chrome/credential_provider/gaiacp/scoped_lsa_policy.h - chromium/src - Git at Google

 // Copyright 2018 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef CHROME_CREDENTIAL_PROVIDER_GAIACP_SCOPED_LSA_POLICY_H_
 #define CHROME_CREDENTIAL_PROVIDER_GAIACP_SCOPED_LSA_POLICY_H_

 #include "base/callback.h"
 #include "base/win/windows_types.h"

 struct _UNICODE_STRING;

 namespace credential_provider {

 class FakeScopedLsaPolicyFactory;

 class [[clang::lto_visibility_public]] ScopedLsaPolicy {
  public:
   static std::unique_ptr<ScopedLsaPolicy> Create(ACCESS_MASK mask);

   virtual ~ScopedLsaPolicy();

   // Methods to store, retrieve, and remove private keyed data.  This data
   // is stored in protected memory in the OS that required SYSTEM account
   // to decrypt.
   virtual HRESULT StorePrivateData(const wchar_t* key, const wchar_t* value);
   virtual HRESULT RemovePrivateData(const wchar_t* key);
   virtual HRESULT RetrievePrivateData(const wchar_t* key,
                                       wchar_t* value,
                                       size_t length);

   // Adds the given right to the given user.
   virtual HRESULT AddAccountRights(PSID sid, const wchar_t* right);

   // Removes the user account from the system.
   virtual HRESULT RemoveAccount(PSID sid);

   // Initializes an LSA_UNICODE_STRING string from the given wide string.
   // A copy of the wide string is not made, so |lsa_string| must outlive
   // |string|.
   static void InitLsaString(const wchar_t* string, _UNICODE_STRING* lsa_string);

   // Set the function used to create instances of this class in tests.  This
   // is used in the Create() static function.
   using CreatorFunc = decltype(Create);
   using CreatorCallback = base::RepeatingCallback<CreatorFunc>;
   static void SetCreatorForTesting(CreatorCallback creator);

  protected:
   explicit ScopedLsaPolicy(ACCESS_MASK mask);

   bool IsValid() const;

  private:
   friend class FakeScopedLsaPolicyFactory;

   LSA_HANDLE handle_;

   // Gets storage of the function pointer used to create instances of this
   // class for tests.
   static CreatorCallback* GetCreatorCallbackStorage();
 };

 }  // namespace credential_provider

 #endif  // CHROME_CREDENTIAL_PROVIDER_GAIACP_SCOPED_LSA_POLICY_H_
	// Copyright 2018 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef CHROME_CREDENTIAL_PROVIDER_GAIACP_SCOPED_LSA_POLICY_H_
	#define CHROME_CREDENTIAL_PROVIDER_GAIACP_SCOPED_LSA_POLICY_H_

	#include "base/callback.h"
	#include "base/win/windows_types.h"

	struct _UNICODE_STRING;

	namespace credential_provider {

	class FakeScopedLsaPolicyFactory;

	class [[clang::lto_visibility_public]] ScopedLsaPolicy {
	public:
	static std::unique_ptr<ScopedLsaPolicy> Create(ACCESS_MASK mask);

	virtual ~ScopedLsaPolicy();

	// Methods to store, retrieve, and remove private keyed data. This data
	// is stored in protected memory in the OS that required SYSTEM account
	// to decrypt.
	virtual HRESULT StorePrivateData(const wchar_t* key, const wchar_t* value);
	virtual HRESULT RemovePrivateData(const wchar_t* key);
	virtual HRESULT RetrievePrivateData(const wchar_t* key,
	wchar_t* value,
	size_t length);

	// Adds the given right to the given user.
	virtual HRESULT AddAccountRights(PSID sid, const wchar_t* right);

	// Removes the user account from the system.
	virtual HRESULT RemoveAccount(PSID sid);

	// Initializes an LSA_UNICODE_STRING string from the given wide string.
	// A copy of the wide string is not made, so \|lsa_string\| must outlive
	// \|string\|.
	static void InitLsaString(const wchar_t* string, _UNICODE_STRING* lsa_string);

	// Set the function used to create instances of this class in tests. This
	// is used in the Create() static function.
	using CreatorFunc = decltype(Create);
	using CreatorCallback = base::RepeatingCallback<CreatorFunc>;
	static void SetCreatorForTesting(CreatorCallback creator);

	protected:
	explicit ScopedLsaPolicy(ACCESS_MASK mask);

	bool IsValid() const;

	private:
	friend class FakeScopedLsaPolicyFactory;

	LSA_HANDLE handle_;

	// Gets storage of the function pointer used to create instances of this
	// class for tests.
	static CreatorCallback* GetCreatorCallbackStorage();
	};

	} // namespace credential_provider

	#endif // CHROME_CREDENTIAL_PROVIDER_GAIACP_SCOPED_LSA_POLICY_H_