public static extern uint InitializeSecurityContext(
ref SspiHandle credentialHandle,
ref SspiHandle inContextHandle,
string targetName,
SspiContextFlags flags,
int reserved1,
DataRepresentation dataRepresentation,
ref SecurityBufferDescriptor inputBuffer,
int reserved2,
ref SspiHandle outContext,
ref SecurityBufferDescriptor outputBuffer,
out SspiContextFlags outAttributes,
out long timestamp);
/// <summary>
/// Initializes the specified service principal name.
/// </summary>
/// <param name="servicePrincipalName">Name of the service principal.</param>
/// <param name="inBytes">The in bytes.</param>
/// <param name="outBytes">The out bytes.</param>
public void Initialize(string servicePrincipalName, byte[] inBytes, out byte[] outBytes)
{
outBytes = null;
var outputBuffer = new SecurityBufferDescriptor(__maxTokenSize);
bool credentialAddRefSuccess = false;
bool contextAddRefSuccess = false;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
_credential.DangerousAddRef(ref credentialAddRefSuccess);
DangerousAddRef(ref contextAddRefSuccess);
}
catch (Exception ex)
{
if (credentialAddRefSuccess)
{
_credential.DangerousRelease();
credentialAddRefSuccess = false;
}
if (contextAddRefSuccess)
{
DangerousRelease();
contextAddRefSuccess = false;
}
if (!(ex is ObjectDisposedException))
{
throw;
}
}
finally
{
try
{
var flags = SspiContextFlags.MutualAuth;
uint result;
long timestamp;
var credentialHandle = _credential._sspiHandle;
if (inBytes == null || inBytes.Length == 0)
{
result = Win32.InitializeSecurityContext(
ref credentialHandle,
IntPtr.Zero,
servicePrincipalName,
flags,
0,
DataRepresentation.Network,
IntPtr.Zero,
0,
ref _sspiHandle,
ref outputBuffer,
out flags,
out timestamp);
}
else
{
var serverToken = new SecurityBufferDescriptor(inBytes);
try
{
result = Win32.InitializeSecurityContext(
ref credentialHandle,
ref _sspiHandle,
servicePrincipalName,
flags,
0,
DataRepresentation.Network,
ref serverToken,
0,
ref _sspiHandle,
ref outputBuffer,
out flags,
out timestamp);
}
finally
{
serverToken.Dispose();
}
}
_credential.DangerousRelease();
DangerousRelease();
if (result != Win32.SEC_E_OK && result != Win32.SEC_I_CONTINUE_NEEDED)
{
throw Win32.CreateException(result, "Unable to initialize security context.");
}
outBytes = outputBuffer.ToByteArray();
_isInitialized = result == Win32.SEC_E_OK;
}
finally
{
outputBuffer.Dispose();
}
}
}
/// <summary>
/// Encrypts the message.
/// </summary>
/// <param name="inBytes">The in bytes.</param>
/// <param name="outBytes">The out bytes.</param>
/// <returns>A result code.</returns>
public void EncryptMessage(byte[] inBytes, out byte[] outBytes)
{
outBytes = null;
bool contextAddRefSuccess = false;
SecurityPackageContextSizes sizes;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
DangerousAddRef(ref contextAddRefSuccess);
}
catch (Exception ex)
{
if (contextAddRefSuccess)
{
DangerousRelease();
contextAddRefSuccess = false;
}
if (!(ex is ObjectDisposedException))
{
throw;
}
}
finally
{
uint result = Win32.QueryContextAttributes(
ref _sspiHandle,
QueryContextAttributes.Sizes,
out sizes);
DangerousRelease();
if (result != Win32.SEC_E_OK)
{
throw Win32.CreateException(result, "Unable to get the query context attribute sizes.");
}
}
var buffers = new SecurityBuffer[]
{
new SecurityBuffer(new byte[sizes.SecurityTrailer], SecurityBufferType.Token),
new SecurityBuffer(inBytes, SecurityBufferType.Data),
new SecurityBuffer(new byte[sizes.BlockSize], SecurityBufferType.Padding)
};
var descriptor = new SecurityBufferDescriptor(buffers);
RuntimeHelpers.PrepareConstrainedRegions();
try
{
DangerousAddRef(ref contextAddRefSuccess);
}
catch (Exception ex)
{
if (contextAddRefSuccess)
{
DangerousRelease();
contextAddRefSuccess = false;
}
if (!(ex is ObjectDisposedException))
{
throw;
}
}
finally
{
try
{
uint result = Win32.EncryptMessage(
ref _sspiHandle,
EncryptQualityOfProtection.WrapNoEncrypt,
ref descriptor,
0);
DangerousRelease();
if (result != Win32.SEC_E_OK)
{
throw Win32.CreateException(result, "Unable to encrypt message.");
}
outBytes = descriptor.ToByteArray();
}
finally
{
descriptor.Dispose();
}
}
}
// public methods
/// <summary>
/// Decrypts the message.
/// </summary>
/// <param name="messageLength">Length of the message.</param>
/// <param name="encryptedBytes">The encrypted bytes.</param>
/// <param name="decryptedBytes">The decrypted bytes.</param>
/// <returns>A result code.</returns>
public void DecryptMessage(int messageLength, byte[] encryptedBytes, out byte[] decryptedBytes)
{
decryptedBytes = null;
byte[] encryptedMessage = new byte[messageLength];
Array.Copy(encryptedBytes, 0, encryptedMessage, 0, messageLength);
int securityTrailerLength = encryptedBytes.Length - messageLength;
byte[] securityTrailer = new byte[securityTrailerLength];
Array.Copy(encryptedBytes, messageLength, securityTrailer, 0, securityTrailerLength);
var buffers = new SecurityBuffer[]
{
new SecurityBuffer(encryptedBytes, SecurityBufferType.Data),
new SecurityBuffer(securityTrailer, SecurityBufferType.Stream)
};
var descriptor = new SecurityBufferDescriptor(buffers);
bool contextAddRefSuccess = false;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
DangerousAddRef(ref contextAddRefSuccess);
}
catch (Exception ex)
{
if (contextAddRefSuccess)
{
DangerousRelease();
contextAddRefSuccess = false;
}
if (!(ex is ObjectDisposedException))
{
throw;
}
}
finally
{
try
{
uint quality;
var result = Win32.DecryptMessage(
ref _sspiHandle,
ref descriptor,
0,
out quality);
if (result != Win32.SEC_E_OK)
{
throw Win32.CreateException(result, "Unable to decrypt message.");
}
decryptedBytes = descriptor.ToByteArray();
}
finally
{
descriptor.Dispose();
}
}
}
public void Initialize(string servicePrincipalName, byte[] inBytes, out byte[] outBytes)
{
outBytes = null;
var outputBuffer = new SecurityBufferDescriptor(__maxTokenSize);
bool credentialAddRefSuccess = false;
bool contextAddRefSuccess = false;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
_credential.DangerousAddRef(ref credentialAddRefSuccess);
DangerousAddRef(ref contextAddRefSuccess);
}
catch (Exception ex)
{
if (credentialAddRefSuccess)
{
_credential.DangerousRelease();
credentialAddRefSuccess = false;
}
if (contextAddRefSuccess)
{
DangerousRelease();
contextAddRefSuccess = false;
}
if (!(ex is ObjectDisposedException))
{
throw;
}
}
finally
{
try
{
var flags = SspiContextFlags.MutualAuth;
uint result;
long timestamp;
var credentialHandle = _credential._sspiHandle;
if (inBytes == null || inBytes.Length == 0)
{
result = Win32.InitializeSecurityContext(
ref credentialHandle,
IntPtr.Zero,
servicePrincipalName,
flags,
0,
DataRepresentation.Network,
IntPtr.Zero,
0,
ref _sspiHandle,
ref outputBuffer,
out flags,
out timestamp);
}
else
{
var serverToken = new SecurityBufferDescriptor(inBytes);
try
{
result = Win32.InitializeSecurityContext(
ref credentialHandle,
ref _sspiHandle,
servicePrincipalName,
flags,
0,
DataRepresentation.Network,
ref serverToken,
0,
ref _sspiHandle,
ref outputBuffer,
out flags,
out timestamp);
}
finally
{
serverToken.Dispose();
}
}
_credential.DangerousRelease();
DangerousRelease();
if (result != Win32.SEC_E_OK && result != Win32.SEC_I_CONTINUE_NEEDED)
{
throw Win32.CreateException(result, "Unable to initialize security context.");
}
outBytes = outputBuffer.ToByteArray();
_isInitialized = result == Win32.SEC_E_OK;
}
finally
{
outputBuffer.Dispose();
}
}
}
public void EncryptMessage(byte[] inBytes, out byte[] outBytes)
{
outBytes = null;
bool contextAddRefSuccess = false;
SecurityPackageContextSizes sizes;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
DangerousAddRef(ref contextAddRefSuccess);
}
catch (Exception ex)
{
if (contextAddRefSuccess)
{
DangerousRelease();
contextAddRefSuccess = false;
}
if (!(ex is ObjectDisposedException))
{
throw;
}
}
finally
{
uint result = Win32.QueryContextAttributes(
ref _sspiHandle,
QueryContextAttributes.Sizes,
out sizes);
DangerousRelease();
if (result != Win32.SEC_E_OK)
{
throw Win32.CreateException(result, "Unable to get the query context attribute sizes.");
}
}
var buffers = new SecurityBuffer[]
{
new SecurityBuffer(new byte[sizes.SecurityTrailer], SecurityBufferType.Token),
new SecurityBuffer(inBytes, SecurityBufferType.Data),
new SecurityBuffer(new byte[sizes.BlockSize], SecurityBufferType.Padding)
};
var descriptor = new SecurityBufferDescriptor(buffers);
RuntimeHelpers.PrepareConstrainedRegions();
try
{
DangerousAddRef(ref contextAddRefSuccess);
}
catch (Exception ex)
{
if (contextAddRefSuccess)
{
DangerousRelease();
contextAddRefSuccess = false;
}
if (!(ex is ObjectDisposedException))
{
throw;
}
}
finally
{
try
{
uint result = Win32.EncryptMessage(
ref _sspiHandle,
EncryptQualityOfProtection.WrapNoEncrypt,
ref descriptor,
0);
DangerousRelease();
if (result != Win32.SEC_E_OK)
{
throw Win32.CreateException(result, "Unable to encrypt message.");
}
outBytes = descriptor.ToByteArray();
}
finally
{
descriptor.Dispose();
}
}
}
public void DecryptMessage(int messageLength, byte[] encryptedBytes, out byte[] decryptedBytes)
{
decryptedBytes = null;
byte[] encryptedMessage = new byte[messageLength];
Array.Copy(encryptedBytes, 0, encryptedMessage, 0, messageLength);
int securityTrailerLength = encryptedBytes.Length - messageLength;
byte[] securityTrailer = new byte[securityTrailerLength];
Array.Copy(encryptedBytes, messageLength, securityTrailer, 0, securityTrailerLength);
var buffers = new SecurityBuffer[]
{
new SecurityBuffer(encryptedBytes, SecurityBufferType.Data),
new SecurityBuffer(securityTrailer, SecurityBufferType.Stream)
};
var descriptor = new SecurityBufferDescriptor(buffers);
bool contextAddRefSuccess = false;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
DangerousAddRef(ref contextAddRefSuccess);
}
catch (Exception ex)
{
if (contextAddRefSuccess)
{
DangerousRelease();
contextAddRefSuccess = false;
}
if (!(ex is ObjectDisposedException))
{
throw;
}
}
finally
{
try
{
uint quality;
var result = Win32.DecryptMessage(
ref _sspiHandle,
ref descriptor,
0,
out quality);
if (result != Win32.SEC_E_OK)
{
throw Win32.CreateException(result, "Unable to decrypt message.");
}
decryptedBytes = descriptor.ToByteArray();
}
finally
{
descriptor.Dispose();
}
}
}
public static extern uint EncryptMessage(ref SspiHandle context,
EncryptQualityOfProtection quality,
ref SecurityBufferDescriptor pMessage,
uint sequenceNumber);
public static extern uint DecryptMessage(ref SspiHandle context,
ref SecurityBufferDescriptor pMessage,
uint sequenceNumber,
out uint quality);
public static extern uint InitializeSecurityContext(
ref SspiHandle credentialHandle,
ref SspiHandle inContextHandle,
string targetName,
SspiContextFlags flags,
int reserved1,
DataRepresentation dataRepresentation,
ref SecurityBufferDescriptor inputBuffer,
int reserved2,
ref SspiHandle outContext,
ref SecurityBufferDescriptor outputBuffer,
out SspiContextFlags outAttributes,
out long timestamp);
public static extern uint EncryptMessage(ref SspiHandle context,
EncryptQualityOfProtection quality,
ref SecurityBufferDescriptor pMessage,
uint sequenceNumber);
public static extern uint DecryptMessage(ref SspiHandle context,
ref SecurityBufferDescriptor pMessage,
uint sequenceNumber,
out uint quality);
