From 7503d377704b33617745c1bd9469ca50fee1ae28 Mon Sep 17 00:00:00 2001 From: antiduh Date: Tue, 1 Jul 2014 19:17:56 +0000 Subject: [PATCH] Updated comments. --- NSspi/Credentials/ClientCredential.cs | 7 ++++ NSspi/Credentials/Credential.cs | 39 +++++++++++++++++++- NSspi/Credentials/CredentialNativeMethods.cs | 24 ------------ NSspi/Credentials/CredentialQueryAttrib.cs | 16 +++----- NSspi/Credentials/CredentialUse.cs | 17 +++++++++ NSspi/Credentials/CurrentCredential.cs | 10 +++++ NSspi/Credentials/QueryNameSupport.cs | 9 ++++- NSspi/Credentials/SafeCredentialHandle.cs | 4 +- NSspi/Credentials/ServerCredential.cs | 3 ++ 9 files changed, 92 insertions(+), 37 deletions(-) diff --git a/NSspi/Credentials/ClientCredential.cs b/NSspi/Credentials/ClientCredential.cs index 7bdb855..0320477 100644 --- a/NSspi/Credentials/ClientCredential.cs +++ b/NSspi/Credentials/ClientCredential.cs @@ -7,8 +7,15 @@ using System.Threading.Tasks; namespace NSspi.Credentials { + /// + /// Represents the credentials of the user running the current process, for use as an SSPI client. + /// public class ClientCredential : CurrentCredential { + /// + /// Initializes a new instance of the ClientCredential class. + /// + /// The security package to acquire the credential handle from. public ClientCredential( string package ) : base( package, CredentialUse.Outbound ) { diff --git a/NSspi/Credentials/Credential.cs b/NSspi/Credentials/Credential.cs index 5067ab9..db349f7 100644 --- a/NSspi/Credentials/Credential.cs +++ b/NSspi/Credentials/Credential.cs @@ -12,16 +12,35 @@ using NSspi.Credentials.Credentials; namespace NSspi.Credentials { + /// + /// Provides access to the pre-existing credentials of a security principle. + /// public class Credential : IDisposable { + /// + /// Whether the Credential has been disposed. + /// private bool disposed; + /// + /// The name of the security package that controls the credential. + /// private string securityPackage; + /// + /// A safe handle to the credential's handle. + /// private SafeCredentialHandle safeCredHandle; + /// + /// The UTC time the credentials expire. + /// private DateTime expiry; + /// + /// Initializes a new instance of the Credential class. + /// + /// The security package to acquire the credential from. public Credential( string package ) { this.disposed = false; @@ -31,9 +50,15 @@ namespace NSspi.Credentials this.PackageInfo = PackageSupport.GetPackageCapabilities( this.SecurityPackage ); } - + + /// + /// Gets metadata for the security package associated with the credential. + /// public SecPkgInfo PackageInfo { get; private set; } + /// + /// Gets the name of the security package that owns the credential. + /// public string SecurityPackage { get @@ -44,6 +69,9 @@ namespace NSspi.Credentials } } + /// + /// Returns the name of the principle of the credential. + /// public string Name { get @@ -107,6 +135,9 @@ namespace NSspi.Credentials } } + /// + /// Gets the UTC time the credentials expire. + /// public DateTime Expiry { get @@ -124,6 +155,9 @@ namespace NSspi.Credentials } } + /// + /// Gets a handle to the credential. + /// public SafeCredentialHandle Handle { get @@ -141,6 +175,9 @@ namespace NSspi.Credentials } } + /// + /// Releases all resources associated with the credential. + /// public void Dispose() { Dispose( true ); diff --git a/NSspi/Credentials/CredentialNativeMethods.cs b/NSspi/Credentials/CredentialNativeMethods.cs index 36ad8d2..5976a3e 100644 --- a/NSspi/Credentials/CredentialNativeMethods.cs +++ b/NSspi/Credentials/CredentialNativeMethods.cs @@ -12,30 +12,6 @@ namespace NSspi.Credentials { internal static class CredentialNativeMethods { - /* - SECURITY_STATUS SEC_Entry AcquireCredentialsHandle( - _In_ SEC_CHAR *pszPrincipal, // [in] name of principal. NULL = principal of current security context - _In_ SEC_CHAR *pszPackage, // [in] name of security package - "Kerberos", "Negotiate", "NTLM", etc - _In_ ULONG fCredentialUse, // [in] flags indicating use. - _In_ PLUID pvLogonID, // [in] pointer to logon identifier. NULL = we're not specifying the id of another logon session - _In_ PVOID pAuthData, // [in] package-specific data. NULL = default credentials for security package - _In_ SEC_GET_KEY_FN pGetKeyFn, // [in] pointer to GetKey function. NULL = we're not using a callback to retrieve the credentials - _In_ PVOID pvGetKeyArgument, // [in] value to pass to GetKey - _Out_ PCredHandle phCredential, // [out] credential handle (this must be already allocated) - _Out_ PTimeStamp ptsExpiry // [out] lifetime of the returned credentials - ); - - SECURITY_STATUS SEC_Entry FreeCredentialsHandle( - _In_ PCredHandle phCredential - ); - - SECURITY_STATUS SEC_Entry QueryCredentialsAttributes( - _In_ PCredHandle phCredential, - _In_ ULONG ulAttribute, - _Out_ PVOID pBuffer - ); - */ - [ReliabilityContract( Consistency.WillNotCorruptState, Cer.MayFail)] [DllImport( "Secur32.dll", EntryPoint = "AcquireCredentialsHandle", CharSet = CharSet.Unicode )] internal static extern SecurityStatus AcquireCredentialsHandle( diff --git a/NSspi/Credentials/CredentialQueryAttrib.cs b/NSspi/Credentials/CredentialQueryAttrib.cs index 54e9da3..d5a6e34 100644 --- a/NSspi/Credentials/CredentialQueryAttrib.cs +++ b/NSspi/Credentials/CredentialQueryAttrib.cs @@ -6,18 +6,14 @@ using System.Threading.Tasks; namespace NSspi.Credentials { - /* - #define SECPKG_CRED_ATTR_NAMES 1 - #define SECPKG_CRED_ATTR_SSI_PROVIDER 2 - #define SECPKG_CRED_ATTR_KDC_PROXY_SETTINGS 3 - #define SECPKG_CRED_ATTR_CERT 4 - */ - + /// + /// Identifies credential query types. + /// public enum CredentialQueryAttrib : uint { + /// + /// Queries the credential's principle name. + /// Names = 1, - SsiProvider = 2, - KdcProxySettings = 3, - Cert = 4 } } diff --git a/NSspi/Credentials/CredentialUse.cs b/NSspi/Credentials/CredentialUse.cs index aae9b27..03015e1 100644 --- a/NSspi/Credentials/CredentialUse.cs +++ b/NSspi/Credentials/CredentialUse.cs @@ -6,10 +6,27 @@ using System.Threading.Tasks; namespace NSspi.Credentials { + /// + /// Indicates the manner in which a credential will be used for SSPI authentication. + /// public enum CredentialUse : uint { + /// + /// The credentials will be used for establishing a security context with an inbound request, eg, + /// the credentials will be used by a server building a security context with a client. + /// Inbound = 1, + + /// + /// The credentials will be used for establishing a security context as an outbound request, + /// eg, the credentials will be used by a client to build a security context with a server. + /// Outbound = 2, + + /// + /// The credentials may be used to to either build a client's security context or a server's + /// security context. + /// Both = 3, } } diff --git a/NSspi/Credentials/CurrentCredential.cs b/NSspi/Credentials/CurrentCredential.cs index e951039..218b8c8 100644 --- a/NSspi/Credentials/CurrentCredential.cs +++ b/NSspi/Credentials/CurrentCredential.cs @@ -7,8 +7,18 @@ using System.Threading.Tasks; namespace NSspi.Credentials { + /// + /// Acquires a handle to the credentials of the user associated with the current process. + /// public class CurrentCredential : Credential { + /// + /// Initializes a new instance of the CurrentCredential class. + /// + /// The security package to acquire the credential handle + /// from. + /// The manner in which the credentials will be used - Inbound typically + /// represents servers, outbound typically represent clients. public CurrentCredential( string securityPackage, CredentialUse use ) : base( securityPackage ) { diff --git a/NSspi/Credentials/QueryNameSupport.cs b/NSspi/Credentials/QueryNameSupport.cs index e762cc4..606d313 100644 --- a/NSspi/Credentials/QueryNameSupport.cs +++ b/NSspi/Credentials/QueryNameSupport.cs @@ -7,9 +7,16 @@ using System.Threading.Tasks; namespace NSspi.Credentials.Credentials { + /// + /// Stores the result from a query of a credential's principle name. + /// [StructLayout( LayoutKind.Sequential )] - public struct QueryNameAttribCarrier + internal struct QueryNameAttribCarrier { + /// + /// A pointer to a null-terminated ascii c-string containing the principle name + /// associated with a credential + /// public IntPtr Name; } } diff --git a/NSspi/Credentials/SafeCredentialHandle.cs b/NSspi/Credentials/SafeCredentialHandle.cs index 2f6eaff..1647080 100644 --- a/NSspi/Credentials/SafeCredentialHandle.cs +++ b/NSspi/Credentials/SafeCredentialHandle.cs @@ -7,7 +7,9 @@ using System.Threading.Tasks; namespace NSspi.Credentials { - + /// + /// Provides a managed handle to an SSPI credential. + /// public class SafeCredentialHandle : SafeSspiHandle { public SafeCredentialHandle() diff --git a/NSspi/Credentials/ServerCredential.cs b/NSspi/Credentials/ServerCredential.cs index 7721ca6..eada90a 100644 --- a/NSspi/Credentials/ServerCredential.cs +++ b/NSspi/Credentials/ServerCredential.cs @@ -7,6 +7,9 @@ using System.Threading.Tasks; namespace NSspi.Credentials { + /// + /// Represents the credentials of the user running the current process, for use as an SSPI server. + /// public class ServerCredential : CurrentCredential { public ServerCredential( string package )