/// <summary>
/// Initializes a new instance of the <see cref="SecurityCredential" /> class.
/// </summary>
/// <param name="package">The security package to use.</param>
/// <param name="use">The manner in which the credential will be used.</param>
/// <exception cref="ArgumentNullException"><paramref name="package" /> is null.</exception>
protected SecurityCredential(SecurityPackageInfo package, CredentialUse use)
{
PackageInfo = package ?? throw new ArgumentNullException(nameof(package));
_safeCredentialHandle = new SafeCredentialHandle();
_safeCredentialHandle.AcquireCredentialHandle(package.Name, use);
_principleName = new Lazy <string>(() => _safeCredentialHandle.GetPrincipleName());
}
/// <summary>
/// Initializes the client-side security context from a credental handle.
/// </summary>
/// <param name="outputBuffer">The buffer that will hold the output token.</param>
/// <param name="credential">The credential handle.</param>
/// <param name="serverPrincipal">The server principal.</param>
/// <param name="requestedAttributes">The requested attributes.</param>
/// <returns>A <see cref="SecurityStatus" /> representing the result of the operation.</returns>
public SecurityStatus InitializeSecurityContext(SecureBuffer outputBuffer, SafeCredentialHandle credential, string serverPrincipal, SecurityContextAttributes requestedAttributes)
{
SecurityContextAttributes finalAttributes = SecurityContextAttributes.None;
Timestamp expiry = new Timestamp();
using (SecureBufferAdapter outputAdapter = new SecureBufferAdapter(outputBuffer))
{
return(NativeMethods.InitializeSecurityContext_1
(
ref credential.RawHandle,
IntPtr.Zero,
serverPrincipal,
requestedAttributes,
0,
NativeMethods.SecureBufferDataRep.Network,
IntPtr.Zero,
0,
ref RawHandle,
outputAdapter.Handle,
ref finalAttributes,
ref expiry
));
}
}
/// <summary>
/// Establishes a security context between the server and a remote client.
/// </summary>
/// <param name="outputBuffer">The buffer that will hold the output token.</param>
/// <param name="clientBuffer">The buffer containing the input data from the client.</param>
/// <param name="credential">The credential handle.</param>
/// <param name="requestedAttributes">The requested attributes.</param>
/// <returns>A <see cref="SecurityStatus" /> representing the result of the operation.</returns>
public SecurityStatus AcceptSecurityContext(SecureBuffer outputBuffer, SecureBuffer clientBuffer, SafeCredentialHandle credential, SecurityContextAttributes requestedAttributes)
{
SecurityContextAttributes finalAttributes = SecurityContextAttributes.None;
Timestamp expiry = new Timestamp();
using (SecureBufferAdapter outputAdapter = new SecureBufferAdapter(outputBuffer))
{
using (SecureBufferAdapter clientAdapter = new SecureBufferAdapter(clientBuffer))
{
if (this.IsInvalid)
{
return(NativeMethods.AcceptSecurityContext_1
(
ref credential.RawHandle,
IntPtr.Zero,
clientAdapter.Handle,
requestedAttributes,
NativeMethods.SecureBufferDataRep.Network,
ref RawHandle,
outputAdapter.Handle,
ref finalAttributes,
ref expiry
));
}
else
{
return(NativeMethods.AcceptSecurityContext_2
(
ref credential.RawHandle,
ref RawHandle,
clientAdapter.Handle,
requestedAttributes,
NativeMethods.SecureBufferDataRep.Network,
ref RawHandle,
outputAdapter.Handle,
ref finalAttributes,
ref expiry
));
}
}
}
}