Fix LsaOpenPolicy interop definition

* Move Lsa handles to Interop code

* Fix implementation of LsaOpenPolicy

* Move LSA_STRING and LSA_UNICODE_STRING to Advapi32

* Consolidate LSA_UNICODE_STRING and UNICODE_STRING

src/Common/src/Interop/Windows/SspiCli/Interop.LsaString.cs → src/Common/src/Interop/Windows/Advapi32/Interop.LSA_STRING.cs

@@ -7,7 +7,7 @@
 
 internal partial class Interop
 {
-    internal partial class SspiCli
+    internal partial class Advapi32
     {
         [StructLayout(LayoutKind.Sequential)]
         internal struct LSA_STRING

src/Common/src/Interop/Windows/Advapi32/Interop.LsaLookupNames2.cs

@@ -15,9 +15,18 @@ internal static extern uint LsaLookupNames2(
             SafeLsaPolicyHandle handle,
             int flags,
             int count,
-            UNICODE_STRING[] names,
+            MARSHALLED_UNICODE_STRING[] names,
             out SafeLsaMemoryHandle referencedDomains,
             out SafeLsaMemoryHandle sids
-            );
+        );
+
+        [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
+        internal struct MARSHALLED_UNICODE_STRING
+        {
+            internal ushort Length;
+            internal ushort MaximumLength;
+            [MarshalAs(UnmanagedType.LPWStr)]
+            internal string Buffer;
+        }
     }
 }

src/Common/src/Interop/Windows/Advapi32/Interop.LsaLookupSids.cs

@@ -17,6 +17,6 @@ internal static extern uint LsaLookupSids(
             IntPtr[] sids,
             out SafeLsaMemoryHandle referencedDomains,
             out SafeLsaMemoryHandle names
-            );
+        );
     }
 }

src/Common/src/Interop/Windows/Advapi32/Interop.LsaOpenPolicy.cs

@@ -11,6 +11,34 @@ internal static partial class Interop
     internal static partial class Advapi32
     {
         [DllImport(Interop.Libraries.Advapi32, EntryPoint = "LsaOpenPolicy", SetLastError = true, CharSet = CharSet.Unicode)]
-        internal static extern uint LsaOpenPolicy(string systemName, ref LSA_OBJECT_ATTRIBUTES attributes, int accessMask, out SafeLsaPolicyHandle handle);
+        private static extern uint LsaOpenPolicy(
+            ref UNICODE_STRING SystemName,
+            ref OBJECT_ATTRIBUTES ObjectAttributes,
+            int AccessMask,
+            out SafeLsaPolicyHandle PolicyHandle
+        );
+
+        internal static unsafe uint LsaOpenPolicy(
+            string SystemName,
+            ref OBJECT_ATTRIBUTES Attributes,
+            int AccessMask,
+            out SafeLsaPolicyHandle PolicyHandle)
+        {
+            var systemNameUnicode = new UNICODE_STRING();
+            if (SystemName != null)
+            {
+                fixed (char* c = SystemName)
+                {
+                    systemNameUnicode.Length = checked((ushort)(SystemName.Length * sizeof(char)));
+                    systemNameUnicode.MaximumLength = checked((ushort)(SystemName.Length * sizeof(char)));
+                    systemNameUnicode.Buffer = (IntPtr)c;
+                    return LsaOpenPolicy(ref systemNameUnicode, ref Attributes, AccessMask, out PolicyHandle);
+                }
+            }
+            else
+            {
+                return LsaOpenPolicy(ref systemNameUnicode, ref Attributes, AccessMask, out PolicyHandle);
+            }
+        }
     }
 }

src/Common/src/Interop/Windows/Interop.OBJECT_ATTRIBUTES.cs

@@ -0,0 +1,103 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+using System;
+using System.Runtime.InteropServices;
+
+internal static partial class Interop
+{
+    /// <summary>
+    /// <a href="https://msdn.microsoft.com/en-us/library/windows/hardware/ff557749.aspx">OBJECT_ATTRIBUTES</a> structure.
+    /// The OBJECT_ATTRIBUTES structure specifies attributes that can be applied to objects or object handles by routines 
+    /// that create objects and/or return handles to objects.
+    /// </summary>
+    internal unsafe struct OBJECT_ATTRIBUTES
+    {
+        public uint Length;
+
+        /// <summary>
+        /// Optional handle to root object directory for the given ObjectName.
+        /// Can be a file system directory or object manager directory.
+        /// </summary>
+        public IntPtr RootDirectory;
+
+        /// <summary>
+        /// Name of the object. Must be fully qualified if RootDirectory isn't set.
+        /// Otherwise is relative to RootDirectory.
+        /// </summary>
+        public UNICODE_STRING* ObjectName;
+
+        public ObjectAttributes Attributes;
+
+        /// <summary>
+        /// If null, object will receive default security settings.
+        /// </summary>
+        public void* SecurityDescriptor;
+
+        /// <summary>
+        /// Optional quality of service to be applied to the object. Used to indicate
+        /// security impersonation level and context tracking mode (dynamic or static).
+        /// </summary>
+        public void* SecurityQualityOfService;
+
+        /// <summary>
+        /// Equivalent of InitializeObjectAttributes macro with the exception that you can directly set SQOS.
+        /// </summary>
+        public unsafe OBJECT_ATTRIBUTES(UNICODE_STRING* objectName, ObjectAttributes attributes, IntPtr rootDirectory)
+        {
+            Length = (uint)sizeof(OBJECT_ATTRIBUTES);
+            RootDirectory = rootDirectory;
+            ObjectName = objectName;
+            Attributes = attributes;
+            SecurityDescriptor = null;
+            SecurityQualityOfService = null;
+        }
+    }
+
+    [Flags]
+    public enum ObjectAttributes : uint
+    {
+        // https://msdn.microsoft.com/en-us/library/windows/hardware/ff564586.aspx
+        // https://msdn.microsoft.com/en-us/library/windows/hardware/ff547804.aspx
+
+        /// <summary>
+        /// This handle can be inherited by child processes of the current process.
+        /// </summary>
+        OBJ_INHERIT = 0x00000002,
+
+        /// <summary>
+        /// This flag only applies to objects that are named within the object manager.
+        /// By default, such objects are deleted when all open handles to them are closed.
+        /// If this flag is specified, the object is not deleted when all open handles are closed.
+        /// </summary>
+        OBJ_PERMANENT = 0x00000010,
+
+        /// <summary>
+        /// Only a single handle can be open for this object.
+        /// </summary>
+        OBJ_EXCLUSIVE = 0x00000020,
+
+        /// <summary>
+        /// Lookups for this object should be case insensitive.
+        /// </summary>
+        OBJ_CASE_INSENSITIVE = 0x00000040,
+
+        /// <summary>
+        /// Create on existing object should open, not fail with STATUS_OBJECT_NAME_COLLISION.
+        /// </summary>
+        OBJ_OPENIF = 0x00000080,
+
+        /// <summary>
+        /// Open the symbolic link, not its target.
+        /// </summary>
+        OBJ_OPENLINK = 0x00000100,
+
+        // Only accessible from kernel mode
+        // OBJ_KERNEL_HANDLE
+
+        // Access checks enforced, even in kernel mode
+        // OBJ_FORCE_ACCESS_CHECK
+        // OBJ_VALID_ATTRIBUTES = 0x000001F2
+    }
+}

src/Common/src/Interop/Windows/NtDll/Interop.NtCreateFile.cs

@@ -68,100 +68,6 @@ internal unsafe static (int status, IntPtr handle) CreateFile(
             }
         }
 
-        /// <summary>
-        /// <a href="https://msdn.microsoft.com/en-us/library/windows/hardware/ff557749.aspx">OBJECT_ATTRIBUTES</a> structure.
-        /// The OBJECT_ATTRIBUTES structure specifies attributes that can be applied to objects or object handles by routines 
-        /// that create objects and/or return handles to objects.
-        /// </summary>
-        internal unsafe struct OBJECT_ATTRIBUTES
-        {
-            public uint Length;
-
-            /// <summary>
-            /// Optional handle to root object directory for the given ObjectName.
-            /// Can be a file system directory or object manager directory.
-            /// </summary>
-            public IntPtr RootDirectory;
-
-            /// <summary>
-            /// Name of the object. Must be fully qualified if RootDirectory isn't set.
-            /// Otherwise is relative to RootDirectory.
-            /// </summary>
-            public UNICODE_STRING* ObjectName;
-
-            public ObjectAttributes Attributes;
-
-            /// <summary>
-            /// If null, object will receive default security settings.
-            /// </summary>
-            public void* SecurityDescriptor;
-
-            /// <summary>
-            /// Optional quality of service to be applied to the object. Used to indicate
-            /// security impersonation level and context tracking mode (dynamic or static).
-            /// </summary>
-            public void* SecurityQualityOfService;
-
-            /// <summary>
-            /// Equivalent of InitializeObjectAttributes macro with the exception that you can directly set SQOS.
-            /// </summary>
-            public unsafe OBJECT_ATTRIBUTES(UNICODE_STRING* objectName, ObjectAttributes attributes, IntPtr rootDirectory)
-            {
-                Length = (uint)sizeof(OBJECT_ATTRIBUTES);
-                RootDirectory = rootDirectory;
-                ObjectName = objectName;
-                Attributes = attributes;
-                SecurityDescriptor = null;
-                SecurityQualityOfService = null;
-            }
-        }
-
-        [Flags]
-        public enum ObjectAttributes : uint
-        {
-            // https://msdn.microsoft.com/en-us/library/windows/hardware/ff564586.aspx
-            // https://msdn.microsoft.com/en-us/library/windows/hardware/ff547804.aspx
-
-            /// <summary>
-            /// This handle can be inherited by child processes of the current process.
-            /// </summary>
-            OBJ_INHERIT = 0x00000002,
-
-            /// <summary>
-            /// This flag only applies to objects that are named within the object manager.
-            /// By default, such objects are deleted when all open handles to them are closed.
-            /// If this flag is specified, the object is not deleted when all open handles are closed.
-            /// </summary>
-            OBJ_PERMANENT = 0x00000010,
-
-            /// <summary>
-            /// Only a single handle can be open for this object.
-            /// </summary>
-            OBJ_EXCLUSIVE = 0x00000020,
-
-            /// <summary>
-            /// Lookups for this object should be case insensitive.
-            /// </summary>
-            OBJ_CASE_INSENSITIVE = 0x00000040,
-
-            /// <summary>
-            /// Create on existing object should open, not fail with STATUS_OBJECT_NAME_COLLISION.
-            /// </summary>
-            OBJ_OPENIF = 0x00000080,
-
-            /// <summary>
-            /// Open the symbolic link, not its target.
-            /// </summary>
-            OBJ_OPENLINK = 0x00000100,
-
-            // Only accessible from kernel mode
-            // OBJ_KERNEL_HANDLE
-
-            // Access checks enforced, even in kernel mode
-            // OBJ_FORCE_ACCESS_CHECK
-            // OBJ_VALID_ATTRIBUTES = 0x000001F2
-        }
-
         /// <summary>
         /// File creation disposition when calling directly to NT APIs.
         /// </summary>

src/Common/src/Interop/Windows/SspiCli/Interop.KerbS4uLogin.cs

@@ -14,8 +14,8 @@ internal struct KERB_S4U_LOGON
         {
             internal KERB_LOGON_SUBMIT_TYPE MessageType;
             internal KerbS4uLogonFlags Flags;
-            internal LSA_UNICODE_STRING ClientUpn;
-            internal LSA_UNICODE_STRING ClientRealm;
+            internal UNICODE_STRING ClientUpn;
+            internal UNICODE_STRING ClientRealm;
         }
 
         [Flags]

src/Common/src/Interop/Windows/SspiCli/Interop.LSAStructs.cs

@@ -17,17 +17,6 @@ internal struct LSA_TRANSLATED_NAME
         internal int DomainIndex;
     }
 
-    [StructLayout(LayoutKind.Sequential)]
-    internal struct LSA_OBJECT_ATTRIBUTES
-    {
-        internal int Length;
-        internal IntPtr RootDirectory;
-        internal IntPtr ObjectName;
-        internal int Attributes;
-        internal IntPtr SecurityDescriptor;
-        internal IntPtr SecurityQualityOfService;
-    }
-
     [StructLayout(LayoutKind.Sequential)]
     internal struct LSA_TRANSLATED_SID2
     {

src/Common/src/Interop/Windows/SspiCli/Interop.LsaLogonUser.cs

@@ -14,7 +14,7 @@ internal partial class SspiCli
         [DllImport(Libraries.SspiCli)]
         internal static extern int LsaLogonUser(
             [In]  SafeLsaHandle LsaHandle,
-            [In]  ref LSA_STRING OriginName,
+            [In]  ref Advapi32.LSA_STRING OriginName,
             [In]  SECURITY_LOGON_TYPE LogonType,
             [In]  int AuthenticationPackage,
             [In]  IntPtr AuthenticationInformation,

src/Common/src/Interop/Windows/SspiCli/Interop.LsaLookupAuthenticationPackage.cs

@@ -4,14 +4,17 @@
 
 using System;
 using System.Runtime.InteropServices;
-
 using Microsoft.Win32.SafeHandles;
 
 internal partial class Interop
 {
     internal partial class SspiCli
     {
         [DllImport(Libraries.SspiCli)]
-        internal static extern int LsaLookupAuthenticationPackage(SafeLsaHandle LsaHandle, [In] ref LSA_STRING PackageName, out int AuthenticationPackage);
+        internal static extern int LsaLookupAuthenticationPackage(
+            SafeLsaHandle LsaHandle,
+            [In] ref Advapi32.LSA_STRING PackageName,
+            out int AuthenticationPackage
+        );
     }
 }