internal static void FreeSchannelCred(SchannelCred schannelCred) { if (schannelCred.paCred != IntPtr.Zero) { Marshal.FreeHGlobal(schannelCred.paCred); schannelCred.paCred = IntPtr.Zero; } }
internal static IntPtr CreateAuthData(SchannelCred schannelCred) { IntPtr pAuthData = Marshal.AllocHGlobal(Marshal.SizeOf(schannelCred)); Marshal.StructureToPtr(schannelCred, pAuthData, false); return pAuthData; }
internal static void DtlsAcquireCredentialsHandle( SecurityPackageType packageType, CertificateCredential certificateCredential, string serverPrincipal, uint fCredentialUse, out SecurityHandle credentialHandle) { string stringPackage = SspiUtility.GetPackageStringName(packageType); SecurityInteger expiryTime = new SecurityInteger(); uint enabledProtocols; if (fCredentialUse == NativeMethods.SECPKG_CRED_OUTBOUND) { enabledProtocols = NativeMethods.SP_PROT_DTLS_CLIENT; } else { enabledProtocols = NativeMethods.SP_PROT_DTLS_SERVER; } SchannelCred schannelCred = new SchannelCred(certificateCredential, enabledProtocols); CredSspCred sspCred = new CredSspCred(); IntPtr pAuthData = IntPtr.Zero; if (packageType == SecurityPackageType.Schannel) { pAuthData = SspiUtility.CreateAuthData(schannelCred); } else if (packageType == SecurityPackageType.CredSsp) { sspCred.pSchannelCred = SspiUtility.CreateAuthData(schannelCred); sspCred.pSpnegoCred = IntPtr.Zero; sspCred.Type = CredSspSubmitType.CredsspSubmitBufferBoth; pAuthData = SspiUtility.CreateAuthData(sspCred); } uint result = NativeMethods.AcquireCredentialsHandle( null, stringPackage, fCredentialUse, IntPtr.Zero, pAuthData, IntPtr.Zero, IntPtr.Zero, out credentialHandle, out expiryTime); //Free memory SspiUtility.FreeSchannelCred(schannelCred); if (pAuthData != IntPtr.Zero) { if (packageType == SecurityPackageType.CredSsp) { Marshal.FreeHGlobal(sspCred.pSchannelCred); } Marshal.FreeHGlobal(pAuthData); } if (result != NativeMethods.SEC_E_OK) { throw new SspiException("AquireCredentialsHandle fails.", result); } }
internal static void AcquireCredentialsHandle( SecurityPackageType packageType, AccountCredential accountCredential, string serverPrincipal, uint fCredentialUse, out SecurityHandle credentialHandle) { string stringPackage = SspiUtility.GetPackageStringName(packageType); SecurityInteger expiryTime; SecurityWinntAuthIdentity authIdentity = new SecurityWinntAuthIdentity(accountCredential); IntPtr pAuthData = IntPtr.Zero; SchannelCred schannelCred = new SchannelCred(); schannelCred.dwVersion = NativeMethods.SCHANNEL_CRED_VERSION; schannelCred.cCreds = 0; schannelCred.paCred = IntPtr.Zero; CredSspCred credSsp = new CredSspCred(); switch (packageType) { case SecurityPackageType.Ntlm: case SecurityPackageType.Kerberos: case SecurityPackageType.Negotiate: pAuthData = SspiUtility.CreateAuthData(authIdentity); break; case SecurityPackageType.Schannel: pAuthData = SspiUtility.CreateAuthData(schannelCred); break; case SecurityPackageType.CredSsp: credSsp.Type = CredSspSubmitType.CredsspSubmitBufferBoth; credSsp.pSchannelCred = CreateAuthData(schannelCred); credSsp.pSpnegoCred = CreateAuthData(authIdentity); pAuthData = CreateAuthData(credSsp); break; //default, if other values, exception will be thrown by GetPackageStringName. default: throw new ArgumentException("Invlid packageType value.", "packageType"); } uint result = NativeMethods.AcquireCredentialsHandle( serverPrincipal, stringPackage, fCredentialUse, IntPtr.Zero, pAuthData, IntPtr.Zero, IntPtr.Zero, out credentialHandle, out expiryTime); //Free memory switch (packageType) { case SecurityPackageType.Ntlm: case SecurityPackageType.Kerberos: case SecurityPackageType.Negotiate: SspiUtility.FreeSecurityWinntAuthIdentity(authIdentity); break; case SecurityPackageType.Schannel: stringPackage = Schannel; SspiUtility.FreeSchannelCred(schannelCred); break; case SecurityPackageType.CredSsp: SspiUtility.FreeSecurityWinntAuthIdentity(authIdentity); SspiUtility.FreeSchannelCred(schannelCred); SspiUtility.FreeCredSspCred(credSsp); break; //default, if other values, exception will be thrown by GetPackageStringName. default: throw new ArgumentException("Invlid packageType value.", "packageType"); } Marshal.FreeHGlobal(pAuthData); if (result != NativeMethods.SEC_E_OK) { throw new SspiException("AquireCredentialsHandle failed", result); } }