Implement the context-completion check I've had sitting half done.

2014-06-25 02:00:05 +00:00
parent 14d8ad5db7
commit ade72b32f4
3 changed files with 29 additions and 14 deletions
--- a/Contexts/ClientContext.cs
+++ b/Contexts/ClientContext.cs
@@ -11,7 +11,6 @@ namespace NSspi.Contexts
 {
    public class ClientContext : Context
    {
-        private bool complete;
        private ContextAttrib requestedAttribs;
        private ContextAttrib finalAttribs;
        private string serverPrinc;
@@ -19,8 +18,6 @@ namespace NSspi.Contexts
        public ClientContext( ClientCredential cred, string serverPrinc, ContextAttrib requestedAttribs )
            : base( cred )
        {
-            this.complete = false;
-
            this.serverPrinc = serverPrinc;
            this.requestedAttribs = requestedAttribs;
        }
@@ -112,12 +109,12 @@ namespace NSspi.Contexts

            if ( status == SecurityStatus.OK )
            {
-                this.complete = true;
+                this.Initialized = true;
                outToken = null;
            }
            else if ( status == SecurityStatus.ContinueNeeded )
            {
-                this.complete = false;
+                this.Initialized = false;

                outToken = new byte[outTokenBuffer.Length];
                Array.Copy( outTokenBuffer.Buffer, outToken, outToken.Length );
--- a/Contexts/Context.cs
+++ b/Contexts/Context.cs
@@ -22,12 +22,18 @@ namespace NSspi.Contexts
            this.ContextHandle = new SafeContextHandle();

            this.disposed = false;
+            this.Initialized = false;
        }

        ~Context()
        {
            Dispose( false );
        }
+        
+        /// <summary>
+        /// Whether or not the context is fully formed.
+        /// </summary>
+        public bool Initialized { get; protected set; }

        protected Credential Credential { get; private set; }

@@ -85,7 +91,7 @@ namespace NSspi.Contexts
        public byte[] Encrypt( byte[] input )
        {
            // The message is encrypted in place in the buffer we provide to Win32 EncryptMessage
-            SecPkgContext_Sizes sizes = QueryBufferSizes();
+            SecPkgContext_Sizes sizes;

            SecureBuffer trailerBuffer;
            SecureBuffer dataBuffer;
@@ -95,6 +101,13 @@ namespace NSspi.Contexts
            SecurityStatus status = SecurityStatus.InvalidHandle;
            byte[] result;

+            if ( this.Initialized == false )
+            {
+                throw new InvalidOperationException( "The context is not fully formed." );
+            }
+
+            sizes = QueryBufferSizes();
+
            trailerBuffer = new SecureBuffer( new byte[sizes.SecurityTrailer], BufferType.Token );
            dataBuffer = new SecureBuffer( new byte[input.Length], BufferType.Data );
            paddingBuffer = new SecureBuffer( new byte[sizes.BlockSize], BufferType.Padding );
@@ -148,7 +161,7 @@ namespace NSspi.Contexts

        public byte[] Decrypt( byte[] input )
        {
-            SecPkgContext_Sizes sizes = QueryBufferSizes();
+            SecPkgContext_Sizes sizes;

            SecureBuffer trailerBuffer;
            SecureBuffer dataBuffer;
@@ -164,6 +177,13 @@ namespace NSspi.Contexts
            int dataLength;
            int paddingLength;

+            if ( this.Initialized == false )
+            {
+                throw new InvalidOperationException( "The context is not fully formed." );
+            }
+
+            sizes = QueryBufferSizes();
+
            // This check is required, but not sufficient. We could be stricter.
            if( input.Length < 2 + 4 + 2 + sizes.SecurityTrailer )
            {
@@ -238,7 +258,7 @@ namespace NSspi.Contexts
            return result;
        }

-        internal SecPkgContext_Sizes QueryBufferSizes()
+        private SecPkgContext_Sizes QueryBufferSizes()
        {
            SecPkgContext_Sizes sizes = new SecPkgContext_Sizes();
            SecurityStatus status = SecurityStatus.InternalError;
@@ -280,7 +300,7 @@ namespace NSspi.Contexts
            return sizes;
        }

-        internal string QueryContextString(ContextQueryAttrib attrib)
+        private string QueryContextString(ContextQueryAttrib attrib)
        {
            SecPkgContext_String stringAttrib;
            SecurityStatus status = SecurityStatus.InternalError;
--- a/Contexts/ServerContext.cs
+++ b/Contexts/ServerContext.cs
@@ -12,13 +12,11 @@ namespace NSspi.Contexts
    {
        private ContextAttrib requestedAttribs;
        private ContextAttrib finalAttribs;
-        private bool complete;
-
+        
        public ServerContext(ServerCredential cred, ContextAttrib requestedAttribs) : base ( cred )
        {
            this.requestedAttribs = requestedAttribs;
            this.finalAttribs = ContextAttrib.Zero;
-
        }

        public SecurityStatus AcceptToken( byte[] clientToken, out byte[] nextToken )
@@ -72,7 +70,7 @@ namespace NSspi.Contexts
            if ( status == SecurityStatus.OK )
            {
                nextToken = null;
-                this.complete = true;
+                this.Initialized = true;

                if ( outBuffer.Length != 0 )
                {
@@ -86,7 +84,7 @@ namespace NSspi.Contexts
            }
            else if ( status == SecurityStatus.ContinueNeeded )
            {
-                this.complete = false;
+                this.Initialized = false;

                nextToken = new byte[outBuffer.Length];
                Array.Copy( outBuffer.Buffer, nextToken, nextToken.Length );