static extern uint AcquireCredentialsHandle( string pszPrincipal, //SEC_CHAR* string pszPackage, //SEC_CHAR* //"Kerberos","NTLM","Negotiative" int fCredentialUse, IntPtr PAuthenticationID, //_LUID AuthenticationID,//pvLogonID, //PLUID IntPtr pAuthData, //PVOID IntPtr pGetKeyFn, //SEC_GET_KEY_FN IntPtr pvGetKeyArgument, //PVOID ref SECURITY_HANDLE phCredential, //SecHandle //PCtxtHandle ref ref SECURITY_INTEGER ptsExpiry); //PTimeStamp //TimeStamp ref
static extern uint InitializeSecurityContext( ref SECURITY_HANDLE phCredential, //PCredHandle ref SECURITY_HANDLE phContext, //PCtxtHandle string pszTargetName, int fContextReq, int Reserved1, int TargetDataRep, ref SecBufferDesc SecBufferDesc, //PSecBufferDesc SecBufferDesc int Reserved2, out SECURITY_HANDLE phNewContext, //PCtxtHandle out SecBufferDesc pOutput, //PSecBufferDesc SecBufferDesc out uint pfContextAttr, //managed ulong == 64 bits!!! out SECURITY_INTEGER ptsExpiry); //PTimeStamp
private void InitializeClient(byte[] serverToken, out byte[] clientToken) { clientToken = null; SECURITY_INTEGER ClientLifeTime = new SECURITY_INTEGER(0); if (!_bGotClientCredentials) { uint returnValue = AcquireCredentialsHandle(null, "Kerberos", SECPKG_CRED_OUTBOUND, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, ref _hOutboundCred, ref ClientLifeTime); if (returnValue != SEC_E_OK) { throw new Exception("Couldn't acquire client credentials"); } _bGotClientCredentials = true; } uint ss; SecBufferDesc ClientToken = new SecBufferDesc(MAX_TOKEN_SIZE); try { uint ContextAttributes; if (serverToken == null) { ss = InitializeSecurityContext(ref _hOutboundCred, IntPtr.Zero, _sRemotePrincipal, STANDARD_CONTEXT_ATTRIBUTES, 0, SECURITY_NETWORK_DREP, IntPtr.Zero, 0, out _hClientContext, out ClientToken, out ContextAttributes, out ClientLifeTime); } else { SecBufferDesc ServerToken = new SecBufferDesc(serverToken); try { ss = InitializeSecurityContext(ref _hOutboundCred, ref _hClientContext, _sRemotePrincipal, STANDARD_CONTEXT_ATTRIBUTES, 0, SECURITY_NETWORK_DREP, ref ServerToken, 0, out _hClientContext, out ClientToken, out ContextAttributes, out ClientLifeTime); } finally { ServerToken.Dispose(); } } if (ss == SEC_E_LOGON_DENIED) { throw new Exception("Bad username, password or domain."); } else if (ss != SEC_E_OK && ss != SEC_I_CONTINUE_NEEDED) { throw new Exception("InitializeSecurityContext() failed!!!"); } clientToken = ClientToken.GetSecBufferByteArray(); } finally { ClientToken.Dispose(); } InitializeKerberosStage = ss != SEC_E_OK; }
private void InitializeClient(byte[] serverToken, out byte[] clientToken) { clientToken = null; SECURITY_INTEGER ClientLifeTime = new SECURITY_INTEGER(0); if (!_bGotClientCredentials) { uint returnValue = AcquireCredentialsHandle(null, "Kerberos", SECPKG_CRED_OUTBOUND, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, ref _hOutboundCred, ref ClientLifeTime); if (returnValue != SEC_E_OK) { throw new Exception("Couldn't acquire client credentials"); } _bGotClientCredentials = true; } uint ss; SecBufferDesc ClientToken = new SecBufferDesc(MAX_TOKEN_SIZE); try { uint ContextAttributes; if (serverToken == null) { ss = InitializeSecurityContext(ref _hOutboundCred, IntPtr.Zero, _sRemotePrincipal, STANDARD_CONTEXT_ATTRIBUTES, 0, SECURITY_NETWORK_DREP, IntPtr.Zero, 0, out _hClientContext, out ClientToken, out ContextAttributes, out ClientLifeTime); } else { SecBufferDesc ServerToken = new SecBufferDesc(serverToken); try { ss = InitializeSecurityContext(ref _hOutboundCred, ref _hClientContext, _sRemotePrincipal, STANDARD_CONTEXT_ATTRIBUTES, 0, SECURITY_NETWORK_DREP, ref ServerToken, 0, out _hClientContext, out ClientToken, out ContextAttributes, out ClientLifeTime); } finally { ServerToken.Dispose(); } } if (ss == SEC_E_LOGON_DENIED) { throw new Exception("Bad username, password or domain."); } else if (ss != SEC_E_OK && ss != SEC_I_CONTINUE_NEEDED) { throw new Exception("InitializeSecurityContext() failed!!!"); } clientToken = ClientToken.GetSecBufferByteArray(); } finally { ClientToken.Dispose(); } InitializeKerberosStage = ss != SEC_E_OK; }
static extern uint InitializeSecurityContext( ref SECURITY_HANDLE phCredential,//PCredHandle ref SECURITY_HANDLE phContext, //PCtxtHandle string pszTargetName, int fContextReq, int Reserved1, int TargetDataRep, ref SecBufferDesc SecBufferDesc, //PSecBufferDesc SecBufferDesc int Reserved2, out SECURITY_HANDLE phNewContext, //PCtxtHandle out SecBufferDesc pOutput, //PSecBufferDesc SecBufferDesc out uint pfContextAttr, //managed ulong == 64 bits!!! out SECURITY_INTEGER ptsExpiry);
static extern uint AcquireCredentialsHandle( string pszPrincipal, //SEC_CHAR* string pszPackage, //SEC_CHAR* //"Kerberos","NTLM","Negotiative" int fCredentialUse, IntPtr PAuthenticationID,//_LUID AuthenticationID,//pvLogonID, //PLUID IntPtr pAuthData,//PVOID IntPtr pGetKeyFn, //SEC_GET_KEY_FN IntPtr pvGetKeyArgument, //PVOID ref SECURITY_HANDLE phCredential, //SecHandle //PCtxtHandle ref ref SECURITY_INTEGER ptsExpiry);