From 508cd9df49d86b5be1cc33ce705a29569e01cb69 Mon Sep 17 00:00:00 2001 From: antiduh Date: Tue, 24 Jun 2014 20:19:58 +0000 Subject: [PATCH] Move credential native methods to their own file. Create a QueryNameSupport.cs file to hold a couple classes related to implementing that functionality. --- Contexts/ClientContext.cs | 1 - Contexts/ContextNativeMethods.cs | 3 +- Credentials/Credential.cs | 8 +- Credentials/CredentialNativeMethods.cs | 107 +++++++++++++++++++++++++ Credentials/QueryNameSupport.cs | 15 ++++ NSspi.csproj | 2 + NativeMethods.cs | 99 +---------------------- SspiHandle.cs | 2 +- 8 files changed, 133 insertions(+), 104 deletions(-) create mode 100644 Credentials/CredentialNativeMethods.cs create mode 100644 Credentials/QueryNameSupport.cs diff --git a/Contexts/ClientContext.cs b/Contexts/ClientContext.cs index 4d91e57..31b3ff9 100644 --- a/Contexts/ClientContext.cs +++ b/Contexts/ClientContext.cs @@ -106,7 +106,6 @@ namespace NSspi.Contexts ); } } - } if ( status == SecurityStatus.OK ) diff --git a/Contexts/ContextNativeMethods.cs b/Contexts/ContextNativeMethods.cs index d0d3ce7..fe87e6d 100644 --- a/Contexts/ContextNativeMethods.cs +++ b/Contexts/ContextNativeMethods.cs @@ -4,8 +4,9 @@ using System.Linq; using System.Runtime.InteropServices; using System.Text; using System.Threading.Tasks; +using NSspi.Contexts; -namespace NSspi.Contexts +namespace NSspi { public static class ContextNativeMethods { diff --git a/Credentials/Credential.cs b/Credentials/Credential.cs index 67f847b..f76cbf9 100644 --- a/Credentials/Credential.cs +++ b/Credentials/Credential.cs @@ -6,6 +6,7 @@ using System.Runtime.CompilerServices; using System.Runtime.InteropServices; using System.Text; using System.Threading.Tasks; +using NSspi.Credentials; namespace NSspi { @@ -78,7 +79,7 @@ namespace NSspi try { } finally { - status = NativeMethods.AcquireCredentialsHandle( + status = CredentialNativeMethods.AcquireCredentialsHandle( null, packageName, use, @@ -119,12 +120,12 @@ namespace NSspi { get { - NativeMethods.QueryNameAttribCarrier carrier = new NativeMethods.QueryNameAttribCarrier(); + QueryNameAttribCarrier carrier = new QueryNameAttribCarrier(); SecurityStatus status; string name = null; - status = NativeMethods.QueryCredentialsAttribute_Name( + status = CredentialNativeMethods.QueryCredentialsAttribute_Name( ref this.safeCredHandle.rawHandle, CredentialQueryAttrib.Names, ref carrier @@ -170,5 +171,6 @@ namespace NSspi this.disposed = true; } } + } } diff --git a/Credentials/CredentialNativeMethods.cs b/Credentials/CredentialNativeMethods.cs new file mode 100644 index 0000000..6e122fa --- /dev/null +++ b/Credentials/CredentialNativeMethods.cs @@ -0,0 +1,107 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Runtime.InteropServices; +using System.Text; +using System.Threading.Tasks; +using NSspi.Credentials; + +namespace NSspi +{ + public static class CredentialNativeMethods + { + + /* + SECURITY_STATUS sResult = AcquireCredentialsHandle( + NULL, // [in] name of principal. NULL = principal of current security context + pszPackageName, // [in] name of package + fCredentialUse, // [in] flags indicating use. + NULL, // [in] pointer to logon identifier. NULL = we're not specifying the id of another logon session + NULL, // [in] package-specific data. NULL = default credentials for security package + NULL, // [in] pointer to GetKey function. NULL = we're not using a callback to retrieve the credentials + NULL, // [in] value to pass to GetKey + this->credentialHandle, // [out] credential handle (this must be already allocated) + &tsExpiry // [out] lifetime of the returned credentials + ); + + SECURITY_STATUS SEC_Entry AcquireCredentialsHandle( + _In_ SEC_CHAR *pszPrincipal, + _In_ SEC_CHAR *pszPackage, + _In_ ULONG fCredentialUse, + _In_ PLUID pvLogonID, + _In_ PVOID pAuthData, + _In_ SEC_GET_KEY_FN pGetKeyFn, + _In_ PVOID pvGetKeyArgument, + _Out_ PCredHandle phCredential, + _Out_ PTimeStamp ptsExpiry + ); + */ + + [DllImport( + "Secur32.dll", + EntryPoint = "AcquireCredentialsHandle", + CallingConvention = CallingConvention.Winapi, + CharSet = CharSet.Unicode, + SetLastError = true + )] + public static extern SecurityStatus AcquireCredentialsHandle( + string principleName, + string packageName, + CredentialUse credentialUse, + IntPtr loginId, + IntPtr packageData, + IntPtr getKeyFunc, + IntPtr getKeyData, + ref RawSspiHandle credentialHandle, + ref long expiry + ); + + /* + SECURITY_STATUS SEC_Entry FreeCredentialsHandle( + _In_ PCredHandle phCredential + ); + */ + [DllImport( + "Secur32.dll", + EntryPoint = "FreeCredentialsHandle", + CallingConvention = CallingConvention.Winapi, + CharSet = CharSet.Unicode, + SetLastError = true + )] + public static extern SecurityStatus FreeCredentialsHandle( + ref RawSspiHandle credentialHandle + ); + + /* + SECURITY_STATUS SEC_Entry QueryCredentialsAttributes( + _In_ PCredHandle phCredential, + _In_ ULONG ulAttribute, + _Out_ PVOID pBuffer + ); + */ + + /// + /// The overload of the QueryCredentialsAttribute method that is used for querying the name attribute. + /// In this call, it takes a void* to a structure that contains a wide char pointer. The wide character + /// pointer is allocated by the SSPI api, and thus needs to be released by a call to FreeContextBuffer(). + /// + /// + /// + /// + /// + [DllImport( + "Secur32.dll", + EntryPoint = "QueryCredentialsAttributes", + CallingConvention = CallingConvention.Winapi, + CharSet = CharSet.Unicode, + SetLastError = true + )] + public static extern SecurityStatus QueryCredentialsAttribute_Name( + ref RawSspiHandle credentialHandle, + CredentialQueryAttrib attributeName, + ref QueryNameAttribCarrier name + ); + + + } +} diff --git a/Credentials/QueryNameSupport.cs b/Credentials/QueryNameSupport.cs new file mode 100644 index 0000000..3744cca --- /dev/null +++ b/Credentials/QueryNameSupport.cs @@ -0,0 +1,15 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Runtime.InteropServices; +using System.Text; +using System.Threading.Tasks; + +namespace NSspi.Credentials +{ + [StructLayout( LayoutKind.Sequential )] + public struct QueryNameAttribCarrier + { + public IntPtr Name; + } +} diff --git a/NSspi.csproj b/NSspi.csproj index ffb953d..e0d5087 100644 --- a/NSspi.csproj +++ b/NSspi.csproj @@ -56,10 +56,12 @@ + + diff --git a/NativeMethods.cs b/NativeMethods.cs index 438bb21..db87fc7 100644 --- a/NativeMethods.cs +++ b/NativeMethods.cs @@ -17,67 +17,7 @@ namespace NSspi // A C++ pure client/server example: // http://msdn.microsoft.com/en-us/library/windows/desktop/aa380536(v=vs.85).aspx - /* - SECURITY_STATUS sResult = AcquireCredentialsHandle( - NULL, // [in] name of principal. NULL = principal of current security context - pszPackageName, // [in] name of package - fCredentialUse, // [in] flags indicating use. - NULL, // [in] pointer to logon identifier. NULL = we're not specifying the id of another logon session - NULL, // [in] package-specific data. NULL = default credentials for security package - NULL, // [in] pointer to GetKey function. NULL = we're not using a callback to retrieve the credentials - NULL, // [in] value to pass to GetKey - this->credentialHandle, // [out] credential handle (this must be already allocated) - &tsExpiry // [out] lifetime of the returned credentials - ); - - SECURITY_STATUS SEC_Entry AcquireCredentialsHandle( - _In_ SEC_CHAR *pszPrincipal, - _In_ SEC_CHAR *pszPackage, - _In_ ULONG fCredentialUse, - _In_ PLUID pvLogonID, - _In_ PVOID pAuthData, - _In_ SEC_GET_KEY_FN pGetKeyFn, - _In_ PVOID pvGetKeyArgument, - _Out_ PCredHandle phCredential, - _Out_ PTimeStamp ptsExpiry - ); - */ - - [DllImport( - "Secur32.dll", - EntryPoint = "AcquireCredentialsHandle", - CallingConvention = CallingConvention.Winapi, - CharSet = CharSet.Unicode, - SetLastError = true - )] - public static extern SecurityStatus AcquireCredentialsHandle( - string principleName, - string packageName, - CredentialUse credentialUse, - IntPtr loginId, - IntPtr packageData, - IntPtr getKeyFunc, - IntPtr getKeyData, - ref RawSspiHandle credentialHandle, - ref long expiry - ); - - /* - SECURITY_STATUS SEC_Entry FreeCredentialsHandle( - _In_ PCredHandle phCredential - ); - */ - [DllImport( - "Secur32.dll", - EntryPoint = "FreeCredentialsHandle", - CallingConvention = CallingConvention.Winapi, - CharSet = CharSet.Unicode, - SetLastError = true - )] - public static extern SecurityStatus FreeCredentialsHandle( - ref RawSspiHandle credentialHandle - ); - + /* SECURITY_STATUS SEC_Entry FreeContextBuffer( _In_ PVOID pvContextBuffer @@ -91,43 +31,6 @@ namespace NSspi SetLastError = true )] public static extern SecurityStatus FreeContextBuffer( IntPtr buffer ); - - - /* - SECURITY_STATUS SEC_Entry QueryCredentialsAttributes( - _In_ PCredHandle phCredential, - _In_ ULONG ulAttribute, - _Out_ PVOID pBuffer - ); - */ - - /// - /// The overload of the QueryCredentialsAttribute method that is used for querying the name attribute. - /// In this call, it takes a void* to a structure that contains a wide char pointer. The wide character - /// pointer is allocated by the SSPI api, and thus needs to be released by a call to FreeContextBuffer(). - /// - /// - /// - /// - /// - [DllImport( - "Secur32.dll", - EntryPoint = "QueryCredentialsAttributes", - CallingConvention = CallingConvention.Winapi, - CharSet = CharSet.Unicode, - SetLastError = true - )] - public static extern SecurityStatus QueryCredentialsAttribute_Name( - ref RawSspiHandle credentialHandle, - CredentialQueryAttrib attributeName, - ref QueryNameAttribCarrier name - ); - - [StructLayout( LayoutKind.Sequential )] - public struct QueryNameAttribCarrier - { - public IntPtr Name; - } } } diff --git a/SspiHandle.cs b/SspiHandle.cs index 6ee7872..99c213c 100644 --- a/SspiHandle.cs +++ b/SspiHandle.cs @@ -75,7 +75,7 @@ namespace NSspi protected override bool ReleaseHandle() { - SecurityStatus status = NativeMethods.FreeCredentialsHandle( + SecurityStatus status = CredentialNativeMethods.FreeCredentialsHandle( ref base.rawHandle );