예제 #1
0
 static extern uint InitializeSecurityContext(
     ref SECURITY_HANDLE phCredential, //PCredHandle
     ref SECURITY_HANDLE phContext,    //PCtxtHandle
     string pszTargetName,
     int fContextReq,
     int Reserved1,
     int TargetDataRep,
     ref SecBufferDesc SecBufferDesc,  //PSecBufferDesc SecBufferDesc
     int Reserved2,
     out SECURITY_HANDLE phNewContext, //PCtxtHandle
     out SecBufferDesc pOutput,        //PSecBufferDesc SecBufferDesc
     out uint pfContextAttr,           //managed ulong == 64 bits!!!
     out SECURITY_INTEGER ptsExpiry);  //PTimeStamp
예제 #2
0
        private void InitializeClient(byte[] serverToken, out byte[] clientToken)
        {
            clientToken = null;

            SECURITY_INTEGER ClientLifeTime = new SECURITY_INTEGER(0);

            if (!_bGotClientCredentials)
            {
                uint returnValue;

                if (!UseWindowsCreds)
                {
                    SEC_WINNT_AUTH_IDENTITY ident = new SEC_WINNT_AUTH_IDENTITY();
                    ident.User           = Username;
                    ident.UserLength     = ident.User.Length;
                    ident.Domain         = Domain;
                    ident.DomainLength   = ident.Domain.Length;
                    ident.Password       = Password;
                    ident.PasswordLength = ident.Password.Length;
                    ident.Flags          = 0x1;

                    returnValue = AcquireCredentialsHandle(null, "Kerberos", SECPKG_CRED_OUTBOUND,
                                                           IntPtr.Zero, ref ident, 0, IntPtr.Zero,
                                                           ref _hOutboundCred, ref ClientLifeTime);
                }
                else
                {
                    returnValue = AcquireCredentialsHandle(null, "Kerberos", SECPKG_CRED_OUTBOUND,
                                                           HANDLE.Zero, HANDLE.Zero, 0, HANDLE.Zero,
                                                           ref _hOutboundCred, ref ClientLifeTime);
                }

                if (returnValue != SEC_E_OK)
                {
                    throw new Exception("Couldn't acquire client credentials");
                }

                _bGotClientCredentials = true;
            }

            uint ss;

            SecBufferDesc ClientToken = new SecBufferDesc(MAX_TOKEN_SIZE);

            try
            {
                uint ContextAttributes;

                if (serverToken == null)
                {
                    ss = InitializeSecurityContext(ref _hOutboundCred,
                                                   IntPtr.Zero,
                                                   _sAccountName,         // null string pszTargetName,
                                                   STANDARD_CONTEXT_ATTRIBUTES,
                                                   0,                     //int Reserved1,
                                                   SECURITY_NETWORK_DREP, //int TargetDataRep
                                                   IntPtr.Zero,           //Always zero first time around...
                                                   0,                     //int Reserved2,
                                                   out _hClientContext,   //pHandle CtxtHandle = SecHandle
                                                   out ClientToken,       //ref SecBufferDesc pOutput, //PSecBufferDesc
                                                   out ContextAttributes, //ref int pfContextAttr,
                                                   out ClientLifeTime);   //ref IntPtr ptsExpiry ); //PTimeStamp
                }
                else
                {
                    SecBufferDesc ServerToken = new SecBufferDesc(serverToken);

                    try
                    {
                        ss = InitializeSecurityContext(ref _hOutboundCred,
                                                       ref _hClientContext,
                                                       _sAccountName,         // null string pszTargetName,
                                                       STANDARD_CONTEXT_ATTRIBUTES,
                                                       0,                     //int Reserved1,
                                                       SECURITY_NETWORK_DREP, //int TargetDataRep
                                                       ref ServerToken,       //Always zero first time around...
                                                       0,                     //int Reserved2,
                                                       out _hClientContext,   //pHandle CtxtHandle = SecHandle
                                                       out ClientToken,       //ref SecBufferDesc pOutput, //PSecBufferDesc
                                                       out ContextAttributes, //ref int pfContextAttr,
                                                       out ClientLifeTime);   //ref IntPtr ptsExpiry ); //PTimeStamp
                    }
                    finally
                    {
                        ServerToken.Dispose();
                    }
                }

                if (ss == SEC_E_LOGON_DENIED)
                {
                    throw new Exception("Bad username, password or domain.");
                }
                else if (ss != SEC_E_OK && ss != SEC_I_CONTINUE_NEEDED)
                {
                    throw new Exception("InitializeSecurityContext() failed!!!");
                }

                clientToken = ClientToken.GetSecBufferByteArray();
            }
            finally
            {
                ClientToken.Dispose();
            }

            InitializeKerberosStage = ss != SEC_E_OK;
        }
예제 #3
0
 static extern uint InitializeSecurityContext(
     ref SECURITY_HANDLE phCredential,//PCredHandle
     ref SECURITY_HANDLE phContext, //PCtxtHandle
     string pszTargetName,
     int fContextReq,
     int Reserved1,
     int TargetDataRep,
     ref SecBufferDesc SecBufferDesc, //PSecBufferDesc SecBufferDesc
     int Reserved2,
     out SECURITY_HANDLE phNewContext, //PCtxtHandle
     out SecBufferDesc pOutput, //PSecBufferDesc SecBufferDesc
     out uint pfContextAttr, //managed ulong == 64 bits!!!
     out SECURITY_INTEGER ptsExpiry);
예제 #4
0
        private void InitializeClient(byte[] serverToken, out byte[] clientToken)
        {
            clientToken = null;

            SECURITY_INTEGER ClientLifeTime = new SECURITY_INTEGER(0);

            if (!_bGotClientCredentials)
            {
                uint returnValue;

                if (!UseWindowsCreds)
                {
                    SEC_WINNT_AUTH_IDENTITY ident = new SEC_WINNT_AUTH_IDENTITY();
                    ident.User = Username;
                    ident.UserLength = ident.User.Length;
                    ident.Domain = Domain;
                    ident.DomainLength = ident.Domain.Length;
                    ident.Password = Password;
                    ident.PasswordLength = ident.Password.Length;
                    ident.Flags = 0x1;

                    returnValue = AcquireCredentialsHandle(null, "Kerberos", SECPKG_CRED_OUTBOUND,
                                                               IntPtr.Zero, ref ident, 0, IntPtr.Zero,
                                                               ref _hOutboundCred, ref ClientLifeTime);
                }
                else
                {
                    returnValue = AcquireCredentialsHandle(null, "Kerberos", SECPKG_CRED_OUTBOUND,
                                                           HANDLE.Zero, HANDLE.Zero, 0, HANDLE.Zero,
                                                           ref _hOutboundCred, ref ClientLifeTime);
                }

                if (returnValue != SEC_E_OK)
                {
                    throw new Exception("Couldn't acquire client credentials");
                }

                _bGotClientCredentials = true;
            }

            uint ss;

            SecBufferDesc ClientToken = new SecBufferDesc(MAX_TOKEN_SIZE);

            try
            {
                uint ContextAttributes;

                if (serverToken == null)
                {
                    ss = InitializeSecurityContext(ref _hOutboundCred,
                        IntPtr.Zero,
                        _sAccountName,// null string pszTargetName,
                        STANDARD_CONTEXT_ATTRIBUTES,
                        0,//int Reserved1,
                        SECURITY_NETWORK_DREP, //int TargetDataRep
                        IntPtr.Zero,    //Always zero first time around...
                        0, //int Reserved2,
                        out _hClientContext, //pHandle CtxtHandle = SecHandle
                        out ClientToken,//ref SecBufferDesc pOutput, //PSecBufferDesc
                        out ContextAttributes,//ref int pfContextAttr,
                        out ClientLifeTime); //ref IntPtr ptsExpiry ); //PTimeStamp

                }
                else
                {
                    SecBufferDesc ServerToken = new SecBufferDesc(serverToken);

                    try
                    {
                        ss = InitializeSecurityContext(ref _hOutboundCred,
                            ref _hClientContext,
                            _sAccountName,// null string pszTargetName,
                            STANDARD_CONTEXT_ATTRIBUTES,
                            0,//int Reserved1,
                            SECURITY_NETWORK_DREP,//int TargetDataRep
                            ref ServerToken,    //Always zero first time around...
                            0, //int Reserved2,
                            out _hClientContext, //pHandle CtxtHandle = SecHandle
                            out ClientToken,//ref SecBufferDesc pOutput, //PSecBufferDesc
                            out ContextAttributes,//ref int pfContextAttr,
                            out ClientLifeTime); //ref IntPtr ptsExpiry ); //PTimeStamp
                    }
                    finally
                    {
                        ServerToken.Dispose();
                    }
                }

                if (ss == SEC_E_LOGON_DENIED)
                {
                    throw new Exception("Bad username, password or domain.");
                }
                else if (ss != SEC_E_OK && ss != SEC_I_CONTINUE_NEEDED)
                {
                    throw new Exception("InitializeSecurityContext() failed!!!");
                }

                clientToken = ClientToken.GetSecBufferByteArray();
            }
            finally
            {
                ClientToken.Dispose();
            }

            InitializeKerberosStage = ss != SEC_E_OK;
        }
예제 #5
0
 static extern uint AcquireCredentialsHandle(
     string pszPrincipal, //SEC_CHAR*
     string pszPackage, //SEC_CHAR* //"Kerberos","NTLM","Negotiative"
     int fCredentialUse,
     IntPtr PAuthenticationID,//_LUID AuthenticationID,//pvLogonID, //PLUID
     IntPtr pAuthData,//PVOID
     int pGetKeyFn, //SEC_GET_KEY_FN
     IntPtr pvGetKeyArgument, //PVOID
     ref SECURITY_HANDLE phCredential, //SecHandle //PCtxtHandle ref
     ref SECURITY_INTEGER ptsExpiry);