Example #1
0
		public static bool TryParse(string encodedCipher, out AuthorizationCipher decodedCipher)
		{
			if (string.IsNullOrWhiteSpace(encodedCipher))
			{
				decodedCipher = null;
				return false;
			}

			IDictionary<string, string> cipherValues = ParseMultiValueHeader(encodedCipher);

			if (cipherValues.Count < 3)
			{
				decodedCipher = null;
				return false;
			}

			short version = 0;
			if (!short.TryParse(cipherValues["v"], out version) || version < 1)
			{
				decodedCipher = null;
				return false;
			}

			byte[] nonce = ConvertHexadecimalToByteArray(cipherValues["n"]);

			if (nonce == null)
			{
				decodedCipher = null;
				return false;
			}

			CipherSource source;
			byte[] cryptogram;

			if (cipherValues.ContainsKey("s"))
			{
				source = CipherSource.Server;
				cryptogram = ConvertHexadecimalToByteArray(cipherValues["s"]);
			}
			else if (cipherValues.ContainsKey("c"))
			{
				source = CipherSource.Client;
				cryptogram = ConvertHexadecimalToByteArray(cipherValues["c"]);
			}
			else
			{
				decodedCipher = null;
				return false;
			}

			if (cryptogram == null)
			{
				decodedCipher = null;
				return false;
			}

			decodedCipher = new AuthorizationCipher() { Source = source, Version = version, Nonce = nonce, Cryptogram = cryptogram };
			return true;
		}
Example #2
0
        /// <summary>
        /// Validates the cipher to ensure it represents a legitimately requested callback.
        /// </summary>
        /// <param name="authorizationHeaderValue">A cipher value for this callback.</param>
        /// <param name="callbackId">A <see cref="T:System.Guid"/> that serves as an identifier for the scheduled callback.</param>
        /// <param name="callbackUri">An absolute <see cref="T:System.Uri"/> that will be requested on the callback.</param>
        /// <returns>true if the cipher is valid, false if not.</returns>
        public static bool Validate(string authorizationHeaderValue, Guid callbackId, Uri callbackUri)
        {
            if (string.IsNullOrEmpty(authorizationHeaderValue))
            {
                return(false);
            }

            if (Guid.Empty.Equals(callbackId))
            {
                return(false);
            }

            if (callbackUri == null || string.IsNullOrEmpty(callbackUri.OriginalString))
            {
                return(false);
            }

            AuthorizationCipher incomingCipher;

            if (!AuthorizationCipher.TryParse(authorizationHeaderValue, out incomingCipher) || incomingCipher.Source != AuthorizationCipher.CipherSource.Server)
            {
                return(false);
            }

            short version = incomingCipher.Version;

            switch (version)
            {
            case _CurrentVersion:

                byte[] nonce            = incomingCipher.Nonce;
                byte[] clientKey        = RetrieveClientKey();
                byte[] subject          = GetSubject(callbackUri);
                byte[] clientCryptogram = BuildClientCryptogram(nonce, subject, clientKey);
                byte[] responseId       = GetResponseId(callbackId);
                byte[] serverCryptogram = BuildServerCryptogram(nonce, clientCryptogram, responseId);

                return(AreEqual(serverCryptogram, incomingCipher.Cryptogram));

            default:

                return(false);
            }
        }
Example #3
0
        public static bool TryParse(string encodedCipher, out AuthorizationCipher decodedCipher)
        {
            if (string.IsNullOrWhiteSpace(encodedCipher))
            {
                decodedCipher = null;
                return(false);
            }

            IDictionary <string, string> cipherValues = ParseMultiValueHeader(encodedCipher);

            if (cipherValues.Count < 3)
            {
                decodedCipher = null;
                return(false);
            }

            short version = 0;

            if (!short.TryParse(cipherValues["v"], out version) || version < 1)
            {
                decodedCipher = null;
                return(false);
            }

            byte[] nonce = ConvertHexToByteArray(cipherValues["n"]);

            if (nonce == null || nonce.Length == 0)
            {
                decodedCipher = null;
                return(false);
            }

            CipherSource source;

            byte[] cryptogram;

            if (cipherValues.ContainsKey("s"))
            {
                source     = CipherSource.Server;
                cryptogram = ConvertHexToByteArray(cipherValues["s"]);
            }
            else if (cipherValues.ContainsKey("c"))
            {
                source     = CipherSource.Client;
                cryptogram = ConvertHexToByteArray(cipherValues["c"]);
            }
            else
            {
                decodedCipher = null;
                return(false);
            }

            if (cryptogram == null || cryptogram.Length == 0)
            {
                decodedCipher = null;
                return(false);
            }

            decodedCipher = new AuthorizationCipher()
            {
                Source = source, Version = version, Nonce = nonce, Cryptogram = cryptogram
            };
            return(true);
        }