public byte[] getE()
{
if (e_array == null)
{
dh = new DiffieHellmanManaged(p, g, 0);
e_array = dh.CreateKeyExchange();
}
return e_array;
}
void Dispose(bool disposing)
{
if (disposing) {
if (dh != null) {
((IDisposable)dh).Dispose();
dh = null;
}
}
}
public DiffieHellmanProviderSession(OpenIdProvider provider)
: base(provider) {
sessionType = Util.GetRequiredArg(provider.Query, Protocol.openid.session_type);
Debug.Assert(Array.IndexOf(Protocol.Args.SessionType.AllDiffieHellman, sessionType) >= 0, "We should not have been invoked if this wasn't a recognized DH session request.");
byte[] dh_modulus = Util.GetOptionalBase64Arg(Provider.Query, Protocol.openid.dh_modulus) ?? DiffieHellmanUtil.DEFAULT_MOD;
byte[] dh_gen = Util.GetOptionalBase64Arg(Provider.Query, Protocol.openid.dh_gen) ?? DiffieHellmanUtil.DEFAULT_GEN;
dh = new DiffieHellmanManaged(dh_modulus, dh_gen, 1024);
consumerPublicKey = Util.GetRequiredBase64Arg(Provider.Query, Protocol.openid.dh_consumer_public);
}
public static byte[] SHAHashXorSecret(HashAlgorithm hasher, DiffieHellman dh, byte[] keyEx, byte[] encMacKey) {
byte[] dhShared = dh.DecryptKeyExchange(keyEx);
byte[] shaDhShared = hasher.ComputeHash(ensurePositive(dhShared));
if (shaDhShared.Length != encMacKey.Length) {
throw new ArgumentOutOfRangeException(string.Format(CultureInfo.CurrentCulture,
"encMacKey's length ({0}) does not match the length of the hashing algorithm ({1}).",
encMacKey.Length, shaDhShared.Length));
}
byte[] secret = new byte[encMacKey.Length];
for (int i = 0; i < encMacKey.Length; i++) {
secret[i] = (byte)(encMacKey[i] ^ shaDhShared[i]);
}
return secret;
}
/// <summary>
/// Encrypts/decrypts a shared secret.
/// </summary>
/// <param name="hasher">The hashing algorithm that is agreed by both parties to use as part of the secret exchange.</param>
/// <param name="dh">
/// If the secret is being encrypted, this is the new Diffie Hellman object to use.
/// If the secret is being decrypted, this must be the same Diffie Hellman object used to send the original request message.
/// </param>
/// <param name="remotePublicKey">The public key of the remote party.</param>
/// <param name="plainOrEncryptedSecret">The secret to encode, or the encoded secret. Whichever one is given will generate the opposite in the return value.</param>
/// <returns>
/// The encrypted version of the secret if the secret itself was given in <paramref name="remotePublicKey"/>.
/// The secret itself if the encrypted version of the secret was given in <paramref name="remotePublicKey"/>.
/// </returns>
internal static byte[] SHAHashXorSecret(HashAlgorithm hasher, DiffieHellman dh, byte[] remotePublicKey, byte[] plainOrEncryptedSecret) {
Requires.NotNull(hasher, "hasher");
Requires.NotNull(dh, "dh");
Requires.NotNull(remotePublicKey, "remotePublicKey");
Requires.NotNull(plainOrEncryptedSecret, "plainOrEncryptedSecret");
byte[] sharedBlock = dh.DecryptKeyExchange(remotePublicKey);
byte[] sharedBlockHash = hasher.ComputeHash(EnsurePositive(sharedBlock));
ErrorUtilities.VerifyProtocol(sharedBlockHash.Length == plainOrEncryptedSecret.Length, OpenIdStrings.AssociationSecretHashLengthMismatch, plainOrEncryptedSecret.Length, sharedBlockHash.Length);
byte[] secret = new byte[plainOrEncryptedSecret.Length];
for (int i = 0; i < plainOrEncryptedSecret.Length; i++) {
secret[i] = (byte)(plainOrEncryptedSecret[i] ^ sharedBlockHash[i]);
}
return secret;
}
public AssociateResponse(OpenIdRelyingParty relyingParty, ServiceEndpoint provider, IDictionary<string, string> args, DiffieHellman dh)
: base(relyingParty, provider, args) {
DH = dh;
if (Args.ContainsKey(Protocol.openidnp.assoc_handle)) {
initializeAssociation();
} else {
// Attempt to recover from an unsupported assoc_type
if (Protocol.Version.Major >= 2) {
if (Util.GetRequiredArg(Args, Protocol.openidnp.error_code) == Protocol.Args.ErrorCode.UnsupportedType) {
string assoc_type = Util.GetRequiredArg(Args, Protocol.openidnp.assoc_type);
string session_type = Util.GetRequiredArg(Args, Protocol.openidnp.session_type);
// If the suggested options are among those we support...
if (Array.IndexOf(Protocol.Args.SignatureAlgorithm.All, assoc_type) >= 0 &&
Array.IndexOf(Protocol.Args.SessionType.All, session_type) >= 0 &&
RelyingParty.Settings.IsAssociationInPermittedRange(Protocol, assoc_type)) {
SecondAttempt = AssociateRequest.Create(RelyingParty, Provider, assoc_type, session_type, false);
}
}
}
}
}
protected DiffieHellman _exchangeAlgorithm; // Exchange algorithm to use.
#endregion Fields
#region Constructors
public SshDiffieHellmanGroup1Sha1()
: base()
{
_exchangeAlgorithm = new DiffieHellmanManaged(1024, 0, DHKeyGeneration.Static);
_hashAlgorithm = new SHA1CryptoServiceProvider();
}
/// <summary>
/// Called by the Relying Party to initialize the Diffie-Hellman algorithm and consumer public key properties.
/// </summary>
internal void InitializeRequest() {
#if !ExcludeDiffieHellman
if (this.DiffieHellmanModulus == null || this.DiffieHellmanGen == null) {
throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, OpenIdStrings.DiffieHellmanRequiredPropertiesNotSet, string.Join(", ", new string[] { "DiffieHellmanModulus", "DiffieHellmanGen" })));
}
this.Algorithm = new DiffieHellmanManaged(this.DiffieHellmanModulus ?? DefaultMod, this.DiffieHellmanGen ?? DefaultGen, DefaultX);
byte[] consumerPublicKeyExchange = this.Algorithm.CreateKeyExchange();
this.DiffieHellmanConsumerPublic = DiffieHellmanUtilities.EnsurePositive(consumerPublicKeyExchange);
#else
throw new NotSupportedException();
#endif
}
/// <summary>
/// Instantiates an <see cref="AssociateRequest"/> object.
/// </summary>
/// <param name="relyingParty">The RP instance that is creating this request.</param>
/// <param name="provider">The discovered OpenID Provider endpoint information.</param>
/// <param name="args">The arguments assembled for sending to the Provider.</param>
/// <param name="dh">Optional. Supplied only if Diffie-Hellman is used for encrypting the association secret key.</param>
AssociateRequest(OpenIdRelyingParty relyingParty, ServiceEndpoint provider, IDictionary<string, string> args, DiffieHellman dh)
: base(relyingParty, provider, args)
{
DH = dh;
}
