我正在尝试请求用户在安全桌面上输入凭据,但我找不到解密生成的身份验证缓冲区的方法:
凭据来自:
CREDUI_INFO cui = new CREDUI_INFO()
{
cbSize = (uint)Marshal.SizeOf(typeof(CREDUI_INFO)),
pszMessageText = "MyMessage",
pszCaptionText = "MyCaption",
};
bool save = false;
uint authPackage = 0U;
IntPtr authBuffer;
uint authBufferSize;
uint error = CredUIPromptForWindowsCredentials(
ref cui,
0U,
ref authPackage,
IntPtr.Zero,
0U,
out authBuffer,
out authBufferSize,
ref save,
CREDUIWIN_SECURE_PROMPT);
凭据解压缩:
uint userBufferSize = CREDUI_MAX_USERNAME_LENGTH;
uint domainBufferSize = CRED_MAX_STRING_LENGTH;
uint passwordBufferSize = CREDUI_MAX_PASSWORD_LENGTH;
StringBuilder userBuffer = new StringBuilder((int)userBufferSize);
StringBuilder domainBuffer = new String((int)domainBufferSize);
IntPtr passwordBuffer = Marshal.AllocCoTaskMem((int)passwordBufferSize);
bool success = CredUnPackAuthenticationBuffer(
CRED_PACK_PROTECTED_CREDENTIALS,
authBuffer, authBufferSize
userBuffer, ref userBufferSize,
domainBuffer, ref domainBufferSize,
passwordBuffer, ref passwordBufferSize);
如果我在CREDUIWIN_SECURE_PROMPT中指定CredUIPromptForWindowsCredentials,如上例所示,CredUnPackAuthenticationBuffer失败并显示ERROR_NOT_CAPABLE。如果我使用CREDUIWIN_GENERIC而不是安全桌面,则会成功。
如何从安全桌面获取此类加密凭据的名称,域名和密码? 或者,如果不可能,我怎么能一般使用它们?