private SecStatusCode CallAccept(List <SecurityBuffer> input_buffers, List <SecurityBuffer> output_buffers, bool throw_on_error) { var token_buffer = new SecurityBufferAllocMem(SecurityBufferType.Token); output_buffers.Insert(0, token_buffer); if (ChannelBinding != null) { input_buffers.Add(new SecurityBufferChannelBinding(ChannelBinding)); } LargeInteger expiry = new LargeInteger(); SecHandle new_context = _context ?? new SecHandle(); SecStatusCode result = SecurityContextUtils.AcceptSecurityContext(_creds, _context, RequestAttributes | AcceptContextReqFlags.AllocateMemory, DataRepresentation, input_buffers, new_context, output_buffers, out AcceptContextRetFlags context_attr, expiry, throw_on_error); if (!result.IsSuccess()) { return(result); } _context = new_context; ReturnAttributes = context_attr & ~AcceptContextRetFlags.AllocatedMemory; Expiry = expiry.QuadPart; Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, false, token_buffer.ToArray()); Done = !(result == SecStatusCode.SEC_I_CONTINUE_NEEDED || result == SecStatusCode.SEC_I_COMPLETE_AND_CONTINUE); return(result); }
private SecStatusCode CallInitialize(List <SecurityBuffer> input_buffers, List <SecurityBuffer> output_buffers, bool throw_on_error) { var token_buffer = new SecurityBufferAllocMem(SecurityBufferType.Token); output_buffers.Insert(0, token_buffer); if (ChannelBinding != null) { input_buffers.Add(new SecurityBufferChannelBinding(ChannelBinding)); } string target_name = string.IsNullOrEmpty(Target) ? null : Target; LargeInteger expiry = new LargeInteger(); SecHandle new_context = _context ?? new SecHandle(); SecStatusCode result = SecurityContextUtils.InitializeSecurityContext(_creds, _context, target_name, RequestAttributes | InitializeContextReqFlags.AllocateMemory, DataRepresentation, input_buffers, new_context, output_buffers, out InitializeContextRetFlags flags, expiry, throw_on_error); if (!result.IsSuccess()) { return(result); } _context = new_context; Expiry = expiry.QuadPart; ReturnAttributes = flags & ~InitializeContextRetFlags.AllocatedMemory; Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, true, token_buffer.ToArray()); Done = !(result == SecStatusCode.SEC_I_CONTINUE_NEEDED || result == SecStatusCode.SEC_I_COMPLETE_AND_CONTINUE); return(result); }
/// <summary> /// Export and delete the current security context. /// </summary> /// <returns>The exported security context.</returns> /// <remarks>The security context will not longer be usable afterwards.</remarks> public ExportedSecurityContext Export() { var context = SecurityContextUtils.ExportContext(_context, SecPkgContextExportFlags.DeleteOld, _creds.PackageName, true); Dispose(); return(context); }
private string GetTargetName() { var target = SecurityContextUtils.QueryContextAttributeNoThrow <SecPkgContext_ClientSpecifiedTarget>(_context, SECPKG_ATTR.CLIENT_SPECIFIED_TARGET); if (target.Item2 == SecStatusCode.SUCCESS) { try { return(Marshal.PtrToStringUni(target.Item1.sTargetName)); } finally { SecurityNativeMethods.FreeContextBuffer(target.Item1.sTargetName); } } return(string.Empty); }
/// <summary> /// Verify a signature for this context. /// </summary> /// <param name="message">The message to verify.</param> /// <param name="signature">The signature blob for the message.</param> /// <param name="sequence_no">The sequence number.</param> /// <returns>True if the signature is valid, otherwise false.</returns> public bool VerifySignature(byte[] message, byte[] signature, int sequence_no) { return(SecurityContextUtils.VerifySignature(Context, message, signature, sequence_no)); }
/// <summary> /// Decrypt a message for this context. /// </summary> /// <param name="messages">The messages to decrypt.</param> /// <param name="sequence_no">The sequence number.</param> /// <remarks>The messages are decrypted in place. You can add buffers with the ReadOnly flag to prevent them being decrypted. /// If you need to specify a signature you need to add a buffer.</remarks> public void DecryptMessageNoSignature(IEnumerable <SecurityBuffer> messages, int sequence_no) { SecurityContextUtils.DecryptMessageNoSignature(Context, messages, sequence_no); }
/// <summary> /// Query the context's package info. /// </summary> /// <returns>The authentication package info,</returns> public AuthenticationPackage GetAuthenticationPackage() { return(SecurityContextUtils.GetAuthenticationPackage(Context)); }
/// <summary> /// Encrypt a message for this context with no specific signature. /// </summary> /// <param name="messages">The messages to encrypt.</param> /// <param name="quality_of_protection">Quality of protection flags.</param> /// <param name="sequence_no">The sequence number.</param> /// <remarks>The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted. /// If you need to return a signature then it must be specified in a buffer.</remarks> public void EncryptMessageNoSignature(IEnumerable <SecurityBuffer> messages, SecurityQualityOfProtectionFlags quality_of_protection, int sequence_no) { SecurityContextUtils.EncryptMessage(Context, quality_of_protection, messages, sequence_no); }
/// <summary> /// Decrypt a message for this context. /// </summary> /// <param name="message">The message to decrypt.</param> /// <param name="sequence_no">The sequence number.</param> /// <returns>The decrypted message.</returns> public byte[] DecryptMessage(EncryptedMessage message, int sequence_no) { return(SecurityContextUtils.DecryptMessage(Context, message, sequence_no)); }
/// <summary> /// Encrypt a message for this context. /// </summary> /// <param name="message">The message to encrypt.</param> /// <param name="quality_of_protection">Quality of protection flags.</param> /// <returns>The encrypted message.</returns> /// <param name="sequence_no">The sequence number.</param> public EncryptedMessage EncryptMessage(byte[] message, SecurityQualityOfProtectionFlags quality_of_protection, int sequence_no) { return(SecurityContextUtils.EncryptMessage(Context, quality_of_protection, message, sequence_no)); }
/// <summary> /// Encrypt a message for this context. /// </summary> /// <param name="messages">The messages to encrypt.</param> /// <param name="quality_of_protection">Quality of protection flags.</param> /// <returns>The signature for the messages.</returns> /// <remarks>The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted.</remarks> /// <param name="sequence_no">The sequence number.</param> public byte[] EncryptMessage(IEnumerable <SecurityBuffer> messages, SecurityQualityOfProtectionFlags quality_of_protection, int sequence_no) { return(SecurityContextUtils.EncryptMessage(Context, quality_of_protection, messages, sequence_no)); }
/// <summary> /// Export the security context. /// </summary> /// <returns>The exported security context.</returns> public ExportedSecurityContext Export() { return(SecurityContextUtils.ExportContext(_context, SecPkgContextExportFlags.None, _creds.PackageName)); }
/// <summary> /// Verify a signature for this context. /// </summary> /// <param name="messages">The messages to verify.</param> /// <param name="signature">The signature blob for the message.</param> /// <param name="sequence_no">The sequence number.</param> /// <returns>True if the signature is valid, otherwise false.</returns> public bool VerifySignature(IEnumerable <SecurityBuffer> messages, byte[] signature, int sequence_no) { return(SecurityContextUtils.VerifySignature(Context, messages, signature, sequence_no)); }
/// <summary> /// Make a signature for this context. /// </summary> /// <param name="message">The message to sign.</param> /// <param name="sequence_no">The sequence number.</param> /// <returns>The signature blob.</returns> public byte[] MakeSignature(byte[] message, int sequence_no) { return(SecurityContextUtils.MakeSignature(Context, 0, message, sequence_no)); }
/// <summary> /// Make a signature for this context. /// </summary> /// <param name="messages">The message buffers to sign.</param> /// <param name="sequence_no">The sequence number.</param> /// <returns>The signature blob.</returns> public byte[] MakeSignature(IEnumerable <SecurityBuffer> messages, int sequence_no) { return(SecurityContextUtils.MakeSignature(Context, 0, messages, sequence_no)); }
/// <summary> /// Encrypt a message for this context. /// </summary> /// <param name="message">The message to encrypt.</param> /// <param name="sequence_no">The sequence number.</param> /// <returns>The encrypted message.</returns> public EncryptedMessage EncryptMessage(byte[] message, int sequence_no) { return(SecurityContextUtils.EncryptMessage(_context, 0, message, sequence_no)); }
/// <summary> /// Encrypt a message for this context. /// </summary> /// <param name="messages">The messages to encrypt.</param> /// <param name="sequence_no">The sequence number.</param> /// <returns>The signature for the messages.</returns> /// <remarks>The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted.</remarks> public byte[] EncryptMessage(IEnumerable <SecurityBuffer> messages, int sequence_no) { return(SecurityContextUtils.EncryptMessage(_context, 0, messages, sequence_no)); }
/// <summary> /// Decrypt a message for this context. /// </summary> /// <param name="messages">The messages to decrypt.</param> /// <param name="sequence_no">The sequence number.</param> /// <param name="signature">The signature for the messages.</param> /// <remarks>The messages are decrypted in place. You can add buffers with the ReadOnly flag to prevent them being decrypted.</remarks> public void DecryptMessage(IEnumerable <SecurityBuffer> messages, byte[] signature, int sequence_no) { SecurityContextUtils.DecryptMessage(_context, messages, signature, sequence_no); }