jeff/NSspi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Commit Graph

  • e980e11184 Modified the initialization process a little to better control when a context is marked as initialized. antiduh 2014-07-01 18:31:33 +00:00
  • 5403321a49 Removed the finalizer from Context. The unmanaged resources are captured by other managed objects, who themselves are finalizable objects (usually CriticalFinalizerObject or SafeHandles). antiduh 2014-07-01 18:19:11 +00:00
  • c8ae206306 Removed todo antiduh 2014-07-01 18:15:03 +00:00
  • bce9d7b81c Added license. antiduh 2014-07-01 18:10:17 +00:00
  • db4d5f7d03 Added a Readme. antiduh 2014-07-01 18:07:47 +00:00
  • 894eb60161 Moved the simple demo code to its own project so that the NSspi.csproj project could be a standard dll, and not a referenced exe assembly. antiduh 2014-07-01 15:57:58 +00:00
  • b8fd4d9a07 Added a helpful flag to ServerContext to indicate to consumers whether it can support impersonation. Added checks to throw exceptions if impersonation is attempted on a ServerContext that does not support impersonation. Also modified the disposal behavior so that if the ServerContext is disposed while impersonation is occurring, impersonation is explicitly reverted. Consumers wishing to perform long-term impersonation must hold valid references to both the context and impersonation handle. antiduh 2014-07-01 15:52:00 +00:00
  • aed206e1be Working on writing comments and documentation. antiduh 2014-07-01 02:10:53 +00:00
  • f65ca7aaaa Added length validation to the Decrypt and VerifySignature methods. antiduh 2014-07-01 01:20:08 +00:00
  • e86fea598d Refactored the common code in ClientCredential and ServerCredential to a common class, CurrentCredential. antiduh 2014-07-01 01:13:33 +00:00
  • fcacd2195b Implemented a simple impersonation demo. antiduh 2014-06-30 20:09:42 +00:00
  • a41e35dc84 CredentialType.cs no longer used. antiduh 2014-06-30 20:09:17 +00:00
  • dec1509835 Refactored Credential et al so that the security package is provided by name (string), and not an enum. Security packages are runtime enumerable, and new ones may be created that we don't have any idea of. antiduh 2014-06-30 15:36:20 +00:00
  • 5da12ad4c4 Split the Credential init code off into each concrete credential. antiduh 2014-06-30 15:32:31 +00:00
  • 372460a78f Reworking Credential so that it can be extended by a third party for adapting to other means of acquiring credentials. antiduh 2014-06-30 15:23:12 +00:00
  • 9d0403ead6 More ReliabilityContracts for finalizer code. antiduh 2014-06-30 15:17:51 +00:00
  • 798d6be4ad Added more disposed checks. antiduh 2014-06-30 15:05:38 +00:00
  • 04df802e54 Add ReliabilityContract for the ReleaseHandle on SafeSspiHandle so that it can fully participate in the implicit CER that is created during finalization. antiduh 2014-06-30 15:05:29 +00:00
  • 6ed1ab5f76 Added more disposed checks. antiduh 2014-06-30 14:49:26 +00:00
  • 0070e94aed Changed the demo's ServerForm to display the client's username when a client connects. antiduh 2014-06-30 14:40:39 +00:00
  • cec7b8b88f Switch the rest of the API to the new TimeStamp structure. Fix the TimeStamp structure to handle dates that are past the upper limit of DateTime.MaxValue. antiduh 2014-06-29 16:39:42 +00:00
  • 5272979f19 Reworked the Expiry support to expose it in the first place, and to store and present it as a DateTime object. antiduh 2014-06-29 14:24:58 +00:00
  • bc97ef64ae Removed unused test code antiduh 2014-06-29 14:21:20 +00:00
  • 60ea145e86 Increase the reliability of QueryCredentialsAttribute_Name usage by wrapping a try-finally around the allocation that happens inside the CER. antiduh 2014-06-28 16:46:21 +00:00
  • 241da896b1 Implemented the ability to query the EnumerateSecurityPackages native API safely. antiduh 2014-06-27 22:00:18 +00:00
  • 7e5f2a6308 Fixed the demo's CustomServer confusion over Disconnected - it was firing it when a full shutdown occurred, not just when the current client disconnected. Created a second Stopped event to track when the full shutdown actually occurs; still not used by UI. antiduh 2014-06-27 21:59:19 +00:00
  • 7512b11a66 Implement signed message passing in the UIs. antiduh 2014-06-27 18:01:46 +00:00
  • 55969a41f5 Comments. antiduh 2014-06-27 17:41:28 +00:00
  • cbaf311339 Improve the reliability of the SecureBufferAdapter, so that we can make stronger guarantees that the held GC handles will be released even if the object is leaked. antiduh 2014-06-27 17:40:03 +00:00
  • c1b7785440 Reorganized the project to put the library one folder down. antiduh 2014-06-27 14:38:28 +00:00
  • ffb7e36edb Helper methods to safely invoke the VerifySignature and MakeSignature native methods. antiduh 2014-06-27 01:52:42 +00:00
  • 4224193f6f CERs around the handle usage in MakeSignature and VerifySignature antiduh 2014-06-27 01:47:43 +00:00
  • fc9daf3611 Fix ImpersonationHandle so that it survives multiple disposes. antiduh 2014-06-27 01:43:08 +00:00
  • 85288a9dae Implemented message signature and validation. antiduh 2014-06-27 01:29:03 +00:00
  • 9310dde83b Rearrange the conditionals so that I always perform the Free if I got back a non-zero pointer, but only perform the Marshal if I got back a valid pointer and a good status code. antiduh 2014-06-27 00:18:31 +00:00
  • b55c367caa Better protection against leaking handles - use a nested try-finally when allocating inside a CER. The inner finally protects against the case where the PtrToStructure, which allocates, fails. antiduh 2014-06-26 23:43:14 +00:00
  • c9a4e69dc3 Fixed spelling. antiduh 2014-06-26 23:40:35 +00:00
  • 0506420ab4 Reconstruct the context after it's done. antiduh 2014-06-26 21:56:06 +00:00
  • ef8094d9da Fixed server shutdown. antiduh 2014-06-26 21:55:51 +00:00
  • 3136c0d3b2 Fixed the server form state machine to set that we're back to initializing on disconnect. antiduh 2014-06-26 21:47:18 +00:00
  • 6d4fc877ec Slowly trying to make this thing work reliably when restarting the demo. antiduh 2014-06-26 21:39:58 +00:00
  • f91402ef4b Renamed the client and server forms to have their role in the name. antiduh 2014-06-26 20:59:32 +00:00
  • 8b032cb871 These files were moved. antiduh 2014-06-26 20:59:02 +00:00
  • a8b98b3a1e More visibility restriction. antiduh 2014-06-26 18:04:44 +00:00
  • 5b3a92ee66 Implemented the server form. Client <-> Server interaction actually works. antiduh 2014-06-26 18:00:50 +00:00
  • 81ed80a4d0 Fixed namespaces; Working on server-side UI. antiduh 2014-06-25 21:49:35 +00:00
  • 2e6b847434 Working on a rough demo client/server app. antiduh 2014-06-25 21:28:03 +00:00
  • 6dfaa54b63 Added basic functionality to query package information. antiduh 2014-06-25 20:14:12 +00:00
  • 5f3fd64169 Rough implementation of impersonation. antiduh 2014-06-25 20:12:46 +00:00
  • 9118815314 Forgot to commit the stub class antiduh 2014-06-25 02:49:54 +00:00
  • 95195f1214 Working on implementing impersonation. antiduh 2014-06-25 02:49:25 +00:00
  • ade72b32f4 Implement the context-completion check I've had sitting half done. antiduh 2014-06-25 02:00:05 +00:00
  • 14d8ad5db7 Now with consistent namespaces and using statement sorting. antiduh 2014-06-25 01:48:52 +00:00
  • ea80cfb1f5 More hiding internals. antiduh 2014-06-25 01:32:42 +00:00
  • 1577d2de66 More reliability contracts for CERs. antiduh 2014-06-25 01:30:03 +00:00
  • e274ce06eb Reduce methods visibility antiduh 2014-06-25 01:28:15 +00:00
  • 3ee755128f More CER goodness. antiduh 2014-06-25 01:26:59 +00:00
  • 26888a8b7b Create a similar SafeDecryptMessage that handles the CER crud. Change the Safe*Message methods to order the parameters the same (even though the Win32 API doesn't..) and to take in the SecureBufferAdapter instead of its handle. antiduh 2014-06-25 01:08:29 +00:00
  • 2b52e1d84f Helper method for invoking native methods with a CER. antiduh 2014-06-24 22:57:02 +00:00
  • 8837f3e95c Implemented CERs for encryption and decryption. antiduh 2014-06-24 22:51:38 +00:00
  • bf1312cb81 More reliability contracts. antiduh 2014-06-24 22:43:40 +00:00
  • d2ca5fa81b Now that all handles are properly sized, no longer need to restrict to 32-bit mode. antiduh 2014-06-24 22:35:23 +00:00
  • 4f98c9467e Implemented safe access to the safeCredHandle when reading credential name. antiduh 2014-06-24 22:34:44 +00:00
  • 28a3835060 No need to manually delete the context handle, it's under a safe handle now. antiduh 2014-06-24 22:01:26 +00:00
  • 56e48dc65d Cleaned up code style and comments antiduh 2014-06-24 21:35:32 +00:00
  • 766b16e93c Added a little helper to understand the meaning of a SecurityStatus. Don't store the SecurityStatus as an int; we don't need signed semantics and it just complicates comparisons and literals. antiduh 2014-06-24 21:10:29 +00:00
  • 970c0f2bfa Moved the safe handles for credentials and contexts into their own file. antiduh 2014-06-24 20:21:09 +00:00
  • 508cd9df49 Move credential native methods to their own file. Create a QueryNameSupport.cs file to hold a couple classes related to implementing that functionality. antiduh 2014-06-24 20:19:58 +00:00
  • 6b3e395f7c Implemented SafeHandle usage for Context et al. The usage isn't actually safe yet, since I still reference the rawHandle without doing safe (CER) reference counting on the handle. antiduh 2014-06-24 19:41:19 +00:00
  • a681cc27c5 Changed the SafeSspiHandle et al to invalidate the underlying handle after releasing it. antiduh 2014-06-24 17:41:35 +00:00
  • 1fcbf6da72 Added the app.config file to the repo. Updated the svn:ignore property to ignore the .user files. antiduh 2014-06-24 03:15:46 +00:00
  • fe14836949 Fixed Credential using a fixed-size 64-bit handle; it's always 2 pointers. Reworked the Credential handle into a SafeCredentialHandle. We still use references to the raw handle, which is unsafe, but I will hopefully rework that soon. antiduh 2014-06-24 03:01:53 +00:00
  • 19f2e71e9c Make sure prefer 32-bit is set for now. Not 64-bit safe, because I'm bad at credential handle sizes.. antiduh 2014-06-24 01:24:42 +00:00
  • 6f5834c716 No longer need unsafe. antiduh 2014-06-23 21:50:21 +00:00
  • 3ac7fb5ec8 Initial implementation of EncryptMessage and DecryptMessage. antiduh 2014-06-23 21:50:12 +00:00
  • 9785183f31 Added support for querying the context's user name and authority. Still working my way up to EncryptMessage. antiduh 2014-06-23 18:30:26 +00:00
  • 1be2b9c7ef Saving work.. working on implementing EncryptMessage. The buffer types and allocation that get passed to the call is really crazy in the sample. antiduh 2014-06-23 02:34:36 +00:00
  • 3142cfff7b Fixed ServerContext to store its final attributes. antiduh 2014-06-23 02:33:47 +00:00
  • 93bdd38729 A little cleaner, and we can complete negotiation. antiduh 2014-06-23 00:13:50 +00:00
  • 352e4d18fc Working on implementing the ServerContext and structuring things so that invoking the public interface is a little easier - trying to move out of proof-of-concept code to prototype code. Still need to rework how I deal with the context and credential handles, worried that they're not treated safe. Still need to reorganize a lot of where code lives. Very inconsistent so far. antiduh 2014-06-22 16:20:10 +00:00
  • a079449f85 Changed how internal structures are created for handling SecureBuffers. antiduh 2014-06-22 03:35:47 +00:00
  • 1c5849ba94 Moved the secure buffer code to its own folder. antiduh 2014-06-22 00:43:47 +00:00
  • c64765fbdf I can now successfully call InitializeSecurityContext and get a status of ContinueNeeded. antiduh 2014-06-21 16:32:34 +00:00
  • cc0235262c Done screwing with WindowsPrinciple. Switch to CredTest again for the remaining development. antiduh 2014-06-20 18:07:15 +00:00
  • 0655259f46 Rough capture of the options to InitializeSecurityContext (used by clients) and AcceptSecurityContext (used by servers). Some of the options are used only by clients (prefaced by init) and some are only used by servers (prefaced by Accept). It might be worth to either separate the two sets by client options and server options, or unifying the sets in the public interface, and translating to the correct values when actually calling ISC or ASC. antiduh 2014-06-20 18:06:33 +00:00
  • cfba81cfe2 Working on some of the fundamentals of the Context side of things. The Win 32 API is very wonky here though. Going to take some time. antiduh 2014-06-19 21:53:34 +00:00
  • 07b6c4c77c Add the DllImport attrib for InitializeSecurityContext_Client; still only a rough idea of how it will be used. antiduh 2014-06-19 21:52:53 +00:00
  • cca5cf8486 Messing around with verification and impersonation with WindowsIdentity. antiduh 2014-06-19 21:52:10 +00:00
  • d7d552ad58 Implemented ClientCredential - just a wrapper around Credential. antiduh 2014-06-19 21:09:36 +00:00
  • 241b2a596f Slowly working on InitializeSecurityContext antiduh 2014-06-19 18:45:15 +00:00
  • d35db9d62a Moved the credential files into their own folder. antiduh 2014-06-19 15:25:45 +00:00
  • 52219057b7 Forgot to include the ClientCredential and ServerCredential files in the project. antiduh 2014-06-19 15:24:08 +00:00
  • 3c100caf28 Helper classes to provide client-aspect usage and server-aspect usage of the API. antiduh 2014-06-19 03:12:40 +00:00
  • 737ebc19da Fixed compiler error and comment error. antiduh 2014-06-19 03:08:12 +00:00
  • f0f057d3bb Added support for querying a credential's name. antiduh 2014-06-19 03:07:34 +00:00
  • f96ef74e9b Implemented Credential acquisition and release. antiduh 2014-06-19 02:26:30 +00:00
  • 22c6a5d3f9 Still working on the base implementation. antiduh 2014-06-18 22:07:56 +00:00
  • 87692b3cc6 New project to interface with the Microsoft Windows SSPI integration authentication API. antiduh 2014-06-18 21:26:43 +00:00