public static extern int TokenBindingVerifyMessage(
[In] byte *tokenBindingMessage,
[In] uint tokenBindingMessageSize,
[In] char *keyType,
[In] byte *tlsUnique,
[In] uint tlsUniqueSize,
[Out] out HeapAllocHandle resultList);
public static partial int TokenBindingVerifyMessage(
byte *tokenBindingMessage,
uint tokenBindingMessageSize,
char *keyType,
byte *tlsUnique,
uint tlsUniqueSize,
out HeapAllocHandle resultList);
/// <summary>
/// Returns the 'provided' token binding identifier, optionally also returning the
/// 'referred' token binding identifier. Returns null on failure.
/// </summary>
public static byte[] GetProvidedTokenIdFromBindingInfo(HTTP_REQUEST_TOKEN_BINDING_INFO *pTokenBindingInfo, out byte[] referredId)
{
byte[] providedId = null;
referredId = null;
HeapAllocHandle handle = null;
int status = UnsafeNclNativeMethods.TokenBindingVerifyMessage(
pTokenBindingInfo->TokenBinding,
pTokenBindingInfo->TokenBindingSize,
pTokenBindingInfo->KeyType,
pTokenBindingInfo->TlsUnique,
pTokenBindingInfo->TlsUniqueSize,
out handle);
// No match found or there was an error?
if (status != 0 || handle == null || handle.IsInvalid)
{
return(null);
}
using (handle)
{
// Find the first 'provided' and 'referred' types.
TOKENBINDING_RESULT_LIST *pResultList = (TOKENBINDING_RESULT_LIST *)handle.DangerousGetHandle();
for (int i = 0; i < pResultList->resultCount; i++)
{
TOKENBINDING_RESULT_DATA *pThisResultData = &pResultList->resultData[i];
if (pThisResultData->identifierData->bindingType == TOKENBINDING_TYPE.TOKENBINDING_TYPE_PROVIDED)
{
if (providedId != null)
{
return(null); // It is invalid to have more than one 'provided' identifier.
}
providedId = ExtractIdentifierBlob(pThisResultData);
}
else if (pThisResultData->identifierData->bindingType == TOKENBINDING_TYPE.TOKENBINDING_TYPE_REFERRED)
{
if (referredId != null)
{
return(null); // It is invalid to have more than one 'referred' identifier.
}
referredId = ExtractIdentifierBlob(pThisResultData);
}
}
}
return(providedId);
}
