Working on implementing the ServerContext and structuring things so that invoking the public interface is a little easier - trying to move out of proof-of-concept code to prototype code. Still need to rework how I deal with the context and credential handles, worried that they're not treated safe. Still need to reorganize a lot of where code lives. Very inconsistent so far.

Contexts/ServerContext.cs

@@ -6,7 +6,91 @@ using System.Threading.Tasks;
 
 namespace NSspi.Contexts
 {
-    class ServerContext
+    public class ServerContext : Context
     {
+        private ContextAttrib requestedAttribs;
+        private ContextAttrib finalAttribs;
+        private bool complete;
+
+        public ServerContext(ServerCredential cred, ContextAttrib requestedAttribs) : base ( cred )
+        {
+            this.requestedAttribs = requestedAttribs;
+            this.finalAttribs = ContextAttrib.Zero;
+
+        }
+
+        public SecurityStatus AcceptToken( byte[] clientToken, out byte[] nextToken )
+        {
+            SecureBuffer clientBuffer = new SecureBuffer( clientToken, BufferType.Token );
+            SecureBuffer outBuffer = new SecureBuffer( new byte[12288], BufferType.Token );
+
+            long credHandle = this.Credential.CredentialHandle;
+            long oldContextHandle = base.ContextHandle;
+            long newContextHandle = 0;
+
+            SecurityStatus status;
+            ContextAttrib outAttribs = ContextAttrib.Zero;
+            long expiry = 0;
+
+            SecureBufferAdapter clientAdapter;
+            SecureBufferAdapter outAdapter;
+
+
+            using ( clientAdapter = new SecureBufferAdapter( clientBuffer ) )
+            {
+                using ( outAdapter = new SecureBufferAdapter( outBuffer ) )
+                {
+                    if ( oldContextHandle == 0 )
+                    {
+                        status = ContextNativeMethods.AcceptSecurityContext_1(
+                            ref credHandle,
+                            IntPtr.Zero,
+                            clientAdapter.Handle,
+                            requestedAttribs,
+                            SecureBufferDataRep.Network,
+                            ref newContextHandle,
+                            outAdapter.Handle,
+                            ref outAttribs,
+                            ref expiry
+                        );
+                    }
+                    else
+                    {
+                        status = ContextNativeMethods.AcceptSecurityContext_2(
+                            ref credHandle,
+                            ref oldContextHandle,
+                            clientAdapter.Handle,
+                            requestedAttribs,
+                            SecureBufferDataRep.Network,
+                            ref newContextHandle,
+                            outAdapter.Handle,
+                            ref outAttribs,
+                            ref expiry
+                        );
+                    }
+                }
+            }
+
+            if ( status == SecurityStatus.OK )
+            {
+                nextToken = null;
+                this.complete = true;
+            }
+            else if ( status == SecurityStatus.ContinueNeeded )
+            {
+                this.complete = false;
+
+                nextToken = new byte[outBuffer.Length];
+                Array.Copy( outBuffer.Buffer, nextToken, nextToken.Length );
+            }
+            else
+            {
+                throw new SSPIException( "Failed to call AcceptSecurityContext", status );
+            }
+
+            base.ContextHandle = newContextHandle;
+
+            return status;
+        }
     }
 }