private static SafeCtxtHandle GetSecContext(SafeCredHandle hCred, SafeSecBufferDesc pOutput, string target = null) { if (target is null) { target = WindowsIdentity.GetCurrent().Name; } var hCtxt = new SafeCtxtHandle(); var hr = InitializeSecurityContext(hCred, hCtxt, target, 0, DREP.SECURITY_NATIVE_DREP, null, pOutput, out _, out _); if (hr == HRESULT.SEC_I_COMPLETE_NEEDED) { hr = CompleteAuthToken(hCtxt, pOutput.GetRef()); } else if (hr == HRESULT.SEC_I_CONTINUE_NEEDED) { var pIn = pOutput; var hCtxt2 = SafeCtxtHandle.Null; unsafe { using (var pOutput2 = new SafeSecBufferDesc(SecBufferType.SECBUFFER_TOKEN)) { AcceptSecurityContext(hCred, hCtxt2, pIn, ASC_REQ.ASC_REQ_ALLOCATE_MEMORY, DREP.SECURITY_NATIVE_DREP, out var hCtxt2Temp, pOutput2, out _, out _).ThrowIfFailed(); return(new SafeCtxtHandle(hCtxt2Temp)); } } } hr.ThrowIfFailed(); return(hCtxt); }
public void EnDecryptMessageTest() { const string msg = "This is the message."; using (var hCred = AcqCredHandle(UNISP_NAME, SECPKG_CRED.SECPKG_CRED_OUTBOUND)) using (var pOut = new SafeSecBufferDesc()) { pOut.Add(SecBufferType.SECBUFFER_TOKEN); pOut.Add(SecBufferType.SECBUFFER_EMPTY); using (var hCtx = GetSecContext(hCred, pOut, Environment.MachineName)) using (var memSz = SafeHGlobalHandle.CreateFromStructure <SecPkgContext_Sizes>()) { SecPkgContext_Sizes szs = default; Assert.That(() => szs = QueryContextAttributes <SecPkgContext_Sizes>(hCtx, SECPKG_ATTR.SECPKG_ATTR_SIZES), Throws.Nothing); using (var edesc = new SafeSecBufferDesc()) { edesc.Add((int)szs.cbSecurityTrailer, SecBufferType.SECBUFFER_TOKEN); edesc.Add(SecBufferType.SECBUFFER_DATA, msg); edesc.Add((int)szs.cbBlockSize, SecBufferType.SECBUFFER_PADDING); Assert.That(EncryptMessage(hCtx, 0, ref edesc.GetRef(), 0), Is.EqualTo((HRESULT)0)); using (var ddesc = new SafeSecBufferDesc()) using (var mem = new SafeHGlobalHandle(edesc[1].cbBuffer + edesc[2].cbBuffer)) { edesc[1].pvBuffer.CopyTo((IntPtr)mem, edesc[1].cbBuffer); edesc[2].pvBuffer.CopyTo(((IntPtr)mem).Offset(edesc[1].cbBuffer), edesc[2].cbBuffer); ddesc.Add(new SecBuffer(SecBufferType.SECBUFFER_STREAM) { pvBuffer = (IntPtr)mem, cbBuffer = mem.Size }); ddesc.Add(new SecBuffer(SecBufferType.SECBUFFER_DATA)); Assert.That(DecryptMessage(hCtx, ref ddesc.GetRef(), 0, out _), Is.EqualTo((HRESULT)0)); Assert.That(StringHelper.GetString(ddesc[1].pvBuffer, CharSet.Unicode, ddesc[1].cbBuffer), Is.EqualTo(msg)); } } } } }
public void ChangeAccountPasswordTest() { using (var secBuf = new SafeSecBufferDesc(SecBufferType.SECBUFFER_CHANGE_PASS_RESPONSE)) Assert.That(ChangeAccountPassword("NTLM", Environment.UserDomainName, Environment.UserName, "XXX", "YYY", true, 0, ref secBuf.GetRef()), Is.EqualTo((HRESULT)HRESULT.SEC_E_LOGON_DENIED)); }