コード例 #1
0
 static extern int AcquireCredentialsHandle(
     string pszPrincipal,        //SEC_CHAR*
     string pszPackage,          //SEC_CHAR* //"Kerberos","NTLM","Negotiative"
     int fCredentialUse,
     IntPtr PAuthenticationID,   //_LUID AuthenticationID,//pvLogonID, //PLUID
     IntPtr pAuthData,           //PVOID
     int pGetKeyFn,              //SEC_GET_KEY_FN
     IntPtr pvGetKeyArgument,    //PVOID
     out SecHandle phCredential, //SecHandle //PCtxtHandle ref
     out SecInteger ptsExpiry    //PTimeStamp //TimeStamp ref
     );
コード例 #2
0
        /// <summary>
        /// Creates SSPIHelper with given security package and remote principal and gets client credentials
        /// </summary>
        /// <param name="securityPackage">Name of security package (e.g. NTLM, Kerberos, ...)</param>
        /// <param name="remotePrincipal">SPN of server (may be necessary for Kerberos</param>
        public SspiHelper(string securityPackage, string remotePrincipal)
        {
            _securPackage    = securityPackage;
            _remotePrincipal = remotePrincipal;
            SecInteger expiry = new SecInteger();

            if (AcquireCredentialsHandle(null, securityPackage, SECPKG_CRED_OUTBOUND,
                                         IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero,
                                         out _clientCredentials, out expiry) != SEC_E_OK)
            {
                throw new Exception($"{nameof(AcquireCredentialsHandle)} failed");
            }
        }
コード例 #3
0
        /// <summary>
        /// Creates SSPIHelper with given security package and remote principal and gets client credentials
        /// </summary>
        /// <param name="securPackage">Name of security package (e.g. NTLM, Kerberos, ...)</param>
        /// <param name="remotePrincipal">SPN of server (may be necessary for Kerberos</param>
        public SSPIHelper(string securPackage, string remotePrincipal)
        {
            this.securPackage    = securPackage;
            this.remotePrincipal = remotePrincipal;
            SecInteger expiry = new SecInteger();

            if (AcquireCredentialsHandle(null, securPackage, SECPKG_CRED_OUTBOUND,
                                         IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero,
                                         out clientCredentials, out expiry) != SEC_E_OK)
            {
                throw new Exception("Acquiring client credentials failed");
            }
        }
コード例 #4
0
 static extern int InitializeSecurityContext(
     ref SecHandle phCredential,          //PCredHandle
     ref SecHandle phContext,             //PCtxtHandle
     string pszTargetName,
     int fContextReq,
     int Reserved1,
     int TargetDataRep,
     ref SecBufferDesc SecBufferDesc,    //PSecBufferDesc SecBufferDesc
     int Reserved2,
     out SecHandle phNewContext,         //PCtxtHandle
     ref SecBufferDesc pOutput,          //PSecBufferDesc SecBufferDesc
     out uint pfContextAttr,             //managed ulong == 64 bits!!!
     out SecInteger ptsExpiry            //PTimeStamp
     );
コード例 #5
0
        /// <summary>
        /// Creates client authentication data based on already existing security context and
        /// authentication data sent by server
        /// This method must not be called before InitializeClientSecurity
        /// </summary>
        /// <param name="serverToken">Authentication data received from server</param>
        /// <returns>Client authentication data to be sent to server</returns>
        public byte[] GetClientSecurity(byte[] serverToken)
        {
            if (disposed)
            {
                throw new ObjectDisposedException("SSPIHelper");
            }
            if (clientContext.IsInvalid)
            {
                throw new InvalidOperationException("InitializeClientSecurity not called");
            }
            SecInteger    expiry = new SecInteger();
            uint          contextAttributes;
            SecBufferDesc clientTokenBuf = new SecBufferDesc(MAX_TOKEN_SIZE);

            try
            {
                SecBufferDesc serverTokenBuf = new SecBufferDesc(serverToken);
                try
                {
                    int resCode = InitializeSecurityContext(
                        ref clientCredentials,
                        ref clientContext,
                        remotePrincipal,          // null string pszTargetName,
                        STANDARD_CONTEXT_ATTRIBUTES,
                        0,                        //int Reserved1,
                        SECURITY_NATIVE_DREP,     //int TargetDataRep
                        ref serverTokenBuf,       // server token must be ref because it is struct
                        0,                        //int Reserved2,
                        out clientContext,        //pHandle CtxtHandle = SecHandle
                        ref clientTokenBuf,       //ref SecBufferDesc pOutput, //PSecBufferDesc
                        out contextAttributes,    //ref int pfContextAttr,
                        out expiry);              //ref IntPtr ptsExpiry ); //PTimeStamp
                    if (resCode != SEC_E_OK && resCode != SEC_I_CONTINUE_NEEDED)
                    {
                        throw new Exception("InitializeSecurityContext() failed");
                    }
                    return(clientTokenBuf.GetSecBufferBytes());
                }
                finally
                {
                    serverTokenBuf.Dispose();
                }
            }
            finally
            {
                clientTokenBuf.Dispose();
            }
        }
コード例 #6
0
        /// <summary>
        /// Creates client security context and returns "client token"
        /// </summary>
        /// <returns>Client authentication data to be sent to server</returns>
        public byte[] InitializeClientSecurity()
        {
            if (disposed)
            {
                throw new ObjectDisposedException("SSPIHelper");
            }
            CloseClientContext();
            SecInteger    expiry = new SecInteger(0);
            uint          contextAttributes;
            SecBufferDesc clientTokenBuf = new SecBufferDesc(MAX_TOKEN_SIZE);

            try
            {
                int resCode = InitializeSecurityContext(
                    ref clientCredentials,
                    IntPtr.Zero,
                    remotePrincipal,       // null string pszTargetName,
                    STANDARD_CONTEXT_ATTRIBUTES,
                    0,                     //int Reserved1,
                    SECURITY_NATIVE_DREP,  //int TargetDataRep
                    IntPtr.Zero,           //Always zero first time around...
                    0,                     //int Reserved2,
                    out clientContext,     //pHandle CtxtHandle = SecHandle
                    ref clientTokenBuf,    //ref SecBufferDesc pOutput, //PSecBufferDesc
                    out contextAttributes, //ref int pfContextAttr,
                    out expiry);           //ref IntPtr ptsExpiry ); //PTimeStamp
                if (resCode != SEC_E_OK && resCode != SEC_I_CONTINUE_NEEDED)
                {
                    throw new Exception("InitializeSecurityContext failed");
                }
                return(clientTokenBuf.GetSecBufferBytes());
            }
            finally
            {
                clientTokenBuf.Dispose();
            }
        }
コード例 #7
0
		/// <summary>
		/// Creates client authentication data based on already existing security context and
		/// authentication data sent by server
		/// This method must not be called before InitializeClientSecurity
		/// </summary>
		/// <param name="serverToken">Authentication data received from server</param>
		/// <returns>Client authentication data to be sent to server</returns>
		public byte[] GetClientSecurity(byte[] serverToken)
		{
			if (_disposed)
				throw new ObjectDisposedException("SSPIHelper");
			if (_clientContext.IsInvalid)
				throw new InvalidOperationException("InitializeClientSecurity not called");
			SecInteger expiry = new SecInteger();
			uint contextAttributes;
			SecBufferDesc clientTokenBuf = new SecBufferDesc(MAX_TOKEN_SIZE);
			try
			{
				SecBufferDesc serverTokenBuf = new SecBufferDesc(serverToken);
				try
				{
					int resCode = InitializeSecurityContext(
						ref _clientCredentials,
						ref _clientContext,
						_remotePrincipal,// null string pszTargetName,
						STANDARD_CONTEXT_ATTRIBUTES,
						0,//int Reserved1,
						SECURITY_NATIVE_DREP,//int TargetDataRep
						ref serverTokenBuf, // server token must be ref because it is struct
						0, //int Reserved2,
						out _clientContext, //pHandle CtxtHandle = SecHandle
						ref clientTokenBuf,//ref SecBufferDesc pOutput, //PSecBufferDesc
						out contextAttributes,//ref int pfContextAttr,
						out expiry); //ref IntPtr ptsExpiry ); //PTimeStamp
					if (resCode != SEC_E_OK && resCode != SEC_I_CONTINUE_NEEDED)
						throw new Exception("InitializeSecurityContext() failed");
					return clientTokenBuf.GetSecBufferBytes();
				}
				finally
				{
					serverTokenBuf.Dispose();
				}
			}
			finally
			{
				clientTokenBuf.Dispose();
			}
		}
コード例 #8
0
		/// <summary>
		/// Creates client security context and returns "client token"
		/// </summary>
		/// <returns>Client authentication data to be sent to server</returns>
		public byte[] InitializeClientSecurity()
		{
			if (_disposed)
				throw new ObjectDisposedException("SSPIHelper");
			CloseClientContext();
			SecInteger expiry = new SecInteger(0);
			uint contextAttributes;
			SecBufferDesc clientTokenBuf = new SecBufferDesc(MAX_TOKEN_SIZE);
			try
			{
				int resCode = InitializeSecurityContext(
					ref _clientCredentials,
					IntPtr.Zero,
					_remotePrincipal,// null string pszTargetName,
					STANDARD_CONTEXT_ATTRIBUTES,
					0,//int Reserved1,
					SECURITY_NATIVE_DREP,//int TargetDataRep
					IntPtr.Zero,    //Always zero first time around...
					0, //int Reserved2,
					out _clientContext, //pHandle CtxtHandle = SecHandle
					ref clientTokenBuf,//ref SecBufferDesc pOutput, //PSecBufferDesc
					out contextAttributes,//ref int pfContextAttr,
					out expiry); //ref IntPtr ptsExpiry ); //PTimeStamp
				if (resCode != SEC_E_OK && resCode != SEC_I_CONTINUE_NEEDED)
					throw new Exception("InitializeSecurityContext failed");
				return clientTokenBuf.GetSecBufferBytes();
			}
			finally
			{
				clientTokenBuf.Dispose();
			}
		}
コード例 #9
0
		/// <summary>
		/// Creates SSPIHelper with given security package and remote principal and gets client credentials
		/// </summary>
		/// <param name="securPackage">Name of security package (e.g. NTLM, Kerberos, ...)</param>
		/// <param name="remotePrincipal">SPN of server (may be necessary for Kerberos</param>
		public SSPIHelper(string securPackage, string remotePrincipal)
		{
			_securPackage = securPackage;
			_remotePrincipal = remotePrincipal;
			SecInteger expiry = new SecInteger();
			if (AcquireCredentialsHandle(null, securPackage, SECPKG_CRED_OUTBOUND,
																	IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero,
																	out _clientCredentials, out expiry) != SEC_E_OK)
				throw new Exception("Acquiring client credentials failed");
		}
コード例 #10
0
		static extern int InitializeSecurityContext(
			ref SecHandle phCredential,//PCredHandle
			ref SecHandle phContext, //PCtxtHandle
			string pszTargetName,
			int fContextReq,
			int Reserved1,
			int TargetDataRep,
			ref SecBufferDesc SecBufferDesc, //PSecBufferDesc SecBufferDesc
			int Reserved2,
			out SecHandle phNewContext, //PCtxtHandle
			ref SecBufferDesc pOutput, //PSecBufferDesc SecBufferDesc
			out uint pfContextAttr, //managed ulong == 64 bits!!!
			out SecInteger ptsExpiry //PTimeStamp
		);
コード例 #11
0
		static extern int AcquireCredentialsHandle(
			string pszPrincipal, //SEC_CHAR*
			string pszPackage, //SEC_CHAR* //"Kerberos","NTLM","Negotiative"
			int fCredentialUse,
			IntPtr PAuthenticationID,//_LUID AuthenticationID,//pvLogonID, //PLUID
			IntPtr pAuthData,//PVOID
			int pGetKeyFn, //SEC_GET_KEY_FN
			IntPtr pvGetKeyArgument, //PVOID
			out SecHandle phCredential, //SecHandle //PCtxtHandle ref
			out SecInteger ptsExpiry //PTimeStamp //TimeStamp ref
		);