public static byte[] Respond(ECPublicKeyParameters senderPublicKey, ECPrivateKeyParameters receiverPrivateKey,
ECPublicKeyParameters ephemeralSenderPublicKey)
{
ECPublicKeyParameters Q_static_U = senderPublicKey;
ECPrivateKeyParameters d_static_V = receiverPrivateKey;
ECPublicKeyParameters Q_ephemeral_U = ephemeralSenderPublicKey;
// Calculate shared ephemeral secret 'Ze'
BigInteger Ze = KeyAgreementFactory.CalculateEcdhcSecret(Q_ephemeral_U, d_static_V); // EC-DHC
byte[] Ze_encoded = Ze.ToByteArrayUnsigned();
// Calculate shared static secret 'Zs'
BigInteger Zs = KeyAgreementFactory.CalculateEcdhcSecret(Q_static_U, d_static_V); // EC-DHC
byte[] Zs_encoded = Zs.ToByteArrayUnsigned();
// Concatenate Ze and Zs byte strings to form shared secret, pre-KDF : Ze||Zs
var Z = new byte[Ze_encoded.Length + Zs_encoded.Length];
Ze_encoded.DeepCopy_NoChecks(0, Z, 0, Ze_encoded.Length);
Zs_encoded.DeepCopy_NoChecks(0, Z, Ze_encoded.Length, Zs_encoded.Length);
// Zero intermediate secrets
Ze_encoded.SecureWipe();
Zs_encoded.SecureWipe();
return(Z);
}
public static byte[] Initiate(ECPublicKeyParameters recipientPublicKey, ECPrivateKeyParameters senderPrivateKey,
out ECPublicKeyParameters ephemeralSenderPublicKey)
{
ECPublicKeyParameters Q_static_V = recipientPublicKey;
ECPrivateKeyParameters d_static_U = senderPrivateKey;
ECPoint QeV;
BigInteger deU;
KeypairFactory.GenerateECKeypair(recipientPublicKey.Parameters, out QeV, out deU);
var Q_ephemeral_V = new ECPublicKeyParameters("ECDHC", QeV, recipientPublicKey.Parameters);
var d_ephemeral_U = new ECPrivateKeyParameters("ECDHC", deU, recipientPublicKey.Parameters);
// Calculate shared ephemeral secret 'Ze'
BigInteger Ze = KeyAgreementFactory.CalculateEcdhcSecret(Q_static_V, d_ephemeral_U); // EC-DHC
byte[] Ze_encoded = Ze.ToByteArrayUnsigned();
// Calculate shared static secret 'Zs'
BigInteger Zs = KeyAgreementFactory.CalculateEcdhcSecret(Q_static_V, d_static_U); // EC-DHC
byte[] Zs_encoded = Zs.ToByteArrayUnsigned();
// Concatenate Ze and Zs byte strings to form shared secret, pre-KDF : Ze||Zs
var Z = new byte[Ze_encoded.Length + Zs_encoded.Length];
Ze_encoded.DeepCopy_NoChecks(0, Z, 0, Ze_encoded.Length);
Zs_encoded.DeepCopy_NoChecks(0, Z, Ze_encoded.Length, Zs_encoded.Length);
ephemeralSenderPublicKey = Q_ephemeral_V;
// Zero intermediate secrets
Ze_encoded.SecureWipe();
Zs_encoded.SecureWipe();
return(Z);
}
/// <summary>
/// Calculate the shared secret in participant U's (initiator) role.
/// </summary>
/// <param name="recipientPublicKey">Public key of the recipient.</param>
/// <param name="senderPrivateKey">Private key of the sender.</param>
/// <param name="ephemeralSenderPublicKey">
/// Ephemeral public key to send to the responder (V, receiver). Output to this
/// parameter.
/// </param>
public static byte[] Initiate(ECKey recipientPublicKey, ECKey senderPrivateKey,
out ECKey ephemeralSenderPublicKey)
{
if (recipientPublicKey.PublicComponent == false)
{
throw new ArgumentException("Recipient key is not public component.", "recipientPublicKey");
}
if (senderPrivateKey.PublicComponent)
{
throw new ArgumentException("Sender key not private component.", "senderPrivateKey");
}
ECKey Q_static_V = recipientPublicKey;
ECKey d_static_U = senderPrivateKey;
ECKeypair kp_ephemeral_U = KeypairFactory.GenerateECKeypair(senderPrivateKey.CurveName);
ECKey Q_ephemeral_U = kp_ephemeral_U.ExportPublicKey();
ECKey d_ephemeral_U = kp_ephemeral_U.GetPrivateKey();
// Calculate shared ephemeral secret 'Ze'
byte[] Ze = KeyAgreementFactory.CalculateEcdhcSecret(Q_static_V, d_ephemeral_U);
// Calculate shared static secret 'Zs'
byte[] Zs = KeyAgreementFactory.CalculateEcdhcSecret(Q_static_V, d_static_U);
// Concatenate Ze and Zs byte strings to form shared secret, pre-KDF : Ze||Zs
var Z = new byte[Ze.Length + Zs.Length];
Ze.DeepCopy_NoChecks(0, Z, 0, Ze.Length);
Zs.DeepCopy_NoChecks(0, Z, Ze.Length, Zs.Length);
ephemeralSenderPublicKey = Q_ephemeral_U;
// Zero intermediate secrets
Ze.SecureWipe();
Zs.SecureWipe();
return(Z);
}