Convert project to .NET 4.8 and add Wrap and Unwrap functionality to Encrypt and Decrypt messages

NSspi.sln

@@ -1,7 +1,7 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio 14
+# Visual Studio 15
-VisualStudioVersion = 14.0.25420.1
+VisualStudioVersion = 16.0.28527.54
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "TestClient", "TestClient\TestClient.csproj", "{E93FBF1A-5198-44D6-BDF0-880D17F2B81A}"
 EndProject

NSspi/Contexts/Context.cs

@@ -1,6 +1,7 @@
 using System;
 using System.Runtime.CompilerServices;
 using System.Runtime.InteropServices;
+using System.Security.Principal;
 using NSspi.Buffers;
 using NSspi.Credentials;
 
@@ -82,6 +83,11 @@ namespace NSspi.Contexts
         /// </summary>
         public bool Disposed { get; private set; }
 
+        /// <summary>
+        /// Constant for wrapping only...no encryption
+        /// </summary>
+        protected uint KERB_WRAP_NO_ENCRYPT = 0x80000001;
+
         /// <summary>
         /// Marks the context as having completed the initialization process, ie, exchanging of authentication tokens.
         /// </summary>
@@ -117,6 +123,105 @@ namespace NSspi.Contexts
             this.Disposed = true;
         }
 
+        /// <summary>
+        /// Returns the identity of the remote entity.
+        /// </summary>
+        /// <returns></returns>
+        public IIdentity GetRemoteIdentity()
+        {
+            IIdentity result = null;
+
+            using( var tokenHandle = GetContextToken() )
+            {
+                bool gotRef = false;
+
+                RuntimeHelpers.PrepareConstrainedRegions();
+                try
+                {
+                    tokenHandle.DangerousAddRef( ref gotRef );
+                }
+                catch( Exception )
+                {
+                    if( gotRef )
+                    {
+                        tokenHandle.DangerousRelease();
+                        gotRef = false;
+                    }
+
+                    throw;
+                }
+                finally
+                {
+                    try
+                    {
+                        result = new WindowsIdentity(
+                            tokenHandle.DangerousGetHandle(),
+                            this.Credential.SecurityPackage
+                        );
+                    }
+                    finally
+                    {
+                        // Make sure we release the handle, even if the allocation for
+                        // WindowsIdentity fails.
+                        tokenHandle.DangerousRelease();
+                    }
+                }
+            }
+
+            return result;
+        }
+
+        private SafeTokenHandle GetContextToken()
+        {
+            bool gotRef = false;
+            SecurityStatus status = SecurityStatus.InternalError;
+            SafeTokenHandle token;
+
+            RuntimeHelpers.PrepareConstrainedRegions();
+            try
+            {
+                this.ContextHandle.DangerousAddRef( ref gotRef );
+            }
+            catch( Exception )
+            {
+                if( gotRef )
+                {
+                    this.ContextHandle.DangerousRelease();
+                    gotRef = false;
+                }
+
+                throw;
+            }
+            finally
+            {
+                if( gotRef )
+                {
+                    try
+                    {
+                        status = ContextNativeMethods.QuerySecurityContextToken(
+                            ref this.ContextHandle.rawHandle,
+                            out token
+                        );
+                    }
+                    finally
+                    {
+                        this.ContextHandle.DangerousRelease();
+                    }
+                }
+                else
+                {
+                    token = null;
+                }
+            }
+
+            if( status != SecurityStatus.OK )
+            {
+                throw new SSPIException( "Failed to query context token.", status );
+            }
+
+            return token;
+        }
+
         /// <summary>
         /// Encrypts the byte array using the context's session key.
         /// </summary>
@@ -130,8 +235,9 @@ namespace NSspi.Contexts
         ///  - The padding buffer.
         /// </remarks>
         /// <param name="input">The raw message to encrypt.</param>
+        /// <param name="wrapOnly">Only wrap the message, no encryption</param>
         /// <returns>The packed and encrypted message.</returns>
-        public byte[] Encrypt( byte[] input )
+        public byte[] Encrypt( byte[] input, bool wrapOnly = false )
         {
             // The message is encrypted in place in the buffer we provide to Win32 EncryptMessage
             SecPkgContext_Sizes sizes;
@@ -156,9 +262,14 @@ namespace NSspi.Contexts
 
             using( adapter = new SecureBufferAdapter( new[] { trailerBuffer, dataBuffer, paddingBuffer } ) )
             {
+                uint qualityOfProtection = 0u;
+                if (wrapOnly)
+                {
+                    qualityOfProtection = KERB_WRAP_NO_ENCRYPT;
+                }
                 status = ContextNativeMethods.SafeEncryptMessage(
                     this.ContextHandle,
-                    0,
+                    qualityOfProtection,
                     adapter,
                     0
                 );
@@ -212,8 +323,9 @@ namespace NSspi.Contexts
         ///  - The padding buffer.
         /// </remarks>
         /// <param name="input">The packed and encrypted data.</param>
+        /// <param name="unwrapOnly">Only wrap the message, no encryption</param>
         /// <returns>The original plaintext message.</returns>
-        public byte[] Decrypt( byte[] input )
+        public byte[] Decrypt( byte[] input, bool unwrapOnly = false)
         {
             SecPkgContext_Sizes sizes;
 
@@ -293,9 +405,14 @@ namespace NSspi.Contexts
 
             using( adapter = new SecureBufferAdapter( new[] { trailerBuffer, dataBuffer, paddingBuffer } ) )
             {
+                uint qualityOfProtection = 0u;
+                if (unwrapOnly)
+                {
+                    qualityOfProtection = KERB_WRAP_NO_ENCRYPT;
+                }
                 status = ContextNativeMethods.SafeDecryptMessage(
                     this.ContextHandle,
-                    0,
+                    qualityOfProtection,
                     adapter,
                     0
                 );

NSspi/Contexts/ContextNativeMethods.cs

@@ -106,9 +106,9 @@ namespace NSspi.Contexts
         [DllImport( "Secur32.dll", EntryPoint = "EncryptMessage", CharSet = CharSet.Unicode )]
         internal static extern SecurityStatus EncryptMessage(
             ref RawSspiHandle contextHandle,
-            int qualityOfProtection,
+            uint qualityOfProtection,
             IntPtr bufferDescriptor,
-            int sequenceNumber
+            uint sequenceNumber
         );
 
         [ReliabilityContract( Consistency.WillNotCorruptState, Cer.MayFail )]
@@ -116,17 +116,17 @@ namespace NSspi.Contexts
         internal static extern SecurityStatus DecryptMessage(
             ref RawSspiHandle contextHandle,
             IntPtr bufferDescriptor,
-            int sequenceNumber,
+            uint sequenceNumber,
-            int qualityOfProtection
+            uint qualityOfProtection
         );
 
         [ReliabilityContract( Consistency.WillNotCorruptState, Cer.MayFail )]
         [DllImport( "Secur32.dll", EntryPoint = "MakeSignature", CharSet = CharSet.Unicode )]
         internal static extern SecurityStatus MakeSignature(
             ref RawSspiHandle contextHandle,
-            int qualityOfProtection,
+            uint qualityOfProtection,
             IntPtr bufferDescriptor,
-            int sequenceNumber
+            uint sequenceNumber
         );
 
         [ReliabilityContract( Consistency.WillNotCorruptState, Cer.MayFail )]
@@ -134,8 +134,8 @@ namespace NSspi.Contexts
         internal static extern SecurityStatus VerifySignature(
             ref RawSspiHandle contextHandle,
             IntPtr bufferDescriptor,
-            int sequenceNumber,
+            uint sequenceNumber,
-            int qualityOfProtection
+            uint qualityOfProtection
         );
 
         [ReliabilityContract( Consistency.WillNotCorruptState, Cer.Success )]
@@ -174,6 +174,10 @@ namespace NSspi.Contexts
         [DllImport( "Secur32.dll", EntryPoint = "RevertSecurityContext", CharSet = CharSet.Unicode )]
         internal static extern SecurityStatus RevertSecurityContext( ref RawSspiHandle contextHandle );
 
+        [ReliabilityContract( Consistency.WillNotCorruptState, Cer.Success )]
+        [DllImport( "Secur32.dll", EntryPoint = "QuerySecurityContextToken", SetLastError = true )]
+        internal static extern SecurityStatus QuerySecurityContextToken( ref RawSspiHandle contextHandle, [Out] out SafeTokenHandle handle );
+
         [StructLayout( LayoutKind.Sequential )]
         private class KeyStruct
         {
@@ -251,9 +255,9 @@ namespace NSspi.Contexts
         /// <returns></returns>
         internal static SecurityStatus SafeEncryptMessage(
             SafeContextHandle handle,
-            int qualityOfProtection,
+            uint qualityOfProtection,
             SecureBufferAdapter bufferAdapter,
-            int sequenceNumber )
+            uint sequenceNumber )
         {
             SecurityStatus status = SecurityStatus.InternalError;
             bool gotRef = false;
@@ -302,9 +306,9 @@ namespace NSspi.Contexts
         /// <returns></returns>
         internal static SecurityStatus SafeDecryptMessage(
             SafeContextHandle handle,
-            int qualityOfProtection,
+            uint qualityOfProtection,
             SecureBufferAdapter bufferAdapter,
-            int sequenceNumber )
+            uint sequenceNumber )
         {
             SecurityStatus status = SecurityStatus.InvalidHandle;
             bool gotRef = false;
@@ -353,9 +357,9 @@ namespace NSspi.Contexts
         /// <returns></returns>
         internal static SecurityStatus SafeMakeSignature(
             SafeContextHandle handle,
-            int qualityOfProtection,
+            uint qualityOfProtection,
             SecureBufferAdapter adapter,
-            int sequenceNumber )
+            uint sequenceNumber )
         {
             bool gotRef = false;
             SecurityStatus status = SecurityStatus.InternalError;
@@ -404,9 +408,9 @@ namespace NSspi.Contexts
         /// <returns></returns>
         internal static SecurityStatus SafeVerifySignature(
             SafeContextHandle handle,
-            int qualityOfProtection,
+            uint qualityOfProtection,
             SecureBufferAdapter adapter,
-            int sequenceNumber )
+            uint sequenceNumber )
         {
             bool gotRef = false;
             SecurityStatus status = SecurityStatus.InternalError;

NSspi/Contexts/SafeTokenHandle.cs

@@ -0,0 +1,27 @@
+using System;
+using System.Runtime.InteropServices;
+
+namespace NSspi.Contexts
+{
+    public class SafeTokenHandle : SafeHandle
+    {
+        public SafeTokenHandle() : base( IntPtr.Zero, true )
+        {
+        }
+
+        public override bool IsInvalid
+        {
+            get
+            {
+                return handle == IntPtr.Zero || handle == new IntPtr( -1 );
+            }
+        }
+
+        protected override bool ReleaseHandle()
+        {
+            NativeMethods.CloseHandle( this.handle );
+
+            return true;
+        }
+    }
+}

NSspi/Contexts/ServerContext.cs

@@ -246,7 +246,7 @@ namespace NSspi.Contexts
 
             if( this.impersonating && this.impersonationSetsThreadPrinciple )
             {
-                SetThreadPrinciple();
+                Thread.CurrentPrincipal = new WindowsPrincipal( (WindowsIdentity)GetRemoteIdentity() );
             }
 
             return handle;
@@ -315,15 +315,5 @@ namespace NSspi.Contexts
 
             base.Dispose( disposing );
         }
-
-        /// <summary>
-        /// Set the current thread security context to the impersonated identity.
-        /// </summary>
-        private void SetThreadPrinciple()
-        {
-            Thread.CurrentPrincipal = new WindowsPrincipal(
-                WindowsIdentity.GetCurrent( TokenAccessLevels.AllAccess ) 
-            );
-        }
     }
 }

NSspi/NSspi.csproj

@@ -5,19 +5,17 @@
     <AssemblyName>NSspi</AssemblyName>
     <GeneratePackageOnBuild>true</GeneratePackageOnBuild>
     <Authors>Kevin Thompson</Authors>
-    <PackageReleaseNotes>Adds multi-targetting to support .Net Standard 2.0.</PackageReleaseNotes>
+    <PackageReleaseNotes>Adds support for accessing the remote identity.</PackageReleaseNotes>
     <PackageProjectUrl>https://github.com/antiduh/nsspi</PackageProjectUrl>
-    <Version>0.3.0.0</Version>
+    <Version>0.3.1.0</Version>
     <SignAssembly>true</SignAssembly>
     <DelaySign>false</DelaySign>
     <AssemblyOriginatorKeyFile>nsspi key.snk</AssemblyOriginatorKeyFile>
     <PackageLicenseFile>License.txt</PackageLicenseFile>
   </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(TargetFramework)|$(Platform)'=='Debug|netstandard2.0|AnyCPU'">
+  
-    <DocumentationFile>NSspi.xml</DocumentationFile>
+  <PropertyGroup>
-  </PropertyGroup>
+    <GenerateDocumentationFile>true</GenerateDocumentationFile>
-  <PropertyGroup Condition="'$(Configuration)|$(TargetFramework)|$(Platform)'=='Release|netstandard2.0|AnyCPU'">
-    <DocumentationFile>NSspi.xml</DocumentationFile>
   </PropertyGroup>
 
   <ItemGroup Condition=" '$(TargetFramework)' == 'netstandard2.0' ">

NSspi/NativeMethods.cs

@@ -17,5 +17,9 @@ namespace NSspi
         [ReliabilityContract( Consistency.WillNotCorruptState, Cer.Success )]
         [DllImport( "Secur32.dll", EntryPoint = "EnumerateSecurityPackages", CharSet = CharSet.Unicode )]
         internal static extern SecurityStatus EnumerateSecurityPackages( ref int numPackages, ref IntPtr pkgInfoArry );
+
+        [DllImport( "Kernel32.dll", EntryPoint = "CloseHandle", SetLastError = true )]
+        [ReliabilityContract( Consistency.WillNotCorruptState, Cer.Success )]
+        internal static extern bool CloseHandle( IntPtr handle );
     }
 }

NsspiDemo/App.config

@@ -1,6 +1,6 @@
 <?xml version="1.0"?>
 <configuration>
   <startup>
-    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1"/>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8"/>
   </startup>
 </configuration>

NsspiDemo/NsspiDemo.csproj

@@ -9,7 +9,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>NsspiDemo</RootNamespace>
     <AssemblyName>NsspiDemo</AssemblyName>
-    <TargetFrameworkVersion>v4.6.1</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <TargetFrameworkProfile />
   </PropertyGroup>

NsspiDemo/Properties/Resources.Designer.cs

@@ -19,7 +19,7 @@ namespace NsspiDemo.Properties {
     // class via a tool like ResGen or Visual Studio.
     // To add or remove a member, edit your .ResX file then rerun ResGen
     // with the /str option, or rebuild your VS project.
-    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "15.0.0.0")]
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "17.0.0.0")]
     [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
     [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
     internal class Resources {

NsspiDemo/Properties/Settings.Designer.cs

@@ -12,7 +12,7 @@ namespace NsspiDemo.Properties {
     
     
     [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
-    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "15.9.0.0")]
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "17.7.0.0")]
     internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase {
         
         private static Settings defaultInstance = ((Settings)(global::System.Configuration.ApplicationSettingsBase.Synchronized(new Settings())));

TestClient/App.config

@@ -1,6 +1,6 @@
 <?xml version="1.0"?>
 <configuration>
   <startup>
-    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1"/>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8"/>
   </startup>
 </configuration>

TestClient/Properties/Resources.Designer.cs

@@ -19,7 +19,7 @@ namespace TestClient.Properties {
     // class via a tool like ResGen or Visual Studio.
     // To add or remove a member, edit your .ResX file then rerun ResGen
     // with the /str option, or rebuild your VS project.
-    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "15.0.0.0")]
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "17.0.0.0")]
     [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
     [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
     internal class Resources {

TestClient/Properties/Settings.Designer.cs

@@ -12,7 +12,7 @@ namespace TestClient.Properties {
     
     
     [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
-    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "15.9.0.0")]
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "17.7.0.0")]
     internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase {
         
         private static Settings defaultInstance = ((Settings)(global::System.Configuration.ApplicationSettingsBase.Synchronized(new Settings())));

TestClient/TestClient.csproj

@@ -9,7 +9,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>TestClient</RootNamespace>
     <AssemblyName>TestClient</AssemblyName>
-    <TargetFrameworkVersion>v4.6.1</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <TargetFrameworkProfile />
   </PropertyGroup>

TestProtocol/App.config

@@ -1,6 +1,6 @@
 <?xml version="1.0"?>
 <configuration>
   <startup>
-    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1"/>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8"/>
   </startup>
 </configuration>

TestProtocol/Properties/Resources.Designer.cs

@@ -19,7 +19,7 @@ namespace TestProtocol.Properties {
     // class via a tool like ResGen or Visual Studio.
     // To add or remove a member, edit your .ResX file then rerun ResGen
     // with the /str option, or rebuild your VS project.
-    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "15.0.0.0")]
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "17.0.0.0")]
     [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
     [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
     internal class Resources {

TestProtocol/Properties/Settings.Designer.cs

@@ -12,7 +12,7 @@ namespace TestProtocol.Properties {
     
     
     [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
-    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "15.9.0.0")]
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "17.7.0.0")]
     internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase {
         
         private static Settings defaultInstance = ((Settings)(global::System.Configuration.ApplicationSettingsBase.Synchronized(new Settings())));

TestProtocol/TestProtocol.csproj

@@ -9,7 +9,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>TestProtocol</RootNamespace>
     <AssemblyName>TestProtocol</AssemblyName>
-    <TargetFrameworkVersion>v4.6.1</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <TargetFrameworkProfile />
   </PropertyGroup>

TestServer/App.config

@@ -1,6 +1,6 @@
 <?xml version="1.0"?>
 <configuration>
   <startup>
-    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1"/>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8"/>
   </startup>
 </configuration>

TestServer/Properties/Resources.Designer.cs

@@ -19,7 +19,7 @@ namespace TestServer.Properties {
     // class via a tool like ResGen or Visual Studio.
     // To add or remove a member, edit your .ResX file then rerun ResGen
     // with the /str option, or rebuild your VS project.
-    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "15.0.0.0")]
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "17.0.0.0")]
     [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
     [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
     internal class Resources {

TestServer/Properties/Settings.Designer.cs

@@ -12,7 +12,7 @@ namespace TestServer.Properties {
     
     
     [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
-    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "15.9.0.0")]
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "17.7.0.0")]
     internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase {
         
         private static Settings defaultInstance = ((Settings)(global::System.Configuration.ApplicationSettingsBase.Synchronized(new Settings())));

TestServer/ServerForm.Designer.cs

@@ -170,7 +170,8 @@
             // 
             // impersonateButton
             // 
-            this.impersonateButton.Location = new System.Drawing.Point(262, 350);
+            this.impersonateButton.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Bottom | System.Windows.Forms.AnchorStyles.Left)));
+            this.impersonateButton.Location = new System.Drawing.Point(262, 356);
             this.impersonateButton.Name = "impersonateButton";
             this.impersonateButton.Size = new System.Drawing.Size(116, 23);
             this.impersonateButton.TabIndex = 4;

TestServer/ServerForm.cs

@@ -1,14 +1,16 @@
 using System;
+using System.IO;
+using System.Security.Principal;
 using System.Text;
 using System.Windows.Forms;
+using NSspi;
+using NSspi.Contexts;
+using NSspi.Credentials;
 using TestProtocol;
 
 namespace TestServer
 {
-    using System.IO;
+
-    using NSspi;
-    using NSspi.Contexts;
-    using NSspi.Credentials;
     using Message = TestProtocol.Message;
 
     public partial class ServerForm : Form
@@ -38,7 +40,8 @@ namespace TestServer
                 ContextAttrib.SequenceDetect |
                 ContextAttrib.MutualAuth |
                 ContextAttrib.Delegate |
-                ContextAttrib.Confidentiality
+                ContextAttrib.Confidentiality,
+                true
             );
 
             this.server = new CustomServer();
@@ -123,7 +126,11 @@ namespace TestServer
             {
                 MessageBox.Show( "Starting impersonation: " + Environment.UserName );
 
-                FileStream stream = File.Create( Environment.GetFolderPath( Environment.SpecialFolder.DesktopDirectory ) + @"\test.txt" );
+                var directory = Environment.GetFolderPath( Environment.SpecialFolder.DesktopDirectory );
+
+                Directory.CreateDirectory( directory );
+
+                FileStream stream = File.Create( directory + @"\test.txt" );
                 StreamWriter writer = new StreamWriter( stream, Encoding.UTF8 );
 
                 writer.WriteLine( "Hello world." );
@@ -164,6 +171,32 @@ namespace TestServer
             }
         }
 
+        private void InitComplete()
+        {
+            UpdateButtons();
+            this.clientUsernameTextBox.Text = serverContext.ContextUserName;
+
+            var builder = new StringBuilder();
+            var remoteId = this.serverContext.GetRemoteIdentity();
+
+            builder.AppendLine( "Client identity information:" );
+            builder.AppendLine( " - Name: " + remoteId.Name );
+
+            var windowsId = remoteId as WindowsIdentity;
+
+            if( windowsId != null )
+            {
+                builder.AppendLine( " - User SID: " + windowsId.User.Value );
+
+                foreach( var claim in windowsId.Claims )
+                {
+                    builder.AppendLine( " - " + claim.ToString() );
+                }
+            }
+
+            this.receivedTextbox.AppendText( builder.ToString() );
+        }
+
         private void server_Disconnected()
         {
             this.running = true;
@@ -209,11 +242,7 @@ namespace TestServer
                         this.initializing = false;
                         this.connected = true;
 
-                        this.Invoke( (Action)delegate ()
+                        this.Invoke( (Action)InitComplete );
-                        {
-                            UpdateButtons();
-                            this.clientUsernameTextBox.Text = serverContext.ContextUserName;
-                        } );
                     }
                 }
                 else

TestServer/TestServer.csproj

@@ -9,7 +9,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>TestServer</RootNamespace>
     <AssemblyName>TestServer</AssemblyName>
-    <TargetFrameworkVersion>v4.6.1</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <TargetFrameworkProfile />
   </PropertyGroup>

readme.md

@@ -1,11 +1,10 @@
 ## Downloads ##
 
-The latest release of NSspi is v0.2.1. 
+The latest release of NSspi is v0.3.1, released 5-Aug-2019. 
 
-Version 0.2.1 is a minor bugfix release that improves impersonation.
+Version 0.3.1 adds support to obtain an IIdentity/WindowsPrinciple representing the remote connection. This is useful for servers that wish to query the properties on the principle, such as claims.
 
-* [Source](https://github.com/antiduh/nsspi/archive/0.2.1.zip)
+* [Source](https://github.com/antiduh/nsspi/archive/0.3.1.zip)
-* [Binaries](https://github.com/antiduh/nsspi/releases/download/0.2.1/nsspi-0.2.1-bin.zip)
 * [Nuget package](https://www.nuget.org/packages/NSspi)
 
 You can also browse the list of [releases](https://github.com/antiduh/nsspi/releases).