public byte[] GetOutgoingBlob(byte[] incomingBlob, out bool handshakeComplete)
{
handshakeComplete = true;
if (this.m_SecurityContext.Handle.Initialized && incomingBlob == null)
{
return(null);
}
SecurityBufferClass inputBuffer = null;
if (incomingBlob != null)
{
inputBuffer = new SecurityBufferClass(incomingBlob, BufferType.Token);
}
SecurityBufferClass securityBufferClass = new SecurityBufferClass(this.m_TokenSize, BufferType.Token);
int num = SSPIWrapper.InitializeSecurityContext(ref this.m_CredentialsHandle.Handle, ref this.m_SecurityContext.Handle, this.m_RemotePeerId, (int)this.m_RequestedFlags, this.m_Endianness, inputBuffer, ref this.m_SecurityContext.Handle, securityBufferClass, ref this.m_ContextFlags, ref this.m_SecurityContext.TimeStamp);
int num2 = num & -2147483648;
if (num2 != 0)
{
throw new Win32Exception(num);
}
if (num != 0 && this.m_SecurityContext.Handle.Initialized)
{
handshakeComplete = false;
}
else
{
switch (this.m_SecurityContext.SecurityContextMode)
{
case SecurityContextMode.stream:
this.CheckIfFlagWasObtainedIfRequested(ContextFlags.Stream);
break;
}
this.CheckIfFlagWasObtainedIfRequested(ContextFlags.MutualAuth);
this.CheckIfFlagWasObtainedIfRequested(ContextFlags.ReplayDetect);
this.CheckIfFlagWasObtainedIfRequested(ContextFlags.SequenceDetect);
this.CheckIfFlagWasObtainedIfRequested(ContextFlags.Confidentiality);
}
return(securityBufferClass.token);
}
private void WriteInBlockMode(byte[] buffer, int offset, int size)
{
for (int i = Math.Min(this.maxEncryptionBufferSize, size); i > 0; i = Math.Min(this.maxEncryptionBufferSize, size))
{
SecurityBufferClass securityBufferClass = this.securityBuffers[0];
securityBufferClass.offset = offset;
securityBufferClass.size = i;
securityBufferClass.token = buffer;
securityBufferClass.type = 1;
securityBufferClass = this.securityBuffers[1];
securityBufferClass.offset = 0;
securityBufferClass.size = this.maxTokenSize;
securityBufferClass.token = this.tokenBufferForWrite;
securityBufferClass.type = 2;
int num = SSPIWrapper.EncryptMessage(ref this.securityContext.Handle, this.securityBuffers, ++this.sequenceNumberForWrite);
if (num != 0)
{
throw new XmlaStreamException(new Win32Exception(num).Message);
}
base.Write();
offset += i;
size -= i;
}
}
public override int Read(byte[] buffer, int offset, int size)
{
if (this.disposed)
{
throw new ObjectDisposedException(null);
}
int result;
try
{
if (size == 0)
{
result = 0;
}
else
{
while (this.dataSizeForRead <= 0)
{
if (!this.Read())
{
result = 0;
return(result);
}
int num = SSPIWrapper.VerifySignature(ref this.securityContext.Handle, 0, this.securityBuffers, ++this.sequenceNumberForRead);
if (num != 0)
{
throw new XmlaStreamException(new Win32Exception(num).Message);
}
SecurityBufferClass securityBufferClass = this.securityBuffers[0];
if (securityBufferClass.offset + securityBufferClass.size > 65535)
{
throw new XmlaStreamException(XmlaSR.InternalError);
}
this.dataOffsetForRead = (ushort)securityBufferClass.offset;
this.dataSizeForRead = (ushort)securityBufferClass.size;
}
ushort num2 = 0;
int num3 = (int)this.dataOffsetForRead;
int num4 = (int)(this.dataOffsetForRead + this.dataSizeForRead);
int num5 = offset;
int num6 = offset + size;
while (num3 < num4 && num5 < num6)
{
buffer[num5] = this.dataBufferForRead[num3];
num3++;
num5++;
num2 += 1;
}
this.dataSizeForRead -= num2;
this.dataOffsetForRead += num2;
result = (int)num2;
}
}
catch (XmlaStreamException)
{
throw;
}
catch (IOException innerException)
{
throw new XmlaStreamException(innerException);
}
catch (SocketException innerException2)
{
throw new XmlaStreamException(innerException2);
}
catch (Win32Exception innerException3)
{
throw new XmlaStreamException(innerException3);
}
return(result);
}
internal TcpSecureStream(TcpStream tcpStream, SecurityContext securityContext) : base(tcpStream)
{
if (securityContext == null)
{
throw new ArgumentNullException("securityContext");
}
this.securityContext = securityContext;
try
{
switch (this.securityContext.SecurityContextMode)
{
case SecurityContextMode.block:
{
Sizes sizes = (Sizes)SSPIWrapper.QueryContextAttributes(securityContext, ContextAttribute.Sizes);
this.maxTokenSize = Math.Max(sizes.cbSecurityTrailer, sizes.cbMaxSignature);
this.maxEncryptionBufferSize = Math.Min(sizes.cbMaxToken, 65535);
if (this.maxTokenSize > 65535)
{
throw new XmlaStreamException(XmlaSR.TcpStream_MaxSignatureExceedsProtocolLimit);
}
this.tokenBufferForWrite = new byte[this.maxTokenSize];
this.tokenBufferForRead = new byte[this.maxTokenSize];
this.securityBuffers = new SecurityBufferClass[]
{
new SecurityBufferClass(null, BufferType.Data),
new SecurityBufferClass(this.tokenBufferForWrite, BufferType.Token)
};
break;
}
case SecurityContextMode.stream:
{
this.streamSizes = (StreamSizes)SSPIWrapper.QueryContextAttributes(securityContext, ContextAttribute.StreamSizes);
if (this.streamSizes.cbMaxMessage > 65535)
{
throw new XmlaStreamException(XmlaSR.TcpStream_MaxSignatureExceedsProtocolLimit);
}
this.streamHeaderForWrite = new ArraySegment <byte>(new byte[this.streamSizes.cbHeader]);
this.streamTrailerForWrite = new ArraySegment <byte>(new byte[this.streamSizes.cbTrailer]);
this.streamEncryptedDataAccumulatorForRead = new List <ArraySegment <byte> >();
this.streamEncryptedDataAccumulatorForReadFreeBuffers = new List <ArraySegment <byte> >();
this.streamDecryptedDataForRead = new List <ArraySegment <byte> >();
SecurityBufferClass securityBufferClass = new SecurityBufferClass(this.streamHeaderForWrite.Array, BufferType.Header);
SecurityBufferClass securityBufferClass2 = new SecurityBufferClass(null, BufferType.Data);
SecurityBufferClass securityBufferClass3 = new SecurityBufferClass(this.streamTrailerForWrite.Array, BufferType.Trailer);
SecurityBufferClass securityBufferClass4 = new SecurityBufferClass(null, BufferType.Empty);
this.securityBuffers = new SecurityBufferClass[]
{
securityBufferClass,
securityBufferClass2,
securityBufferClass3,
securityBufferClass4
};
break;
}
default:
throw new XmlaStreamException("SecurityContextMode " + this.securityContext.SecurityContextMode + " not configured!");
}
}
catch (XmlaStreamException)
{
throw;
}
catch (IOException innerException)
{
throw new XmlaStreamException(innerException);
}
catch (SocketException innerException2)
{
throw new XmlaStreamException(innerException2);
}
catch (Win32Exception innerException3)
{
throw new XmlaStreamException(innerException3);
}
}
private int ReadInStreamMode(byte[] buffer, int offset, int size)
{
if (this.disposed)
{
throw new ObjectDisposedException(null);
}
if (buffer == null)
{
throw new ArgumentNullException("buffer can't be null!");
}
if (offset < 0)
{
throw new ArgumentOutOfRangeException("offset can't be negative!");
}
if (size < 0)
{
throw new ArgumentOutOfRangeException("size can't be negative!");
}
if (size + offset > buffer.Length)
{
throw new ArgumentException(XmlaSR.InvalidArgument, "buffer is smaller than offset + size!");
}
if (this.streamDecryptedDataForRead.Count > 0)
{
return(this.ReturnAvailableDecryptedData(buffer, offset, size));
}
this.ReleaseEncryptedDataAccumulatorForReadFreeBuffers();
int i = 0;
for (int j = 0; j < this.streamEncryptedDataAccumulatorForRead.Count; j++)
{
i += this.streamEncryptedDataAccumulatorForRead[j].Count;
}
bool value;
if (i < this.streamSizes.cbMaxMessage)
{
ArraySegment <byte> orCreateFreeEncryptedBuffer = this.GetOrCreateFreeEncryptedBuffer(this.streamSizes.cbMaxMessage);
int num = base.Read(orCreateFreeEncryptedBuffer.Array, orCreateFreeEncryptedBuffer.Offset, orCreateFreeEncryptedBuffer.Count);
if (num > 0)
{
orCreateFreeEncryptedBuffer = new ArraySegment <byte>(orCreateFreeEncryptedBuffer.Array, orCreateFreeEncryptedBuffer.Offset, num);
this.streamEncryptedDataAccumulatorForRead.Add(orCreateFreeEncryptedBuffer);
i += num;
}
else
{
this.streamEncryptedDataAccumulatorForReadFreeBuffers.Add(orCreateFreeEncryptedBuffer);
}
value = true;
if (TcpStream.TRACESWITCH.TraceVerbose)
{
StackTrace stackTrace = new StackTrace();
stackTrace.GetFrame(1).GetMethod();
}
}
else
{
value = false;
if (TcpStream.TRACESWITCH.TraceVerbose)
{
StackTrace stackTrace2 = new StackTrace();
stackTrace2.GetFrame(1).GetMethod();
}
}
while (i > 0)
{
TcpEncryptedStream.CleanSecurityBuffers(this.securityBuffers);
byte[] array;
if (this.contiguosEncryptedByteArrayCache != null && this.contiguosEncryptedByteArrayCache.Length >= i)
{
array = this.contiguosEncryptedByteArrayCache;
}
else
{
array = (this.contiguosEncryptedByteArrayCache = new byte[i]);
}
int k = 0;
int num2 = 0;
while (k < this.streamEncryptedDataAccumulatorForRead.Count)
{
ArraySegment <byte> arraySegment = this.streamEncryptedDataAccumulatorForRead[k];
Array.Copy(arraySegment.Array, arraySegment.Offset, array, num2, arraySegment.Count);
num2 += arraySegment.Count;
this.streamEncryptedDataAccumulatorForReadFreeBuffers.Add(new ArraySegment <byte>(arraySegment.Array));
k++;
}
this.streamEncryptedDataAccumulatorForRead.Clear();
this.securityBuffers[0].token = array;
this.securityBuffers[0].offset = 0;
this.securityBuffers[0].size = i;
this.securityBuffers[0].type = 1;
int num3 = SSPIWrapper.DecryptMessage(ref this.securityContext.Handle, this.securityBuffers, ++this.sequenceNumberForRead);
if (num3 == -2146893032)
{
if (TcpStream.TRACESWITCH.TraceVerbose)
{
StackTrace stackTrace3 = new StackTrace();
stackTrace3.GetFrame(1).GetMethod();
}
this.streamEncryptedDataAccumulatorForRead.Add(new ArraySegment <byte>(array, 0, i));
byte[] array2 = this.contiguosEncryptedByteArrayCache = null;
}
else
{
if (num3 != 0)
{
throw new XmlaStreamException(new StringBuilder().Append("readFromTcp=").Append(value).Append("; ").Append("encryptedDataSz=").Append(i).ToString(), new Win32Exception(num3));
}
int num4 = this.ExtractDecryptedAndExtraData(this.securityBuffers, buffer, offset, size);
if (num4 > 0)
{
return(num4);
}
}
ArraySegment <byte> orCreateFreeEncryptedBuffer2 = this.GetOrCreateFreeEncryptedBuffer(this.streamSizes.cbMaxMessage);
int num5 = base.Read(orCreateFreeEncryptedBuffer2.Array, orCreateFreeEncryptedBuffer2.Offset, orCreateFreeEncryptedBuffer2.Count);
if (num5 > 0)
{
orCreateFreeEncryptedBuffer2 = new ArraySegment <byte>(orCreateFreeEncryptedBuffer2.Array, orCreateFreeEncryptedBuffer2.Offset, num5);
this.streamEncryptedDataAccumulatorForRead.Add(orCreateFreeEncryptedBuffer2);
}
else
{
this.streamEncryptedDataAccumulatorForReadFreeBuffers.Add(orCreateFreeEncryptedBuffer2);
if (num3 == -2146893032)
{
throw new XmlaStreamException("Not complete Encrypted stream received from underlying layer of type " + base.GetType().Name + "! DecryptMessage returned SEC_E_INCOMPLETE_MESSAGE while underlying stream reported all data was read.");
}
}
i = 0;
for (int l = 0; l < this.streamEncryptedDataAccumulatorForRead.Count; l++)
{
i += this.streamEncryptedDataAccumulatorForRead[l].Count;
}
if (TcpStream.TRACESWITCH.TraceVerbose)
{
StackTrace stackTrace4 = new StackTrace();
stackTrace4.GetFrame(1).GetMethod();
}
}
return(0);
}
