diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2011-07-20 07:01:58 -0600 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2011-07-20 07:01:58 -0600 |
| commit | 1328f88a36187d8aa5890a46e35af59c4df04d3f (patch) | |
| tree | c42a3aad4aa21d39b91dcc87a912f8cb96c22c11 /src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanResponse.cs | |
| parent | d15895e626b73b6f96f561786b4b5c941c0a4bb1 (diff) | |
| download | DotNetOpenAuth-1328f88a36187d8aa5890a46e35af59c4df04d3f.zip DotNetOpenAuth-1328f88a36187d8aa5890a46e35af59c4df04d3f.tar.gz DotNetOpenAuth-1328f88a36187d8aa5890a46e35af59c4df04d3f.tar.bz2 | |
Splitting up the OpenID profile into OpenID RP and OP. The core OpenID DLL compiles, but the RP and OP ones do not.
Diffstat (limited to 'src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanResponse.cs')
| -rw-r--r-- | src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanResponse.cs | 60 |
1 files changed, 1 insertions, 59 deletions
diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanResponse.cs b/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanResponse.cs index 5237826..d1836ec 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanResponse.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanResponse.cs @@ -10,7 +10,6 @@ namespace DotNetOpenAuth.OpenId.Messages { using System.Security.Cryptography; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.Messaging.Reflection; - using DotNetOpenAuth.OpenId.Provider; using Org.Mentalis.Security.Cryptography; /// <summary> @@ -19,7 +18,7 @@ namespace DotNetOpenAuth.OpenId.Messages { /// <remarks> /// Association response messages are described in OpenID 2.0 section 8.2. This type covers section 8.2.3. /// </remarks> - internal class AssociateDiffieHellmanResponse : AssociateSuccessfulResponse { + internal abstract class AssociateDiffieHellmanResponse : AssociateSuccessfulResponse { /// <summary> /// Initializes a new instance of the <see cref="AssociateDiffieHellmanResponse"/> class. /// </summary> @@ -42,62 +41,5 @@ namespace DotNetOpenAuth.OpenId.Messages { /// <value>H(btwoc(g ^ (xa * xb) mod p)) XOR MAC key. H is either "SHA1" or "SHA256" depending on the session type. </value> [MessagePart("enc_mac_key", IsRequired = true, AllowEmpty = false)] internal byte[] EncodedMacKey { get; set; } - - /// <summary> - /// Creates the association at relying party side after the association response has been received. - /// </summary> - /// <param name="request">The original association request that was already sent and responded to.</param> - /// <returns>The newly created association.</returns> - /// <remarks> - /// The resulting association is <i>not</i> added to the association store and must be done by the caller. - /// </remarks> - protected override Association CreateAssociationAtRelyingParty(AssociateRequest request) { - var diffieHellmanRequest = request as AssociateDiffieHellmanRequest; - ErrorUtilities.VerifyArgument(diffieHellmanRequest != null, OpenIdStrings.DiffieHellmanAssociationRequired); - - HashAlgorithm hasher = DiffieHellmanUtilities.Lookup(Protocol, this.SessionType); - byte[] associationSecret = DiffieHellmanUtilities.SHAHashXorSecret(hasher, diffieHellmanRequest.Algorithm, this.DiffieHellmanServerPublic, this.EncodedMacKey); - - Association association = HmacShaAssociation.Create(Protocol, this.AssociationType, this.AssociationHandle, associationSecret, TimeSpan.FromSeconds(this.ExpiresIn)); - return association; - } - - /// <summary> - /// Creates the association at the provider side after the association request has been received. - /// </summary> - /// <param name="request">The association request.</param> - /// <param name="associationStore">The OpenID Provider's association store or handle encoder.</param> - /// <param name="securitySettings">The security settings of the Provider.</param> - /// <returns> - /// The newly created association. - /// </returns> - /// <remarks> - /// The response message is updated to include the details of the created association by this method, - /// but the resulting association is <i>not</i> added to the association store and must be done by the caller. - /// </remarks> - protected override Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) { - var diffieHellmanRequest = request as AssociateDiffieHellmanRequest; - ErrorUtilities.VerifyInternal(diffieHellmanRequest != null, "Expected a DH request type."); - - this.SessionType = this.SessionType ?? request.SessionType; - - // Go ahead and create the association first, complete with its secret that we're about to share. - Association association = HmacShaAssociation.Create(this.Protocol, this.AssociationType, AssociationRelyingPartyType.Smart, associationStore, securitySettings); - - // We now need to securely communicate the secret to the relying party using Diffie-Hellman. - // We do this by performing a DH algorithm on the secret and setting a couple of properties - // that will be transmitted to the Relying Party. The RP will perform an inverse operation - // using its part of a DH secret in order to decrypt the shared secret we just invented - // above when we created the association. - using (DiffieHellman dh = new DiffieHellmanManaged( - diffieHellmanRequest.DiffieHellmanModulus ?? AssociateDiffieHellmanRequest.DefaultMod, - diffieHellmanRequest.DiffieHellmanGen ?? AssociateDiffieHellmanRequest.DefaultGen, - AssociateDiffieHellmanRequest.DefaultX)) { - HashAlgorithm hasher = DiffieHellmanUtilities.Lookup(this.Protocol, this.SessionType); - this.DiffieHellmanServerPublic = DiffieHellmanUtilities.EnsurePositive(dh.CreateKeyExchange()); - this.EncodedMacKey = DiffieHellmanUtilities.SHAHashXorSecret(hasher, dh, diffieHellmanRequest.DiffieHellmanConsumerPublic, association.SecretKey); - } - return association; - } } } |