public SecurityBuffer(byte[] secBufferBytes, SecurityBufferType bufferType)
{
cbBuffer = secBufferBytes.Length;
cbBufferType = (int)bufferType;
pvBuffer = Marshal.AllocHGlobal(cbBuffer);
Marshal.Copy(secBufferBytes, 0, pvBuffer, cbBuffer);
}
internal static int DecryptNtlm(
SafeDeleteContext securityContext,
byte[] buffer,
int offset,
int count,
bool isConfidential,
out int newOffset,
uint sequenceNumber)
{
const int ntlmSignatureLength = 16;
// For the most part the arguments are verified in Decrypt().
if (count < ntlmSignatureLength)
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("NTAuthentication#" + LoggingHash.HashString(securityContext) + "::DecryptNtlm", "Argument 'count' out of range.");
}
Debug.Fail("NTAuthentication#" + LoggingHash.HashString(securityContext) + "::DecryptNtlm", "Argument 'count' out of range.");
throw new ArgumentOutOfRangeException(nameof(count));
}
var securityBuffer = new SecurityBuffer[2];
securityBuffer[0] = new SecurityBuffer(buffer, offset, ntlmSignatureLength, SecurityBufferType.Token);
securityBuffer[1] = new SecurityBuffer(buffer, offset + ntlmSignatureLength, count - ntlmSignatureLength, SecurityBufferType.Data);
int errorCode;
SecurityBufferType realDataType = SecurityBufferType.Data;
if (isConfidential)
{
errorCode = SSPIWrapper.DecryptMessage(GlobalSSPI.SSPIAuth, securityContext, securityBuffer, sequenceNumber);
}
else
{
realDataType |= SecurityBufferType.ReadOnlyFlag;
securityBuffer[1].type = realDataType;
errorCode = SSPIWrapper.VerifySignature(GlobalSSPI.SSPIAuth, securityContext, securityBuffer, sequenceNumber);
}
if (errorCode != 0)
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Print("NTAuthentication#" + LoggingHash.HashString(securityContext) + "::Decrypt() throw Error = " + errorCode.ToString("x", NumberFormatInfo.InvariantInfo));
}
throw new Win32Exception(errorCode);
}
if (securityBuffer[1].type != realDataType)
{
throw new InternalException();
}
newOffset = securityBuffer[1].offset;
return(securityBuffer[1].size);
}
/// <summary>
/// Initializes a new instance of the <see cref="SecurityBufferDescriptor" /> struct.
/// </summary>
/// <param name="buffers">The buffers.</param>
/// <exception cref="System.ArgumentException">cannot be null or 0 length;buffers</exception>
public SecurityBufferDescriptor(SecurityBuffer[] buffers)
{
if (buffers == null || buffers.Length == 0)
{
throw new ArgumentException("cannot be null or 0 length", "buffers");
}
BufferType = SecurityBufferType.Version;
NumBuffers = buffers.Length;
//Allocate memory for SecBuffer Array....
BufferPtr = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(SecurityBuffer)) * NumBuffers);
for (int i = 0; i < buffers.Length; i++)
{
var currentBuffer = buffers[i];
var currentOffset = i * Marshal.SizeOf(typeof(SecurityBuffer));
Marshal.WriteInt32(BufferPtr, currentOffset, currentBuffer.Count);
var length = currentOffset + Marshal.SizeOf(typeof(int));
Marshal.WriteInt32(BufferPtr, length, (int)currentBuffer.BufferType);
length = currentOffset + Marshal.SizeOf(typeof(int)) + Marshal.SizeOf(typeof(int));
Marshal.WriteIntPtr(BufferPtr, length, currentBuffer.Token);
}
}
public SecurityBuffer(byte[] data, int offset, int size, SecurityBufferType tokentype)
{
if (offset < 0 || offset > (data == null ? 0 : data.Length))
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("SecurityBuffer::.ctor", "'offset' out of range. [" + offset + "]");
}
Debug.Fail("SecurityBuffer::.ctor", "'offset' out of range. [" + offset + "]");
}
if (size < 0 || size > (data == null ? 0 : data.Length - offset))
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
}
Debug.Fail("SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
}
this.offset = data == null || offset < 0 ? 0 : Math.Min(offset, data.Length);
this.size = data == null || size < 0 ? 0 : Math.Min(size, data.Length - this.offset);
this.type = tokentype;
this.token = size == 0 ? null : data;
}
public static SecBuffer Create(SecurityBufferType type, int length, DisposableList list)
{
var buffer = list.AddResource(new SafeHGlobalBuffer(length));
buffer.FillBuffer(0);
return(new SecBuffer(type, buffer));
}
/// <summary>
/// Initializes a new instance of the <see cref="SecurityBuffer" /> struct.
/// </summary>
/// <param name="bytes">The bytes.</param>
public SecurityBuffer(byte[] bytes)
{
Count = bytes.Length;
BufferType = SecurityBufferType.Token;
Token = Marshal.AllocHGlobal(Count);
Marshal.Copy(bytes, 0, Token, Count);
}
public SecurityBuffer(byte[] secBufferBytes, SecurityBufferType bufferType)
{
cbBuffer = secBufferBytes.Length;
cbBufferType = (int)bufferType;
pvBuffer = Marshal.AllocHGlobal(cbBuffer);
Marshal.Copy(secBufferBytes, 0, pvBuffer, cbBuffer);
}
public SecurityBufferDescriptor(SecurityBuffer[] buffers)
{
if (buffers == null || buffers.Length == 0)
{
throw new ArgumentException("cannot be null or 0 length", "buffers");
}
BufferType = SecurityBufferType.Version;
NumBuffers = buffers.Length;
//Allocate memory for SecBuffer Array....
BufferPtr = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(SecurityBuffer)) * NumBuffers);
for (int i = 0; i < buffers.Length; i++)
{
var currentBuffer = buffers[i];
var currentOffset = i * Marshal.SizeOf(typeof(SecurityBuffer));
Marshal.WriteInt32(BufferPtr, currentOffset, currentBuffer.Count);
var length = currentOffset + Marshal.SizeOf(typeof(int));
Marshal.WriteInt32(BufferPtr, length, (int)currentBuffer.BufferType);
length = currentOffset + Marshal.SizeOf(typeof(int)) + Marshal.SizeOf(typeof(int));
Marshal.WriteIntPtr(BufferPtr, length, currentBuffer.Token);
}
}
public SecurityBuffer(byte[] data, int offset, int size, SecurityBufferType tokentype)
{
if (offset < 0 || offset > (data == null ? 0 : data.Length))
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("SecurityBuffer::.ctor", "'offset' out of range. [" + offset + "]");
}
Debug.Fail("SecurityBuffer::.ctor", "'offset' out of range. [" + offset + "]");
}
if (size < 0 || size > (data == null ? 0 : data.Length - offset))
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
}
Debug.Fail("SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
}
this.offset = data == null || offset < 0 ? 0 : Math.Min(offset, data.Length);
this.size = data == null || size < 0 ? 0 : Math.Min(size, data.Length - this.offset);
this.type = tokentype;
this.token = size == 0 ? null : data;
}
/// <summary>
/// Initializes a new instance of the <see cref="SecurityBuffer" /> struct.
/// </summary>
/// <param name="bytes">The bytes.</param>
public SecurityBuffer(byte[] bytes)
{
Count = bytes.Length;
BufferType = SecurityBufferType.Token;
Token = Marshal.AllocHGlobal(Count);
Marshal.Copy(bytes, 0, Token, Count);
}
/// <summary>
/// Get the data to be signed.
/// </summary>
/// <param name="securityBuffers">The security buffer to extract the data to be signed</param>
/// <returns>The data to be signed</returns>
internal static byte[] GetToBeSignedDataFromSecurityBuffers(SecurityBuffer[] securityBuffers)
{
if (securityBuffers == null)
{
throw new ArgumentNullException("securityBuffers");
}
byte[] message = new byte[0];
for (int i = 0; i < securityBuffers.Length; i++)
{
if (securityBuffers[i] == null)
{
throw new ArgumentNullException("securityBuffers");
}
SecurityBufferType securityBufferType = (securityBuffers[i].BufferType & ~SecurityBufferType.AttrMask);
if (securityBufferType == SecurityBufferType.Data || securityBufferType == SecurityBufferType.Padding)
{
bool skip = (securityBuffers[i].BufferType & SecurityBufferType.ReadOnly) != 0;
if (!skip && securityBuffers[i].Buffer != null)
{
message = ArrayUtility.ConcatenateArrays(message, securityBuffers[i].Buffer);
}
}
}
return(message);
}
private static byte[] ConcatenateSecurityBuffers(
SecurityBuffer[] securityBuffers,
SecurityBufferType[] targetTypes,
bool bothReadOnlyAndReadWrite)
{
byte[] buf = new byte[0];
for (int i = 0; i < securityBuffers.Length; i++)
{
SecurityBufferType securityBufferType = (securityBuffers[i].BufferType & ~SecurityBufferType.AttrMask);
bool typeMatch = false;
for (int j = 0; j < targetTypes.Length; j++)
{
if (securityBufferType == targetTypes[j])
{
typeMatch = true;
break;
}
}
if (typeMatch)
{
bool skip = !bothReadOnlyAndReadWrite &&
(((securityBuffers[i].BufferType & SecurityBufferType.ReadOnly) != 0) ||
((securityBuffers[i].BufferType & SecurityBufferType.ReadOnlyWithChecksum) != 0));
if (!skip && securityBuffers[i].Buffer != null)
{
buf = ArrayUtility.ConcatenateArrays(buf, securityBuffers[i].Buffer);
}
}
}
return(buf);
}
/// <summary>
/// Initializes a new instance of the <see cref="SecurityBufferDescriptor" /> struct.
/// </summary>
/// <param name="secBufferBytes">The sec buffer bytes.</param>
public SecurityBufferDescriptor(byte[] secBufferBytes)
{
BufferType = SecurityBufferType.Version;
NumBuffers = 1;
var buffer = new SecurityBuffer(secBufferBytes);
BufferPtr = Marshal.AllocHGlobal(Marshal.SizeOf(buffer));
Marshal.StructureToPtr(buffer, BufferPtr, false);
}
public SecurityBuffer(int size, SecurityBufferType tokentype)
{
GlobalLog.Assert(size >= 0, "SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
this.size = size;
this.type = tokentype;
this.token = size == 0 ? null : new byte[size];
}
public SecurityBuffer(int size, SecurityBufferType tokentype)
{
GlobalLog.Assert(size >= 0, "SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
this.size = size;
this.type = tokentype;
this.token = size == 0 ? null : new byte[size];
}
public SecurityBuffer(byte[]?data, SecurityBufferType tokentype)
{
this.offset = 0;
this.size = data == null ? 0 : data.Length;
this.type = tokentype;
this.token = size == 0 ? null : data;
this.unmanagedToken = null;
}
public SecurityBuffer(ChannelBinding binding)
{
this.offset = 0;
this.size = (binding == null ? 0 : binding.Size);
this.type = SecurityBufferType.SECBUFFER_CHANNEL_BINDINGS;
this.token = null;
this.unmanagedToken = binding;
}
public SecurityBufferDescriptor(byte[] secBufferBytes)
{
BufferType = SecurityBufferType.Version;
NumBuffers = 1;
var buffer = new SecurityBuffer(secBufferBytes);
BufferPtr = Marshal.AllocHGlobal(Marshal.SizeOf(buffer));
Marshal.StructureToPtr(buffer, BufferPtr, false);
}
private static int DecryptNtlm(
SafeDeleteContext securityContext,
byte[] buffer,
int offset,
int count,
bool isConfidential,
out int newOffset,
uint sequenceNumber)
{
const int ntlmSignatureLength = 16;
// For the most part the arguments are verified in Decrypt().
if (count < ntlmSignatureLength)
{
NetEventSource.Fail(null, "Argument 'count' out of range.");
throw new ArgumentOutOfRangeException(nameof(count));
}
TwoSecurityBuffers buffers = default;
var securityBuffer = MemoryMarshal.CreateSpan(ref buffers._item0, 2);
securityBuffer[0] = new SecurityBuffer(buffer, offset, ntlmSignatureLength, SecurityBufferType.SECBUFFER_TOKEN);
securityBuffer[1] = new SecurityBuffer(buffer, offset + ntlmSignatureLength, count - ntlmSignatureLength, SecurityBufferType.SECBUFFER_DATA);
int errorCode;
SecurityBufferType realDataType = SecurityBufferType.SECBUFFER_DATA;
if (isConfidential)
{
errorCode = SSPIWrapper.DecryptMessage(GlobalSSPI.SSPIAuth, securityContext, securityBuffer, sequenceNumber);
}
else
{
realDataType |= SecurityBufferType.SECBUFFER_READONLY;
securityBuffer[1].type = realDataType;
errorCode = SSPIWrapper.VerifySignature(GlobalSSPI.SSPIAuth, securityContext, securityBuffer, sequenceNumber);
}
if (errorCode != 0)
{
Exception e = new Win32Exception(errorCode);
if (NetEventSource.IsEnabled)
{
NetEventSource.Error(null, e);
}
throw new Win32Exception(errorCode);
}
if (securityBuffer[1].type != realDataType)
{
throw new InternalException(securityBuffer[1].type);
}
newOffset = securityBuffer[1].offset;
return(securityBuffer[1].size);
}
public SecurityBuffer(byte[] data, int offset, int size, SecurityBufferType tokentype)
{
GlobalLog.Assert(offset >= 0 && offset <= (data == null ? 0 : data.Length), "SecurityBuffer::.ctor", "'offset' out of range. [" + offset + "]");
GlobalLog.Assert(size >= 0 && size <= (data == null ? 0 : data.Length - offset), "SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
this.offset = data == null || offset < 0 ? 0 : Math.Min(offset, data.Length);
this.size = data == null || size < 0 ? 0 : Math.Min(size, data.Length - this.offset);
this.type = tokentype;
this.token = size == 0 ? null : data;
}
public SecurityBuffer(int size, SecurityBufferType tokentype)
{
Debug.Assert(size >= 0, $"'size' out of range. [{size}]");
this.offset = 0;
this.size = size;
this.type = tokentype;
this.token = size == 0 ? null : new byte[size];
this.unmanagedToken = null;
}
public SecurityBuffer(byte[] data, int offset, int size, SecurityBufferType tokentype)
{
GlobalLog.Assert(offset >= 0 && offset <= (data == null ? 0 : data.Length), "SecurityBuffer::.ctor", "'offset' out of range. [" + offset + "]");
GlobalLog.Assert(size >= 0 && size <= (data == null ? 0 : data.Length - offset), "SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
this.offset = data == null || offset < 0 ? 0 : Math.Min(offset, data.Length);
this.size = data == null || size < 0 ? 0 : Math.Min(size, data.Length - this.offset);
this.type = tokentype;
this.token = size == 0 ? null : data;
}
public SecurityBufferWrapper(byte[] buffer, SecurityBufferType bufferType)
{
if (buffer == null || buffer.Length == 0)
{
throw new ArgumentException("Buffer cannot be null or zero length");
}
Buffer = buffer;
BufferType = bufferType;
}
public BufferWrapper(byte[] buffer, SecurityBufferType bufferType)
{
if (buffer == null || buffer.Length == 0)
{
throw new ArgumentException("buffer cannot be null or 0 length");
}
Buffer = buffer;
BufferType = bufferType;
}
public SecurityBuffer(byte[]?data, int offset, int size, SecurityBufferType tokentype)
{
Debug.Assert(offset >= 0 && offset <= (data == null ? 0 : data.Length), $"'offset' out of range. [{offset}]");
Debug.Assert(size >= 0 && size <= (data == null ? 0 : data.Length - offset), $"'size' out of range. [{size}]");
this.offset = data == null || offset < 0 ? 0 : Math.Min(offset, data.Length);
this.size = data == null || size < 0 ? 0 : Math.Min(size, data.Length - this.offset);
this.type = tokentype;
this.token = size == 0 ? null : data;
this.unmanagedToken = null;
}
public SecurityBuffer(int size, SecurityBufferType tokentype)
{
if (size < 0)
{
NetEventSource.Fail(this, $"'size' out of range. [{size}]");
}
this.size = size;
this.type = tokentype;
this.token = size == 0 ? null : new byte[size];
}
public SecurityBuffer(int size, SecurityBufferType tokentype)
{
if (size < 0)
{
NetEventSource.Fail(this, $"'size' out of range. [{size}]");
}
this.size = size;
this.type = tokentype;
this.token = size == 0 ? null : new byte[size];
}
private int DecryptNtlm(byte[] payload, int offset, int count, out int newOffset, uint expectedSeqNumber)
{
// For the most part the arguments are verified in Encrypt().
if (count < 16)
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("NTAuthentication#" + LoggingHash.HashString(this) + "::DecryptNtlm", "Argument 'count' out of range.");
}
Debug.Fail("NTAuthentication#" + LoggingHash.HashString(this) + "::DecryptNtlm", "Argument 'count' out of range.");
throw new ArgumentOutOfRangeException(nameof(count));
}
var securityBuffer = new SecurityBuffer[2];
securityBuffer[0] = new SecurityBuffer(payload, offset, 16, SecurityBufferType.Token);
securityBuffer[1] = new SecurityBuffer(payload, offset + 16, count - 16, SecurityBufferType.Data);
int errorCode;
SecurityBufferType realDataType = SecurityBufferType.Data;
if (IsConfidentialityFlag)
{
errorCode = SSPIWrapper.DecryptMessage(GlobalSSPI.SSPIAuth, _securityContext, securityBuffer, expectedSeqNumber);
}
else
{
realDataType |= SecurityBufferType.ReadOnlyFlag;
securityBuffer[1].type = realDataType;
errorCode = SSPIWrapper.VerifySignature(GlobalSSPI.SSPIAuth, _securityContext, securityBuffer, expectedSeqNumber);
}
if (errorCode != 0)
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Print("NTAuthentication#" + LoggingHash.HashString(this) + "::Decrypt() throw Error = " + errorCode.ToString("x", NumberFormatInfo.InvariantInfo));
}
throw new Win32Exception(errorCode);
}
if (securityBuffer[1].type != realDataType)
{
throw new InternalException();
}
newOffset = securityBuffer[1].offset;
return(securityBuffer[1].size);
}
public SecurityBuffer(int size, SecurityBufferType tokentype)
{
if (size < 0)
{
NetEventSource.Fail(typeof(SecurityBuffer), $"'size' out of range. [{size}]");
}
this.offset = 0;
this.size = size;
this.type = tokentype;
this.token = size == 0 ? null : new byte[size];
this.unmanagedToken = null;
}
public SecurityBuffer(int size, SecurityBufferType tokentype)
{
if (size < 0)
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
}
Debug.Fail("SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
}
this.size = size;
this.type = tokentype;
this.token = size == 0 ? null : new byte[size];
}
public SecurityBuffer(int size, SecurityBufferType tokentype)
{
if (size < 0)
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
}
Debug.Fail("SecurityBuffer::.ctor", "'size' out of range. [" + size + "]");
}
this.size = size;
this.type = tokentype;
this.token = size == 0 ? null : new byte[size];
}
/// <summary>
/// Initializes a new instance of the <see cref="SecurityBuffer" /> struct.
/// </summary>
/// <param name="bytes">The bytes.</param>
/// <param name="bufferType">Type of the buffer.</param>
public SecurityBuffer(byte[] bytes, SecurityBufferType bufferType)
{
BufferType = bufferType;
if (bytes != null && bytes.Length != 0)
{
Count = bytes.Length;
Token = Marshal.AllocHGlobal(Count);
Marshal.Copy(bytes, 0, Token, Count);
}
else
{
Count = 0;
Token = IntPtr.Zero;
}
}
/// <summary>
/// Initializes a new instance of the <see cref="SecurityBuffer" /> struct.
/// </summary>
/// <param name="bytes">The bytes.</param>
/// <param name="bufferType">Type of the buffer.</param>
public SecurityBuffer(byte[] bytes, SecurityBufferType bufferType)
{
BufferType = bufferType;
if (bytes != null && bytes.Length != 0)
{
Count = bytes.Length;
Token = Marshal.AllocHGlobal(Count);
Marshal.Copy(bytes, 0, Token, Count);
}
else
{
Count = 0;
Token = IntPtr.Zero;
}
}
public SecurityBuffer(byte[] data, int offset, int size, SecurityBufferType tokentype)
{
if (offset < 0 || offset > (data == null ? 0 : data.Length))
{
NetEventSource.Fail(this, $"'offset' out of range. [{offset}]");
}
if (size < 0 || size > (data == null ? 0 : data.Length - offset))
{
NetEventSource.Fail(this, $"'size' out of range. [{size}]");
}
this.offset = data == null || offset < 0 ? 0 : Math.Min(offset, data.Length);
this.size = data == null || size < 0 ? 0 : Math.Min(size, data.Length - this.offset);
this.type = tokentype;
this.token = size == 0 ? null : data;
}
public SecurityBuffer(byte[] data, int offset, int size, SecurityBufferType tokentype)
{
if (offset < 0 || offset > (data == null ? 0 : data.Length))
{
NetEventSource.Fail(this, $"'offset' out of range. [{offset}]");
}
if (size < 0 || size > (data == null ? 0 : data.Length - offset))
{
NetEventSource.Fail(this, $"'size' out of range. [{size}]");
}
this.offset = data == null || offset < 0 ? 0 : Math.Min(offset, data.Length);
this.size = data == null || size < 0 ? 0 : Math.Min(size, data.Length - this.offset);
this.type = tokentype;
this.token = size == 0 ? null : data;
}
/// <summary>
/// Update buffers of a specified type in the list.
/// Buffer will be separated automatically to fit the original length of a security buffer.
/// If Buffer field of an input security buffer is null, it means the length is unlimited
/// (that is all remaining data will be copied into it).
/// Only read-write (READONLY flag is not set) security buffer will be updated.
/// </summary>
/// <param name="securityBuffers">Input security buffers.</param>
/// <param name="targetTypes">Specified types.</param>
/// <param name="buffer">The buffer to be updated into security buffers.</param>
/// <exception cref="ArgumentNullException">
/// Thrown when securityBuffers or buffer is null.
/// </exception>
/// <exception cref="SspiException">
/// Total length of security buffers is not enough.
/// </exception>
public static void UpdateSecurityBuffers(SecurityBuffer[] securityBuffers, SecurityBufferType[] targetTypes, byte[] buffer)
{
if (securityBuffers == null || securityBuffers.Length == 0)
{
throw new ArgumentNullException("securityBuffers");
}
for (int i = 0; i < securityBuffers.Length; i++)
{
if (securityBuffers[i] == null)
{
throw new ArgumentNullException("securityBuffers");
}
}
if (buffer == null)
{
throw new ArgumentNullException("buffer");
}
int offset = 0;
for (int i = 0; i < securityBuffers.Length; i++)
{
SecurityBufferType securityBufferType = (securityBuffers[i].BufferType & ~SecurityBufferType.AttrMask);
bool isReadOnly = ((securityBuffers[i].BufferType & SecurityBufferType.ReadOnly) != 0)
|| ((securityBuffers[i].BufferType & SecurityBufferType.ReadOnlyWithChecksum) != 0);
bool typeMatch = false;
for (int j = 0; j < targetTypes.Length; j++)
{
if (securityBufferType == targetTypes[j])
{
typeMatch = true;
break;
}
}
if (typeMatch && !isReadOnly)
{
int length = buffer.Length - offset;
if (securityBuffers[i].Buffer != null && securityBuffers[i].Buffer.Length < length)
{
length = securityBuffers[i].Buffer.Length;
}
securityBuffers[i].Buffer = ArrayUtility.SubArray(
buffer,
offset,
length);
offset += length;
}
}
if (offset < buffer.Length)
{
throw new SspiException("Total length of security buffers is not enough.");
}
else if (offset > buffer.Length)
{
//Unlikely to happen
throw new InvalidOperationException("Extra data were written to security buffers.");
}
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="bufferType">SecBuffer type</param>
/// <param name="buffer">SecBuffer in bytes.</param>
public SecurityBuffer(SecurityBufferType bufferType, byte[] buffer)
{
this.BufferType = bufferType;
this.Buffer = buffer;
}
public SecurityBuffer(byte[] data, SecurityBufferType tokentype)
{
this.size = data == null ? 0 : data.Length;
this.type = tokentype;
this.token = size == 0 ? null : data;
}
public SecurityBuffer(byte[] data, SecurityBufferType tokentype)
{
this.size = data == null ? 0 : data.Length;
this.type = tokentype;
this.token = size == 0 ? null : data;
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="type">The type of buffer.</param>
public SecurityBufferEmpty(SecurityBufferType type)
: base(type)
{
}
private static byte[] ConcatenateSecurityBuffers(
SecurityBuffer[] securityBuffers,
SecurityBufferType[] targetTypes,
bool bothReadOnlyAndReadWrite)
{
byte[] buf = new byte[0];
for (int i = 0; i < securityBuffers.Length; i++)
{
SecurityBufferType securityBufferType = (securityBuffers[i].BufferType & ~SecurityBufferType.AttrMask);
bool typeMatch = false;
for (int j = 0; j < targetTypes.Length; j++)
{
if (securityBufferType == targetTypes[j])
{
typeMatch = true;
break;
}
}
if (typeMatch)
{
bool skip = !bothReadOnlyAndReadWrite
&& (((securityBuffers[i].BufferType & SecurityBufferType.ReadOnly) != 0)
|| ((securityBuffers[i].BufferType & SecurityBufferType.ReadOnlyWithChecksum) != 0));
if (!skip && securityBuffers[i].Buffer != null)
{
buf = ArrayUtility.ConcatenateArrays(buf, securityBuffers[i].Buffer);
}
}
}
return buf;
}
// constructors
/// <summary>
/// Initializes a new instance of the <see cref="SecurityBuffer" /> struct.
/// </summary>
/// <param name="bufferSize">Size of the buffer.</param>
public SecurityBuffer(int bufferSize)
{
Count = bufferSize;
BufferType = SecurityBufferType.Token;
Token = Marshal.AllocHGlobal(bufferSize);
}
public SecurityBuffer(ChannelBinding binding)
{
this.size = (binding == null ? 0 : binding.Size);
this.type = SecurityBufferType.ChannelBindings;
this.unmanagedToken = binding;
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="type">The type of buffer.</param>
/// <param name="size">The size of the output buffer.</param>
public SecurityBufferOut(SecurityBufferType type, int size) : base(type)
{
_size = size;
}
// constructors
/// <summary>
/// Initializes a new instance of the <see cref="SecurityBuffer" /> struct.
/// </summary>
/// <param name="bufferSize">Size of the buffer.</param>
public SecurityBuffer(int bufferSize)
{
Count = bufferSize;
BufferType = SecurityBufferType.Token;
Token = Marshal.AllocHGlobal(bufferSize);
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="type">The type of the buffer.</param>
public SecurityBufferAllocMem(SecurityBufferType type) : base(type)
{
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="bufferType">SecBuffer type</param>
/// <param name="buffer">SecBuffer in bytes.</param>
public SecurityBuffer(SecurityBufferType bufferType, byte[] buffer)
{
this.BufferType = bufferType;
this.Buffer = buffer;
}
/// <summary>
/// Update buffers of a specified type in the list.
/// Buffer will be separated automatically to fit the original length of a security buffer.
/// If Buffer field of an input security buffer is null, it means the length is unlimited
/// (that is all remaining data will be copied into it).
/// Only read-write (READONLY flag is not set) security buffer will be updated.
/// </summary>
/// <param name="securityBuffers">Input security buffers.</param>
/// <param name="targetType">A specified type.</param>
/// <param name="buffer">The buffer to be updated into security buffers.</param>
/// <exception cref="ArgumentNullException">
/// Thrown when securityBuffers or buffer is null.
/// </exception>
/// <exception cref="SspiException">
/// Total length of security buffers is not enough.
/// </exception>
public static void UpdateSecurityBuffers(SecurityBuffer[] securityBuffers, SecurityBufferType targetType, byte[] buffer)
{
UpdateSecurityBuffers(securityBuffers, new SecurityBufferType[] { targetType }, buffer);
}
private protected SecurityBuffer(SecurityBufferType type)
{
Type = type;
}
public SecurityBuffer(ChannelBinding binding)
{
this.size = (binding == null ? 0 : binding.Size);
this.type = SecurityBufferType.SECBUFFER_CHANNEL_BINDINGS;
this.unmanagedToken = binding;
}
