public static AuthDataEntry SignedKeyAuthenticate(string stringToSign, string requestSignature, AuthenticationInformation authInfo) { AuthDataEntry authDataEntry; NephosAssertionException.Assert(!string.IsNullOrEmpty(stringToSign)); NephosAssertionException.Assert(!string.IsNullOrEmpty(requestSignature)); NephosAssertionException.Assert(authInfo != null); RequestContext requestContext = authInfo.RequestContext; NephosUriComponents uriComponents = authInfo.UriComponents; NameValueCollection queryParameters = requestContext.QueryParameters; string item = queryParameters["sv"]; byte[] sign = BlobSignedAccessHelper.ComputeUrlDecodedUtf8EncodedStringToSign(queryParameters, uriComponents); using (IEnumerator <AuthDataEntry> enumerator = SharedKeyAuthInfoHelper.GetSharedKeys(authInfo).GetEnumerator()) { while (enumerator.MoveNext()) { AuthDataEntry current = enumerator.Current; byte[] numArray = SASUtilities.ComputeSignedKey(sign, current.AuthValue); if (!SASUtilities.ComputeSignatureAndCompare((new UTF8Encoding()).GetBytes(stringToSign), numArray, requestSignature)) { continue; } authDataEntry = current; return(authDataEntry); } CultureInfo invariantCulture = CultureInfo.InvariantCulture; object[] objArray = new object[] { requestSignature, stringToSign }; throw new AuthenticationFailureException(string.Format(invariantCulture, "The MAC signature found in the HTTP request '{0}' is not the same as any computed signature. Server used following string to sign: '{1}'.", objArray)); } return(authDataEntry); }
private static AuthDataEntry SharedKeyAuthenticate(string stringToSign, string requestSignature, AuthenticationInformation authInfo) { AuthDataEntry item; object[] objArray; object[] objArray1; IStringDataEventStream authenticationFailure; CultureInfo invariantCulture; if (string.IsNullOrEmpty(stringToSign)) { CultureInfo cultureInfo = CultureInfo.InvariantCulture; object[] authScheme = new object[] { authInfo.AuthScheme }; throw new AuthenticationFailureException(string.Format(cultureInfo, "String to sign for auth scheme {0} cannot be null or empty.", authScheme)); } NephosAssertionException.Assert(!string.IsNullOrEmpty(requestSignature)); try { Convert.FromBase64String(requestSignature); } catch (FormatException formatException) { throw new InvalidAuthenticationInfoException("Signature is not a valid base64 string.", formatException); } Collection <AuthDataEntry> sharedKeys = SharedKeyAuthInfoHelper.GetSharedKeys(authInfo); if (sharedKeys.Count > 0) { HMAC authValue = HMACCryptoCache.Instance.Acquire(sharedKeys[0].AuthValue); try { int num = 0; while (num < sharedKeys.Count) { authValue.Key = sharedKeys[num].AuthValue; string str = MessageHashFunctions.ComputeMacWithSpecificAlgorithm(authValue, stringToSign); if (!AuthenticationManager.AreSignaturesEqual(str, requestSignature)) { IStringDataEventStream infoDebug = Logger <IRestProtocolHeadLogger> .Instance.InfoDebug; object[] objArray2 = new object[] { stringToSign, str, requestSignature }; infoDebug.Log("Authentication Debug. stringToSign: {0}, computedSignature: {1}, requestSignature: {2}", objArray2); IStringDataEventStream stringDataEventStream = Logger <IRestProtocolHeadLogger> .Instance.AuthenticationFailure; object[] objArray3 = new object[] { num + 1 }; stringDataEventStream.Log("SecurityWarning: Authentication attempt failed against key {0}.", objArray3); num++; } else { item = sharedKeys[num]; return(item); } } authenticationFailure = Logger <IRestProtocolHeadLogger> .Instance.AuthenticationFailure; objArray = new object[] { stringToSign }; authenticationFailure.Log("SecurityWarning: Authentication failed due to signature mismatch. Server's stringtosign value is {0}", objArray); invariantCulture = CultureInfo.InvariantCulture; objArray1 = new object[] { requestSignature, stringToSign }; throw new AuthenticationFailureException(string.Format(invariantCulture, "The MAC signature found in the HTTP request '{0}' is not the same as any computed signature. Server used following string to sign: '{1}'.", objArray1)); } finally { HMACCryptoCache.Instance.Release(authValue); } return(item); } authenticationFailure = Logger <IRestProtocolHeadLogger> .Instance.AuthenticationFailure; objArray = new object[] { stringToSign }; authenticationFailure.Log("SecurityWarning: Authentication failed due to signature mismatch. Server's stringtosign value is {0}", objArray); invariantCulture = CultureInfo.InvariantCulture; objArray1 = new object[] { requestSignature, stringToSign }; throw new AuthenticationFailureException(string.Format(invariantCulture, "The MAC signature found in the HTTP request '{0}' is not the same as any computed signature. Server used following string to sign: '{1}'.", objArray1)); }