Example #1
0
 /// <summary>
 /// Try to get a cached entry.
 /// </summary>
 /// <param name="key">The key.</param>
 /// <param name="entry">The entry.</param>
 /// <returns>True if the cache contained an entry for the key.</returns>
 public bool TryGet(ScramCacheKey key, out ScramCacheEntry entry)
 {
     if (key.Equals(_cacheKey))
     {
         entry = _cachedEntry;
         return(true);
     }
     else
     {
         entry = null;
         return(false);
     }
 }
Example #2
0
            public ISaslStep Transition(SaslConversation conversation, byte[] bytesReceivedFromServer)
            {
                var encoding           = Utf8Encodings.Strict;
                var serverFirstMessage = encoding.GetString(bytesReceivedFromServer);
                var map = SaslMapParser.Parse(serverFirstMessage);

                var r = map['r'];

                if (!r.StartsWith(_rPrefix, StringComparison.Ordinal))
                {
                    throw new MongoAuthenticationException(conversation.ConnectionId, message: "Server sent an invalid nonce.");
                }
                var s = map['s'];
                var i = map['i'];

                const string gs2Header      = "n,,";
                var          channelBinding = "c=" + Convert.ToBase64String(encoding.GetBytes(gs2Header));
                var          nonce          = "r=" + r;
                var          clientFinalMessageWithoutProof = channelBinding + "," + nonce;

                var salt       = Convert.FromBase64String(map['s']);
                var iterations = int.Parse(map['i']);

                byte[] clientKey;
                byte[] serverKey;

                var cacheKey = new ScramCacheKey(_credential.SaslPreppedPassword, salt, iterations);

                if (_cache.TryGet(cacheKey, out var cacheEntry))
                {
                    clientKey = cacheEntry.ClientKey;
                    serverKey = cacheEntry.ServerKey;
                }
                else
                {
                    var saltedPassword = _hi(_credential, salt, iterations);
                    clientKey = _hmac(encoding, saltedPassword, "Client Key");
                    serverKey = _hmac(encoding, saltedPassword, "Server Key");
                    _cache.Add(cacheKey, new ScramCacheEntry(clientKey, serverKey));
                }

                var storedKey          = _h(clientKey);
                var authMessage        = _clientFirstMessageBare + "," + serverFirstMessage + "," + clientFinalMessageWithoutProof;
                var clientSignature    = _hmac(encoding, storedKey, authMessage);
                var clientProof        = XOR(clientKey, clientSignature);
                var serverSignature    = _hmac(encoding, serverKey, authMessage);
                var proof              = "p=" + Convert.ToBase64String(clientProof);
                var clientFinalMessage = clientFinalMessageWithoutProof + "," + proof;

                return(new ClientLast(encoding.GetBytes(clientFinalMessage), serverSignature));
            }
Example #3
0
        public override bool Equals(object obj)
        {
            if (this == obj)
            {
                return(true);
            }

            if (obj == null || obj.GetType() != obj.GetType())
            {
                return(false);
            }

            ScramCacheKey other = (ScramCacheKey)obj;

            return
                (Equals(_password, other._password) &&
                 _iterationCount == other._iterationCount &&
                 _salt.SequenceEqual(other._salt));
        }
Example #4
0
 /// <summary>
 /// Add a cached entry.
 /// </summary>
 /// <param name="key">The key.</param>
 /// <param name="entry">The entry.</param>
 public void Add(ScramCacheKey key, ScramCacheEntry entry)
 {
     _cacheKey    = key;
     _cachedEntry = entry;
 }