private SecStatusCode CallAccept(List <SecurityBuffer> input_buffers, List <SecurityBuffer> output_buffers, bool throw_on_error)
        {
            var token_buffer = new SecurityBufferAllocMem(SecurityBufferType.Token);

            output_buffers.Insert(0, token_buffer);

            if (ChannelBinding != null)
            {
                input_buffers.Add(new SecurityBufferChannelBinding(ChannelBinding));
            }

            LargeInteger  expiry      = new LargeInteger();
            SecHandle     new_context = _context ?? new SecHandle();
            SecStatusCode result      = SecurityContextUtils.AcceptSecurityContext(_creds, _context,
                                                                                   RequestAttributes | AcceptContextReqFlags.AllocateMemory, DataRepresentation, input_buffers, new_context, output_buffers,
                                                                                   out AcceptContextRetFlags context_attr, expiry, throw_on_error);

            if (!result.IsSuccess())
            {
                return(result);
            }
            _context         = new_context;
            ReturnAttributes = context_attr & ~AcceptContextRetFlags.AllocatedMemory;
            Expiry           = expiry.QuadPart;

            Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, false, token_buffer.ToArray());
            Done  = !(result == SecStatusCode.SEC_I_CONTINUE_NEEDED || result == SecStatusCode.SEC_I_COMPLETE_AND_CONTINUE);
            return(result);
        }
Exemple #2
0
        private SecStatusCode CallInitialize(List <SecurityBuffer> input_buffers, List <SecurityBuffer> output_buffers, bool throw_on_error)
        {
            var token_buffer = new SecurityBufferAllocMem(SecurityBufferType.Token);

            output_buffers.Insert(0, token_buffer);
            if (ChannelBinding != null)
            {
                input_buffers.Add(new SecurityBufferChannelBinding(ChannelBinding));
            }

            string target_name = string.IsNullOrEmpty(Target) ? null : Target;

            LargeInteger  expiry      = new LargeInteger();
            SecHandle     new_context = _context ?? new SecHandle();
            SecStatusCode result      = SecurityContextUtils.InitializeSecurityContext(_creds, _context, target_name,
                                                                                       RequestAttributes | InitializeContextReqFlags.AllocateMemory, DataRepresentation, input_buffers, new_context,
                                                                                       output_buffers, out InitializeContextRetFlags flags, expiry, throw_on_error);

            if (!result.IsSuccess())
            {
                return(result);
            }
            _context         = new_context;
            Expiry           = expiry.QuadPart;
            ReturnAttributes = flags & ~InitializeContextRetFlags.AllocatedMemory;
            Token            = AuthenticationToken.Parse(_creds.PackageName, _token_count++, true, token_buffer.ToArray());
            Done             = !(result == SecStatusCode.SEC_I_CONTINUE_NEEDED || result == SecStatusCode.SEC_I_COMPLETE_AND_CONTINUE);
            return(result);
        }
Exemple #3
0
        /// <summary>
        /// Export and delete the current security context.
        /// </summary>
        /// <returns>The exported security context.</returns>
        /// <remarks>The security context will not longer be usable afterwards.</remarks>
        public ExportedSecurityContext Export()
        {
            var context = SecurityContextUtils.ExportContext(_context, SecPkgContextExportFlags.DeleteOld, _creds.PackageName, true);

            Dispose();
            return(context);
        }
Exemple #4
0
        private string GetTargetName()
        {
            var target = SecurityContextUtils.QueryContextAttributeNoThrow <SecPkgContext_ClientSpecifiedTarget>(_context, SECPKG_ATTR.CLIENT_SPECIFIED_TARGET);

            if (target.Item2 == SecStatusCode.SUCCESS)
            {
                try
                {
                    return(Marshal.PtrToStringUni(target.Item1.sTargetName));
                }
                finally
                {
                    SecurityNativeMethods.FreeContextBuffer(target.Item1.sTargetName);
                }
            }
            return(string.Empty);
        }
Exemple #5
0
 /// <summary>
 /// Verify a signature for this context.
 /// </summary>
 /// <param name="message">The message to verify.</param>
 /// <param name="signature">The signature blob for the message.</param>
 /// <param name="sequence_no">The sequence number.</param>
 /// <returns>True if the signature is valid, otherwise false.</returns>
 public bool VerifySignature(byte[] message, byte[] signature, int sequence_no)
 {
     return(SecurityContextUtils.VerifySignature(Context, message, signature, sequence_no));
 }
Exemple #6
0
 /// <summary>
 /// Decrypt a message for this context.
 /// </summary>
 /// <param name="messages">The messages to decrypt.</param>
 /// <param name="sequence_no">The sequence number.</param>
 /// <remarks>The messages are decrypted in place. You can add buffers with the ReadOnly flag to prevent them being decrypted.
 /// If you need to specify a signature you need to add a buffer.</remarks>
 public void DecryptMessageNoSignature(IEnumerable <SecurityBuffer> messages, int sequence_no)
 {
     SecurityContextUtils.DecryptMessageNoSignature(Context, messages, sequence_no);
 }
Exemple #7
0
 /// <summary>
 /// Query the context's package info.
 /// </summary>
 /// <returns>The authentication package info,</returns>
 public AuthenticationPackage GetAuthenticationPackage()
 {
     return(SecurityContextUtils.GetAuthenticationPackage(Context));
 }
Exemple #8
0
 /// <summary>
 /// Encrypt a message for this context with no specific signature.
 /// </summary>
 /// <param name="messages">The messages to encrypt.</param>
 /// <param name="quality_of_protection">Quality of protection flags.</param>
 /// <param name="sequence_no">The sequence number.</param>
 /// <remarks>The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted.
 /// If you need to return a signature then it must be specified in a buffer.</remarks>
 public void EncryptMessageNoSignature(IEnumerable <SecurityBuffer> messages, SecurityQualityOfProtectionFlags quality_of_protection, int sequence_no)
 {
     SecurityContextUtils.EncryptMessage(Context, quality_of_protection, messages, sequence_no);
 }
Exemple #9
0
 /// <summary>
 /// Decrypt a message for this context.
 /// </summary>
 /// <param name="message">The message to decrypt.</param>
 /// <param name="sequence_no">The sequence number.</param>
 /// <returns>The decrypted message.</returns>
 public byte[] DecryptMessage(EncryptedMessage message, int sequence_no)
 {
     return(SecurityContextUtils.DecryptMessage(Context, message, sequence_no));
 }
Exemple #10
0
 /// <summary>
 /// Encrypt a message for this context.
 /// </summary>
 /// <param name="message">The message to encrypt.</param>
 /// <param name="quality_of_protection">Quality of protection flags.</param>
 /// <returns>The encrypted message.</returns>
 /// <param name="sequence_no">The sequence number.</param>
 public EncryptedMessage EncryptMessage(byte[] message, SecurityQualityOfProtectionFlags quality_of_protection, int sequence_no)
 {
     return(SecurityContextUtils.EncryptMessage(Context, quality_of_protection, message, sequence_no));
 }
Exemple #11
0
 /// <summary>
 /// Encrypt a message for this context.
 /// </summary>
 /// <param name="messages">The messages to encrypt.</param>
 /// <param name="quality_of_protection">Quality of protection flags.</param>
 /// <returns>The signature for the messages.</returns>
 /// <remarks>The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted.</remarks>
 /// <param name="sequence_no">The sequence number.</param>
 public byte[] EncryptMessage(IEnumerable <SecurityBuffer> messages, SecurityQualityOfProtectionFlags quality_of_protection, int sequence_no)
 {
     return(SecurityContextUtils.EncryptMessage(Context, quality_of_protection, messages, sequence_no));
 }
Exemple #12
0
 /// <summary>
 /// Export the security context.
 /// </summary>
 /// <returns>The exported security context.</returns>
 public ExportedSecurityContext Export()
 {
     return(SecurityContextUtils.ExportContext(_context, SecPkgContextExportFlags.None, _creds.PackageName));
 }
Exemple #13
0
 /// <summary>
 /// Verify a signature for this context.
 /// </summary>
 /// <param name="messages">The messages to verify.</param>
 /// <param name="signature">The signature blob for the message.</param>
 /// <param name="sequence_no">The sequence number.</param>
 /// <returns>True if the signature is valid, otherwise false.</returns>
 public bool VerifySignature(IEnumerable <SecurityBuffer> messages, byte[] signature, int sequence_no)
 {
     return(SecurityContextUtils.VerifySignature(Context, messages, signature, sequence_no));
 }
Exemple #14
0
 /// <summary>
 /// Make a signature for this context.
 /// </summary>
 /// <param name="message">The message to sign.</param>
 /// <param name="sequence_no">The sequence number.</param>
 /// <returns>The signature blob.</returns>
 public byte[] MakeSignature(byte[] message, int sequence_no)
 {
     return(SecurityContextUtils.MakeSignature(Context, 0, message, sequence_no));
 }
Exemple #15
0
 /// <summary>
 /// Make a signature for this context.
 /// </summary>
 /// <param name="messages">The message buffers to sign.</param>
 /// <param name="sequence_no">The sequence number.</param>
 /// <returns>The signature blob.</returns>
 public byte[] MakeSignature(IEnumerable <SecurityBuffer> messages, int sequence_no)
 {
     return(SecurityContextUtils.MakeSignature(Context, 0, messages, sequence_no));
 }
 /// <summary>
 /// Encrypt a message for this context.
 /// </summary>
 /// <param name="message">The message to encrypt.</param>
 /// <param name="sequence_no">The sequence number.</param>
 /// <returns>The encrypted message.</returns>
 public EncryptedMessage EncryptMessage(byte[] message, int sequence_no)
 {
     return(SecurityContextUtils.EncryptMessage(_context, 0, message, sequence_no));
 }
 /// <summary>
 /// Encrypt a message for this context.
 /// </summary>
 /// <param name="messages">The messages to encrypt.</param>
 /// <param name="sequence_no">The sequence number.</param>
 /// <returns>The signature for the messages.</returns>
 /// <remarks>The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted.</remarks>
 public byte[] EncryptMessage(IEnumerable <SecurityBuffer> messages, int sequence_no)
 {
     return(SecurityContextUtils.EncryptMessage(_context, 0, messages, sequence_no));
 }
 /// <summary>
 /// Decrypt a message for this context.
 /// </summary>
 /// <param name="messages">The messages to decrypt.</param>
 /// <param name="sequence_no">The sequence number.</param>
 /// <param name="signature">The signature for the messages.</param>
 /// <remarks>The messages are decrypted in place. You can add buffers with the ReadOnly flag to prevent them being decrypted.</remarks>
 public void DecryptMessage(IEnumerable <SecurityBuffer> messages, byte[] signature, int sequence_no)
 {
     SecurityContextUtils.DecryptMessage(_context, messages, signature, sequence_no);
 }