static extern int InitializeSecurityContext(ref SECURITY_HANDLE phCredential, //PCredHandle
ref SECURITY_HANDLE phContext, //PCtxtHandle
string pszTargetName,
int fContextReq,
int Reserved1,
int TargetDataRep,
ref SecBufferDesc SecBufferDesc, //PSecBufferDesc SecBufferDesc
int Reserved2,
out SECURITY_HANDLE phNewContext, //PCtxtHandle
out SecBufferDesc pOutput, //PSecBufferDesc SecBufferDesc
out uint pfContextAttr, //managed ulong == 64 bits!!!
out SECURITY_INTEGER ptsExpiry); //PTimeStamp
public void LoginClient(NetworkCredential login)
{
int ss = -1;
SECURITY_INTEGER ClientLifeTime = new SECURITY_INTEGER(0);
SEC_WINNT_AUTH_IDENTITY auth = new SEC_WINNT_AUTH_IDENTITY();
auth.Domain = login.Domain;
auth.DomainLength = login.Domain.Length;
auth.User = login.UserName;
auth.UserLength = login.UserName.Length;
auth.Password = login.Password;
auth.PasswordLength = login.Password.Length;
auth.Flags = 2; // unicode
ss = AcquireCredentialsHandle(_szTarget, SecurityPackage, SECPKG_CRED_OUTBOUND,
IntPtr.Zero, ref auth, 0, IntPtr.Zero,
ref _hCred, ref ClientLifeTime);
if (ss != SEC_E_OK)
{
throw new Exception("Couldn't acquire client credentials", new Win32Exception(ss));
}
_bGotCredentials = true;
}
public void InitializeServer(byte[] clientToken, out byte[] serverToken,
out bool bContinueProcessing)
{
serverToken = null;
bContinueProcessing = true;
SECURITY_INTEGER NewLifeTime = new SECURITY_INTEGER(0);
int ss = -1;
if (!_bGotCredentials)
{
ss = AcquireCredentialsHandle(_szTarget, SecurityPackage, SECPKG_CRED_INBOUND,
IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero,
ref _hCred, ref NewLifeTime);
if (ss != SEC_E_OK)
{
throw new Exception("Couldn't acquire server credentials", new Win32Exception(ss));
}
_bGotCredentials = true;
}
SecBufferDesc ServerToken = new SecBufferDesc(MAX_TOKEN_SIZE);
SecBufferDesc ClientToken = new SecBufferDesc(clientToken);
try
{
uint uNewContextAttr = 0;
if (_hContext.HighPart == _hContext.LowPart && _hContext.LowPart == IntPtr.Zero)
{
ss = AcceptSecurityContext(ref _hCred, // [in] handle to the credentials
IntPtr.Zero, // [in/out] handle of partially formed context. Always NULL the first time through
ref ClientToken, // [in] pointer to the input buffers
STANDARD_CONTEXT_ATTRIBUTES, // [in] required context attributes
SECURITY_NATIVE_DREP, // [in] data representation on the target
out _hContext, // [in/out] receives the new context handle
out ServerToken, // [in/out] pointer to the output buffers
out uNewContextAttr, // [out] receives the context attributes
out NewLifeTime); // [out] receives the life span of the security context
}
else
{
ss = AcceptSecurityContext(ref _hCred, // [in] handle to the credentials
ref _hContext, // [in/out] handle of partially formed context. Always NULL the first time through
ref ClientToken, // [in] pointer to the input buffers
STANDARD_CONTEXT_ATTRIBUTES, // [in] required context attributes
SECURITY_NATIVE_DREP, // [in] data representation on the target
out _hContext, // [in/out] receives the new context handle
out ServerToken, // [in/out] pointer to the output buffers
out uNewContextAttr, // [out] receives the context attributes
out NewLifeTime); // [out] receives the life span of the security context
}
if (ss != SEC_E_OK && ss != SEC_I_CONTINUE_NEEDED)
{
throw new Exception("AcceptSecurityContext() failed!!!");
}
serverToken = ServerToken.GetSecBufferByteArray();
bContinueProcessing = ss != SEC_E_OK;
}
finally
{
ClientToken.Dispose();
ServerToken.Dispose();
}
}
public void InitializeClient(out byte[] clientToken, byte[] serverToken,
out bool bContinueProcessing)
{
clientToken = null;
bContinueProcessing = true;
int ss = -1;
SECURITY_INTEGER ClientLifeTime = new SECURITY_INTEGER(0);
if (!_bGotCredentials)
{
ss = AcquireCredentialsHandle(_szTarget, SecurityPackage, SECPKG_CRED_OUTBOUND,
IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero,
ref _hCred, ref ClientLifeTime);
if (ss != SEC_E_OK)
{
throw new Exception("Couldn't acquire client credentials", new Win32Exception(ss));
}
_bGotCredentials = true;
}
SecBufferDesc ClientToken = new SecBufferDesc(MAX_TOKEN_SIZE);
try
{
uint ContextAttributes = 0;
if (serverToken == null)
{
ss = InitializeSecurityContext(ref _hCred,
IntPtr.Zero,
_szTarget, // null string pszTargetName,
STANDARD_CONTEXT_ATTRIBUTES,
0, //int Reserved1,
SECURITY_NATIVE_DREP, //int TargetDataRep
IntPtr.Zero, //Always zero first time around...
0, //int Reserved2,
out _hContext, //pHandle CtxtHandle = SecHandle
out ClientToken, //ref SecBufferDesc pOutput, //PSecBufferDesc
out ContextAttributes, //ref int pfContextAttr,
out ClientLifeTime); //ref IntPtr ptsExpiry ); //PTimeStamp
}
else
{
SecBufferDesc ServerToken = new SecBufferDesc(serverToken);
try
{
ss = InitializeSecurityContext(ref _hCred,
ref _hContext,
_szTarget, // null string pszTargetName,
STANDARD_CONTEXT_ATTRIBUTES,
0, //int Reserved1,
SECURITY_NATIVE_DREP, //int TargetDataRep
ref ServerToken, //Always zero first time around...
0, //int Reserved2,
out _hContext, //pHandle CtxtHandle = SecHandle
out ClientToken, //ref SecBufferDesc pOutput, //PSecBufferDesc
out ContextAttributes, //ref int pfContextAttr,
out ClientLifeTime); //ref IntPtr ptsExpiry ); //PTimeStamp
}
finally
{
ServerToken.Dispose();
}
}
if (ss != SEC_E_OK && ss != SEC_I_CONTINUE_NEEDED)
{
throw new Exception("InitializeSecurityContext() failed!!!", new Win32Exception(ss));
}
clientToken = ClientToken.GetSecBufferByteArray();
}
finally
{
ClientToken.Dispose();
}
bContinueProcessing = ss != SEC_E_OK;
}
