def notify_cmdline(self):
path = gdef.LPWSTR()
params = gdef.LPWSTR()
self.GetNotifyCmdLine(path, params)
strpath, strparams = path.value, params.value
windows.winproxy.CoTaskMemFree(path)
windows.winproxy.CoTaskMemFree(params)
return strpath, strparams
def proxy_settings(self):
ProxyUsage = gdef.BG_JOB_PROXY_USAGE()
ProxyList = gdef.LPWSTR()
ProxyBypassList = gdef.LPWSTR()
self.GetProxySettings(ProxyUsage, ProxyList, ProxyBypassList)
result = ProxyUsage.value, ProxyList.value, ProxyBypassList.value
windows.winproxy.CoTaskMemFree(ProxyList)
windows.winproxy.CoTaskMemFree(ProxyBypassList)
return result
def __init__(self,
filename,
content_type=gdef.CERT_QUERY_CONTENT_FLAG_ALL):
# No other API than filename for now..
self.filename = filename
dwEncoding = gdef.DWORD()
dwContentType = gdef.DWORD()
dwFormatType = gdef.DWORD()
hStore = CertificateStore()
hMsg = windows.crypto.CryptMessage()
winproxy.CryptQueryObject(
gdef.CERT_QUERY_OBJECT_FILE,
gdef.LPWSTR(filename),
# filename,
content_type,
gdef.CERT_QUERY_FORMAT_FLAG_BINARY,
0,
dwEncoding,
dwContentType,
dwFormatType,
hStore,
hMsg,
None)
self.cert_store = hStore if hStore else None
"""The :class:`CertificateStore` that includes all of the certificates, CRLs, and CTLs in the object"""
self.crypt_msg = hMsg if hMsg else None #: yolo
"""The :class:`CryptMessage` for any ``PKCS7`` content in the object"""
self.encoding = dwEncoding
self.content_type = CRYPT_OBJECT_FORMAT_TYPE_DICT[dwContentType.value]
"""The type of the opened message"""
def __init__(self,
filename,
content_type=gdef.CERT_QUERY_CONTENT_FLAG_ALL):
# No other API than filename for now..
self.filename = filename
dwEncoding = gdef.DWORD()
dwContentType = gdef.DWORD()
dwFormatType = gdef.DWORD()
hStore = EHCERTSTORE()
hMsg = windows.crypto.cryptmsg.CryptMessage()
winproxy.CryptQueryObject(
gdef.CERT_QUERY_OBJECT_FILE,
gdef.LPWSTR(filename),
# filename,
content_type,
gdef.CERT_QUERY_FORMAT_FLAG_BINARY,
0,
dwEncoding,
dwContentType,
dwFormatType,
hStore,
hMsg,
None)
self.cert_store = hStore if hStore else None
self.crypt_msg = hMsg if hMsg else None
self.encoding = dwEncoding
self.content_type = CRYPT_OBJECT_FORMAT_TYPE_DICT.get(
dwContentType.value, dwContentType)
def condition(self):
buff = windows.utils.BUFFER(gdef.BYTE).from_buffer_copy(
self.application_data)
resstr = gdef.LPWSTR()
winproxy.GetStringConditionFromBinary(buff, StringAceCondition=resstr)
condition = resstr.value
winproxy.LocalFree(resstr)
return condition
def get_raw_values(self, values, flags=gdef.EvtRenderContextValues):
nbelt = len(values)
pwstr_values = tuple(gdef.LPWSTR(v) for v in values)
pwstr_rarray = (gdef.LPWSTR * nbelt)(*pwstr_values)
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa385352(v=vs.85).aspx
# An array of XPath expressions that uniquely identify a node or attribute in the event that you want to render.
# Each value will return 1 node :)
ctx = windows.winproxy.EvtCreateRenderContext(nbelt, pwstr_rarray, gdef.EvtRenderContextValues)
result = self.render(ctx, gdef.EvtRenderEventValues)
return list(result)
def name(self):
return gdef.LPWSTR(
ctypes.addressof(self) + type(self).StreamName.offset).value
def name(self):
return gdef.LPWSTR(ctypes.addressof(self) + self.Name).value
def retrieve_wstr_from_addr(addr):
return gdef.LPWSTR(addr).value
def temporary_name(self):
name = gdef.LPWSTR()
self.GetTemporaryName(name)
data = name.value
windows.winproxy.CoTaskMemFree(name)
return data
def remote_name(self):
name = gdef.LPWSTR()
self.GetRemoteName(name)
data = name.value
windows.winproxy.CoTaskMemFree(name)
return data
def local_name(self):
name = gdef.LPWSTR()
self.GetLocalName(name)
data = name.value
windows.winproxy.CoTaskMemFree(name)
return data
def description(self):
descr = gdef.LPWSTR()
self.GetDescription(descr)
data = descr.value
windows.winproxy.CoTaskMemFree(descr)
return data
def name(self):
descr = gdef.LPWSTR()
self.GetDisplayName(descr)
data = descr.value
windows.winproxy.CoTaskMemFree(descr)
return data
def owner(self):
owner = gdef.LPWSTR()
self.GetOwner(owner)
data = owner.value
windows.winproxy.CoTaskMemFree(owner)
return data
