blob: 07bec66a276f80e095e15213178b99cf7c873269 [file] [log] [blame]
// Copyright 2018 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_CREDENTIAL_PROVIDER_GAIACP_SCOPED_LSA_POLICY_H_
#define CHROME_CREDENTIAL_PROVIDER_GAIACP_SCOPED_LSA_POLICY_H_
#include "base/callback.h"
#include "base/win/windows_types.h"
struct _UNICODE_STRING;
namespace credential_provider {
class FakeScopedLsaPolicyFactory;
class [[clang::lto_visibility_public]] ScopedLsaPolicy {
public:
static std::unique_ptr<ScopedLsaPolicy> Create(ACCESS_MASK mask);
virtual ~ScopedLsaPolicy();
// Methods to store, retrieve, remove and check private keyed data. This data
// is stored in protected memory in the OS that required SYSTEM account
// to decrypt.
virtual HRESULT StorePrivateData(const wchar_t* key, const wchar_t* value);
virtual HRESULT RemovePrivateData(const wchar_t* key);
virtual HRESULT RetrievePrivateData(const wchar_t* key,
wchar_t* value,
size_t length);
virtual bool PrivateDataExists(const wchar_t* key);
// Adds the given right to the given user.
virtual HRESULT AddAccountRights(PSID sid, const wchar_t* right);
// Removes the user account from the system.
virtual HRESULT RemoveAccount(PSID sid);
// Initializes an LSA_UNICODE_STRING string from the given wide string.
// A copy of the wide string is not made, so |lsa_string| must outlive
// |string|.
static void InitLsaString(const wchar_t* string, _UNICODE_STRING* lsa_string);
// Set the function used to create instances of this class in tests. This
// is used in the Create() static function.
using CreatorFunc = decltype(Create);
using CreatorCallback = base::RepeatingCallback<CreatorFunc>;
static void SetCreatorForTesting(CreatorCallback creator);
protected:
explicit ScopedLsaPolicy(ACCESS_MASK mask);
bool IsValid() const;
private:
friend class FakeScopedLsaPolicyFactory;
LSA_HANDLE handle_;
// Gets storage of the function pointer used to create instances of this
// class for tests.
static CreatorCallback* GetCreatorCallbackStorage();
};
} // namespace credential_provider
#endif // CHROME_CREDENTIAL_PROVIDER_GAIACP_SCOPED_LSA_POLICY_H_