private void Dispose(bool disposing) { lock (this.syncObject) { if (!this.disposed) { if (disposing) { this.CloseContext(); } this.protocolName = null; this.servicePrincipalName = null; this.sizes = null; this.disposed = true; } } }
private void Dispose(bool disposing) { lock (this.syncObject) { if (this.disposed == false) { if (disposing) { this.CloseContext(); } // set to null any references that aren't finalizable this.protocolName = null; this.servicePrincipalName = null; this.sizes = null; this.disposed = true; } } }
internal static int Encrypt( SafeDeleteContext securityContext, byte[] buffer, int offset, int count, bool isConfidential, bool isNtlm, ref byte[] output, uint sequenceNumber) { SecSizes sizes = SSPIWrapper.QueryContextAttributes( GlobalSSPI.SSPIAuth, securityContext, Interop.SspiCli.ContextAttribute.Sizes ) as SecSizes; try { int maxCount = checked (Int32.MaxValue - 4 - sizes.BlockSize - sizes.SecurityTrailer); if (count > maxCount || count < 0) { throw new ArgumentOutOfRangeException(nameof(count), SR.Format(SR.net_io_out_range, maxCount)); } } catch (Exception e) { if (!ExceptionCheck.IsFatal(e)) { if (GlobalLog.IsEnabled) { GlobalLog.Assert("NTAuthentication#" + LoggingHash.HashString(securityContext) + "::Encrypt", "Arguments out of range."); } Debug.Fail("NTAuthentication#" + LoggingHash.HashString(securityContext) + "::Encrypt", "Arguments out of range."); } throw; } int resultSize = count + sizes.SecurityTrailer + sizes.BlockSize; if (output == null || output.Length < resultSize + 4) { output = new byte[resultSize + 4]; } // Make a copy of user data for in-place encryption. Buffer.BlockCopy(buffer, offset, output, 4 + sizes.SecurityTrailer, count); // Prepare buffers TOKEN(signature), DATA and Padding. var securityBuffer = new SecurityBuffer[3]; securityBuffer[0] = new SecurityBuffer(output, 4, sizes.SecurityTrailer, SecurityBufferType.Token); securityBuffer[1] = new SecurityBuffer(output, 4 + sizes.SecurityTrailer, count, SecurityBufferType.Data); securityBuffer[2] = new SecurityBuffer(output, 4 + sizes.SecurityTrailer + count, sizes.BlockSize, SecurityBufferType.Padding); int errorCode; if (isConfidential) { errorCode = SSPIWrapper.EncryptMessage(GlobalSSPI.SSPIAuth, securityContext, securityBuffer, sequenceNumber); } else { if (isNtlm) { securityBuffer[1].type |= SecurityBufferType.ReadOnlyFlag; } errorCode = SSPIWrapper.MakeSignature(GlobalSSPI.SSPIAuth, securityContext, securityBuffer, 0); } if (errorCode != 0) { if (GlobalLog.IsEnabled) { GlobalLog.Print("NTAuthentication#" + LoggingHash.HashString(securityContext) + "::Encrypt() throw Error = " + errorCode.ToString("x", NumberFormatInfo.InvariantInfo)); } throw new Win32Exception(errorCode); } // Compacting the result. resultSize = securityBuffer[0].size; bool forceCopy = false; if (resultSize != sizes.SecurityTrailer) { forceCopy = true; Buffer.BlockCopy(output, securityBuffer[1].offset, output, 4 + resultSize, securityBuffer[1].size); } resultSize += securityBuffer[1].size; if (securityBuffer[2].size != 0 && (forceCopy || resultSize != (count + sizes.SecurityTrailer))) { Buffer.BlockCopy(output, securityBuffer[2].offset, output, 4 + resultSize, securityBuffer[2].size); } resultSize += securityBuffer[2].size; unchecked { // TODO (Issue #6063): Should be offset by offset output[0] = (byte)((resultSize) & 0xFF); output[1] = (byte)(((resultSize) >> 8) & 0xFF); output[2] = (byte)(((resultSize) >> 16) & 0xFF); output[3] = (byte)(((resultSize) >> 24) & 0xFF); } return(resultSize + 4); }
public static unsafe object QueryContextAttributes( SafeDeleteContext securityContext, ContextAttribute contextAttribute) { int nativeBlockSize = IntPtr.Size; Type handleType = null; switch (contextAttribute) { case ContextAttribute.Flags: break; case ContextAttribute.Sizes: nativeBlockSize = SecSizes.SizeOf; break; case ContextAttribute.StreamSizes: nativeBlockSize = StreamSizes.SizeOf; break; case ContextAttribute.Names: handleType = typeof(SafeFreeContextBuffer); break; case ContextAttribute.PackageInfo: handleType = typeof(SafeFreeContextBuffer); break; case ContextAttribute.NegotiationInfo: handleType = typeof(SafeFreeContextBuffer); nativeBlockSize = Marshal.SizeOf(typeof(NegotiationInfo)); break; case ContextAttribute.RemoteCertificate: handleType = typeof(SafeFreeCertContext); break; case ContextAttribute.LocalCertificate: handleType = typeof(SafeFreeCertContext); break; case ContextAttribute.ConnectionInfo: nativeBlockSize = Marshal.SizeOf(typeof(SslConnectionInfo)); break; case ContextAttribute.Lifespan: nativeBlockSize = LifeSpan_Struct.Size; break; case ContextAttribute.SessionKey: handleType = typeof(SafeFreeContextBuffer); nativeBlockSize = SecPkgContext_SessionKey.Size; break; default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidEnumArgumentException("contextAttribute", (int)contextAttribute, typeof(ContextAttribute))); } SafeHandle sspiHandle = null; object attribute = null; try { byte[] nativeBuffer = new byte[nativeBlockSize]; int errorCode = QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out sspiHandle); if (errorCode != 0) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(errorCode)); } switch (contextAttribute) { case ContextAttribute.Flags: fixed (byte* pnativeBuffer = nativeBuffer) { attribute = (object)Marshal.ReadInt32(new IntPtr(pnativeBuffer)); } break; case ContextAttribute.Sizes: attribute = new SecSizes(nativeBuffer); break; case ContextAttribute.StreamSizes: attribute = new StreamSizes(nativeBuffer); break; case ContextAttribute.Names: attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle()); break; case ContextAttribute.PackageInfo: attribute = new SecurityPackageInfoClass(sspiHandle, 0); break; case ContextAttribute.NegotiationInfo: unsafe { fixed (void* ptr = nativeBuffer) { attribute = new NegotiationInfoClass(sspiHandle, Marshal.ReadInt32(new IntPtr(ptr), NegotiationInfo.NegotiationStateOffset)); } } break; case ContextAttribute.LocalCertificate: goto case ContextAttribute.RemoteCertificate; case ContextAttribute.RemoteCertificate: attribute = sspiHandle; sspiHandle = null; break; case ContextAttribute.ConnectionInfo: attribute = new SslConnectionInfo(nativeBuffer); break; case ContextAttribute.Lifespan: attribute = new LifeSpan(nativeBuffer); break; case ContextAttribute.SessionKey: unsafe { fixed (void* ptr = nativeBuffer) { attribute = new SecuritySessionKeyClass(sspiHandle, Marshal.ReadInt32(new IntPtr(ptr))); } } break; default: // will return null break; } } finally { if (sspiHandle != null) { sspiHandle.Close(); } } return attribute; }