windows-nt/Source/XPSP1/NT/ds/security/cryptoapi/common/dpapi/reset.cpp

88 lines
1.5 KiB
C++
Raw Permalink Normal View History

2020-09-26 03:20:57 -05:00
/*++
Copyright (c) 2000 Microsoft Corporation
Module Name:
reset.c
Abstract:
This module contains client side code to handle the reset machine
credentials operation.
Author:
John Banes (jbanes) July 5, 2001
--*/
#include <nt.h>
#include <ntrtl.h>
#include <nturtl.h>
#include <windows.h>
#include <lm.h>
#include <wincrypt.h>
extern "C" {
#include <ntsam.h>
#include <ntsamp.h>
}
#include "passrec.h"
DWORD
WINAPI
CryptResetMachineCredentials(
DWORD dwFlags)
{
BYTE BufferIn[8] = {0};
DATA_BLOB DataIn;
DATA_BLOB DataOut;
DWORD dwRetVal;
NTSTATUS Status;
//
// Call SamiChangeKeys to reset syskey and SAM stuff.
// If this fails, don't bother reseting DPAPI keys.
//
Status = SamiChangeKeys();
if (!NT_SUCCESS(Status))
{
//
// Convert the ntstatus to a winerror
//
return(RtlNtStatusToDosError(Status));
}
//
// Reset DPAPI LSA secret and reencrypt all of the local machine
// master keys.
//
DataIn.pbData = BufferIn;
DataIn.cbData = sizeof(BufferIn);
if(!CryptProtectData(&DataIn,
NULL,
NULL,
NULL,
NULL,
CRYPTPROTECT_CRED_REGENERATE,
&DataOut))
{
dwRetVal = GetLastError();
return dwRetVal;
}
//
// Force a flush
//
RegFlushKey(HKEY_LOCAL_MACHINE);
return ERROR_SUCCESS;
}