def condition(self):
buff = windows.utils.BUFFER(gdef.BYTE).from_buffer_copy(
self.application_data)
resstr = gdef.LPWSTR()
winproxy.GetStringConditionFromBinary(buff, StringAceCondition=resstr)
condition = resstr.value
winproxy.LocalFree(resstr)
return condition
def to_string(self, security_information=DEFAULT_SECURITY_INFORMATION):
"""Return the SDDL representation of the security descriptor
:type: :class:`str`
"""
result_cstr = gdef.LPSTR()
winproxy.ConvertSecurityDescriptorToStringSecurityDescriptorA(
self, gdef.SDDL_REVISION_1, security_information, result_cstr,
None)
result = result_cstr.value # Retrieve a python-str copy
winproxy.LocalFree(result_cstr)
return result.decode()
def protect(data, entropy=None, flags=gdef.CRYPTPROTECT_UI_FORBIDDEN):
in_blob = gdef.DATA_BLOB.from_string(data)
out_blob = gdef.DATA_BLOB()
if entropy is not None:
entropy = gdef.DATA_BLOB.from_string(entropy)
winproxy.CryptProtectData(in_blob, pOptionalEntropy=entropy, dwFlags=flags, pDataOut=out_blob)
encrypted_data = bytes(out_blob.data)
# https://docs.microsoft.com/en-us/windows/win32/api/dpapi/nf-dpapi-cryptprotectdata
# pDataOut: A pointer to a DATA_BLOB structure that receives the encrypted data.
# When you have finished using the DATA_BLOB structure, free its pbData member by calling the LocalFree function.
winproxy.LocalFree(out_blob.pbData)
del out_blob
return encrypted_data
def __str__(self):
sid_str = LPCSTR()
winproxy.ConvertSidToStringSidA(self, sid_str)
result = sid_str.value
winproxy.LocalFree(sid_str)
return result