# Copyright © 2012, Microsoft Corporation. All rights reserved.


#Windows 7 6.1 
#Windows Server 2008 R2 6.1 
#Windows Server 2008 6.0 
#Windows Vista 6.0 
#Windows Server 2003 R2 5.2 
#Windows Server 2003 5.2 
#Windows XP 5.1 
#Windows 2000 5.0 

. ./utils_SetupEnv.ps1

$registryRW = import-cs `
	-classname Microsoft.Windows.Diagnosis.RegistryReadingAndWriting `
	-sourcefile RegistryReadingAndWriting.cs `
	-sourcetext @"
using System;
using Microsoft.Win32; 

namespace Microsoft.Windows.Diagnosis
{
    public static class RegistryReadingAndWriting
    {

        public static bool setRegistryValue(string hiveKey, string hkPath, string keyName, string value2Set, RegistryValueKind rgValKind)
        {
            if (hiveKey == null) return false;
            if (hiveKey.Length < 3) return false;
            if (hkPath == null) return false;
            if (hkPath.Length < 3) return false;
            RegistryKey parentKey = null;
            if (hiveKey.ToLower() == "hku")
            {
                parentKey = Registry.Users.OpenSubKey(hkPath, true);
            }
            if (hiveKey.ToLower() == "hklm")
            {
                parentKey = Registry.LocalMachine.OpenSubKey(hkPath, true);
            }
            if (hiveKey.ToLower() == "hkcr")
            {
                parentKey = Registry.ClassesRoot.OpenSubKey(hkPath, true);
            }
            if (hiveKey.ToLower() == "hkcc")
            {
                parentKey = Registry.CurrentConfig.OpenSubKey(hkPath, true);
            }
            if (hiveKey.ToLower() == "hkpd")
            {
                parentKey = Registry.PerformanceData.OpenSubKey(hkPath, true);
            }
            if (parentKey == null)
            {
                return false;
            }
            try
            {
                parentKey.SetValue(keyName, value2Set, rgValKind);
            }
            catch (Exception e)
            {
                throw e;
            }
            return true;
        }

        public static string getRegistryValue(string hiveKey, string hkPath, string keyName)
        {
            if (hiveKey == null) return ("Hive cannot be null");
            if (hiveKey.Length < 3) return "Hive length cannot be less than 3";
            if (hkPath == null) return ("Path cannot be null");
            if (hkPath.Length < 3) return "Path length cannot be less than 3";
            RegistryKey parentKey = null;
            if (hiveKey.ToLower() == "hku")
            {
                parentKey = Registry.Users.OpenSubKey(hkPath, true);
            }
            if (hiveKey.ToLower() == "hklm")
            {
                parentKey = Registry.LocalMachine.OpenSubKey(hkPath, true);
            }
            if (hiveKey.ToLower() == "hkcr")
            {
                parentKey = Registry.ClassesRoot.OpenSubKey(hkPath, true);
            }
            if (hiveKey.ToLower() == "hkcc")
            {
                parentKey = Registry.CurrentConfig.OpenSubKey(hkPath, true);
            }
            if (hiveKey.ToLower() == "hkpd")
            {
                parentKey = Registry.PerformanceData.OpenSubKey(hkPath, true);
            }
            if (parentKey == null)
            {
                return (hiveKey + " hive not found");
            }
            try
            {
                string s1 = parentKey.GetValue(keyName).ToString();
                return s1;
            }
            catch (NullReferenceException nullexp)
            {
                return nullexp.Message;
            }
        }
    }
}
"@
		
function checkWindowsVersion(){
	# check the version of windows
	
	$OS = Get-WmiObject -Namespace root\CIMV2 -Class Win32_OperatingSystem
	$temp = $OS.Version.Split(".")
    $OSVersion = ($temp[0] + "." + $temp[1])
	if($OS)
	{
		if( ([int]::Parse($OS.version[0]) -eq 6) ){
			return ( [int]::Parse($OS.version[0])*10 + [int]::Parse($OS.version[2])  ) # greater than windows vista
		}elseif(([int]::Parse($OS.version[0]) -eq 6) -and ([int]::Parse($OS.version[2]) -eq 1)){
			return 61 # windows 7
		}elseif(([int]::Parse($OS.version[0]) -eq 6) -and ([int]::Parse($OS.version[2]) -eq 0)){
	
			return 60 # windows vista
		}elseif(([int]::Parse($OS.version[0]) -eq 5) -and ([int]::Parse($OS.version[2]) -eq 1)){
			return 51 # win xp 32 bit
		}elseif(([int]::Parse($OS.version[0]) -eq 5) -and ([int]::Parse($OS.version[2]) -eq 2)){
			return 52 # win xp 64 bit
		}elseif([Float]$OSVersion -gt [Float](6.2)){
			 return 100 # Windows 10
		}
        else{
            return 13 # below win xp
        }
	}
}

function Get-AppDataExpectedString(){
	
	$correctValue = '%USERPROFILE%\AppData\Roaming'

	$currWinVersion = checkWindowsVersion

	if( ($currwinversion -eq 51) -or ($currwinversion -eq 52) ){ # for win xp 32 bit and 64 bit
		$correctValue = '%USERPROFILE%\Application Data'
	}
	return $correctValue
}

$expectedString = Get-AppDataExpectedString
$h = ".DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\";
$HKEY_USERS = "hku"
$expRegString = [Microsoft.Win32.RegistryValueKind]::ExpandString

function Get-RegistryValue($hkey,$hpath,$keyName){
	return ($registryRW::getRegistryValue($hkey,$hpath,$keyName))
}

function Set-RegistryValue($hkey,$hpath,$keyName,$value2Set,$regStringType){
	return ($registryRW::setRegistryValue($hkey,$hpath,$keyName,$value2Set,$regStringType))
}

function isArray($arr){
	if($null -eq $arr){ return $false }
	return ($arr.gettype().name -ieq "Object[]")
}

function Get-RegistrySubValues($key,$hpath) {    (Get-Item ($key+"\"+$hpath)).GetValueNames() }

function Get-RegistryValues($key,$hpath) {    
    $keys = (Get-Item $key).GetValueNames()
    $val=@{}
    foreach($k in $keys){
        $val.add($k, (Get-RegistryValue $key $hpath $k))
    }
    return $val
}

 function Get-RegistryValueA($key, $value) {    (Get-ItemProperty $key $value).$value }

 function Get-RegistrySubValuesA($key) {    (Get-Item $key).GetValueNames() }

 function Get-RegistryValuesA($key) {    
    $keys = (Get-Item $key).GetValueNames()
    $val=@{}
    foreach($k in $keys){
        $val.add($k, (Get-RegistryValueA $key $k))
    }
    return $val

}


function hashtable2xml($h,$runOnce){
	$str = "<$runonce>"
	foreach($k in $h.keys){
		$str += "<$k>"+$h[$k]+"</$k>"
	}
	$str += "</$runonce>"
	return $str
}


function generate-Report ($id,$name,$regKey){
	$xml = get-registryvaluesa ($regKey)

	
	$xml = hashtable2xml ($xml) ("$id")

	$xml > "$env:temp\$id"
	$xml |convertto-xml| update-diagreport -id ([string]$id) -name ([string]$name) -verbosity informational
	# $xml |convertto-xml| update-diagreport -id ([string]$id) -name ([string]$name) -verbosity debug

	return "$env:temp\$id"
}

# "PendingFileRenameOperations" -name "Pending File RenameOperations Before"

function generate-ReportPendingFileRenameOp($id,$name){
	$strs = get-registryValue "HKLM" (([string]"$global:hklmManager").replace("HKLM","")) "PendingFileRenameOperations"

	$strs > "$env:temp\$id"
	$strs | convertto-xml | update-diagreport -id ([string]$id) -name ([string]$name) -verbosity informational

	return "$env:temp\$id"
}


# Create a chain of registry keys from each of the items in the given path
function CreateRegKeys 
{     
	param([string]$path)	
	if($path)
	{		
	    $Keys = $path.split("\")			
		$nextLevel = $Keys[0]
		$ValidHives = @("Registry::HKEY_CURRENT_USER","Registry::HKEY_LOCAL_MACHINE",
		  				"Registry::HKEY_CLASSES_ROOT", "Registry::HKEY_USERS", "Registry::HKEY_CURRENT_CONFIG", "HKLM:","HKCU:"
						)		

		IF($ValidHives -notcontains($nextLevel))
		{
		 #Invalid hive name
		 RETURN
		}
		#Create keys recursively
		for( $i=1; ($i -lt $Keys.Length); $i++ )
        {  
			$nextLevel = Join-Path $nextLevel $Keys[$i]            
			if (!(test-path $nextLevel)) 
			{	          
			  New-Item -Path $nextLevel -Force
			}                                               
        }              
    }
}


# Get registry value type and return its powershell equivalent
Function resolveType
{
  param($Type)
  if($Type)
  {
	  Switch($Type)
	  {
	    "REG_SZ"
			{$Type = "String" }		
		"REG_DWORD"
			{$Type = "DWORD"}
		"REG_QWORD"
			{$Type = "QWORD"}
		"REG_MULTI_SZ"
			{$Type = "MultiString"}
		"REG_EXPAND_SZ"
			{$Type = "ExpandString"}		
	  }
  }
 return $Type  
 
}


# examples
# Set-RegValue ("Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToBackup")
# Set-RegValue "Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToBackup" "Kernel Dumps" "REG_MULTI_SZ" @("%systemroot%\Minidump\* /s","%systemroot%\memory.dmp") 
# Set-RegValue "Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToBackup" "Memory Page File" "REG_MULTI_SZ" "\Pagefile.sys"
function Set-RegValue($Key,$Value=$null,$Type=$null,$Data=$null) 
 { 	
	
		
	# Create registry key if it doesn't exist
	if ( ($Key -ne $null) -and (-not( Test-Path $key)))
	{
	  CreateRegKeys $key
	}

	if(($value -eq $null) -and ($type -eq $null) -and ( $data -eq $null)){
		return
	}

	$Type = resolveType $Type
	
	# Determine whether the registry key exists
	if (($Key -ne $null) -and (Test-Path $Key))
	{  
	    $itemProperty = Get-ItemProperty -Path $Key -Name $Value -ErrorAction SilentlyContinue	
		
		# Determine whether the property exists
		if ($itemProperty)
		{ 
		  if(($Type -ieq "ExpandString") -and ($Data -match "%*%")){ $Data = ExpandEnvVariable $Data }
		  
		  # Determine whether the property is not in the default state
		  if(($itemProperty.$Value) -ne $Data)
			{   
			    # Set the property to the default state
				 New-ItemProperty -Path $Key -Name $Value -PropertyType $Type -Value $Data -Force -ErrorAction SilentlyContinue	
			}			
		}
		else
		{ 
		  # Create the property
		  New-ItemProperty -Path $Key -Name $Value -PropertyType $Type -Value $Data -Force -ErrorAction SilentlyContinue
		}
		
		# set the value if the value is not set
		if($itemProperty.$Value){
			
		}else{
			Set-Itemproperty -path $Key -Name $Value -Value $Data
		}
	}	
}


#function to get the bit of windows (32 bit or 64 bit)
function get-windowsBit(){
	if([IntPtr]::Size -eq 8){
		return 64
	}
	return 32
}