ m_attrib = attr;
+ m_expires = exp;
+ } else
+ delete h;
+ return res;
+ }
+
+ ///
+ /// Continue security context.
+ ///
+ /// \return
+ /// - \c SEC_E_OK when succeeds;
+ /// - Error code when fails.
+ ///
+ /// \sa [InitializeSecurityContext (General) function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375506.aspx)
+ ///
+ inline SECURITY_STATUS process(
+ _In_opt_ PCredHandle phCredential,
+ _In_opt_ LPCTSTR pszTargetName,
+ _In_ ULONG fContextReq,
+ _In_ ULONG TargetDataRep,
+ _In_opt_ PSecBufferDesc pInput,
+ _Inout_opt_ PSecBufferDesc pOutput)
+ {
+ return InitializeSecurityContext(phCredential, m_h, (LPTSTR)pszTargetName, fContextReq, 0, TargetDataRep, pInput, 0, NULL, pOutput, &m_attrib, &m_expires);
+ }
+
+ protected:
+ ///
+ /// Frees the security context.
+ ///
+ /// \sa [DeleteSecurityContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375354.aspx)
+ ///
+ virtual void free_internal();
+
+ private:
+ // This class is noncopyable.
+ sec_context(_In_ const sec_context &h);
+ sec_context& operator=(_In_ const sec_context &h);
+
+ public:
+ ULONG m_attrib; ///< Context attributes
+ TimeStamp m_expires; ///< Context expiration time
+ };
+
+
+ class WINSTD_API sec_buffer_desc : public SecBufferDesc
+ {
+ public:
+ ///
+ /// Initializes security buffer descriptor.
+ ///
+ inline sec_buffer_desc(_Inout_count_(count) PSecBuffer buf, ULONG count, _In_ ULONG version = SECBUFFER_VERSION)
+ {
+ ulVersion = version;
+ cBuffers = count;
+ pBuffers = buf;
+ }
+
+ ///
+ /// Frees the security buffer descriptor.
+ ///
+ /// \sa [FreeContextBuffer function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa375416.aspx)
+ ///
+ virtual ~sec_buffer_desc();
+ };
+
+ /// @}
+}
diff --git a/src/Sec.cpp b/src/Sec.cpp
new file mode 100644
index 00000000..43bd2981
--- /dev/null
+++ b/src/Sec.cpp
@@ -0,0 +1,77 @@
+/*
+ Copyright 1991-2016 Amebis
+ Copyright 2016 GÉANT
+
+ This file is part of WinStd.
+
+ Setup is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ Setup is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with Setup. If not, see .
+*/
+
+#include "StdAfx.h"
+
+#if defined(SECURITY_WIN32) || defined(SECURITY_KERNEL) || defined(SECURITY_MAC)
+
+//////////////////////////////////////////////////////////////////////
+// winstd::sec_credentials
+//////////////////////////////////////////////////////////////////////
+
+winstd::sec_credentials::~sec_credentials()
+{
+ if (m_h) {
+ FreeCredentialsHandle(m_h);
+ delete m_h;
+ }
+}
+
+
+void winstd::sec_credentials::free_internal()
+{
+ FreeCredentialsHandle(m_h);
+ delete m_h;
+}
+
+
+//////////////////////////////////////////////////////////////////////
+// winstd::sec_context
+//////////////////////////////////////////////////////////////////////
+
+winstd::sec_context::~sec_context()
+{
+ if (m_h) {
+ DeleteSecurityContext(m_h);
+ delete m_h;
+ }
+}
+
+
+void winstd::sec_context::free_internal()
+{
+ DeleteSecurityContext(m_h);
+ delete m_h;
+}
+
+
+//////////////////////////////////////////////////////////////////////
+// winstd::sec_buffer_desc
+//////////////////////////////////////////////////////////////////////
+
+winstd::sec_buffer_desc::~sec_buffer_desc()
+{
+ for (ULONG i = 0; i < cBuffers; i++) {
+ if (pBuffers[i].pvBuffer)
+ FreeContextBuffer(pBuffers[i].pvBuffer);
+ }
+}
+
+#endif