internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface secModule)
{
if (NetEventSource.IsEnabled)
{
NetEventSource.Enter(null);
}
if (secModule.SecurityPackages == null)
{
lock (secModule)
{
if (secModule.SecurityPackages == null)
{
int moduleCount = 0;
SafeFreeContextBuffer arrayBaseHandle = null;
try
{
int errorCode = secModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle);
if (NetEventSource.IsEnabled)
{
NetEventSource.Info(null, $"arrayBase: {arrayBaseHandle}");
}
if (errorCode != 0)
{
throw new Win32Exception(errorCode);
}
var securityPackages = new SecurityPackageInfoClass[moduleCount];
int i;
for (i = 0; i < moduleCount; i++)
{
securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i);
if (NetEventSource.IsEnabled)
{
NetEventSource.Log.EnumerateSecurityPackages(securityPackages[i].Name);
}
}
secModule.SecurityPackages = securityPackages;
}
finally
{
if (arrayBaseHandle != null)
{
arrayBaseHandle.Dispose();
}
}
}
}
}
if (NetEventSource.IsEnabled)
{
NetEventSource.Exit(null);
}
return(secModule.SecurityPackages);
}
internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface secModule)
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Enter("EnumerateSecurityPackages");
}
if (secModule.SecurityPackages == null)
{
lock (secModule)
{
if (secModule.SecurityPackages == null)
{
int moduleCount = 0;
SafeFreeContextBuffer arrayBaseHandle = null;
try
{
int errorCode = secModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle);
if (GlobalLog.IsEnabled)
{
GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x")));
}
if (errorCode != 0)
{
throw new Win32Exception(errorCode);
}
var securityPackages = new SecurityPackageInfoClass[moduleCount];
int i;
for (i = 0; i < moduleCount; i++)
{
securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i);
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.EnumerateSecurityPackages(securityPackages[i].Name);
}
}
secModule.SecurityPackages = securityPackages;
}
finally
{
if (arrayBaseHandle != null)
{
arrayBaseHandle.Dispose();
}
}
}
}
}
if (GlobalLog.IsEnabled)
{
GlobalLog.Leave("EnumerateSecurityPackages");
}
return(secModule.SecurityPackages);
}
internal static SecurityPackageInfoClass[] GetSupportedSecurityPackages(
SSPIInterface SecModule)
{
if (SecModule.SecurityPackages == null)
{
SecModule.SecurityPackages = EnumerateSecurityPackages(SecModule);
}
return(SecModule.SecurityPackages);
}
internal static void VerifyPackageInfo(SSPIInterface secModule)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, "VerifyPackageInfo");
}
secModule.VerifyPackageInfo();
}
public static SafeFreeContextBufferChannelBinding QueryContextChannelBinding(SSPIInterface SecModule, SafeDeleteContext securityContext, ContextAttribute contextAttribute)
{
SafeFreeContextBufferChannelBinding binding;
if (SecModule.QueryContextChannelBinding(securityContext, contextAttribute, out binding) != 0)
{
return(null);
}
return(binding);
}
internal static int CompleteAuthToken(SSPIInterface SecModule, ref SafeDeleteContext context, SecurityBuffer[] inputBuffers)
{
int num = SecModule.CompleteAuthToken(ref context, inputBuffers);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.GetString("net_log_operation_returned_something", new object[] { "CompleteAuthToken()", (SecurityStatus)num }));
}
return(num);
}
internal static int CompleteAuthToken(SSPIInterface SecModule, ref SafeDeleteContext context, SecurityBuffer[] inputBuffers)
{
int errorCode = SecModule.CompleteAuthToken(ref context, inputBuffers);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.GetString(SR.net_log_operation_returned_something, "CompleteAuthToken()", (SecurityStatus)errorCode));
}
return(errorCode);
}
internal static int CompleteAuthToken(SSPIInterface secModule, ref SafeDeleteContext context, SecurityBuffer[] inputBuffers)
{
int errorCode = secModule.CompleteAuthToken(ref context, inputBuffers);
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.OperationReturnedSomething("CompleteAuthToken()", (Interop.SECURITY_STATUS)errorCode);
}
return(errorCode);
}
internal static int ApplyControlToken(SSPIInterface secModule, ref SafeDeleteContext context, SecurityBuffer[] inputBuffers)
{
int errorCode = secModule.ApplyControlToken(ref context, inputBuffers);
if (NetEventSource.IsEnabled)
{
NetEventSource.Log.OperationReturnedSomething(nameof(ApplyControlToken), (Interop.SECURITY_STATUS)errorCode);
}
return(errorCode);
}
internal static SecurityStatus AcceptSecurityContext(SSPIInterface SecModule, ref SafeFreeCredentials credential, ref SafeDeleteContext context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, bool remoteCertRequired)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web,
"AcceptSecurityContext(" +
"credential = " + credential.ToString() + ", " +
"context = " + Logging.ObjectToString(context) + ", " +
"remoteCertRequired = " + remoteCertRequired);
}
return(SecModule.AcceptSecurityContext(ref credential, ref context, inputBuffer, outputBuffer, remoteCertRequired));
}
internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface secModule)
{
GlobalLog.Enter("EnumerateSecurityPackages");
if (secModule.SecurityPackages == null)
{
lock (secModule)
{
if (secModule.SecurityPackages == null)
{
int moduleCount = 0;
SafeFreeContextBuffer arrayBaseHandle = null;
try
{
int errorCode = secModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle);
GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x")));
if (errorCode != 0)
{
throw new Win32Exception(errorCode);
}
SecurityPackageInfoClass[] securityPackages = new SecurityPackageInfoClass[moduleCount];
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.net_log_sspi_enumerating_security_packages);
}
int i;
for (i = 0; i < moduleCount; i++)
{
securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, " " + securityPackages[i].Name);
}
}
secModule.SecurityPackages = securityPackages;
}
finally
{
if (arrayBaseHandle != null)
{
arrayBaseHandle.Dispose();
}
}
}
}
}
GlobalLog.Leave("EnumerateSecurityPackages");
return(secModule.SecurityPackages);
}
internal static SafeFreeCredentials AcquireCredentialsHandle(SSPIInterface SecModule, X509Certificate certificate, SslProtocols protocols, EncryptionPolicy policy, bool isServer)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web,
"AcquireCredentialsHandle(" +
"protocols = " + protocols + ", " +
"policy = " + policy + ", " +
"isServer = " + isServer + ")");
}
return(SecModule.AcquireCredentialsHandle(certificate, protocols, policy, isServer));
}
internal static int AcceptSecurityContext(SSPIInterface SecModule, ref SafeFreeCredentials credential, ref SafeDeleteContext context, ContextFlags inFlags, Endianness datarep, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, ref ContextFlags outFlags)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, string.Concat(new object[] { "AcceptSecurityContext(credential = ", credential.ToString(), ", context = ", ValidationHelper.ToString(context), ", inFlags = ", inFlags, ")" }));
}
int num = SecModule.AcceptSecurityContext(ref credential, ref context, inputBuffer, inFlags, datarep, outputBuffer, ref outFlags);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.GetString("net_log_sspi_security_context_input_buffer", new object[] { "AcceptSecurityContext", (inputBuffer == null) ? 0 : inputBuffer.size, outputBuffer.size, (SecurityStatus) num }));
}
return num;
}
public static int ApplyShutdownToken(
SSPIInterface secModule,
ref SafeFreeCredentials credentialsHandle,
SafeDeleteContext securityContext)
{
int shutdownToken = Interop.SChannel.SCHANNEL_SHUTDOWN;
var bufferDesc = new SecurityBuffer[1];
var buffer = BitConverter.GetBytes(shutdownToken);
bufferDesc[0] = new SecurityBuffer(buffer, BufferType.Token);
return(ApplyControlToken(secModule, ref securityContext, bufferDesc));
}
internal static int AcceptSecurityContext(SSPIInterface SecModule, ref SafeFreeCredentials credential, ref SafeDeleteContext context, ContextFlags inFlags, Endianness datarep, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, ref ContextFlags outFlags)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, string.Concat(new object[] { "AcceptSecurityContext(credential = ", credential.ToString(), ", context = ", ValidationHelper.ToString(context), ", inFlags = ", inFlags, ")" }));
}
int num = SecModule.AcceptSecurityContext(ref credential, ref context, inputBuffer, inFlags, datarep, outputBuffer, ref outFlags);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.GetString("net_log_sspi_security_context_input_buffer", new object[] { "AcceptSecurityContext", (inputBuffer == null) ? 0 : inputBuffer.size, outputBuffer.size, (SecurityStatus)num }));
}
return(num);
}
internal static int AcceptSecurityContext(
SSPIInterface SecModule,
long credential,
long context,
int requirements,
Endianness datarep,
SecurityBufferClass inputBuffer,
ref long newContext,
SecurityBufferClass outputBuffer,
out int attributes,
out long timestamp
)
{
GlobalLog.Enter("AcceptSecurityContext#1");
SecurityBufferClass[] inputBufferArray = null;
SecurityBufferClass[] outputBufferArray = null;
if (inputBuffer != null)
{
inputBufferArray = new SecurityBufferClass[1];
inputBufferArray[0] = inputBuffer;
}
if (outputBuffer != null)
{
outputBufferArray = new SecurityBufferClass[1];
outputBufferArray[0] = outputBuffer;
}
int errorCode =
AcceptSecurityContext(
SecModule,
credential,
context,
requirements,
datarep,
inputBufferArray,
ref newContext,
outputBufferArray,
out attributes,
out timestamp);
outputBuffer.type = outputBufferArray[0].type;
outputBuffer.size = outputBufferArray[0].size;
outputBuffer.token = outputBufferArray[0].token;
GlobalLog.Leave("AcceptSecurityContext#1");
return(errorCode);
}
InitializeSecurityContext(SSPIInterface SecModule,
long credential,
long context,
string targetName,
int requirements,
Endianness datarep,
SecurityBufferClass inputBuffer,
ref long newContext,
SecurityBufferClass outputBuffer,
ref int attributes,
ref long timestamp
)
{
GlobalLog.Enter("InitializeSecurityContext#1");
GlobalLog.Print("SSPIWrapper::InitializeSecurityContext#1()");
SecurityBufferClass[] inputBufferArray = null;
SecurityBufferClass[] outputBufferArray = null;
if (inputBuffer != null)
{
inputBufferArray = new SecurityBufferClass[1];
inputBufferArray[0] = inputBuffer;
}
if (outputBuffer != null)
{
outputBufferArray = new SecurityBufferClass[1];
outputBufferArray[0] = outputBuffer;
}
int errorCode = InitializeSecurityContext(SecModule,
credential,
context,
targetName,
requirements,
datarep,
inputBufferArray,
ref newContext,
outputBufferArray,
ref attributes,
ref timestamp
);
outputBuffer.type = outputBufferArray[0].type;
outputBuffer.size = outputBufferArray[0].size;
outputBuffer.token = outputBufferArray[0].token;
GlobalLog.Print("SSPIWrapper::InitializeSecurityContext#1(): returning " + String.Format("0x{0:x}", errorCode));
GlobalLog.Leave("InitializeSecurityContext#1");
return(errorCode);
}
internal static SecurityStatus InitializeSecurityContext(SSPIInterface SecModule, SafeFreeCredentials credential, ref SafeDeleteContext context, string targetName, SecurityBuffer[] inputBuffers, SecurityBuffer outputBuffer)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web,
"InitializeSecurityContext(" +
"credential = " + credential.ToString() + ", " +
"context = " + Logging.ObjectToString(context) + ", " +
"targetName = " + targetName);
}
SecurityStatus errorCode = SecModule.InitializeSecurityContext(credential, ref context, targetName, inputBuffers, outputBuffer);
return(errorCode);
}
internal SecurityPackageInfoClass(SSPIInterface SecModule, IntPtr unmanagedAddress)
{
if (unmanagedAddress == IntPtr.Zero)
{
return;
}
Capabilities = Marshal.ReadInt32(unmanagedAddress, (int)Marshal.OffsetOf(typeof(SecurityPackageInfo), "Capabilities"));
Version = Marshal.ReadInt16(unmanagedAddress, (int)Marshal.OffsetOf(typeof(SecurityPackageInfo), "Version"));
RPCID = Marshal.ReadInt16(unmanagedAddress, (int)Marshal.OffsetOf(typeof(SecurityPackageInfo), "RPCID"));
MaxToken = Marshal.ReadInt32(unmanagedAddress, (int)Marshal.OffsetOf(typeof(SecurityPackageInfo), "MaxToken"));
IntPtr unmanagedString;
unmanagedString = Marshal.ReadIntPtr(unmanagedAddress, (int)Marshal.OffsetOf(typeof(SecurityPackageInfo), "Name"));
if (unmanagedString != IntPtr.Zero)
{
if (ComNetOS.IsWin9x)
{
Name = Marshal.PtrToStringAnsi(unmanagedString);
}
else
{
Name = Marshal.PtrToStringUni(unmanagedString);
}
GlobalLog.Print("Name: " + Name);
//SecModule.FreeContextBuffer(unmanagedString);
}
unmanagedString = Marshal.ReadIntPtr(unmanagedAddress, (int)Marshal.OffsetOf(typeof(SecurityPackageInfo), "Comment"));
if (unmanagedString != IntPtr.Zero)
{
if (ComNetOS.IsWin9x)
{
Comment = Marshal.PtrToStringAnsi(unmanagedString);
}
else
{
Comment = Marshal.PtrToStringUni(unmanagedString);
}
GlobalLog.Print("Comment: " + Comment);
//SecModule.FreeContextBuffer(unmanagedString);
}
GlobalLog.Print("SecurityPackageInfoClass.ctor(): " + ToString());
return;
}
internal static int InitializeSecurityContext(SSPIInterface secModule, ref SafeFreeCredentials credential, ref SafeDeleteContext context, string targetName, Interop.SspiCli.ContextFlags inFlags, Interop.SspiCli.Endianness datarep, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, ref Interop.SspiCli.ContextFlags outFlags)
{
if (NetEventSource.IsEnabled)
{
NetEventSource.Log.InitializeSecurityContext(credential, context, targetName, inFlags);
}
int errorCode = secModule.InitializeSecurityContext(ref credential, ref context, targetName, inFlags, datarep, inputBuffer, outputBuffer, ref outFlags);
if (NetEventSource.IsEnabled)
{
NetEventSource.Log.SecurityContextInputBuffer(nameof(InitializeSecurityContext), inputBuffer?.size ?? 0, outputBuffer.size, (Interop.SECURITY_STATUS)errorCode);
}
return(errorCode);
}
internal static int AcceptSecurityContext(SSPIInterface secModule, SafeFreeCredentials credential, ref SafeDeleteContext context, Interop.SspiCli.ContextFlags inFlags, Interop.SspiCli.Endianness datarep, SecurityBuffer[] inputBuffers, SecurityBuffer outputBuffer, ref Interop.SspiCli.ContextFlags outFlags)
{
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.AcceptSecurityContext(credential.ToString(), LoggingHash.ObjectToString(context), inFlags);
}
int errorCode = secModule.AcceptSecurityContext(credential, ref context, inputBuffers, inFlags, datarep, outputBuffer, ref outFlags);
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.SecurityContextInputBuffers(nameof(AcceptSecurityContext), (inputBuffers == null ? 0 : inputBuffers.Length), outputBuffer.size, (Interop.SECURITY_STATUS)errorCode);
}
return(errorCode);
}
internal static int AcceptSecurityContext(SSPIInterface secModule, SafeFreeCredentials credential, ref SafeDeleteContext context, Interop.SspiCli.ContextFlags inFlags, Interop.SspiCli.Endianness datarep, SecurityBuffer[] inputBuffers, SecurityBuffer outputBuffer, ref Interop.SspiCli.ContextFlags outFlags)
{
if (NetEventSource.IsEnabled)
{
NetEventSource.Log.AcceptSecurityContext(credential, context, inFlags);
}
int errorCode = secModule.AcceptSecurityContext(credential, ref context, inputBuffers, inFlags, datarep, outputBuffer, ref outFlags);
if (NetEventSource.IsEnabled)
{
NetEventSource.Log.SecurityContextInputBuffers(nameof(AcceptSecurityContext), inputBuffers?.Length ?? 0, outputBuffer.size, (Interop.SECURITY_STATUS)errorCode);
}
return(errorCode);
}
internal static int AcceptSecurityContext(SSPIInterface secModule, ref SafeFreeCredentials credential, ref SafeDeleteContext context, Interop.Secur32.ContextFlags inFlags, Interop.Secur32.Endianness datarep, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, ref Interop.Secur32.ContextFlags outFlags)
{
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.AcceptSecurityContext(credential.ToString(), LoggingHash.ObjectToString(context), inFlags);
}
int errorCode = secModule.AcceptSecurityContext(ref credential, ref context, inputBuffer, inFlags, datarep, outputBuffer, ref outFlags);
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.SecurityContextInputBuffer("AcceptSecurityContext", (inputBuffer == null ? 0 : inputBuffer.size), outputBuffer.size, (Interop.SecurityStatus)errorCode);
}
return(errorCode);
}
public static SafeFreeContextBufferChannelBinding QueryContextChannelBinding(SSPIInterface SecModule, SafeDeleteContext securityContext, ContextAttribute contextAttribute)
{
GlobalLog.Enter("QueryContextChannelBinding", contextAttribute.ToString());
SafeFreeContextBufferChannelBinding result;
int errorCode = SecModule.QueryContextChannelBinding(securityContext, contextAttribute, out result);
if (errorCode != 0)
{
GlobalLog.Leave("QueryContextChannelBinding", "ERROR = " + ErrorDescription(errorCode));
return(null);
}
GlobalLog.Leave("QueryContextChannelBinding", ValidationHelper.HashString(result));
return(result);
}
public static SafeFreeCredentials AcquireDefaultCredential(SSPIInterface SecModule, string package, CredentialUse intent)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, string.Concat(new object[] { "AcquireDefaultCredential(package = ", package, ", intent = ", intent, ")" }));
}
SafeFreeCredentials outCredential = null;
int error = SecModule.AcquireDefaultCredential(package, intent, out outCredential);
if (error == 0)
{
return outCredential;
}
if (Logging.On)
{
Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_failed_with_error", new object[] { "AcquireDefaultCredential()", string.Format(CultureInfo.CurrentCulture, "0X{0:X}", new object[] { error }) }));
}
throw new Win32Exception(error);
}
public static SafeFreeCredentials AcquireCredentialsHandle(SSPIInterface secModule, string package, Interop.SspiCli.CredentialUse intent, Interop.SspiCli.SCHANNEL_CRED scc)
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Print("SSPIWrapper::AcquireCredentialsHandle#3(): using " + package);
}
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.AcquireCredentialsHandle(package, intent, scc);
}
SafeFreeCredentials outCredential = null;
int errorCode = secModule.AcquireCredentialsHandle(
package,
intent,
ref scc,
out outCredential);
if (errorCode != 0)
{
#if TRACE_VERBOSE
if (GlobalLog.IsEnabled)
{
GlobalLog.Print("SSPIWrapper::AcquireCredentialsHandle#3(): error " + Interop.MapSecurityStatus((uint)errorCode));
}
#endif
if (NetEventSource.Log.IsEnabled())
{
NetEventSource.PrintError(NetEventSource.ComponentType.Security, SR.Format(SR.net_log_operation_failed_with_error, "AcquireCredentialsHandle()", String.Format(CultureInfo.CurrentCulture, "0X{0:X}", errorCode)));
}
throw new Win32Exception(errorCode);
}
#if TRACE_VERBOSE
if (GlobalLog.IsEnabled)
{
GlobalLog.Print("SSPIWrapper::AcquireCredentialsHandle#3(): cred handle = " + outCredential.ToString());
}
#endif
return(outCredential);
}
internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule)
{
if (SecModule.SecurityPackages == null)
{
lock (SecModule)
{
if (SecModule.SecurityPackages == null)
{
int pkgnum = 0;
SafeFreeContextBuffer pkgArray = null;
try
{
int error = SecModule.EnumerateSecurityPackages(out pkgnum, out pkgArray);
if (error != 0)
{
throw new Win32Exception(error);
}
SecurityPackageInfoClass[] classArray = new SecurityPackageInfoClass[pkgnum];
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.GetString("net_log_sspi_enumerating_security_packages"));
}
for (int i = 0; i < pkgnum; i++)
{
classArray[i] = new SecurityPackageInfoClass(pkgArray, i);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, " " + classArray[i].Name);
}
}
SecModule.SecurityPackages = classArray;
}
finally
{
if (pkgArray != null)
{
pkgArray.Close();
}
}
}
}
}
return(SecModule.SecurityPackages);
}
public static SafeFreeCredentials AcquireDefaultCredential(SSPIInterface SecModule, string package, CredentialUse intent)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, string.Concat(new object[] { "AcquireDefaultCredential(package = ", package, ", intent = ", intent, ")" }));
}
SafeFreeCredentials outCredential = null;
int error = SecModule.AcquireDefaultCredential(package, intent, out outCredential);
if (error == 0)
{
return(outCredential);
}
if (Logging.On)
{
Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_failed_with_error", new object[] { "AcquireDefaultCredential()", string.Format(CultureInfo.CurrentCulture, "0X{0:X}", new object[] { error }) }));
}
throw new Win32Exception(error);
}
internal static int InitializeSecurityContext(SSPIInterface secModule, ref SafeFreeCredentials credential, ref SafeDeleteContext context, string targetName, Interop.SspiCli.ContextFlags inFlags, Interop.SspiCli.Endianness datarep, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, ref Interop.SspiCli.ContextFlags outFlags)
{
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.InitializeSecurityContext(credential.ToString(),
LoggingHash.ObjectToString(context),
targetName,
inFlags);
}
int errorCode = secModule.InitializeSecurityContext(ref credential, ref context, targetName, inFlags, datarep, inputBuffer, outputBuffer, ref outFlags);
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.SecurityContextInputBuffer(nameof(InitializeSecurityContext), (inputBuffer == null ? 0 : inputBuffer.size), outputBuffer.size, (Interop.SECURITY_STATUS)errorCode);
}
return(errorCode);
}
internal static int InitializeSecurityContext(SSPIInterface secModule, SafeFreeCredentials credential, ref SafeDeleteContext context, string targetName, Interop.Secur32.ContextFlags inFlags, Interop.Secur32.Endianness datarep, SecurityBuffer[] inputBuffers, SecurityBuffer outputBuffer, ref Interop.Secur32.ContextFlags outFlags)
{
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.InitializeSecurityContext(credential.ToString(),
LoggingHash.ObjectToString(context),
targetName,
inFlags);
}
int errorCode = secModule.InitializeSecurityContext(credential, ref context, targetName, inFlags, datarep, inputBuffers, outputBuffer, ref outFlags);
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.SecurityContextInputBuffers("InitializeSecurityContext", (inputBuffers == null ? 0 : inputBuffers.Length), outputBuffer.size, (Interop.SecurityStatus)errorCode);
}
return(errorCode);
}
internal static int AcceptSecurityContext(SSPIInterface SecModule, SafeFreeCredentials credential, ref SafeDeleteContext context, ContextFlags inFlags, Endianness datarep, SecurityBuffer[] inputBuffers, SecurityBuffer outputBuffer, ref ContextFlags outFlags)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web,
"AcceptSecurityContext(" +
"credential = " + credential.ToString() + ", " +
"context = " + ValidationHelper.ToString(context) + ", " +
"inFlags = " + inFlags + ")");
}
int errorCode = SecModule.AcceptSecurityContext(credential, ref context, inputBuffers, inFlags, datarep, outputBuffer, ref outFlags);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.GetString(SR.net_log_sspi_security_context_input_buffers, "AcceptSecurityContext", (inputBuffers == null ? 0 : inputBuffers.Length), outputBuffer.size, (SecurityStatus)errorCode));
}
return(errorCode);
}
internal static int AcceptSecurityContext(SSPIInterface secModule, ref SafeFreeCredentials credential, ref SafeDeleteContext context, Interop.Secur32.ContextFlags inFlags, Interop.Secur32.Endianness datarep, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, ref Interop.Secur32.ContextFlags outFlags)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web,
"AcceptSecurityContext(" +
"credential = " + credential.ToString() + ", " +
"context = " + Logging.ObjectToString(context) + ", " +
"inFlags = " + inFlags + ")");
}
int errorCode = secModule.AcceptSecurityContext(ref credential, ref context, inputBuffer, inFlags, datarep, outputBuffer, ref outFlags);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.Format(SR.net_log_sspi_security_context_input_buffer, "AcceptSecurityContext", (inputBuffer == null ? 0 : inputBuffer.size), outputBuffer.size, (Interop.SecurityStatus)errorCode));
}
return(errorCode);
}
public static SafeFreeContextBufferChannelBinding QueryContextChannelBinding(SSPIInterface SecModule, SafeDeleteContext securityContext, ContextAttribute contextAttribute)
{
SafeFreeContextBufferChannelBinding binding;
if (SecModule.QueryContextChannelBinding(securityContext, contextAttribute, out binding) != 0)
{
return null;
}
return binding;
}
public static unsafe object QueryContextAttributes(SSPIInterface SecModule, SafeDeleteContext securityContext, ContextAttribute contextAttribute, out int errorCode)
{
int size = IntPtr.Size;
Type handleType = null;
switch (contextAttribute)
{
case ContextAttribute.Sizes:
size = SecSizes.SizeOf;
break;
case ContextAttribute.Names:
handleType = typeof(SafeFreeContextBuffer);
break;
case ContextAttribute.StreamSizes:
size = StreamSizes.SizeOf;
break;
case ContextAttribute.PackageInfo:
handleType = typeof(SafeFreeContextBuffer);
break;
case ContextAttribute.NegotiationInfo:
handleType = typeof(SafeFreeContextBuffer);
size = Marshal.SizeOf(typeof(NegotiationInfo));
break;
case ContextAttribute.RemoteCertificate:
handleType = typeof(SafeFreeCertContext);
break;
case ContextAttribute.LocalCertificate:
handleType = typeof(SafeFreeCertContext);
break;
case ContextAttribute.ClientSpecifiedSpn:
handleType = typeof(SafeFreeContextBuffer);
break;
case ContextAttribute.IssuerListInfoEx:
size = Marshal.SizeOf(typeof(IssuerListInfoEx));
handleType = typeof(SafeFreeContextBuffer);
break;
case ContextAttribute.ConnectionInfo:
size = Marshal.SizeOf(typeof(SslConnectionInfo));
break;
default:
throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "ContextAttribute" }), "contextAttribute");
}
SafeHandle refHandle = null;
object obj2 = null;
try
{
byte[] buffer = new byte[size];
errorCode = SecModule.QueryContextAttributes(securityContext, contextAttribute, buffer, handleType, out refHandle);
if (errorCode != 0)
{
return null;
}
ContextAttribute attribute2 = contextAttribute;
if (attribute2 <= ContextAttribute.NegotiationInfo)
{
switch (attribute2)
{
case ContextAttribute.Sizes:
return new SecSizes(buffer);
case ContextAttribute.Names:
if (!ComNetOS.IsWin9x)
{
return Marshal.PtrToStringUni(refHandle.DangerousGetHandle());
}
return Marshal.PtrToStringAnsi(refHandle.DangerousGetHandle());
case ContextAttribute.Lifespan:
case ContextAttribute.DceInfo:
return obj2;
case ContextAttribute.StreamSizes:
return new StreamSizes(buffer);
case ContextAttribute.PackageInfo:
return new SecurityPackageInfoClass(refHandle, 0);
case (ContextAttribute.PackageInfo | ContextAttribute.Names):
return obj2;
case ContextAttribute.NegotiationInfo:
goto Label_0229;
}
return obj2;
}
switch (attribute2)
{
case ContextAttribute.RemoteCertificate:
case ContextAttribute.LocalCertificate:
obj2 = refHandle;
refHandle = null;
return obj2;
case ContextAttribute.ClientSpecifiedSpn:
goto Label_0266;
case ContextAttribute.IssuerListInfoEx:
obj2 = new IssuerListInfoEx(refHandle, buffer);
refHandle = null;
return obj2;
case ContextAttribute.ConnectionInfo:
return new SslConnectionInfo(buffer);
default:
return obj2;
}
Label_0229:
try
{
byte[] buffer2;
if (((buffer2 = buffer) == null) || (buffer2.Length == 0))
{
fixed (IntPtr* ptrRef = null)
{
}
}
return new NegotiationInfoClass(refHandle, Marshal.ReadInt32(new IntPtr((void*) ptrRef), NegotiationInfo.NegotiationStateOffest));
}
finally
{
ptrRef = null;
}
Label_0266:
return Marshal.PtrToStringUni(refHandle.DangerousGetHandle());
}
finally
{
if (refHandle != null)
{
refHandle.Close();
}
}
return obj2;
}
internal static int CompleteAuthToken(SSPIInterface SecModule, ref SafeDeleteContext context, SecurityBuffer[] inputBuffers)
{
int num = SecModule.CompleteAuthToken(ref context, inputBuffers);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.GetString("net_log_operation_returned_something", new object[] { "CompleteAuthToken()", (SecurityStatus) num }));
}
return num;
}
private static unsafe int EncryptDecryptHelper(OP op, SSPIInterface SecModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber)
{
SecurityBufferDescriptor inputOutput = new SecurityBufferDescriptor(input.Length);
SecurityBufferStruct[] structArray = new SecurityBufferStruct[input.Length];
fixed (SecurityBufferStruct* structRef = structArray)
{
int num6;
inputOutput.UnmanagedPointer = (void*) structRef;
GCHandle[] handleArray = new GCHandle[input.Length];
byte[][] bufferArray = new byte[input.Length][];
try
{
int num2;
for (int i = 0; i < input.Length; i++)
{
SecurityBuffer buffer = input[i];
structArray[i].count = buffer.size;
structArray[i].type = buffer.type;
if ((buffer.token == null) || (buffer.token.Length == 0))
{
structArray[i].token = IntPtr.Zero;
}
else
{
handleArray[i] = GCHandle.Alloc(buffer.token, GCHandleType.Pinned);
structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer.token, buffer.offset);
bufferArray[i] = buffer.token;
}
}
switch (op)
{
case OP.Encrypt:
num2 = SecModule.EncryptMessage(context, inputOutput, sequenceNumber);
break;
case OP.Decrypt:
num2 = SecModule.DecryptMessage(context, inputOutput, sequenceNumber);
break;
case OP.MakeSignature:
num2 = SecModule.MakeSignature(context, inputOutput, sequenceNumber);
break;
case OP.VerifySignature:
num2 = SecModule.VerifySignature(context, inputOutput, sequenceNumber);
break;
default:
throw ExceptionHelper.MethodNotImplementedException;
}
for (int j = 0; j < input.Length; j++)
{
SecurityBuffer buffer2 = input[j];
buffer2.size = structArray[j].count;
buffer2.type = structArray[j].type;
if (buffer2.size == 0)
{
buffer2.offset = 0;
buffer2.token = null;
}
else
{
int index = 0;
while (index < input.Length)
{
if (bufferArray[index] != null)
{
byte* numPtr = (byte*) Marshal.UnsafeAddrOfPinnedArrayElement(bufferArray[index], 0);
if ((((void*) structArray[j].token) >= numPtr) && ((((void*) structArray[j].token) + buffer2.size) <= (numPtr + bufferArray[index].Length)))
{
buffer2.offset = (int) ((long) ((((void*) structArray[j].token) - numPtr) / 1));
buffer2.token = bufferArray[index];
break;
}
}
index++;
}
if (index >= input.Length)
{
buffer2.size = 0;
buffer2.offset = 0;
buffer2.token = null;
}
}
}
if ((num2 != 0) && Logging.On)
{
if (num2 == 0x90321)
{
Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_returned_something", new object[] { op, "SEC_I_RENEGOTIATE" }));
}
else
{
Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_failed_with_error", new object[] { op, string.Format(CultureInfo.CurrentCulture, "0X{0:X}", new object[] { num2 }) }));
}
}
num6 = num2;
}
finally
{
for (int k = 0; k < handleArray.Length; k++)
{
if (handleArray[k].IsAllocated)
{
handleArray[k].Free();
}
}
}
return num6;
}
}
internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule)
{
if (SecModule.SecurityPackages == null)
{
lock (SecModule)
{
if (SecModule.SecurityPackages == null)
{
int pkgnum = 0;
SafeFreeContextBuffer pkgArray = null;
try
{
int error = SecModule.EnumerateSecurityPackages(out pkgnum, out pkgArray);
if (error != 0)
{
throw new Win32Exception(error);
}
SecurityPackageInfoClass[] classArray = new SecurityPackageInfoClass[pkgnum];
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.GetString("net_log_sspi_enumerating_security_packages"));
}
for (int i = 0; i < pkgnum; i++)
{
classArray[i] = new SecurityPackageInfoClass(pkgArray, i);
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, " " + classArray[i].Name);
}
}
SecModule.SecurityPackages = classArray;
}
finally
{
if (pkgArray != null)
{
pkgArray.Close();
}
}
}
}
}
return SecModule.SecurityPackages;
}
internal static SecurityPackageInfoClass GetVerifyPackageInfo(SSPIInterface secModule, string packageName)
{
return GetVerifyPackageInfo(secModule, packageName, false);
}
public static int QuerySecurityContextToken(SSPIInterface SecModule, SafeDeleteContext context, out SafeCloseHandle token)
{
return SecModule.QuerySecurityContextToken(context, out token);
}
public static object QueryContextAttributes(SSPIInterface SecModule, SafeDeleteContext securityContext, ContextAttribute contextAttribute)
{
int num;
return QueryContextAttributes(SecModule, securityContext, contextAttribute, out num);
}
internal static SecurityPackageInfoClass GetVerifyPackageInfo(SSPIInterface secModule, string packageName, bool throwIfMissing)
{
SecurityPackageInfoClass[] classArray = EnumerateSecurityPackages(secModule);
if (classArray != null)
{
for (int i = 0; i < classArray.Length; i++)
{
if (string.Compare(classArray[i].Name, packageName, StringComparison.OrdinalIgnoreCase) == 0)
{
return classArray[i];
}
}
}
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, SR.GetString("net_log_sspi_security_package_not_found", new object[] { packageName }));
}
if (throwIfMissing)
{
throw new NotSupportedException(SR.GetString("net_securitypackagesupport"));
}
return null;
}
public static int VerifySignature(SSPIInterface secModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber)
{
return EncryptDecryptHelper(OP.VerifySignature, secModule, context, input, sequenceNumber);
}
