//----------------------------------------------------------------------- // // Copyright (c) Outercurve Foundation. All rights reserved. // //----------------------------------------------------------------------- namespace DotNetOpenAuth.OAuth.ChannelElements { using System; using System.Diagnostics.CodeAnalysis; using System.Security.Cryptography; using System.Text; using DotNetOpenAuth.Messaging; ///

/// A binding element that signs outgoing messages and verifies the signature on incoming messages. ///

public class HmacSha1SigningBindingElement : SigningBindingElementBase { ///

/// Initializes a new instance of the class ///

public HmacSha1SigningBindingElement() : base("HMAC-SHA1") { } ///

/// Calculates a signature for a given message. ///

/// The message to sign. /// The signature for the message. /// /// This method signs the message per OAuth 1.0 section 9.2. /// [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "False positive.")] protected override string GetSignature(ITamperResistantOAuthMessage message) { string key = GetConsumerAndTokenSecretString(message); using (var hasher = HmacAlgorithms.Create(HmacAlgorithms.HmacSha1, Encoding.ASCII.GetBytes(key))) { string baseString = ConstructSignatureBaseString(message, this.Channel.MessageDescriptions.GetAccessor(message)); byte[] digest = hasher.ComputeHash(Encoding.ASCII.GetBytes(baseString)); return Convert.ToBase64String(digest); } } ///

/// Clones this instance. ///

/// A new instance of the binding element. protected override ITamperProtectionChannelBindingElement Clone() { return new HmacSha1SigningBindingElement(); } } }