public static extern uint InitializeSecurityContext( ref SspiHandle credentialHandle, ref SspiHandle inContextHandle, string targetName, SspiContextFlags flags, int reserved1, DataRepresentation dataRepresentation, ref SecurityBufferDescriptor inputBuffer, int reserved2, ref SspiHandle outContext, ref SecurityBufferDescriptor outputBuffer, out SspiContextFlags outAttributes, out long timestamp);
// public methods public void DecryptMessage(int messageLength, byte[] encryptedBytes, out byte[] decryptedBytes) { decryptedBytes = null; byte[] encryptedMessage = new byte[messageLength]; Array.Copy(encryptedBytes, 0, encryptedMessage, 0, messageLength); int securityTrailerLength = encryptedBytes.Length - messageLength; byte[] securityTrailer = new byte[securityTrailerLength]; Array.Copy(encryptedBytes, messageLength, securityTrailer, 0, securityTrailerLength); var buffers = new SecurityBuffer[] { new SecurityBuffer(encryptedBytes, SecurityBufferType.Data), new SecurityBuffer(securityTrailer, SecurityBufferType.Stream) }; var descriptor = new SecurityBufferDescriptor(buffers); bool contextAddRefSuccess = false; #if NET45 RuntimeHelpers.PrepareConstrainedRegions(); #endif try { DangerousAddRef(ref contextAddRefSuccess); } catch (Exception ex) { if (contextAddRefSuccess) { DangerousRelease(); contextAddRefSuccess = false; } if (!(ex is ObjectDisposedException)) { throw; } } finally { try { uint quality; var result = NativeMethods.DecryptMessage( ref _sspiHandle, ref descriptor, 0, out quality); if (result != NativeMethods.SEC_E_OK) { throw NativeMethods.CreateException(result, "Unable to decrypt message."); } decryptedBytes = descriptor.ToByteArray(); } finally { descriptor.Free(); } } }
public void Initialize(string servicePrincipalName, byte[] inBytes, out byte[] outBytes) { outBytes = null; var outputBuffer = new SecurityBufferDescriptor(__maxTokenSize); bool credentialAddRefSuccess = false; bool contextAddRefSuccess = false; #if NET45 RuntimeHelpers.PrepareConstrainedRegions(); #endif try { _credential.DangerousAddRef(ref credentialAddRefSuccess); DangerousAddRef(ref contextAddRefSuccess); } catch (Exception ex) { if (credentialAddRefSuccess) { _credential.DangerousRelease(); credentialAddRefSuccess = false; } if (contextAddRefSuccess) { DangerousRelease(); contextAddRefSuccess = false; } if (!(ex is ObjectDisposedException)) { throw; } } finally { try { var flags = SspiContextFlags.MutualAuth; uint result; long timestamp; var credentialHandle = _credential._sspiHandle; if (inBytes == null || inBytes.Length == 0) { result = NativeMethods.InitializeSecurityContext( ref credentialHandle, IntPtr.Zero, servicePrincipalName, flags, 0, DataRepresentation.Network, IntPtr.Zero, 0, ref _sspiHandle, ref outputBuffer, out flags, out timestamp); } else { var serverToken = new SecurityBufferDescriptor(inBytes); try { result = NativeMethods.InitializeSecurityContext( ref credentialHandle, ref _sspiHandle, servicePrincipalName, flags, 0, DataRepresentation.Network, ref serverToken, 0, ref _sspiHandle, ref outputBuffer, out flags, out timestamp); } finally { serverToken.Free(); } } _credential.DangerousRelease(); DangerousRelease(); if (result != NativeMethods.SEC_E_OK && result != NativeMethods.SEC_I_CONTINUE_NEEDED) { throw NativeMethods.CreateException(result, "Unable to initialize security context."); } outBytes = outputBuffer.ToByteArray(); _isInitialized = result == NativeMethods.SEC_E_OK; } finally { outputBuffer.Free(); } } }
public void EncryptMessage(byte[] inBytes, out byte[] outBytes) { outBytes = null; bool contextAddRefSuccess = false; SecurityPackageContextSizes sizes; #if NET45 RuntimeHelpers.PrepareConstrainedRegions(); #endif try { DangerousAddRef(ref contextAddRefSuccess); } catch (Exception ex) { if (contextAddRefSuccess) { DangerousRelease(); contextAddRefSuccess = false; } if (!(ex is ObjectDisposedException)) { throw; } } finally { uint result = NativeMethods.QueryContextAttributes( ref _sspiHandle, QueryContextAttributes.Sizes, out sizes); DangerousRelease(); if (result != NativeMethods.SEC_E_OK) { throw NativeMethods.CreateException(result, "Unable to get the query context attribute sizes."); } } var buffers = new SecurityBuffer[] { new SecurityBuffer(new byte[sizes.SecurityTrailer], SecurityBufferType.Token), new SecurityBuffer(inBytes, SecurityBufferType.Data), new SecurityBuffer(new byte[sizes.BlockSize], SecurityBufferType.Padding) }; var descriptor = new SecurityBufferDescriptor(buffers); #if NET45 RuntimeHelpers.PrepareConstrainedRegions(); #endif try { DangerousAddRef(ref contextAddRefSuccess); } catch (Exception ex) { if (contextAddRefSuccess) { DangerousRelease(); contextAddRefSuccess = false; } if (!(ex is ObjectDisposedException)) { throw; } } finally { try { uint result = NativeMethods.EncryptMessage( ref _sspiHandle, EncryptQualityOfProtection.WrapNoEncrypt, ref descriptor, 0); DangerousRelease(); if (result != NativeMethods.SEC_E_OK) { throw NativeMethods.CreateException(result, "Unable to encrypt message."); } outBytes = descriptor.ToByteArray(); } finally { descriptor.Free(); } } }
public static extern uint EncryptMessage(ref SspiHandle context, EncryptQualityOfProtection quality, ref SecurityBufferDescriptor pMessage, uint sequenceNumber);
// public methods public void DecryptMessage(int messageLength, byte[] encryptedBytes, out byte[] decryptedBytes) { decryptedBytes = null; byte[] encryptedMessage = new byte[messageLength]; Array.Copy(encryptedBytes, 0, encryptedMessage, 0, messageLength); int securityTrailerLength = encryptedBytes.Length - messageLength; byte[] securityTrailer = new byte[securityTrailerLength]; Array.Copy(encryptedBytes, messageLength, securityTrailer, 0, securityTrailerLength); var buffers = new SecurityBuffer[] { new SecurityBuffer(encryptedBytes, SecurityBufferType.Data), new SecurityBuffer(securityTrailer, SecurityBufferType.Stream) }; var descriptor = new SecurityBufferDescriptor(buffers); bool contextAddRefSuccess = false; RuntimeHelpers.PrepareConstrainedRegions(); try { DangerousAddRef(ref contextAddRefSuccess); } catch (Exception ex) { if (contextAddRefSuccess) { DangerousRelease(); contextAddRefSuccess = false; } if (!(ex is ObjectDisposedException)) { throw; } } finally { try { uint quality; var result = NativeMethods.DecryptMessage( ref _sspiHandle, ref descriptor, 0, out quality); if (result != NativeMethods.SEC_E_OK) { throw NativeMethods.CreateException(result, "Unable to decrypt message."); } decryptedBytes = descriptor.ToByteArray(); } finally { descriptor.Free(); } } }
public static extern uint DecryptMessage(ref SspiHandle context, ref SecurityBufferDescriptor pMessage, uint sequenceNumber, out uint quality);
public void Initialize(string servicePrincipalName, byte[] inBytes, out byte[] outBytes) { outBytes = null; var outputBuffer = new SecurityBufferDescriptor(__maxTokenSize); bool credentialAddRefSuccess = false; bool contextAddRefSuccess = false; RuntimeHelpers.PrepareConstrainedRegions(); try { _credential.DangerousAddRef(ref credentialAddRefSuccess); DangerousAddRef(ref contextAddRefSuccess); } catch (Exception ex) { if (credentialAddRefSuccess) { _credential.DangerousRelease(); credentialAddRefSuccess = false; } if (contextAddRefSuccess) { DangerousRelease(); contextAddRefSuccess = false; } if (!(ex is ObjectDisposedException)) { throw; } } finally { try { var flags = SspiContextFlags.MutualAuth; uint result; long timestamp; var credentialHandle = _credential._sspiHandle; if (inBytes == null || inBytes.Length == 0) { result = NativeMethods.InitializeSecurityContext( ref credentialHandle, IntPtr.Zero, servicePrincipalName, flags, 0, DataRepresentation.Network, IntPtr.Zero, 0, ref _sspiHandle, ref outputBuffer, out flags, out timestamp); } else { var serverToken = new SecurityBufferDescriptor(inBytes); try { result = NativeMethods.InitializeSecurityContext( ref credentialHandle, ref _sspiHandle, servicePrincipalName, flags, 0, DataRepresentation.Network, ref serverToken, 0, ref _sspiHandle, ref outputBuffer, out flags, out timestamp); } finally { serverToken.Free(); } } _credential.DangerousRelease(); DangerousRelease(); if (result != NativeMethods.SEC_E_OK && result != NativeMethods.SEC_I_CONTINUE_NEEDED) { throw NativeMethods.CreateException(result, "Unable to initialize security context."); } outBytes = outputBuffer.ToByteArray(); _isInitialized = result == NativeMethods.SEC_E_OK; } finally { outputBuffer.Free(); } } }
public void EncryptMessage(byte[] inBytes, out byte[] outBytes) { outBytes = null; bool contextAddRefSuccess = false; SecurityPackageContextSizes sizes; RuntimeHelpers.PrepareConstrainedRegions(); try { DangerousAddRef(ref contextAddRefSuccess); } catch (Exception ex) { if (contextAddRefSuccess) { DangerousRelease(); contextAddRefSuccess = false; } if (!(ex is ObjectDisposedException)) { throw; } } finally { uint result = NativeMethods.QueryContextAttributes( ref _sspiHandle, QueryContextAttributes.Sizes, out sizes); DangerousRelease(); if (result != NativeMethods.SEC_E_OK) { throw NativeMethods.CreateException(result, "Unable to get the query context attribute sizes."); } } var buffers = new SecurityBuffer[] { new SecurityBuffer(new byte[sizes.SecurityTrailer], SecurityBufferType.Token), new SecurityBuffer(inBytes, SecurityBufferType.Data), new SecurityBuffer(new byte[sizes.BlockSize], SecurityBufferType.Padding) }; var descriptor = new SecurityBufferDescriptor(buffers); RuntimeHelpers.PrepareConstrainedRegions(); try { DangerousAddRef(ref contextAddRefSuccess); } catch (Exception ex) { if (contextAddRefSuccess) { DangerousRelease(); contextAddRefSuccess = false; } if (!(ex is ObjectDisposedException)) { throw; } } finally { try { uint result = NativeMethods.EncryptMessage( ref _sspiHandle, EncryptQualityOfProtection.WrapNoEncrypt, ref descriptor, 0); DangerousRelease(); if (result != NativeMethods.SEC_E_OK) { throw NativeMethods.CreateException(result, "Unable to encrypt message."); } outBytes = descriptor.ToByteArray(); } finally { descriptor.Free(); } } }