7 files changed, 26 insertions, 11 deletions

diff --git a/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj b/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj
index 42732fe..134a62f 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj
+++ b/src/DotNetOpenAuth.OpenId.Provider/DotNetOpenAuth.OpenId.Provider.csproj
@@ -30,8 +30,8 @@
     <Compile Include="OpenId\Extensions\ExtensionsInteropProviderHelper.cs" />
     <Compile Include="OpenId\Extensions\UI\UIRequestProvider.cs" />
     <Compile Include="OpenId\HmacShaAssociationProvider.cs" />
-    <Compile Include="OpenId\Messages\AssociateDiffieHellmanProviderRequest.cs" />
-    <Compile Include="OpenId\Messages\AssociateDiffieHellmanProviderResponse.cs" />
+    <Compile Include="OpenId\Messages\AssociateDiffieHellmanProviderRequest.cs" Condition=" '$(ExcludeDiffieHellman)' != 'true' " />
+    <Compile Include="OpenId\Messages\AssociateDiffieHellmanProviderResponse.cs" Condition=" '$(ExcludeDiffieHellman)' != 'true' " />
     <Compile Include="OpenId\Messages\IAssociateRequestProvider.cs" />
     <Compile Include="OpenId\Messages\AssociateRequestProviderTools.cs" />
     <Compile Include="OpenId\Messages\AssociateSuccessfulResponseProvider.cs" />
@@ -71,7 +71,7 @@
       <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project>
       <Name>DotNetOpenAuth.OpenId</Name>
     </ProjectReference>
-    <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj">
+    <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj" Condition=" '$(ExcludeDiffieHellman)' != 'true' ">
       <Project>{26DC877F-5987-48DD-9DDB-E62F2DE0E150}</Project>
       <Name>Org.Mentalis.Security.Cryptography</Name>
     </ProjectReference>
diff --git a/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/OpenIdProviderMessageFactory.cs b/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/OpenIdProviderMessageFactory.cs
index 3fab06b..d7a74ed 100644
--- a/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/OpenIdProviderMessageFactory.cs
+++ b/src/DotNetOpenAuth.OpenId.Provider/OpenId/ChannelElements/OpenIdProviderMessageFactory.cs
@@ -41,7 +41,9 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
 			if (fields.TryGetValue(protocol.openid.mode, out mode)) {
 				if (string.Equals(mode, protocol.Args.Mode.associate)) {
 					if (fields.ContainsKey(protocol.openid.dh_consumer_public)) {
+#if !ExcludeDiffieHellman
 						message = new AssociateDiffieHellmanProviderRequest(protocol.Version, recipient.Location);
+#endif
 					} else {
 						message = new AssociateUnencryptedProviderRequest(protocol.Version, recipient.Location);
 					}
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj b/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj
index a242783..e3ff0ae 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/DotNetOpenAuth.OpenId.RelyingParty.csproj
@@ -34,7 +34,7 @@
     <Compile Include="OpenId\Interop\AuthenticationResponseShim.cs" />
     <Compile Include="OpenId\Interop\ClaimsResponseShim.cs" />
     <Compile Include="OpenId\Interop\OpenIdRelyingPartyShim.cs" />
-    <Compile Include="OpenId\Messages\AssociateDiffieHellmanRelyingPartyResponse.cs" />
+    <Compile Include="OpenId\Messages\AssociateDiffieHellmanRelyingPartyResponse.cs" Condition=" '$(ExcludeDiffieHellman)' != 'true' " />
     <Compile Include="OpenId\Messages\AssociateRequestRelyingParty.cs" />
     <Compile Include="OpenId\Messages\AssociateSuccessfulResponseRelyingPartyContract.cs" />
     <Compile Include="OpenId\Messages\IAssociateSuccessfulResponseRelyingParty.cs" />
@@ -70,7 +70,7 @@
       <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project>
       <Name>DotNetOpenAuth.OpenId</Name>
     </ProjectReference>
-    <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj">
+    <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj" Condition=" '$(ExcludeDiffieHellman)' != 'true' ">
       <Project>{26DC877F-5987-48DD-9DDB-E62F2DE0E150}</Project>
       <Name>Org.Mentalis.Security.Cryptography</Name>
     </ProjectReference>
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyMessageFactory.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyMessageFactory.cs
index 4756c6e..9ec6c53 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyMessageFactory.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/ChannelElements/OpenIdRelyingPartyMessageFactory.cs
@@ -95,13 +95,14 @@ namespace DotNetOpenAuth.OpenId.ChannelElements {
 					// This is a special recognized error case that we create a special message for.
 					message = new AssociateUnsuccessfulResponse(protocol.Version, associateRequest);
 				} else if (message == null) {
+#if !ExcludeDiffieHellman
 					var associateDiffieHellmanRequest = request as AssociateDiffieHellmanRequest;
-					var associateUnencryptedRequest = request as AssociateUnencryptedRequest;
-
 					if (associateDiffieHellmanRequest != null) {
 						message = new AssociateDiffieHellmanRelyingPartyResponse(protocol.Version, associateDiffieHellmanRequest);
 					}
+#endif
 
+					var associateUnencryptedRequest = request as AssociateUnencryptedRequest;
 					if (associateUnencryptedRequest != null) {
 						message = new AssociateUnencryptedResponseRelyingParty(protocol.Version, associateUnencryptedRequest);
 					}
diff --git a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs
index 99f1a3e..0e00963 100644
--- a/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs
+++ b/src/DotNetOpenAuth.OpenId.RelyingParty/OpenId/Messages/AssociateRequestRelyingParty.cs
@@ -68,11 +68,15 @@ namespace DotNetOpenAuth.OpenId.Messages {
 				associateRequest.AssociationType = associationType;
 				return associateRequest;
 			} else {
+#if !ExcludeDiffieHellman
 				var associateRequest = new AssociateDiffieHellmanRequest(provider.Version, provider.Uri);
 				associateRequest.AssociationType = associationType;
 				associateRequest.SessionType = sessionType;
 				associateRequest.InitializeRequest();
 				return associateRequest;
+#else
+				return null;
+#endif
 			}
 		}
 	}
diff --git a/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj b/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj
index a215cb9..970c857 100644
--- a/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj
+++ b/src/DotNetOpenAuth.OpenId/DotNetOpenAuth.OpenId.csproj
@@ -119,11 +119,11 @@
     <Compile Include="OpenId\ProviderEndpointDescription.cs" />
     <Compile Include="OpenId\Realm.cs" />
     <Compile Include="OpenId\RelyingPartyDescription.cs" />
-    <Compile Include="OpenId\DiffieHellmanUtilities.cs" />
+    <Compile Include="OpenId\DiffieHellmanUtilities.cs" Condition=" '$(ExcludeDiffieHellman)' != 'true' " />
     <Compile Include="OpenId\HmacShaAssociation.cs" />
     <Compile Include="OpenId\Messages\AssociateUnencryptedRequest.cs" />
-    <Compile Include="OpenId\Messages\AssociateDiffieHellmanRequest.cs" />
-    <Compile Include="OpenId\Messages\AssociateDiffieHellmanResponse.cs" />
+    <Compile Include="OpenId\Messages\AssociateDiffieHellmanRequest.cs" Condition=" '$(ExcludeDiffieHellman)' != 'true' " />
+    <Compile Include="OpenId\Messages\AssociateDiffieHellmanResponse.cs" Condition=" '$(ExcludeDiffieHellman)' != 'true' " />
     <Compile Include="OpenId\Messages\AssociateRequest.cs" />
     <Compile Include="OpenId\Messages\AssociateSuccessfulResponse.cs" />
     <Compile Include="OpenId\Messages\AssociateUnencryptedResponse.cs" />
@@ -176,7 +176,7 @@
       <Project>{60426312-6AE5-4835-8667-37EDEA670222}</Project>
       <Name>DotNetOpenAuth.Messaging</Name>
     </ProjectReference>
-    <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj">
+    <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj" Condition=" '$(ExcludeDiffieHellman)' != 'true' " >
       <Project>{26DC877F-5987-48DD-9DDB-E62F2DE0E150}</Project>
       <Name>Org.Mentalis.Security.Cryptography</Name>
     </ProjectReference>
diff --git a/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs b/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs
index d723756..6a681a0 100644
--- a/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs
+++ b/src/DotNetOpenAuth.OpenId/OpenId/HmacShaAssociation.cs
@@ -161,7 +161,11 @@ namespace DotNetOpenAuth.OpenId {
 					hashSizeInBits < securityRequirements.MinimumHashBitLength) {
 					continue;
 				}
+#if !ExcludeDiffieHellman
 				sessionType = DiffieHellmanUtilities.GetNameForSize(protocol, hashSizeInBits);
+#else
+				sessionType = requireMatchingDHSessionType ? null : protocol.Args.SessionType.NoEncryption;
+#endif
 				if (requireMatchingDHSessionType && sessionType == null) {
 					continue;
 				}
@@ -195,10 +199,14 @@ namespace DotNetOpenAuth.OpenId {
 				return true;
 			}
 
+#if !ExcludeDiffieHellman
 			// When there _is_ a DH session, it must match in hash length with the association type.
 			int associationSecretLengthInBytes = GetSecretLength(protocol, associationType);
 			int sessionHashLengthInBytes = DiffieHellmanUtilities.Lookup(protocol, sessionType).HashSize / 8;
 			return associationSecretLengthInBytes == sessionHashLengthInBytes;
+#else
+			return false;
+#endif
 		}
 
 		/// <summary>