public abstract DecryptKeyExchange ( byte keyEx ) : byte[] | ||
keyEx | byte | The key exchange data within which the secret information is hidden. |
Résultat | byte[] |
public static byte[] SHAHashXorSecret(HashAlgorithm hasher, DiffieHellman dh, byte[] keyEx, byte[] encMacKey) { byte[] dhShared = dh.DecryptKeyExchange(keyEx); byte[] shaDhShared = hasher.ComputeHash(ensurePositive(dhShared)); if (shaDhShared.Length != encMacKey.Length) { throw new ArgumentOutOfRangeException(string.Format(CultureInfo.CurrentCulture, "encMacKey's length ({0}) does not match the length of the hashing algorithm ({1}).", encMacKey.Length, shaDhShared.Length)); } byte[] secret = new byte[encMacKey.Length]; for (int i = 0; i < encMacKey.Length; i++) { secret[i] = (byte)(encMacKey[i] ^ shaDhShared[i]); } return secret; }
/// <summary> /// Encrypts/decrypts a shared secret. /// </summary> /// <param name="hasher">The hashing algorithm that is agreed by both parties to use as part of the secret exchange.</param> /// <param name="dh"> /// If the secret is being encrypted, this is the new Diffie Hellman object to use. /// If the secret is being decrypted, this must be the same Diffie Hellman object used to send the original request message. /// </param> /// <param name="remotePublicKey">The public key of the remote party.</param> /// <param name="plainOrEncryptedSecret">The secret to encode, or the encoded secret. Whichever one is given will generate the opposite in the return value.</param> /// <returns> /// The encrypted version of the secret if the secret itself was given in <paramref name="remotePublicKey"/>. /// The secret itself if the encrypted version of the secret was given in <paramref name="remotePublicKey"/>. /// </returns> internal static byte[] SHAHashXorSecret(HashAlgorithm hasher, DiffieHellman dh, byte[] remotePublicKey, byte[] plainOrEncryptedSecret) { Requires.NotNull(hasher, "hasher"); Requires.NotNull(dh, "dh"); Requires.NotNull(remotePublicKey, "remotePublicKey"); Requires.NotNull(plainOrEncryptedSecret, "plainOrEncryptedSecret"); byte[] sharedBlock = dh.DecryptKeyExchange(remotePublicKey); byte[] sharedBlockHash = hasher.ComputeHash(EnsurePositive(sharedBlock)); ErrorUtilities.VerifyProtocol(sharedBlockHash.Length == plainOrEncryptedSecret.Length, OpenIdStrings.AssociationSecretHashLengthMismatch, plainOrEncryptedSecret.Length, sharedBlockHash.Length); byte[] secret = new byte[plainOrEncryptedSecret.Length]; for (int i = 0; i < plainOrEncryptedSecret.Length; i++) { secret[i] = (byte)(plainOrEncryptedSecret[i] ^ sharedBlockHash[i]); } return secret; }