Exemplo n.º 1
0
 EncodableResponse(Protocol protocol)
 {
     if (protocol == null) throw new ArgumentNullException("protocol");
     Signed = new List<string>();
     Fields = new Dictionary<string, string>();
     Protocol = protocol;
 }
Exemplo n.º 2
0
 EncodableResponse(Protocol protocol, Uri baseRedirectUrl, string preferredAssociationHandle)
     : this(protocol)
 {
     if (baseRedirectUrl == null) throw new ArgumentNullException("baseRedirectUrl");
     RedirectUrl = baseRedirectUrl;
     PreferredAssociationHandle = preferredAssociationHandle;
 }
Exemplo n.º 3
0
		public static string GetNameForSize(Protocol protocol, int hashSizeInBits) {
			foreach (DHSha dhsha in DiffieHellmanSessionTypes) {
				if (dhsha.Algorithm.HashSize == hashSizeInBits) {
					return dhsha.GetName(protocol);
				}
			}
			return null;
		}
Exemplo n.º 4
0
		/// <summary>
		/// Returns the length of the shared secret (in bytes).
		/// </summary>
		public static int GetSecretLength(Protocol protocol, string associationType) {
			foreach (HmacSha shaType in HmacShaAssociationTypes) {
				if (String.Equals(shaType.GetAssociationType(protocol), associationType, StringComparison.Ordinal)) {
					return shaType.SecretLength;
				}
			}
			throw new ArgumentOutOfRangeException("associationType");
		}
Exemplo n.º 5
0
		public static HashAlgorithm Lookup(Protocol protocol, string name) {
			foreach (DHSha dhsha in DiffieHellmanSessionTypes) {
				if (String.Equals(dhsha.GetName(protocol), name, StringComparison.Ordinal)) {
					return dhsha.Algorithm;
				}
			}
			throw new ArgumentOutOfRangeException("name");
		}
Exemplo n.º 6
0
		public static HmacShaAssociation Create(Protocol protocol, string associationType,
			string handle, byte[] secret, TimeSpan totalLifeLength) {
			foreach (HmacSha shaType in HmacShaAssociationTypes) {
				if (String.Equals(shaType.GetAssociationType(protocol), associationType, StringComparison.Ordinal)) {
					return new HmacShaAssociation(shaType, handle, secret, totalLifeLength);
				}
			}
			throw new ArgumentOutOfRangeException("associationType");
		}
Exemplo n.º 7
0
		public static ExtensionArgumentsManager CreateOutgoingExtensions(Protocol protocol) {
			var mgr = new ExtensionArgumentsManager();
			mgr.protocol = protocol;
			// Affinity for certain alias for backwards compatibility
			foreach (var pair in typeUriToAliasAffinity) {
				mgr.aliasManager.SetAlias(pair.Value, pair.Key);
			}
			return mgr;
		}
Exemplo n.º 8
0
		internal OpenIdException(string message, Identifier identifier, IDictionary<string, string> query, Exception innerException)
			: base(message, innerException) {
			this.Query = query;
			Identifier = identifier;
			if (query != null) Protocol = Protocol.Detect(query);

			if (query != null) {
				Logger.ErrorFormat("OpenIdException: {0}{1}{2}", message, Environment.NewLine, Util.ToString(query));
			} else {
				Logger.ErrorFormat("OpenIdException: {0}", message);
			}
		}
Exemplo n.º 9
0
		/// <summary>
		/// Looks for the longest hash length for a given protocol for which we have an association,
		/// and perhaps a matching Diffie-Hellman session type.
		/// </summary>
		/// <param name="protocol">The OpenID version that dictates which associations are available.</param>
		/// <param name="minimumHashSizeInBits">The minimum required hash length given security settings.</param>
		/// <param name="maximumHashSizeInBits">The maximum hash length to even attempt.  Useful for the RP side where we support SHA512 but most OPs do not -- why waste time trying?</param>
		/// <param name="requireMatchingDHSessionType">True for HTTP associations, False for HTTPS associations.</param>
		/// <param name="associationType">The resulting association type's well known protocol name.  (i.e. HMAC-SHA256)</param>
		/// <param name="sessionType">The resulting session type's well known protocol name, if a matching one is available.  (i.e. DH-SHA256)</param>
		internal static bool TryFindBestAssociation(Protocol protocol,
			int? minimumHashSizeInBits, int? maximumHashSizeInBits, bool requireMatchingDHSessionType,
			out string associationType, out string sessionType) {
			if (protocol == null) throw new ArgumentNullException("protocol");
			associationType = null;
			sessionType = null;

			// We assume this enumeration is in decreasing bit length order.
			foreach (HmacSha sha in HmacShaAssociationTypes) {
				int hashSizeInBits = sha.SecretLength * 8;
				if (maximumHashSizeInBits.HasValue && hashSizeInBits > maximumHashSizeInBits.Value)
					continue;
				if (minimumHashSizeInBits.HasValue && hashSizeInBits < minimumHashSizeInBits.Value)
					break;
				sessionType = DiffieHellmanUtil.GetNameForSize(protocol, hashSizeInBits);
				if (requireMatchingDHSessionType && sessionType == null)
					continue;
				associationType = sha.GetAssociationType(protocol);
				return true;
			}
			return false;
		}
Exemplo n.º 10
0
 public static EncodableResponse PrepareDirectMessage(Protocol protocol)
 {
     EncodableResponse response = new EncodableResponse(protocol);
     if (protocol.QueryDeclaredNamespaceVersion != null)
         response.Fields.Add(protocol.openidnp.ns, protocol.QueryDeclaredNamespaceVersion);
     return response;
 }
Exemplo n.º 11
0
 public static EncodableResponse PrepareIndirectMessage(Protocol protocol, Uri baseRedirectUrl, string preferredAssociationHandle)
 {
     EncodableResponse response = new EncodableResponse(protocol, baseRedirectUrl, preferredAssociationHandle);
     if (protocol.QueryDeclaredNamespaceVersion != null)
         response.Fields.Add(protocol.openidnp.ns, protocol.QueryDeclaredNamespaceVersion);
     return response;
 }
Exemplo n.º 12
0
		internal override string GetAssociationType(Protocol protocol) {
			return typeIdentity.GetAssociationType(protocol);
		}
Exemplo n.º 13
0
		internal static bool IsDHSessionCompatible(Protocol protocol, string associationType, string sessionType) {
			// Under HTTPS, no DH encryption is required regardless of association type.
			if (string.Equals(sessionType, protocol.Args.SessionType.NoEncryption, StringComparison.Ordinal)) {
				return true;
			}
			// When there _is_ a DH session, it must match in hash length with the association type.
			foreach (HmacSha sha in HmacShaAssociationTypes) {
				if (string.Equals(associationType, sha.GetAssociationType(protocol), StringComparison.Ordinal)) {
					int hashSizeInBits = sha.SecretLength * 8;
					string matchingSessionName = DiffieHellmanUtil.GetNameForSize(protocol, hashSizeInBits);
					if (string.Equals(sessionType, matchingSessionName, StringComparison.Ordinal)) {
						return true;
					}
				}
			}
			return false;
		}
Exemplo n.º 14
0
 internal bool IsAssociationInPermittedRange(Protocol protocol, string associationType)
 {
     int lengthInBits = HmacShaAssociation.GetSecretLength(protocol, associationType) * 8;
     return lengthInBits >= MinimumHashBitLength && lengthInBits <= MaximumHashBitLength;
 }
Exemplo n.º 15
0
        internal bool IsAssociationInPermittedRange(Protocol protocol, string associationType)
        {
            int lengthInBits = HmacShaAssociation.GetSecretLength(protocol, associationType) * 8;

            return(lengthInBits >= MinimumHashBitLength && lengthInBits <= MaximumHashBitLength);
        }
Exemplo n.º 16
0
		/// <summary>
		/// The string to pass as the assoc_type value in the OpenID protocol.
		/// </summary>
		internal abstract string GetAssociationType(Protocol protocol);