private static unsafe int EncryptDecryptHelper(OP op, SSPIInterface secModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber) { Interop.SspiCli.SecBufferDesc sdcInOut = new Interop.SspiCli.SecBufferDesc(input.Length); var unmanagedBuffer = new Interop.SspiCli.SecBuffer[input.Length]; fixed(Interop.SspiCli.SecBuffer *unmanagedBufferPtr = unmanagedBuffer) { sdcInOut.pBuffers = unmanagedBufferPtr; GCHandle[] pinnedBuffers = new GCHandle[input.Length]; byte[][] buffers = new byte[input.Length][]; try { for (int i = 0; i < input.Length; i++) { SecurityBuffer iBuffer = input[i]; unmanagedBuffer[i].cbBuffer = iBuffer.size; unmanagedBuffer[i].BufferType = iBuffer.type; if (iBuffer.token == null || iBuffer.token.Length == 0) { unmanagedBuffer[i].pvBuffer = IntPtr.Zero; } else { pinnedBuffers[i] = GCHandle.Alloc(iBuffer.token, GCHandleType.Pinned); unmanagedBuffer[i].pvBuffer = Marshal.UnsafeAddrOfPinnedArrayElement(iBuffer.token, iBuffer.offset); buffers[i] = iBuffer.token; } } // The result is written in the input Buffer passed as type=BufferType.Data. int errorCode; switch (op) { case OP.Encrypt: errorCode = secModule.EncryptMessage(context, ref sdcInOut, sequenceNumber); break; case OP.Decrypt: errorCode = secModule.DecryptMessage(context, ref sdcInOut, sequenceNumber); break; case OP.MakeSignature: errorCode = secModule.MakeSignature(context, ref sdcInOut, sequenceNumber); break; case OP.VerifySignature: errorCode = secModule.VerifySignature(context, ref sdcInOut, sequenceNumber); break; default: NetEventSource.Fail(null, $"Unknown OP: {op}"); throw NotImplemented.ByDesignWithMessage(Strings.net_MethodNotImplementedException); } // Marshalling back returned sizes / data. for (int i = 0; i < input.Length; i++) { SecurityBuffer iBuffer = input[i]; iBuffer.size = unmanagedBuffer[i].cbBuffer; iBuffer.type = unmanagedBuffer[i].BufferType; if (iBuffer.size == 0) { iBuffer.offset = 0; iBuffer.token = null; } else { checked { // Find the buffer this is inside of. Usually they all point inside buffer 0. int j; for (j = 0; j < input.Length; j++) { if (buffers[j] == null) { continue; } byte *bufferAddress = (byte *)Marshal.UnsafeAddrOfPinnedArrayElement(buffers[j], 0); if ((byte *)unmanagedBuffer[i].pvBuffer >= bufferAddress && (byte *)unmanagedBuffer[i].pvBuffer + iBuffer.size <= bufferAddress + buffers[j].Length) { iBuffer.offset = (int)((byte *)unmanagedBuffer[i].pvBuffer - bufferAddress); iBuffer.token = buffers[j]; break; } } if (j >= input.Length) { NetEventSource.Fail(null, "Output buffer out of range."); iBuffer.size = 0; iBuffer.offset = 0; iBuffer.token = null; } } } // Backup validate the new sizes. if (iBuffer.offset < 0 || iBuffer.offset > (iBuffer.token == null ? 0 : iBuffer.token.Length)) { NetEventSource.Fail(null, $"'offset' out of range. [{iBuffer.offset}]"); } if (iBuffer.size < 0 || iBuffer.size > (iBuffer.token == null ? 0 : iBuffer.token.Length - iBuffer.offset)) { NetEventSource.Fail(null, $"'size' out of range. [{iBuffer.size}]"); } } if (NetEventSource.IsEnabled && errorCode != 0) { if (errorCode == Interop.SspiCli.SEC_I_RENEGOTIATE) { NetEventSource.Error(null, System.StringsHelper.Format(Strings.event_OperationReturnedSomething, op, "SEC_I_RENEGOTIATE")); } else { NetEventSource.Error(null, System.StringsHelper.Format(Strings.net_log_operation_failed_with_error, op, $"0x{0:X}")); } } return(errorCode); } finally { for (int i = 0; i < pinnedBuffers.Length; ++i) { if (pinnedBuffers[i].IsAllocated) { pinnedBuffers[i].Free(); } } } } }
private static unsafe int EncryptDecryptHelper(OP op, SSPIInterface SecModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber) { SecurityBufferDescriptor inputOutput = new SecurityBufferDescriptor(input.Length); SecurityBufferStruct[] structArray = new SecurityBufferStruct[input.Length]; fixed(SecurityBufferStruct *structRef = structArray) { int num6; inputOutput.UnmanagedPointer = (void *)structRef; GCHandle[] handleArray = new GCHandle[input.Length]; byte[][] bufferArray = new byte[input.Length][]; try { int num2; for (int i = 0; i < input.Length; i++) { SecurityBuffer buffer = input[i]; structArray[i].count = buffer.size; structArray[i].type = buffer.type; if ((buffer.token == null) || (buffer.token.Length == 0)) { structArray[i].token = IntPtr.Zero; } else { handleArray[i] = GCHandle.Alloc(buffer.token, GCHandleType.Pinned); structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer.token, buffer.offset); bufferArray[i] = buffer.token; } } switch (op) { case OP.Encrypt: num2 = SecModule.EncryptMessage(context, inputOutput, sequenceNumber); break; case OP.Decrypt: num2 = SecModule.DecryptMessage(context, inputOutput, sequenceNumber); break; case OP.MakeSignature: num2 = SecModule.MakeSignature(context, inputOutput, sequenceNumber); break; case OP.VerifySignature: num2 = SecModule.VerifySignature(context, inputOutput, sequenceNumber); break; default: throw ExceptionHelper.MethodNotImplementedException; } for (int j = 0; j < input.Length; j++) { SecurityBuffer buffer2 = input[j]; buffer2.size = structArray[j].count; buffer2.type = structArray[j].type; if (buffer2.size == 0) { buffer2.offset = 0; buffer2.token = null; } else { int index = 0; while (index < input.Length) { if (bufferArray[index] != null) { byte *numPtr = (byte *)Marshal.UnsafeAddrOfPinnedArrayElement(bufferArray[index], 0); if ((((void *)structArray[j].token) >= numPtr) && ((((void *)structArray[j].token) + buffer2.size) <= (numPtr + bufferArray[index].Length))) { buffer2.offset = (int)((long)((((void *)structArray[j].token) - numPtr) / 1)); buffer2.token = bufferArray[index]; break; } } index++; } if (index >= input.Length) { buffer2.size = 0; buffer2.offset = 0; buffer2.token = null; } } } if ((num2 != 0) && Logging.On) { if (num2 == 0x90321) { Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_returned_something", new object[] { op, "SEC_I_RENEGOTIATE" })); } else { Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_failed_with_error", new object[] { op, string.Format(CultureInfo.CurrentCulture, "0X{0:X}", new object[] { num2 }) })); } } num6 = num2; } finally { for (int k = 0; k < handleArray.Length; k++) { if (handleArray[k].IsAllocated) { handleArray[k].Free(); } } } return(num6); } }
private unsafe static int EncryptDecryptHelper(OP op, SSPIInterface secModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber) { Interop.SspiCli.SecurityBufferDescriptor sdcInOut = new Interop.SspiCli.SecurityBufferDescriptor(input.Length); var unmanagedBuffer = new Interop.SspiCli.SecurityBufferStruct[input.Length]; fixed(Interop.SspiCli.SecurityBufferStruct *unmanagedBufferPtr = unmanagedBuffer) { sdcInOut.UnmanagedPointer = unmanagedBufferPtr; GCHandle[] pinnedBuffers = new GCHandle[input.Length]; byte[][] buffers = new byte[input.Length][]; try { for (int i = 0; i < input.Length; i++) { SecurityBuffer iBuffer = input[i]; unmanagedBuffer[i].count = iBuffer.size; unmanagedBuffer[i].type = iBuffer.type; if (iBuffer.token == null || iBuffer.token.Length == 0) { unmanagedBuffer[i].token = IntPtr.Zero; } else { pinnedBuffers[i] = GCHandle.Alloc(iBuffer.token, GCHandleType.Pinned); unmanagedBuffer[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(iBuffer.token, iBuffer.offset); buffers[i] = iBuffer.token; } } // The result is written in the input Buffer passed as type=BufferType.Data. int errorCode; switch (op) { case OP.Encrypt: errorCode = secModule.EncryptMessage(context, sdcInOut, sequenceNumber); break; case OP.Decrypt: errorCode = secModule.DecryptMessage(context, sdcInOut, sequenceNumber); break; case OP.MakeSignature: errorCode = secModule.MakeSignature(context, sdcInOut, sequenceNumber); break; case OP.VerifySignature: errorCode = secModule.VerifySignature(context, sdcInOut, sequenceNumber); break; default: if (GlobalLog.IsEnabled) { GlobalLog.Assert("SSPIWrapper::EncryptDecryptHelper", "Unknown OP: " + op); } throw NotImplemented.ByDesignWithMessage(SR.net_MethodNotImplementedException); } // Marshalling back returned sizes / data. for (int i = 0; i < input.Length; i++) { SecurityBuffer iBuffer = input[i]; iBuffer.size = unmanagedBuffer[i].count; iBuffer.type = unmanagedBuffer[i].type; if (iBuffer.size == 0) { iBuffer.offset = 0; iBuffer.token = null; } else { checked { // Find the buffer this is inside of. Usually they all point inside buffer 0. int j; for (j = 0; j < input.Length; j++) { if (buffers[j] == null) { continue; } byte *bufferAddress = (byte *)Marshal.UnsafeAddrOfPinnedArrayElement(buffers[j], 0); if ((byte *)unmanagedBuffer[i].token >= bufferAddress && (byte *)unmanagedBuffer[i].token + iBuffer.size <= bufferAddress + buffers[j].Length) { iBuffer.offset = (int)((byte *)unmanagedBuffer[i].token - bufferAddress); iBuffer.token = buffers[j]; break; } } if (j >= input.Length) { if (GlobalLog.IsEnabled) { GlobalLog.Assert("SSPIWrapper::EncryptDecryptHelper", "Output buffer out of range."); } iBuffer.size = 0; iBuffer.offset = 0; iBuffer.token = null; } } } // Backup validate the new sizes. if (GlobalLog.IsEnabled) { if (iBuffer.offset == 0 || iBuffer.offset > (iBuffer.token == null ? 0 : iBuffer.token.Length)) { GlobalLog.AssertFormat("SSPIWrapper::EncryptDecryptHelper|'offset' out of range. [{0}]", iBuffer.offset); } if (iBuffer.size == 0 || iBuffer.size > (iBuffer.token == null ? 0 : iBuffer.token.Length - iBuffer.offset)) { GlobalLog.AssertFormat("SSPIWrapper::EncryptDecryptHelper|'size' out of range. [{0}]", iBuffer.size); } } } if (errorCode != 0 && NetEventSource.Log.IsEnabled()) { if (errorCode == Interop.SspiCli.SEC_I_RENEGOTIATE) { NetEventSource.PrintError(NetEventSource.ComponentType.Security, SR.Format(SR.event_OperationReturnedSomething, op, "SEC_I_RENEGOTIATE")); } else { NetEventSource.PrintError(NetEventSource.ComponentType.Security, SR.Format(SR.net_log_operation_failed_with_error, op, String.Format(CultureInfo.CurrentCulture, "0X{0:X}", errorCode))); } } return(errorCode); } finally { for (int i = 0; i < pinnedBuffers.Length; ++i) { if (pinnedBuffers[i].IsAllocated) { pinnedBuffers[i].Free(); } } } } }
internal static SecurityStatus DecryptMessage(SSPIInterface secModule, SafeDeleteContext securityContext, byte[] buffer, ref int offset, ref int count) { return(secModule.DecryptMessage(securityContext, buffer, ref offset, ref count)); }
private static unsafe int EncryptDecryptHelper(OP op, SSPIInterface SecModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber) { SecurityBufferDescriptor inputOutput = new SecurityBufferDescriptor(input.Length); SecurityBufferStruct[] structArray = new SecurityBufferStruct[input.Length]; fixed (SecurityBufferStruct* structRef = structArray) { int num6; inputOutput.UnmanagedPointer = (void*) structRef; GCHandle[] handleArray = new GCHandle[input.Length]; byte[][] bufferArray = new byte[input.Length][]; try { int num2; for (int i = 0; i < input.Length; i++) { SecurityBuffer buffer = input[i]; structArray[i].count = buffer.size; structArray[i].type = buffer.type; if ((buffer.token == null) || (buffer.token.Length == 0)) { structArray[i].token = IntPtr.Zero; } else { handleArray[i] = GCHandle.Alloc(buffer.token, GCHandleType.Pinned); structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer.token, buffer.offset); bufferArray[i] = buffer.token; } } switch (op) { case OP.Encrypt: num2 = SecModule.EncryptMessage(context, inputOutput, sequenceNumber); break; case OP.Decrypt: num2 = SecModule.DecryptMessage(context, inputOutput, sequenceNumber); break; case OP.MakeSignature: num2 = SecModule.MakeSignature(context, inputOutput, sequenceNumber); break; case OP.VerifySignature: num2 = SecModule.VerifySignature(context, inputOutput, sequenceNumber); break; default: throw ExceptionHelper.MethodNotImplementedException; } for (int j = 0; j < input.Length; j++) { SecurityBuffer buffer2 = input[j]; buffer2.size = structArray[j].count; buffer2.type = structArray[j].type; if (buffer2.size == 0) { buffer2.offset = 0; buffer2.token = null; } else { int index = 0; while (index < input.Length) { if (bufferArray[index] != null) { byte* numPtr = (byte*) Marshal.UnsafeAddrOfPinnedArrayElement(bufferArray[index], 0); if ((((void*) structArray[j].token) >= numPtr) && ((((void*) structArray[j].token) + buffer2.size) <= (numPtr + bufferArray[index].Length))) { buffer2.offset = (int) ((long) ((((void*) structArray[j].token) - numPtr) / 1)); buffer2.token = bufferArray[index]; break; } } index++; } if (index >= input.Length) { buffer2.size = 0; buffer2.offset = 0; buffer2.token = null; } } } if ((num2 != 0) && Logging.On) { if (num2 == 0x90321) { Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_returned_something", new object[] { op, "SEC_I_RENEGOTIATE" })); } else { Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_failed_with_error", new object[] { op, string.Format(CultureInfo.CurrentCulture, "0X{0:X}", new object[] { num2 }) })); } } num6 = num2; } finally { for (int k = 0; k < handleArray.Length; k++) { if (handleArray[k].IsAllocated) { handleArray[k].Free(); } } } return num6; } }