Context Navigation

source: trunk/python/pyregfi/init.py @ 209

Last change on this file since 209 was 209, checked in by tim, 14 years ago

worked on pyregfi value data interface

added initial scons target for API/devel documentation

File size: 13.5 KB

Line
1	#!/usr/bin/env python
2
3	import sys
4	from pyregfi.structures import *
5
6	import ctypes
7	import ctypes.util
8	from ctypes import c_char,c_char_p,c_int,c_uint16,c_uint32,c_bool,POINTER
9
10	regfi = ctypes.CDLL(ctypes.util.find_library('regfi'), use_errno=True)
11
12
13	regfi.regfi_alloc.argtypes = [c_int]
14	regfi.regfi_alloc.restype = POINTER(REGFI_FILE)
15
16	regfi.regfi_alloc_cb.argtypes = [POINTER(REGFI_RAW_FILE)]
17	regfi.regfi_alloc_cb.restype = POINTER(REGFI_FILE)
18
19	regfi.regfi_free.argtypes = [POINTER(REGFI_FILE)]
20	regfi.regfi_free.restype = None
21
22	regfi.regfi_log_get_str.argtypes = []
23	regfi.regfi_log_get_str.restype = c_char_p
24
25	regfi.regfi_log_set_mask.argtypes = [c_uint16]
26	regfi.regfi_log_set_mask.restype = c_bool
27
28	regfi.regfi_free_record.argtypes = [c_void_p]
29	regfi.regfi_free_record.restype = None
30
31	regfi.regfi_fetch_num_subkeys.argtypes = [POINTER(REGFI_NK)]
32	regfi.regfi_fetch_num_subkeys.restype = c_uint32
33
34	regfi.regfi_fetch_num_values.argtypes = [POINTER(REGFI_NK)]
35	regfi.regfi_fetch_num_values.restype = c_uint32
36
37	regfi.regfi_fetch_classname.argtypes = [POINTER(REGFI_FILE), POINTER(REGFI_NK)]
38	regfi.regfi_fetch_classname.restype = POINTER(REGFI_CLASSNAME)
39
40	regfi.regfi_fetch_sk.argtypes = [POINTER(REGFI_FILE), POINTER(REGFI_NK)]
41	regfi.regfi_fetch_sk.restype = POINTER(REGFI_SK)
42
43	regfi.regfi_fetch_data.argtypes = [POINTER(REGFI_FILE), POINTER(REGFI_VK)]
44	regfi.regfi_fetch_data.restype = POINTER(REGFI_DATA)
45
46	regfi.regfi_find_subkey.argtypes = [POINTER(REGFI_FILE), POINTER(REGFI_NK),
47	c_char_p, POINTER(c_uint32)]
48	regfi.regfi_find_subkey.restype = c_bool
49
50	regfi.regfi_find_value.argtypes = [POINTER(REGFI_FILE), POINTER(REGFI_NK),
51	c_char_p, POINTER(c_uint32)]
52	regfi.regfi_find_value.restype = c_bool
53
54	regfi.regfi_get_subkey.argtypes = [POINTER(REGFI_FILE), POINTER(REGFI_NK),
55	c_uint32]
56	regfi.regfi_get_subkey.restype = POINTER(REGFI_NK)
57
58	regfi.regfi_get_value.argtypes = [POINTER(REGFI_FILE), POINTER(REGFI_NK),
59	c_uint32]
60	regfi.regfi_get_value.restype = POINTER(REGFI_VK)
61
62	regfi.regfi_iterator_new.argtypes = [POINTER(REGFI_FILE), REGFI_ENCODING]
63	regfi.regfi_iterator_new.restype = POINTER(REGFI_ITERATOR)
64
65	regfi.regfi_iterator_free.argtypes = [POINTER(REGFI_ITERATOR)]
66	regfi.regfi_iterator_free.restype = None
67
68	regfi.regfi_iterator_down.argtypes = [POINTER(REGFI_ITERATOR)]
69	regfi.regfi_iterator_down.restype = c_bool
70
71	regfi.regfi_iterator_up.argtypes = [POINTER(REGFI_ITERATOR)]
72	regfi.regfi_iterator_up.restype = c_bool
73
74	regfi.regfi_iterator_to_root.argtypes = [POINTER(REGFI_ITERATOR)]
75	regfi.regfi_iterator_to_root.restype = c_bool
76
77	regfi.regfi_iterator_walk_path.argtypes = [POINTER(REGFI_ITERATOR)]
78	regfi.regfi_iterator_walk_path.restype = c_bool
79
80	regfi.regfi_iterator_cur_key.argtypes = [POINTER(REGFI_ITERATOR)]
81	regfi.regfi_iterator_cur_key.restype = POINTER(REGFI_NK)
82
83	regfi.regfi_iterator_first_subkey.argtypes = [POINTER(REGFI_ITERATOR)]
84	regfi.regfi_iterator_first_subkey.restype = c_bool
85
86	regfi.regfi_iterator_cur_subkey.argtypes = [POINTER(REGFI_ITERATOR)]
87	regfi.regfi_iterator_cur_subkey.restype = POINTER(REGFI_NK)
88
89	regfi.regfi_iterator_next_subkey.argtypes = [POINTER(REGFI_ITERATOR)]
90	regfi.regfi_iterator_next_subkey.restype = c_bool
91
92	regfi.regfi_iterator_find_subkey.argtypes = [POINTER(REGFI_ITERATOR), c_char_p]
93	regfi.regfi_iterator_find_subkey.restype = c_bool
94
95	regfi.regfi_iterator_first_value.argtypes = [POINTER(REGFI_ITERATOR)]
96	regfi.regfi_iterator_first_value.restype = c_bool
97
98	regfi.regfi_iterator_cur_value.argtypes = [POINTER(REGFI_ITERATOR)]
99	regfi.regfi_iterator_cur_value.restype = POINTER(REGFI_VK)
100
101	regfi.regfi_iterator_next_value.argtypes = [POINTER(REGFI_ITERATOR)]
102	regfi.regfi_iterator_next_value.restype = c_bool
103
104	regfi.regfi_iterator_find_value.argtypes = [POINTER(REGFI_ITERATOR), c_char_p]
105	regfi.regfi_iterator_find_value.restype = c_bool
106
107
108
109	regfi.regfi_get_value
110
111	regfi.regfi_init.argtypes = []
112	regfi.regfi_init.restype = None
113	regfi.regfi_init()
114
115
116	def GetLogMessages():
117	msgs = regfi.regfi_log_get_str()
118	if msgs == None:
119	return ''
120	return msgs.decode('ascii')
121
122
123	def _buffer2bytearray(char_pointer, length):
124	if length == 0 or char_pointer == None:
125	return None
126
127	ret_val = bytearray(length)
128	for i in range(0,length):
129	ret_val[i] = char_pointer[i][0]
130
131	return ret_val
132
133
134	def _charss2strlist(chars_pointer):
135	ret_val = []
136	i = 0
137	s = chars_pointer[i]
138	while s != None:
139	ret_val.append(s.decode('utf-8'))
140	i += 1
141	s = chars_pointer[i]
142
143	return ret_val
144
145
146	class _StructureWrapper():
147	"Handles memory management and proxies attribute access to base structures"
148	hive = None
149	base = None
150
151	def __init__(self, hive, base):
152	self.hive = hive
153	# XXX: check for NULL here, throw an exception if so.
154	self.base = base
155
156	def __del__(self):
157	regfi.regfi_free_record(self.base)
158
159	def __getattr__(self, name):
160	return getattr(self.base.contents, name)
161
162	def __eq__(self, other):
163	return (type(self) == type(other)) and (self.offset == other.offset)
164
165	def __ne__(self, other):
166	return (not self.__eq__(other))
167
168
169	class Key(_StructureWrapper):
170	pass
171
172	class Value(_StructureWrapper):
173	pass
174
175	class Data(_StructureWrapper):
176	pass
177
178	class Security(_StructureWrapper):
179	pass
180
181
182	class _GenericList():
183	hive = None
184	key = None
185	length = None
186	current = None
187
188	# implementation-specific functions
189	fetch_num = None
190	find_element = None
191	get_element = None
192	constructor = None
193
194	def __init__(self, key):
195	self.hive = key.hive
196	# XXX: check for NULL here, throw an exception if so.
197	self.key = key
198	self.length = self.fetch_num(key.base)
199
200	def __len__(self):
201	return self.length
202
203	def __getitem__(self, name):
204	index = c_uint32()
205	if isinstance(name, str):
206	name = name.encode('utf-8')
207
208	if name != None:
209	name = create_string_buffer(bytes(name))
210
211	if self.find_element(self.hive.file, self.key.base, name, byref(index)):
212	return self.constructor(self.hive, self.get_element(self.hive.file,
213	self.key.base,
214	index))
215	raise KeyError('')
216
217	def get(self, name, default):
218	try:
219	return self[name]
220	except KeyError:
221	return default
222
223	def __iter__(self):
224	self.current = 0
225	return self
226
227	def __next__(self):
228	if self.current >= self.length:
229	raise StopIteration('')
230
231	elem = self.get_element(self.hive.file, self.key.base,
232	c_uint32(self.current))
233	self.current += 1
234	return self.constructor(self.hive, elem)
235
236
237	class _SubkeyList(_GenericList):
238	fetch_num = regfi.regfi_fetch_num_subkeys
239	find_element = regfi.regfi_find_subkey
240	get_element = regfi.regfi_get_subkey
241
242
243	class _ValueList(_GenericList):
244	fetch_num = regfi.regfi_fetch_num_values
245	find_element = regfi.regfi_find_value
246	get_element = regfi.regfi_get_value
247
248
249	class Key(_StructureWrapper):
250	values = None
251	subkeys = None
252
253	def __init__(self, hive, base):
254	super(Key, self).__init__(hive, base)
255	self.values = _ValueList(self)
256	self.subkeys = _SubkeyList(self)
257
258	def __getattr__(self, name):
259	ret_val = super(Key, self).__getattr__(name)
260
261	if name == "name":
262	if ret_val == None:
263	ret_val = self.name_raw
264	else:
265	ret_val = ret_val.decode('utf-8')
266
267	elif name == "name_raw":
268	length = super(Key, self).__getattr__('name_length')
269	ret_val = _buffer2bytearray(ret_val, length)
270
271	return ret_val
272
273
274	def fetch_security(self):
275	return Security(self.hive,
276	regfi.regfi_fetch_sk(self.hive.file, self.base))
277
278
279	class Value(_StructureWrapper):
280	def __getattr__(self, name):
281	ret_val = None
282	if name == "data":
283	data_p = regfi.regfi_fetch_data(self.hive.file, self.base)
284	try:
285	data_struct = data_p.contents
286	except Exception:
287	return None
288
289	if data_struct.interpreted_size == 0:
290	ret_val = None
291	elif data_struct.type in (REG_SZ, REG_EXPAND_SZ, REG_LINK):
292	# Unicode strings
293	ret_val = data_struct.interpreted.string.decode('utf-8')
294	elif data_struct.type in (REG_DWORD, REG_DWORD_BE):
295	# 32 bit integers
296	ret_val = data_struct.interpreted.dword
297	elif data_struct.type == REG_QWORD:
298	# 64 bit integers
299	ret_val = data_struct.interpreted.qword
300	elif data_struct.type == REG_MULTI_SZ:
301	ret_val = _charss2strlist(data_struct.interpreted.multiple_string)
302	elif data_struct.type in (REG_NONE, REG_RESOURCE_LIST,
303	REG_FULL_RESOURCE_DESCRIPTOR,
304	REG_RESOURCE_REQUIREMENTS_LIST,
305	REG_BINARY):
306	ret_val = _buffer2bytearray(data_struct.interpreted.none,
307	data_struct.interpreted_size)
308
309	regfi.regfi_free_record(data_p)
310
311	elif name == "data_raw":
312	# XXX: should we load the data without interpretation instead?
313	data_p = regfi.regfi_fetch_data(self.hive.file, self.base)
314	try:
315	data_struct = data_p.contents
316	except Exception:
317	return None
318
319	ret_val = _buffer2bytearray(data_struct.raw,
320	data_struct.size)
321	regfi.regfi_free_record(data_p)
322
323	else:
324	ret_val = super(Value, self).__getattr__(name)
325	if name == "name":
326	if ret_val == None:
327	ret_val = self.name_raw
328	else:
329	ret_val = ret_val.decode('utf-8')
330
331	elif name == "name_raw":
332	length = super(Value, self).__getattr__('name_length')
333	ret_val = _buffer2bytearray(ret_val, length)
334
335	return ret_val
336
337
338	# Avoids chicken/egg class definitions.
339	# Also makes for convenient code reuse in these lists' parent classes.
340	_SubkeyList.constructor = Key
341	_ValueList.constructor = Value
342
343
344
345	class Hive():
346	file = None
347	raw_file = None
348
349	def __init__(self, fh):
350	# The fileno method may not exist, or it may throw an exception
351	# when called if the file isn't backed with a descriptor.
352	try:
353	if hasattr(fh, 'fileno'):
354	self.file = regfi.regfi_alloc(fh.fileno())
355	return
356	except:
357	pass
358
359	self.raw_file = structures.REGFI_RAW_FILE()
360	self.raw_file.fh = fh
361	self.raw_file.seek = seek_cb_type(self.raw_file.cb_seek)
362	self.raw_file.read = read_cb_type(self.raw_file.cb_read)
363	self.file = regfi.regfi_alloc_cb(self.raw_file)
364
365	def __getattr__(self, name):
366	return getattr(self.file.contents, name)
367
368	def __del__(self):
369	regfi.regfi_free(self.file)
370	if self.raw_file != None:
371	regfi.regfi_free(self.file)
372
373
374	def __iter__(self):
375	return HiveIterator(self)
376
377	def subtree(self, path):
378	hi = HiveIterator(self)
379	hi.descend(path)
380	return hi
381
382
383	class HiveIterator():
384	hive = None
385	iter = None
386	iteration_root = None
387
388	def __init__(self, hive):
389	# REGFI_ENCODING_UTF8==1
390	self.iter = regfi.regfi_iterator_new(hive.file, 1)
391	if self.iter == None:
392	raise Exception("Could not create iterator. Current log:\n"
393	+ GetLogMessages())
394	self.hive = hive
395
396	def __getattr__(self, name):
397	return getattr(self.file.contents, name)
398
399	def __del__(self):
400	regfi.regfi_iterator_free(self.iter)
401
402	def __iter__(self):
403	self.iteration_root = None
404	return self
405
406	def __next__(self):
407	if self.iteration_root == None:
408	self.iteration_root = self.current_key()
409	elif not regfi.regfi_iterator_down(self.iter):
410	up_ret = regfi.regfi_iterator_up(self.iter)
411	while (up_ret and
412	not regfi.regfi_iterator_next_subkey(self.iter)):
413	if self.iteration_root == self.current_key():
414	self.iteration_root = None
415	raise StopIteration('')
416	up_ret = regfi.regfi_iterator_up(self.iter)
417
418	if not up_ret:
419	raise StopIteration('')
420
421	if not regfi.regfi_iterator_down(self.iter):
422	raise Exception('Error traversing iterator downward.'+
423	' Current log:\n'+ GetLogMessages())
424
425	regfi.regfi_iterator_first_subkey(self.iter)
426	return self.current_key()
427
428	def down(self):
429	pass
430
431	def up(self):
432	pass
433
434	def descend(self, path):
435	#set up generator
436	cpath = (bytes(p,'ascii') for p in path)
437
438	# evaluate generator and create char* array
439	apath = (c_char_plen(path))(cpath)
440
441	if not regfi.regfi_iterator_walk_path(self.iter,apath):
442	raise Exception('Could not locate path.\n'+GetLogMessages())
443
444	def current_key(self):
445	return Key(self.hive, regfi.regfi_iterator_cur_key(self.iter))

Note: See TracBrowser for help on using the repository browser.

Download in other formats: