public ISaslStep Transition(SaslConversation conversation, byte[] bytesReceivedFromServer)
{
var encoding = Utf8Encodings.Strict;
var map = NVParser.Parse(encoding.GetString(bytesReceivedFromServer));
var serverSignature = Convert.FromBase64String(map['v']);
if (!ConstantTimeEquals(_serverSignature64, serverSignature))
{
throw new MongoAuthenticationException(conversation.ConnectionId, message: "Server signature was invalid.");
}
return(new CompletedStep());
}
public ISaslStep Transition(SaslConversation conversation, byte[] bytesReceivedFromServer)
{
var encoding = new UTF8Encoding(false, true);
var map = NVParser.Parse(encoding.GetString(bytesReceivedFromServer));
var serverSignature = map['v'];
if (_serverSignature64 != serverSignature)
{
throw new AuthenticationException("Server signature was invalid.");
}
return(new CompletedStep());
}
public ISaslStep Transition(SaslConversation conversation, byte[] bytesReceivedFromServer)
{
var encoding = Utf8Encodings.Strict;
var serverFirstMessage = encoding.GetString(bytesReceivedFromServer);
var map = NVParser.Parse(serverFirstMessage);
var r = map['r'];
if (!r.StartsWith(_rPrefix))
{
throw new MongoAuthenticationException(conversation.ConnectionId, message: "Server sent an invalid nonce.");
}
var s = map['s'];
var i = map['i'];
const string gs2Header = "n,,";
var channelBinding = "c=" + Convert.ToBase64String(encoding.GetBytes(gs2Header));
var nonce = "r=" + r;
var clientFinalMessageWithoutProof = channelBinding + "," + nonce;
var saltedPassword = Hi(
AuthenticationHelper.MongoPasswordDigest(_credential.Username, _credential.Password),
Convert.FromBase64String(s),
int.Parse(i));
var clientKey = HMAC(encoding, saltedPassword, "Client Key");
var storedKey = H(clientKey);
var authMessage = _clientFirstMessageBare + "," + serverFirstMessage + "," + clientFinalMessageWithoutProof;
var clientSignature = HMAC(encoding, storedKey, authMessage);
var clientProof = XOR(clientKey, clientSignature);
var serverKey = HMAC(encoding, saltedPassword, "Server Key");
var serverSignature = HMAC(encoding, serverKey, authMessage);
var proof = "p=" + Convert.ToBase64String(clientProof);
var clientFinalMessage = clientFinalMessageWithoutProof + "," + proof;
return(new ClientLast(encoding.GetBytes(clientFinalMessage), serverSignature));
}
