private static byte[] ComputeAuthenticator(SspiNegotiationTokenAuthenticatorState sspiState, byte[] key)
{
byte[] hash;
lock (sspiState.NegotiationDigest)
{
sspiState.NegotiationDigest.TransformFinalBlock(System.ServiceModel.Security.CryptoHelper.EmptyBuffer, 0, 0);
hash = sspiState.NegotiationDigest.Hash;
}
Psha1DerivedKeyGenerator generator = new Psha1DerivedKeyGenerator(key);
return(generator.GenerateDerivedKey(System.ServiceModel.Security.SecurityUtils.CombinedHashLabel, hash, 0x100, 0));
}
public static byte[] ComputeCombinedKey(byte[] requestorEntropy, byte[] issuerEntropy, int keySizeInBits)
{
if (requestorEntropy == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("requestorEntropy");
}
if (issuerEntropy == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("issuerEntropy");
}
if ((keySizeInBits < minSaneKeySizeInBits) || (keySizeInBits > maxSaneKeySizeInBits))
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("InvalidKeySizeSpecifiedInNegotiation", new object[] { keySizeInBits, minSaneKeySizeInBits, maxSaneKeySizeInBits })));
}
Psha1DerivedKeyGenerator generator = new Psha1DerivedKeyGenerator(requestorEntropy);
return(generator.GenerateDerivedKey(new byte[0], issuerEntropy, keySizeInBits, 0));
}
private static bool IsCorrectAuthenticator(SspiNegotiationTokenProviderState sspiState, byte[] proofKey, byte[] serverAuthenticator)
{
byte[] hash;
lock (sspiState.NegotiationDigest)
{
sspiState.NegotiationDigest.TransformFinalBlock(System.ServiceModel.Security.CryptoHelper.EmptyBuffer, 0, 0);
hash = sspiState.NegotiationDigest.Hash;
}
byte[] buffer2 = new Psha1DerivedKeyGenerator(proofKey).GenerateDerivedKey(System.ServiceModel.Security.SecurityUtils.CombinedHashLabel, hash, 0x100, 0);
if (buffer2.Length != serverAuthenticator.Length)
{
return(false);
}
for (int i = 0; i < buffer2.Length; i++)
{
if (buffer2[i] != serverAuthenticator[i])
{
return(false);
}
}
return(true);
}
public static byte[] ComputeCombinedKey(byte[] requestorEntropy, byte[] issuerEntropy, int keySizeInBits)
{
if (requestorEntropy == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(requestorEntropy));
}
if (issuerEntropy == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(issuerEntropy));
}
// Do a sanity check here. We don't want to allow invalid keys or keys that are too
// large.
if ((keySizeInBits < s_minSaneKeySizeInBits) || (keySizeInBits > s_maxSaneKeySizeInBits))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(SR.Format(SR.InvalidKeySizeSpecifiedInNegotiation, keySizeInBits, s_minSaneKeySizeInBits, s_maxSaneKeySizeInBits)));
}
Psha1DerivedKeyGenerator generator = new Psha1DerivedKeyGenerator(requestorEntropy);
return(generator.GenerateDerivedKey(new byte[] { }, issuerEntropy, keySizeInBits, 0));
}
internal static byte[] GenerateDerivedKey(byte[] key, byte[] label, byte[] nonce, int derivedKeySize, int position)
{
Psha1DerivedKeyGenerator generator = new Psha1DerivedKeyGenerator(key);
return(generator.GenerateDerivedKey(label, nonce, derivedKeySize, position));
}
