예제 #1
0
 public static extern uint AcquireCredentialsHandle(
     string principal,
     string package,
     SecurityCredentialUse credentialUsage,
     IntPtr logonId,
     AuthIdentity identity,
     int keyCallback,
     IntPtr keyArgument,
     ref SspiHandle credentialHandle,
     out long timestamp);
        // public methods
        public static SecurityCredential Acquire(SspiPackage package, string username, SecureString password)
        {
            long timestamp;

            var credential = new SecurityCredential();

#if NET452
            RuntimeHelpers.PrepareConstrainedRegions();
#endif
            try { }
            finally
            {
                uint result;
                if (password == null)
                {
                    result = NativeMethods.AcquireCredentialsHandle(
                        null,
                        package.ToString(),
                        SecurityCredentialUse.Outbound,
                        IntPtr.Zero,
                        IntPtr.Zero,
                        0,
                        IntPtr.Zero,
                        ref credential._sspiHandle,
                        out timestamp);
                }
                else
                {
                    using (var authIdentity = new AuthIdentity(username, password))
                    {
                        // TODO: make this secure by using SecurePassword
                        result = NativeMethods.AcquireCredentialsHandle(
                            null,
                            package.ToString(),
                            SecurityCredentialUse.Outbound,
                            IntPtr.Zero,
                            authIdentity,
                            0,
                            IntPtr.Zero,
                            ref credential._sspiHandle,
                            out timestamp);
                    }
                }
                if (result != NativeMethods.SEC_E_OK)
                {
                    credential.SetHandleAsInvalid();
                    throw NativeMethods.CreateException(result, "Unable to acquire credential.");
                }
            }
            return(credential);
        }
        // public methods
        public static SecurityCredential Acquire(SspiPackage package, string username, SecureString password)
        {
            long timestamp;

            var credential = new SecurityCredential();
#if NET45
            RuntimeHelpers.PrepareConstrainedRegions();
#endif
            try { }
            finally
            {
                uint result;
                if (password == null)
                {
                    result = NativeMethods.AcquireCredentialsHandle(
                        null,
                        package.ToString(),
                        SecurityCredentialUse.Outbound,
                        IntPtr.Zero,
                        IntPtr.Zero,
                        0,
                        IntPtr.Zero,
                        ref credential._sspiHandle,
                        out timestamp);
                }
                else
                {
                    using(var authIdentity = new AuthIdentity(username, password))
                    {
                        // TODO: make this secure by using SecurePassword
                        result = NativeMethods.AcquireCredentialsHandle(
                            null,
                            package.ToString(),
                            SecurityCredentialUse.Outbound,
                            IntPtr.Zero,
                            authIdentity,
                            0,
                            IntPtr.Zero,
                            ref credential._sspiHandle,
                            out timestamp);
                    }
                }
                if (result != NativeMethods.SEC_E_OK)
                {
                    credential.SetHandleAsInvalid();
                    throw NativeMethods.CreateException(result, "Unable to acquire credential.");
                }
            }
            return credential;
        }