public void TestPublic()
{
TextReader reader = new StringReader(OpenIdTestBase.LoadEmbeddedFile("dhpriv.txt"));
try {
string line;
while ((line = reader.ReadLine()) != null) {
string[] parts = line.Trim().Split(' ');
byte[] x = Convert.FromBase64String(parts[0]);
DiffieHellmanManaged dh = new DiffieHellmanManaged(AssociateDiffieHellmanRequest.DefaultMod, AssociateDiffieHellmanRequest.DefaultGen, x);
byte[] pub = dh.CreateKeyExchange();
byte[] y = Convert.FromBase64String(parts[1]);
if (y[0] == 0 && y[1] <= 127) {
y.CopyTo(y, 1);
}
Assert.AreEqual(
Convert.ToBase64String(y),
Convert.ToBase64String(DiffieHellmanUtilities.EnsurePositive(pub)),
line);
}
} finally {
reader.Close();
}
}
public static void Main(string[] args)
{
ECDiffieHellmanCng alice = new ECDiffieHellmanCng();
//alice.DeriveKeyMaterial(
//CngKey.Import(
// create a new DH instance
DiffieHellman dh1 = new DiffieHellmanManaged();
// export the public parameters of the first DH instance
DHParameters dhp = dh1.ExportParameters(false);
// create a second DH instance and initialize it with the public parameters of the first instance
DiffieHellman dh2 = new DiffieHellmanManaged(dhp.P, dhp.G, 160);
// generate the public key of the first DH instance
byte[] ke1 = dh1.CreateKeyExchange();
// generate the public key of the second DH instance
byte[] ke2 = dh2.CreateKeyExchange();
// let the first DH instance compute the shared secret using the second DH public key
byte[] dh1k = dh1.DecryptKeyExchange(ke2);
// let the second DH instance compute the shared secret using the first DH public key
byte[] dh2k = dh2.DecryptKeyExchange(ke1);
// print both shared secrets to verify they are the same
Console.WriteLine("Computed secret of instance 1:");
PrintBytes(dh1k);
Console.WriteLine("\r\nComputed secret of instance 2:");
PrintBytes(dh2k);
Console.WriteLine("\r\nPress ENTER to continue...");
Console.ReadLine();
}
public static DHKeyPair GenerateKeyPair(int keysize)
{
DiffieHellman dh = new DiffieHellmanManaged(_prime, new byte[] { 0x02 }, keysize);
DHParameters privateKey = dh.ExportParameters(true);
return new DHKeyPair(
new DHPrivateKey(privateKey),
new DHPublicKey(dh.CreateKeyExchange()));
}
private static string Test1() {
DiffieHellman dh1 = new DiffieHellmanManaged();
DiffieHellman dh2 = new DiffieHellmanManaged();
string secret1 = Convert.ToBase64String(dh1.DecryptKeyExchange(dh2.CreateKeyExchange()));
string secret2 = Convert.ToBase64String(dh2.DecryptKeyExchange(dh1.CreateKeyExchange()));
Assert.AreEqual(secret1, secret2, "Secret keys do not match for some reason.");
return secret1;
}
public Node(Network network, string nodeID)
{
if (network == null) {
throw new ArgumentNullException("network");
}
if (nodeID.Length != 128) {
throw new ArgumentException("Invalid NodeID specified.");
}
this.nodeID = nodeID;
this.network = network;
alg = new RijndaelManaged();
diffieHellman = new DiffieHellmanManaged();
if (nodeID != Core.MyNodeID) {
directory = new NodeDirectory(this);
}
}
public void TestPublic() {
StreamReader sr = new StreamReader(@"..\..\src\DotNetOpenId.Test\dhpriv.txt");
try {
string line;
while ((line = sr.ReadLine()) != null) {
string[] parts = line.Trim().Split(' ');
byte[] x = Convert.FromBase64String(parts[0]);
DiffieHellmanManaged dh = new DiffieHellmanManaged(DiffieHellmanUtil.DEFAULT_MOD, DiffieHellmanUtil.DEFAULT_GEN, x);
byte[] pub = dh.CreateKeyExchange();
byte[] y = Convert.FromBase64String(parts[1]);
if (y[0] == 0 && y[1] <= 127)
y.CopyTo(y, 1);
Assert.AreEqual(y, Convert.FromBase64String(DiffieHellmanUtil.UnsignedToBase64(pub)), line);
}
} finally {
sr.Close();
}
}
/// <summary>
/// Creates the association at the provider side after the association request has been received.
/// </summary>
/// <param name="request">The association request.</param>
/// <param name="associationStore">The OpenID Provider's association store or handle encoder.</param>
/// <param name="securitySettings">The security settings of the Provider.</param>
/// <returns>
/// The newly created association.
/// </returns>
/// <remarks>
/// The response message is updated to include the details of the created association by this method,
/// but the resulting association is <i>not</i> added to the association store and must be done by the caller.
/// </remarks>
public Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) {
var diffieHellmanRequest = request as AssociateDiffieHellmanRequest;
ErrorUtilities.VerifyInternal(diffieHellmanRequest != null, "Expected a DH request type.");
this.SessionType = this.SessionType ?? request.SessionType;
// Go ahead and create the association first, complete with its secret that we're about to share.
Association association = HmacShaAssociationProvider.Create(this.Protocol, this.AssociationType, AssociationRelyingPartyType.Smart, associationStore, securitySettings);
// We now need to securely communicate the secret to the relying party using Diffie-Hellman.
// We do this by performing a DH algorithm on the secret and setting a couple of properties
// that will be transmitted to the Relying Party. The RP will perform an inverse operation
// using its part of a DH secret in order to decrypt the shared secret we just invented
// above when we created the association.
using (DiffieHellman dh = new DiffieHellmanManaged(
diffieHellmanRequest.DiffieHellmanModulus ?? AssociateDiffieHellmanRequest.DefaultMod,
diffieHellmanRequest.DiffieHellmanGen ?? AssociateDiffieHellmanRequest.DefaultGen,
AssociateDiffieHellmanRequest.DefaultX)) {
HashAlgorithm hasher = DiffieHellmanUtilities.Lookup(this.Protocol, this.SessionType);
this.DiffieHellmanServerPublic = DiffieHellmanUtilities.EnsurePositive(dh.CreateKeyExchange());
this.EncodedMacKey = DiffieHellmanUtilities.SHAHashXorSecret(hasher, dh, diffieHellmanRequest.DiffieHellmanConsumerPublic, association.SecretKey);
}
return association;
}
private void OnConnected(ITransport transport)
{
try {
LoggingService.LogInfo("Transport {0} connected.", transport);
if (transport.Encryptor != null) {
DiffieHellmanManaged dh = new DiffieHellmanManaged ();
byte[] keyxBytes = dh.CreateKeyExchange ();
transport.Send (dh.CreateKeyExchange (), 0, keyxBytes.Length);
keyxBytes = new byte [transport.Encryptor.KeyExchangeLength];
transport.Receive (keyxBytes, 0, transport.Encryptor.KeyExchangeLength);
keyxBytes = dh.DecryptKeyExchange (keyxBytes);
byte[] keyBytes = new byte[transport.Encryptor.KeySize];
byte[] ivBytes = new byte[transport.Encryptor.IvSize];
Array.Copy (keyxBytes, 0, keyBytes, 0, keyBytes.Length);
Array.Copy (keyxBytes, keyBytes.Length, ivBytes, 0, ivBytes.Length);
transport.Encryptor.SetKey(keyBytes, ivBytes);
}
byte[] connectionType = EndianBitConverter.GetBytes (transport.ConnectionType);
transport.Send (connectionType, 0, connectionType.Length);
byte[] networkId = Common.SHA512 (transport.Network.NetworkName);
transport.Send (networkId, 0, networkId.Length);
// Ready, Steady, GO!
TransportCallback callback = (TransportCallback) connectCallbacks [transport];
connectCallbacks.Remove (transport);
callback (transport);
} catch (Exception ex) {
transport.Disconnect (ex);
RaiseTransportError(transport, ex);
}
}
internal void Add(ITransport transport, TransportCallback connectCallback)
{
try {
// XXX: This should be negotiated as part of the initial handshake.
transport.Encryptor = new AESTransportEncryptor();
transports.Add (transport);
if (NewTransportAdded != null)
NewTransportAdded (transport);
LoggingService.LogInfo(String.Format ("Transport {0} added", transport.ToString()));
if (transport.Incoming == true) {
if (connectCallback != null)
throw new ArgumentException ("You can only specify a ConnectCallback for outoging connections!");
if (transport.Encryptor != null) {
DiffieHellmanManaged dh = new DiffieHellmanManaged ();
byte[] keyxBytes = new byte[transport.Encryptor.KeyExchangeLength];
transport.Receive (keyxBytes, 0, keyxBytes.Length);
keyxBytes = dh.DecryptKeyExchange (keyxBytes);
byte[] keyBytes = new byte[transport.Encryptor.KeySize];
byte[] ivBytes = new byte[transport.Encryptor.IvSize];
Array.Copy (keyxBytes, 0, keyBytes, 0, keyBytes.Length);
Array.Copy (keyxBytes, keyBytes.Length, ivBytes, 0, ivBytes.Length);
keyxBytes = dh.CreateKeyExchange ();
transport.Send (keyxBytes, 0, keyxBytes.Length);
transport.Encryptor.SetKey(keyBytes, ivBytes);
}
//Receive connection type, which is a ulong (8 bytes)
byte[] responseBuffer = new byte[8];
transport.Receive (responseBuffer, 0, 8);
ulong connectionType = EndianBitConverter.ToUInt64 (responseBuffer, 0);
// Recieve network ID (64 bytes)
responseBuffer = new byte[64];
transport.Receive (responseBuffer, 0, 64);
string networkId = EndianBitConverter.ToString (responseBuffer).Replace ("-", "");
// Match to one of our known networks!
foreach (Network network in Core.Networks) {
if (network.NetworkID == networkId) {
transport.Network = network;
}
}
if (transport.Network == null) {
throw new Exception (String.Format ("Unknown network: {0}.", networkId));
}
transport.ConnectionType = connectionType;
if (connectionType == ConnectionType.NodeConnection) {
LocalNodeConnection connection = new LocalNodeConnection(transport);
transport.Operation = connection;
transport.Network.AddConnection(connection);
connection.Start();
} else if (connectionType == ConnectionType.TransferConnection) {
Core.FileTransferManager.NewIncomingConnection(transport);
} else {
throw new Exception(String.Format("Unknown connection type: {0}.",
connectionType.ToString()));
}
} else {
if (connectCallback == null) {
throw new ArgumentNullException("connectCallback");
}
connectCallbacks.Add (transport, connectCallback);
LoggingService.LogInfo("Transport {0} connecting...", transport);
TransportCallback callback = new TransportCallback (OnConnected);
transport.Connect (callback);
}
} catch (Exception ex) {
transport.Disconnect (ex);
RaiseTransportError(transport, ex);
}
}
public static byte[] ComputeSharedKey(DHPrivateKey privateKey, DHPublicKey publicKey)
{
DiffieHellman dh = new DiffieHellmanManaged(privateKey.P, privateKey.G, privateKey.X);
return dh.DecryptKeyExchange(publicKey.KeyExchangeData);
}
