internal static SecStatusCode AcceptSecurityContext(
            CredentialHandle credential,
            SecHandle context,
            AcceptContextReqFlags req_attributes,
            SecDataRep data_rep,
            IList <SecurityBuffer> input,
            SecHandle new_context,
            IList <SecurityBuffer> output,
            out AcceptContextRetFlags ret_attributes,
            LargeInteger expiry,
            bool throw_on_error)
        {
            using (DisposableList list = new DisposableList())
            {
                var input_buffers  = input?.ToBufferList(list);
                var output_buffers = output?.ToBufferList(list);

                var in_buffer_desc  = input_buffers.ToDesc(list);
                var out_buffer_desc = output_buffers.ToDesc(list);

                SecStatusCode result = SecurityNativeMethods.AcceptSecurityContext(credential.CredHandle, context,
                                                                                   in_buffer_desc, req_attributes, data_rep, new_context, out_buffer_desc, out ret_attributes, expiry).CheckResult(throw_on_error);
                if (!result.IsSuccess())
                {
                    return(result);
                }
                try
                {
                    if (result == SecStatusCode.SEC_I_COMPLETE_NEEDED || result == SecStatusCode.SEC_I_COMPLETE_AND_CONTINUE)
                    {
                        var comp_result = SecurityNativeMethods.CompleteAuthToken(context, out_buffer_desc).CheckResult(throw_on_error);
                        if (!comp_result.IsSuccess())
                        {
                            return(comp_result);
                        }
                    }
                }
                finally
                {
                    if (result.IsSuccess())
                    {
                        output?.UpdateBuffers(out_buffer_desc);
                    }
                }

                return(result);
            }
        }
Пример #2
0
        private SecStatusCode CallInitialize(List <SecurityBuffer> input_buffers, List <SecurityBuffer> output_buffers, bool throw_on_error)
        {
            var token_buffer = new SecurityBufferAllocMem(SecurityBufferType.Token);

            output_buffers.Insert(0, token_buffer);
            if (ChannelBinding != null)
            {
                input_buffers.Add(new SecurityBufferChannelBinding(ChannelBinding));
            }

            string target_name = string.IsNullOrEmpty(Target) ? null : Target;

            LargeInteger  expiry      = new LargeInteger();
            SecHandle     new_context = _context ?? new SecHandle();
            SecStatusCode result      = SecurityContextUtils.InitializeSecurityContext(_creds, _context, target_name,
                                                                                       RequestAttributes | InitializeContextReqFlags.AllocateMemory, DataRepresentation, input_buffers, new_context,
                                                                                       output_buffers, out InitializeContextRetFlags flags, expiry, throw_on_error);

            if (!result.IsSuccess())
            {
                return(result);
            }
            _context         = new_context;
            Expiry           = expiry.QuadPart;
            ReturnAttributes = flags & ~InitializeContextRetFlags.AllocatedMemory;
            Token            = AuthenticationToken.Parse(_creds.PackageName, _token_count++, true, token_buffer.ToArray());
            Done             = !(result == SecStatusCode.SEC_I_CONTINUE_NEEDED || result == SecStatusCode.SEC_I_COMPLETE_AND_CONTINUE);
            return(result);
        }
        private SecStatusCode CallAccept(List <SecurityBuffer> input_buffers, List <SecurityBuffer> output_buffers, bool throw_on_error)
        {
            var token_buffer = new SecurityBufferAllocMem(SecurityBufferType.Token);

            output_buffers.Insert(0, token_buffer);

            if (ChannelBinding != null)
            {
                input_buffers.Add(new SecurityBufferChannelBinding(ChannelBinding));
            }

            LargeInteger  expiry      = new LargeInteger();
            SecHandle     new_context = _context ?? new SecHandle();
            SecStatusCode result      = SecurityContextUtils.AcceptSecurityContext(_creds, _context,
                                                                                   RequestAttributes | AcceptContextReqFlags.AllocateMemory, DataRepresentation, input_buffers, new_context, output_buffers,
                                                                                   out AcceptContextRetFlags context_attr, expiry, throw_on_error);

            if (!result.IsSuccess())
            {
                return(result);
            }
            _context         = new_context;
            ReturnAttributes = context_attr & ~AcceptContextRetFlags.AllocatedMemory;
            Expiry           = expiry.QuadPart;

            Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, false, token_buffer.ToArray());
            Done  = !(result == SecStatusCode.SEC_I_CONTINUE_NEEDED || result == SecStatusCode.SEC_I_COMPLETE_AND_CONTINUE);
            return(result);
        }