public static unsafe int AcquireCredentialsHandle(string package, CredentialUse intent, ref SecureCredential authdata, out SafeFreeCredentials outCredential)
{
int num = -1;
IntPtr certContextArray = authdata.certContextArray;
try
{
IntPtr ptr2 = new IntPtr((void*) &certContextArray);
if (certContextArray != IntPtr.Zero)
{
authdata.certContextArray = ptr2;
}
outCredential = new SafeFreeCredentials();
RuntimeHelpers.PrepareConstrainedRegions();
try
{
}
finally
{
long num2;
num = AcquireCredentialsHandleW(null, package, (int) intent, null, ref authdata, null, null, ref outCredential._handle, out num2);
if (num != 0)
{
outCredential.SetHandleAsInvalid();
}
}
}
finally
{
authdata.certContextArray = certContextArray;
}
return num;
}
public static unsafe int AcquireCredentialsHandle(string package, CredentialUse intent, ref SecureCredential authdata, out SafeFreeCredentials outCredential)
{
int num = -1;
IntPtr certContextArray = authdata.certContextArray;
try
{
IntPtr ptr2 = new IntPtr((void *)&certContextArray);
if (certContextArray != IntPtr.Zero)
{
authdata.certContextArray = ptr2;
}
outCredential = new SafeFreeCredentials();
RuntimeHelpers.PrepareConstrainedRegions();
try
{
}
finally
{
long num2;
num = AcquireCredentialsHandleW(null, package, (int)intent, null, ref authdata, null, null, ref outCredential._handle, out num2);
if (num != 0)
{
outCredential.SetHandleAsInvalid();
}
}
}
finally
{
authdata.certContextArray = certContextArray;
}
return(num);
}
AcquireCredentialsHandle(SSPIInterface SecModule,
string package,
CredentialUse intent,
AuthIdentity authdata
)
{
GlobalLog.Print("SSPIWrapper::AcquireCredentialsHandle#2(): using " + package);
CredentialsHandle credentialsHandle = new CredentialsHandle(SecModule);
int errorCode = SecModule.AcquireCredentialsHandle(null,
package,
(int)intent,
0,
authdata,
0,
0,
ref credentialsHandle.Handle,
ref credentialsHandle.TimeStamp
);
if (errorCode != 0)
{
#if TRAVE
GlobalLog.Print("SSPIWrapper::AcquireCredentialsHandle#2(): error " + SecureChannel.MapSecurityStatus((uint)errorCode));
#endif
throw new Win32Exception(errorCode);
}
return(credentialsHandle);
}
AcquireCredentialsHandle(SSPIInterface SecModule,
string package,
CredentialUse intent,
SChannelCred scc
)
{
GlobalLog.Print("SSPIWrapper::AcquireCredentialsHandle#3(): using " + package);
CredentialsHandle credentialsHandle = new CredentialsHandle(SecModule);
GCHandle pinnedCertificateArray = new GCHandle();
if (scc.certContextArray != IntPtr.Zero)
{
//
// We hide the fact that this array must be marshalled
// and Pinned, we convert the single value into a pined array
// for the Unmanaged call
//
IntPtr [] certContextArray = new IntPtr[1] {
scc.certContextArray
};
pinnedCertificateArray = GCHandle.Alloc(certContextArray, GCHandleType.Pinned);
//
// Its now pinned, so get a ptr to its base
// this is needed because the Common Language Runtime doesn't support this natively
//
scc.certContextArray = pinnedCertificateArray.AddrOfPinnedObject();
}
int errorCode = SecModule.AcquireCredentialsHandle(
null,
package,
(int)intent,
0,
ref scc,
0,
0,
ref credentialsHandle.Handle,
ref credentialsHandle.TimeStamp
);
if (pinnedCertificateArray.IsAllocated)
{
pinnedCertificateArray.Free();
}
if (errorCode != 0)
{
#if TRAVE
GlobalLog.Print("SSPIWrapper::AcquireCredentialsHandle#3(): error " + SecureChannel.MapSecurityStatus((uint)errorCode));
#endif
throw new Win32Exception(errorCode);
}
GlobalLog.Print("SSPIWrapper::AcquireCredentialsHandle#3(): cred handle = 0x" + String.Format("{0:x}", credentialsHandle.Handle));
return(credentialsHandle);
}
public static SafeCredHandle SafeAcquireCredentialsHandle(string package, CredentialUse credentialUse)
{
CredHandle credHandle;
long num;
Secur32Dll.AcquireCredentialsHandleA(null, package, (int)credentialUse, null, null, null, null, out credHandle, out num);
return(new SafeCredHandle(credHandle));
}
public static unsafe int AcquireCredentialsHandle(SecurDll dll, string package, CredentialUse intent, ref SecureCredential authdata, out SafeFreeCredentials outCredential)
{
int num = -1;
IntPtr certContextArray = authdata.certContextArray;
try
{
long num2;
IntPtr ptr2 = new IntPtr((void*) &certContextArray);
if (certContextArray != IntPtr.Zero)
{
authdata.certContextArray = ptr2;
}
switch (dll)
{
case SecurDll.SECURITY:
outCredential = new SafeFreeCredential_SECURITY();
RuntimeHelpers.PrepareConstrainedRegions();
try
{
goto Label_00C5;
}
finally
{
num = UnsafeNclNativeMethods.SafeNetHandles_SECURITY.AcquireCredentialsHandleW(null, package, (int) intent, null, ref authdata, null, null, ref outCredential._handle, out num2);
}
break;
case SecurDll.SCHANNEL:
break;
default:
goto Label_0093;
}
outCredential = new SafeFreeCredential_SCHANNEL();
RuntimeHelpers.PrepareConstrainedRegions();
try
{
goto Label_00C5;
}
finally
{
num = UnsafeNclNativeMethods.SafeNetHandles_SCHANNEL.AcquireCredentialsHandleA(null, package, (int) intent, null, ref authdata, null, null, ref outCredential._handle, out num2);
}
Label_0093:;
throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "SecurDll" }), "Dll");
}
finally
{
authdata.certContextArray = certContextArray;
}
Label_00C5:
if (num != 0)
{
outCredential.SetHandleAsInvalid();
}
return num;
}
/// <summary>
/// Initializes a new instance of the <see cref="SecurityCredential" /> class.
/// </summary>
/// <param name="package">The security package to use.</param>
/// <param name="use">The manner in which the credential will be used.</param>
/// <exception cref="ArgumentNullException"><paramref name="package" /> is null.</exception>
protected SecurityCredential(SecurityPackageInfo package, CredentialUse use)
{
PackageInfo = package ?? throw new ArgumentNullException(nameof(package));
_safeCredentialHandle = new SafeCredentialHandle();
_safeCredentialHandle.AcquireCredentialHandle(package.Name, use);
_principleName = new Lazy <string>(() => _safeCredentialHandle.GetPrincipleName());
}
public CredentialsContext(string package, CredentialUse intent)
{
this.Handle.Reset();
int num = UnsafeNclNativeMethods.NativeNTSSPI.AcquireCredentialsHandleW(null, package, (int)intent, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, ref this.Handle, ref this.TimeStamp);
if (num != 0)
{
throw new Win32Exception(num);
}
}
public static SafeFreeCredentials AcquireCredentialsHandle(string package, CredentialUse intent, ref IntPtr ppAuthIdentity)
{
SafeFreeCredentials outCredential = null;
int error = SafeFreeCredentials.AcquireCredentialsHandle(package, intent, ref ppAuthIdentity, out outCredential);
if (error != 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error));
}
return outCredential;
}
public static SafeFreeCredentials AcquireDefaultCredential(string package, CredentialUse intent, params string[] additionalPackages)
{
SafeFreeCredentials outCredential = null;
AuthIdentityEx authIdentity = new AuthIdentityEx(null, null, null, additionalPackages);
int error = SafeFreeCredentials.AcquireDefaultCredential(package, intent, ref authIdentity, out outCredential);
if (error != 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error));
}
return outCredential;
}
public static SafeFreeCredentials AcquireCredentialsHandle(string package, CredentialUse intent, ref IntPtr ppAuthIdentity)
{
SafeFreeCredentials safeFreeCredential = null;
int num = SafeFreeCredentials.AcquireCredentialsHandle(package, intent, ref ppAuthIdentity, out safeFreeCredential);
if (num != 0)
{
throw new Win32Exception(num);
}
return(safeFreeCredential);
}
internal static extern SecurityStatus AcquireCredentialsHandle(
string principleName,
string packageName,
CredentialUse credentialUse,
IntPtr loginId,
IntPtr packageData,
IntPtr getKeyFunc,
IntPtr getKeyData,
ref RawSspiHandle credentialHandle,
ref TimeStamp expiry
);
internal static extern SecurityStatus AcquireCredentialsHandle_AuthData(
string principleName,
string packageName,
CredentialUse credentialUse,
IntPtr loginId,
ref NativeAuthData authData,
IntPtr getKeyFunc,
IntPtr getKeyData,
ref RawSspiHandle credentialHandle,
ref TimeStamp expiry
);
/// <summary>
/// Acquires the credential handle.
/// </summary>
/// <param name="packageName">The package name to use.</param>
/// <param name="use">The intended use for the credential.</param>
/// <exception cref="SspiException">The underlying operation failed.</exception>
public void AcquireCredentialHandle(string packageName, CredentialUse use)
{
Timestamp expiry = new Timestamp();
SecurityStatus status = NativeMethods.AcquireCredentialsHandle(
null, packageName, use, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, ref RawHandle, ref expiry);
if (status != SecurityStatus.Ok)
{
throw new SspiException("Failed to acquire credential handle.");
}
}
public static SafeFreeCredentials AcquireCredentialsHandle(string package, CredentialUse intent, ref IntPtr ppAuthIdentity)
{
SafeFreeCredentials outCredential = null;
int error = SafeFreeCredentials.AcquireCredentialsHandle(package, intent, ref ppAuthIdentity, out outCredential);
if (error != 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error));
}
return(outCredential);
}
internal static extern SecurityStatus AcquireCredentialsHandle
(
string pszPrincipal,
string pszPackage,
CredentialUse fCredentialUse,
IntPtr pvLogonID,
IntPtr pAuthData,
IntPtr pGetKeyFn,
IntPtr pvGetKeyArgument,
ref RawSspiHandle phCredential,
ref Timestamp ptsExpiry
);
public static SafeFreeCredentials AcquireDefaultCredential(string package, CredentialUse intent, params string[] additionalPackages)
{
SafeFreeCredentials outCredential = null;
AuthIdentityEx authIdentity = new AuthIdentityEx(null, null, null, additionalPackages);
int error = SafeFreeCredentials.AcquireDefaultCredential(package, intent, ref authIdentity, out outCredential);
if (error != 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error));
}
return(outCredential);
}
public static unsafe void AcquireCredentialsHandle(
CredentialUse credentialUse,
SchannelCred authData,
out SafeCredHandle credential,
out long expiry)
{
CredHandle handle;
GCHandle paCredHandle = new GCHandle();
IntPtr[] paCred = null;
if (authData.cCreds > 0)
{
paCred = new IntPtr[] { authData.paCreds1 };
paCredHandle = GCHandle.Alloc(paCred, GCHandleType.Pinned);
authData.paCreds1 = paCredHandle.AddrOfPinnedObject();
}
try
{
int error = Secur32Dll.AcquireCredentialsHandleA(
null,
Secur32Dll.UnispName,
(int)credentialUse,
null,
&authData,
null,
null,
out handle,
out expiry);
credential = new SafeCredHandle(handle);
if (error != 0)
{
throw new SspiException(error, @"AcquireCredentialsHandleA");
}
}
finally
{
if (paCredHandle.IsAllocated)
{
paCredHandle.Free();
}
if (paCred != null)
{
authData.paCreds1 = paCred[0];
}
}
}
private SafeFreeCredentials AcquireCredentialsHandle(CredentialUse credUsage, ref SecureCredential secureCredential)
{
SafeFreeCredentials credentials;
try
{
using (WindowsIdentity.Impersonate(IntPtr.Zero))
{
credentials = SSPIWrapper.AcquireCredentialsHandle(GlobalSSPI.SSPISecureChannel, "Microsoft Unified Security Protocol Provider", credUsage, secureCredential);
}
}
catch
{
credentials = SSPIWrapper.AcquireCredentialsHandle(GlobalSSPI.SSPISecureChannel, "Microsoft Unified Security Protocol Provider", credUsage, secureCredential);
}
return(credentials);
}
public static int AcquireCredentialsHandle(SecurDll dll, string package, CredentialUse intent, ref AuthIdentity authdata, out SafeFreeCredentials outCredential)
{
long num2;
int num = -1;
switch (dll)
{
case SecurDll.SECURITY:
outCredential = new SafeFreeCredential_SECURITY();
RuntimeHelpers.PrepareConstrainedRegions();
try
{
goto Label_008D;
}
finally
{
num = UnsafeNclNativeMethods.SafeNetHandles_SECURITY.AcquireCredentialsHandleW(null, package, (int)intent, null, ref authdata, null, null, ref outCredential._handle, out num2);
}
break;
case SecurDll.SECUR32:
break;
default:
goto Label_0068;
}
outCredential = new SafeFreeCredential_SECUR32();
RuntimeHelpers.PrepareConstrainedRegions();
try
{
goto Label_008D;
}
finally
{
num = UnsafeNclNativeMethods.SafeNetHandles_SECUR32.AcquireCredentialsHandleA(null, package, (int)intent, null, ref authdata, null, null, ref outCredential._handle, out num2);
}
Label_0068 :;
throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "SecurDll" }), "Dll");
Label_008D:
if (num != 0)
{
outCredential.SetHandleAsInvalid();
}
return(num);
}
public static SafeFreeCredentials AcquireDefaultCredential(SSPIInterface SecModule, string package, CredentialUse intent)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, string.Concat(new object[] { "AcquireDefaultCredential(package = ", package, ", intent = ", intent, ")" }));
}
SafeFreeCredentials outCredential = null;
int error = SecModule.AcquireDefaultCredential(package, intent, out outCredential);
if (error == 0)
{
return outCredential;
}
if (Logging.On)
{
Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_failed_with_error", new object[] { "AcquireDefaultCredential()", string.Format(CultureInfo.CurrentCulture, "0X{0:X}", new object[] { error }) }));
}
throw new Win32Exception(error);
}
public static SafeFreeCredentials AcquireCredentialsHandle(
string package,
CredentialUse intent,
ref AuthIdentityEx authdata)
{
SafeFreeCredentials credentialsHandle = null;
int errorCode = SafeFreeCredentials.AcquireCredentialsHandle(package,
intent,
ref authdata,
out credentialsHandle
);
if (errorCode != 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(errorCode));
}
return(credentialsHandle);
}
public static int AcquireCredentialsHandle(SecurDll dll, string package, CredentialUse intent, ref AuthIdentity authdata, out SafeFreeCredentials outCredential)
{
long num2;
int num = -1;
switch (dll)
{
case SecurDll.SECURITY:
outCredential = new SafeFreeCredential_SECURITY();
RuntimeHelpers.PrepareConstrainedRegions();
try
{
goto Label_008D;
}
finally
{
num = UnsafeNclNativeMethods.SafeNetHandles_SECURITY.AcquireCredentialsHandleW(null, package, (int) intent, null, ref authdata, null, null, ref outCredential._handle, out num2);
}
break;
case SecurDll.SECUR32:
break;
default:
goto Label_0068;
}
outCredential = new SafeFreeCredential_SECUR32();
RuntimeHelpers.PrepareConstrainedRegions();
try
{
goto Label_008D;
}
finally
{
num = UnsafeNclNativeMethods.SafeNetHandles_SECUR32.AcquireCredentialsHandleA(null, package, (int) intent, null, ref authdata, null, null, ref outCredential._handle, out num2);
}
Label_0068:;
throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "SecurDll" }), "Dll");
Label_008D:
if (num != 0)
{
outCredential.SetHandleAsInvalid();
}
return num;
}
public static int AcquireCredentialsHandle(string package, CredentialUse intent, ref IntPtr ppAuthIdentity, out SafeFreeCredentials outCredential)
{
int num = -1;
outCredential = new SafeFreeCredentials();
RuntimeHelpers.PrepareConstrainedRegions();
try
{
}
finally
{
long num2;
num = AcquireCredentialsHandleW(null, package, (int) intent, null, ppAuthIdentity, null, null, ref outCredential._handle, out num2);
if (num != 0)
{
outCredential.SetHandleAsInvalid();
}
}
return num;
}
public static SafeFreeCredentials AcquireCredentialsHandle(
string package,
CredentialUse intent,
SecureCredential scc)
{
SafeFreeCredentials outCredential = null;
int errorCode = SafeFreeCredentials.AcquireCredentialsHandle(
package,
intent,
ref scc,
out outCredential
);
if (errorCode != 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(errorCode));
}
return(outCredential);
}
public static SafeFreeCredentials AcquireDefaultCredential(SSPIInterface SecModule, string package, CredentialUse intent) {
GlobalLog.Print("SSPIWrapper::AcquireDefaultCredential(): using " + package);
if (Logging.On) Logging.PrintInfo(Logging.Web,
"AcquireDefaultCredential(" +
"package = " + package + ", " +
"intent = " + intent + ")");
SafeFreeCredentials outCredential = null;
int errorCode = SecModule.AcquireDefaultCredential(package, intent, out outCredential );
if (errorCode != 0) {
#if TRAVE
GlobalLog.Print("SSPIWrapper::AcquireDefaultCredential(): error " + SecureChannel.MapSecurityStatus((uint)errorCode));
#endif
if (Logging.On) Logging.PrintError(Logging.Web, SR.GetString(SR.net_log_operation_failed_with_error, "AcquireDefaultCredential()", String.Format(CultureInfo.CurrentCulture, "0X{0:X}", errorCode)));
throw new Win32Exception(errorCode);
}
return outCredential;
}
public static int AcquireCredentialsHandle(string package, CredentialUse intent, ref IntPtr ppAuthIdentity, out SafeFreeCredentials outCredential)
{
int num = -1;
outCredential = new SafeFreeCredentials();
RuntimeHelpers.PrepareConstrainedRegions();
try
{
}
finally
{
long num2;
num = AcquireCredentialsHandleW(null, package, (int)intent, null, ppAuthIdentity, null, null, ref outCredential._handle, out num2);
if (num != 0)
{
outCredential.SetHandleAsInvalid();
}
}
return(num);
}
private void Init(NativeAuthData authData, string secPackage, CredentialUse use)
{
string packageName;
TimeStamp rawExpiry = new TimeStamp();
SecurityStatus status = SecurityStatus.InternalError;
// -- Package --
// Copy off for the call, since this.SecurityPackage is a property.
packageName = this.SecurityPackage;
this.Handle = new SafeCredentialHandle();
// The finally clause is the actual constrained region. The VM pre-allocates any stack space,
// performs any allocations it needs to prepare methods for execution, and postpones any
// instances of the 'uncatchable' exceptions (ThreadAbort, StackOverflow, OutOfMemory).
RuntimeHelpers.PrepareConstrainedRegions();
try { }
finally
{
status = CredentialNativeMethods.AcquireCredentialsHandle_AuthData(
null,
packageName,
use,
IntPtr.Zero,
ref authData,
IntPtr.Zero,
IntPtr.Zero,
ref this.Handle.rawHandle,
ref rawExpiry
);
}
if (status != SecurityStatus.OK)
{
throw new SSPIException("Failed to call AcquireCredentialHandle", status);
}
this.Expiry = rawExpiry.ToDateTime();
}
private void Init( CredentialUse use )
{
string packageName;
TimeStamp rawExpiry = new TimeStamp();
SecurityStatus status = SecurityStatus.InternalError;
// -- Package --
// Copy off for the call, since this.SecurityPackage is a property.
packageName = this.SecurityPackage;
this.Handle = new SafeCredentialHandle();
// The finally clause is the actual constrained region. The VM pre-allocates any stack space,
// performs any allocations it needs to prepare methods for execution, and postpones any
// instances of the 'uncatchable' exceptions (ThreadAbort, StackOverflow, OutOfMemory).
RuntimeHelpers.PrepareConstrainedRegions();
try { }
finally
{
status = CredentialNativeMethods.AcquireCredentialsHandle(
null,
packageName,
use,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero,
IntPtr.Zero,
ref this.Handle.rawHandle,
ref rawExpiry
);
}
if ( status != SecurityStatus.OK )
{
throw new SspiException( "Failed to call AcquireCredentialHandle", status );
}
this.Expiry = rawExpiry.ToDateTime();
}
public unsafe static void AcquireCredentialsHandle(CredentialUse credentialUse, SchannelCred authData, out SafeCredHandle credential, out long expiry)
{
GCHandle gCHandle = default(GCHandle);
IntPtr[] array = null;
if (authData.cCreds > 0)
{
array = new IntPtr[]
{
authData.paCreds1
};
gCHandle = GCHandle.Alloc(array, GCHandleType.Pinned);
authData.paCreds1 = gCHandle.AddrOfPinnedObject();
}
try
{
CredHandle credHandle;
int num = Secur32Dll.AcquireCredentialsHandleA(null, "Microsoft Unified Security Protocol Provider", (int)credentialUse, null, (void *)(&authData), null, null, out credHandle, out expiry);
if (num != 0)
{
throw new SspiException(num, "AcquireCredentialsHandleA");
}
credential = new SafeCredHandle(credHandle);
}
finally
{
if (gCHandle.IsAllocated)
{
gCHandle.Free();
}
if (array != null)
{
authData.paCreds1 = array[0];
}
}
}
public static SafeFreeCredentials AcquireDefaultCredential(SSPIInterface SecModule, string package, CredentialUse intent)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, string.Concat(new object[] { "AcquireDefaultCredential(package = ", package, ", intent = ", intent, ")" }));
}
SafeFreeCredentials outCredential = null;
int error = SecModule.AcquireDefaultCredential(package, intent, out outCredential);
if (error == 0)
{
return(outCredential);
}
if (Logging.On)
{
Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_failed_with_error", new object[] { "AcquireDefaultCredential()", string.Format(CultureInfo.CurrentCulture, "0X{0:X}", new object[] { error }) }));
}
throw new Win32Exception(error);
}
public unsafe static int AcquireDefaultCredential( SecurDll dll,
string package,
CredentialUse intent,
out SafeFreeCredentials outCredential
)
{
GlobalLog.Print("SafeFreeCredentials::AcquireDefaultCredential("
+ dll + ","
+ package + ", "
+ intent + ")"
);
int errorCode = -1;
long timeStamp;
switch (dll) {
case SecurDll.SECURITY:
outCredential = new SafeFreeCredential_SECURITY();
RuntimeHelpers.PrepareConstrainedRegions();
try {} finally {
errorCode = UnsafeNclNativeMethods.SafeNetHandles_SECURITY.AcquireCredentialsHandleW(
null,
package,
(int)intent,
null,
IntPtr.Zero,
null,
null,
ref outCredential._handle,
out timeStamp
);
}
break;
default: throw new ArgumentException(SR.GetString(SR.net_invalid_enum, "SecurDll"), "Dll");
}
#if TRAVE
GlobalLog.Print("Unmanaged::AcquireCredentialsHandle() returns 0x"
+ errorCode.ToString("x")
+ ", handle = " + outCredential.ToString()
);
#endif
if (errorCode != 0) {
outCredential.SetHandleAsInvalid();
}
return errorCode;
}
public int AcquireCredentialsHandle(string moduleName, CredentialUse usage, ref SecureCredential authdata, out SafeFreeCredentials outCredential) {
return SafeFreeCredentials.AcquireCredentialsHandle(Library, moduleName, usage, ref authdata, out outCredential);
}
/// <summary>
/// Initializes a new instance of the CurrentCredential class.
/// </summary>
/// <param name="securityPackage">The security package to acquire the credential handle
/// from.</param>
/// <param name="use">The manner in which the credentials will be used - Inbound typically
/// represents servers, outbound typically represent clients.</param>
public CurrentCredential(string securityPackage, CredentialUse use) :
base(securityPackage)
{
Init(use);
}
SafeFreeCredentials AcquireCredentialsHandle(CredentialUse credUsage, ref SecureCredential secureCredential)
{
// First try without impersonation, if it fails, then try the process account.
// I.E. We don't know which account the certificate context was created under.
try {
//
// For v 1.1 compat We want to ensure the credential are accessed under >>process<< acount.
//
#if FEATURE_MONO_CAS
using (WindowsIdentity.Impersonate(IntPtr.Zero))
#endif
{
return SSPIWrapper.AcquireCredentialsHandle(m_SecModule, SecurityPackage, credUsage, secureCredential);
}
} catch {
return SSPIWrapper.AcquireCredentialsHandle(m_SecModule, SecurityPackage, credUsage, secureCredential);
}
}
//This method should never be called for this type
//public new IntPtr DangerousGetHandle()
//{
// throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException());
//}
public static unsafe int AcquireCredentialsHandle(
string package,
CredentialUse intent,
ref AuthIdentityEx authdata,
out SafeFreeCredentials outCredential)
{
int errorCode = -1;
long timeStamp;
outCredential = new SafeFreeCredentials();
RuntimeHelpers.PrepareConstrainedRegions();
try { }
finally
{
// PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.
#pragma warning suppress 56523 // The API does not set Win32 Last Error. It returns a error code.
errorCode = AcquireCredentialsHandleW(
null,
package,
(int)intent,
null,
ref authdata,
null,
null,
ref outCredential._handle,
out timeStamp
);
if (errorCode != 0)
{
outCredential.SetHandleAsInvalid();
}
}
return errorCode;
}
public static SafeFreeCredentials AcquireCredentialsHandle(SSPIInterface SecModule, string package, CredentialUse intent, ref SafeSspiAuthDataHandle authdata)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web,
"AcquireCredentialsHandle(" +
"package = " + package + ", " +
"intent = " + intent + ", " +
"authdata = " + authdata + ")");
}
SafeFreeCredentials credentialsHandle = null;
int errorCode = SecModule.AcquireCredentialsHandle(package, intent, ref authdata, out credentialsHandle);
if (errorCode != 0)
{
if (Logging.On)
{
Logging.PrintError(Logging.Web, SR.GetString(SR.net_log_operation_failed_with_error, "AcquireCredentialsHandle()", String.Format(CultureInfo.CurrentCulture, "0X{0:X}", errorCode)));
}
throw new Win32Exception(errorCode);
}
return(credentialsHandle);
}
public static SafeFreeCredentials AcquireDefaultCredential(SSPIInterface SecModule, string package, CredentialUse intent)
{
SafeFreeCredentials outCredential = null;
string currentIdentityKey = null;
bool isIdentityCached;
if (s_DefaultCredentialsHandleCacheEnabled)
{
currentIdentityKey = string.Format("{0}_{1}_{2}", package, intent.ToString(), WindowsIdentity.GetCurrent().Name);
isIdentityCached = s_DefaultCredentialsHandleCache.Value.TryGetValue(currentIdentityKey, out outCredential);
}
else
{
isIdentityCached = false;
}
GlobalLog.Print("SSPIWrapper::AcquireDefaultCredential(): using " + package);
if (Logging.On)
{
if (currentIdentityKey == null)
{
// We aren't using the cache but it's still useful to log the current identity for diagnostics.
currentIdentityKey = string.Format("{0}_{1}_{2}", package, intent.ToString(), WindowsIdentity.GetCurrent().Name);
}
Logging.PrintInfo(Logging.Web,
"AcquireDefaultCredential(" +
"package = " + package + ", " +
"intent = " + intent + ", " +
"identity = " + currentIdentityKey + ", " +
"cached = " + isIdentityCached + ")");
}
if (!isIdentityCached)
{
int errorCode = SecModule.AcquireDefaultCredential(package, intent, out outCredential);
if (errorCode != 0)
{
#if TRAVE
GlobalLog.Print("SSPIWrapper::AcquireDefaultCredential(): error " + SecureChannel.MapSecurityStatus((uint)errorCode));
#endif
if (Logging.On)
{
Logging.PrintError(Logging.Web, SR.GetString(SR.net_log_operation_failed_with_error, "AcquireDefaultCredential()", String.Format(CultureInfo.CurrentCulture, "0X{0:X}", errorCode)));
}
throw new Win32Exception(errorCode);
}
if (s_DefaultCredentialsHandleCacheEnabled &&
s_DefaultCredentialsHandleCache.Value.Count < s_DefaultCredentialsHandleCacheSize)
{
try {
s_DefaultCredentialsHandleCache.Value.TryAdd(currentIdentityKey, outCredential);
}
catch (OverflowException) {
// Unlikely to be thrown since it requires Int32.MaxValue items to already be in the cache.
// But we don't want to throw a new exception. So, we'll ignore this error and accept that
// the handle won't be cached.
}
}
}
return(outCredential);
}
public static SafeFreeCredentials AcquireCredentialsHandle(
string package,
CredentialUse intent,
ref AuthIdentityEx authdata)
{
SafeFreeCredentials credentialsHandle = null;
int errorCode = SafeFreeCredentials.AcquireCredentialsHandle(package,
intent,
ref authdata,
out credentialsHandle
);
if (errorCode != 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(errorCode));
}
return credentialsHandle;
}
public static SafeFreeCredentials AcquireDefaultCredential(SSPIInterface SecModule, string package, CredentialUse intent)
{
GlobalLog.Print("SSPIWrapper::AcquireDefaultCredential(): using " + package);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web,
"AcquireDefaultCredential(" +
"package = " + package + ", " +
"intent = " + intent + ")");
}
SafeFreeCredentials outCredential = null;
int errorCode = SecModule.AcquireDefaultCredential(package, intent, out outCredential);
if (errorCode != 0)
{
#if TRAVE
GlobalLog.Print("SSPIWrapper::AcquireDefaultCredential(): error " + SecureChannel.MapSecurityStatus((uint)errorCode));
#endif
if (Logging.On)
{
Logging.PrintError(Logging.Web, SR.GetString(SR.net_log_operation_failed_with_error, "AcquireDefaultCredential()", String.Format(CultureInfo.CurrentCulture, "0X{0:X}", errorCode)));
}
throw new Win32Exception(errorCode);
}
return(outCredential);
}
public static SafeFreeCredentials AcquireCredentialsHandle(
string package,
CredentialUse intent,
SecureCredential scc)
{
SafeFreeCredentials outCredential = null;
int errorCode = SafeFreeCredentials.AcquireCredentialsHandle(
package,
intent,
ref scc,
out outCredential
);
if (errorCode != 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(errorCode));
}
return outCredential;
}
internal static SafeFreeCredentials AcquireCredentialsHandle (SSPIInterface SecModule, string package, CredentialUse intent, SecureCredential scc)
{
return new SafeFreeCredentials (scc);
}
internal static SafeFreeCredentials AcquireCredentialsHandle(SSPIInterface SecModule, string package, CredentialUse intent, SecureCredential scc)
{
return(new SafeFreeCredentials(scc));
}
// This overload is only called on Win7+ where SspiEncodeStringsAsAuthIdentity() was used to
// create the authData blob.
public unsafe static int AcquireCredentialsHandle(
string package,
CredentialUse intent,
ref SafeSspiAuthDataHandle authdata,
out SafeFreeCredentials outCredential
)
{
int errorCode = -1;
long timeStamp;
outCredential = new SafeFreeCredential_SECURITY();
RuntimeHelpers.PrepareConstrainedRegions();
try { }
finally
{
errorCode = UnsafeNclNativeMethods.SafeNetHandles_SECURITY.AcquireCredentialsHandleW(
null,
package,
(int)intent,
null,
authdata,
null,
null,
ref outCredential._handle,
out timeStamp
);
}
if (errorCode != 0)
{
outCredential.SetHandleAsInvalid();
}
return errorCode;
}
private SafeFreeCredentials AcquireCredentialsHandle(CredentialUse credUsage, ref SecureCredential secureCredential)
{
SafeFreeCredentials credentials;
try
{
using (WindowsIdentity.Impersonate(IntPtr.Zero))
{
credentials = SSPIWrapper.AcquireCredentialsHandle(GlobalSSPI.SSPISecureChannel, "Microsoft Unified Security Protocol Provider", credUsage, secureCredential);
}
}
catch
{
credentials = SSPIWrapper.AcquireCredentialsHandle(GlobalSSPI.SSPISecureChannel, "Microsoft Unified Security Protocol Provider", credUsage, secureCredential);
}
return credentials;
}
public unsafe static int AcquireCredentialsHandle( SecurDll dll,
string package,
CredentialUse intent,
ref SecureCredential authdata,
out SafeFreeCredentials outCredential
)
{
GlobalLog.Print("SafeFreeCredentials::AcquireCredentialsHandle#2("
+ dll + ","
+ package + ", "
+ intent + ", "
+ authdata + ")"
);
int errorCode = -1;
long timeStamp;
// If there is a certificate, wrap it into an array.
// Not threadsafe.
IntPtr copiedPtr = authdata.certContextArray;
try
{
IntPtr certArrayPtr = new IntPtr(&copiedPtr);
if (copiedPtr != IntPtr.Zero) {
authdata.certContextArray = certArrayPtr;
}
switch (dll) {
case SecurDll.SECURITY:
outCredential = new SafeFreeCredential_SECURITY();
RuntimeHelpers.PrepareConstrainedRegions();
try {} finally {
errorCode = UnsafeNclNativeMethods.SafeNetHandles_SECURITY.AcquireCredentialsHandleW(
null,
package,
(int)intent,
null,
ref authdata,
null,
null,
ref outCredential._handle,
out timeStamp
);
}
break;
default: throw new ArgumentException(SR.GetString(SR.net_invalid_enum, "SecurDll"), "Dll");
}
}
finally
{
authdata.certContextArray = copiedPtr;
}
#if TRAVE
GlobalLog.Print("Unmanaged::AcquireCredentialsHandle() returns 0x"
+ errorCode.ToString("x")
+ ", handle = " + outCredential.ToString()
);
#endif
if (errorCode != 0) {
outCredential.SetHandleAsInvalid();
}
return errorCode;
}
/// <summary>
/// Initializes a new instance of the CurrentCredential class.
/// </summary>
/// <param name="securityPackage">The security package to acquire the credential handle
/// from.</param>
/// <param name="use">The manner in which the credentials will be used - Inbound typically
/// represents servers, outbound typically represent clients.</param>
public CurrentCredential( string securityPackage, CredentialUse use ) :
base( securityPackage )
{
Init( use );
}
public static SafeFreeCredentials AcquireCredentialsHandle(SSPIInterface SecModule, string package, CredentialUse intent, ref SafeSspiAuthDataHandle authdata) {
if (Logging.On) Logging.PrintInfo(Logging.Web,
"AcquireCredentialsHandle(" +
"package = " + package + ", " +
"intent = " + intent + ", " +
"authdata = " + authdata + ")");
SafeFreeCredentials credentialsHandle = null;
int errorCode = SecModule.AcquireCredentialsHandle(package, intent, ref authdata, out credentialsHandle);
if (errorCode != 0) {
if (Logging.On) Logging.PrintError(Logging.Web, SR.GetString(SR.net_log_operation_failed_with_error, "AcquireCredentialsHandle()", String.Format(CultureInfo.CurrentCulture, "0X{0:X}", errorCode)));
throw new Win32Exception(errorCode);
}
return credentialsHandle;
}
/// <summary>
/// Initializes a new instance of the PasswordCredential class.
/// </summary>
/// <remarks>
/// It is possible to acquire a valid handle to credentials that do not provide a valid
/// username-password combination. The username and password are not validation until the
/// authentication cycle begins.
/// </remarks>
/// <param name="domain">The domain to authenticate to.</param>
/// <param name="username">The username of the user to authenticate as.</param>
/// <param name="password">The user's password.</param>
/// <param name="secPackage">The SSPI security package to create credentials for.</param>
/// <param name="use">
/// Specify inbound when acquiring credentials for a server; outbound for a client.
/// </param>
public PasswordCredential(string domain, string username, string password, string secPackage, CredentialUse use)
: base(secPackage)
{
NativeAuthData authData = new NativeAuthData(domain, username, password, NativeAuthDataFlag.Unicode);
Init(authData, secPackage, use);
}
public int AcquireCredentialsHandle(string moduleName, CredentialUse usage, ref SafeSspiAuthDataHandle authdata, out SafeFreeCredentials outCredential)
{
return(SafeFreeCredentials.AcquireCredentialsHandle(moduleName, usage, ref authdata, out outCredential));
}
public static unsafe int AcquireCredentialsHandle(
string package,
CredentialUse intent,
ref SecureCredential authdata,
out SafeFreeCredentials outCredential)
{
int errorCode = -1;
long timeStamp;
// If there is a certificate, wrap it into an array
IntPtr copiedPtr = authdata.certContextArray;
try
{
IntPtr certArrayPtr = new IntPtr(&copiedPtr);
if (copiedPtr != IntPtr.Zero)
{
authdata.certContextArray = certArrayPtr;
}
outCredential = new SafeFreeCredentials();
RuntimeHelpers.PrepareConstrainedRegions();
try { }
finally
{
// PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.
#pragma warning suppress 56523 // The API does not set Win32 Last Error. It returns a error code.
errorCode = AcquireCredentialsHandleW(
null,
package,
(int)intent,
null,
ref authdata,
null,
null,
ref outCredential._handle,
out timeStamp
);
if (errorCode != 0)
{
outCredential.SetHandleAsInvalid();
}
}
}
finally
{
authdata.certContextArray = copiedPtr;
}
return errorCode;
}
public int AcquireDefaultCredential(string moduleName, CredentialUse usage, out SafeFreeCredentials outCredential)
{
return(SafeFreeCredentials.AcquireDefaultCredential(Library, moduleName, usage, out outCredential));
}
public int AcquireCredentialsHandle(string moduleName, CredentialUse usage, ref SecureCredential authdata, out SafeFreeCredentials outCredential)
{
return(SafeFreeCredentials.AcquireCredentialsHandle(Library, moduleName, usage, ref authdata, out outCredential));
}
public int AcquireCredentialsHandle(string moduleName, CredentialUse usage, ref SafeSspiAuthDataHandle authdata, out SafeFreeCredentials outCredential) {
return SafeFreeCredentials.AcquireCredentialsHandle(moduleName, usage, ref authdata, out outCredential);
}
public int AcquireDefaultCredential(string moduleName, CredentialUse usage, out SafeFreeCredentials outCredential) {
return SafeFreeCredentials.AcquireDefaultCredential(Library, moduleName, usage, out outCredential);
}
