use of com.sun.jna.platform.win32.WinDef.BYTE in project jna by java-native-access.
the class Advapi32Test method testReadEncryptedFileRaw.
public void testReadEncryptedFileRaw() throws Exception {
// create an encrypted file
File file = createTempFile();
String lpFileName = file.getAbsolutePath();
assertTrue("EncryptFile(" + lpFileName + ")", Advapi32.INSTANCE.EncryptFile(lpFileName));
// open file for export
ULONG ulFlags = new ULONG(0);
PointerByReference pvContext = new PointerByReference();
assertEquals(W32Errors.ERROR_SUCCESS, Advapi32.INSTANCE.OpenEncryptedFileRaw(lpFileName, ulFlags, pvContext));
// read encrypted file
final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
FE_EXPORT_FUNC pfExportCallback = new FE_EXPORT_FUNC() {
@Override
public DWORD callback(Pointer pbData, Pointer pvCallbackContext, ULONG ulLength) {
if (pbData == null) {
throw new NullPointerException("Callback data unexpectedly missing");
}
byte[] arr = pbData.getByteArray(0, ulLength.intValue());
try {
outputStream.write(arr);
} catch (IOException e) {
throw new RuntimeException(e);
}
return new DWORD(W32Errors.ERROR_SUCCESS);
}
};
assertEquals(W32Errors.ERROR_SUCCESS, Advapi32.INSTANCE.ReadEncryptedFileRaw(pfExportCallback, null, pvContext.getValue()));
outputStream.close();
Advapi32.INSTANCE.CloseEncryptedFileRaw(pvContext.getValue());
file.delete();
}
use of com.sun.jna.platform.win32.WinDef.BYTE in project jna by java-native-access.
the class Advapi32Test method testRegSetValueEx_DWORD.
public void testRegSetValueEx_DWORD() {
HKEYByReference phKey = new HKEYByReference();
// create parent key
assertEquals(W32Errors.ERROR_SUCCESS, Advapi32.INSTANCE.RegOpenKeyEx(WinReg.HKEY_CURRENT_USER, "Software", 0, WinNT.KEY_WRITE | WinNT.KEY_READ, phKey));
HKEYByReference phkTest = new HKEYByReference();
IntByReference lpdwDisposition = new IntByReference();
assertEquals(W32Errors.ERROR_SUCCESS, Advapi32.INSTANCE.RegCreateKeyEx(phKey.getValue(), "JNAAdvapi32Test", 0, null, 0, WinNT.KEY_ALL_ACCESS, null, phkTest, lpdwDisposition));
// write a REG_DWORD value
int value = 42145;
byte[] data = new byte[4];
data[0] = (byte) (value & 0xff);
data[1] = (byte) ((value >> 8) & 0xff);
data[2] = (byte) ((value >> 16) & 0xff);
data[3] = (byte) ((value >> 24) & 0xff);
assertEquals(W32Errors.ERROR_SUCCESS, Advapi32.INSTANCE.RegSetValueEx(phkTest.getValue(), "DWORD", 0, WinNT.REG_DWORD, data, 4));
// re-read the REG_DWORD value
IntByReference lpType = new IntByReference();
IntByReference lpcbData = new IntByReference();
assertEquals(W32Errors.ERROR_SUCCESS, Advapi32.INSTANCE.RegQueryValueEx(phkTest.getValue(), "DWORD", 0, lpType, (char[]) null, lpcbData));
assertEquals(WinNT.REG_DWORD, lpType.getValue());
assertEquals(4, lpcbData.getValue());
IntByReference valueRead = new IntByReference();
assertEquals(W32Errors.ERROR_SUCCESS, Advapi32.INSTANCE.RegQueryValueEx(phkTest.getValue(), "DWORD", 0, lpType, valueRead, lpcbData));
assertEquals(value, valueRead.getValue());
// delete the test key
assertEquals(W32Errors.ERROR_SUCCESS, Advapi32.INSTANCE.RegCloseKey(phkTest.getValue()));
assertEquals(W32Errors.ERROR_SUCCESS, Advapi32.INSTANCE.RegDeleteKey(phKey.getValue(), "JNAAdvapi32Test"));
assertEquals(W32Errors.ERROR_SUCCESS, Advapi32.INSTANCE.RegCloseKey(phKey.getValue()));
}
use of com.sun.jna.platform.win32.WinDef.BYTE in project jna by java-native-access.
the class Advapi32Test method testReportEvent.
public void testReportEvent() {
String applicationEventLog = "SYSTEM\\CurrentControlSet\\Services\\EventLog\\Application";
String jnaEventSource = "JNADevEventSource";
String jnaEventSourceRegistryPath = applicationEventLog + "\\" + jnaEventSource;
// ignore test if not able to create key (need to be administrator to do this).
try {
final boolean keyCreated = Advapi32Util.registryCreateKey(WinReg.HKEY_LOCAL_MACHINE, jnaEventSourceRegistryPath);
if (!keyCreated) {
return;
}
} catch (Win32Exception e) {
return;
}
HANDLE h = Advapi32.INSTANCE.RegisterEventSource(null, jnaEventSource);
IntByReference before = new IntByReference();
assertTrue(Advapi32.INSTANCE.GetNumberOfEventLogRecords(h, before));
assertNotNull(h);
String[] s = { "JNA", "Event" };
Memory m = new Memory(4);
m.setByte(0, (byte) 1);
m.setByte(1, (byte) 2);
m.setByte(2, (byte) 3);
m.setByte(3, (byte) 4);
assertTrue(Advapi32.INSTANCE.ReportEvent(h, WinNT.EVENTLOG_ERROR_TYPE, 0, 0, null, 2, 4, s, m));
IntByReference after = new IntByReference();
assertTrue(Advapi32.INSTANCE.GetNumberOfEventLogRecords(h, after));
assertTrue(before.getValue() < after.getValue());
assertFalse(h.equals(WinBase.INVALID_HANDLE_VALUE));
assertTrue(Advapi32.INSTANCE.DeregisterEventSource(h));
Advapi32Util.registryDeleteKey(WinReg.HKEY_LOCAL_MACHINE, jnaEventSourceRegistryPath);
}
use of com.sun.jna.platform.win32.WinDef.BYTE in project jna by java-native-access.
the class WevtapiTest method testReadEvents.
public void testReadEvents() throws Exception {
EVT_HANDLE queryHandle = null;
EVT_HANDLE contextHandle = null;
File testEvtx = new File(getClass().getResource("/res/WevtapiTest.sample1.evtx").toURI());
StringBuilder sb = new StringBuilder();
try {
// test EvtQuery
queryHandle = Wevtapi.INSTANCE.EvtQuery(null, testEvtx.getPath(), null, Winevt.EVT_QUERY_FLAGS.EvtQueryFilePath);
// test EvtCreateRenderContext
String[] targets = { "Event/System/Provider/@Name", "Event/System/EventRecordID", "Event/System/EventID", "Event/EventData/Data", "Event/System/TimeCreated/@SystemTime" };
contextHandle = Wevtapi.INSTANCE.EvtCreateRenderContext(targets.length, targets, Winevt.EVT_RENDER_CONTEXT_FLAGS.EvtRenderContextValues);
// test EvtNext
int eventArraySize = 10;
int evtNextTimeout = 1000;
int arrayIndex = 0;
EVT_HANDLE[] eventArray = new EVT_HANDLE[eventArraySize];
IntByReference returned = new IntByReference();
SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd");
while (Wevtapi.INSTANCE.EvtNext(queryHandle, eventArraySize, eventArray, evtNextTimeout, 0, returned)) {
// test EvtRender
Memory buff;
IntByReference propertyCount = new IntByReference();
Winevt.EVT_VARIANT evtVariant = new Winevt.EVT_VARIANT();
for (int i = 0; i < returned.getValue(); i++) {
buff = WevtapiUtil.EvtRender(contextHandle, eventArray[i], Winevt.EVT_RENDER_FLAGS.EvtRenderEventValues, propertyCount);
assertThat("PropertyCount", propertyCount.getValue(), is(5));
useMemory(evtVariant, buff, 0);
assertThat("Provider Name", (String) evtVariant.getValue(), is("testSource"));
sb.append((String) evtVariant.getValue());
useMemory(evtVariant, buff, 1);
assertThat("EventRecordID", (Long) evtVariant.getValue(), is((long) arrayIndex * eventArraySize + i + 1));
useMemory(evtVariant, buff, 2);
assertThat("EventID", (Short) evtVariant.getValue(), is((short) (5000 + (arrayIndex * eventArraySize + i + 1))));
useMemory(evtVariant, buff, 3);
String[] args = (String[]) evtVariant.getValue();
assertThat("Data#length", args.length, is(1));
assertThat("Data#value", args[0], is("testMessage" + (arrayIndex * eventArraySize + i + 1)));
useMemory(evtVariant, buff, 4);
Date systemtime = ((WinBase.FILETIME) evtVariant.getValue()).toDate();
assertThat("TimeCreated", dateFormat.format(systemtime), is("2016-08-17"));
}
arrayIndex++;
}
if (Kernel32.INSTANCE.GetLastError() != WinError.ERROR_SUCCESS && Kernel32.INSTANCE.GetLastError() != WinError.ERROR_NO_MORE_ITEMS) {
throw new Win32Exception(Kernel32.INSTANCE.GetLastError());
}
assertThat(sb.length() > 0, is(true));
} finally {
// test EvtClose
if (queryHandle != null) {
Wevtapi.INSTANCE.EvtClose(queryHandle);
}
if (contextHandle != null) {
Wevtapi.INSTANCE.EvtClose(contextHandle);
}
}
// =========== Test accessing binary data and empty value ================
queryHandle = null;
contextHandle = null;
testEvtx = new File(getClass().getResource("/res/WevtapiTest.sample2.evtx").toURI());
try {
queryHandle = Wevtapi.INSTANCE.EvtQuery(null, testEvtx.getPath(), null, Winevt.EVT_QUERY_FLAGS.EvtQueryFilePath);
String[] targets = { "Event/EventData/Binary", "Event/System/Correlation" };
contextHandle = Wevtapi.INSTANCE.EvtCreateRenderContext(targets.length, targets, Winevt.EVT_RENDER_CONTEXT_FLAGS.EvtRenderContextValues);
int read = 0;
int eventArraySize = 1;
int evtNextTimeout = 1000;
EVT_HANDLE[] eventArray = new EVT_HANDLE[eventArraySize];
IntByReference returned = new IntByReference();
while (Wevtapi.INSTANCE.EvtNext(queryHandle, eventArraySize, eventArray, evtNextTimeout, 0, returned)) {
Memory buff;
IntByReference propertyCount = new IntByReference();
Winevt.EVT_VARIANT evtVariant = new Winevt.EVT_VARIANT();
for (int i = 0; i < returned.getValue(); i++) {
read++;
buff = WevtapiUtil.EvtRender(contextHandle, eventArray[i], Winevt.EVT_RENDER_FLAGS.EvtRenderEventValues, propertyCount);
assertThat("PropertyCount", propertyCount.getValue(), is(2));
useMemory(evtVariant, buff, 0);
assertThat("Binary", (byte[]) evtVariant.getValue(), is(new byte[] { (byte) 0xD9, (byte) 0x06, 0, 0 }));
useMemory(evtVariant, buff, 1);
assertThat("Correlation", evtVariant.getValue(), nullValue());
}
}
assertThat(read, is(1));
} finally {
// test EvtClose
if (queryHandle != null) {
Wevtapi.INSTANCE.EvtClose(queryHandle);
}
if (contextHandle != null) {
Wevtapi.INSTANCE.EvtClose(contextHandle);
}
}
// =========== Test accessing GUID + SID data ================
queryHandle = null;
contextHandle = null;
testEvtx = new File(getClass().getResource("/res/WevtapiTest.sample3.evtx").toURI());
try {
queryHandle = Wevtapi.INSTANCE.EvtQuery(null, testEvtx.getPath(), null, Winevt.EVT_QUERY_FLAGS.EvtQueryFilePath);
String[] targets = { "Event/System/Security/@UserID", "Event/System/Provider/@Guid" };
contextHandle = Wevtapi.INSTANCE.EvtCreateRenderContext(targets.length, targets, Winevt.EVT_RENDER_CONTEXT_FLAGS.EvtRenderContextValues);
int read = 0;
int eventArraySize = 1;
int evtNextTimeout = 1000;
EVT_HANDLE[] eventArray = new EVT_HANDLE[eventArraySize];
IntByReference returned = new IntByReference();
while (Wevtapi.INSTANCE.EvtNext(queryHandle, eventArraySize, eventArray, evtNextTimeout, 0, returned)) {
Memory buff;
IntByReference propertyCount = new IntByReference();
Winevt.EVT_VARIANT evtVariant = new Winevt.EVT_VARIANT();
for (int i = 0; i < returned.getValue(); i++) {
read++;
buff = WevtapiUtil.EvtRender(contextHandle, eventArray[i], Winevt.EVT_RENDER_FLAGS.EvtRenderEventValues, propertyCount);
assertThat("PropertyCount", propertyCount.getValue(), is(2));
useMemory(evtVariant, buff, 0);
assertThat("Security#UserID", ((WinNT.PSID) evtVariant.getValue()).getSidString(), is("S-1-5-21-3178902164-3053647283-518304804-1001"));
useMemory(evtVariant, buff, 1);
assertThat("Provider#GUID", ((Guid.GUID) evtVariant.getValue()).toGuidString(), is("{B0AA8734-56F7-41CC-B2F4-DE228E98B946}"));
}
}
assertThat(read, is(1));
} finally {
// test EvtClose
if (queryHandle != null) {
Wevtapi.INSTANCE.EvtClose(queryHandle);
}
if (contextHandle != null) {
Wevtapi.INSTANCE.EvtClose(contextHandle);
}
}
}
use of com.sun.jna.platform.win32.WinDef.BYTE in project jna by java-native-access.
the class PsapiTest method testGetModuleFileNameEx.
@Test
public void testGetModuleFileNameEx() {
final JFrame w = new JFrame();
try {
w.setVisible(true);
final String searchSubStr = "\\bin\\java";
final HWND hwnd = new HWND(Native.getComponentPointer(w));
final IntByReference pid = new IntByReference();
User32.INSTANCE.GetWindowThreadProcessId(hwnd, pid);
final HANDLE process = Kernel32.INSTANCE.OpenProcess(0x0400 | 0x0010, false, pid.getValue());
if (process == null)
throw new Win32Exception(Kernel32.INSTANCE.GetLastError());
// check ANSI function
final byte[] filePathAnsi = new byte[1025];
int length = Psapi.INSTANCE.GetModuleFileNameExA(process, null, filePathAnsi, filePathAnsi.length - 1);
if (length == 0)
throw new Win32Exception(Kernel32.INSTANCE.GetLastError());
assertTrue("Path didn't contain '" + searchSubStr + "': " + Native.toString(filePathAnsi), Native.toString(filePathAnsi).toLowerCase().contains(searchSubStr));
// check Unicode function
final char[] filePathUnicode = new char[1025];
length = Psapi.INSTANCE.GetModuleFileNameExW(process, null, filePathUnicode, filePathUnicode.length - 1);
if (length == 0)
throw new Win32Exception(Kernel32.INSTANCE.GetLastError());
assertTrue("Path didn't contain '" + searchSubStr + "': " + Native.toString(filePathUnicode), Native.toString(filePathUnicode).toLowerCase().contains(searchSubStr));
// check default function
final int memAllocSize = 1025 * Native.WCHAR_SIZE;
final Memory filePathDefault = new Memory(memAllocSize);
length = Psapi.INSTANCE.GetModuleFileNameEx(process, null, filePathDefault, (memAllocSize / Native.WCHAR_SIZE) - 1);
if (length == 0)
throw new Win32Exception(Kernel32.INSTANCE.GetLastError());
assertTrue("Path didn't contain '" + searchSubStr + "': " + Native.toString(filePathDefault.getCharArray(0, memAllocSize / Native.WCHAR_SIZE)), Native.toString(filePathDefault.getCharArray(0, memAllocSize / Native.WCHAR_SIZE)).toLowerCase().contains(searchSubStr));
} finally {
w.dispose();
}
}
Aggregations