示例#1
0
 internal static extern int InitializeSecurityContext(
     ref SECURITY_HANDLE phCredential, //PCredHandle
     ref SECURITY_HANDLE phContext,    //PCtxtHandle
     string pszTargetName,
     int fContextReq,
     int reserved1,
     int targetDataRep,
     ref SecBufferDesc secBufferDesc,  //PSecBufferDesc SecBufferDesc
     int reserved2,
     out SECURITY_HANDLE phNewContext, //PCtxtHandle
     out SecBufferDesc pOutput,        //PSecBufferDesc SecBufferDesc
     out uint pfContextAttr,           //managed ulong == 64 bits!!!
     out SECURITY_INTEGER ptsExpiry);  //PTimeStamp
示例#2
0
        public void InitializeClient(out byte[] clientToken, byte[] serverToken, out bool bContinueProcessing,
                                     SspiPackageType sspiPackageType = SspiPackageType.Negotiate)
        {
            clientToken         = null;
            bContinueProcessing = true;

            var clientLifeTime = new SECURITY_INTEGER(0);

            if (!_bGotClientCredentials)
            {
                int result = NativeMethods.AcquireCredentialsHandle(
                    _sAccountName, sspiPackageType.ToString(), NativeContants.SECPKG_CRED_OUTBOUND,
                    IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero,
                    ref _hOutboundCred, ref clientLifeTime);

                if (result != NativeContants.SEC_E_OK)
                {
                    throw new SspiException("Couldn't acquire client credentials", result);
                }

                _bGotClientCredentials = true;
            }

            int ss;

            var clientTokenSecBufferDesc = new SecBufferDesc(MAX_TOKEN_SIZE);

            try
            {
                uint contextAttributes;

                if (serverToken == null)
                {
                    ss = NativeMethods.InitializeSecurityContext(
                        ref _hOutboundCred,
                        IntPtr.Zero,
                        _sAccountName,                       // null string pszTargetName,
                        STANDARD_CONTEXT_ATTRIBUTES,
                        0,                                   //int Reserved1,
                        NativeContants.SECURITY_NATIVE_DREP, //int TargetDataRep
                        IntPtr.Zero,                         //Always zero first time around...
                        0,                                   //int Reserved2,
                        out _hClientContext,                 //pHandle CtxtHandle = SecHandle
                        out clientTokenSecBufferDesc,        //ref SecBufferDesc pOutput, //PSecBufferDesc
                        out contextAttributes,               //ref int pfContextAttr,
                        out clientLifeTime);                 //ref IntPtr ptsExpiry ); //PTimeStamp
                }
                else
                {
                    var serverTokenSecBufferDesc = new SecBufferDesc(serverToken);

                    try
                    {
                        ss = NativeMethods.InitializeSecurityContext(
                            ref _hOutboundCred,
                            ref _hClientContext,
                            _sAccountName,                       // null string pszTargetName,
                            STANDARD_CONTEXT_ATTRIBUTES,
                            0,                                   //int Reserved1,
                            NativeContants.SECURITY_NATIVE_DREP, //int TargetDataRep
                            ref serverTokenSecBufferDesc,        //Always zero first time around...
                            0,                                   //int Reserved2,
                            out _hClientContext,                 //pHandle CtxtHandle = SecHandle
                            out clientTokenSecBufferDesc,        //ref SecBufferDesc pOutput, //PSecBufferDesc
                            out contextAttributes,               //ref int pfContextAttr,
                            out clientLifeTime);                 //ref IntPtr ptsExpiry ); //PTimeStamp
                    }
                    finally
                    {
                        serverTokenSecBufferDesc.Dispose();
                    }
                }

                if (ss != NativeContants.SEC_E_OK && ss != NativeContants.SEC_I_CONTINUE_NEEDED)
                {
                    throw new SspiException("InitializeSecurityContext() failed!!!", ss);
                }

                clientToken = clientTokenSecBufferDesc.GetSecBufferByteArray();
            }
            finally
            {
                clientTokenSecBufferDesc.Dispose();
            }

            bContinueProcessing = ss != NativeContants.SEC_E_OK;
        }
示例#3
0
        public void InitializeServer(byte[] clientToken, out byte[] serverToken, out bool bContinueProcessing,
                                     SspiPackageType sspiPackageType = SspiPackageType.Negotiate)
        {
            serverToken         = null;
            bContinueProcessing = true;
            var newLifeTime = new SECURITY_INTEGER(0);

            if (!_bGotServerCredentials)
            {
                int result = NativeMethods.AcquireCredentialsHandle(
                    _sAccountName, sspiPackageType.ToString(), NativeContants.SECPKG_CRED_INBOUND,
                    IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero,
                    ref _hInboundCred, ref newLifeTime);

                if (result != NativeContants.SEC_E_OK)
                {
                    throw new SspiException("Couldn't acquire server credentials handle!!!", result);
                }

                _bGotServerCredentials = true;
            }

            var serverTokenSecBufferDesc = new SecBufferDesc(MAX_TOKEN_SIZE);
            var clientTokenSecBufferDesc = new SecBufferDesc(clientToken);

            try
            {
                int  ss;
                uint uNewContextAttr;

                if (!_bGotServerContext)
                {
                    ss = NativeMethods.AcceptSecurityContext(
                        ref _hInboundCred, // [in] handle to the credentials
                        IntPtr.Zero,
                        // [in/out] handle of partially formed context.  Always NULL the first time through
                        ref clientTokenSecBufferDesc,        // [in] pointer to the input buffers
                        STANDARD_CONTEXT_ATTRIBUTES,         // [in] required context attributes
                        NativeContants.SECURITY_NATIVE_DREP, // [in] data representation on the target
                        out _hServerContext,                 // [in/out] receives the new context handle
                        out serverTokenSecBufferDesc,        // [in/out] pointer to the output buffers
                        out uNewContextAttr,                 // [out] receives the context attributes
                        out newLifeTime);                    // [out] receives the life span of the security context
                }
                else
                {
                    ss = NativeMethods.AcceptSecurityContext(
                        ref _hInboundCred, // [in] handle to the credentials
                        ref _hServerContext,
                        // [in/out] handle of partially formed context.  Always NULL the first time through
                        ref clientTokenSecBufferDesc,        // [in] pointer to the input buffers
                        STANDARD_CONTEXT_ATTRIBUTES,         // [in] required context attributes
                        NativeContants.SECURITY_NATIVE_DREP, // [in] data representation on the target
                        out _hServerContext,                 // [in/out] receives the new context handle
                        out serverTokenSecBufferDesc,        // [in/out] pointer to the output buffers
                        out uNewContextAttr,                 // [out] receives the context attributes
                        out newLifeTime);                    // [out] receives the life span of the security context
                }

                if (ss != NativeContants.SEC_E_OK && ss != NativeContants.SEC_I_CONTINUE_NEEDED)
                {
                    throw new SspiException("AcceptSecurityContext() failed!!!", ss);
                }

                if (!_bGotServerContext)
                {
                    _bGotServerContext = true;
                }

                serverToken = serverTokenSecBufferDesc.GetSecBufferByteArray();

                bContinueProcessing = ss != NativeContants.SEC_E_OK;
            }
            finally
            {
                clientTokenSecBufferDesc.Dispose();
                serverTokenSecBufferDesc.Dispose();
            }
        }