private SecStatusCode CallInitialize(List <SecurityBuffer> input_buffers, List <SecurityBuffer> output_buffers, bool throw_on_error)
{
var token_buffer = new SecurityBufferAllocMem(SecurityBufferType.Token);
output_buffers.Insert(0, token_buffer);
if (ChannelBinding != null)
{
input_buffers.Add(new SecurityBufferChannelBinding(ChannelBinding));
}
string target_name = string.IsNullOrEmpty(Target) ? null : Target;
LargeInteger expiry = new LargeInteger();
SecHandle new_context = _context ?? new SecHandle();
SecStatusCode result = SecurityContextUtils.InitializeSecurityContext(_creds, _context, target_name,
RequestAttributes | InitializeContextReqFlags.AllocateMemory, DataRepresentation, input_buffers, new_context,
output_buffers, out InitializeContextRetFlags flags, expiry, throw_on_error);
if (!result.IsSuccess())
{
return(result);
}
_context = new_context;
Expiry = expiry.QuadPart;
ReturnAttributes = flags & ~InitializeContextRetFlags.AllocatedMemory;
Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, true, token_buffer.ToArray());
Done = !(result == SecStatusCode.SEC_I_CONTINUE_NEEDED || result == SecStatusCode.SEC_I_COMPLETE_AND_CONTINUE);
return(result);
}
private SecStatusCode CallAccept(List <SecurityBuffer> input_buffers, List <SecurityBuffer> output_buffers, bool throw_on_error)
{
var token_buffer = new SecurityBufferAllocMem(SecurityBufferType.Token);
output_buffers.Insert(0, token_buffer);
if (ChannelBinding != null)
{
input_buffers.Add(new SecurityBufferChannelBinding(ChannelBinding));
}
LargeInteger expiry = new LargeInteger();
SecHandle new_context = _context ?? new SecHandle();
SecStatusCode result = SecurityContextUtils.AcceptSecurityContext(_creds, _context,
RequestAttributes | AcceptContextReqFlags.AllocateMemory, DataRepresentation, input_buffers, new_context, output_buffers,
out AcceptContextRetFlags context_attr, expiry, throw_on_error);
if (!result.IsSuccess())
{
return(result);
}
_context = new_context;
ReturnAttributes = context_attr & ~AcceptContextRetFlags.AllocatedMemory;
Expiry = expiry.QuadPart;
Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, false, token_buffer.ToArray());
Done = !(result == SecStatusCode.SEC_I_CONTINUE_NEEDED || result == SecStatusCode.SEC_I_COMPLETE_AND_CONTINUE);
return(result);
}
private bool GenServerContext(AuthenticationToken token)
{
bool new_context = _new_context;
_new_context = false;
using (DisposableList list = new DisposableList())
{
SecBuffer out_sec_buffer = list.AddResource(new SecBuffer(SecBufferType.Token, 64 * 1024));
SecBufferDesc out_buffer_desc = list.AddResource(new SecBufferDesc(out_sec_buffer));
List <SecBuffer> buffers = new List <SecBuffer>();
buffers.Add(list.AddResource(new SecBuffer(SecBufferType.Token, token.ToArray())));
if (_channel_binding != null)
{
buffers.Add(list.AddResource(SecBuffer.CreateForChannelBinding(_channel_binding)));
}
SecBufferDesc in_buffer_desc = list.AddResource(new SecBufferDesc(buffers.ToArray()));
LargeInteger expiry = new LargeInteger();
SecStatusCode result = SecurityNativeMethods.AcceptSecurityContext(_creds.CredHandle, new_context ? null : _context,
in_buffer_desc, _req_flags, _data_rep, _context, out_buffer_desc, out AcceptContextRetFlags context_attr, expiry).CheckResult();
Flags = context_attr;
Expiry = expiry.QuadPart;
if (result == SecStatusCode.CompleteNeeded || result == SecStatusCode.CompleteAndContinue)
{
SecurityNativeMethods.CompleteAuthToken(_context, out_buffer_desc).CheckResult();
}
Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, false, out_buffer_desc.ToArray()[0].ToArray());
return(!(result == SecStatusCode.ContinueNeeded || result == SecStatusCode.CompleteAndContinue));
}
}
private bool GenClientContext(AuthenticationToken token)
{
using (DisposableList list = new DisposableList())
{
SecStatusCode result = 0;
SecBuffer out_sec_buffer = list.AddResource(new SecBuffer(SecBufferType.Token, 64 * 1024));
SecBufferDesc out_buffer_desc = list.AddResource(new SecBufferDesc(out_sec_buffer));
InitializeContextRetFlags flags;
LargeInteger expiry = new LargeInteger();
if (token != null)
{
List <SecBuffer> buffers = new List <SecBuffer>();
buffers.Add(list.AddResource(new SecBuffer(SecBufferType.Token, token.ToArray())));
if (_channel_binding != null)
{
buffers.Add(list.AddResource(SecBuffer.CreateForChannelBinding(_channel_binding)));
}
SecBufferDesc in_buffer_desc = list.AddResource(new SecBufferDesc(buffers.ToArray()));
result = SecurityNativeMethods.InitializeSecurityContext(_creds.CredHandle, _context, _target, _req_attributes, 0,
_data_rep, in_buffer_desc, 0, _context, out_buffer_desc, out flags, expiry).CheckResult();
Flags = flags;
}
else
{
SecBufferDesc in_buffer_desc = null;
List <SecBuffer> buffers = new List <SecBuffer>();
if (_channel_binding != null)
{
buffers.Add(list.AddResource(SecBuffer.CreateForChannelBinding(_channel_binding)));
in_buffer_desc = list.AddResource(new SecBufferDesc(buffers.ToArray()));
}
result = SecurityNativeMethods.InitializeSecurityContext(_creds.CredHandle, null, _target,
_req_attributes, 0, _data_rep, in_buffer_desc, 0, _context,
out_buffer_desc, out flags, expiry).CheckResult();
}
Expiry = expiry.QuadPart;
Flags = flags;
if (result == SecStatusCode.CompleteNeeded || result == SecStatusCode.CompleteAndContinue)
{
SecurityNativeMethods.CompleteAuthToken(_context, out_buffer_desc).CheckResult();
}
Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, true, out_buffer_desc.ToArray()[0].ToArray());
return(!(result == SecStatusCode.ContinueNeeded || result == SecStatusCode.CompleteAndContinue));
}
}
