public static EncryptionResult Encrypt(byte[] userKey, byte[] userSecret, byte[] payload) { byte[] salt = GenerateSalt(16); AsymmetricCipherKeyPair serverKeyPair = ECKeyHelper.GenerateKeys(); IBasicAgreement ecdhAgreement = AgreementUtilities.GetBasicAgreement("ECDH"); ecdhAgreement.Init(serverKeyPair.Private); ECPublicKeyParameters userPublicKey = ECKeyHelper.GetPublicKey(userKey); byte[] key = ecdhAgreement.CalculateAgreement(userPublicKey).ToByteArrayUnsigned(); byte[] serverPublicKey = ((ECPublicKeyParameters)serverKeyPair.Public).Q.GetEncoded(false); byte[] prk = HKDF(userSecret, key, Encoding.UTF8.GetBytes("Content-Encoding: auth\0"), 32); byte[] cek = HKDF(salt, prk, CreateInfoChunk("aesgcm", userKey, serverPublicKey), 16); byte[] nonce = HKDF(salt, prk, CreateInfoChunk("nonce", userKey, serverPublicKey), 12); byte[] input = AddPaddingToInput(payload); byte[] encryptedMessage = EncryptAes(nonce, cek, input); return(new EncryptionResult { Salt = salt, Payload = encryptedMessage, PublicKey = serverPublicKey }); }
/// <summary> /// Generate vapid keys /// </summary> public static VapidDetails GenerateVapidKeys() { var results = new VapidDetails(); var keys = ECKeyHelper.GenerateKeys(); var publicKey = ((ECPublicKeyParameters)keys.Public).Q.GetEncoded(false); var privateKey = ((ECPrivateKeyParameters)keys.Private).D.ToByteArrayUnsigned(); results.PublicKey = UrlBase64.Encode(publicKey); results.PrivateKey = UrlBase64.Encode(ByteArrayPadLeft(privateKey, 32)); return(results); }
public void TestGenerateKeys() { var keys = ECKeyHelper.GenerateKeys(); var publicKey = ((ECPublicKeyParameters)keys.Public).Q.GetEncoded(false); var privateKey = ((ECPrivateKeyParameters)keys.Private).D.ToByteArrayUnsigned(); var publicKeyLength = publicKey.Length; var privateKeyLength = privateKey.Length; Assert.Equal(65, publicKeyLength); Assert.Equal(32, privateKeyLength); }
/// <summary> /// Generate vapid keys /// </summary> /// <returns></returns> public static VapidDetails GenerateVapidKeys() { VapidDetails results = new VapidDetails(); AsymmetricCipherKeyPair keys = ECKeyHelper.GenerateKeys(); byte[] publicKey = ((ECPublicKeyParameters)keys.Public).Q.GetEncoded(false); byte[] privateKey = ((ECPrivateKeyParameters)keys.Private).D.ToByteArrayUnsigned(); results.PublicKey = UrlBase64.Encode(publicKey); results.PrivateKey = UrlBase64.Encode(privateKey); return(results); }
public void TestGenerateKeysNoCache() { var keys1 = ECKeyHelper.GenerateKeys(); var keys2 = ECKeyHelper.GenerateKeys(); var publicKey1 = ((ECPublicKeyParameters)keys1.Public).Q.GetEncoded(false); var privateKey1 = ((ECPrivateKeyParameters)keys1.Private).D.ToByteArrayUnsigned(); var publicKey2 = ((ECPublicKeyParameters)keys2.Public).Q.GetEncoded(false); var privateKey2 = ((ECPrivateKeyParameters)keys2.Private).D.ToByteArrayUnsigned(); Assert.False(publicKey1.SequenceEqual(publicKey2)); Assert.False(privateKey1.SequenceEqual(privateKey2)); }
public void TestGenerateKeys() { AsymmetricCipherKeyPair keys = ECKeyHelper.GenerateKeys(); byte[] publicKey = ((ECPublicKeyParameters)keys.Public).Q.GetEncoded(false); byte[] privateKey = ((ECPrivateKeyParameters)keys.Private).D.ToByteArrayUnsigned(); int publicKeyLength = publicKey.Length; int privateKeyLength = privateKey.Length; Assert.AreEqual(65, publicKeyLength); Assert.AreEqual(32, privateKeyLength); ; }