static OAuthServerHelper()
{
RSAParameters privateRsaParameters;
RSAParameters publicRsaParameters;
using (var rsaKeyGen = Encryptor.Current.CreateAsymmetrical(RsaKeySize))
{
privateRsaParameters = rsaKeyGen.ExportParameters(true);
publicRsaParameters = rsaKeyGen.ExportParameters(false);
}
Tuple <byte[], byte[]> aesKeyAndIV;
using (var aesKeyGen = Encryptor.Current.CreateSymmetrical())
{
aesKeyAndIV = Tuple.Create(aesKeyGen.Key, aesKeyGen.IV);
}
rsa = Encryptor.Current.CreateAsymmetrical();
rsa.ImportParameters(privateRsaParameters);
aes = Encryptor.Current.CreateSymmetrical();
aes.Key = aesKeyAndIV.Item1;
aes.IV = aesKeyAndIV.Item2;
rsaExponent = OAuthHelper.BytesToString(publicRsaParameters.Exponent);
rsaModulus = OAuthHelper.BytesToString(publicRsaParameters.Modulus);
}
public static string EncryptSymmetric(string data)
{
var bytes = Encoding.UTF8.GetBytes(data);
using (var encryptor = aes.CreateEncryptor())
{
var result = encryptor.TransformFinalBlock(bytes, 0, bytes.Length);
return(OAuthHelper.BytesToString(result));
}
}
public void RespondWithChallenge(IHttpContext context)
{
var challengeData = new Dictionary <string, string>
{
{ OAuthHelper.Keys.ChallengeTimestamp, OAuthServerHelper.DateTimeToString(SystemTime.UtcNow) },
{ OAuthHelper.Keys.ChallengeSalt, OAuthHelper.BytesToString(OAuthServerHelper.RandomBytes(OAuthHelper.Keys.ChallengeSaltLength)) }
};
var responseData = new Dictionary <string, string>
{
{ OAuthHelper.Keys.RSAExponent, OAuthServerHelper.RSAExponent },
{ OAuthHelper.Keys.RSAModulus, OAuthServerHelper.RSAModulus },
{ OAuthHelper.Keys.Challenge, OAuthServerHelper.EncryptSymmetric(OAuthHelper.DictionaryToString(challengeData)) }
};
context.SetStatusToPreconditionFailed();
context.Response.AddHeader("WWW-Authenticate", OAuthHelper.Keys.WWWAuthenticateHeaderKey + " " + OAuthHelper.DictionaryToString(responseData));
}
private async Task SendInitialChallenge(WebSocket webSocket)
{
var challengeData = new Dictionary <string, string>
{
{ OAuthHelper.Keys.ChallengeTimestamp, OAuthServerHelper.DateTimeToString(SystemTime.UtcNow) },
{
OAuthHelper.Keys.ChallengeSalt,
OAuthHelper.BytesToString(OAuthServerHelper.RandomBytes(OAuthHelper.Keys.ChallengeSaltLength))
}
};
var json = new DynamicJsonValue
{
[OAuthHelper.Keys.RSAExponent] = OAuthServerHelper.RSAExponent,
[OAuthHelper.Keys.RSAModulus] = OAuthServerHelper.RSAModulus,
[OAuthHelper.Keys.Challenge] =
OAuthServerHelper.EncryptSymmetric(OAuthHelper.DictionaryToString(challengeData))
};
await SendResponse(webSocket, json).ConfigureAwait(false);
}
public HttpResponseMessage RespondWithChallenge()
{
var challengeData = new Dictionary <string, string>
{
{ OAuthHelper.Keys.ChallengeTimestamp, OAuthServerHelper.DateTimeToString(SystemTime.UtcNow) },
{ OAuthHelper.Keys.ChallengeSalt, OAuthHelper.BytesToString(OAuthServerHelper.RandomBytes(OAuthHelper.Keys.ChallengeSaltLength)) }
};
var responseData = new Dictionary <string, string>
{
{ OAuthHelper.Keys.RSAExponent, OAuthServerHelper.RSAExponent },
{ OAuthHelper.Keys.RSAModulus, OAuthServerHelper.RSAModulus },
{ OAuthHelper.Keys.Challenge, OAuthServerHelper.EncryptSymmetric(OAuthHelper.DictionaryToString(challengeData)) }
};
var msg = GetEmptyMessage(HttpStatusCode.PreconditionFailed);
var value = OAuthHelper.Keys.WWWAuthenticateHeaderKey + " " + OAuthHelper.DictionaryToString(responseData);
msg.Headers.TryAddWithoutValidation("WWW-Authenticate", value);
return(msg);
}
static OAuthServerHelper()
{
RSAParameters privateRsaParameters;
RSAParameters publicRsaParameters;
using (var rsaKeyGen = new RSACryptoServiceProvider(rsaKeySize))
{
privateRsaParameters = rsaKeyGen.ExportParameters(true);
publicRsaParameters = rsaKeyGen.ExportParameters(false);
}
Tuple <byte[], byte[]> aesKeyAndIV;
using (var aesKeyGen = new AesCryptoServiceProvider())
{
aesKeyAndIV = Tuple.Create(aesKeyGen.Key, aesKeyGen.IV);
}
rsa = new ThreadLocal <RSACryptoServiceProvider>(() =>
{
var result = new RSACryptoServiceProvider();
result.ImportParameters(privateRsaParameters);
return(result);
});
aes = new ThreadLocal <AesCryptoServiceProvider>(() =>
{
var result = new AesCryptoServiceProvider();
result.Key = aesKeyAndIV.Item1;
result.IV = aesKeyAndIV.Item2;
return(result);
});
rsaExponent = OAuthHelper.BytesToString(publicRsaParameters.Exponent);
rsaModulus = OAuthHelper.BytesToString(publicRsaParameters.Modulus);
}
static OAuthServerHelper()
{
RSAParameters privateRsaParameters;
RSAParameters publicRsaParameters;
using (var rsaKeyGen = Encryptor.Current.CreateAsymmetrical(RsaKeySize))
{
privateRsaParameters = rsaKeyGen.ExportParameters(true);
publicRsaParameters = rsaKeyGen.ExportParameters(false);
}
Tuple <byte[], byte[]> aesKeyAndIV;
using (var aesKeyGen = Encryptor.Current.CreateSymmetrical())
{
aesKeyAndIV = Tuple.Create(aesKeyGen.Key, aesKeyGen.IV);
}
rsa = new Raven.Abstractions.Threading.ThreadLocal <IAsymmetricalEncryptor>(() =>
{
var result = Encryptor.Current.CreateAsymmetrical();
result.ImportParameters(privateRsaParameters);
return(result);
});
aes = new Raven.Abstractions.Threading.ThreadLocal <ISymmetricalEncryptor>(() =>
{
var result = Encryptor.Current.CreateSymmetrical();
result.Key = aesKeyAndIV.Item1;
result.IV = aesKeyAndIV.Item2;
return(result);
});
rsaExponent = OAuthHelper.BytesToString(publicRsaParameters.Exponent);
rsaModulus = OAuthHelper.BytesToString(publicRsaParameters.Modulus);
}
