EncodableResponse(Protocol protocol) { if (protocol == null) throw new ArgumentNullException("protocol"); Signed = new List<string>(); Fields = new Dictionary<string, string>(); Protocol = protocol; }
EncodableResponse(Protocol protocol, Uri baseRedirectUrl, string preferredAssociationHandle) : this(protocol) { if (baseRedirectUrl == null) throw new ArgumentNullException("baseRedirectUrl"); RedirectUrl = baseRedirectUrl; PreferredAssociationHandle = preferredAssociationHandle; }
public static string GetNameForSize(Protocol protocol, int hashSizeInBits) { foreach (DHSha dhsha in DiffieHellmanSessionTypes) { if (dhsha.Algorithm.HashSize == hashSizeInBits) { return dhsha.GetName(protocol); } } return null; }
/// <summary> /// Returns the length of the shared secret (in bytes). /// </summary> public static int GetSecretLength(Protocol protocol, string associationType) { foreach (HmacSha shaType in HmacShaAssociationTypes) { if (String.Equals(shaType.GetAssociationType(protocol), associationType, StringComparison.Ordinal)) { return shaType.SecretLength; } } throw new ArgumentOutOfRangeException("associationType"); }
public static HashAlgorithm Lookup(Protocol protocol, string name) { foreach (DHSha dhsha in DiffieHellmanSessionTypes) { if (String.Equals(dhsha.GetName(protocol), name, StringComparison.Ordinal)) { return dhsha.Algorithm; } } throw new ArgumentOutOfRangeException("name"); }
public static HmacShaAssociation Create(Protocol protocol, string associationType, string handle, byte[] secret, TimeSpan totalLifeLength) { foreach (HmacSha shaType in HmacShaAssociationTypes) { if (String.Equals(shaType.GetAssociationType(protocol), associationType, StringComparison.Ordinal)) { return new HmacShaAssociation(shaType, handle, secret, totalLifeLength); } } throw new ArgumentOutOfRangeException("associationType"); }
public static ExtensionArgumentsManager CreateOutgoingExtensions(Protocol protocol) { var mgr = new ExtensionArgumentsManager(); mgr.protocol = protocol; // Affinity for certain alias for backwards compatibility foreach (var pair in typeUriToAliasAffinity) { mgr.aliasManager.SetAlias(pair.Value, pair.Key); } return mgr; }
internal OpenIdException(string message, Identifier identifier, IDictionary<string, string> query, Exception innerException) : base(message, innerException) { this.Query = query; Identifier = identifier; if (query != null) Protocol = Protocol.Detect(query); if (query != null) { Logger.ErrorFormat("OpenIdException: {0}{1}{2}", message, Environment.NewLine, Util.ToString(query)); } else { Logger.ErrorFormat("OpenIdException: {0}", message); } }
/// <summary> /// Looks for the longest hash length for a given protocol for which we have an association, /// and perhaps a matching Diffie-Hellman session type. /// </summary> /// <param name="protocol">The OpenID version that dictates which associations are available.</param> /// <param name="minimumHashSizeInBits">The minimum required hash length given security settings.</param> /// <param name="maximumHashSizeInBits">The maximum hash length to even attempt. Useful for the RP side where we support SHA512 but most OPs do not -- why waste time trying?</param> /// <param name="requireMatchingDHSessionType">True for HTTP associations, False for HTTPS associations.</param> /// <param name="associationType">The resulting association type's well known protocol name. (i.e. HMAC-SHA256)</param> /// <param name="sessionType">The resulting session type's well known protocol name, if a matching one is available. (i.e. DH-SHA256)</param> internal static bool TryFindBestAssociation(Protocol protocol, int? minimumHashSizeInBits, int? maximumHashSizeInBits, bool requireMatchingDHSessionType, out string associationType, out string sessionType) { if (protocol == null) throw new ArgumentNullException("protocol"); associationType = null; sessionType = null; // We assume this enumeration is in decreasing bit length order. foreach (HmacSha sha in HmacShaAssociationTypes) { int hashSizeInBits = sha.SecretLength * 8; if (maximumHashSizeInBits.HasValue && hashSizeInBits > maximumHashSizeInBits.Value) continue; if (minimumHashSizeInBits.HasValue && hashSizeInBits < minimumHashSizeInBits.Value) break; sessionType = DiffieHellmanUtil.GetNameForSize(protocol, hashSizeInBits); if (requireMatchingDHSessionType && sessionType == null) continue; associationType = sha.GetAssociationType(protocol); return true; } return false; }
public static EncodableResponse PrepareDirectMessage(Protocol protocol) { EncodableResponse response = new EncodableResponse(protocol); if (protocol.QueryDeclaredNamespaceVersion != null) response.Fields.Add(protocol.openidnp.ns, protocol.QueryDeclaredNamespaceVersion); return response; }
public static EncodableResponse PrepareIndirectMessage(Protocol protocol, Uri baseRedirectUrl, string preferredAssociationHandle) { EncodableResponse response = new EncodableResponse(protocol, baseRedirectUrl, preferredAssociationHandle); if (protocol.QueryDeclaredNamespaceVersion != null) response.Fields.Add(protocol.openidnp.ns, protocol.QueryDeclaredNamespaceVersion); return response; }
internal override string GetAssociationType(Protocol protocol) { return typeIdentity.GetAssociationType(protocol); }
internal static bool IsDHSessionCompatible(Protocol protocol, string associationType, string sessionType) { // Under HTTPS, no DH encryption is required regardless of association type. if (string.Equals(sessionType, protocol.Args.SessionType.NoEncryption, StringComparison.Ordinal)) { return true; } // When there _is_ a DH session, it must match in hash length with the association type. foreach (HmacSha sha in HmacShaAssociationTypes) { if (string.Equals(associationType, sha.GetAssociationType(protocol), StringComparison.Ordinal)) { int hashSizeInBits = sha.SecretLength * 8; string matchingSessionName = DiffieHellmanUtil.GetNameForSize(protocol, hashSizeInBits); if (string.Equals(sessionType, matchingSessionName, StringComparison.Ordinal)) { return true; } } } return false; }
internal bool IsAssociationInPermittedRange(Protocol protocol, string associationType) { int lengthInBits = HmacShaAssociation.GetSecretLength(protocol, associationType) * 8; return lengthInBits >= MinimumHashBitLength && lengthInBits <= MaximumHashBitLength; }
internal bool IsAssociationInPermittedRange(Protocol protocol, string associationType) { int lengthInBits = HmacShaAssociation.GetSecretLength(protocol, associationType) * 8; return(lengthInBits >= MinimumHashBitLength && lengthInBits <= MaximumHashBitLength); }
/// <summary> /// The string to pass as the assoc_type value in the OpenID protocol. /// </summary> internal abstract string GetAssociationType(Protocol protocol);