private static void bindingSetAuthInfo(RPC_C_AUTHN_LEVEL level, RPC_C_AUTHN[] authTypes, RpcHandle handle, string serverPrincipalName, NetworkCredential credentails) { if (credentails == null) { foreach (RPC_C_AUTHN atype in authTypes) { RPC_STATUS result = NativeMethods.RpcBindingSetAuthInfo2(handle.Handle, serverPrincipalName, level, atype, IntPtr.Zero, 0); if (result != RPC_STATUS.RPC_S_OK) { RpcTrace.Warning("Unable to register {0}, result = {1}", atype, new RpcException(result).Message); } } } else { SEC_WINNT_AUTH_IDENTITY pSecInfo = new SEC_WINNT_AUTH_IDENTITY(credentails); foreach (RPC_C_AUTHN atype in authTypes) { RPC_STATUS result = NativeMethods.RpcBindingSetAuthInfo(handle.Handle, serverPrincipalName, level, atype, ref pSecInfo, 0); if (result != RPC_STATUS.RPC_S_OK) { RpcTrace.Warning("Unable to register {0}, result = {1}", atype, new RpcException(result).Message); } } } }
internal static extern Win32Error FwpmEngineOpen0( [Optional] string serverName, RpcAuthenticationType authnService, SEC_WINNT_AUTH_IDENTITY authIdentity, FWPM_SESSION0 session, out SafeFwpmEngineHandle engineHandle );
private static void BindingSetAuthInfo(RpcProtectionLevel level, RpcAuthentication[] authTypes, RpcHandle handle, string serverPrincipalName, NetworkCredential credentails) { if (credentails == null) { foreach (RpcAuthentication atype in authTypes) { RpcError result = RpcBindingSetAuthInfo2(handle.Handle, serverPrincipalName, level, atype, IntPtr.Zero, 0); if (result != RpcError.RPC_S_OK) { Log.Warning("Unable to register {0}, result = {1}", atype, new RpcException(result).Message); } } } else { SEC_WINNT_AUTH_IDENTITY pSecInfo = new SEC_WINNT_AUTH_IDENTITY(credentails); foreach (RpcAuthentication atype in authTypes) { RpcError result = RpcBindingSetAuthInfo(handle.Handle, serverPrincipalName, level, atype, ref pSecInfo, 0); if (result != RpcError.RPC_S_OK) { Log.Warning("Unable to register {0}, result = {1}", atype, new RpcException(result).Message); } } } }
public extern static uint RpcBindingSetAuthInfo( IntPtr Binding, string ServerPrincName, UInt32 AuthnLevel, UInt32 AuthnSvc, ref SEC_WINNT_AUTH_IDENTITY AuthIdentity, UInt32 AuthzService);
public SspiCredentials(string principal, string username, string password, string domain) { long expiry = 0; var authenticationData = new SEC_WINNT_AUTH_IDENTITY { User = username, UserLength = username.Length, Domain = domain, DomainLength = domain.Length, Password = password, PasswordLength = password.Length, Flags = SspiInterop.SEC_WINNT_AUTH_IDENTITY_UNICODE }; var result = SspiInterop.AcquireCredentialsHandle( principal, SecurityPackage, SspiInterop.SECPKG_CRED_BOTH, IntPtr.Zero, authenticationData, 0, IntPtr.Zero, ref _credentials, ref expiry); if (result != SspiInterop.SEC_E_OK) { throw new Exception($"Unable to aquire credentials for {principal}, SECURITY_STATUS 0x{result:x8}"); } Credentials = _credentials; }
public void RpcBindingSetAuthInfo_null_notOk() { var identity = new SEC_WINNT_AUTH_IDENTITY(); var status = NativeMethods.RpcBindingSetAuthInfo(IntPtr.Zero, "", RPC_C_AUTHN_LEVEL.RPC_C_AUTHN_LEVEL_NONE, RPC_C_AUTHN.RPC_C_AUTHN_NONE, ref identity, 0); Assert.AreNotEqual(RPC_STATUS.RPC_S_OK, status); }
internal static extern int AcquireCredentialsHandle_1( string pszPrincipal, //SEC_CHAR* string pszPackage, //SEC_CHAR* //"Kerberos","NTLM","Negotiative" int fCredentialUse, IntPtr PAuthenticationID, //_LUID AuthenticationID,//pvLogonID, //PLUID ref SEC_WINNT_AUTH_IDENTITY pAuthData, IntPtr pGetKeyFn, //SEC_GET_KEY_FN IntPtr pvGetKeyArgument, //PVOID ref SECURITY_HANDLE phCredential, //SecHandle //PCtxtHandle ref IntPtr ptsExpiry //PTimeStamp //TimeStamp ref );
public static SecHandle AcquireNTLMCredentialsHandle(string domainName, string userName, string password) { SEC_WINNT_AUTH_IDENTITY auth = new SEC_WINNT_AUTH_IDENTITY(); auth.Domain = domainName; auth.DomainLength = (uint)domainName.Length; auth.User = userName; auth.UserLength = (uint)userName.Length; auth.Password = password; auth.PasswordLength = (uint)password.Length; auth.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI; return(AcquireNTLMCredentialsHandle(auth)); }
public static uint AcquireCredentialsHandle( string pszPrincipal, //SEC_CHAR* string pszPackage, //SEC_CHAR* //"Kerberos","NTLM","Negotiative" int fCredentialUse, IntPtr PAuthenticationID, //_LUID AuthenticationID,//pvLogonID, //PLUID ref SEC_WINNT_AUTH_IDENTITY pAuthData, //PVOID int pGetKeyFn, //SEC_GET_KEY_FN IntPtr pvGetKeyArgument, //PVOID ref SECURITY_HANDLE phCredential, //SecHandle //PCtxtHandle ref ref SECURITY_INTEGER ptsExpiry) //PTimeStamp //TimeStamp ref { NotImplemented(MethodBase.GetCurrentMethod()); return(0); }
public void AcquireCredentialsHandleTest() { var hCred = SafeCredHandle.Null; Assert.That(() => hCred = SafeCredHandle.Acquire("Kerberos", SECPKG_CRED.SECPKG_CRED_OUTBOUND), Throws.Nothing); Assert.That(hCred.DangerousGetHandle().IsInvalid, Is.False); Assert.That(() => ((IDisposable)hCred).Dispose(), Throws.Nothing); var sid = new SEC_WINNT_AUTH_IDENTITY(Environment.UserName, Environment.UserDomainName, ""); Assert.That(() => hCred = SafeCredHandle.Acquire <SEC_WINNT_AUTH_IDENTITY>(NTLMSP_NAME, SECPKG_CRED.SECPKG_CRED_OUTBOUND, sid, null, null, out _), Throws.Nothing); Assert.That(hCred.DangerousGetHandle().IsInvalid, Is.False); Assert.That(() => ((IDisposable)hCred).Dispose(), Throws.Nothing); }
public void InitializeSecurityContextTest2() { var sid = new SEC_WINNT_AUTH_IDENTITY(Environment.UserName, Environment.UserDomainName, ""); using (var hCred = SafeCredHandle.Acquire <SEC_WINNT_AUTH_IDENTITY>(NTLMSP_NAME, SECPKG_CRED.SECPKG_CRED_OUTBOUND, sid)) { var hCtxt = new SafeCtxtHandle(); var fContextReq = ASC_REQ.ASC_REQ_REPLAY_DETECT | ASC_REQ.ASC_REQ_SEQUENCE_DETECT | ASC_REQ.ASC_REQ_CONFIDENTIALITY | ASC_REQ.ASC_REQ_DELEGATE; var hr = InitializeSecurityContext(hCred, hCtxt, WindowsIdentity.GetCurrent().Name, fContextReq, DREP.SECURITY_NATIVE_DREP, null, SecBufferType.SECBUFFER_TOKEN, out var sbd, out _, out _); Assert.That(hr, Is.EqualTo((HRESULT)0).Or.Property("Succeeded").True); Assert.That(hCtxt.DangerousGetHandle().IsNull, Is.False); Assert.That(sbd.Count, Is.EqualTo(1)); Assert.That(sbd[0].pvBuffer, Is.Not.EqualTo(IntPtr.Zero)); Assert.That(() => sbd.Dispose(), Throws.Nothing); } }
public static void Free(IntPtr pSwai) { SEC_WINNT_AUTH_IDENTITY swai = (SEC_WINNT_AUTH_IDENTITY)Marshal.PtrToStructure( pSwai, typeof(SEC_WINNT_AUTH_IDENTITY)); if (swai.Flags == SEC_WINNT_AUTH_IDENTITY_ANSI) { Marshal.ZeroFreeGlobalAllocAnsi(swai.Password); } else { Marshal.ZeroFreeGlobalAllocUnicode(swai.Password); } Marshal.FreeHGlobal(swai.Domain); Marshal.FreeHGlobal(swai.User); Marshal.FreeHGlobal(pSwai); }
public static void LdapBind(IntPtr ld, string domain, string username, SecureString password) { IntPtr cred = SEC_WINNT_AUTH_IDENTITY.GetUnicode(username, password, domain); try { uint errorCode = ldap_bind_s(ld, NULL, cred, LDAP_AUTH_NEGOTIATE); if (errorCode != LDAP_SUCCESS) { throw new Exception("LDAP Error: " + errorCode); } } finally { if (cred != NULL) SEC_WINNT_AUTH_IDENTITY.Free(cred); } }
public static IntPtr GetUnicode(string username, SecureString password, string domain) { SEC_WINNT_AUTH_IDENTITY swai = new SEC_WINNT_AUTH_IDENTITY(); bool exception = true; try { swai.User = Marshal.StringToHGlobalUni(username); swai.UserLength = username.Length; swai.Domain = Marshal.StringToHGlobalUni(domain); swai.DomainLength = domain.Length; swai.Password = Marshal.SecureStringToGlobalAllocUnicode(password); swai.PasswordLength = password.Length; swai.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE; IntPtr pSwai = Marshal.AllocHGlobal(Marshal.SizeOf(swai)); try { Marshal.StructureToPtr(swai, pSwai, false); exception = false; return pSwai; } finally { if (exception && pSwai != NULL) { Marshal.FreeHGlobal(pSwai); } } } finally { if (exception) { if (swai.User != NULL) Marshal.FreeHGlobal(swai.User); if (swai.Domain != NULL) Marshal.FreeHGlobal(swai.Domain); if (swai.Password != NULL) { Marshal.ZeroFreeGlobalAllocUnicode(swai.Password); } } } }
protected override SECURITY_HANDLE AcquireCredential() { if (Settings.AcquisitionCredentials == null || string.IsNullOrWhiteSpace(Settings.AcquisitionCredentials.UserName) || string.IsNullOrWhiteSpace(Settings.AcquisitionCredentials.Password)) { return(base.AcquireCredential()); } SEC_WINNT_AUTH_IDENTITY pAuthData = new SEC_WINNT_AUTH_IDENTITY( Settings.AcquisitionCredentials.Domain, Settings.AcquisitionCredentials.UserName, Settings.AcquisitionCredentials.Password, SEC_WINNT_AUTH_IDENTITY_FLAGS.Unicode ); SECURITY_HANDLE phCredential = default(SECURITY_HANDLE); var result = AcquireCredentialsHandle_1( null, Mechanism, SECPKG_CRED_INBOUND, IntPtr.Zero, ref pAuthData, IntPtr.Zero, IntPtr.Zero, ref phCredential, IntPtr.Zero ); if (result < 0) { throw new Win32Exception(result); } return(phCredential); }
internal static extern Int32 RpcBindingSetAuthInfo(IntPtr lpBinding, string ServerPrincName, UInt32 AuthnLevel, UInt32 AuthnSvc, ref SEC_WINNT_AUTH_IDENTITY AuthIdentity, UInt32 AuthzSvc);
private static extern RpcError RpcBindingSetAuthInfo(IntPtr Binding, String ServerPrincName, RpcProtectionLevel AuthnLevel, RpcAuthentication AuthnSvc, [In] ref SEC_WINNT_AUTH_IDENTITY AuthIdentity, uint AuthzSvc);
internal static extern Int32 RpcBindingSetAuthInfoEx(IntPtr lpBinding, string ServerPrincName, UInt32 AuthnLevel, UInt32 AuthnSvc, ref SEC_WINNT_AUTH_IDENTITY AuthIdentity, UInt32 AuthzSvc, ref RPC_SECURITY_QOS SecurityQOS);
private static extern int AcquireCredentialsHandleIdentity__(IntPtr pszPrincipal, string pszPackage, int fCredentialUse, IntPtr pvLogonId, ref SEC_WINNT_AUTH_IDENTITY pAuthData, IntPtr pGetKeyFn, IntPtr pvGetKeyArgument, SecHandle phCredential, ref Int64 ptsExpiry);