Beispiel #1
0
        /// <summary>
        /// Re-instantiates an <see cref="Association"/> previously persisted in a database or some
        /// other shared store.
        /// </summary>
        /// <param name="handle">
        /// The <see cref="Handle"/> property of the previous <see cref="Association"/> instance.
        /// </param>
        /// <param name="expiresUtc">
        /// The UTC value of the <see cref="Expires"/> property of the previous <see cref="Association"/> instance.
        /// </param>
        /// <param name="privateData">
        /// The byte array returned by a call to <see cref="SerializePrivateData"/> on the previous
        /// <see cref="Association"/> instance.
        /// </param>
        /// <returns>
        /// The newly dehydrated <see cref="Association"/>, which can be returned
        /// from a custom association store's
        /// IRelyingPartyAssociationStore.GetAssociation method.
        /// </returns>
        public static Association Deserialize(string handle, DateTime expiresUtc, byte[] privateData)
        {
            Requires.NotNullOrEmpty(handle, "handle");
            Requires.NotNull(privateData, "privateData");

            expiresUtc = expiresUtc.ToUniversalTimeSafe();
            TimeSpan remainingLifeLength = expiresUtc - DateTime.UtcNow;

            byte[] secret = privateData;             // the whole of privateData is the secret key for now.
            // We figure out what derived type to instantiate based on the length of the secret.
            try {
                return(HmacShaAssociation.Create(handle, secret, remainingLifeLength));
            } catch (ArgumentException ex) {
                throw new ArgumentException(OpenIdStrings.BadAssociationPrivateData, "privateData", ex);
            }
        }
Beispiel #2
0
        /// <summary>
        /// Determines whether a named association fits the security requirements.
        /// </summary>
        /// <param name="protocol">The protocol carrying the association.</param>
        /// <param name="associationType">The value of the openid.assoc_type parameter.</param>
        /// <returns>
        ///     <c>true</c> if the association is permitted given the security requirements; otherwise, <c>false</c>.
        /// </returns>
        internal bool IsAssociationInPermittedRange(Protocol protocol, string associationType)
        {
            int lengthInBits = HmacShaAssociation.GetSecretLength(protocol, associationType) * 8;

            return(lengthInBits >= this.MinimumHashBitLength && lengthInBits <= this.MaximumHashBitLength);
        }