public static AuthDataEntry SignedKeyAuthenticate(string stringToSign, string requestSignature, AuthenticationInformation authInfo)
{
AuthDataEntry authDataEntry;
NephosAssertionException.Assert(!string.IsNullOrEmpty(stringToSign));
NephosAssertionException.Assert(!string.IsNullOrEmpty(requestSignature));
NephosAssertionException.Assert(authInfo != null);
RequestContext requestContext = authInfo.RequestContext;
NephosUriComponents uriComponents = authInfo.UriComponents;
NameValueCollection queryParameters = requestContext.QueryParameters;
string item = queryParameters["sv"];
byte[] sign = BlobSignedAccessHelper.ComputeUrlDecodedUtf8EncodedStringToSign(queryParameters, uriComponents);
using (IEnumerator <AuthDataEntry> enumerator = SharedKeyAuthInfoHelper.GetSharedKeys(authInfo).GetEnumerator())
{
while (enumerator.MoveNext())
{
AuthDataEntry current = enumerator.Current;
byte[] numArray = SASUtilities.ComputeSignedKey(sign, current.AuthValue);
if (!SASUtilities.ComputeSignatureAndCompare((new UTF8Encoding()).GetBytes(stringToSign), numArray, requestSignature))
{
continue;
}
authDataEntry = current;
return(authDataEntry);
}
CultureInfo invariantCulture = CultureInfo.InvariantCulture;
object[] objArray = new object[] { requestSignature, stringToSign };
throw new AuthenticationFailureException(string.Format(invariantCulture, "The MAC signature found in the HTTP request '{0}' is not the same as any computed signature. Server used following string to sign: '{1}'.", objArray));
}
return(authDataEntry);
}
private static AuthDataEntry SharedKeyAuthenticate(string stringToSign, string requestSignature, AuthenticationInformation authInfo)
{
AuthDataEntry item;
object[] objArray;
object[] objArray1;
IStringDataEventStream authenticationFailure;
CultureInfo invariantCulture;
if (string.IsNullOrEmpty(stringToSign))
{
CultureInfo cultureInfo = CultureInfo.InvariantCulture;
object[] authScheme = new object[] { authInfo.AuthScheme };
throw new AuthenticationFailureException(string.Format(cultureInfo, "String to sign for auth scheme {0} cannot be null or empty.", authScheme));
}
NephosAssertionException.Assert(!string.IsNullOrEmpty(requestSignature));
try
{
Convert.FromBase64String(requestSignature);
}
catch (FormatException formatException)
{
throw new InvalidAuthenticationInfoException("Signature is not a valid base64 string.", formatException);
}
Collection <AuthDataEntry> sharedKeys = SharedKeyAuthInfoHelper.GetSharedKeys(authInfo);
if (sharedKeys.Count > 0)
{
HMAC authValue = HMACCryptoCache.Instance.Acquire(sharedKeys[0].AuthValue);
try
{
int num = 0;
while (num < sharedKeys.Count)
{
authValue.Key = sharedKeys[num].AuthValue;
string str = MessageHashFunctions.ComputeMacWithSpecificAlgorithm(authValue, stringToSign);
if (!AuthenticationManager.AreSignaturesEqual(str, requestSignature))
{
IStringDataEventStream infoDebug = Logger <IRestProtocolHeadLogger> .Instance.InfoDebug;
object[] objArray2 = new object[] { stringToSign, str, requestSignature };
infoDebug.Log("Authentication Debug. stringToSign: {0}, computedSignature: {1}, requestSignature: {2}", objArray2);
IStringDataEventStream stringDataEventStream = Logger <IRestProtocolHeadLogger> .Instance.AuthenticationFailure;
object[] objArray3 = new object[] { num + 1 };
stringDataEventStream.Log("SecurityWarning: Authentication attempt failed against key {0}.", objArray3);
num++;
}
else
{
item = sharedKeys[num];
return(item);
}
}
authenticationFailure = Logger <IRestProtocolHeadLogger> .Instance.AuthenticationFailure;
objArray = new object[] { stringToSign };
authenticationFailure.Log("SecurityWarning: Authentication failed due to signature mismatch. Server's stringtosign value is {0}", objArray);
invariantCulture = CultureInfo.InvariantCulture;
objArray1 = new object[] { requestSignature, stringToSign };
throw new AuthenticationFailureException(string.Format(invariantCulture, "The MAC signature found in the HTTP request '{0}' is not the same as any computed signature. Server used following string to sign: '{1}'.", objArray1));
}
finally
{
HMACCryptoCache.Instance.Release(authValue);
}
return(item);
}
authenticationFailure = Logger <IRestProtocolHeadLogger> .Instance.AuthenticationFailure;
objArray = new object[] { stringToSign };
authenticationFailure.Log("SecurityWarning: Authentication failed due to signature mismatch. Server's stringtosign value is {0}", objArray);
invariantCulture = CultureInfo.InvariantCulture;
objArray1 = new object[] { requestSignature, stringToSign };
throw new AuthenticationFailureException(string.Format(invariantCulture, "The MAC signature found in the HTTP request '{0}' is not the same as any computed signature. Server used following string to sign: '{1}'.", objArray1));
}
