示例#1
0
        public unsafe int VerifySignature(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
        {
            int  status = (int)SecurityStatus.InvalidHandle;
            bool b      = false;

            uint qop = 0;

            RuntimeHelpers.PrepareConstrainedRegions();
            try {
                context.DangerousAddRef(ref b);
            }
            catch (Exception e) {
                if (b)
                {
                    context.DangerousRelease();
                    b = false;
                }
                if (!(e is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally {
                if (b)
                {
                    status = UnsafeNclNativeMethods.NativeNTSSPI.DecryptMessage(ref context._handle, inputOutput, sequenceNumber, &qop);
                    context.DangerousRelease();
                }
            }

            return(status);
        }
        private unsafe int VerifySignatureHelper(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
        {
            int  num                 = -2146893055;
            bool success             = false;
            uint qualityOfProtection = 0;

            RuntimeHelpers.PrepareConstrainedRegions();
            try
            {
                context.DangerousAddRef(ref success);
            }
            catch (Exception exception)
            {
                if (success)
                {
                    context.DangerousRelease();
                    success = false;
                }
                if (!(exception is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally
            {
                if (success)
                {
                    num = UnsafeNclNativeMethods.NativeNTSSPI.DecryptMessage(ref context._handle, inputOutput, sequenceNumber, &qualityOfProtection);
                    context.DangerousRelease();
                }
            }
            return(num);
        }
示例#3
0
        private int DecryptMessageHelper9x(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
        {
            int  num     = -2146893055;
            bool success = false;

            RuntimeHelpers.PrepareConstrainedRegions();
            try
            {
                context.DangerousAddRef(ref success);
            }
            catch (Exception exception)
            {
                if (success)
                {
                    context.DangerousRelease();
                    success = false;
                }
                if (!(exception is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally
            {
                if (success)
                {
                    num = UnsafeNclNativeMethods.NativeSSLWin9xSSPI.UnsealMessage(ref context._handle, inputOutput, IntPtr.Zero, sequenceNumber);
                    context.DangerousRelease();
                }
            }
            return(num);
        }
示例#4
0
        public int MakeSignature(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
        {
            int  status = (int)SecurityStatus.InvalidHandle;
            bool b      = false;

            RuntimeHelpers.PrepareConstrainedRegions();
            try {
                context.DangerousAddRef(ref b);
            }
            catch (Exception e) {
                if (b)
                {
                    context.DangerousRelease();
                    b = false;
                }
                if (!(e is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally {
                if (b)
                {
                    const uint SECQOP_WRAP_NO_ENCRYPT = 0x80000001;
                    status = UnsafeNclNativeMethods.NativeNTSSPI.EncryptMessage(ref context._handle, SECQOP_WRAP_NO_ENCRYPT, inputOutput, sequenceNumber);
                    context.DangerousRelease();
                }
            }
            return(status);
        }
示例#5
0
 public int DecryptMessage(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
 {
     if (ComNetOS.IsWin9x)
     {
         return(this.DecryptMessageHelper9x(context, inputOutput, sequenceNumber));
     }
     return(this.DecryptMessageHelper(context, inputOutput, sequenceNumber));
 }
 public int DecryptMessage(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
 {
     if (ComNetOS.IsWin9x)
     {
         throw ExceptionHelper.MethodNotImplementedException;
     }
     return this.DecryptMessageHelper(context, inputOutput, sequenceNumber);
 }
 public int EncryptMessage(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
 {
     if (ComNetOS.IsWin9x)
     {
         throw ExceptionHelper.MethodNotImplementedException;
     }
     return(this.EncryptMessageHelper(context, inputOutput, sequenceNumber));
 }
        public static int UnsealMessage(
            SSPIInterface SecModule,
            ref long context,
            int QOP,
            SecurityBufferClass[] input,
            int sequenceNumber)
        {
            GCHandle[] handleIn = PinBuffers(input);
            SecurityBufferDescriptor sdcInOut = new SecurityBufferDescriptor(input);
            int errorCode = SecModule.UnsealMessage(ref context, ref sdcInOut, QOP, sequenceNumber);

            SecurityBufferClass[] result = sdcInOut.marshall();

            for (int k = 0; k < input.Length; k++)
            {
                input[k] = result[k];
            }
            sdcInOut.FreeAllBuffers(0);
            FreeGCHandles(handleIn);
            return(errorCode);
        }
示例#9
0
        public unsafe int DecryptMessage(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
        {
            int  status = (int)SecurityStatus.InvalidHandle;
            bool b      = false;
            uint qop    = 0;

            RuntimeHelpers.PrepareConstrainedRegions();
            try {
                context.DangerousAddRef(ref b);
            }
            catch (Exception e) {
                if (b)
                {
                    context.DangerousRelease();
                    b = false;
                }
                if (!(e is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally {
                if (b)
                {
                    status = UnsafeNclNativeMethods.NativeNTSSPI.DecryptMessage(ref context._handle, inputOutput, sequenceNumber, &qop);
                    context.DangerousRelease();
                }
            }

            const uint SECQOP_WRAP_NO_ENCRYPT = 0x80000001;

            if (status == 0 && qop == SECQOP_WRAP_NO_ENCRYPT)
            {
                GlobalLog.Assert("NativeNTSSPI.DecryptMessage", "Expected qop = 0, returned value = " + qop.ToString("x", CultureInfo.InvariantCulture));
                throw new InvalidOperationException(SR.GetString(SR.net_auth_message_not_encrypted));
            }


            return(status);
        }
        private unsafe int DecryptMessageHelper(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
        {
            int  num                 = -2146893055;
            bool success             = false;
            uint qualityOfProtection = 0;

            RuntimeHelpers.PrepareConstrainedRegions();
            try
            {
                context.DangerousAddRef(ref success);
            }
            catch (Exception exception)
            {
                if (success)
                {
                    context.DangerousRelease();
                    success = false;
                }
                if (!(exception is ObjectDisposedException))
                {
                    throw;
                }
            }
            finally
            {
                if (success)
                {
                    num = UnsafeNclNativeMethods.NativeNTSSPI.DecryptMessage(ref context._handle, inputOutput, sequenceNumber, &qualityOfProtection);
                    context.DangerousRelease();
                }
            }
            if ((num == 0) && (qualityOfProtection == 0x80000001))
            {
                throw new InvalidOperationException(SR.GetString("net_auth_message_not_encrypted"));
            }
            return(num);
        }
 private unsafe int DecryptMessageHelper(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
 {
     int num = -2146893055;
     bool success = false;
     uint qualityOfProtection = 0;
     RuntimeHelpers.PrepareConstrainedRegions();
     try
     {
         context.DangerousAddRef(ref success);
     }
     catch (Exception exception)
     {
         if (success)
         {
             context.DangerousRelease();
             success = false;
         }
         if (!(exception is ObjectDisposedException))
         {
             throw;
         }
     }
     finally
     {
         if (success)
         {
             num = UnsafeNclNativeMethods.NativeNTSSPI.DecryptMessage(ref context._handle, inputOutput, sequenceNumber, &qualityOfProtection);
             context.DangerousRelease();
         }
     }
     if ((num == 0) && (qualityOfProtection == 0x80000001))
     {
         throw new InvalidOperationException(SR.GetString("net_auth_message_not_encrypted"));
     }
     return num;
 }
        private static unsafe int EncryptDecryptHelper(OP op, SSPIInterface SecModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber)
        {
            SecurityBufferDescriptor inputOutput = new SecurityBufferDescriptor(input.Length);

            SecurityBufferStruct[] structArray = new SecurityBufferStruct[input.Length];
            fixed(SecurityBufferStruct *structRef = structArray)
            {
                int num6;

                inputOutput.UnmanagedPointer = (void *)structRef;
                GCHandle[] handleArray = new GCHandle[input.Length];
                byte[][]   bufferArray = new byte[input.Length][];
                try
                {
                    int num2;
                    for (int i = 0; i < input.Length; i++)
                    {
                        SecurityBuffer buffer = input[i];
                        structArray[i].count = buffer.size;
                        structArray[i].type  = buffer.type;
                        if ((buffer.token == null) || (buffer.token.Length == 0))
                        {
                            structArray[i].token = IntPtr.Zero;
                        }
                        else
                        {
                            handleArray[i]       = GCHandle.Alloc(buffer.token, GCHandleType.Pinned);
                            structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer.token, buffer.offset);
                            bufferArray[i]       = buffer.token;
                        }
                    }
                    switch (op)
                    {
                    case OP.Encrypt:
                        num2 = SecModule.EncryptMessage(context, inputOutput, sequenceNumber);
                        break;

                    case OP.Decrypt:
                        num2 = SecModule.DecryptMessage(context, inputOutput, sequenceNumber);
                        break;

                    case OP.MakeSignature:
                        num2 = SecModule.MakeSignature(context, inputOutput, sequenceNumber);
                        break;

                    case OP.VerifySignature:
                        num2 = SecModule.VerifySignature(context, inputOutput, sequenceNumber);
                        break;

                    default:
                        throw ExceptionHelper.MethodNotImplementedException;
                    }
                    for (int j = 0; j < input.Length; j++)
                    {
                        SecurityBuffer buffer2 = input[j];
                        buffer2.size = structArray[j].count;
                        buffer2.type = structArray[j].type;
                        if (buffer2.size == 0)
                        {
                            buffer2.offset = 0;
                            buffer2.token  = null;
                        }
                        else
                        {
                            int index = 0;
                            while (index < input.Length)
                            {
                                if (bufferArray[index] != null)
                                {
                                    byte *numPtr = (byte *)Marshal.UnsafeAddrOfPinnedArrayElement(bufferArray[index], 0);
                                    if ((((void *)structArray[j].token) >= numPtr) && ((((void *)structArray[j].token) + buffer2.size) <= (numPtr + bufferArray[index].Length)))
                                    {
                                        buffer2.offset = (int)((long)((((void *)structArray[j].token) - numPtr) / 1));
                                        buffer2.token  = bufferArray[index];
                                        break;
                                    }
                                }
                                index++;
                            }
                            if (index >= input.Length)
                            {
                                buffer2.size   = 0;
                                buffer2.offset = 0;
                                buffer2.token  = null;
                            }
                        }
                    }
                    if ((num2 != 0) && Logging.On)
                    {
                        if (num2 == 0x90321)
                        {
                            Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_returned_something", new object[] { op, "SEC_I_RENEGOTIATE" }));
                        }
                        else
                        {
                            Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_failed_with_error", new object[] { op, string.Format(CultureInfo.CurrentCulture, "0X{0:X}", new object[] { num2 }) }));
                        }
                    }
                    num6 = num2;
                }
                finally
                {
                    for (int k = 0; k < handleArray.Length; k++)
                    {
                        if (handleArray[k].IsAllocated)
                        {
                            handleArray[k].Free();
                        }
                    }
                }
                return(num6);
            }
        }
示例#13
0
 public int VerifySignature(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
 {
     throw ExceptionHelper.MethodNotSupportedException;
 }
        internal static unsafe int InitializeSecurityContext(SecurDll dll, ref SafeFreeCredentials inCredentials, ref SafeDeleteContext refContext, string targetName, ContextFlags inFlags, Endianness endianness, SecurityBuffer inSecBuffer, SecurityBuffer[] inSecBuffers, SecurityBuffer outSecBuffer, ref ContextFlags outFlags)
        {
            if (inCredentials == null)
            {
                throw new ArgumentNullException("inCredentials");
            }
            SecurityBufferDescriptor inputBuffer = null;

            if (inSecBuffer != null)
            {
                inputBuffer = new SecurityBufferDescriptor(1);
            }
            else if (inSecBuffers != null)
            {
                inputBuffer = new SecurityBufferDescriptor(inSecBuffers.Length);
            }
            SecurityBufferDescriptor outputBuffer = new SecurityBufferDescriptor(1);
            bool       flag   = (inFlags & ContextFlags.AllocateMemory) != ContextFlags.Zero;
            int        num    = -1;
            SSPIHandle handle = new SSPIHandle();

            if (refContext != null)
            {
                handle = refContext._handle;
            }
            GCHandle[]            handleArray    = null;
            GCHandle              handle2        = new GCHandle();
            SafeFreeContextBuffer handleTemplate = null;

            try
            {
                handle2 = GCHandle.Alloc(outSecBuffer.token, GCHandleType.Pinned);
                SecurityBufferStruct[] structArray = new SecurityBufferStruct[(inputBuffer == null) ? 1 : inputBuffer.Count];
                try
                {
                    SecurityBufferStruct[] structArray3;
                    if (((structArray3 = structArray) == null) || (structArray3.Length == 0))
                    {
                        ptrRef = null;
                        goto Label_00A6;
                    }
                    fixed(IntPtr *ptrRef = structArray3)
                    {
Label_00A6:
                        if (inputBuffer != null)
                        {
                            inputBuffer.UnmanagedPointer = (void *)ptrRef;
                            handleArray = new GCHandle[inputBuffer.Count];
                            for (int i = 0; i < inputBuffer.Count; i++)
                            {
                                SecurityBuffer buffer2 = (inSecBuffer != null) ? inSecBuffer : inSecBuffers[i];
                                if (buffer2 != null)
                                {
                                    structArray[i].count = buffer2.size;
                                    structArray[i].type  = buffer2.type;
                                    if (buffer2.unmanagedToken != null)
                                    {
                                        structArray[i].token = buffer2.unmanagedToken.DangerousGetHandle();
                                    }
                                    else if ((buffer2.token == null) || (buffer2.token.Length == 0))
                                    {
                                        structArray[i].token = IntPtr.Zero;
                                    }
                                    else
                                    {
                                        handleArray[i]       = GCHandle.Alloc(buffer2.token, GCHandleType.Pinned);
                                        structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer2.token, buffer2.offset);
                                    }
                                }
                            }
                        }
                        SecurityBufferStruct[] structArray2 = new SecurityBufferStruct[1];
                        try
                        {
                            SecurityBufferStruct[] structArray4;
                            if (((structArray4 = structArray2) == null) || (structArray4.Length == 0))
                            {
                                ptrRef2 = null;
                                goto Label_01CC;
                            }
                            fixed(IntPtr *ptrRef2 = structArray4)
                            {
                                ref byte pinned numRef;
                                ref byte pinned numRef2;

Label_01CC:
                                outputBuffer.UnmanagedPointer = (void *)ptrRef2;
                                structArray2[0].count         = outSecBuffer.size;
                                structArray2[0].type          = outSecBuffer.type;
                                if ((outSecBuffer.token == null) || (outSecBuffer.token.Length == 0))
                                {
                                    structArray2[0].token = IntPtr.Zero;
                                }
                                else
                                {
                                    structArray2[0].token = Marshal.UnsafeAddrOfPinnedArrayElement(outSecBuffer.token, outSecBuffer.offset);
                                }
                                if (flag)
                                {
                                    handleTemplate = SafeFreeContextBuffer.CreateEmptyHandle(dll);
                                }
                                switch (dll)
                                {
                                case SecurDll.SECURITY:
                                    if ((refContext == null) || refContext.IsInvalid)
                                    {
                                        refContext = new SafeDeleteContext_SECURITY();
                                    }
                                    if ((targetName == null) || (targetName.Length == 0))
                                    {
                                        targetName = " ";
                                    }
                                    fixed(char *str = ((char *)targetName))
                                    {
                                        char *chPtr = str;

                                        num = MustRunInitializeSecurityContext_SECURITY(ref inCredentials, handle.IsZero ? null : ((void *)&handle), (targetName == " ") ? null : ((byte *)chPtr), inFlags, endianness, inputBuffer, refContext, outputBuffer, ref outFlags, handleTemplate);
                                        goto Label_044B;
                                    }
                                    break;

                                case SecurDll.SECUR32:
                                    break;

                                case SecurDll.SCHANNEL:
                                    goto Label_0381;

                                default:
                                    goto Label_0423;
                                }
                                if ((refContext == null) || refContext.IsInvalid)
                                {
                                    refContext = new SafeDeleteContext_SECUR32();
                                }
                                byte[] dummyBytes = SafeDeleteContext.dummyBytes;
                                if ((targetName != null) && (targetName.Length != 0))
                                {
                                    dummyBytes = new byte[targetName.Length + 2];
                                    Encoding.Default.GetBytes(targetName, 0, targetName.Length, dummyBytes, 0);
                                }
                                try
                                {
                                    byte[] buffer5;
                                    if (((buffer5 = dummyBytes) == null) || (buffer5.Length == 0))
                                    {
                                        numRef = null;
                                    }
                                    else
                                    {
                                        numRef = buffer5;
                                    }
                                    num = MustRunInitializeSecurityContext_SECUR32(ref inCredentials, handle.IsZero ? null : ((void *)&handle), (dummyBytes == SafeDeleteContext.dummyBytes) ? null : numRef, inFlags, endianness, inputBuffer, refContext, outputBuffer, ref outFlags, handleTemplate);
                                    goto Label_044B;
                                }
                                finally
                                {
                                    numRef = null;
                                }
Label_0381:
                                if ((refContext == null) || refContext.IsInvalid)
                                {
                                    refContext = new SafeDeleteContext_SCHANNEL();
                                }
                                byte[] bytes = SafeDeleteContext.dummyBytes;
                                if ((targetName != null) && (targetName.Length != 0))
                                {
                                    bytes = new byte[targetName.Length + 2];
                                    Encoding.Default.GetBytes(targetName, 0, targetName.Length, bytes, 0);
                                }
                                try
                                {
                                    byte[] buffer6;
                                    if (((buffer6 = bytes) == null) || (buffer6.Length == 0))
                                    {
                                        numRef2 = null;
                                    }
                                    else
                                    {
                                        numRef2 = buffer6;
                                    }
                                    num = MustRunInitializeSecurityContext_SCHANNEL(ref inCredentials, handle.IsZero ? null : ((void *)&handle), (bytes == SafeDeleteContext.dummyBytes) ? null : numRef2, inFlags, endianness, inputBuffer, refContext, outputBuffer, ref outFlags, handleTemplate);
                                    goto Label_044B;
                                }
                                finally
                                {
                                    numRef2 = null;
                                }
                                Label_0423 :;
                                throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "SecurDll" }), "Dll");
Label_044B:
                                outSecBuffer.size = structArray2[0].count;
                                outSecBuffer.type = structArray2[0].type;
                                if (outSecBuffer.size > 0)
                                {
                                    outSecBuffer.token = new byte[outSecBuffer.size];
                                    Marshal.Copy(structArray2[0].token, outSecBuffer.token, 0, outSecBuffer.size);
                                    return(num);
                                }
                                outSecBuffer.token = null;
                                return(num);
                            }
                        }
                        finally
                        {
                            ptrRef2 = null;
                        }
                        return(num);
                    }
                }
        internal static unsafe int CompleteAuthToken(SecurDll dll, ref SafeDeleteContext refContext, SecurityBuffer[] inSecBuffers)
        {
            SecurityBufferStruct[]   structArray2;
            SecurityBufferDescriptor inputBuffers = new SecurityBufferDescriptor(inSecBuffers.Length);
            int num = -2146893055;

            GCHandle[]             handleArray = null;
            SecurityBufferStruct[] structArray = new SecurityBufferStruct[inputBuffers.Count];
            if (((structArray2 = structArray) != null) && (structArray2.Length != 0))
            {
                goto Label_002F;
            }

            fixed(IntPtr *ptrRef = null)
            {
                goto Label_0039;
Label_002F:
                ptrRef = structArray2;
Label_0039:
                inputBuffers.UnmanagedPointer = (void *)ptrRef;
                handleArray = new GCHandle[inputBuffers.Count];
                for (int i = 0; i < inputBuffers.Count; i++)
                {
                    SecurityBuffer buffer = inSecBuffers[i];
                    if (buffer != null)
                    {
                        structArray[i].count = buffer.size;
                        structArray[i].type  = buffer.type;
                        if (buffer.unmanagedToken != null)
                        {
                            structArray[i].token = buffer.unmanagedToken.DangerousGetHandle();
                        }
                        else if ((buffer.token == null) || (buffer.token.Length == 0))
                        {
                            structArray[i].token = IntPtr.Zero;
                        }
                        else
                        {
                            handleArray[i]       = GCHandle.Alloc(buffer.token, GCHandleType.Pinned);
                            structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer.token, buffer.offset);
                        }
                    }
                }
                SSPIHandle handle = new SSPIHandle();

                if (refContext != null)
                {
                    handle = refContext._handle;
                }
                try
                {
                    if (dll == SecurDll.SECURITY)
                    {
                        if ((refContext == null) || refContext.IsInvalid)
                        {
                            refContext = new SafeDeleteContext_SECURITY();
                        }
                        bool success = false;
                        RuntimeHelpers.PrepareConstrainedRegions();
                        try
                        {
                            try
                            {
                                refContext.DangerousAddRef(ref success);
                            }
                            catch (Exception exception)
                            {
                                if (success)
                                {
                                    refContext.DangerousRelease();
                                    success = false;
                                }
                                if (!(exception is ObjectDisposedException))
                                {
                                    throw;
                                }
                            }
                            goto Label_0201;
                        }
                        finally
                        {
                            if (success)
                            {
                                num = UnsafeNclNativeMethods.SafeNetHandles_SECURITY.CompleteAuthToken(handle.IsZero ? null : ((void *)&handle), inputBuffers);
                                refContext.DangerousRelease();
                            }
                        }
                    }
                    throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "SecurDll" }), "Dll");
                }
                finally
                {
                    if (handleArray != null)
                    {
                        for (int j = 0; j < handleArray.Length; j++)
                        {
                            if (handleArray[j].IsAllocated)
                            {
                                handleArray[j].Free();
                            }
                        }
                    }
                }
            }

            Label_0201 :;
            return(num);
        }
        internal static unsafe int AcceptSecurityContext(SecurDll dll, ref SafeFreeCredentials inCredentials, ref SafeDeleteContext refContext, ContextFlags inFlags, Endianness endianness, SecurityBuffer inSecBuffer, SecurityBuffer[] inSecBuffers, SecurityBuffer outSecBuffer, ref ContextFlags outFlags)
        {
            if (inCredentials == null)
            {
                throw new ArgumentNullException("inCredentials");
            }
            SecurityBufferDescriptor inputBuffer = null;

            if (inSecBuffer != null)
            {
                inputBuffer = new SecurityBufferDescriptor(1);
            }
            else if (inSecBuffers != null)
            {
                inputBuffer = new SecurityBufferDescriptor(inSecBuffers.Length);
            }
            SecurityBufferDescriptor outputBuffer = new SecurityBufferDescriptor(1);
            bool       flag   = (inFlags & ContextFlags.AllocateMemory) != ContextFlags.Zero;
            int        num    = -1;
            SSPIHandle handle = new SSPIHandle();

            if (refContext != null)
            {
                handle = refContext._handle;
            }
            GCHandle[]            handleArray    = null;
            GCHandle              handle2        = new GCHandle();
            SafeFreeContextBuffer handleTemplate = null;

            try
            {
                handle2 = GCHandle.Alloc(outSecBuffer.token, GCHandleType.Pinned);
                SecurityBufferStruct[] structArray = new SecurityBufferStruct[(inputBuffer == null) ? 1 : inputBuffer.Count];
                try
                {
                    SecurityBufferStruct[] structArray3;
                    if (((structArray3 = structArray) == null) || (structArray3.Length == 0))
                    {
                        ptrRef = null;
                        goto Label_00A5;
                    }
                    fixed(IntPtr *ptrRef = structArray3)
                    {
Label_00A5:
                        if (inputBuffer != null)
                        {
                            inputBuffer.UnmanagedPointer = (void *)ptrRef;
                            handleArray = new GCHandle[inputBuffer.Count];
                            for (int i = 0; i < inputBuffer.Count; i++)
                            {
                                SecurityBuffer buffer2 = (inSecBuffer != null) ? inSecBuffer : inSecBuffers[i];
                                if (buffer2 != null)
                                {
                                    structArray[i].count = buffer2.size;
                                    structArray[i].type  = buffer2.type;
                                    if (buffer2.unmanagedToken != null)
                                    {
                                        structArray[i].token = buffer2.unmanagedToken.DangerousGetHandle();
                                    }
                                    else if ((buffer2.token == null) || (buffer2.token.Length == 0))
                                    {
                                        structArray[i].token = IntPtr.Zero;
                                    }
                                    else
                                    {
                                        handleArray[i]       = GCHandle.Alloc(buffer2.token, GCHandleType.Pinned);
                                        structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer2.token, buffer2.offset);
                                    }
                                }
                            }
                        }
                        SecurityBufferStruct[] structArray2 = new SecurityBufferStruct[1];
                        try
                        {
                            SecurityBufferStruct[] structArray4;
                            if (((structArray4 = structArray2) == null) || (structArray4.Length == 0))
                            {
                                ptrRef2 = null;
                                goto Label_01CB;
                            }
                            fixed(IntPtr *ptrRef2 = structArray4)
                            {
Label_01CB:
                                outputBuffer.UnmanagedPointer = (void *)ptrRef2;
                                structArray2[0].count         = outSecBuffer.size;
                                structArray2[0].type          = outSecBuffer.type;
                                if ((outSecBuffer.token == null) || (outSecBuffer.token.Length == 0))
                                {
                                    structArray2[0].token = IntPtr.Zero;
                                }
                                else
                                {
                                    structArray2[0].token = Marshal.UnsafeAddrOfPinnedArrayElement(outSecBuffer.token, outSecBuffer.offset);
                                }
                                if (flag)
                                {
                                    handleTemplate = SafeFreeContextBuffer.CreateEmptyHandle(dll);
                                }
                                switch (dll)
                                {
                                case SecurDll.SECURITY:
                                    if ((refContext == null) || refContext.IsInvalid)
                                    {
                                        refContext = new SafeDeleteContext_SECURITY();
                                    }
                                    num = MustRunAcceptSecurityContext_SECURITY(ref inCredentials, handle.IsZero ? null : ((void *)&handle), inputBuffer, inFlags, endianness, refContext, outputBuffer, ref outFlags, handleTemplate);
                                    break;

                                case SecurDll.SECUR32:
                                    if ((refContext == null) || refContext.IsInvalid)
                                    {
                                        refContext = new SafeDeleteContext_SECUR32();
                                    }
                                    num = MustRunAcceptSecurityContext_SECUR32(ref inCredentials, handle.IsZero ? null : ((void *)&handle), inputBuffer, inFlags, endianness, refContext, outputBuffer, ref outFlags, handleTemplate);
                                    break;

                                case SecurDll.SCHANNEL:
                                    if ((refContext == null) || refContext.IsInvalid)
                                    {
                                        refContext = new SafeDeleteContext_SCHANNEL();
                                    }
                                    num = MustRunAcceptSecurityContext_SCHANNEL(ref inCredentials, handle.IsZero ? null : ((void *)&handle), inputBuffer, inFlags, endianness, refContext, outputBuffer, ref outFlags, handleTemplate);
                                    break;

                                default:
                                    throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "SecurDll" }), "Dll");
                                }
                                outSecBuffer.size = structArray2[0].count;
                                outSecBuffer.type = structArray2[0].type;
                                if (outSecBuffer.size > 0)
                                {
                                    outSecBuffer.token = new byte[outSecBuffer.size];
                                    Marshal.Copy(structArray2[0].token, outSecBuffer.token, 0, outSecBuffer.size);
                                    return(num);
                                }
                                outSecBuffer.token = null;
                                return(num);
                            }
                        }
                        finally
                        {
                            ptrRef2 = null;
                        }
                        return(num);
                    }
                }
                finally
                {
                    ptrRef = null;
                }
            }
            finally
            {
                if (handleArray != null)
                {
                    for (int j = 0; j < handleArray.Length; j++)
                    {
                        if (handleArray[j].IsAllocated)
                        {
                            handleArray[j].Free();
                        }
                    }
                }
                if (handle2.IsAllocated)
                {
                    handle2.Free();
                }
                if (handleTemplate != null)
                {
                    handleTemplate.Close();
                }
            }
            return(num);
        }
示例#17
0
        public int EncryptMessage(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
        {
            int status = (int)SecurityStatus.InvalidHandle;
            bool b = false;

            RuntimeHelpers.PrepareConstrainedRegions();
            try {
                context.DangerousAddRef(ref b);
            }
            catch(Exception e) {
                if (b)
                {
                    context.DangerousRelease();
                    b = false;
                }
                if (!(e is ObjectDisposedException))
                    throw;
            }
            finally {

                if (b)
                {
                    status = UnsafeNclNativeMethods.NativeNTSSPI.EncryptMessage(ref context._handle, 0, inputOutput, sequenceNumber);
                    context.DangerousRelease();
                }
            }
            return status;
        }
示例#18
0
        public unsafe int DecryptMessage(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber) {
            int status = (int)SecurityStatus.InvalidHandle;
            bool b = false;
            uint qop = 0;

            RuntimeHelpers.PrepareConstrainedRegions();
            try {
                context.DangerousAddRef(ref b);
            }
            catch(Exception e) {
                if (b)
                {
                    context.DangerousRelease();
                    b = false;
                }
                if (!(e is ObjectDisposedException))
                    throw;
            }
            finally {

                if (b)
                {
                    status = UnsafeNclNativeMethods.NativeNTSSPI.DecryptMessage(ref context._handle, inputOutput, sequenceNumber, &qop);
                    context.DangerousRelease();
                }
            }

            const uint SECQOP_WRAP_NO_ENCRYPT = 0x80000001;
            if (status == 0 && qop == SECQOP_WRAP_NO_ENCRYPT)
            {
                GlobalLog.Assert("NativeNTSSPI.DecryptMessage", "Expected qop = 0, returned value = " + qop.ToString("x", CultureInfo.InvariantCulture));
                throw new InvalidOperationException(SR.GetString(SR.net_auth_message_not_encrypted));
            }


            return status;
        }
示例#19
0
 public int VerifySignature(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber) {
     throw ExceptionHelper.MethodNotSupportedException;
 }
        internal static unsafe int InitializeSecurityContext(SecurDll dll, ref SafeFreeCredentials inCredentials, ref SafeDeleteContext refContext, string targetName, ContextFlags inFlags, Endianness endianness, SecurityBuffer inSecBuffer, SecurityBuffer[] inSecBuffers, SecurityBuffer outSecBuffer, ref ContextFlags outFlags)
        {
            if (inCredentials == null)
            {
                throw new ArgumentNullException("inCredentials");
            }
            SecurityBufferDescriptor inputBuffer = null;
            if (inSecBuffer != null)
            {
                inputBuffer = new SecurityBufferDescriptor(1);
            }
            else if (inSecBuffers != null)
            {
                inputBuffer = new SecurityBufferDescriptor(inSecBuffers.Length);
            }
            SecurityBufferDescriptor outputBuffer = new SecurityBufferDescriptor(1);
            bool flag = (inFlags & ContextFlags.AllocateMemory) != ContextFlags.Zero;
            int num = -1;
            SSPIHandle handle = new SSPIHandle();
            if (refContext != null)
            {
                handle = refContext._handle;
            }
            GCHandle[] handleArray = null;
            GCHandle handle2 = new GCHandle();
            SafeFreeContextBuffer handleTemplate = null;
            try
            {
                handle2 = GCHandle.Alloc(outSecBuffer.token, GCHandleType.Pinned);
                SecurityBufferStruct[] structArray = new SecurityBufferStruct[(inputBuffer == null) ? 1 : inputBuffer.Count];
                try
                {
                    SecurityBufferStruct[] structArray3;
                    if (((structArray3 = structArray) == null) || (structArray3.Length == 0))
                    {
                        ptrRef = null;
                        goto Label_00A6;
                    }
                    fixed (IntPtr* ptrRef = structArray3)
                    {
                    Label_00A6:
                        if (inputBuffer != null)
                        {
                            inputBuffer.UnmanagedPointer = (void*) ptrRef;
                            handleArray = new GCHandle[inputBuffer.Count];
                            for (int i = 0; i < inputBuffer.Count; i++)
                            {
                                SecurityBuffer buffer2 = (inSecBuffer != null) ? inSecBuffer : inSecBuffers[i];
                                if (buffer2 != null)
                                {
                                    structArray[i].count = buffer2.size;
                                    structArray[i].type = buffer2.type;
                                    if (buffer2.unmanagedToken != null)
                                    {
                                        structArray[i].token = buffer2.unmanagedToken.DangerousGetHandle();
                                    }
                                    else if ((buffer2.token == null) || (buffer2.token.Length == 0))
                                    {
                                        structArray[i].token = IntPtr.Zero;
                                    }
                                    else
                                    {
                                        handleArray[i] = GCHandle.Alloc(buffer2.token, GCHandleType.Pinned);
                                        structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer2.token, buffer2.offset);
                                    }
                                }
                            }
                        }
                        SecurityBufferStruct[] structArray2 = new SecurityBufferStruct[1];
                        try
                        {
                            SecurityBufferStruct[] structArray4;
                            if (((structArray4 = structArray2) == null) || (structArray4.Length == 0))
                            {
                                ptrRef2 = null;
                                goto Label_01CC;
                            }
                            fixed (IntPtr* ptrRef2 = structArray4)
                            {
                                ref byte pinned numRef;
                                ref byte pinned numRef2;
                            Label_01CC:
                                outputBuffer.UnmanagedPointer = (void*) ptrRef2;
                                structArray2[0].count = outSecBuffer.size;
                                structArray2[0].type = outSecBuffer.type;
                                if ((outSecBuffer.token == null) || (outSecBuffer.token.Length == 0))
                                {
                                    structArray2[0].token = IntPtr.Zero;
                                }
                                else
                                {
                                    structArray2[0].token = Marshal.UnsafeAddrOfPinnedArrayElement(outSecBuffer.token, outSecBuffer.offset);
                                }
                                if (flag)
                                {
                                    handleTemplate = SafeFreeContextBuffer.CreateEmptyHandle(dll);
                                }
                                switch (dll)
                                {
                                    case SecurDll.SECURITY:
                                        if ((refContext == null) || refContext.IsInvalid)
                                        {
                                            refContext = new SafeDeleteContext_SECURITY();
                                        }
                                        if ((targetName == null) || (targetName.Length == 0))
                                        {
                                            targetName = " ";
                                        }
                                        fixed (char* str = ((char*) targetName))
                                        {
                                            char* chPtr = str;
                                            num = MustRunInitializeSecurityContext_SECURITY(ref inCredentials, handle.IsZero ? null : ((void*) &handle), (targetName == " ") ? null : ((byte*) chPtr), inFlags, endianness, inputBuffer, refContext, outputBuffer, ref outFlags, handleTemplate);
                                            goto Label_044B;
                                        }
                                        break;

                                    case SecurDll.SECUR32:
                                        break;

                                    case SecurDll.SCHANNEL:
                                        goto Label_0381;

                                    default:
                                        goto Label_0423;
                                }
                                if ((refContext == null) || refContext.IsInvalid)
                                {
                                    refContext = new SafeDeleteContext_SECUR32();
                                }
                                byte[] dummyBytes = SafeDeleteContext.dummyBytes;
                                if ((targetName != null) && (targetName.Length != 0))
                                {
                                    dummyBytes = new byte[targetName.Length + 2];
                                    Encoding.Default.GetBytes(targetName, 0, targetName.Length, dummyBytes, 0);
                                }
                                try
                                {
                                    byte[] buffer5;
                                    if (((buffer5 = dummyBytes) == null) || (buffer5.Length == 0))
                                    {
                                        numRef = null;
                                    }
                                    else
                                    {
                                        numRef = buffer5;
                                    }
                                    num = MustRunInitializeSecurityContext_SECUR32(ref inCredentials, handle.IsZero ? null : ((void*) &handle), (dummyBytes == SafeDeleteContext.dummyBytes) ? null : numRef, inFlags, endianness, inputBuffer, refContext, outputBuffer, ref outFlags, handleTemplate);
                                    goto Label_044B;
                                }
                                finally
                                {
                                    numRef = null;
                                }
                            Label_0381:
                                if ((refContext == null) || refContext.IsInvalid)
                                {
                                    refContext = new SafeDeleteContext_SCHANNEL();
                                }
                                byte[] bytes = SafeDeleteContext.dummyBytes;
                                if ((targetName != null) && (targetName.Length != 0))
                                {
                                    bytes = new byte[targetName.Length + 2];
                                    Encoding.Default.GetBytes(targetName, 0, targetName.Length, bytes, 0);
                                }
                                try
                                {
                                    byte[] buffer6;
                                    if (((buffer6 = bytes) == null) || (buffer6.Length == 0))
                                    {
                                        numRef2 = null;
                                    }
                                    else
                                    {
                                        numRef2 = buffer6;
                                    }
                                    num = MustRunInitializeSecurityContext_SCHANNEL(ref inCredentials, handle.IsZero ? null : ((void*) &handle), (bytes == SafeDeleteContext.dummyBytes) ? null : numRef2, inFlags, endianness, inputBuffer, refContext, outputBuffer, ref outFlags, handleTemplate);
                                    goto Label_044B;
                                }
                                finally
                                {
                                    numRef2 = null;
                                }
                            Label_0423:;
                                throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "SecurDll" }), "Dll");
                            Label_044B:
                                outSecBuffer.size = structArray2[0].count;
                                outSecBuffer.type = structArray2[0].type;
                                if (outSecBuffer.size > 0)
                                {
                                    outSecBuffer.token = new byte[outSecBuffer.size];
                                    Marshal.Copy(structArray2[0].token, outSecBuffer.token, 0, outSecBuffer.size);
                                    return num;
                                }
                                outSecBuffer.token = null;
                                return num;
                            }
                        }
                        finally
                        {
                            ptrRef2 = null;
                        }
                        return num;
                    }
                }
        private static unsafe int EncryptDecryptHelper(OP op, SSPIInterface SecModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber)
        {
            SecurityBufferDescriptor inputOutput = new SecurityBufferDescriptor(input.Length);
            SecurityBufferStruct[] structArray = new SecurityBufferStruct[input.Length];
            fixed (SecurityBufferStruct* structRef = structArray)
            {
                int num6;
                inputOutput.UnmanagedPointer = (void*) structRef;
                GCHandle[] handleArray = new GCHandle[input.Length];
                byte[][] bufferArray = new byte[input.Length][];
                try
                {
                    int num2;
                    for (int i = 0; i < input.Length; i++)
                    {
                        SecurityBuffer buffer = input[i];
                        structArray[i].count = buffer.size;
                        structArray[i].type = buffer.type;
                        if ((buffer.token == null) || (buffer.token.Length == 0))
                        {
                            structArray[i].token = IntPtr.Zero;
                        }
                        else
                        {
                            handleArray[i] = GCHandle.Alloc(buffer.token, GCHandleType.Pinned);
                            structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer.token, buffer.offset);
                            bufferArray[i] = buffer.token;
                        }
                    }
                    switch (op)
                    {
                        case OP.Encrypt:
                            num2 = SecModule.EncryptMessage(context, inputOutput, sequenceNumber);
                            break;

                        case OP.Decrypt:
                            num2 = SecModule.DecryptMessage(context, inputOutput, sequenceNumber);
                            break;

                        case OP.MakeSignature:
                            num2 = SecModule.MakeSignature(context, inputOutput, sequenceNumber);
                            break;

                        case OP.VerifySignature:
                            num2 = SecModule.VerifySignature(context, inputOutput, sequenceNumber);
                            break;

                        default:
                            throw ExceptionHelper.MethodNotImplementedException;
                    }
                    for (int j = 0; j < input.Length; j++)
                    {
                        SecurityBuffer buffer2 = input[j];
                        buffer2.size = structArray[j].count;
                        buffer2.type = structArray[j].type;
                        if (buffer2.size == 0)
                        {
                            buffer2.offset = 0;
                            buffer2.token = null;
                        }
                        else
                        {
                            int index = 0;
                            while (index < input.Length)
                            {
                                if (bufferArray[index] != null)
                                {
                                    byte* numPtr = (byte*) Marshal.UnsafeAddrOfPinnedArrayElement(bufferArray[index], 0);
                                    if ((((void*) structArray[j].token) >= numPtr) && ((((void*) structArray[j].token) + buffer2.size) <= (numPtr + bufferArray[index].Length)))
                                    {
                                        buffer2.offset = (int) ((long) ((((void*) structArray[j].token) - numPtr) / 1));
                                        buffer2.token = bufferArray[index];
                                        break;
                                    }
                                }
                                index++;
                            }
                            if (index >= input.Length)
                            {
                                buffer2.size = 0;
                                buffer2.offset = 0;
                                buffer2.token = null;
                            }
                        }
                    }
                    if ((num2 != 0) && Logging.On)
                    {
                        if (num2 == 0x90321)
                        {
                            Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_returned_something", new object[] { op, "SEC_I_RENEGOTIATE" }));
                        }
                        else
                        {
                            Logging.PrintError(Logging.Web, SR.GetString("net_log_operation_failed_with_error", new object[] { op, string.Format(CultureInfo.CurrentCulture, "0X{0:X}", new object[] { num2 }) }));
                        }
                    }
                    num6 = num2;
                }
                finally
                {
                    for (int k = 0; k < handleArray.Length; k++)
                    {
                        if (handleArray[k].IsAllocated)
                        {
                            handleArray[k].Free();
                        }
                    }
                }
                return num6;
            }
        }
 private unsafe int VerifySignatureHelper(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber)
 {
     int num = -2146893055;
     bool success = false;
     uint qualityOfProtection = 0;
     RuntimeHelpers.PrepareConstrainedRegions();
     try
     {
         context.DangerousAddRef(ref success);
     }
     catch (Exception exception)
     {
         if (success)
         {
             context.DangerousRelease();
             success = false;
         }
         if (!(exception is ObjectDisposedException))
         {
             throw;
         }
     }
     finally
     {
         if (success)
         {
             num = UnsafeNclNativeMethods.NativeNTSSPI.DecryptMessage(ref context._handle, inputOutput, sequenceNumber, &qualityOfProtection);
             context.DangerousRelease();
         }
     }
     return num;
 }
示例#23
0
        //
        private unsafe static int EncryptDecryptHelper(OP op, SSPIInterface SecModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber)
        {
            SecurityBufferDescriptor sdcInOut = new SecurityBufferDescriptor(input.Length);
            SecurityBufferStruct[] unmanagedBuffer  = new SecurityBufferStruct[input.Length];

            fixed (SecurityBufferStruct* unmanagedBufferPtr = unmanagedBuffer)
            {
                sdcInOut.UnmanagedPointer = unmanagedBufferPtr;
                GCHandle[] pinnedBuffers = new GCHandle[input.Length];
                byte[][] buffers = new byte[input.Length][];
                try
                {
                    for (int i = 0; i < input.Length; i++)
                    {
                        SecurityBuffer iBuffer = input[i];
                        unmanagedBuffer[i].count = iBuffer.size;
                        unmanagedBuffer[i].type  = iBuffer.type;
                        if (iBuffer.token == null || iBuffer.token.Length == 0)
                        {
                            unmanagedBuffer[i].token  = IntPtr.Zero;
                        }
                        else
                        {
                            pinnedBuffers[i] = GCHandle.Alloc(iBuffer.token, GCHandleType.Pinned);
                            unmanagedBuffer[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(iBuffer.token, iBuffer.offset);
                            buffers[i] = iBuffer.token;
                        }
                    }

                    // The result is written in the input Buffer passed as type=BufferType.Data.
                    int errorCode;
                    switch (op)
                    {
                        case OP.Encrypt:
                            errorCode = SecModule.EncryptMessage(context, sdcInOut, sequenceNumber);
                            break;

                        case OP.Decrypt:
                            errorCode = SecModule.DecryptMessage(context, sdcInOut, sequenceNumber);
                            break;

                        case OP.MakeSignature:
                            errorCode = SecModule.MakeSignature(context, sdcInOut, sequenceNumber);
                            break;

                        case OP.VerifySignature:
                            errorCode = SecModule.VerifySignature(context, sdcInOut, sequenceNumber);
                            break;

                        default: throw ExceptionHelper.MethodNotImplementedException;
                    }

                    // Marshalling back returned sizes / data.
                    for (int i = 0; i < input.Length; i++)
                    {
                        SecurityBuffer iBuffer = input[i];
                        iBuffer.size = unmanagedBuffer[i].count;
                        iBuffer.type = unmanagedBuffer[i].type;

                        if (iBuffer.size == 0)
                        {
                            iBuffer.offset = 0;
                            iBuffer.token = null;
                        }
                        else checked
                        {
                            // Find the buffer this is inside of.  Usually they all point inside buffer 0.
                            int j;
                            for (j = 0; j < input.Length; j++)
                            {
                                if (buffers[j] == null)
                                {
                                    continue;
                                }

                                byte* bufferAddress = (byte*) Marshal.UnsafeAddrOfPinnedArrayElement(buffers[j], 0);
                                if ((byte*) unmanagedBuffer[i].token >= bufferAddress &&
                                    (byte*) unmanagedBuffer[i].token + iBuffer.size <= bufferAddress + buffers[j].Length)
                                {
                                    iBuffer.offset = (int) ((byte*) unmanagedBuffer[i].token - bufferAddress);
                                    iBuffer.token = buffers[j];
                                    break;
                                }
                            }

                            if (j >= input.Length)
                            {
                                GlobalLog.Assert("SSPIWrapper::EncryptDecryptHelper", "Output buffer out of range.");
                                iBuffer.size = 0;
                                iBuffer.offset = 0;
                                iBuffer.token = null;
                            }
                        }
                        
                        // Backup validate the new sizes.
                        GlobalLog.Assert(iBuffer.offset >= 0 && iBuffer.offset <= (iBuffer.token == null ? 0 : iBuffer.token.Length), "SSPIWrapper::EncryptDecryptHelper|'offset' out of range.  [{0}]", iBuffer.offset);
                        GlobalLog.Assert(iBuffer.size >= 0 && iBuffer.size <= (iBuffer.token == null ? 0 : iBuffer.token.Length - iBuffer.offset), "SSPIWrapper::EncryptDecryptHelper|'size' out of range.  [{0}]", iBuffer.size);
                    }

                    if (errorCode !=0)
                        if (Logging.On) 
                        {
                            if (errorCode == 0x90321)
                                Logging.PrintError(Logging.Web, SR.GetString(SR.net_log_operation_returned_something, op, "SEC_I_RENEGOTIATE"));
                            else
                                Logging.PrintError(Logging.Web, SR.GetString(SR.net_log_operation_failed_with_error, op, String.Format(CultureInfo.CurrentCulture, "0X{0:X}", errorCode)));
                        }
                    return errorCode;
                }
                finally {
                    for (int i = 0; i < pinnedBuffers.Length; ++i) {
                        if (pinnedBuffers[i].IsAllocated) {
                            pinnedBuffers[i].Free();
                        }
                    }
                }
            }
        }
示例#24
0
        InitializeSecurityContext(SSPIInterface SecModule,
                                  long credential,
                                  long context,
                                  string targetName,
                                  int requirements,
                                  Endianness datarep,
                                  SecurityBufferClass[] inputBuffers,
                                  ref long newContext,
                                  SecurityBufferClass[] outputBuffers,
                                  ref int attributes,
                                  ref long timestamp
                                  )
        {
            GlobalLog.Enter("InitializeSecurityContext#2");
            GlobalLog.Print("SSPIWrapper::InitializeSecurityContext#2()");
            GCHandle[] handleOut = null;
            GCHandle[] handleIn  = null;

            if (outputBuffers != null)
            {
                handleOut = PinBuffers(outputBuffers);
            }

            int errorCode = 0;

            SecurityBufferDescriptor outSecurityBufferDescriptor = new SecurityBufferDescriptor(outputBuffers);

            if (inputBuffers == null)
            {
                GlobalLog.Print("SSPIWrapper::InitializeSecurityContext#2(): inputBuffers == null");
                errorCode = SecModule.InitializeSecurityContext(
                    ref credential,
                    IntPtr.Zero,
                    targetName,
                    requirements,
                    0,
                    (int)datarep,
                    IntPtr.Zero,
                    0,
                    ref newContext,
                    ref outSecurityBufferDescriptor,
                    ref attributes,
                    ref timestamp
                    );
            }
            else
            {
                handleIn = PinBuffers(inputBuffers);

                SecurityBufferDescriptor inSecurityBufferDescriptor = new SecurityBufferDescriptor(inputBuffers);

                errorCode = SecModule.InitializeSecurityContext(
                    ref credential,
                    ref context,
                    targetName,
                    requirements,
                    0,
                    (int)datarep,
                    ref inSecurityBufferDescriptor,
                    0,
                    ref newContext,
                    ref outSecurityBufferDescriptor,
                    ref attributes,
                    ref timestamp
                    );

                inSecurityBufferDescriptor.FreeAllBuffers(0);
            }

            if ((errorCode == 0) || (errorCode == (int)SecurityStatus.ContinueNeeded))
            {
                SecurityBufferClass[] result = outSecurityBufferDescriptor.marshall();

                for (int k = 0; k < outputBuffers.Length; k++)
                {
                    outputBuffers[k] = result[k];
                }
            }
            outSecurityBufferDescriptor.FreeAllBuffers(requirements);
            if (handleOut != null)
            {
                FreeGCHandles(handleOut);
            }
            if (handleIn != null)
            {
                FreeGCHandles(handleIn);
            }
            GlobalLog.Leave("InitializeSecurityContext#2");
            return(errorCode);
        }
示例#25
0
        private static int AcceptSecurityContext(
            SSPIInterface SecModule,
            long credential,
            long context,
            int requirements,
            Endianness datarep,
            SecurityBufferClass[] inputBuffers,
            ref long newContext,
            SecurityBufferClass[] outputBuffers,
            out int attributes,
            out long timestamp
            )
        {
            GlobalLog.Enter("AcceptSecurityContext#2");

            GCHandle[] handleIn  = null;
            GCHandle[] handleOut = null;

            if (inputBuffers != null)
            {
                handleIn = PinBuffers(inputBuffers);
            }
            if (outputBuffers != null)
            {
                handleOut = PinBuffers(outputBuffers);
            }

            int errorCode = 0;

            SecurityBufferDescriptor outSecurityBufferDescriptor = new SecurityBufferDescriptor(outputBuffers);

            if (inputBuffers == null)
            {
                errorCode =
                    SecModule.AcceptSecurityContext(
                        ref credential,
                        0,
                        0,
                        requirements,
                        (int)datarep,
                        ref newContext,
                        ref outSecurityBufferDescriptor,
                        out attributes,
                        out timestamp);
            }
            else
            {
                SecurityBufferDescriptor inSecurityBufferDescriptor = new SecurityBufferDescriptor(inputBuffers);

                errorCode = SecModule.AcceptSecurityContext(
                    ref credential,
                    ref context,
                    ref inSecurityBufferDescriptor,
                    requirements,
                    (int)datarep,
                    ref newContext,
                    ref outSecurityBufferDescriptor,
                    out attributes,
                    out timestamp);
            }

            SecurityBufferClass[] result = outSecurityBufferDescriptor.marshall();

            outSecurityBufferDescriptor.FreeAllBuffers(requirements);
            FreeGCHandles(handleIn);
            FreeGCHandles(handleOut);
            GlobalLog.Leave("AcceptSecurityContext#2");
            return(errorCode);
        }
        //
        private unsafe static int EncryptDecryptHelper(OP op, SSPIInterface SecModule, SafeDeleteContext context, SecurityBuffer[] input, uint sequenceNumber)
        {
            SecurityBufferDescriptor sdcInOut = new SecurityBufferDescriptor(input.Length);

            SecurityBufferStruct[] unmanagedBuffer = new SecurityBufferStruct[input.Length];

            fixed(SecurityBufferStruct *unmanagedBufferPtr = unmanagedBuffer)
            {
                sdcInOut.UnmanagedPointer = unmanagedBufferPtr;
                GCHandle[] pinnedBuffers = new GCHandle[input.Length];
                byte[][]   buffers       = new byte[input.Length][];
                try
                {
                    for (int i = 0; i < input.Length; i++)
                    {
                        SecurityBuffer iBuffer = input[i];
                        unmanagedBuffer[i].count = iBuffer.size;
                        unmanagedBuffer[i].type  = iBuffer.type;
                        if (iBuffer.token == null || iBuffer.token.Length == 0)
                        {
                            unmanagedBuffer[i].token = IntPtr.Zero;
                        }
                        else
                        {
                            pinnedBuffers[i]         = GCHandle.Alloc(iBuffer.token, GCHandleType.Pinned);
                            unmanagedBuffer[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(iBuffer.token, iBuffer.offset);
                            buffers[i] = iBuffer.token;
                        }
                    }

                    // The result is written in the input Buffer passed as type=BufferType.Data.
                    int errorCode;
                    switch (op)
                    {
                    case OP.Encrypt:
                        errorCode = SecModule.EncryptMessage(context, sdcInOut, sequenceNumber);
                        break;

                    case OP.Decrypt:
                        errorCode = SecModule.DecryptMessage(context, sdcInOut, sequenceNumber);
                        break;

                    case OP.MakeSignature:
                        errorCode = SecModule.MakeSignature(context, sdcInOut, sequenceNumber);
                        break;

                    case OP.VerifySignature:
                        errorCode = SecModule.VerifySignature(context, sdcInOut, sequenceNumber);
                        break;

                    default: throw ExceptionHelper.MethodNotImplementedException;
                    }

                    // Marshalling back returned sizes / data.
                    for (int i = 0; i < input.Length; i++)
                    {
                        SecurityBuffer iBuffer = input[i];
                        iBuffer.size = unmanagedBuffer[i].count;
                        iBuffer.type = unmanagedBuffer[i].type;

                        if (iBuffer.size == 0)
                        {
                            iBuffer.offset = 0;
                            iBuffer.token  = null;
                        }
                        else
                        {
                            checked
                            {
                                // Find the buffer this is inside of.  Usually they all point inside buffer 0.
                                int j;
                                for (j = 0; j < input.Length; j++)
                                {
                                    if (buffers[j] == null)
                                    {
                                        continue;
                                    }

                                    byte *bufferAddress = (byte *)Marshal.UnsafeAddrOfPinnedArrayElement(buffers[j], 0);
                                    if ((byte *)unmanagedBuffer[i].token >= bufferAddress &&
                                        (byte *)unmanagedBuffer[i].token + iBuffer.size <= bufferAddress + buffers[j].Length)
                                    {
                                        iBuffer.offset = (int)((byte *)unmanagedBuffer[i].token - bufferAddress);
                                        iBuffer.token  = buffers[j];
                                        break;
                                    }
                                }

                                if (j >= input.Length)
                                {
                                    GlobalLog.Assert("SSPIWrapper::EncryptDecryptHelper", "Output buffer out of range.");
                                    iBuffer.size   = 0;
                                    iBuffer.offset = 0;
                                    iBuffer.token  = null;
                                }
                            }
                        }

                        // Backup validate the new sizes.
                        GlobalLog.Assert(iBuffer.offset >= 0 && iBuffer.offset <= (iBuffer.token == null ? 0 : iBuffer.token.Length), "SSPIWrapper::EncryptDecryptHelper|'offset' out of range.  [{0}]", iBuffer.offset);
                        GlobalLog.Assert(iBuffer.size >= 0 && iBuffer.size <= (iBuffer.token == null ? 0 : iBuffer.token.Length - iBuffer.offset), "SSPIWrapper::EncryptDecryptHelper|'size' out of range.  [{0}]", iBuffer.size);
                    }

                    if (errorCode != 0)
                    {
                        if (Logging.On)
                        {
                            if (errorCode == 0x90321)
                            {
                                Logging.PrintError(Logging.Web, SR.GetString(SR.net_log_operation_returned_something, op, "SEC_I_RENEGOTIATE"));
                            }
                            else
                            {
                                Logging.PrintError(Logging.Web, SR.GetString(SR.net_log_operation_failed_with_error, op, String.Format(CultureInfo.CurrentCulture, "0X{0:X}", errorCode)));
                            }
                        }
                    }
                    return(errorCode);
                }
                finally {
                    for (int i = 0; i < pinnedBuffers.Length; ++i)
                    {
                        if (pinnedBuffers[i].IsAllocated)
                        {
                            pinnedBuffers[i].Free();
                        }
                    }
                }
            }
        }
        //
        // After PINvoke call the method will fix the handleTemplate.handle with the returned value.
        // The caller is responsible for creating a correct SafeFreeContextBuffer_XXX flavour or null can be passed if no handle is returned.
        //
        // Since it has a CER, this method can't have any references to imports from DLLs that may not exist on the system.
        //
        private static unsafe int MustRunAcceptSecurityContext_SECURITY(
                                                  ref SafeFreeCredentials     inCredentials,
                                                  void*            inContextPtr,
                                                  SecurityBufferDescriptor inputBuffer,
                                                  ContextFlags     inFlags,
                                                  Endianness       endianness,
                                                  SafeDeleteContext outContext,
                                                  SecurityBufferDescriptor outputBuffer,
                                                  ref ContextFlags outFlags,
                                                  SafeFreeContextBuffer handleTemplate)
        {
            int errorCode = (int) SecurityStatus.InvalidHandle;
            bool b1 = false;
            bool b2 = false;

            // Run the body of this method as a non-interruptible block.
            RuntimeHelpers.PrepareConstrainedRegions();
            try
            {
                inCredentials.DangerousAddRef(ref b1);
                outContext.DangerousAddRef(ref b2);
            }
            catch(Exception e)
            {
                if (b1)
                {
                    inCredentials.DangerousRelease();
                    b1 = false;
                }
                if (b2)
                {
                    outContext.DangerousRelease();
                    b2 = false;
                }
                if (!(e is ObjectDisposedException))
                    throw;
            }
            finally {
                SSPIHandle credentialHandle = inCredentials._handle;
                long timeStamp;

                if (!b1)
                {
                    // caller should retry
                    inCredentials = null;
                }
                else if (b1 && b2)
                {
                    errorCode = UnsafeNclNativeMethods.SafeNetHandles_SECURITY.AcceptSecurityContext(
                                ref credentialHandle,
                                inContextPtr,
                                inputBuffer,
                                inFlags,
                                endianness,
                                ref outContext._handle,
                                outputBuffer,
                                ref outFlags,
                                out timeStamp);

                    //
                    // When a credential handle is first associated with the context we keep credential
                    // ref count bumped up to ensure ordered finalization.
                    // If the credential handle has been changed we de-ref the old one and associate the
                    //  context with the new cred handle but only if the call was successful.
                    if (outContext._EffectiveCredential != inCredentials && (errorCode & 0x80000000) == 0)
                    {
                        // Disassociate the previous credential handle
                        if (outContext._EffectiveCredential != null)
                            outContext._EffectiveCredential.DangerousRelease();
                        outContext._EffectiveCredential = inCredentials;
                    }
                    else
                    {
                        inCredentials.DangerousRelease();
                    }

                    outContext.DangerousRelease();

                    // The idea is that SSPI has allocated a block and filled up outUnmanagedBuffer+8 slot with the pointer.
                    if (handleTemplate != null)
                    {
                        handleTemplate.Set(((SecurityBufferStruct*)outputBuffer.UnmanagedPointer)->token); //ATTN: on 64 BIT that is still +8 cause of 2* c++ unsigned long == 8 bytes
                        if (handleTemplate.IsInvalid)
                        {
                            handleTemplate.SetHandleAsInvalid();
                        }
                    }
                }

                if (inContextPtr == null && (errorCode & 0x80000000) != 0)
                {
                    // an error on the first call, need to set the out handle to invalid value
                    outContext._handle.SetToInvalid();
                }
            }

            return errorCode;
        }
        //-------------------------------------------------------------------
        internal unsafe static int AcceptSecurityContext(
            SecurDll                dll,
            ref SafeFreeCredentials inCredentials,
            ref SafeDeleteContext   refContext,
            ContextFlags            inFlags,
            Endianness              endianness,
            SecurityBuffer          inSecBuffer,
            SecurityBuffer[]        inSecBuffers,
            SecurityBuffer          outSecBuffer,
            ref ContextFlags        outFlags) {

#if TRAVE
            GlobalLog.Enter("SafeDeleteContext::AcceptSecurityContex");
            GlobalLog.Print("    DLL              = " + dll);
            GlobalLog.Print("    credential       = " + inCredentials.ToString());
            GlobalLog.Print("    refContext       = " + ValidationHelper.ToString(refContext));

            GlobalLog.Print("    inFlags          = " + inFlags);
//            GlobalLog.Print("    endianness       = " + endianness);
//            GlobalLog.Print("    inSecBuffer      = " + SecurityBuffer.ToString(inSecBuffer));
//
            if (inSecBuffers==null)
            {
                GlobalLog.Print("    inSecBuffers     = (null)");
            }
            else
            {
                GlobalLog.Print("    inSecBuffers[]   = length:" + inSecBuffers.Length);
//                for (int index=0; index<inSecBuffers.Length; index++) { GlobalLog.Print("    inSecBuffers[" + index + "]   = " + SecurityBuffer.ToString(inSecBuffers[index])); }
            }
//            GlobalLog.Print("    newContext       = {ref} inContext");
//            GlobalLog.Print("    outSecBuffer     = " + SecurityBuffer.ToString(outSecBuffer));
//            GlobalLog.Print("    outFlags         = {ref} " + outFlags);
//            GlobalLog.Print("    timestamp        = null");
#endif
            GlobalLog.Assert(outSecBuffer != null, "SafeDeleteContext::AcceptSecurityContext()|outSecBuffer != null");
            GlobalLog.Assert(inSecBuffer == null || inSecBuffers == null, "SafeDeleteContext::AcceptSecurityContext()|inSecBuffer == null || inSecBuffers == null");

            if (inCredentials == null)
            {
                throw new ArgumentNullException("inCredentials");
            }

            SecurityBufferDescriptor inSecurityBufferDescriptor = null;
            if (inSecBuffer!=null)
            {
                inSecurityBufferDescriptor = new SecurityBufferDescriptor(1);
            }
            else if (inSecBuffers!=null)
            {
                inSecurityBufferDescriptor = new SecurityBufferDescriptor(inSecBuffers.Length);
            }
            SecurityBufferDescriptor outSecurityBufferDescriptor = new SecurityBufferDescriptor(1);

            // actually this is returned in outFlags
            bool isSspiAllocated = (inFlags & ContextFlags.AllocateMemory) != 0 ? true : false;

            int errorCode = -1;

            SSPIHandle contextHandle = new SSPIHandle();
            if (refContext != null)
                contextHandle = refContext._handle;

            // these are pinned user byte arrays passed along with SecurityBuffers
            GCHandle[] pinnedInBytes = null;
            GCHandle pinnedOutBytes = new GCHandle();
            // optional output buffer that may need to be freed
            SafeFreeContextBuffer outFreeContextBuffer = null;
            try
            {
                pinnedOutBytes = GCHandle.Alloc(outSecBuffer.token, GCHandleType.Pinned);
                SecurityBufferStruct[] inUnmanagedBuffer = new SecurityBufferStruct[inSecurityBufferDescriptor==null ? 1:inSecurityBufferDescriptor.Count];
                fixed (void* inUnmanagedBufferPtr = inUnmanagedBuffer)
                {
                    if (inSecurityBufferDescriptor!=null)
                    {
                        // Fix Descriptor pointer that points to unmanaged SecurityBuffers
                        inSecurityBufferDescriptor.UnmanagedPointer = inUnmanagedBufferPtr;
                        pinnedInBytes = new GCHandle[inSecurityBufferDescriptor.Count];
                        SecurityBuffer securityBuffer;
                        for (int index = 0; index < inSecurityBufferDescriptor.Count; ++index)
                        {
                            securityBuffer = inSecBuffer!=null ? inSecBuffer : inSecBuffers[index];
                            if (securityBuffer!=null)
                            {
                                // Copy the SecurityBuffer content into unmanaged place holder
                                inUnmanagedBuffer[index].count = securityBuffer.size;
                                inUnmanagedBuffer[index].type  = securityBuffer.type;

                                // use the unmanaged token if it's not null; otherwise use the managed buffer
                                if (securityBuffer.unmanagedToken != null)
                                {
                                    inUnmanagedBuffer[index].token = securityBuffer.unmanagedToken.DangerousGetHandle();
                                }
                                else if (securityBuffer.token == null || securityBuffer.token.Length == 0)
                                {
                                    inUnmanagedBuffer[index].token = IntPtr.Zero;
                                }
                                else
                                {
                                    pinnedInBytes[index] = GCHandle.Alloc(securityBuffer.token, GCHandleType.Pinned);
                                    inUnmanagedBuffer[index].token = Marshal.UnsafeAddrOfPinnedArrayElement(securityBuffer.token, securityBuffer.offset);
                                }
    #if TRAVE
                                GlobalLog.Print("SecBuffer: cbBuffer:" + securityBuffer.size +  " BufferType:" + securityBuffer.type);
    #endif
                            }
                        }
                    }
                    SecurityBufferStruct[] outUnmanagedBuffer = new SecurityBufferStruct[1];
                    fixed (void* outUnmanagedBufferPtr = outUnmanagedBuffer)
                    {
                        // Fix Descriptor pointer that points to unmanaged SecurityBuffers
                        outSecurityBufferDescriptor.UnmanagedPointer = outUnmanagedBufferPtr;
                        // Copy the SecurityBuffer content into unmanaged place holder
                        outUnmanagedBuffer[0].count = outSecBuffer.size;
                        outUnmanagedBuffer[0].type  = outSecBuffer.type;

                        if (outSecBuffer.token == null || outSecBuffer.token.Length == 0)
                            outUnmanagedBuffer[0].token  = IntPtr.Zero;
                        else
                            outUnmanagedBuffer[0].token  = Marshal.UnsafeAddrOfPinnedArrayElement(outSecBuffer.token, outSecBuffer.offset);

                        if (isSspiAllocated)
                            outFreeContextBuffer = SafeFreeContextBuffer.CreateEmptyHandle(dll);

                        switch (dll)
                        {
                        case SecurDll.SECURITY:
                                    if (refContext == null || refContext.IsInvalid)
                                        refContext = new SafeDeleteContext_SECURITY();

                                    errorCode = MustRunAcceptSecurityContext_SECURITY(
                                                    ref inCredentials,
                                                    contextHandle.IsZero? null: &contextHandle,
                                                    inSecurityBufferDescriptor,
                                                    inFlags,
                                                    endianness,
                                                    refContext,
                                                    outSecurityBufferDescriptor,
                                                    ref outFlags,
                                                    outFreeContextBuffer
                                                    );

                                    break;

                        default:  throw new ArgumentException(SR.GetString(SR.net_invalid_enum, "SecurDll"), "Dll");
                        }

                        GlobalLog.Print("SafeDeleteContext:AcceptSecurityContext  Marshalling OUT buffer");
                        // Get unmanaged buffer with index 0 as the only one passed into PInvoke
                        outSecBuffer.size = outUnmanagedBuffer[0].count;
                        outSecBuffer.type = outUnmanagedBuffer[0].type;
                        if (outSecBuffer.size > 0)
                        {
                            outSecBuffer.token = new byte[outSecBuffer.size];
                            Marshal.Copy(outUnmanagedBuffer[0].token, outSecBuffer.token, 0, outSecBuffer.size);
                        }
                        else
                        {
                            outSecBuffer.token = null;
                        }
                    }
                }
            }
            finally {
                if (pinnedInBytes!=null)
                {
                    for (int index=0; index<pinnedInBytes.Length; index++)
                    {
                        if (pinnedInBytes[index].IsAllocated)
                            pinnedInBytes[index].Free();
                    }
                }

                if (pinnedOutBytes.IsAllocated)
                    pinnedOutBytes.Free();

                if (outFreeContextBuffer != null)
                    outFreeContextBuffer.Close();
            }

            GlobalLog.Leave("SafeDeleteContext::AcceptSecurityContex() unmanaged AcceptSecurityContex()", "errorCode:0x" + errorCode.ToString("x8") + " refContext:" + ValidationHelper.ToString(refContext));

            return errorCode;
        }
        internal static unsafe int AcceptSecurityContext(SecurDll dll, ref SafeFreeCredentials inCredentials, ref SafeDeleteContext refContext, ContextFlags inFlags, Endianness endianness, SecurityBuffer inSecBuffer, SecurityBuffer[] inSecBuffers, SecurityBuffer outSecBuffer, ref ContextFlags outFlags)
        {
            if (inCredentials == null)
            {
                throw new ArgumentNullException("inCredentials");
            }
            SecurityBufferDescriptor inputBuffer = null;
            if (inSecBuffer != null)
            {
                inputBuffer = new SecurityBufferDescriptor(1);
            }
            else if (inSecBuffers != null)
            {
                inputBuffer = new SecurityBufferDescriptor(inSecBuffers.Length);
            }
            SecurityBufferDescriptor outputBuffer = new SecurityBufferDescriptor(1);
            bool flag = (inFlags & ContextFlags.AllocateMemory) != ContextFlags.Zero;
            int num = -1;
            SSPIHandle handle = new SSPIHandle();
            if (refContext != null)
            {
                handle = refContext._handle;
            }
            GCHandle[] handleArray = null;
            GCHandle handle2 = new GCHandle();
            SafeFreeContextBuffer handleTemplate = null;
            try
            {
                handle2 = GCHandle.Alloc(outSecBuffer.token, GCHandleType.Pinned);
                SecurityBufferStruct[] structArray = new SecurityBufferStruct[(inputBuffer == null) ? 1 : inputBuffer.Count];
                try
                {
                    SecurityBufferStruct[] structArray3;
                    if (((structArray3 = structArray) == null) || (structArray3.Length == 0))
                    {
                        ptrRef = null;
                        goto Label_00A5;
                    }
                    fixed (IntPtr* ptrRef = structArray3)
                    {
                    Label_00A5:
                        if (inputBuffer != null)
                        {
                            inputBuffer.UnmanagedPointer = (void*) ptrRef;
                            handleArray = new GCHandle[inputBuffer.Count];
                            for (int i = 0; i < inputBuffer.Count; i++)
                            {
                                SecurityBuffer buffer2 = (inSecBuffer != null) ? inSecBuffer : inSecBuffers[i];
                                if (buffer2 != null)
                                {
                                    structArray[i].count = buffer2.size;
                                    structArray[i].type = buffer2.type;
                                    if (buffer2.unmanagedToken != null)
                                    {
                                        structArray[i].token = buffer2.unmanagedToken.DangerousGetHandle();
                                    }
                                    else if ((buffer2.token == null) || (buffer2.token.Length == 0))
                                    {
                                        structArray[i].token = IntPtr.Zero;
                                    }
                                    else
                                    {
                                        handleArray[i] = GCHandle.Alloc(buffer2.token, GCHandleType.Pinned);
                                        structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer2.token, buffer2.offset);
                                    }
                                }
                            }
                        }
                        SecurityBufferStruct[] structArray2 = new SecurityBufferStruct[1];
                        try
                        {
                            SecurityBufferStruct[] structArray4;
                            if (((structArray4 = structArray2) == null) || (structArray4.Length == 0))
                            {
                                ptrRef2 = null;
                                goto Label_01CB;
                            }
                            fixed (IntPtr* ptrRef2 = structArray4)
                            {
                            Label_01CB:
                                outputBuffer.UnmanagedPointer = (void*) ptrRef2;
                                structArray2[0].count = outSecBuffer.size;
                                structArray2[0].type = outSecBuffer.type;
                                if ((outSecBuffer.token == null) || (outSecBuffer.token.Length == 0))
                                {
                                    structArray2[0].token = IntPtr.Zero;
                                }
                                else
                                {
                                    structArray2[0].token = Marshal.UnsafeAddrOfPinnedArrayElement(outSecBuffer.token, outSecBuffer.offset);
                                }
                                if (flag)
                                {
                                    handleTemplate = SafeFreeContextBuffer.CreateEmptyHandle(dll);
                                }
                                switch (dll)
                                {
                                    case SecurDll.SECURITY:
                                        if ((refContext == null) || refContext.IsInvalid)
                                        {
                                            refContext = new SafeDeleteContext_SECURITY();
                                        }
                                        num = MustRunAcceptSecurityContext_SECURITY(ref inCredentials, handle.IsZero ? null : ((void*) &handle), inputBuffer, inFlags, endianness, refContext, outputBuffer, ref outFlags, handleTemplate);
                                        break;

                                    case SecurDll.SECUR32:
                                        if ((refContext == null) || refContext.IsInvalid)
                                        {
                                            refContext = new SafeDeleteContext_SECUR32();
                                        }
                                        num = MustRunAcceptSecurityContext_SECUR32(ref inCredentials, handle.IsZero ? null : ((void*) &handle), inputBuffer, inFlags, endianness, refContext, outputBuffer, ref outFlags, handleTemplate);
                                        break;

                                    case SecurDll.SCHANNEL:
                                        if ((refContext == null) || refContext.IsInvalid)
                                        {
                                            refContext = new SafeDeleteContext_SCHANNEL();
                                        }
                                        num = MustRunAcceptSecurityContext_SCHANNEL(ref inCredentials, handle.IsZero ? null : ((void*) &handle), inputBuffer, inFlags, endianness, refContext, outputBuffer, ref outFlags, handleTemplate);
                                        break;

                                    default:
                                        throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "SecurDll" }), "Dll");
                                }
                                outSecBuffer.size = structArray2[0].count;
                                outSecBuffer.type = structArray2[0].type;
                                if (outSecBuffer.size > 0)
                                {
                                    outSecBuffer.token = new byte[outSecBuffer.size];
                                    Marshal.Copy(structArray2[0].token, outSecBuffer.token, 0, outSecBuffer.size);
                                    return num;
                                }
                                outSecBuffer.token = null;
                                return num;
                            }
                        }
                        finally
                        {
                            ptrRef2 = null;
                        }
                        return num;
                    }
                }
                finally
                {
                    ptrRef = null;
                }
            }
            finally
            {
                if (handleArray != null)
                {
                    for (int j = 0; j < handleArray.Length; j++)
                    {
                        if (handleArray[j].IsAllocated)
                        {
                            handleArray[j].Free();
                        }
                    }
                }
                if (handle2.IsAllocated)
                {
                    handle2.Free();
                }
                if (handleTemplate != null)
                {
                    handleTemplate.Close();
                }
            }
            return num;
        }
        //
        //
        //
        internal unsafe static int CompleteAuthToken(
            SecurDll                dll,
            ref SafeDeleteContext   refContext,
            SecurityBuffer[]        inSecBuffers) {

            GlobalLog.Enter("SafeDeleteContext::CompleteAuthToken");
            GlobalLog.Print("    DLL              = " + dll);
            GlobalLog.Print("    refContext       = " + ValidationHelper.ToString(refContext));
#if TRAVE
            GlobalLog.Print("    inSecBuffers[]   = length:" + inSecBuffers.Length);
//            for (int index=0; index<inSecBuffers.Length; index++) { GlobalLog.Print("    inSecBuffers[" + index + "]   = " + SecurityBuffer.ToString(inSecBuffers[index])); }
#endif
            GlobalLog.Assert(inSecBuffers != null, "SafeDeleteContext::CompleteAuthToken()|inSecBuffers == null");
            SecurityBufferDescriptor inSecurityBufferDescriptor = new SecurityBufferDescriptor(inSecBuffers.Length);

            int errorCode = (int)SecurityStatus.InvalidHandle;

            // these are pinned user byte arrays passed along with SecurityBuffers
            GCHandle[] pinnedInBytes = null;

            SecurityBufferStruct[] inUnmanagedBuffer = new SecurityBufferStruct[inSecurityBufferDescriptor.Count];
            fixed (void* inUnmanagedBufferPtr = inUnmanagedBuffer) {
                // Fix Descriptor pointer that points to unmanaged SecurityBuffers
                inSecurityBufferDescriptor.UnmanagedPointer = inUnmanagedBufferPtr;
                pinnedInBytes = new GCHandle[inSecurityBufferDescriptor.Count];
                SecurityBuffer securityBuffer;
                for (int index = 0; index < inSecurityBufferDescriptor.Count; ++index) {
                    securityBuffer = inSecBuffers[index];
                    if (securityBuffer!=null) {
                        inUnmanagedBuffer[index].count = securityBuffer.size;
                        inUnmanagedBuffer[index].type  = securityBuffer.type;

                        // use the unmanaged token if it's not null; otherwise use the managed buffer
                        if (securityBuffer.unmanagedToken != null)
                        {
                            inUnmanagedBuffer[index].token = securityBuffer.unmanagedToken.DangerousGetHandle();
                        }
                        else if (securityBuffer.token==null || securityBuffer.token.Length==0) {
                            inUnmanagedBuffer[index].token = IntPtr.Zero;
                        }
                        else {
                            pinnedInBytes[index] = GCHandle.Alloc(securityBuffer.token, GCHandleType.Pinned);
                            inUnmanagedBuffer[index].token = Marshal.UnsafeAddrOfPinnedArrayElement(securityBuffer.token, securityBuffer.offset);
                        }
#if TRAVE
                        GlobalLog.Print("SecBuffer: cbBuffer:" + securityBuffer.size +  " BufferType:" + securityBuffer.type);
//                        securityBuffer.DebugDump();
#endif
                    }
                }

                SSPIHandle contextHandle = new SSPIHandle();
                if (refContext != null) {
                    contextHandle = refContext._handle;
                }
                try {
                    if (dll==SecurDll.SECURITY) {
                        if (refContext == null || refContext.IsInvalid) {
                            refContext = new SafeDeleteContext_SECURITY();
                        }

                        bool b = false;
                        RuntimeHelpers.PrepareConstrainedRegions();
                        try {
                            refContext.DangerousAddRef(ref b);
                        }
                        catch(Exception e) {
                            if (b)
                            {
                                refContext.DangerousRelease();
                                b = false;
                            }
                            if (!(e is ObjectDisposedException))
                                throw;
                        }
                        finally {
                            if (b)
                            {
                                errorCode = UnsafeNclNativeMethods.SafeNetHandles_SECURITY.CompleteAuthToken(contextHandle.IsZero? null: &contextHandle, inSecurityBufferDescriptor);
                                refContext.DangerousRelease();
                            }
                        }

                    }
                    else {
                        throw new ArgumentException(SR.GetString(SR.net_invalid_enum, "SecurDll"), "Dll");
                    }
                }
                finally {
                    if (pinnedInBytes!=null) {
                        for (int index=0; index<pinnedInBytes.Length; index++) {
                            if (pinnedInBytes[index].IsAllocated) {
                                pinnedInBytes[index].Free();
                            }
                        }
                    }
                }
            }

            GlobalLog.Leave("SafeDeleteContext::CompleteAuthToken() unmanaged CompleteAuthToken()", "errorCode:0x" + errorCode.ToString("x8") + " refContext:" + ValidationHelper.ToString(refContext));

            return errorCode;
        }
 internal static unsafe int CompleteAuthToken(SecurDll dll, ref SafeDeleteContext refContext, SecurityBuffer[] inSecBuffers)
 {
     SecurityBufferStruct[] structArray2;
     SecurityBufferDescriptor inputBuffers = new SecurityBufferDescriptor(inSecBuffers.Length);
     int num = -2146893055;
     GCHandle[] handleArray = null;
     SecurityBufferStruct[] structArray = new SecurityBufferStruct[inputBuffers.Count];
     if (((structArray2 = structArray) != null) && (structArray2.Length != 0))
     {
         goto Label_002F;
     }
     fixed (IntPtr* ptrRef = null)
     {
         goto Label_0039;
     Label_002F:
         ptrRef = structArray2;
     Label_0039:
         inputBuffers.UnmanagedPointer = (void*) ptrRef;
         handleArray = new GCHandle[inputBuffers.Count];
         for (int i = 0; i < inputBuffers.Count; i++)
         {
             SecurityBuffer buffer = inSecBuffers[i];
             if (buffer != null)
             {
                 structArray[i].count = buffer.size;
                 structArray[i].type = buffer.type;
                 if (buffer.unmanagedToken != null)
                 {
                     structArray[i].token = buffer.unmanagedToken.DangerousGetHandle();
                 }
                 else if ((buffer.token == null) || (buffer.token.Length == 0))
                 {
                     structArray[i].token = IntPtr.Zero;
                 }
                 else
                 {
                     handleArray[i] = GCHandle.Alloc(buffer.token, GCHandleType.Pinned);
                     structArray[i].token = Marshal.UnsafeAddrOfPinnedArrayElement(buffer.token, buffer.offset);
                 }
             }
         }
         SSPIHandle handle = new SSPIHandle();
         if (refContext != null)
         {
             handle = refContext._handle;
         }
         try
         {
             if (dll == SecurDll.SECURITY)
             {
                 if ((refContext == null) || refContext.IsInvalid)
                 {
                     refContext = new SafeDeleteContext_SECURITY();
                 }
                 bool success = false;
                 RuntimeHelpers.PrepareConstrainedRegions();
                 try
                 {
                     try
                     {
                         refContext.DangerousAddRef(ref success);
                     }
                     catch (Exception exception)
                     {
                         if (success)
                         {
                             refContext.DangerousRelease();
                             success = false;
                         }
                         if (!(exception is ObjectDisposedException))
                         {
                             throw;
                         }
                     }
                     goto Label_0201;
                 }
                 finally
                 {
                     if (success)
                     {
                         num = UnsafeNclNativeMethods.SafeNetHandles_SECURITY.CompleteAuthToken(handle.IsZero ? null : ((void*) &handle), inputBuffers);
                         refContext.DangerousRelease();
                     }
                 }
             }
             throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "SecurDll" }), "Dll");
         }
         finally
         {
             if (handleArray != null)
             {
                 for (int j = 0; j < handleArray.Length; j++)
                 {
                     if (handleArray[j].IsAllocated)
                     {
                         handleArray[j].Free();
                     }
                 }
             }
         }
     }
 Label_0201:;
     return num;
 }