static byte[] ComputeAuthenticator(SspiNegotiationTokenAuthenticatorState sspiState, byte[] key) { byte[] negotiationHash; lock (sspiState.NegotiationDigest) { sspiState.NegotiationDigest.TransformFinalBlock(CryptoHelper.EmptyBuffer, 0, 0); negotiationHash = sspiState.NegotiationDigest.Hash; } Psha1DerivedKeyGenerator generator = new Psha1DerivedKeyGenerator(key); return(generator.GenerateDerivedKey(SecurityUtils.CombinedHashLabel, negotiationHash, SecurityNegotiationConstants.NegotiationAuthenticatorSize, 0)); }
public static byte[] ComputeCombinedKey(byte[] requestorEntropy, byte[] issuerEntropy, int keySizeInBits) { if (requestorEntropy == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("requestorEntropy"); } if (issuerEntropy == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("issuerEntropy"); } // Do a sanity check here. We don't want to allow invalid keys or keys that are too // large. if ((keySizeInBits < minSaneKeySizeInBits) || (keySizeInBits > maxSaneKeySizeInBits)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(SR.GetString(SR.InvalidKeySizeSpecifiedInNegotiation, keySizeInBits, minSaneKeySizeInBits, maxSaneKeySizeInBits))); } Psha1DerivedKeyGenerator generator = new Psha1DerivedKeyGenerator(requestorEntropy); return(generator.GenerateDerivedKey(new byte[] { }, issuerEntropy, keySizeInBits, 0)); }
static bool IsCorrectAuthenticator(SspiNegotiationTokenProviderState sspiState, byte[] proofKey, byte[] serverAuthenticator) { byte[] negotiationHash; lock (sspiState.NegotiationDigest) { sspiState.NegotiationDigest.TransformFinalBlock(CryptoHelper.EmptyBuffer, 0, 0); negotiationHash = sspiState.NegotiationDigest.Hash; } Psha1DerivedKeyGenerator generator = new Psha1DerivedKeyGenerator(proofKey); byte[] clientAuthenticator = generator.GenerateDerivedKey(SecurityUtils.CombinedHashLabel, negotiationHash, SecurityNegotiationConstants.NegotiationAuthenticatorSize, 0); if (clientAuthenticator.Length != serverAuthenticator.Length) { return(false); } for (int i = 0; i < clientAuthenticator.Length; ++i) { if (clientAuthenticator[i] != serverAuthenticator[i]) { return(false); } } return(true); }
internal static byte[] GenerateDerivedKey(byte[] key, byte[] label, byte[] nonce, int derivedKeySize, int position) { Psha1DerivedKeyGenerator psha1 = new Psha1DerivedKeyGenerator(key); return psha1.GenerateDerivedKey(label, nonce, derivedKeySize, position); }
internal static byte[] GenerateDerivedKey(byte[] key, byte[] label, byte[] nonce, int derivedKeySize, int position) { Psha1DerivedKeyGenerator psha1 = new Psha1DerivedKeyGenerator(key); return(psha1.GenerateDerivedKey(label, nonce, derivedKeySize, position)); }