JNA 中的 Windows CredEnumerate

Question

我正在尝试使用 JNA 读取存储在 Windows 凭据管理器（控制面板 > 凭据管理器）中的凭据。 找到了它的 c 函数（ CredEnumerateW ），它似乎运行正常，因为它返回“true”，并且我能够获取存储在凭据管理器中的凭据数量（在我的代码中为 pCount.getValue()）。

问题是我不知道如何读取凭据数据。 保存凭据的结构（ _CREDENTIAL ）在内部包含其他 2 个结构（FILETIME 和 CREDENTIAL_ATTRIBUTE）。 我试图搜索类似的示例，但找不到与我的场景相符的示例。 请在下面查看我的代码。

有人可以帮我解决这个问题吗？

public class CredEnumerate {

        /*
        typedef struct _CREDENTIAL {
              DWORD                 Flags;
              DWORD                 Type;
              LPTSTR                TargetName;
              LPTSTR                Comment;
              FILETIME              LastWritten;
              DWORD                 CredentialBlobSize;
              LPBYTE                CredentialBlob;
              DWORD                 Persist;
              DWORD                 AttributeCount;
              PCREDENTIAL_ATTRIBUTE Attributes;
              LPTSTR                TargetAlias;
              LPTSTR                UserName;
            } CREDENTIAL, *PCREDENTIAL; */
        public static class _CREDENTIAL extends Structure {
            public int                      Flags;
            public int                      Type;
            public String                   TargetName;
            public String                   Comment;
            public _FILETIME                LastWritten = new _FILETIME();
            public int                      CredentialBlobSize;
            public byte                     CredentialBlob;
            public  int                     Persist;
            public int                      AttributeCount;
            public _CREDENTIAL_ATTRIBUTE    Attributes = new _CREDENTIAL_ATTRIBUTE();
            public String                   TargetAlias;
            public String                   UserName;
        }

        /*
        typedef struct _CREDENTIAL_ATTRIBUTE {
              LPTSTR Keyword;
              DWORD  Flags;
              DWORD  ValueSize;
              LPBYTE Value;
                } CREDENTIAL_ATTRIBUTE, *PCREDENTIAL_ATTRIBUTE; */
        public static class _CREDENTIAL_ATTRIBUTE extends Structure {
            public String Keyword;
            public int  Flags;
            public int  ValueSize;
            public byte Value;
        }

        /*
        typedef struct _FILETIME {
              DWORD dwLowDateTime;
              DWORD dwHighDateTime;
            } FILETIME, *PFILETIME; */
        public static class _FILETIME extends Structure {
            public int dwLowDateTime;
            public int dwHighDateTime;
        }

        /*
        BOOL CredEnumerate( 
            _In_  LPCTSTR     Filter,
            _In_  DWORD       Flags,
            _Out_ DWORD       *Count,
            _Out_ PCREDENTIAL **Credentials) */ 
        public interface Advapi32 extends StdCallLibrary {
            Advapi32 INSTANCE = (Advapi32) Native.loadLibrary("advapi32", Advapi32.class);      
            boolean CredEnumerateW(String filter, int flags, IntByReference count, PointerByReference pref);
        }

        public static void main(String[] args) {

            IntByReference pCount = new IntByReference();
            PointerByReference pCredentials = new PointerByReference();     
            boolean result = Advapi32.INSTANCE.CredEnumerateW(null, 0, pCount, pCredentials);

            System.out.println("result: " + result);
            System.out.println("number of credentials: " +  pCount.getValue()); 

            //how to read the _CREDENTIAL structure data from pCredentials?

        }

    }

Answer 1

结果对我来说，指针数组，也就是指向指针的指针，是使用 CredEnumerate 的唯一棘手的事情。 这是用 p.getPointerArray 解决的。

用 Win32 函数 CredEnumerateW 的声明

boolean CredEnumerateW(WString Filter, int Flags, IntByReference Count, // int ref
            PointerByReference pptr);

我的解决方案如下：

try {
    IntByReference count = new IntByReference();
    PointerByReference pptr = new PointerByReference();
    boolean ok = WinCrypt.INSTANCE.CredEnumerateW(null, WinCrypt.Enumerate.CRED_ENUMERATE_ALL_CREDENTIALS,
    count, pptr);
    System.out.println("count: " + count.getValue());

    CREDENTIAL[] credentials = new CREDENTIAL[count.getValue()];

    Pointer p = pptr.getValue();
    Pointer[] credPointers = p.getPointerArray(0, count.getValue());

    for (int i = 0; i < count.getValue(); i++) {
        CREDENTIAL cred = new CREDENTIAL(credPointers[i]);
        credentials[i] = cred;

        String tnameEncoded = cred.targetName.toString();
        String namespace = tnameEncoded.substring(0, tnameEncoded.indexOf(":"));
        String attributeAndTargetName = tnameEncoded.substring(tnameEncoded.indexOf(":") + 1);
        String targetName = attributeAndTargetName.substring(attributeAndTargetName.indexOf("=") + 1);

        System.out.println(namespace + " / " + targetName);

        if (namespace.indexOf("MicrosoftAccount") < 0 && namespace.indexOf("WindowsLive") < 0) {
    CREDENTIAL fullcred = readCredentials(targetName, getType(namespace), 0);
    System.out.println("  " + cred.userName);
    System.out.println("  " + fullcred.getPassword());
        }
    }

} catch (LastErrorException error) {
    int rc = error.getErrorCode();
    String errMsg = error.getMessage();
    System.out.println(rc + ": " + errMsg);
    System.exit(1);

}

并从指针地址读取凭据实现为

private static CREDENTIAL readCredentials(String targetName, int type, int flags)
throws UnsupportedEncodingException {
    try {
        PointerByReference pptr = new PointerByReference();
        boolean ok = WinCrypt.INSTANCE.CredReadW(new WString(targetName), type, flags, pptr);
        CREDENTIAL cred = new CREDENTIAL(pptr.getValue());

        return (cred);
    } catch (LastErrorException error) {
        int rc = error.getErrorCode();
        String errMsg = error.getMessage();
        System.out.println(rc + ": " + errMsg);
        throw new IllegalAccessError("cannot access windows vault for " + targetName);
    }
}

另请参阅如何在 JNA 中映射 Windows API CredWrite/CredRead？ 有关使用 Win32 凭据 API 读取/写入凭据的基础知识。