private bool GenServerContext(AuthenticationToken token)
        {
            bool new_context = _new_context;

            _new_context = false;
            using (DisposableList list = new DisposableList())
            {
                SecBuffer     out_sec_buffer  = list.AddResource(new SecBuffer(SecBufferType.Token, 64 * 1024));
                SecBufferDesc out_buffer_desc = list.AddResource(new SecBufferDesc(out_sec_buffer));

                List <SecBuffer> buffers = new List <SecBuffer>();
                buffers.Add(list.AddResource(new SecBuffer(SecBufferType.Token, token.ToArray())));
                if (_channel_binding != null)
                {
                    buffers.Add(list.AddResource(SecBuffer.CreateForChannelBinding(_channel_binding)));
                }
                SecBufferDesc in_buffer_desc = list.AddResource(new SecBufferDesc(buffers.ToArray()));

                LargeInteger  expiry = new LargeInteger();
                SecStatusCode result = SecurityNativeMethods.AcceptSecurityContext(_creds.CredHandle, new_context ? null : _context,
                                                                                   in_buffer_desc, _req_flags, _data_rep, _context, out_buffer_desc, out AcceptContextRetFlags context_attr, expiry).CheckResult();
                Flags  = context_attr;
                Expiry = expiry.QuadPart;
                if (result == SecStatusCode.CompleteNeeded || result == SecStatusCode.CompleteAndContinue)
                {
                    SecurityNativeMethods.CompleteAuthToken(_context, out_buffer_desc).CheckResult();
                }

                Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, false, out_buffer_desc.ToArray()[0].ToArray());
                return(!(result == SecStatusCode.ContinueNeeded || result == SecStatusCode.CompleteAndContinue));
            }
        }
        private bool GenClientContext(AuthenticationToken token)
        {
            using (DisposableList list = new DisposableList())
            {
                SecStatusCode result = 0;

                SecBuffer     out_sec_buffer  = list.AddResource(new SecBuffer(SecBufferType.Token, 64 * 1024));
                SecBufferDesc out_buffer_desc = list.AddResource(new SecBufferDesc(out_sec_buffer));

                InitializeContextRetFlags flags;
                LargeInteger expiry = new LargeInteger();
                if (token != null)
                {
                    List <SecBuffer> buffers = new List <SecBuffer>();
                    buffers.Add(list.AddResource(new SecBuffer(SecBufferType.Token, token.ToArray())));
                    if (_channel_binding != null)
                    {
                        buffers.Add(list.AddResource(SecBuffer.CreateForChannelBinding(_channel_binding)));
                    }
                    SecBufferDesc in_buffer_desc = list.AddResource(new SecBufferDesc(buffers.ToArray()));
                    result = SecurityNativeMethods.InitializeSecurityContext(_creds.CredHandle, _context, _target, _req_attributes, 0,
                                                                             _data_rep, in_buffer_desc, 0, _context, out_buffer_desc, out flags, expiry).CheckResult();
                    Flags = flags;
                }
                else
                {
                    SecBufferDesc    in_buffer_desc = null;
                    List <SecBuffer> buffers        = new List <SecBuffer>();
                    if (_channel_binding != null)
                    {
                        buffers.Add(list.AddResource(SecBuffer.CreateForChannelBinding(_channel_binding)));
                        in_buffer_desc = list.AddResource(new SecBufferDesc(buffers.ToArray()));
                    }

                    result = SecurityNativeMethods.InitializeSecurityContext(_creds.CredHandle, null, _target,
                                                                             _req_attributes, 0, _data_rep, in_buffer_desc, 0, _context,
                                                                             out_buffer_desc, out flags, expiry).CheckResult();
                }

                Expiry = expiry.QuadPart;
                Flags  = flags;
                if (result == SecStatusCode.CompleteNeeded || result == SecStatusCode.CompleteAndContinue)
                {
                    SecurityNativeMethods.CompleteAuthToken(_context, out_buffer_desc).CheckResult();
                }

                Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, true, out_buffer_desc.ToArray()[0].ToArray());
                return(!(result == SecStatusCode.ContinueNeeded || result == SecStatusCode.CompleteAndContinue));
            }
        }
Example #3
0
        /// <summary>
        /// Continue the authentication.
        /// </summary>
        /// <param name="token">The server token to continue authentication.</param>
        /// <param name="additional_input">Additional input buffers for the continue, does not need to include the token.</param>
        /// <param name="additional_output">Additional output buffers, does not need to include the token.</param>
        public void Continue(AuthenticationToken token, IEnumerable <SecurityBuffer> additional_input, IEnumerable <SecurityBuffer> additional_output)
        {
            if (token is null)
            {
                throw new ArgumentNullException(nameof(token));
            }

            if (additional_input is null)
            {
                throw new ArgumentNullException(nameof(additional_input));
            }

            var input_buffers = new List <SecurityBuffer>
            {
                new SecurityBufferInOut(SecurityBufferType.Token, token.ToArray())
            };

            input_buffers.AddRange(additional_input);

            Continue(input_buffers, additional_output);
        }