public ISaslStep Transition(SaslConversation conversation, byte[] bytesReceivedFromServer) { try { // NOTE: We simply check whether we can successfully decrypt the message, // but don't do anything with the decrypted plaintext _ = _context.DecryptMessage(0, bytesReceivedFromServer); } catch (GssapiException ex) { throw new MongoAuthenticationException(conversation.ConnectionId, "Unable to decrypt message.", ex); } int length = 4; if (_authorizationId != null) { length += _authorizationId.Length; } bytesReceivedFromServer = new byte[length]; bytesReceivedFromServer[0] = 0x1; // NO_PROTECTION bytesReceivedFromServer[1] = 0x0; // NO_PROTECTION bytesReceivedFromServer[2] = 0x0; // NO_PROTECTION bytesReceivedFromServer[3] = 0x0; // NO_PROTECTION if (_authorizationId != null) { var authorizationIdBytes = Encoding.UTF8.GetBytes(_authorizationId); authorizationIdBytes.CopyTo(bytesReceivedFromServer, 4); } byte[] bytesToSendToServer; try { bytesToSendToServer = _context.EncryptMessage(bytesReceivedFromServer); } catch (GssapiException ex) { throw new MongoAuthenticationException(conversation.ConnectionId, "Unable to encrypt message.", ex); } return(new CompletedStep(bytesToSendToServer)); }