本文整理汇总了C#中System.Net.Security.SafeFreeCredentials类的典型用法代码示例。如果您正苦于以下问题:C# SafeFreeCredentials类的具体用法?C# SafeFreeCredentials怎么用?C# SafeFreeCredentials使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
SafeFreeCredentials类属于System.Net.Security命名空间,在下文中一共展示了SafeFreeCredentials类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: CacheCredential
internal static void CacheCredential(SafeFreeCredentials newHandle)
{
try
{
SafeCredentialReference newRef = SafeCredentialReference.CreateReference(newHandle);
if (newRef == null)
{
return;
}
unchecked
{
int index = Interlocked.Increment(ref s_current) & c_MaxCacheSize;
newRef = Interlocked.Exchange<SafeCredentialReference>(ref s_cacheSlots[index], newRef);
}
if (newRef != null)
{
newRef.Dispose();
}
}
catch (Exception e)
{
if (!ExceptionCheck.IsFatal(e) && GlobalLog.IsEnabled)
{
GlobalLog.Assert("SSPIHandlCache", "Attempted to throw: " + e.ToString());
}
}
}示例2: CacheCredential
internal static void CacheCredential(SafeFreeCredentials newHandle)
{
try
{
SafeCredentialReference newRef = SafeCredentialReference.CreateReference(newHandle);
if (newRef == null)
{
return;
}
unchecked
{
int index = Interlocked.Increment(ref s_current) & c_MaxCacheSize;
newRef = Interlocked.Exchange<SafeCredentialReference>(ref s_cacheSlots[index], newRef);
}
if (newRef != null)
{
newRef.Dispose();
}
}
catch (Exception e)
{
if (!ExceptionCheck.IsFatal(e))
{
NetEventSource.Fail(null, "Attempted to throw: {e}");
}
}
}示例3: SafeCredentialReference
private SafeCredentialReference(SafeFreeCredentials target) : base()
{
// Bumps up the refcount on Target to signify that target handle is statically cached so
// its dispose should be postponed
bool ignore = false;
target.DangerousAddRef(ref ignore);
Target = target;
SetHandle(new IntPtr(0)); // make this handle valid
}示例4: CreateReference
internal static SafeCredentialReference CreateReference(SafeFreeCredentials target)
{
SafeCredentialReference result = new SafeCredentialReference(target);
if (result.IsInvalid)
{
return null;
}
return result;
}示例5: ReleaseHandle
protected override bool ReleaseHandle()
{
SafeFreeCredentials target = Target;
if (target != null)
{
target.DangerousRelease();
}
Target = null;
return true;
}示例6: SafeDeleteContext
protected SafeDeleteContext(SafeFreeCredentials credential)
: base(IntPtr.Zero, true)
{
Debug.Assert((null != credential), "Invalid credential passed to SafeDeleteContext");
// When a credential handle is first associated with the context we keep credential
// ref count bumped up to ensure ordered finalization. The credential properties
// are used in the SSL/NEGO data structures and should survive the lifetime of
// the SSL/NEGO context
bool ignore = false;
_credential = credential;
_credential.DangerousAddRef(ref ignore);
}示例7: AcceptSecurityContext
public static SecurityStatusPal AcceptSecurityContext(ref SafeFreeCredentials credentialsHandle, ref SafeDeleteContext context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, bool remoteCertRequired)
{
Interop.SspiCli.ContextFlags unusedAttributes = default(Interop.SspiCli.ContextFlags);
int errorCode = SSPIWrapper.AcceptSecurityContext(
GlobalSSPI.SSPISecureChannel,
ref credentialsHandle,
ref context,
ServerRequiredFlags | (remoteCertRequired ? Interop.SspiCli.ContextFlags.MutualAuth : Interop.SspiCli.ContextFlags.Zero),
Interop.SspiCli.Endianness.SECURITY_NATIVE_DREP,
inputBuffer,
outputBuffer,
ref unusedAttributes);
return SecurityStatusAdapterPal.GetSecurityStatusPalFromNativeInt(errorCode);
}示例8: InitializeSecurityContext
public static SecurityStatusPal InitializeSecurityContext(SafeFreeCredentials credentialsHandle, ref SafeDeleteContext context, string targetName, SecurityBuffer[] inputBuffers, SecurityBuffer outputBuffer)
{
Interop.SspiCli.ContextFlags unusedAttributes = default(Interop.SspiCli.ContextFlags);
int errorCode = SSPIWrapper.InitializeSecurityContext(
GlobalSSPI.SSPISecureChannel,
credentialsHandle,
ref context,
targetName,
RequiredFlags | Interop.SspiCli.ContextFlags.InitManualCredValidation,
Interop.SspiCli.Endianness.SECURITY_NATIVE_DREP,
inputBuffers,
outputBuffer,
ref unusedAttributes);
return SecurityStatusAdapterPal.GetSecurityStatusPalFromNativeInt(errorCode);
}示例9: InitializeSecurityContext
internal static SecurityStatusPal InitializeSecurityContext(
SafeFreeCredentials credentialsHandle,
ref SafeDeleteContext securityContext,
string spn,
ContextFlagsPal requestedContextFlags,
SecurityBuffer[] inSecurityBufferArray,
SecurityBuffer outSecurityBuffer,
ref ContextFlagsPal contextFlags)
{
Interop.SspiCli.ContextFlags outContextFlags = Interop.SspiCli.ContextFlags.Zero;
Interop.SECURITY_STATUS winStatus = (Interop.SECURITY_STATUS)SSPIWrapper.InitializeSecurityContext(
GlobalSSPI.SSPIAuth,
credentialsHandle,
ref securityContext,
spn,
ContextFlagsAdapterPal.GetInteropFromContextFlagsPal(requestedContextFlags),
Interop.SspiCli.Endianness.SECURITY_NETWORK_DREP,
inSecurityBufferArray,
outSecurityBuffer,
ref outContextFlags);
contextFlags = ContextFlagsAdapterPal.GetContextFlagsPalFromInterop(outContextFlags);
return SecurityStatusAdapterPal.GetSecurityStatusPalFromInterop(winStatus);
}示例10: SafeCredentialReference
private SafeCredentialReference (SafeFreeCredentials target)
: base ()
{
// Bumps up the refcount on Target to signify that target handle is statically cached so
// its dispose should be postponed
bool b = false;
try {
target.DangerousAddRef (ref b);
} catch {
if (b) {
target.DangerousRelease ();
b = false;
}
} finally {
if (b) {
_Target = target;
SetHandle (new IntPtr (0)); // make this handle valid
}
}
}示例11: AcquireServerCredentials
//
// Acquire Server Side Certificate information and set it on the class.
//
private bool AcquireServerCredentials(ref byte[] thumbPrint)
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Enter("SecureChannel#" + LoggingHash.HashString(this) + "::AcquireServerCredentials");
}
X509Certificate localCertificate = null;
bool cachedCred = false;
if (_certSelectionDelegate != null)
{
X509CertificateCollection tempCollection = new X509CertificateCollection();
tempCollection.Add(_serverCertificate);
localCertificate = _certSelectionDelegate(string.Empty, tempCollection, null, Array.Empty<string>());
if (GlobalLog.IsEnabled)
{
GlobalLog.Print("SecureChannel#" + LoggingHash.HashString(this) + "::AcquireServerCredentials() Use delegate selected Cert");
}
}
else
{
localCertificate = _serverCertificate;
}
if (localCertificate == null)
{
throw new NotSupportedException(SR.net_ssl_io_no_server_cert);
}
// SECURITY: Accessing X509 cert Credential is disabled for semitrust.
// We no longer need to demand for unmanaged code permissions.
// EnsurePrivateKey should do the right demand for us.
X509Certificate2 selectedCert = EnsurePrivateKey(localCertificate);
if (selectedCert == null)
{
throw new NotSupportedException(SR.net_ssl_io_no_server_cert);
}
if (!localCertificate.Equals(selectedCert))
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("AcquireServerCredentials()|'selectedCert' does not match 'localCertificate'.");
}
Debug.Fail("AcquireServerCredentials()|'selectedCert' does not match 'localCertificate'.");
}
//
// Note selectedCert is a safe ref possibly cloned from the user passed Cert object
//
byte[] guessedThumbPrint = selectedCert.GetCertHash();
try
{
SafeFreeCredentials cachedCredentialHandle = SslSessionsCache.TryCachedCredential(guessedThumbPrint, _sslProtocols, _serverMode, _encryptionPolicy);
if (cachedCredentialHandle != null)
{
_credentialsHandle = cachedCredentialHandle;
_serverCertificate = localCertificate;
cachedCred = true;
}
else
{
_credentialsHandle = SslStreamPal.AcquireCredentialsHandle(selectedCert, _sslProtocols, _encryptionPolicy, _serverMode);
thumbPrint = guessedThumbPrint;
_serverCertificate = localCertificate;
}
}
finally
{
// An extra cert could have been created, dispose it now.
if ((object)localCertificate != (object)selectedCert)
{
selectedCert.Dispose();
}
}
if (GlobalLog.IsEnabled)
{
GlobalLog.Leave("SecureChannel#" + LoggingHash.HashString(this) + "::AcquireServerCredentials, cachedCreds = " + cachedCred.ToString(), LoggingHash.ObjectToString(_credentialsHandle));
}
return cachedCred;
}示例12: empty
//.........这里部分代码省略.........
// SECURITY: Accessing X509 cert Credential is disabled for semitrust.
// We no longer need to demand for unmanaged code permissions.
// EnsurePrivateKey should do the right demand for us.
for (int i = 0; i < filteredCerts.Count; ++i)
{
clientCertificate = filteredCerts[i];
if ((selectedCert = EnsurePrivateKey(clientCertificate)) != null)
{
break;
}
clientCertificate = null;
selectedCert = null;
}
if ((object)clientCertificate != (object)selectedCert && !clientCertificate.Equals(selectedCert))
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Assert("AcquireClientCredentials()|'selectedCert' does not match 'clientCertificate'.");
}
Debug.Fail("AcquireClientCredentials()|'selectedCert' does not match 'clientCertificate'.");
}
if (GlobalLog.IsEnabled)
{
GlobalLog.Print("SecureChannel#" + LoggingHash.HashString(this) + "::AcquireClientCredentials() Selected Cert = " + (selectedCert == null ? "null" : selectedCert.Subject));
}
try
{
// Try to locate cached creds first.
//
// SECURITY: selectedCert ref if not null is a safe object that does not depend on possible **user** inherited X509Certificate type.
//
byte[] guessedThumbPrint = selectedCert == null ? null : selectedCert.GetCertHash();
SafeFreeCredentials cachedCredentialHandle = SslSessionsCache.TryCachedCredential(guessedThumbPrint, _sslProtocols, _serverMode, _encryptionPolicy);
// We can probably do some optimization here. If the selectedCert is returned by the delegate
// we can always go ahead and use the certificate to create our credential
// (instead of going anonymous as we do here).
if (sessionRestartAttempt &&
cachedCredentialHandle == null &&
selectedCert != null &&
SslStreamPal.StartMutualAuthAsAnonymous)
{
if (GlobalLog.IsEnabled)
{
GlobalLog.Print("SecureChannel#" + LoggingHash.HashString(this) + "::AcquireClientCredentials() Reset to anonymous session.");
}
// IIS does not renegotiate a restarted session if client cert is needed.
// So we don't want to reuse **anonymous** cached credential for a new SSL connection if the client has passed some certificate.
// The following block happens if client did specify a certificate but no cached creds were found in the cache.
// Since we don't restart a session the server side can still challenge for a client cert.
if ((object)clientCertificate != (object)selectedCert)
{
selectedCert.Dispose();
}
guessedThumbPrint = null;
selectedCert = null;
clientCertificate = null;
}
if (cachedCredentialHandle != null)
{
if (SecurityEventSource.Log.IsEnabled())
{
SecurityEventSource.Log.UsingCachedCredential(LoggingHash.HashInt(this));
}
_credentialsHandle = cachedCredentialHandle;
_selectedClientCertificate = clientCertificate;
cachedCred = true;
}
else
{
_credentialsHandle = SslStreamPal.AcquireCredentialsHandle(selectedCert, _sslProtocols, _encryptionPolicy, _serverMode);
thumbPrint = guessedThumbPrint; // Delay until here in case something above threw.
_selectedClientCertificate = clientCertificate;
}
}
finally
{
// An extra cert could have been created, dispose it now.
if (selectedCert != null && (object)clientCertificate != (object)selectedCert)
{
selectedCert.Dispose();
}
}
if (GlobalLog.IsEnabled)
{
GlobalLog.Leave("SecureChannel#" + LoggingHash.HashString(this) + "::AcquireClientCredentials, cachedCreds = " + cachedCred.ToString(), LoggingHash.ObjectToString(_credentialsHandle));
}
return cachedCred;
}示例13: AcquireCredentialsHandle
public unsafe static int AcquireCredentialsHandle(
string package,
Interop.Secur32.CredentialUse intent,
ref Interop.Secur32.SecureCredential authdata,
out SafeFreeCredentials outCredential)
{
GlobalLog.Print("SafeFreeCredentials::AcquireCredentialsHandle#2("
+ package + ", "
+ intent + ", "
+ authdata + ")");
int errorCode = -1;
long timeStamp;
// If there is a certificate, wrap it into an array.
// Not threadsafe.
IntPtr copiedPtr = authdata.certContextArray;
try
{
IntPtr certArrayPtr = new IntPtr(&copiedPtr);
if (copiedPtr != IntPtr.Zero)
{
authdata.certContextArray = certArrayPtr;
}
outCredential = new SafeFreeCredential_SECURITY();
errorCode = Interop.Secur32.AcquireCredentialsHandleW(
null,
package,
(int)intent,
null,
ref authdata,
null,
null,
ref outCredential._handle,
out timeStamp);
}
finally
{
authdata.certContextArray = copiedPtr;
}
#if TRACE_VERBOSE
GlobalLog.Print("Unmanaged::AcquireCredentialsHandle() returns 0x"
+ errorCode.ToString("x")
+ ", handle = " + outCredential.ToString());
#endif
if (errorCode != 0)
{
outCredential.SetHandleAsInvalid();
}
return errorCode;
}示例14: AcquireDefaultCredential
public unsafe static int AcquireDefaultCredential(
string package,
Interop.Secur32.CredentialUse intent,
out SafeFreeCredentials outCredential)
{
GlobalLog.Print("SafeFreeCredentials::AcquireDefaultCredential("
+ package + ", "
+ intent + ")");
int errorCode = -1;
long timeStamp;
outCredential = new SafeFreeCredential_SECURITY();
errorCode = Interop.Secur32.AcquireCredentialsHandleW(
null,
package,
(int)intent,
null,
IntPtr.Zero,
null,
null,
ref outCredential._handle,
out timeStamp);
#if TRACE_VERBOSE
GlobalLog.Print("Unmanaged::AcquireCredentialsHandle() returns 0x"
+ errorCode.ToString("x")
+ ", handle = " + outCredential.ToString());
#endif
if (errorCode != 0)
{
outCredential.SetHandleAsInvalid();
}
return errorCode;
}示例15: MustRunInitializeSecurityContext_SECURITY
//
// After PInvoke call the method will fix the handleTemplate.handle with the returned value.
// The caller is responsible for creating a correct SafeFreeContextBuffer_XXX flavor or null can be passed if no handle is returned.
//
private static unsafe int MustRunInitializeSecurityContext_SECURITY(
ref SafeFreeCredentials inCredentials,
void* inContextPtr,
byte* targetName,
Interop.SspiCli.ContextFlags inFlags,
Interop.SspiCli.Endianness endianness,
Interop.SspiCli.SecBufferDesc* inputBuffer,
SafeDeleteContext outContext,
ref Interop.SspiCli.SecBufferDesc outputBuffer,
ref Interop.SspiCli.ContextFlags attributes,
SafeFreeContextBuffer handleTemplate)
{
int errorCode = (int)Interop.SECURITY_STATUS.InvalidHandle;
try
{
bool ignore = false;
inCredentials.DangerousAddRef(ref ignore);
outContext.DangerousAddRef(ref ignore);
Interop.SspiCli.CredHandle credentialHandle = inCredentials._handle;
long timeStamp;
errorCode = Interop.SspiCli.InitializeSecurityContextW(
ref credentialHandle,
inContextPtr,
targetName,
inFlags,
0,
endianness,
inputBuffer,
0,
ref outContext._handle,
ref outputBuffer,
ref attributes,
out timeStamp);
}
finally
{
//
// When a credential handle is first associated with the context we keep credential
// ref count bumped up to ensure ordered finalization.
// If the credential handle has been changed we de-ref the old one and associate the
// context with the new cred handle but only if the call was successful.
if (outContext._EffectiveCredential != inCredentials && (errorCode & 0x80000000) == 0)
{
// Disassociate the previous credential handle
if (outContext._EffectiveCredential != null)
{
outContext._EffectiveCredential.DangerousRelease();
}
outContext._EffectiveCredential = inCredentials;
}
else
{
inCredentials.DangerousRelease();
}
outContext.DangerousRelease();
}
// The idea is that SSPI has allocated a block and filled up outUnmanagedBuffer+8 slot with the pointer.
if (handleTemplate != null)
{
//ATTN: on 64 BIT that is still +8 cause of 2* c++ unsigned long == 8 bytes
handleTemplate.Set(((Interop.SspiCli.SecBuffer*)outputBuffer.pBuffers)->pvBuffer);
if (handleTemplate.IsInvalid)
{
handleTemplate.SetHandleAsInvalid();
}
}
if (inContextPtr == null && (errorCode & 0x80000000) != 0)
{
// an error on the first call, need to set the out handle to invalid value
outContext._handle.SetToInvalid();
}
return errorCode;
}