private static unsafe int EncryptDecryptHelper(OP op, SSPIInterface secModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber)
{
Interop.SspiCli.SecBufferDesc sdcInOut = new Interop.SspiCli.SecBufferDesc(input.Length);
var unmanagedBuffer = new Interop.SspiCli.SecBuffer[input.Length];
fixed(Interop.SspiCli.SecBuffer *unmanagedBufferPtr = unmanagedBuffer)
{
sdcInOut.pBuffers = unmanagedBufferPtr;
GCHandle[] pinnedBuffers = new GCHandle[input.Length];
byte[][] buffers = new byte[input.Length][];
try
{
for (int i = 0; i < input.Length; i++)
{
SecurityBuffer iBuffer = input[i];
unmanagedBuffer[i].cbBuffer = iBuffer.size;
unmanagedBuffer[i].BufferType = iBuffer.type;
if (iBuffer.token == null || iBuffer.token.Length == 0)
{
unmanagedBuffer[i].pvBuffer = IntPtr.Zero;
}
else
{
pinnedBuffers[i] = GCHandle.Alloc(iBuffer.token, GCHandleType.Pinned);
unmanagedBuffer[i].pvBuffer = Marshal.UnsafeAddrOfPinnedArrayElement(iBuffer.token, iBuffer.offset);
buffers[i] = iBuffer.token;
}
}
// The result is written in the input Buffer passed as type=BufferType.Data.
int errorCode;
switch (op)
{
case OP.Encrypt:
errorCode = secModule.EncryptMessage(context, ref sdcInOut, sequenceNumber);
break;
case OP.Decrypt:
errorCode = secModule.DecryptMessage(context, ref sdcInOut, sequenceNumber);
break;
case OP.MakeSignature:
errorCode = secModule.MakeSignature(context, ref sdcInOut, sequenceNumber);
break;
case OP.VerifySignature:
errorCode = secModule.VerifySignature(context, ref sdcInOut, sequenceNumber);
break;
default:
NetEventSource.Fail(null, $"Unknown OP: {op}");
throw NotImplemented.ByDesignWithMessage(Strings.net_MethodNotImplementedException);
}
// Marshalling back returned sizes / data.
for (int i = 0; i < input.Length; i++)
{
SecurityBuffer iBuffer = input[i];
iBuffer.size = unmanagedBuffer[i].cbBuffer;
iBuffer.type = unmanagedBuffer[i].BufferType;
if (iBuffer.size == 0)
{
iBuffer.offset = 0;
iBuffer.token = null;
}
else
{
checked
{
// Find the buffer this is inside of. Usually they all point inside buffer 0.
int j;
for (j = 0; j < input.Length; j++)
{
if (buffers[j] == null)
{
continue;
}
byte *bufferAddress = (byte *)Marshal.UnsafeAddrOfPinnedArrayElement(buffers[j], 0);
if ((byte *)unmanagedBuffer[i].pvBuffer >= bufferAddress &&
(byte *)unmanagedBuffer[i].pvBuffer + iBuffer.size <= bufferAddress + buffers[j].Length)
{
iBuffer.offset = (int)((byte *)unmanagedBuffer[i].pvBuffer - bufferAddress);
iBuffer.token = buffers[j];
break;
}
}
if (j >= input.Length)
{
NetEventSource.Fail(null, "Output buffer out of range.");
iBuffer.size = 0;
iBuffer.offset = 0;
iBuffer.token = null;
}
}
}
// Backup validate the new sizes.
if (iBuffer.offset < 0 || iBuffer.offset > (iBuffer.token == null ? 0 : iBuffer.token.Length))
{
NetEventSource.Fail(null, $"'offset' out of range. [{iBuffer.offset}]");
}
if (iBuffer.size < 0 || iBuffer.size > (iBuffer.token == null ? 0 : iBuffer.token.Length - iBuffer.offset))
{
NetEventSource.Fail(null, $"'size' out of range. [{iBuffer.size}]");
}
}
if (NetEventSource.IsEnabled && errorCode != 0)
{
if (errorCode == Interop.SspiCli.SEC_I_RENEGOTIATE)
{
NetEventSource.Error(null, System.StringsHelper.Format(Strings.event_OperationReturnedSomething, op, "SEC_I_RENEGOTIATE"));
}
else
{
NetEventSource.Error(null, System.StringsHelper.Format(Strings.net_log_operation_failed_with_error, op, $"0x{0:X}"));
}
}
return(errorCode);
}
finally
{
for (int i = 0; i < pinnedBuffers.Length; ++i)
{
if (pinnedBuffers[i].IsAllocated)
{
pinnedBuffers[i].Free();
}
}
}
}
}
private static unsafe int EncryptDecryptHelper(OP op, SSPIInterface SecModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber)
{
SecurityBufferDescriptor inputOutput = new SecurityBufferDescriptor(input.Length);
SecurityBufferStruct[] structArray = new SecurityBufferStruct[input.Length];
fixed(SecurityBufferStruct *structRef = structArray)
{
int num6;
inputOutput.UnmanagedPointer = (void *)structRef;
GCHandle[] handleArray = new GCHandle[input.Length];
byte[][] bufferArray = new byte[input.Length][];
try
{
int num2;
for (int i = 0; i < input.Length; i++)
{
SecurityBuffer buffer = input[i];
structArray[i].count = buffer.size;
structArray[i].type = buffer.type;
if ((buffer.token == null) || (buffer.token.Length == 0))
{
structArray[i].token = IntPtr.Zero;
}
else
{
handleArray[i] = GCHandle.Alloc(buffer.token, GCHandleType.Pinned);
structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer.token, buffer.offset);
bufferArray[i] = buffer.token;
}
}
switch (op)
{
case OP.Encrypt:
num2 = SecModule.EncryptMessage(context, inputOutput, sequenceNumber);
break;
case OP.Decrypt:
num2 = SecModule.DecryptMessage(context, inputOutput, sequenceNumber);
break;
case OP.MakeSignature:
num2 = SecModule.MakeSignature(context, inputOutput, sequenceNumber);
break;
case OP.VerifySignature:
num2 = SecModule.VerifySignature(context, inputOutput, sequenceNumber);
break;
default:
throw ExceptionHelper.MethodNotImplementedException;
}
for (int j = 0; j < input.Length; j++)
{
SecurityBuffer buffer2 = input[j];
buffer2.size = structArray[j].count;
buffer2.type = structArray[j].type;
if (buffer2.size == 0)
{
buffer2.offset = 0;
buffer2.token = null;
}
else
{
int index = 0;
while (index < input.Length)
{
if (bufferArray[index] != null)
{
byte *numPtr = (byte *)Marshal.UnsafeAddrOfPinnedArrayElement(bufferArray[index], 0);
if ((((void *)structArray[j].token) >= numPtr) && ((((void *)structArray[j].token) + buffer2.size) <= (numPtr + bufferArray[index].Length)))
{
buffer2.offset = (int)((long)((((void *)structArray[j].token) - numPtr) / 1));
buffer2.token = bufferArray[index];
break;
}
}
index++;
}
if (index >= input.Length)
{
buffer2.size = 0;
buffer2.offset = 0;
buffer2.token = null;
}
}
}
if ((num2 != 0) && Logging.On)
{
if (num2 == 0x90321)
{
Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_returned_something", new object[] { op, "SEC_I_RENEGOTIATE" }));
}
else
{
Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_failed_with_error", new object[] { op, string.Format(CultureInfo.CurrentCulture, "0X{0:X}", new object[] { num2 }) }));
}
}
num6 = num2;
}
finally
{
for (int k = 0; k < handleArray.Length; k++)
{
if (handleArray[k].IsAllocated)
{
handleArray[k].Free();
}
}
}
return(num6);
}
}
private unsafe static int EncryptDecryptHelper(OP op, SSPIInterface secModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber)
{
Interop.SspiCli.SecurityBufferDescriptor sdcInOut = new Interop.SspiCli.SecurityBufferDescriptor(input.Length);
var unmanagedBuffer = new Interop.SspiCli.SecurityBufferStruct[input.Length];
fixed(Interop.SspiCli.SecurityBufferStruct *unmanagedBufferPtr = unmanagedBuffer)
{
sdcInOut.UnmanagedPointer = unmanagedBufferPtr;
GCHandle[] pinnedBuffers = new GCHandle[input.Length];
byte[][] buffers = new byte[input.Length][];
try
{
for (int i = 0; i < input.Length; i++)
{
SecurityBuffer iBuffer = input[i];
unmanagedBuffer[i].count = iBuffer.size;
unmanagedBuffer[i].type = iBuffer.type;
if (iBuffer.token == null || iBuffer.token.Length == 0)
{
unmanagedBuffer[i].token = IntPtr.Zero;
}
else
{
pinnedBuffers[i] = GCHandle.Alloc(iBuffer.token, GCHandleType.Pinned);
unmanagedBuffer[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(iBuffer.token, iBuffer.offset);
buffers[i] = iBuffer.token;
}
}
// The result is written in the input Buffer passed as type=BufferType.Data.
int errorCode;
switch (op)
{
case OP.Encrypt:
errorCode = secModule.EncryptMessage(context, sdcInOut, sequenceNumber);
break;
case OP.Decrypt:
errorCode = secModule.DecryptMessage(context, sdcInOut, sequenceNumber);
break;
case OP.MakeSignature:
errorCode = secModule.MakeSignature(context, sdcInOut, sequenceNumber);
break;
case OP.VerifySignature:
errorCode = secModule.VerifySignature(context, sdcInOut, sequenceNumber);
break;
default:
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("SSPIWrapper::EncryptDecryptHelper", "Unknown OP: " + op);
}
throw NotImplemented.ByDesignWithMessage(SR.net_MethodNotImplementedException);
}
// Marshalling back returned sizes / data.
for (int i = 0; i < input.Length; i++)
{
SecurityBuffer iBuffer = input[i];
iBuffer.size = unmanagedBuffer[i].count;
iBuffer.type = unmanagedBuffer[i].type;
if (iBuffer.size == 0)
{
iBuffer.offset = 0;
iBuffer.token = null;
}
else
{
checked
{
// Find the buffer this is inside of. Usually they all point inside buffer 0.
int j;
for (j = 0; j < input.Length; j++)
{
if (buffers[j] == null)
{
continue;
}
byte *bufferAddress = (byte *)Marshal.UnsafeAddrOfPinnedArrayElement(buffers[j], 0);
if ((byte *)unmanagedBuffer[i].token >= bufferAddress &&
(byte *)unmanagedBuffer[i].token + iBuffer.size <= bufferAddress + buffers[j].Length)
{
iBuffer.offset = (int)((byte *)unmanagedBuffer[i].token - bufferAddress);
iBuffer.token = buffers[j];
break;
}
}
if (j >= input.Length)
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("SSPIWrapper::EncryptDecryptHelper", "Output buffer out of range.");
}
iBuffer.size = 0;
iBuffer.offset = 0;
iBuffer.token = null;
}
}
}
// Backup validate the new sizes.
if (GlobalLog.IsEnabled)
{
if (iBuffer.offset == 0 || iBuffer.offset > (iBuffer.token == null ? 0 : iBuffer.token.Length))
{
GlobalLog.AssertFormat("SSPIWrapper::EncryptDecryptHelper|'offset' out of range. [{0}]", iBuffer.offset);
}
if (iBuffer.size == 0 || iBuffer.size > (iBuffer.token == null ? 0 : iBuffer.token.Length - iBuffer.offset))
{
GlobalLog.AssertFormat("SSPIWrapper::EncryptDecryptHelper|'size' out of range. [{0}]", iBuffer.size);
}
}
}
if (errorCode != 0 && NetEventSource.Log.IsEnabled())
{
if (errorCode == Interop.SspiCli.SEC_I_RENEGOTIATE)
{
NetEventSource.PrintError(NetEventSource.ComponentType.Security, SR.Format(SR.event_OperationReturnedSomething, op, "SEC_I_RENEGOTIATE"));
}
else
{
NetEventSource.PrintError(NetEventSource.ComponentType.Security, SR.Format(SR.net_log_operation_failed_with_error, op, String.Format(CultureInfo.CurrentCulture, "0X{0:X}", errorCode)));
}
}
return(errorCode);
}
finally
{
for (int i = 0; i < pinnedBuffers.Length; ++i)
{
if (pinnedBuffers[i].IsAllocated)
{
pinnedBuffers[i].Free();
}
}
}
}
}
internal static SecurityStatus DecryptMessage(SSPIInterface secModule, SafeDeleteContext securityContext, byte[] buffer, ref int offset, ref int count)
{
return(secModule.DecryptMessage(securityContext, buffer, ref offset, ref count));
}
private static unsafe int EncryptDecryptHelper(OP op, SSPIInterface SecModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber)
{
SecurityBufferDescriptor inputOutput = new SecurityBufferDescriptor(input.Length);
SecurityBufferStruct[] structArray = new SecurityBufferStruct[input.Length];
fixed (SecurityBufferStruct* structRef = structArray)
{
int num6;
inputOutput.UnmanagedPointer = (void*) structRef;
GCHandle[] handleArray = new GCHandle[input.Length];
byte[][] bufferArray = new byte[input.Length][];
try
{
int num2;
for (int i = 0; i < input.Length; i++)
{
SecurityBuffer buffer = input[i];
structArray[i].count = buffer.size;
structArray[i].type = buffer.type;
if ((buffer.token == null) || (buffer.token.Length == 0))
{
structArray[i].token = IntPtr.Zero;
}
else
{
handleArray[i] = GCHandle.Alloc(buffer.token, GCHandleType.Pinned);
structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer.token, buffer.offset);
bufferArray[i] = buffer.token;
}
}
switch (op)
{
case OP.Encrypt:
num2 = SecModule.EncryptMessage(context, inputOutput, sequenceNumber);
break;
case OP.Decrypt:
num2 = SecModule.DecryptMessage(context, inputOutput, sequenceNumber);
break;
case OP.MakeSignature:
num2 = SecModule.MakeSignature(context, inputOutput, sequenceNumber);
break;
case OP.VerifySignature:
num2 = SecModule.VerifySignature(context, inputOutput, sequenceNumber);
break;
default:
throw ExceptionHelper.MethodNotImplementedException;
}
for (int j = 0; j < input.Length; j++)
{
SecurityBuffer buffer2 = input[j];
buffer2.size = structArray[j].count;
buffer2.type = structArray[j].type;
if (buffer2.size == 0)
{
buffer2.offset = 0;
buffer2.token = null;
}
else
{
int index = 0;
while (index < input.Length)
{
if (bufferArray[index] != null)
{
byte* numPtr = (byte*) Marshal.UnsafeAddrOfPinnedArrayElement(bufferArray[index], 0);
if ((((void*) structArray[j].token) >= numPtr) && ((((void*) structArray[j].token) + buffer2.size) <= (numPtr + bufferArray[index].Length)))
{
buffer2.offset = (int) ((long) ((((void*) structArray[j].token) - numPtr) / 1));
buffer2.token = bufferArray[index];
break;
}
}
index++;
}
if (index >= input.Length)
{
buffer2.size = 0;
buffer2.offset = 0;
buffer2.token = null;
}
}
}
if ((num2 != 0) && Logging.On)
{
if (num2 == 0x90321)
{
Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_returned_something", new object[] { op, "SEC_I_RENEGOTIATE" }));
}
else
{
Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_failed_with_error", new object[] { op, string.Format(CultureInfo.CurrentCulture, "0X{0:X}", new object[] { num2 }) }));
}
}
num6 = num2;
}
finally
{
for (int k = 0; k < handleArray.Length; k++)
{
if (handleArray[k].IsAllocated)
{
handleArray[k].Free();
}
}
}
return num6;
}
}
