Styris
/
trusted-uninstaller-cli
1
0
Fork 0
Code Issues 1 Pull Requests 0 Projects 1 Releases 10 Wiki Activity
CLI tool for running Playbooks
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
55 MiB
Tree: 209756478f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '209756478f'
${ noResults }
trusted-uninstaller-cli/TrustedUninstaller.Shared/Actions/RegistryValueAction.cs

332 lines
14 KiB
Raw Normal View History

Start
1 year ago
 
  1. #nullable enable
  2. using System;
  3. using System.Collections.Generic;
  4. using System.IO;
  5. using System.Linq;
  6. using System.Security;
  7. using System.Text.RegularExpressions;
  8. using System.Threading;
  9. using System.Threading.Tasks;
  10. using Microsoft.Win32;
  11. using TrustedUninstaller.Shared.Exceptions;
  12. using TrustedUninstaller.Shared.Tasks;
  13. using YamlDotNet.Serialization;
  14. 

  15. 

  16. namespace TrustedUninstaller.Shared.Actions
  17. {
  18.     public enum RegistryValueOperation
  19.     {
  20.         Delete = 0,
  21.         Add = 1,
  22.         // This indicates to skip the action if the specified value does not already exist

  23.         Set = 2
  24.     }
  25. 

  26.     public enum RegistryValueType
  27.     {
  28.         REG_SZ = RegistryValueKind.String,
  29.         REG_MULTI_SZ = RegistryValueKind.MultiString,
  30.         REG_EXPAND_SZ = RegistryValueKind.ExpandString,
  31.         REG_DWORD = RegistryValueKind.DWord,
  32.         REG_QWORD = RegistryValueKind.QWord,
  33.         REG_BINARY = RegistryValueKind.Binary,
  34.         REG_NONE = RegistryValueKind.None,
  35.         REG_UNKNOWN = RegistryValueKind.Unknown
  36.     }
  37. 

  38.     public class RegistryValueAction : ITaskAction
  39.     {
  40.         [YamlMember(typeof(string), Alias = "path")]
  41.         public string KeyName { get; set; }
  42. 

  43.         [YamlMember(typeof(string), Alias = "value")]
  44.         public string Value { get; set; } = "";
  45.         
  46.         [YamlMember(typeof(object), Alias = "data")]
  47.         public object? Data { get; set; }
  48.         
  49.         [YamlMember(typeof(RegistryValueType), Alias = "type")]
  50.         public RegistryValueType Type { get; set; }
  51.         
  52.         [YamlMember(typeof(Scope), Alias = "scope")]
  53.         public Scope Scope { get; set; } = Scope.AllUsers;
  54. 

  55.         [YamlMember(typeof(RegistryValueOperation), Alias = "operation")]
  56.         public RegistryValueOperation Operation { get; set; } = RegistryValueOperation.Add;
  57.         
  58.         [YamlMember(typeof(string), Alias = "weight")]
  59.         public int ProgressWeight { get; set; } = 0;
  60.         public int GetProgressWeight()
  61.         {
  62.             int roots;
  63.             try
  64.             {
  65.                 roots = GetRoots().Count;
  66.             }
  67.             catch (Exception)
  68.             {
  69.                 roots = 1;
  70.             }
  71. 

  72.             return ProgressWeight + roots;
  73.         }
  74.         
  75.         private bool InProgress { get; set; }
  76.         public void ResetProgress() => InProgress = false;
  77.         
  78.         public string ErrorString() => $"RegistryValueAction failed to {Operation.ToString().ToLower()} value '{Value}' in key '{KeyName}'";
  79.         
  80.         private List<RegistryKey> GetRoots()
  81.         {
  82.             var hive = KeyName.Split('\\').GetValue(0).ToString().ToUpper();
  83.             var list = new List<RegistryKey>();
  84. 

  85.             if (hive.Equals("HKCU") || hive.Equals("HKEY_CURRENT_USER"))
  86.             {
  87.                 RegistryKey usersKey;
  88.                 List<string> userKeys;
  89. 

  90.                 switch (Scope)
  91.                 {
  92.                     case Scope.AllUsers:
  93.                         WinUtil.RegistryManager.HookUserHives();
  94.                     
  95.                         usersKey = RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Default);
  96.                         userKeys = usersKey.GetSubKeyNames().
  97.                             Where(x => x.StartsWith("S-") && 
  98.                                 usersKey.OpenSubKey(x).GetSubKeyNames().Any(y => y.Equals("Volatile Environment"))).ToList();
  99.                     
  100.                         userKeys.AddRange(usersKey.GetSubKeyNames().Where(x => x.StartsWith("AME_UserHive_") && !x.EndsWith("_Classes")).ToList());
  101.                     
  102.                         userKeys.ForEach(x => list.Add(usersKey.OpenSubKey(x, true)));
  103.                         return list;
  104.                     case Scope.ActiveUsers:
  105.                         usersKey = RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Default);
  106.                         userKeys = usersKey.GetSubKeyNames().
  107.                             Where(x => x.StartsWith("S-") && 
  108.                                 usersKey.OpenSubKey(x).GetSubKeyNames().Any(y => y.Equals("Volatile Environment"))).ToList();
  109. 

  110.                         userKeys.ForEach(x => list.Add(usersKey.OpenSubKey(x, true)));
  111.                         return list;
  112.                     case Scope.DefaultUser:
  113.                         usersKey = RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Default);
  114.                         userKeys = usersKey.GetSubKeyNames().Where(x => x.Equals("AME_UserHive_Default") && !x.EndsWith("_Classes")).ToList();
  115.                         
  116.                         userKeys.ForEach(x => list.Add(usersKey.OpenSubKey(x, true)));
  117.                         return list;
  118.                 }
  119.             }
  120.             list.Add(hive switch
  121.             {
  122.                 "HKCU" => RegistryKey.OpenBaseKey(RegistryHive.CurrentUser, RegistryView.Default),
  123.                 "HKEY_CURRENT_USER" => RegistryKey.OpenBaseKey(RegistryHive.CurrentUser, RegistryView.Default),
  124.                 "HKLM" => RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Default),
  125.                 "HKEY_LOCAL_MACHINE" => RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Default),
  126.                 "HKCR" => RegistryKey.OpenBaseKey(RegistryHive.ClassesRoot, RegistryView.Default),
  127.                 "HKEY_CLASSES_ROOT" => RegistryKey.OpenBaseKey(RegistryHive.ClassesRoot, RegistryView.Default),
  128.                 "HKU" => RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Default),
  129.                 "HKEY_USERS" => RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Default),
  130.                 _ => throw new ArgumentException($"Key '{KeyName}' does not specify a valid registry hive.")
  131.             });
  132.             return list;
  133.         }
  134. 

  135.         public string GetSubKey() => KeyName.Substring(KeyName.IndexOf('\\') + 1);
  136. 

  137.         private RegistryKey? OpenSubKey(RegistryKey root)
  138.         {
  139.             var subKeyPath = GetSubKey();
  140.             
  141.             if (subKeyPath == null) throw new ArgumentException($"Key '{KeyName}' is invalid.");
  142.             
  143.             return root.OpenSubKey(subKeyPath, true);
  144.         }
  145. 

  146.         public object? GetCurrentValue(RegistryKey root)
  147.         {
  148.             var subkey = GetSubKey();
  149.             return Registry.GetValue(root.Name + "\\" + subkey, Value, null);
  150.         }
  151.         
  152.         public static byte[] StringToByteArray(string hex) {
  153.             return Enumerable.Range(0, hex.Length)
  154.                 .Where(x => x % 2 == 0)
  155.                 .Select(x => Convert.ToByte(hex.Substring(x, 2), 16))
  156.                 .ToArray();
  157.         }
  158. 

  159.         public UninstallTaskStatus GetStatus()
  160.         {
  161.             try
  162.             {
  163.                 var roots = GetRoots();
  164. 

  165.                 foreach (var _root in roots)
  166.                 {
  167.                     var root = _root;
  168.                     var subKey = GetSubKey();
  169.                     
  170.                     if (root.Name.Contains("AME_UserHive_") && subKey.StartsWith("SOFTWARE\\Classes", StringComparison.CurrentCultureIgnoreCase))
  171.                     {
  172.                         var usersKey = RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Default);
  173. 

  174.                         root = usersKey.OpenSubKey(root.Name.Substring(11) + "_Classes", true);
  175.                         subKey = Regex.Replace(subKey, @"^SOFTWARE\\*Classes\\*", "", RegexOptions.IgnoreCase);
  176. 

  177.                         if (root == null)
  178.                         {
  179.                             continue;
  180.                         }
  181.                     }
  182.                     
  183.                     var openedSubKey = root.OpenSubKey(subKey);
  184. 

  185.                     if (openedSubKey == null && (Operation == RegistryValueOperation.Set || Operation == RegistryValueOperation.Delete))
  186.                         continue;
  187.                     if (openedSubKey == null) return UninstallTaskStatus.ToDo;
  188. 

  189.                     var value = openedSubKey.GetValue(Value);
  190. 

  191.                     if (value == null)
  192.                     {
  193.                         if (Operation == RegistryValueOperation.Set || Operation == RegistryValueOperation.Delete)
  194.                             continue;
  195. 

  196.                         return UninstallTaskStatus.ToDo;
  197.                     }
  198.                     if (Operation == RegistryValueOperation.Delete) return UninstallTaskStatus.ToDo;
  199. 

  200.                     if (Data == null) return UninstallTaskStatus.ToDo;
  201. 

  202. 

  203.                     bool matches;
  204.                     try
  205.                     {
  206.                         matches = Type switch
  207.                         {
  208.                             RegistryValueType.REG_SZ =>
  209.                                 Data.ToString() == value.ToString(),
  210.                             RegistryValueType.REG_EXPAND_SZ =>
  211.                                 // RegistryValueOptions.DoNotExpandEnvironmentNames above did not seem to work.

  212.                                 Environment.ExpandEnvironmentVariables(Data.ToString()) == value.ToString(),
  213.                             RegistryValueType.REG_MULTI_SZ =>
  214.                                 Data.ToString() == "" ?
  215.                                     ((string[])value).SequenceEqual(new string[] { }) :
  216.                                     ((string[])value).SequenceEqual(Data.ToString().Split(new string[] { "\\0" }, StringSplitOptions.None)),
  217.                             RegistryValueType.REG_DWORD =>
  218.                                 unchecked((int)Convert.ToUInt32(Data)) == (int)value,
  219.                             RegistryValueType.REG_QWORD =>
  220.                                 Convert.ToUInt64(Data) == (ulong)value,
  221.                             RegistryValueType.REG_BINARY =>
  222.                                 ((byte[])value).SequenceEqual(StringToByteArray(Data.ToString())),
  223.                             RegistryValueType.REG_NONE =>
  224.                                 ((byte[])value).SequenceEqual(new byte[0]),
  225.                             RegistryValueType.REG_UNKNOWN =>
  226.                                 Data.ToString() == value.ToString(),
  227.                             _ => throw new ArgumentException("Impossible.")
  228.                         };
  229.                     }
  230.                     catch (InvalidCastException)
  231.                     {
  232.                         matches = false;
  233.                     }
  234.                     if (!matches) return UninstallTaskStatus.ToDo;
  235.                 }
  236.             }
  237.             catch (Exception e)
  238.             {
  239.                 ErrorLogger.WriteToErrorLog(e.Message,
  240.                     e.StackTrace, "RegistryValueAction Error");
  241.                 return UninstallTaskStatus.ToDo;
  242.             }
  243. 

  244.             return UninstallTaskStatus.Completed;
  245.         }
  246. 

  247.         public async Task<bool> RunTask()
  248.         {
  249. 

  250.             Console.WriteLine($"{Operation.ToString().TrimEnd('e')}ing value '{Value}' in key '{KeyName}'...");
  251.             
  252.             var roots = GetRoots();
  253. 

  254.             foreach (var _root in roots)
  255.             {
  256.                 var root = _root;
  257.                 var subKey = GetSubKey();
  258.                 try
  259.                 {
  260.                     if (root.Name.Contains("AME_UserHive_") && subKey.StartsWith("SOFTWARE\\Classes", StringComparison.CurrentCultureIgnoreCase))
  261.                     {
  262.                         var usersKey = RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Default);
  263. 

  264.                         root = usersKey.OpenSubKey(root.Name.Substring(11) + "_Classes", true);
  265.                         subKey = Regex.Replace(subKey, @"^SOFTWARE\\*Classes\\*", "", RegexOptions.IgnoreCase);
  266. 

  267.                         if (root == null)
  268.                         {
  269.                             ErrorLogger.WriteToErrorLog($"User classes hive not found for hive {_root.Name}.",
  270.                                 Environment.StackTrace, "RegistryValueAction Error");
  271.                             continue;
  272.                         }
  273.                     }
  274. 

  275.                     if (GetCurrentValue(root) == Data) continue;
  276. 

  277.                     if (root.OpenSubKey(subKey) == null && Operation == RegistryValueOperation.Set) continue;
  278.                     if (root.OpenSubKey(subKey) == null && Operation == RegistryValueOperation.Add) root.CreateSubKey(subKey);
  279. 

  280.                     if (Operation == RegistryValueOperation.Delete)
  281.                     {
  282.                         var key = root.OpenSubKey(subKey, true);
  283.                         key?.DeleteValue(Value);
  284.                         continue;
  285.                     }
  286. 

  287.                     if (Type == RegistryValueType.REG_BINARY)
  288.                     {
  289.                         var data = StringToByteArray(Data.ToString());
  290. 

  291.                         Registry.SetValue(root.Name + "\\" + subKey, Value, data, (RegistryValueKind)Type);
  292.                     }
  293.                     else if (Type == RegistryValueType.REG_DWORD)
  294.                     {
  295.                         // DWORD values using the highest bit set fail without this, for example '2962489444'.

  296.                         // See https://stackoverflow.com/questions/6608400/how-to-put-a-dword-in-the-registry-with-the-highest-bit-set;

  297.                         var value = unchecked((int)Convert.ToUInt32(Data));
  298.                         Registry.SetValue(root.Name + "\\" + subKey, Value, value, (RegistryValueKind)Type);
  299.                     }
  300.                     else if (Type == RegistryValueType.REG_QWORD)
  301.                     {
  302.                         Registry.SetValue(root.Name + "\\" + subKey, Value, Convert.ToUInt64(Data), (RegistryValueKind)Type);
  303.                     }
  304.                     else if (Type == RegistryValueType.REG_NONE)
  305.                     {
  306.                         byte[] none = new byte[0];
  307. 

  308.                         Registry.SetValue(root.Name + "\\" + subKey, Value, none, (RegistryValueKind)Type);
  309.                     }
  310.                     else if (Type == RegistryValueType.REG_MULTI_SZ)
  311.                     {
  312.                         string[] data;
  313.                         if (Data.ToString() == "") data = new string[] { };
  314.                         else data = Data.ToString().Split(new string[] { "\\0" }, StringSplitOptions.None);
  315. 

  316.                         Registry.SetValue(root.Name + "\\" + subKey, Value, data, (RegistryValueKind)Type);
  317.                     }
  318.                     else
  319.                     {
  320.                         Registry.SetValue(root.Name + "\\" + subKey, Value, Data, (RegistryValueKind)Type);
  321.                     }
  322.                 }
  323.                 catch (Exception e)
  324.                 {
  325.                     ErrorLogger.WriteToErrorLog(e.Message,
  326.                         e.StackTrace, "RegistryValueAction Error", root?.Name + "\\" + subKey);
  327.                 }
  328.             }
  329.             return true;
  330.         }
  331.     }
  332. }