static OAuthServerHelper() { RSAParameters privateRsaParameters; RSAParameters publicRsaParameters; using (var rsaKeyGen = Encryptor.Current.CreateAsymmetrical(RsaKeySize)) { privateRsaParameters = rsaKeyGen.ExportParameters(true); publicRsaParameters = rsaKeyGen.ExportParameters(false); } Tuple <byte[], byte[]> aesKeyAndIV; using (var aesKeyGen = Encryptor.Current.CreateSymmetrical()) { aesKeyAndIV = Tuple.Create(aesKeyGen.Key, aesKeyGen.IV); } rsa = Encryptor.Current.CreateAsymmetrical(); rsa.ImportParameters(privateRsaParameters); aes = Encryptor.Current.CreateSymmetrical(); aes.Key = aesKeyAndIV.Item1; aes.IV = aesKeyAndIV.Item2; rsaExponent = OAuthHelper.BytesToString(publicRsaParameters.Exponent); rsaModulus = OAuthHelper.BytesToString(publicRsaParameters.Modulus); }
public static string EncryptSymmetric(string data) { var bytes = Encoding.UTF8.GetBytes(data); using (var encryptor = aes.CreateEncryptor()) { var result = encryptor.TransformFinalBlock(bytes, 0, bytes.Length); return(OAuthHelper.BytesToString(result)); } }
public void RespondWithChallenge(IHttpContext context) { var challengeData = new Dictionary <string, string> { { OAuthHelper.Keys.ChallengeTimestamp, OAuthServerHelper.DateTimeToString(SystemTime.UtcNow) }, { OAuthHelper.Keys.ChallengeSalt, OAuthHelper.BytesToString(OAuthServerHelper.RandomBytes(OAuthHelper.Keys.ChallengeSaltLength)) } }; var responseData = new Dictionary <string, string> { { OAuthHelper.Keys.RSAExponent, OAuthServerHelper.RSAExponent }, { OAuthHelper.Keys.RSAModulus, OAuthServerHelper.RSAModulus }, { OAuthHelper.Keys.Challenge, OAuthServerHelper.EncryptSymmetric(OAuthHelper.DictionaryToString(challengeData)) } }; context.SetStatusToPreconditionFailed(); context.Response.AddHeader("WWW-Authenticate", OAuthHelper.Keys.WWWAuthenticateHeaderKey + " " + OAuthHelper.DictionaryToString(responseData)); }
private async Task SendInitialChallenge(WebSocket webSocket) { var challengeData = new Dictionary <string, string> { { OAuthHelper.Keys.ChallengeTimestamp, OAuthServerHelper.DateTimeToString(SystemTime.UtcNow) }, { OAuthHelper.Keys.ChallengeSalt, OAuthHelper.BytesToString(OAuthServerHelper.RandomBytes(OAuthHelper.Keys.ChallengeSaltLength)) } }; var json = new DynamicJsonValue { [OAuthHelper.Keys.RSAExponent] = OAuthServerHelper.RSAExponent, [OAuthHelper.Keys.RSAModulus] = OAuthServerHelper.RSAModulus, [OAuthHelper.Keys.Challenge] = OAuthServerHelper.EncryptSymmetric(OAuthHelper.DictionaryToString(challengeData)) }; await SendResponse(webSocket, json).ConfigureAwait(false); }
public HttpResponseMessage RespondWithChallenge() { var challengeData = new Dictionary <string, string> { { OAuthHelper.Keys.ChallengeTimestamp, OAuthServerHelper.DateTimeToString(SystemTime.UtcNow) }, { OAuthHelper.Keys.ChallengeSalt, OAuthHelper.BytesToString(OAuthServerHelper.RandomBytes(OAuthHelper.Keys.ChallengeSaltLength)) } }; var responseData = new Dictionary <string, string> { { OAuthHelper.Keys.RSAExponent, OAuthServerHelper.RSAExponent }, { OAuthHelper.Keys.RSAModulus, OAuthServerHelper.RSAModulus }, { OAuthHelper.Keys.Challenge, OAuthServerHelper.EncryptSymmetric(OAuthHelper.DictionaryToString(challengeData)) } }; var msg = GetEmptyMessage(HttpStatusCode.PreconditionFailed); var value = OAuthHelper.Keys.WWWAuthenticateHeaderKey + " " + OAuthHelper.DictionaryToString(responseData); msg.Headers.TryAddWithoutValidation("WWW-Authenticate", value); return(msg); }
static OAuthServerHelper() { RSAParameters privateRsaParameters; RSAParameters publicRsaParameters; using (var rsaKeyGen = new RSACryptoServiceProvider(rsaKeySize)) { privateRsaParameters = rsaKeyGen.ExportParameters(true); publicRsaParameters = rsaKeyGen.ExportParameters(false); } Tuple <byte[], byte[]> aesKeyAndIV; using (var aesKeyGen = new AesCryptoServiceProvider()) { aesKeyAndIV = Tuple.Create(aesKeyGen.Key, aesKeyGen.IV); } rsa = new ThreadLocal <RSACryptoServiceProvider>(() => { var result = new RSACryptoServiceProvider(); result.ImportParameters(privateRsaParameters); return(result); }); aes = new ThreadLocal <AesCryptoServiceProvider>(() => { var result = new AesCryptoServiceProvider(); result.Key = aesKeyAndIV.Item1; result.IV = aesKeyAndIV.Item2; return(result); }); rsaExponent = OAuthHelper.BytesToString(publicRsaParameters.Exponent); rsaModulus = OAuthHelper.BytesToString(publicRsaParameters.Modulus); }
static OAuthServerHelper() { RSAParameters privateRsaParameters; RSAParameters publicRsaParameters; using (var rsaKeyGen = Encryptor.Current.CreateAsymmetrical(RsaKeySize)) { privateRsaParameters = rsaKeyGen.ExportParameters(true); publicRsaParameters = rsaKeyGen.ExportParameters(false); } Tuple <byte[], byte[]> aesKeyAndIV; using (var aesKeyGen = Encryptor.Current.CreateSymmetrical()) { aesKeyAndIV = Tuple.Create(aesKeyGen.Key, aesKeyGen.IV); } rsa = new Raven.Abstractions.Threading.ThreadLocal <IAsymmetricalEncryptor>(() => { var result = Encryptor.Current.CreateAsymmetrical(); result.ImportParameters(privateRsaParameters); return(result); }); aes = new Raven.Abstractions.Threading.ThreadLocal <ISymmetricalEncryptor>(() => { var result = Encryptor.Current.CreateSymmetrical(); result.Key = aesKeyAndIV.Item1; result.IV = aesKeyAndIV.Item2; return(result); }); rsaExponent = OAuthHelper.BytesToString(publicRsaParameters.Exponent); rsaModulus = OAuthHelper.BytesToString(publicRsaParameters.Modulus); }