Type a page name and press Enter. You'll jump to the page if it exists, or you can create it if it doesn't.
To create a page in a module other than secur32, prefix the name with the module name and a period.
InitializeSecurityContext (secur32)
.
C# Signature:
[DllImport("secur32.dll", SetLastError=true)]
static extern int InitializeSecurityContext(ref SECURITY_HANDLE phCredential,//PCredHandle
IntPtr phContext, //PCtxtHandle
string pszTargetName,
int fContextReq,
int Reserved1,
int TargetDataRep,
IntPtr pInput, //PSecBufferDesc SecBufferDesc
int Reserved2,
out SECURITY_HANDLE phNewContext, //PCtxtHandle
out SecBufferDesc pOutput, //PSecBufferDesc SecBufferDesc
out uint pfContextAttr, //managed ulong == 64 bits!!!
out SECURITY_INTEGER ptsExpiry); //PTimeStamp
VB Signature:
<DllImport("secur32", CharSet:=CharSet.Auto, SetLastError:=True)> _
Private Shared Function InitializeSecurityContext(ByRef phCredential As SECURITY_HANDLE, _
ByVal phContext As IntPtr, _
ByVal pszTargetName As String, _
ByVal fContextReq As Integer, _
ByVal Reserved1 As Integer, _
ByVal TargetDataRep As Integer, _
ByVal pInput As IntPtr, _
ByVal Reserved2 As Integer, _
ByRef phNewContext As SECURITY_HANDLE, _
ByRef pOutput As SecBufferDesc, _
ByRef pfContextAttr As UInteger, _
ByRef ptsExpiry As SECURITY_INTEGER) As Integer
End Function
Declare Function InitializeSecurityContext Lib "secur32.dll" (TODO) As TODO
using System.Collections;
using System.Security.Principal;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Net.Sockets;
using TestMe;
[StructLayout(LayoutKind.Sequential)]
public struct SecHandle //=PCtxtHandle
{
IntPtr dwLower; // ULONG_PTR translates to IntPtr not to uint
IntPtr dwUpper; // this is crucial for 64-Bit Platforms
}
[StructLayout(LayoutKind.Sequential)]
public struct SecBuffer : IDisposable
{
public int cbBuffer;
public int BufferType;
public IntPtr pvBuffer;
//Allocate memory for SecBuffer Array....
pBuffers = Marshal.AllocHGlobal(Marshal.SizeOf(typeof(SecBuffer)) * cBuffers);
for(int Index = 0;Index < secBufferBytesArray.Length;Index++)
{
//Super hack: Now allocate memory for the individual SecBuffers
//and just copy the bit values to the SecBuffer array!!!
SecBuffer ThisSecBuffer = new SecBuffer(secBufferBytesArray[Index].Buffer,secBufferBytesArray[Index].BufferType);
//We will write out bits in the following order:
//int cbBuffer;
//int BufferType;
//pvBuffer;
//Note that we won't be releasing the memory allocated by ThisSecBuffer until we
//are disposed...
int CurrentOffset = Index*Marshal.SizeOf(typeof(SecBuffer));
Marshal.WriteInt32(pBuffers,CurrentOffset,ThisSecBuffer.cbBuffer);
Marshal.WriteInt32(pBuffers,CurrentOffset + Marshal.SizeOf(ThisSecBuffer.cbBuffer),ThisSecBuffer.BufferType);
Marshal.WriteIntPtr(pBuffers,CurrentOffset + Marshal.SizeOf(ThisSecBuffer.cbBuffer)+Marshal.SizeOf(ThisSecBuffer.BufferType),ThisSecBuffer.pvBuffer);
}
}
public void Dispose()
{
if(pBuffers != IntPtr.Zero)
{
if(cBuffers == 1)
{
SecBuffer ThisSecBuffer = (SecBuffer)Marshal.PtrToStructure(pBuffers,typeof(SecBuffer));
ThisSecBuffer.Dispose();
}
else
{
for(int Index = 0;Index < cBuffers;Index++)
{
//The bits were written out the following order:
//int cbBuffer;
//int BufferType;
//pvBuffer;
//What we need to do here is to grab a hold of the pvBuffer allocate by the individual
//SecBuffer and release it...
int CurrentOffset = Index*Marshal.SizeOf(typeof(SecBuffer));
IntPtr SecBufferpvBuffer = Marshal.ReadIntPtr(pBuffers,CurrentOffset + Marshal.SizeOf(typeof(int))+Marshal.SizeOf(typeof(int)));
Marshal.FreeHGlobal(SecBufferpvBuffer);
}
}
if(ThisSecBuffer.cbBuffer > 0)
{
Buffer = new byte[ThisSecBuffer.cbBuffer];
Marshal.Copy(ThisSecBuffer.pvBuffer,Buffer,0,ThisSecBuffer.cbBuffer);
}
}
else
{
int BytesToAllocate = 0;
for(int Index = 0;Index < cBuffers;Index++)
{
//The bits were written out the following order:
//int cbBuffer;
//int BufferType;
//pvBuffer;
//What we need to do here calculate the total number of bytes we need to copy...
int CurrentOffset = Index*Marshal.SizeOf(typeof(SecBuffer));
BytesToAllocate += Marshal.ReadInt32(pBuffers,CurrentOffset);
}
Buffer = new byte[BytesToAllocate];
for(int Index = 0,BufferIndex = 0;Index < cBuffers;Index++)
{
//The bits were written out the following order:
//int cbBuffer;
//int BufferType;
//pvBuffer;
//Now iterate over the individual buffers and put them together into a
//byte array...
int CurrentOffset = Index*Marshal.SizeOf(typeof(SecBuffer));
int BytesToCopy = Marshal.ReadInt32(pBuffers,CurrentOffset);
IntPtr SecBufferpvBuffer = Marshal.ReadIntPtr(pBuffers,CurrentOffset + Marshal.SizeOf(typeof(int))+Marshal.SizeOf(typeof(int)));
Marshal.Copy(SecBufferpvBuffer,Buffer,BufferIndex,BytesToCopy);
BufferIndex += BytesToCopy;
}
}
return(Buffer);
}
/*public SecBuffer GetSecBuffer()
{
if(pBuffers == IntPtr.Zero)
{
throw new InvalidOperationException("Object has already been disposed!!!");
}
[StructLayout(LayoutKind.Sequential)]
public struct SECURITY_INTEGER
{
public uint LowPart;
public int HighPart;
public SECURITY_INTEGER(int dummy)
{
LowPart = 0;
HighPart = 0;
}
};
[StructLayout(LayoutKind.Sequential)]
public struct SECURITY_HANDLE
{
public IntPtr LowPart;
public IntPtr HighPart;
public uint LowPart;
public uint HighPart;
public SECURITY_HANDLE(int dummy)
{
LowPart = HighPart = IntPtr.Zero;
LowPart = HighPart = 0;
}
};
[StructLayout(LayoutKind.Sequential)]
public struct SecPkgContext_Sizes
{
public uint cbMaxToken;
public uint cbMaxSignature;
public uint cbBlockSize;
public uint cbSecurityTrailer;
};
namespace SSPITest
{
public class SSPIHelper
{
public const int TOKEN_QUERY = 0x00008;
public const int SEC_E_OK = 0;
public const int SEC_I_CONTINUE_NEEDED = 0x90312;
const int SECPKG_CRED_OUTBOUND = 2;
const int SECURITY_NATIVE_DREP = 0x10;
const int SECPKG_CRED_INBOUND = 1;
const int MAX_TOKEN_SIZE = 12288;
//For AcquireCredentialsHandle in 3er Parameter "fCredentialUse"
SECURITY_HANDLE _hInboundCred = new SECURITY_HANDLE(0);
public SECURITY_HANDLE _hServerContext = new SECURITY_HANDLE(0);
SECURITY_HANDLE _hOutboundCred = new SECURITY_HANDLE(0);
public SECURITY_HANDLE _hClientContext = new SECURITY_HANDLE(0);
public const int ISC_REQ_DELEGATE = 0x00000001;
public const int ISC_REQ_MUTUAL_AUTH = 0x00000002;
public const int ISC_REQ_REPLAY_DETECT = 0x00000004;
public const int ISC_REQ_SEQUENCE_DETECT = 0x00000008;
public const int ISC_REQ_CONFIDENTIALITY = 0x00000010;
public const int ISC_REQ_USE_SESSION_KEY = 0x00000020;
public const int ISC_REQ_PROMPT_FOR_CREDS = 0x00000040;
public const int ISC_REQ_USE_SUPPLIED_CREDS = 0x00000080;
public const int ISC_REQ_ALLOCATE_MEMORY = 0x00000100;
public const int ISC_REQ_USE_DCE_STYLE = 0x00000200;
public const int ISC_REQ_DATAGRAM = 0x00000400;
public const int ISC_REQ_CONNECTION = 0x00000800;
public const int ISC_REQ_CALL_LEVEL = 0x00001000;
public const int ISC_REQ_FRAGMENT_SUPPLIED = 0x00002000;
public const int ISC_REQ_EXTENDED_ERROR = 0x00004000;
public const int ISC_REQ_STREAM = 0x00008000;
public const int ISC_REQ_INTEGRITY = 0x00010000;
public const int ISC_REQ_IDENTIFY = 0x00020000;
public const int ISC_REQ_NULL_SESSION = 0x00040000;
public const int ISC_REQ_MANUAL_CRED_VALIDATION = 0x00080000;
public const int ISC_REQ_RESERVED1 = 0x00100000;
public const int ISC_REQ_FRAGMENT_TO_FIT = 0x00200000;
public const int SECPKG_ATTR_SIZES = 0;
public const int STANDARD_CONTEXT_ATTRIBUTES = ISC_REQ_CONFIDENTIALITY | ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT | ISC_REQ_CONNECTION;
public void InitializeServer(byte[] clientToken,out byte[] serverToken,
out bool bContinueProcessing)
{
serverToken = null;
bContinueProcessing = true;
SECURITY_INTEGER NewLifeTime = new SECURITY_INTEGER(0);
if(!_bGotServerCredentials)
{
if(AcquireCredentialsHandle(_sAccountName,"Kerberos",SECPKG_CRED_INBOUND,
IntPtr.Zero,IntPtr.Zero,0,IntPtr.Zero,
ref _hInboundCred,ref NewLifeTime) != SEC_E_OK)
{
throw new Exception("Couldn't acquire server credentials handle!!!");
}
_bGotServerCredentials = true;
}
SecBufferDesc ServerToken = new SecBufferDesc(MAX_TOKEN_SIZE);
SecBufferDesc ClientToken = new SecBufferDesc(clientToken);
try
{
int ss = -1;
uint uNewContextAttr = 0;
if(!_bGotServerContext)
{
ss = AcceptSecurityContext(ref _hInboundCred, // [in] handle to the credentials
IntPtr.Zero, // [in/out] handle of partially formed context. Always NULL the first time through
ref ClientToken, // [in] pointer to the input buffers
STANDARD_CONTEXT_ATTRIBUTES, // [in] required context attributes
SECURITY_NATIVE_DREP, // [in] data representation on the target
out _hServerContext, // [in/out] receives the new context handle
out ServerToken, // [in/out] pointer to the output buffers
out uNewContextAttr, // [out] receives the context attributes
out NewLifeTime); // [out] receives the life span of the security context
}
else
{
ss = AcceptSecurityContext(ref _hInboundCred, // [in] handle to the credentials
ref _hServerContext, // [in/out] handle of partially formed context. Always NULL the first time through
ref ClientToken, // [in] pointer to the input buffers
STANDARD_CONTEXT_ATTRIBUTES, // [in] required context attributes
SECURITY_NATIVE_DREP, // [in] data representation on the target
out _hServerContext, // [in/out] receives the new context handle
out ServerToken, // [in/out] pointer to the output buffers
out uNewContextAttr, // [out] receives the context attributes
out NewLifeTime); // [out] receives the life span of the security context
}
if(ss != SEC_E_OK && ss != SEC_I_CONTINUE_NEEDED)
{
throw new Exception("AcceptSecurityContext() failed!!!");
}
MultipleSecBufferHelper[] ThisSecHelper = new MultipleSecBufferHelper[2];
ThisSecHelper[0] = new MultipleSecBufferHelper(message,SecBufferType.SECBUFFER_DATA);
ThisSecHelper[1] = new MultipleSecBufferHelper(new byte[ContextSizes.cbSecurityTrailer],SecBufferType.SECBUFFER_TOKEN);
SecBufferDesc DescBuffer = new SecBufferDesc(ThisSecHelper);
MultipleSecBufferHelper[] ThisSecHelper = new MultipleSecBufferHelper[2];
ThisSecHelper[0] = new MultipleSecBufferHelper(message,SecBufferType.SECBUFFER_DATA);
ThisSecHelper[1] = new MultipleSecBufferHelper(new byte[ContextSizes.cbMaxSignature],SecBufferType.SECBUFFER_TOKEN);
SecBufferDesc DescBuffer = new SecBufferDesc(ThisSecHelper);
Whidbey makes it trivial to Kerberize your application using NegotiateStream. Check the Beta documentation for details...
TODO - a short description
9/12/2007 8:58:34 AM - anonymous
Please edit this page!
Do you have...
helpful tips or sample code to share for using this API in managed code?
corrections to the existing content?
variations of the signature you want to share?
additional languages you want to include?
Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing supporting types needed for this API (structures, delegates, and more).