public static VerifySignature ( System.Net.Security.SSPIInterface secModule, SafeDeleteContext context, SecurityBuffer input, uint sequenceNumber ) : int | ||
secModule | System.Net.Security.SSPIInterface | |
context | SafeDeleteContext | |
input | SecurityBuffer | |
sequenceNumber | uint | |
return | int |
internal int Decrypt(byte[] payload, int offset, int count, out int newOffset, uint expectedSeqNumber) { if (offset < 0 || offset > (payload == null ? 0 : payload.Length)) { if (GlobalLog.IsEnabled) { GlobalLog.Assert("NTAuthentication#" + LoggingHash.HashString(this) + "::Decrypt", "Argument 'offset' out of range."); } throw new ArgumentOutOfRangeException("offset"); } if (count < 0 || count > (payload == null ? 0 : payload.Length - offset)) { if (GlobalLog.IsEnabled) { GlobalLog.Assert("NTAuthentication#" + LoggingHash.HashString(this) + "::Decrypt", "Argument 'count' out of range."); } throw new ArgumentOutOfRangeException("count"); } if (IsNTLM) { return(DecryptNtlm(payload, offset, count, out newOffset, expectedSeqNumber)); } // // Kerberos and up // var securityBuffer = new SecurityBuffer[2]; securityBuffer[0] = new SecurityBuffer(payload, offset, count, SecurityBufferType.Stream); securityBuffer[1] = new SecurityBuffer(0, SecurityBufferType.Data); int errorCode; if (IsConfidentialityFlag) { errorCode = SSPIWrapper.DecryptMessage(GlobalSSPI.SSPIAuth, _securityContext, securityBuffer, expectedSeqNumber); } else { errorCode = SSPIWrapper.VerifySignature(GlobalSSPI.SSPIAuth, _securityContext, securityBuffer, expectedSeqNumber); } if (errorCode != 0) { GlobalLog.Print("NTAuthentication#" + LoggingHash.HashString(this) + "::Decrypt() throw Error = " + errorCode.ToString("x", NumberFormatInfo.InvariantInfo)); throw new Win32Exception(errorCode); } if (securityBuffer[1].type != SecurityBufferType.Data) { throw new InternalException(); } newOffset = securityBuffer[1].offset; return(securityBuffer[1].size); }
private int DecryptNtlm(byte[] payload, int offset, int count, out int newOffset, uint expectedSeqNumber) { int num; if (count < 0x10) { throw new ArgumentOutOfRangeException("count"); } SecurityBuffer[] input = new SecurityBuffer[] { new SecurityBuffer(payload, offset, 0x10, BufferType.Token), new SecurityBuffer(payload, offset + 0x10, count - 0x10, BufferType.Data) }; BufferType data = BufferType.Data; if (this.IsConfidentialityFlag) { num = SSPIWrapper.DecryptMessage(GlobalSSPI.SSPIAuth, this.m_SecurityContext, input, expectedSeqNumber); } else { data |= BufferType.ReadOnlyFlag; input[1].type = data; num = SSPIWrapper.VerifySignature(GlobalSSPI.SSPIAuth, this.m_SecurityContext, input, expectedSeqNumber); } if (num != 0) { throw new Win32Exception(num); } if (input[1].type != data) { throw new InternalException(); } newOffset = input[1].offset; return(input[1].size); }
private int DecryptNtlm(byte[] payload, int offset, int count, out int newOffset, uint expectedSeqNumber) { // For the most part the arguments are verified in Encrypt(). if (count < 16) { if (GlobalLog.IsEnabled) { GlobalLog.Assert("NTAuthentication#" + LoggingHash.HashString(this) + "::DecryptNtlm", "Argument 'count' out of range."); } Debug.Fail("NTAuthentication#" + LoggingHash.HashString(this) + "::DecryptNtlm", "Argument 'count' out of range."); throw new ArgumentOutOfRangeException(nameof(count)); } var securityBuffer = new SecurityBuffer[2]; securityBuffer[0] = new SecurityBuffer(payload, offset, 16, SecurityBufferType.Token); securityBuffer[1] = new SecurityBuffer(payload, offset + 16, count - 16, SecurityBufferType.Data); int errorCode; SecurityBufferType realDataType = SecurityBufferType.Data; if (IsConfidentialityFlag) { errorCode = SSPIWrapper.DecryptMessage(GlobalSSPI.SSPIAuth, _securityContext, securityBuffer, expectedSeqNumber); } else { realDataType |= SecurityBufferType.ReadOnlyFlag; securityBuffer[1].type = realDataType; errorCode = SSPIWrapper.VerifySignature(GlobalSSPI.SSPIAuth, _securityContext, securityBuffer, expectedSeqNumber); } if (errorCode != 0) { if (GlobalLog.IsEnabled) { GlobalLog.Print("NTAuthentication#" + LoggingHash.HashString(this) + "::Decrypt() throw Error = " + errorCode.ToString("x", NumberFormatInfo.InvariantInfo)); } throw new Win32Exception(errorCode); } if (securityBuffer[1].type != realDataType) { throw new InternalException(); } newOffset = securityBuffer[1].offset; return(securityBuffer[1].size); }
internal int VerifySignature(byte[] buffer, int offset, int count) { if ((offset < 0) || (offset > ((buffer == null) ? 0 : buffer.Length))) { throw new ArgumentOutOfRangeException("offset"); } if ((count < 0) || (count > ((buffer == null) ? 0 : (buffer.Length - offset)))) { throw new ArgumentOutOfRangeException("count"); } SecurityBuffer[] input = new SecurityBuffer[] { new SecurityBuffer(buffer, offset, count, BufferType.Stream), new SecurityBuffer(0, BufferType.Data) }; int error = SSPIWrapper.VerifySignature(GlobalSSPI.SSPIAuth, this.m_SecurityContext, input, 0); if (error != 0) { throw new Win32Exception(error); } if (input[1].type != BufferType.Data) { throw new InternalException(); } return(input[1].size); }
internal int Decrypt(byte[] payload, int offset, int count, out int newOffset, uint expectedSeqNumber) { int num; if ((offset < 0) || (offset > ((payload == null) ? 0 : payload.Length))) { throw new ArgumentOutOfRangeException("offset"); } if ((count < 0) || (count > ((payload == null) ? 0 : (payload.Length - offset)))) { throw new ArgumentOutOfRangeException("count"); } if (this.IsNTLM) { return(this.DecryptNtlm(payload, offset, count, out newOffset, expectedSeqNumber)); } SecurityBuffer[] input = new SecurityBuffer[] { new SecurityBuffer(payload, offset, count, BufferType.Stream), new SecurityBuffer(0, BufferType.Data) }; if (this.IsConfidentialityFlag) { num = SSPIWrapper.DecryptMessage(GlobalSSPI.SSPIAuth, this.m_SecurityContext, input, expectedSeqNumber); } else { num = SSPIWrapper.VerifySignature(GlobalSSPI.SSPIAuth, this.m_SecurityContext, input, expectedSeqNumber); } if (num != 0) { throw new Win32Exception(num); } if (input[1].type != BufferType.Data) { throw new InternalException(); } newOffset = input[1].offset; return(input[1].size); }