diff options
10 files changed, 67 insertions, 47 deletions
diff --git a/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj b/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj index ec93766..524415f 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj +++ b/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj @@ -31,7 +31,7 @@ <Compile Include="OpenId\Provider\Extensions\UI\UIRequestTools.cs" /> <Compile Include="OpenId\Provider\HmacShaAssociationProvider.cs" /> <Compile Include="OpenId\Messages\AssociateDiffieHellmanProviderRequest.cs" /> - <Compile Include="OpenId\Messages\AssociateDiffieHellmanProviderResponse.cs" Condition=" '$(ExcludeDiffieHellman)' != 'true' " /> + <Compile Include="OpenId\Messages\AssociateDiffieHellmanProviderResponse.cs" /> <Compile Include="OpenId\Messages\IAssociateRequestProvider.cs" /> <Compile Include="OpenId\Messages\AssociateRequestProviderTools.cs" /> <Compile Include="OpenId\Messages\IAssociateSuccessfulResponseProvider.cs" /> @@ -67,7 +67,7 @@ <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> <Name>DotNetOpenAuth.OpenId</Name> </ProjectReference> - <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj" Condition=" '$(ExcludeDiffieHellman)' != 'true' "> + <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj" > <Project>{26DC877F-5987-48DD-9DDB-E62F2DE0E150}</Project> <Name>Org.Mentalis.Security.Cryptography</Name> </ProjectReference> diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderRequest.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderRequest.cs index 977ce71..00c9a6c 100644 --- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderRequest.cs +++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/Messages/AssociateDiffieHellmanProviderRequest.cs @@ -31,13 +31,9 @@ namespace DotNetOpenAuth.OpenId.Messages { /// The appropriate association response message. /// </returns> public IProtocolMessage CreateResponseCore() { -#if !ExcludeDiffieHellman var response = new AssociateDiffieHellmanProviderResponse(this.Version, this); response.AssociationType = this.AssociationType; return response; -#else - throw new NotSupportedException(); -#endif } } } diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj b/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj index c2dd18b..3ebd698 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj @@ -34,7 +34,7 @@ <Compile Include="OpenId\Interop\AuthenticationResponseShim.cs" /> <Compile Include="OpenId\Interop\ClaimsResponseShim.cs" /> <Compile Include="OpenId\Interop\OpenIdRelyingPartyShim.cs" /> - <Compile Include="OpenId\Messages\AssociateDiffieHellmanRelyingPartyResponse.cs" Condition=" '$(ExcludeDiffieHellman)' != 'true' " /> + <Compile Include="OpenId\Messages\AssociateDiffieHellmanRelyingPartyResponse.cs" /> <Compile Include="OpenId\Messages\AssociateRequestRelyingParty.cs" /> <Compile Include="OpenId\Messages\IAssociateSuccessfulResponseRelyingPartyContract.cs" /> <Compile Include="OpenId\Messages\IAssociateSuccessfulResponseRelyingParty.cs" /> @@ -71,7 +71,7 @@ <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> <Name>DotNetOpenAuth.OpenId</Name> </ProjectReference> - <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj" Condition=" '$(ExcludeDiffieHellman)' != 'true' "> + <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj"> <Project>{26DC877F-5987-48DD-9DDB-E62F2DE0E150}</Project> <Name>Org.Mentalis.Security.Cryptography</Name> </ProjectReference> diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyMessageFactory.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyMessageFactory.cs index ea771e1..957fd1b 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyMessageFactory.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyMessageFactory.cs @@ -95,12 +95,12 @@ namespace DotNetOpenAuth.OpenId.ChannelElements { // This is a special recognized error case that we create a special message for. message = new AssociateUnsuccessfulResponse(protocol.Version, associateRequest); } else if (message == null) { -#if !ExcludeDiffieHellman - var associateDiffieHellmanRequest = request as AssociateDiffieHellmanRequest; - if (associateDiffieHellmanRequest != null) { - message = new AssociateDiffieHellmanRelyingPartyResponse(protocol.Version, associateDiffieHellmanRequest); + if (OpenIdUtilities.IsDiffieHellmanPresent) { + var associateDiffieHellmanRequest = request as AssociateDiffieHellmanRequest; + if (associateDiffieHellmanRequest != null) { + message = new AssociateDiffieHellmanRelyingPartyResponse(protocol.Version, associateDiffieHellmanRequest); + } } -#endif var associateUnencryptedRequest = request as AssociateUnencryptedRequest; if (associateUnencryptedRequest != null) { diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs index 28deb20..1ac8488 100644 --- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs +++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs @@ -68,15 +68,15 @@ namespace DotNetOpenAuth.OpenId.Messages { associateRequest.AssociationType = associationType; return associateRequest; } else { -#if !ExcludeDiffieHellman - var associateRequest = new AssociateDiffieHellmanRequest(provider.Version, provider.Uri); - associateRequest.AssociationType = associationType; - associateRequest.SessionType = sessionType; - associateRequest.InitializeRequest(); - return associateRequest; -#else - return null; -#endif + if (OpenIdUtilities.IsDiffieHellmanPresent) { + var associateRequest = new AssociateDiffieHellmanRequest(provider.Version, provider.Uri); + associateRequest.AssociationType = associationType; + associateRequest.SessionType = sessionType; + associateRequest.InitializeRequest(); + return associateRequest; + } else { + return null; + } } } } diff --git a/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj b/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj index 4d5f5ff..95dccc1 100644 --- a/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj +++ b/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj @@ -123,11 +123,11 @@ <Compile Include="OpenId\ProviderEndpointDescription.cs" /> <Compile Include="OpenId\Realm.cs" /> <Compile Include="OpenId\RelyingPartyEndpointDescription.cs" /> - <Compile Include="OpenId\DiffieHellmanUtilities.cs" Condition=" '$(ExcludeDiffieHellman)' != 'true' " /> + <Compile Include="OpenId\DiffieHellmanUtilities.cs" /> <Compile Include="OpenId\HmacShaAssociation.cs" /> <Compile Include="OpenId\Messages\AssociateUnencryptedRequest.cs" /> <Compile Include="OpenId\Messages\AssociateDiffieHellmanRequest.cs" /> - <Compile Include="OpenId\Messages\AssociateDiffieHellmanResponse.cs" Condition=" '$(ExcludeDiffieHellman)' != 'true' " /> + <Compile Include="OpenId\Messages\AssociateDiffieHellmanResponse.cs" /> <Compile Include="OpenId\Messages\AssociateRequest.cs" /> <Compile Include="OpenId\Messages\AssociateSuccessfulResponse.cs" /> <Compile Include="OpenId\Messages\AssociateUnencryptedResponse.cs" /> @@ -180,7 +180,7 @@ <Project>{60426312-6AE5-4835-8667-37EDEA670222}</Project> <Name>DotNetOpenAuth.Core</Name> </ProjectReference> - <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj" Condition=" '$(ExcludeDiffieHellman)' != 'true' "> + <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj"> <Project>{26DC877F-5987-48DD-9DDB-E62F2DE0E150}</Project> <Name>Org.Mentalis.Security.Cryptography</Name> </ProjectReference> diff --git a/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs b/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs index 4a13ac6..5e3553d 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs @@ -140,11 +140,13 @@ namespace DotNetOpenAuth.OpenId { hashSizeInBits < securityRequirements.MinimumHashBitLength) { continue; } -#if !ExcludeDiffieHellman - sessionType = DiffieHellmanUtilities.GetNameForSize(protocol, hashSizeInBits); -#else - sessionType = requireMatchingDHSessionType ? null : protocol.Args.SessionType.NoEncryption; -#endif + + if (OpenIdUtilities.IsDiffieHellmanPresent) { + sessionType = DiffieHellmanUtilities.GetNameForSize(protocol, hashSizeInBits); + } else { + sessionType = requireMatchingDHSessionType ? null : protocol.Args.SessionType.NoEncryption; + } + if (requireMatchingDHSessionType && sessionType == null) { continue; } @@ -178,14 +180,14 @@ namespace DotNetOpenAuth.OpenId { return true; } -#if !ExcludeDiffieHellman - // When there _is_ a DH session, it must match in hash length with the association type. - int associationSecretLengthInBytes = GetSecretLength(protocol, associationType); - int sessionHashLengthInBytes = DiffieHellmanUtilities.Lookup(protocol, sessionType).HashSize / 8; - return associationSecretLengthInBytes == sessionHashLengthInBytes; -#else - return false; -#endif + if (OpenIdUtilities.IsDiffieHellmanPresent) { + // When there _is_ a DH session, it must match in hash length with the association type. + int associationSecretLengthInBytes = GetSecretLength(protocol, associationType); + int sessionHashLengthInBytes = DiffieHellmanUtilities.Lookup(protocol, sessionType).HashSize / 8; + return associationSecretLengthInBytes == sessionHashLengthInBytes; + } else { + return false; + } } /// <summary> diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanRequest.cs b/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanRequest.cs index ebe9f34..ed96ce7 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanRequest.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanRequest.cs @@ -12,9 +12,7 @@ namespace DotNetOpenAuth.OpenId.Messages { using System.Text; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.Messaging.Reflection; -#if !ExcludeDiffieHellman using Org.Mentalis.Security.Cryptography; -#endif /// <summary> /// An OpenID direct request from Relying Party to Provider to initiate an association that uses Diffie-Hellman encryption. @@ -78,7 +76,6 @@ namespace DotNetOpenAuth.OpenId.Messages { [MessagePart("openid.dh_consumer_public", IsRequired = true, AllowEmpty = false)] internal byte[] DiffieHellmanConsumerPublic { get; set; } -#if !ExcludeDiffieHellman /// <summary> /// Gets the Diffie-Hellman algorithm. /// </summary> @@ -86,13 +83,11 @@ namespace DotNetOpenAuth.OpenId.Messages { /// This property is initialized with a call to <see cref="InitializeRequest"/>. /// </remarks> internal DiffieHellman Algorithm { get; private set; } -#endif /// <summary> /// Called by the Relying Party to initialize the Diffie-Hellman algorithm and consumer public key properties. /// </summary> internal void InitializeRequest() { -#if !ExcludeDiffieHellman if (this.DiffieHellmanModulus == null || this.DiffieHellmanGen == null) { throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, OpenIdStrings.DiffieHellmanRequiredPropertiesNotSet, string.Join(", ", new string[] { "DiffieHellmanModulus", "DiffieHellmanGen" }))); } @@ -100,9 +95,6 @@ namespace DotNetOpenAuth.OpenId.Messages { this.Algorithm = new DiffieHellmanManaged(this.DiffieHellmanModulus ?? DefaultMod, this.DiffieHellmanGen ?? DefaultGen, DefaultX); byte[] consumerPublicKeyExchange = this.Algorithm.CreateKeyExchange(); this.DiffieHellmanConsumerPublic = DiffieHellmanUtilities.EnsurePositive(consumerPublicKeyExchange); -#else - throw new NotSupportedException(); -#endif } } } diff --git a/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs b/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs index e40ecd2..f8a32b5 100644 --- a/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs +++ b/src/DotNetOpenAuth.OpenId/OpenId/OpenIdUtilities.cs @@ -10,6 +10,7 @@ namespace DotNetOpenAuth.OpenId { using System.Diagnostics.CodeAnalysis; using System.Diagnostics.Contracts; using System.Globalization; + using System.IO; using System.Linq; using System.Text; using System.Text.RegularExpressions; @@ -19,6 +20,7 @@ namespace DotNetOpenAuth.OpenId { using DotNetOpenAuth.OpenId.ChannelElements; using DotNetOpenAuth.OpenId.Extensions; using DotNetOpenAuth.OpenId.Messages; + using Org.Mentalis.Security.Cryptography; /// <summary> /// A set of utilities especially useful to OpenID. @@ -29,6 +31,31 @@ namespace DotNetOpenAuth.OpenId { /// </summary> internal const string CustomParameterPrefix = "dnoa."; + private static bool? diffieHellmanPresent; + + internal static bool IsDiffieHellmanPresent { + get { + if (!diffieHellmanPresent.HasValue) { + try { + LoadDiffieHellmanTypes(); + diffieHellmanPresent = true; + } catch (FileNotFoundException) { + diffieHellmanPresent = false; + } catch (TypeLoadException) { + diffieHellmanPresent = false; + } + + if (diffieHellmanPresent.Value) { + Logger.OpenId.Info("Diffie-Hellman supporting assemblies found and loaded."); + } else { + Logger.OpenId.Warn("Diffie-Hellman supporting assemblies failed to load. Only associations with HTTPS OpenID Providers will be supported."); + } + } + + return diffieHellmanPresent.Value; + } + } + /// <summary> /// Creates a random association handle. /// </summary> @@ -169,5 +196,9 @@ namespace DotNetOpenAuth.OpenId { ErrorUtilities.VerifyOperation(aggregator != null, OpenIdStrings.UnsupportedChannelConfiguration); return aggregator.Factories; } + + private static void LoadDiffieHellmanTypes() { + var dhAssemblyType = typeof(DiffieHellmanManaged); + } } } diff --git a/tools/DotNetOpenAuth.targets b/tools/DotNetOpenAuth.targets index 3765455..445c072 100644 --- a/tools/DotNetOpenAuth.targets +++ b/tools/DotNetOpenAuth.targets @@ -18,7 +18,6 @@ <CodeContractsInstallDir>$(ProjectRoot)tools\Contracts\</CodeContractsInstallDir> <DefineConstants Condition=" '$(SignAssembly)' == 'true' ">$(DefineConstants);StrongNameSigned</DefineConstants> <DefineConstants Condition=" '$(ClrVersion)' == '4' ">$(DefineConstants);CLR4</DefineConstants> - <DefineConstants Condition=" '$(ExcludeDiffieHellman)' == 'true' ">$(DefineConstants);ExcludeDiffieHellman</DefineConstants> <AssemblySearchPaths>$(ProjectRoot)lib;$(AssemblySearchPaths)</AssemblySearchPaths> <AssemblySearchPaths Condition="Exists('$(ProjectRoot)lib\net-$(TargetFrameworkVersion)')">$(ProjectRoot)lib\net-$(TargetFrameworkVersion);$(AssemblySearchPaths)</AssemblySearchPaths> </PropertyGroup> |