private static byte[] GetSessionKey(RequestSecurityToken rst, RequestSecurityTokenResponse rstr)
{
// If rst is null, we're toast
if (rst == null)
{
throw new ArgumentNullException("rst");
}
// If rstr is null, we're toast
if (rstr == null)
{
throw new ArgumentNullException("rstr");
}
// Figure out the keySize
int keySize = 256;
if (rst.KeySize != 0)
{
keySize = rst.KeySize;
}
Console.WriteLine("Proof key size {0}", keySize);
// Figure out whether we're using Combined or Issuer entropy.
byte[] sessionKey = null;
byte[] senderEntropy = GetSenderEntropy(rst);
byte[] issuerEntropy = GetIssuerEntropy(keySize);
if (senderEntropy != null)
{
// Combined entropy
Console.WriteLine("Combined Entropy");
sessionKey = RequestSecurityTokenResponse.ComputeCombinedKey(senderEntropy, issuerEntropy, keySize);
rstr.IssuerEntropy = new BinarySecretSecurityToken(issuerEntropy);
rstr.ComputeKey = true;
}
else
{
// Issuer-only entropy
Console.WriteLine("Issuer-only entropy");
sessionKey = issuerEntropy;
rstr.RequestedProofToken = new BinarySecretSecurityToken(sessionKey);
}
rstr.KeySize = keySize;
return(sessionKey);
}
