// public methods
        public void DecryptMessage(int messageLength, byte[] encryptedBytes, out byte[] decryptedBytes)
        {
            decryptedBytes = null;

            byte[] encryptedMessage = new byte[messageLength];
            Array.Copy(encryptedBytes, 0, encryptedMessage, 0, messageLength);

            int securityTrailerLength = encryptedBytes.Length - messageLength;
            byte[] securityTrailer = new byte[securityTrailerLength];
            Array.Copy(encryptedBytes, messageLength, securityTrailer, 0, securityTrailerLength);

            var buffers = new SecurityBuffer[]
            {
                new SecurityBuffer(encryptedBytes, SecurityBufferType.Data),
                new SecurityBuffer(securityTrailer, SecurityBufferType.Stream)
            };

            var descriptor = new SecurityBufferDescriptor(buffers);
            bool contextAddRefSuccess = false;
#if NET45
            RuntimeHelpers.PrepareConstrainedRegions();
#endif
            try
            {
                DangerousAddRef(ref contextAddRefSuccess);
            }
            catch (Exception ex)
            {
                if (contextAddRefSuccess)
                {
                    DangerousRelease();
                    contextAddRefSuccess = false;
                }

                if (!(ex is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally
            {
                try
                {
                    uint quality;
                    var result = NativeMethods.DecryptMessage(
                        ref _sspiHandle,
                        ref descriptor,
                        0,
                        out quality);

                    if (result != NativeMethods.SEC_E_OK)
                    {
                        throw NativeMethods.CreateException(result, "Unable to decrypt message.");
                    }

                    decryptedBytes = descriptor.ToByteArray();
                }
                finally
                {
                    descriptor.Free();
                }
            }
        }
        public void Initialize(string servicePrincipalName, byte[] inBytes, out byte[] outBytes)
        {
            outBytes = null;

            var outputBuffer = new SecurityBufferDescriptor(__maxTokenSize);
            
            bool credentialAddRefSuccess = false;
            bool contextAddRefSuccess = false;

#if NET45
            RuntimeHelpers.PrepareConstrainedRegions();
#endif
            try
            {
                _credential.DangerousAddRef(ref credentialAddRefSuccess);
                DangerousAddRef(ref contextAddRefSuccess);
            }
            catch (Exception ex)
            {
                if (credentialAddRefSuccess)
                {
                    _credential.DangerousRelease();
                    credentialAddRefSuccess = false;
                }
                if (contextAddRefSuccess)
                {
                    DangerousRelease();
                    contextAddRefSuccess = false;
                }

                if (!(ex is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally
            {
                try
                {
                    var flags = SspiContextFlags.MutualAuth;

                    uint result;
                    long timestamp;
                    var credentialHandle = _credential._sspiHandle;
                    if (inBytes == null || inBytes.Length == 0)
                    {
                        result = NativeMethods.InitializeSecurityContext(
                            ref credentialHandle,
                            IntPtr.Zero,
                            servicePrincipalName,
                            flags,
                            0,
                            DataRepresentation.Network,
                            IntPtr.Zero,
                            0,
                            ref _sspiHandle,
                            ref outputBuffer,
                            out flags,
                            out timestamp);
                    }
                    else
                    {
                        var serverToken = new SecurityBufferDescriptor(inBytes);
                        try
                        {
                            result = NativeMethods.InitializeSecurityContext(
                                ref credentialHandle,
                                ref _sspiHandle,
                                servicePrincipalName,
                                flags,
                                0,
                                DataRepresentation.Network,
                                ref serverToken,
                                0,
                                ref _sspiHandle,
                                ref outputBuffer,
                                out flags,
                                out timestamp);
                        }
                        finally
                        {
                            serverToken.Free();
                        }
                    }

                    _credential.DangerousRelease();
                    DangerousRelease();

                    if (result != NativeMethods.SEC_E_OK && result != NativeMethods.SEC_I_CONTINUE_NEEDED)
                    {
                        throw NativeMethods.CreateException(result, "Unable to initialize security context.");
                    }

                    outBytes = outputBuffer.ToByteArray();
                    _isInitialized = result == NativeMethods.SEC_E_OK;
                }
                finally
                {
                    outputBuffer.Free();
                }
            }
        }
        public void EncryptMessage(byte[] inBytes, out byte[] outBytes)
        {
            outBytes = null;

            bool contextAddRefSuccess = false;
            SecurityPackageContextSizes sizes;
#if NET45
            RuntimeHelpers.PrepareConstrainedRegions();
#endif
            try
            {
                DangerousAddRef(ref contextAddRefSuccess);
            }
            catch (Exception ex)
            {
                if (contextAddRefSuccess)
                {
                    DangerousRelease();
                    contextAddRefSuccess = false;
                }

                if (!(ex is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally
            {
                uint result = NativeMethods.QueryContextAttributes(
                    ref _sspiHandle,
                    QueryContextAttributes.Sizes,
                    out sizes);

                DangerousRelease();

                if (result != NativeMethods.SEC_E_OK)
                {
                    throw NativeMethods.CreateException(result, "Unable to get the query context attribute sizes.");
                }
            }

            var buffers = new SecurityBuffer[]
            {
                new SecurityBuffer(new byte[sizes.SecurityTrailer], SecurityBufferType.Token),
                new SecurityBuffer(inBytes, SecurityBufferType.Data),
                new SecurityBuffer(new byte[sizes.BlockSize], SecurityBufferType.Padding)
            };

            var descriptor = new SecurityBufferDescriptor(buffers);
#if NET45
            RuntimeHelpers.PrepareConstrainedRegions();
#endif
            try
            {
                DangerousAddRef(ref contextAddRefSuccess);
            }
            catch (Exception ex)
            {
                if (contextAddRefSuccess)
                {
                    DangerousRelease();
                    contextAddRefSuccess = false;
                }

                if (!(ex is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally
            {
                try
                {
                    uint result = NativeMethods.EncryptMessage(
                        ref _sspiHandle,
                        EncryptQualityOfProtection.WrapNoEncrypt,
                        ref descriptor,
                        0);

                    DangerousRelease();

                    if (result != NativeMethods.SEC_E_OK)
                    {
                        throw NativeMethods.CreateException(result, "Unable to encrypt message.");
                    }

                    outBytes = descriptor.ToByteArray();
                }
                finally
                {
                    descriptor.Free();
                }
            }
        }
Ejemplo n.º 4
0
        // public methods
        public void DecryptMessage(int messageLength, byte[] encryptedBytes, out byte[] decryptedBytes)
        {
            decryptedBytes = null;

            byte[] encryptedMessage = new byte[messageLength];
            Array.Copy(encryptedBytes, 0, encryptedMessage, 0, messageLength);

            int securityTrailerLength = encryptedBytes.Length - messageLength;

            byte[] securityTrailer = new byte[securityTrailerLength];
            Array.Copy(encryptedBytes, messageLength, securityTrailer, 0, securityTrailerLength);

            var buffers = new SecurityBuffer[]
            {
                new SecurityBuffer(encryptedBytes, SecurityBufferType.Data),
                new SecurityBuffer(securityTrailer, SecurityBufferType.Stream)
            };

            var  descriptor           = new SecurityBufferDescriptor(buffers);
            bool contextAddRefSuccess = false;

            RuntimeHelpers.PrepareConstrainedRegions();
            try
            {
                DangerousAddRef(ref contextAddRefSuccess);
            }
            catch (Exception ex)
            {
                if (contextAddRefSuccess)
                {
                    DangerousRelease();
                    contextAddRefSuccess = false;
                }

                if (!(ex is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally
            {
                try
                {
                    uint quality;
                    var  result = NativeMethods.DecryptMessage(
                        ref _sspiHandle,
                        ref descriptor,
                        0,
                        out quality);

                    if (result != NativeMethods.SEC_E_OK)
                    {
                        throw NativeMethods.CreateException(result, "Unable to decrypt message.");
                    }

                    decryptedBytes = descriptor.ToByteArray();
                }
                finally
                {
                    descriptor.Free();
                }
            }
        }
Ejemplo n.º 5
0
        public void Initialize(string servicePrincipalName, byte[] inBytes, out byte[] outBytes)
        {
            outBytes = null;

            var outputBuffer = new SecurityBufferDescriptor(__maxTokenSize);

            bool credentialAddRefSuccess = false;
            bool contextAddRefSuccess    = false;

            RuntimeHelpers.PrepareConstrainedRegions();
            try
            {
                _credential.DangerousAddRef(ref credentialAddRefSuccess);
                DangerousAddRef(ref contextAddRefSuccess);
            }
            catch (Exception ex)
            {
                if (credentialAddRefSuccess)
                {
                    _credential.DangerousRelease();
                    credentialAddRefSuccess = false;
                }
                if (contextAddRefSuccess)
                {
                    DangerousRelease();
                    contextAddRefSuccess = false;
                }

                if (!(ex is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally
            {
                try
                {
                    var flags = SspiContextFlags.MutualAuth;

                    uint result;
                    long timestamp;
                    var  credentialHandle = _credential._sspiHandle;
                    if (inBytes == null || inBytes.Length == 0)
                    {
                        result = NativeMethods.InitializeSecurityContext(
                            ref credentialHandle,
                            IntPtr.Zero,
                            servicePrincipalName,
                            flags,
                            0,
                            DataRepresentation.Network,
                            IntPtr.Zero,
                            0,
                            ref _sspiHandle,
                            ref outputBuffer,
                            out flags,
                            out timestamp);
                    }
                    else
                    {
                        var serverToken = new SecurityBufferDescriptor(inBytes);
                        try
                        {
                            result = NativeMethods.InitializeSecurityContext(
                                ref credentialHandle,
                                ref _sspiHandle,
                                servicePrincipalName,
                                flags,
                                0,
                                DataRepresentation.Network,
                                ref serverToken,
                                0,
                                ref _sspiHandle,
                                ref outputBuffer,
                                out flags,
                                out timestamp);
                        }
                        finally
                        {
                            serverToken.Free();
                        }
                    }

                    _credential.DangerousRelease();
                    DangerousRelease();

                    if (result != NativeMethods.SEC_E_OK && result != NativeMethods.SEC_I_CONTINUE_NEEDED)
                    {
                        throw NativeMethods.CreateException(result, "Unable to initialize security context.");
                    }

                    outBytes       = outputBuffer.ToByteArray();
                    _isInitialized = result == NativeMethods.SEC_E_OK;
                }
                finally
                {
                    outputBuffer.Free();
                }
            }
        }
Ejemplo n.º 6
0
        public void EncryptMessage(byte[] inBytes, out byte[] outBytes)
        {
            outBytes = null;

            bool contextAddRefSuccess = false;
            SecurityPackageContextSizes sizes;

            RuntimeHelpers.PrepareConstrainedRegions();
            try
            {
                DangerousAddRef(ref contextAddRefSuccess);
            }
            catch (Exception ex)
            {
                if (contextAddRefSuccess)
                {
                    DangerousRelease();
                    contextAddRefSuccess = false;
                }

                if (!(ex is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally
            {
                uint result = NativeMethods.QueryContextAttributes(
                    ref _sspiHandle,
                    QueryContextAttributes.Sizes,
                    out sizes);

                DangerousRelease();

                if (result != NativeMethods.SEC_E_OK)
                {
                    throw NativeMethods.CreateException(result, "Unable to get the query context attribute sizes.");
                }
            }

            var buffers = new SecurityBuffer[]
            {
                new SecurityBuffer(new byte[sizes.SecurityTrailer], SecurityBufferType.Token),
                new SecurityBuffer(inBytes, SecurityBufferType.Data),
                new SecurityBuffer(new byte[sizes.BlockSize], SecurityBufferType.Padding)
            };

            var descriptor = new SecurityBufferDescriptor(buffers);

            RuntimeHelpers.PrepareConstrainedRegions();
            try
            {
                DangerousAddRef(ref contextAddRefSuccess);
            }
            catch (Exception ex)
            {
                if (contextAddRefSuccess)
                {
                    DangerousRelease();
                    contextAddRefSuccess = false;
                }

                if (!(ex is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally
            {
                try
                {
                    uint result = NativeMethods.EncryptMessage(
                        ref _sspiHandle,
                        EncryptQualityOfProtection.WrapNoEncrypt,
                        ref descriptor,
                        0);

                    DangerousRelease();

                    if (result != NativeMethods.SEC_E_OK)
                    {
                        throw NativeMethods.CreateException(result, "Unable to encrypt message.");
                    }

                    outBytes = descriptor.ToByteArray();
                }
                finally
                {
                    descriptor.Free();
                }
            }
        }