1 files changed, 103 insertions, 0 deletions

diff --git a/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanResponse.cs b/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanResponse.cs
new file mode 100644
index 0000000..5237826
--- /dev/null
+++ b/src/DotNetOpenAuth.OpenId/OpenId/Messages/AssociateDiffieHellmanResponse.cs
@@ -0,0 +1,103 @@
+//-----------------------------------------------------------------------
+// <copyright file="AssociateDiffieHellmanResponse.cs" company="Andrew Arnott">
+//     Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.OpenId.Messages {
+	using System;
+	using System.Diagnostics.Contracts;
+	using System.Security.Cryptography;
+	using DotNetOpenAuth.Messaging;
+	using DotNetOpenAuth.Messaging.Reflection;
+	using DotNetOpenAuth.OpenId.Provider;
+	using Org.Mentalis.Security.Cryptography;
+
+	/// <summary>
+	/// The successful Diffie-Hellman association response message.
+	/// </summary>
+	/// <remarks>
+	/// Association response messages are described in OpenID 2.0 section 8.2.  This type covers section 8.2.3.
+	/// </remarks>
+	internal class AssociateDiffieHellmanResponse : AssociateSuccessfulResponse {
+		/// <summary>
+		/// Initializes a new instance of the <see cref="AssociateDiffieHellmanResponse"/> class.
+		/// </summary>
+		/// <param name="responseVersion">The OpenID version of the response message.</param>
+		/// <param name="originatingRequest">The originating request.</param>
+		internal AssociateDiffieHellmanResponse(Version responseVersion, AssociateDiffieHellmanRequest originatingRequest)
+			: base(responseVersion, originatingRequest) {
+		}
+
+		/// <summary>
+		/// Gets or sets the Provider's Diffie-Hellman public key. 
+		/// </summary>
+		/// <value>btwoc(g ^ xb mod p)</value>
+		[MessagePart("dh_server_public", IsRequired = true, AllowEmpty = false)]
+		internal byte[] DiffieHellmanServerPublic { get; set; }
+
+		/// <summary>
+		/// Gets or sets the MAC key (shared secret), encrypted with the secret Diffie-Hellman value.
+		/// </summary>
+		/// <value>H(btwoc(g ^ (xa * xb) mod p)) XOR MAC key. H is either "SHA1" or "SHA256" depending on the session type. </value>
+		[MessagePart("enc_mac_key", IsRequired = true, AllowEmpty = false)]
+		internal byte[] EncodedMacKey { get; set; }
+
+		/// <summary>
+		/// Creates the association at relying party side after the association response has been received.
+		/// </summary>
+		/// <param name="request">The original association request that was already sent and responded to.</param>
+		/// <returns>The newly created association.</returns>
+		/// <remarks>
+		/// The resulting association is <i>not</i> added to the association store and must be done by the caller.
+		/// </remarks>
+		protected override Association CreateAssociationAtRelyingParty(AssociateRequest request) {
+			var diffieHellmanRequest = request as AssociateDiffieHellmanRequest;
+			ErrorUtilities.VerifyArgument(diffieHellmanRequest != null, OpenIdStrings.DiffieHellmanAssociationRequired);
+
+			HashAlgorithm hasher = DiffieHellmanUtilities.Lookup(Protocol, this.SessionType);
+			byte[] associationSecret = DiffieHellmanUtilities.SHAHashXorSecret(hasher, diffieHellmanRequest.Algorithm, this.DiffieHellmanServerPublic, this.EncodedMacKey);
+
+			Association association = HmacShaAssociation.Create(Protocol, this.AssociationType, this.AssociationHandle, associationSecret, TimeSpan.FromSeconds(this.ExpiresIn));
+			return association;
+		}
+
+		/// <summary>
+		/// Creates the association at the provider side after the association request has been received.
+		/// </summary>
+		/// <param name="request">The association request.</param>
+		/// <param name="associationStore">The OpenID Provider's association store or handle encoder.</param>
+		/// <param name="securitySettings">The security settings of the Provider.</param>
+		/// <returns>
+		/// The newly created association.
+		/// </returns>
+		/// <remarks>
+		/// The response message is updated to include the details of the created association by this method,
+		/// but the resulting association is <i>not</i> added to the association store and must be done by the caller.
+		/// </remarks>
+		protected override Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) {
+			var diffieHellmanRequest = request as AssociateDiffieHellmanRequest;
+			ErrorUtilities.VerifyInternal(diffieHellmanRequest != null, "Expected a DH request type.");
+
+			this.SessionType = this.SessionType ?? request.SessionType;
+
+			// Go ahead and create the association first, complete with its secret that we're about to share.
+			Association association = HmacShaAssociation.Create(this.Protocol, this.AssociationType, AssociationRelyingPartyType.Smart, associationStore, securitySettings);
+
+			// We now need to securely communicate the secret to the relying party using Diffie-Hellman.
+			// We do this by performing a DH algorithm on the secret and setting a couple of properties
+			// that will be transmitted to the Relying Party.  The RP will perform an inverse operation
+			// using its part of a DH secret in order to decrypt the shared secret we just invented 
+			// above when we created the association.
+			using (DiffieHellman dh = new DiffieHellmanManaged(
+				diffieHellmanRequest.DiffieHellmanModulus ?? AssociateDiffieHellmanRequest.DefaultMod,
+				diffieHellmanRequest.DiffieHellmanGen ?? AssociateDiffieHellmanRequest.DefaultGen,
+				AssociateDiffieHellmanRequest.DefaultX)) {
+				HashAlgorithm hasher = DiffieHellmanUtilities.Lookup(this.Protocol, this.SessionType);
+				this.DiffieHellmanServerPublic = DiffieHellmanUtilities.EnsurePositive(dh.CreateKeyExchange());
+				this.EncodedMacKey = DiffieHellmanUtilities.SHAHashXorSecret(hasher, dh, diffieHellmanRequest.DiffieHellmanConsumerPublic, association.SecretKey);
+			}
+			return association;
+		}
+	}
+}