/// <summary> /// Queries a string-valued context attribute by the named attribute. /// </summary> /// <param name="attrib">The string-valued attribute to query.</param> /// <returns></returns> private string QueryContextString(CContextQueryAttrib attrib) { CSecPkgContext_String stringAttrib; CSecurityStatus status = CSecurityStatus.InternalError; string result = null; bool gotRef = false; if (attrib != CContextQueryAttrib.Names && attrib != CContextQueryAttrib.Authority) { throw new InvalidOperationException("QueryContextString can only be used to query context Name and Authority attributes"); } stringAttrib = new CSecPkgContext_String(); RuntimeHelpers.PrepareConstrainedRegions(); try { this.ContextHandle.DangerousAddRef(ref gotRef); } catch (Exception) { if (gotRef) { this.ContextHandle.DangerousRelease(); gotRef = false; } throw; } finally { if (gotRef) { status = CContextNativeMethods.QueryContextAttributes_String( ref this.ContextHandle.rawHandle, attrib, ref stringAttrib ); this.ContextHandle.DangerousRelease(); if (status == CSecurityStatus.OK) { result = Marshal.PtrToStringUni(stringAttrib.StringResult); CContextNativeMethods.FreeContextBuffer(stringAttrib.StringResult); } } } if (status == CSecurityStatus.Unsupported) { return(null); } else if (status != CSecurityStatus.OK) { throw new CSSPIException("Failed to query the context's associated user name", status); } return(result); }
/// <summary> /// Signs the message using the context's session key. /// </summary> /// <remarks> /// The structure of the returned buffer is as follows: /// - 4 bytes, unsigned big-endian integer indicating the length of the plaintext message /// - 2 bytes, unsigned big-endian integer indicating the length of the signture /// - The plaintext message /// - The message's signature. /// </remarks> /// <param name="message"></param> /// <returns></returns> public byte[] MakeSignature(byte[] message) { CSecurityStatus status = CSecurityStatus.InternalError; CSecPkgContext_Sizes sizes; CSecureBuffer dataBuffer; CSecureBuffer signatureBuffer; CSecureBufferAdapter adapter; CheckLifecycle(); sizes = QueryBufferSizes(); dataBuffer = new CSecureBuffer(new byte[message.Length], CBufferType.Data); signatureBuffer = new CSecureBuffer(new byte[sizes.MaxSignature], CBufferType.Token); Array.Copy(message, dataBuffer.Buffer, message.Length); using (adapter = new CSecureBufferAdapter(new[] { dataBuffer, signatureBuffer })) { status = CContextNativeMethods.SafeMakeSignature( this.ContextHandle, 0, adapter, 0 ); } if (status != CSecurityStatus.OK) { throw new CSSPIException("Failed to create message signature.", status); } byte[] outMessage; int position = 0; // Enough room for // - original message length (4 bytes) // - signature length (2 bytes) // - original message // - signature outMessage = new byte[4 + 2 + dataBuffer.Length + signatureBuffer.Length]; CByteWriter.WriteInt32_BE(dataBuffer.Length, outMessage, position); position += 4; CByteWriter.WriteInt16_BE((Int16)signatureBuffer.Length, outMessage, position); position += 2; Array.Copy(dataBuffer.Buffer, 0, outMessage, position, dataBuffer.Length); position += dataBuffer.Length; Array.Copy(signatureBuffer.Buffer, 0, outMessage, position, signatureBuffer.Length); position += signatureBuffer.Length; return(outMessage); }
protected override bool ReleaseHandle() { CSecurityStatus status = CContextNativeMethods.DeleteSecurityContext( ref base.rawHandle ); base.ReleaseHandle(); return(status == CSecurityStatus.OK); }
/// <summary> /// Queries the security package's expections regarding message/token/signature/padding buffer sizes. /// </summary> /// <returns></returns> private CSecPkgContext_Sizes QueryBufferSizes() { CSecPkgContext_Sizes sizes = new CSecPkgContext_Sizes(); CSecurityStatus status = CSecurityStatus.InternalError; bool gotRef = false; RuntimeHelpers.PrepareConstrainedRegions(); try { this.ContextHandle.DangerousAddRef(ref gotRef); } catch (Exception) { if (gotRef) { this.ContextHandle.DangerousRelease(); gotRef = false; } throw; } finally { if (gotRef) { status = CContextNativeMethods.QueryContextAttributes_Sizes( ref this.ContextHandle.rawHandle, CContextQueryAttrib.Sizes, ref sizes ); this.ContextHandle.DangerousRelease(); } } if (status != CSecurityStatus.OK) { throw new CSSPIException("Failed to query context buffer size attributes", status); } return(sizes); }
/// <summary> /// Safely invokes the native VerifySignature function, making sure that handle ref counting is /// performed in a proper CER. /// </summary> /// <param name="handle"></param> /// <param name="qualityOfProtection"></param> /// <param name="adapter"></param> /// <param name="sequenceNumber"></param> /// <returns></returns> internal static CSecurityStatus SafeVerifySignature( CSafeContextHandle handle, int qualityOfProtection, CSecureBufferAdapter adapter, int sequenceNumber) { bool gotRef = false; CSecurityStatus status = CSecurityStatus.InternalError; RuntimeHelpers.PrepareConstrainedRegions(); try { handle.DangerousAddRef(ref gotRef); } catch (Exception) { if (gotRef) { handle.DangerousRelease(); gotRef = false; } throw; } finally { if (gotRef) { status = CContextNativeMethods.VerifySignature( ref handle.rawHandle, adapter.Handle, sequenceNumber, qualityOfProtection ); handle.DangerousRelease(); } } return(status); }
/// <summary> /// Called by the ImpersonationHandle when it is released, either by disposale or finalization. /// </summary> internal void RevertImpersonate() { bool gotRef = false; if (impersonating == false || this.Disposed) { return; } RuntimeHelpers.PrepareConstrainedRegions(); try { this.ContextHandle.DangerousAddRef(ref gotRef); } catch (Exception) { if (gotRef) { this.ContextHandle.DangerousRelease(); gotRef = false; } throw; } finally { if (gotRef) { CContextNativeMethods.RevertSecurityContext( ref this.ContextHandle.rawHandle ); this.ContextHandle.DangerousRelease(); this.impersonating = false; } } }
/// <summary> /// Verifies the signature of a signed message /// </summary> /// <remarks> /// The expected structure of the signed message buffer is as follows: /// - 4 bytes, unsigned integer in big endian format indicating the length of the plaintext message /// - 2 bytes, unsigned integer in big endian format indicating the length of the signture /// - The plaintext message /// - The message's signature. /// </remarks> /// <param name="signedMessage">The packed signed message.</param> /// <param name="origMessage">The extracted original message.</param> /// <returns>True if the message has a valid signature, false otherwise.</returns> public bool VerifySignature(byte[] signedMessage, out byte[] origMessage) { CSecurityStatus status = CSecurityStatus.InternalError; CSecPkgContext_Sizes sizes; CSecureBuffer dataBuffer; CSecureBuffer signatureBuffer; CSecureBufferAdapter adapter; CheckLifecycle(); sizes = QueryBufferSizes(); if (signedMessage.Length < 2 + 4 + sizes.MaxSignature) { throw new ArgumentException("Input message is too small to possibly fit a valid message"); } int position = 0; int messageLen; int sigLen; messageLen = CByteWriter.ReadInt32_BE(signedMessage, 0); position += 4; sigLen = CByteWriter.ReadInt16_BE(signedMessage, position); position += 2; if (messageLen + sigLen + 2 + 4 > signedMessage.Length) { throw new ArgumentException("The buffer contains invalid data - the embedded length data does not add up."); } dataBuffer = new CSecureBuffer(new byte[messageLen], CBufferType.Data); Array.Copy(signedMessage, position, dataBuffer.Buffer, 0, messageLen); position += messageLen; signatureBuffer = new CSecureBuffer(new byte[sigLen], CBufferType.Token); Array.Copy(signedMessage, position, signatureBuffer.Buffer, 0, sigLen); position += sigLen; using (adapter = new CSecureBufferAdapter(new[] { dataBuffer, signatureBuffer })) { status = CContextNativeMethods.SafeVerifySignature( this.ContextHandle, 0, adapter, 0 ); } if (status == CSecurityStatus.OK) { origMessage = dataBuffer.Buffer; return(true); } else if (status == CSecurityStatus.MessageAltered || status == CSecurityStatus.OutOfSequence) { origMessage = null; return(false); } else { throw new CSSPIException("Failed to determine the veracity of a signed message.", status); } }
/// <summary> /// Decrypts a previously encrypted message. /// </summary> /// <remarks> /// The expected format of the buffer is as follows: /// - 2 bytes, an unsigned big-endian integer indicating the length of the trailer buffer size /// - 4 bytes, an unsigned big-endian integer indicating the length of the message buffer size. /// - 2 bytes, an unsigned big-endian integer indicating the length of the encryption padding buffer size. /// - The trailer buffer /// - The message buffer /// - The padding buffer. /// </remarks> /// <param name="input">The packed and encrypted data.</param> /// <returns>The original plaintext message.</returns> public byte[] Decrypt(byte[] input) { CSecPkgContext_Sizes sizes; CSecureBuffer trailerBuffer; CSecureBuffer dataBuffer; CSecureBuffer paddingBuffer; CSecureBufferAdapter adapter; CSecurityStatus status; byte[] result = null; int remaining; int position; int trailerLength; int dataLength; int paddingLength; CheckLifecycle(); sizes = QueryBufferSizes(); // This check is required, but not sufficient. We could be stricter. if (input.Length < 2 + 4 + 2 + sizes.SecurityTrailer) { throw new ArgumentException("Buffer is too small to possibly contain an encrypted message"); } position = 0; trailerLength = CByteWriter.ReadInt16_BE(input, position); position += 2; dataLength = CByteWriter.ReadInt32_BE(input, position); position += 4; paddingLength = CByteWriter.ReadInt16_BE(input, position); position += 2; if (trailerLength + dataLength + paddingLength + 2 + 4 + 2 > input.Length) { throw new ArgumentException("The buffer contains invalid data - the embedded length data does not add up."); } trailerBuffer = new CSecureBuffer(new byte[trailerLength], CBufferType.Token); dataBuffer = new CSecureBuffer(new byte[dataLength], CBufferType.Data); paddingBuffer = new CSecureBuffer(new byte[paddingLength], CBufferType.Padding); remaining = input.Length - position; if (trailerBuffer.Length <= remaining) { Array.Copy(input, position, trailerBuffer.Buffer, 0, trailerBuffer.Length); position += trailerBuffer.Length; remaining -= trailerBuffer.Length; } else { throw new ArgumentException("Input is missing data - it is not long enough to contain a fully encrypted message"); } if (dataBuffer.Length <= remaining) { Array.Copy(input, position, dataBuffer.Buffer, 0, dataBuffer.Length); position += dataBuffer.Length; remaining -= dataBuffer.Length; } else { throw new ArgumentException("Input is missing data - it is not long enough to contain a fully encrypted message"); } if (paddingBuffer.Length <= remaining) { Array.Copy(input, position, paddingBuffer.Buffer, 0, paddingBuffer.Length); } // else there was no padding. using (adapter = new CSecureBufferAdapter(new [] { trailerBuffer, dataBuffer, paddingBuffer })) { status = CContextNativeMethods.SafeDecryptMessage( this.ContextHandle, 0, adapter, 0 ); } if (status != CSecurityStatus.OK) { throw new CSSPIException("Failed to encrypt message", status); } result = new byte[dataBuffer.Length]; Array.Copy(dataBuffer.Buffer, 0, result, 0, dataBuffer.Length); return(result); }
/// <summary> /// Encrypts the byte array using the context's session key. /// </summary> /// <remarks> /// The structure of the returned data is as follows: /// - 2 bytes, an unsigned big-endian integer indicating the length of the trailer buffer size /// - 4 bytes, an unsigned big-endian integer indicating the length of the message buffer size. /// - 2 bytes, an unsigned big-endian integer indicating the length of the encryption padding buffer size. /// - The trailer buffer /// - The message buffer /// - The padding buffer. /// </remarks> /// <param name="input">The raw message to encrypt.</param> /// <returns>The packed and encrypted message.</returns> public byte[] Encrypt(byte[] input) { // The message is encrypted in place in the buffer we provide to Win32 EncryptMessage CSecPkgContext_Sizes sizes; CSecureBuffer trailerBuffer; CSecureBuffer dataBuffer; CSecureBuffer paddingBuffer; CSecureBufferAdapter adapter; CSecurityStatus status = CSecurityStatus.InvalidHandle; byte[] result; CheckLifecycle(); sizes = QueryBufferSizes(); trailerBuffer = new CSecureBuffer(new byte[sizes.SecurityTrailer], CBufferType.Token); dataBuffer = new CSecureBuffer(new byte[input.Length], CBufferType.Data); paddingBuffer = new CSecureBuffer(new byte[sizes.BlockSize], CBufferType.Padding); Array.Copy(input, dataBuffer.Buffer, input.Length); using (adapter = new CSecureBufferAdapter(new[] { trailerBuffer, dataBuffer, paddingBuffer })) { status = CContextNativeMethods.SafeEncryptMessage( this.ContextHandle, 0, adapter, 0 ); } if (status != CSecurityStatus.OK) { throw new CSSPIException("Failed to encrypt message", status); } int position = 0; // Enough room to fit: // -- 2 bytes for the trailer buffer size // -- 4 bytes for the message size // -- 2 bytes for the padding size. // -- The encrypted message result = new byte[2 + 4 + 2 + trailerBuffer.Length + dataBuffer.Length + paddingBuffer.Length]; CByteWriter.WriteInt16_BE((short)trailerBuffer.Length, result, position); position += 2; CByteWriter.WriteInt32_BE(dataBuffer.Length, result, position); position += 4; CByteWriter.WriteInt16_BE((short)paddingBuffer.Length, result, position); position += 2; Array.Copy(trailerBuffer.Buffer, 0, result, position, trailerBuffer.Length); position += trailerBuffer.Length; Array.Copy(dataBuffer.Buffer, 0, result, position, dataBuffer.Length); position += dataBuffer.Length; Array.Copy(paddingBuffer.Buffer, 0, result, position, paddingBuffer.Length); position += paddingBuffer.Length; return(result); }
/// <summary> /// Performs and continues the authentication cycle. /// </summary> /// <remarks> /// This method is performed iteratively to continue and end the authentication cycle with the /// client. Each stage works by acquiring a token from one side, presenting it to the other side /// which in turn may generate a new token. /// /// The cycle typically starts and ends with the client. On the first invocation on the client, /// no server token exists, and null is provided in its place. The client returns its status, providing /// its output token for the server. The server accepts the clients token as input and provides a /// token as output to send back to the client. This cycle continues until the server and client /// both indicate, typically, a SecurityStatus of 'OK'. /// </remarks> /// <param name="clientToken">The most recently received token from the client.</param> /// <param name="nextToken">The servers next authentication token in the cycle, that must /// be sent to the client.</param> /// <returns>A status message indicating the progression of the authentication cycle. /// A status of 'OK' indicates that the cycle is complete, from the servers's perspective. If the nextToken /// is not null, it must be sent to the client. /// A status of 'Continue' indicates that the output token should be sent to the client and /// a response should be anticipated.</returns> public CSecurityStatus AcceptToken(byte[] clientToken, out byte[] nextToken) { CSecureBuffer clientBuffer; CSecureBuffer outBuffer; CSecurityStatus status; CTimeStamp rawExpiry = new CTimeStamp(); CSecureBufferAdapter clientAdapter; CSecureBufferAdapter outAdapter; if (this.Disposed) { throw new ObjectDisposedException("ServerContext"); } else if (this.Initialized) { throw new InvalidOperationException( "Attempted to continue initialization of a ServerContext after initialization had completed." ); } clientBuffer = new CSecureBuffer(clientToken, CBufferType.Token); outBuffer = new CSecureBuffer( new byte[this.Credential.PackageInfo.MaxTokenLength], CBufferType.Token ); using (clientAdapter = new CSecureBufferAdapter(clientBuffer)) { using (outAdapter = new CSecureBufferAdapter(outBuffer)) { if (this.ContextHandle.IsInvalid) { status = CContextNativeMethods.AcceptSecurityContext_1( ref this.Credential.Handle.rawHandle, IntPtr.Zero, clientAdapter.Handle, requestedAttribs, CSecureBufferDataRep.Network, ref this.ContextHandle.rawHandle, outAdapter.Handle, ref this.finalAttribs, ref rawExpiry ); } else { status = CContextNativeMethods.AcceptSecurityContext_2( ref this.Credential.Handle.rawHandle, ref this.ContextHandle.rawHandle, clientAdapter.Handle, requestedAttribs, CSecureBufferDataRep.Network, ref this.ContextHandle.rawHandle, outAdapter.Handle, ref this.finalAttribs, ref rawExpiry ); } } } if (status == CSecurityStatus.OK) { nextToken = null; base.Initialize(rawExpiry.ToDateTime()); if (outBuffer.Length != 0) { nextToken = new byte[outBuffer.Length]; Array.Copy(outBuffer.Buffer, nextToken, nextToken.Length); } else { nextToken = null; } } else if (status == CSecurityStatus.ContinueNeeded) { nextToken = new byte[outBuffer.Length]; Array.Copy(outBuffer.Buffer, nextToken, nextToken.Length); } else { throw new CSSPIException("Failed to call AcceptSecurityContext", status); } return(status); }
/// <summary> /// Changes the current thread's security context to impersonate the user of the client. /// </summary> /// <remarks> /// Requires that the security package provided with the server's credentials, as well as the /// client's credentials, support impersonation. /// /// Currently, only one thread may initiate impersonation per security context. Impersonation may /// follow threads created by the initial impersonation thread, however. /// </remarks> /// <returns>A handle to capture the lifetime of the impersonation. Dispose the handle to revert /// impersonation. If the handle is leaked, the impersonation will automatically revert at a /// non-deterministic time when the handle is finalized by the Garbage Collector.</returns> public CImpersonationHandle ImpersonateClient() { CImpersonationHandle handle; CSecurityStatus status = CSecurityStatus.InternalError; bool gotRef = false; if (this.Disposed) { throw new ObjectDisposedException("ServerContext"); } else if (this.Initialized == false) { throw new InvalidOperationException( "The server context has not been completely initialized." ); } else if (impersonating) { throw new InvalidOperationException("Cannot impersonate again while already impersonating."); } else if (this.SupportsImpersonate == false) { throw new InvalidOperationException( "The ServerContext is using a security package that does not support impersonation." ); } handle = new CImpersonationHandle(this); RuntimeHelpers.PrepareConstrainedRegions(); try { this.ContextHandle.DangerousAddRef(ref gotRef); } catch (Exception) { if (gotRef) { this.ContextHandle.DangerousRelease(); gotRef = false; } throw; } finally { if (gotRef) { status = CContextNativeMethods.ImpersonateSecurityContext( ref this.ContextHandle.rawHandle ); this.ContextHandle.DangerousRelease(); this.impersonating = true; } } if (status == CSecurityStatus.NoImpersonation) { throw new CSSPIException("Impersonation could not be performed.", status); } else if (status == CSecurityStatus.Unsupported) { throw new CSSPIException("Impersonation is not supported by the security context's Security Support Provider.", status); } else if (status != CSecurityStatus.OK) { throw new CSSPIException("Failed to impersonate the client", status); } return(handle); }
/// <summary> /// Performs and continues the authentication cycle. /// </summary> /// <remarks> /// This method is performed iteratively to start, continue, and end the authentication cycle with the /// server. Each stage works by acquiring a token from one side, presenting it to the other side /// which in turn may generate a new token. /// /// The cycle typically starts and ends with the client. On the first invocation on the client, /// no server token exists, and null is provided in its place. The client returns its status, providing /// its output token for the server. The server accepts the clients token as input and provides a /// token as output to send back to the client. This cycle continues until the server and client /// both indicate, typically, a SecurityStatus of 'OK'. /// </remarks> /// <param name="serverToken">The most recently received token from the server, or null if beginning /// the authentication cycle.</param> /// <param name="outToken">The clients next authentication token in the authentication cycle.</param> /// <returns>A status message indicating the progression of the authentication cycle. /// A status of 'OK' indicates that the cycle is complete, from the client's perspective. If the outToken /// is not null, it must be sent to the server. /// A status of 'Continue' indicates that the output token should be sent to the server and /// a response should be anticipated.</returns> public CSecurityStatus Init(byte[] serverToken, out byte[] outToken) { CTimeStamp rawExpiry = new CTimeStamp(); CSecurityStatus status; CSecureBuffer outTokenBuffer; CSecureBufferAdapter outAdapter; CSecureBuffer serverBuffer; CSecureBufferAdapter serverAdapter; if (this.Disposed) { throw new ObjectDisposedException("ClientContext"); } else if ((serverToken != null) && (this.ContextHandle.IsInvalid)) { throw new InvalidOperationException("Out-of-order usage detected - have a server token, but no previous client token had been created."); } else if ((serverToken == null) && (this.ContextHandle.IsInvalid == false)) { throw new InvalidOperationException("Must provide the server's response when continuing the init process."); } // The security package tells us how big its biggest token will be. We'll allocate a buffer // that size, and it'll tell us how much it used. outTokenBuffer = new CSecureBuffer( new byte[this.Credential.PackageInfo.MaxTokenLength], CBufferType.Token ); serverBuffer = null; if (serverToken != null) { serverBuffer = new CSecureBuffer(serverToken, CBufferType.Token); } // Some notes on handles and invoking InitializeSecurityContext // - The first time around, the phContext parameter (the 'old' handle) is a null pointer to what // would be an RawSspiHandle, to indicate this is the first time it's being called. // The phNewContext is a pointer (reference) to an RawSspiHandle struct of where to write the // new handle's values. // - The next time you invoke ISC, it takes a pointer to the handle it gave you last time in phContext, // and takes a pointer to where it should write the new handle's values in phNewContext. // - After the first time, you can provide the same handle to both parameters. From MSDN: // "On the second call, phNewContext can be the same as the handle specified in the phContext // parameter." // It will overwrite the handle you gave it with the new handle value. // - All handle structures themselves are actually *two* pointer variables, eg, 64 bits on 32-bit // Windows, 128 bits on 64-bit Windows. // - So in the end, on a 64-bit machine, we're passing a 64-bit value (the pointer to the struct) that // points to 128 bits of memory (the struct itself) for where to write the handle numbers. using (outAdapter = new CSecureBufferAdapter(outTokenBuffer)) { if (this.ContextHandle.IsInvalid) { status = CContextNativeMethods.InitializeSecurityContext_1( ref this.Credential.Handle.rawHandle, IntPtr.Zero, this.serverPrinc, this.requestedAttribs, 0, CSecureBufferDataRep.Network, IntPtr.Zero, 0, ref this.ContextHandle.rawHandle, outAdapter.Handle, ref this.finalAttribs, ref rawExpiry ); } else { using (serverAdapter = new CSecureBufferAdapter(serverBuffer)) { status = CContextNativeMethods.InitializeSecurityContext_2( ref this.Credential.Handle.rawHandle, ref this.ContextHandle.rawHandle, this.serverPrinc, this.requestedAttribs, 0, CSecureBufferDataRep.Network, serverAdapter.Handle, 0, ref this.ContextHandle.rawHandle, outAdapter.Handle, ref this.finalAttribs, ref rawExpiry ); } } } if (status.IsError() == false) { if (status == CSecurityStatus.OK) { base.Initialize(rawExpiry.ToDateTime()); } outToken = null; if (outTokenBuffer.Length != 0) { outToken = new byte[outTokenBuffer.Length]; Array.Copy(outTokenBuffer.Buffer, outToken, outToken.Length); } } else { throw new CSSPIException("Failed to invoke InitializeSecurityContext for a client", status); } return(status); }