private static void InitializeEncryption()
{
if (ENC_ECDCrypto == null || DEC_ECDCrypto == null)
{
ENC_ECDCrypto = new ECDiffieHellmanCng
{
KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash,
HashAlgorithm = CngAlgorithm.Sha256
};
ENCpublicKey = ENC_ECDCrypto.PublicKey.ToByteArray();
DEC_ECDCrypto = new ECDiffieHellmanCng
{
KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash,
HashAlgorithm = CngAlgorithm.Sha256
};
DECpublicKey = DEC_ECDCrypto.PublicKey.ToByteArray();
ENCprivateKey = ENC_ECDCrypto.DeriveKeyMaterial(CngKey.Import(DECpublicKey, CngKeyBlobFormat.EccPublicBlob));
DECprivateKey = DEC_ECDCrypto.DeriveKeyMaterial(CngKey.Import(ENCpublicKey, CngKeyBlobFormat.EccPublicBlob));
}
}
static internal byte[] PerformAssymetricKeyExchangeUsingECDiffieHellmanOnSocket(System.Net.Sockets.Socket socket)
{
using (ECDiffieHellmanCng ECDiffieHellmanCngobj = new ECDiffieHellmanCng()) {
ECDiffieHellmanCngobj.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
ECDiffieHellmanCngobj.HashAlgorithm = CngAlgorithm.Sha256;
byte[] _myPublicKey = ECDiffieHellmanCngobj.PublicKey.ToByteArray();
byte[] _otherPublicKey = new byte[140];
if (NetworkCommunicationManagers.SendByteArrayOverSocket(socket, _myPublicKey) == false)
{
return(null);
}
;
if (NetworkCommunicationManagers.ReceiveByteArrayOverSocket(socket, out _otherPublicKey, 140) == false)
{
return(null);
}
;
return(ECDiffieHellmanCngobj.DeriveKeyMaterial(CngKey.Import(_otherPublicKey, CngKeyBlobFormat.EccPublicBlob)));
}
}
private byte [] AliceSendData(string message)
{
Console.WriteLine("Alice message: {0}", message);
byte[] rawData = Encoding.UTF8.GetBytes(message);
byte[] encData = null;
//Get alice's algorithm (use alice keys)
ECDiffieHellmanCng aliceAlg = new ECDiffieHellmanCng(aliceKey);
using (CngKey bobPubKey = CngKey.Import(bobPubKeyBlob, CngKeyBlobFormat.EccPublicBlob))
{
//Create symmetric key - using alice's keys and bob's public key
byte[] symKey = aliceAlg.DeriveKeyMaterial(bobPubKey);
//Provider for data encryption
AesCryptoServiceProvider acsp = new AesCryptoServiceProvider();
acsp.Key = symKey;
acsp.GenerateIV();
using (ICryptoTransform encryptor = acsp.CreateEncryptor())
using (MemoryStream ms = new MemoryStream())
{
//Create crypto stream
CryptoStream cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write);
//Send initial vector
ms.Write(acsp.IV, 0, acsp.IV.Length);
//Send encrypted data
cs.Write(rawData, 0, rawData.Length);
//Important thing!
cs.Close();
encData = ms.ToArray();
}
acsp.Clear();
}
Console.WriteLine("Alice cipher: {0}", Convert.ToBase64String(encData));
return(encData);
}
public static void Test()
{
ECDiffieHellmanCng alice = new ECDiffieHellmanCng();
alice.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
alice.HashAlgorithm = CngAlgorithm.Sha1;
ECDiffieHellmanCng bob = new ECDiffieHellmanCng();
bob.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
bob.HashAlgorithm = CngAlgorithm.Sha1;
byte[] aliceKey = alice.DeriveKeyMaterial(bob.PublicKey);
byte[] bobKey = bob.DeriveKeyMaterial(alice.PublicKey);
Console.WriteLine(bobKey.SequenceEqual(aliceKey));
var r = new RijndaelManaged();
r.GenerateIV();
var iv = r.IV;
byte[] encrypted = SymmetricAlgorithmTest.Encrypt <RijndaelManaged>(original, bobKey, iv);
string roundtrip = SymmetricAlgorithmTest.Decrypt <RijndaelManaged>(encrypted, aliceKey, iv);
string hex = Epic.Converters.HexString.Encode(encrypted);
string base64 = Convert.ToBase64String(encrypted);
//Display the original data and the decrypted data.
Console.WriteLine($"ECC:");
Console.WriteLine("Byte: {0}", encrypted.Length);
Console.WriteLine("Hex: {0}, {1}", hex.Length, hex);
Console.WriteLine("Base64: {0}, {1}", base64.Length, base64);
Console.WriteLine("Decode: {0}", roundtrip);
Console.WriteLine();
}
public static void Equivalence_Hmac(HashAlgorithmName algorithm, bool useSecretAgreementAsHmac, bool prepend, bool append)
{
using (ECDiffieHellmanCng ecdh = NewDefaultECDHCng())
using (ECDiffieHellmanPublicKey publicKey = ecdh.PublicKey)
{
byte[] secretPrepend = prepend ? new byte[3] : null;
byte[] secretAppend = append ? new byte[4] : null;
byte[] hmacKey = useSecretAgreementAsHmac ? null : new byte[12];
byte[] newWay = ecdh.DeriveKeyFromHmac(publicKey, algorithm, hmacKey, secretPrepend, secretAppend);
ecdh.HashAlgorithm = new CngAlgorithm(algorithm.Name);
ecdh.HmacKey = hmacKey;
ecdh.SecretPrepend = secretPrepend;
ecdh.SecretAppend = secretAppend;
ecdh.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hmac;
byte[] oldWay = ecdh.DeriveKeyMaterial(publicKey);
Assert.Equal(newWay, oldWay);
}
}
// When overridden in a derived class, performs enclave attestation, generates a symmetric key for the session, creates a an enclave session and stores the session information in the cache.
internal override void CreateEnclaveSession(byte[] attestationInfo, ECDiffieHellmanCng clientDHKey, EnclaveSessionParameters enclaveSessionParameters, byte[] customData, int customDataLength, out SqlEnclaveSession sqlEnclaveSession, out long counter)
{
sqlEnclaveSession = null;
counter = 0;
try
{
ThreadRetryCache.Remove(Thread.CurrentThread.ManagedThreadId.ToString());
sqlEnclaveSession = GetEnclaveSessionFromCache(enclaveSessionParameters, out counter);
if (sqlEnclaveSession == null)
{
if (!string.IsNullOrEmpty(enclaveSessionParameters.AttestationUrl))
{
// Deserialize the payload
AttestationInfo info = new AttestationInfo(attestationInfo);
// Verify enclave policy matches expected policy
VerifyEnclavePolicy(info.EnclaveReportPackage);
// Perform Attestation per VSM protocol
VerifyAttestationInfo(enclaveSessionParameters.AttestationUrl, info.HealthReport, info.EnclaveReportPackage);
// Set up shared secret and validate signature
byte[] sharedSecret = GetSharedSecret(info.Identity, info.EnclaveDHInfo, clientDHKey);
// add session to cache
sqlEnclaveSession = AddEnclaveSessionToCache(enclaveSessionParameters, sharedSecret, info.SessionId, out counter);
}
else
{
throw new AlwaysEncryptedAttestationException(Strings.FailToCreateEnclaveSession);
}
}
}
finally
{
UpdateEnclaveSessionLockStatus(sqlEnclaveSession);
}
}
// When overridden in a derived class, performs enclave attestation, generates a symmetric key for the session, creates a an enclave session and stores the session information in the cache.
public override void CreateEnclaveSession(byte[] attestationInfo, ECDiffieHellmanCng clientDHKey, string attestationUrl, string servername, out SqlEnclaveSession sqlEnclaveSession, out long counter)
{
sqlEnclaveSession = null;
counter = 0;
try
{
AttestationInfoCacheItem attestationInfoCacheItem = AttestationInfoCache.Remove(Thread.CurrentThread.ManagedThreadId.ToString()) as AttestationInfoCacheItem;
sqlEnclaveSession = GetEnclaveSessionFromCache(servername, attestationUrl, out counter);
if (sqlEnclaveSession == null)
{
if (attestationInfoCacheItem != null)
{
// Deserialize the payload
AttestationInfo info = new AttestationInfo(attestationInfo);
// Verify enclave policy matches expected policy
VerifyEnclavePolicy(info.EnclaveReportPackage);
// Perform Attestation per VSM protocol
VerifyAttestationInfo(attestationUrl, info.HealthReport, info.EnclaveReportPackage);
// Set up shared secret and validate signature
byte[] sharedSecret = GetSharedSecret(info.Identity, info.EnclaveDHInfo, clientDHKey);
// add session to cache
sqlEnclaveSession = AddEnclaveSessionToCache(attestationUrl, servername, sharedSecret, info.SessionId, out counter);
}
else
{
throw new AlwaysEncryptedAttestationException(SR.FailToCreateEnclaveSession);
}
}
}
finally
{
UpdateEnclaveSessionLockStatus(sqlEnclaveSession);
}
}
private async Task <byte[]> AliceSendsDataAsync(string message)
{
WriteLine($"Alice sends message: {message}");
byte[] rawData = Encoding.UTF8.GetBytes(message);
byte[] encryptedData = null;
using (var aliceAlgorithm = new ECDiffieHellmanCng(_aliceKey))
using (CngKey bobPubKey = CngKey.Import(_bobPubKeyBlob,
CngKeyBlobFormat.EccPublicBlob))
{
byte[] symmKey = aliceAlgorithm.DeriveKeyMaterial(bobPubKey);
WriteLine("Alice creates this symmetric key with " +
$"Bobs public key information: { Convert.ToBase64String(symmKey)}");
using (var aes = new AesCryptoServiceProvider())
{
aes.Key = symmKey;
aes.GenerateIV();
using (ICryptoTransform encryptor = aes.CreateEncryptor())
using (var ms = new MemoryStream())
{
// create CryptoStream and encrypt data to send
using (var cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
{
// write initialization vector not encrypted
await ms.WriteAsync(aes.IV, 0, aes.IV.Length);
await cs.WriteAsync(rawData, 0, rawData.Length);
}
encryptedData = ms.ToArray();
}
aes.Clear();
}
}
WriteLine($"Alice: message is encrypted: {Convert.ToBase64String(encryptedData)}");;
WriteLine();
return(encryptedData);
}
protected void Construct(Socket handler)
{
if (handler == null)
{
throw new ArgumentNullException("handler");
}
if (!handler.Connected)
{
throw new ArgumentException("Socket should be connected.");
}
_handler = handler;
_received = new MemoryStream();
_buffer = new byte[BufferSize];
_packer = new Packer();
_diffieHellman = new ECDiffieHellmanCng(KeySize);
_diffieHellman.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
_diffieHellman.HashAlgorithm = CngAlgorithm.Sha256;
_handler.BeginReceive(_buffer, 0, _buffer.Length, SocketFlags.None, OnReceive, null);
}
protected void Construct(Socket socket)
{
if (socket == null)
{
throw new ArgumentNullException("socket");
}
if (!socket.Connected)
{
throw new ArgumentException("Socket should be connected.");
}
handler = socket;
buffer = new byte[BufferSize];
received = new MemoryStream();
packer = new Packer();
diffieHellman = new ECDiffieHellmanCng(KeySize);
diffieHellman.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
diffieHellman.HashAlgorithm = CngAlgorithm.Sha256;
handler.BeginReceive(buffer, 0, buffer.Length, SocketFlags.None, OnReceive, null);
}
public (byte[] PublicKey, byte[] PrivateKey) GenerateKeys()
{
if (OperatingSystem.IsWindows())
{
using (ECDiffieHellmanCng ECD = new ECDiffieHellmanCng(KeySize))
{
var x = ECD.ExportParameters(true);
ECD.KeyDerivationFunction = ECDHKDF;
ECD.HashAlgorithm = HashingAlgorithm;
return(
ECD.PublicKey.ToByteArray(),
ECD.ExportECPrivateKey()
);
}
}
else
{
throw new NotSupportedException();
}
}
public void TestCngGeneratP256PublicKeysWithBigEndianEncoding()
{
ECDiffieHellmanCng aliceCng = new ECDiffieHellmanCng(256)
{
HashAlgorithm = CngAlgorithm.Sha256,
KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash
};
byte[] alicePubKeyBlob = aliceCng.Key.Export(CngKeyBlobFormat.EccPublicBlob);
Assert.AreEqual(2 * 32 + 8, alicePubKeyBlob.Length);
var keyType = new byte[] { 0x45, 0x43, 0x4b, 0x31 };
var keyLength = new byte[] { 0x20, 0x00, 0x00, 0x00 };
var keyTypeAndLength = new[] { keyType, keyLength }.SelectMany(l => l).ToArray();
var startOfKey = alicePubKeyBlob.Where((b, i) => i < 8).ToArray();
Assert.IsTrue(keyTypeAndLength.SequenceEqual(startOfKey));
byte[] aliceElipticCoordinates = new byte[64];
Array.Copy(alicePubKeyBlob, 8, aliceElipticCoordinates, 0, aliceElipticCoordinates.Length);
EllipticCurveHelper.TestKeyBelongsToP256(aliceElipticCoordinates);
}
private void GenerateKeys()
{
using (ECDiffieHellmanCng ecd1 = new ECDiffieHellmanCng())
{
ecd1.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
ecd1.HashAlgorithm = CngAlgorithm.Sha256;
person1PublicKey = ecd1.PublicKey.ToByteArray();
txt_Kul_1_Public_Key.Text = Convert.ToBase64String(person1PublicKey);
/* 2. kişi tarafındaki işlemler, 1. kişinin açık anahtarı biliniyor. */
using (ECDiffieHellmanCng ecd2 = new ECDiffieHellmanCng())
{
ecd2.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
ecd2.HashAlgorithm = CngAlgorithm.Sha256;
person2PublicKey = ecd2.PublicKey.ToByteArray();
txt_Kul_2_Public_Key.Text = Convert.ToBase64String(person2PublicKey);
commonKey = ecd2.DeriveKeyMaterial(CngKey.Import(person1PublicKey, CngKeyBlobFormat.EccPublicBlob));
txt_Ortak_Anahtar.Text = Convert.ToBase64String(commonKey);
}
}
}
protected override void Read(BinaryReader reader)
{
base.Read(reader);
_parentID = reader.ReadInt32();
_name = reader.ReadSrfsString();
KeyThumbprint encryptionKeyThumbprint = reader.ReadKeyThumbprint();
if (!encryptionKeyThumbprint.Equals(_decryptionKey.Thumbprint))
{
throw new System.IO.IOException();
}
CngKey publicSourceKey = reader.ReadPublicKey().Key;
reader.ReadBytes(PaddingLength);
byte[] encryptedData = reader.ReadBytes(_plainTextData.Length);
using (ECDiffieHellmanCng destinationKey = new ECDiffieHellmanCng(_decryptionKey.Key)) {
_plainTextData = Decrypt(destinationKey, publicSourceKey, encryptedData, 0, encryptedData.Length);
}
}
private void Listen()
{
if (Proxy == null)
{
Proxy = new Publisher(PrivateSpace, Space, ConcealedSpace);
}
Proxy.Running = true;
while (true)
{
var request = Space.Get("Request", typeof(HubRequestType), typeof(string), typeof(string));
var identifier = request.Get <string>(2);
var requestType = request.Get <HubRequestType>(1);
var secret = request.Get <string>(3);
if (requestType == HubRequestType.EstablishSession)
{
var t = PrivateSpace.QueryP("SessionSecret", typeof(string), identifier);
if (t != null)
{
PrivateSpace.GetAll("SessionSecret", typeof(string), identifier);
}
using (var me = new ECDiffieHellmanCng())
{
var herKey = CngKey.Import(Convert.FromBase64String(secret), CngKeyBlobFormat.EccPublicBlob);
var ourKey = Convert.ToBase64String(me.DeriveKeyMaterial(herKey));
PrivateSpace.Put("SessionSecret", ourKey, identifier);
var myKey = Convert.ToBase64String(me.PublicKey.ToByteArray());
Space.Put("Response", identifier, HubRequestType.EstablishSession, myKey);
}
Proxy.SyncIncomingUser(identifier);
}
else if (requestType == HubRequestType.TerminateSession)
{
PrivateSpace.GetP("SessionSecret", typeof(string), identifier);
}
}
}
/*Bob receives encrypted data in the argument of the method BobReceivesData() . First, the
* unencrypted initialization vector must be read. The BlockSize property of the class
* AesCryptoServiceProvider returns the number of bits for a block. The number of bytes can be
* calculated by doing a divide by 8, and the fastest way to do this is by doing a bit shift of 3 bits. Shifting
* by 1 bit is a division by 2, 2 bits by 4, and 3 bits by 8. With the for loop, the first bytes of the raw bytes
* that contain the IV unencrypted are written to the array iv . Next, an ECDiffieHellmanCng object is
* instantiated with the key pair from Bob. Using the public key from Alice, the symmetric key is returned
* from the method DeriveKeyMaterial() . Comparing the symmetric keys created from Alice and Bob
* shows that the same key value gets created. Using this symmetric key and the initialization vector, the
* message from Alice can be decrypted with the AesCryptoServiceProvider class.
*/
private static void BobReceivesData(byte[] encryptedData)
{
ReturnString += String.Format("\n\nBob receives encrypted data");
byte[] rawData = null;
AesCryptoServiceProvider aes = new AesCryptoServiceProvider();
int nBytes = aes.BlockSize >> 3;
byte[] iv = new byte[nBytes];
for (int i = 0; i < iv.Length; i++)
{
iv[i] = encryptedData[i];
}
ECDiffieHellmanCng bobAlgorithm = new ECDiffieHellmanCng(bobKey);
using (CngKey alicePubKey = CngKey.Import(alicePubKeyBlob,
CngKeyBlobFormat.EccPublicBlob))
{
byte[] symmKey = bobAlgorithm.DeriveKeyMaterial(alicePubKey);
ReturnString += String.Format("\nBob creates this symmetric key with " +
"Alice's public key information: {0}",
Convert.ToBase64String(symmKey));
aes.Key = symmKey;
aes.IV = iv;
using (ICryptoTransform decryptor = aes.CreateDecryptor())
using (MemoryStream ms = new MemoryStream())
{
CryptoStream cs = new CryptoStream(ms, decryptor,
CryptoStreamMode.Write);
cs.Write(encryptedData, nBytes, encryptedData.Length - nBytes);
cs.Close();
rawData = ms.ToArray();
ReturnString += String.Format("\nBob decrypts message to: {0}",
Encoding.UTF8.GetString(rawData));
}
aes.Clear();
}
}
public static void SendLoginRequest(LoginArgsContainer Args)
{
PacketStream InitialPacket = new PacketStream((byte)PacketType.LOGIN_REQUEST, 0);
InitialPacket.WriteHeader();
ECDiffieHellmanCng PrivateKey = Args.Client.ClientEncryptor.GetDecryptionArgsContainer()
.AESDecryptArgs.PrivateKey;
//IMPORTANT: Public key must derive from the private key!
byte[] ClientPublicKey = PrivateKey.PublicKey.ToByteArray();
byte[] NOnce = Args.Client.ClientEncryptor.GetDecryptionArgsContainer().AESDecryptArgs.NOnce;
InitialPacket.WriteInt32(((byte)PacketHeaders.UNENCRYPTED +
/*4 is for version*/ 4 + (ClientPublicKey.Length + 1) + (NOnce.Length + 1)));
SaltedHash Hash = new SaltedHash(new SHA512Managed(), Args.Username.Length);
byte[] HashBuf = Hash.ComputePasswordHash(Args.Username, Args.Password);
PlayerAccount.Hash = HashBuf;
string[] Version = GlobalSettings.Default.ClientVersion.Split('.');
InitialPacket.WriteByte((byte)int.Parse(Version[0])); //Version 1
InitialPacket.WriteByte((byte)int.Parse(Version[1])); //Version 2
InitialPacket.WriteByte((byte)int.Parse(Version[2])); //Version 3
InitialPacket.WriteByte((byte)int.Parse(Version[3])); //Version 4
InitialPacket.WriteByte((byte)ClientPublicKey.Length);
InitialPacket.WriteBytes(ClientPublicKey);
InitialPacket.WriteByte((byte)NOnce.Length);
InitialPacket.WriteBytes(NOnce);
Args.Client.Send(InitialPacket.ToArray());
}
/// <summary>
/// 加密
/// </summary>
/// <param name="message"></param>
/// <returns></returns>
private async Task <byte[]> AliceSendsDataAsync(string message)
{
Console.WriteLine("Alice sends message:" + message);
byte[] rawData = Encoding.UTF8.GetBytes(message);
byte[] encryptedData = null;
//创建ECDiffieHellmanCng对象,并使用Alice的密钥对初始化它
using (ECDiffieHellmanCng aliceAlgorithm = new ECDiffieHellmanCng(_aliceKey))
using (CngKey bobPubKey = CngKey.Import(_bobPubKeyBlob, CngKeyBlobFormat.EccPublicBlob))
{
//使用Alice的密钥对和Bob的公钥创建一个对称密钥,返回的对称密钥使用对称算法AES加密数据
byte[] symmKey = aliceAlgorithm.DeriveKeyMaterial(bobPubKey);
Console.WriteLine("Alice creates thsi symmetric key with Bobs public key Information:" + Convert.ToBase64String(symmKey));
//
using (AesCryptoServiceProvider aes = new AesCryptoServiceProvider())
{
aes.Key = symmKey;
aes.GenerateIV();
using (ICryptoTransform encryptor = aes.CreateEncryptor())
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
{
await ms.WriteAsync(aes.IV, 0, aes.IV.Length);
cs.Write(rawData, 0, rawData.Length);
}
encryptedData = ms.ToArray();
}
//在访问内存流中的加密数据之前,必须关闭加密流,否则加密数据就会丢失最后的位
aes.Clear();
}
}
Console.WriteLine("Alice:message is encrypted:" + Convert.ToBase64String(encryptedData));
Console.WriteLine();
return(encryptedData);
}
public static EncryptionResult Encrypt(byte[] userKey, byte[] userSecret, byte[] payload
//, ushort padding = 0, bool randomisePadding = false // not implemented yet
)
{
var salt = GenerateSalt(16);
byte[] serverPublicKey = null;
byte[] key = null;
var cgnKey = ImportCngKeyFromPublicKey(userKey);
using (ECDiffieHellmanCng alice = new ECDiffieHellmanCng(256))
{
alice.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hmac;
alice.HashAlgorithm = CngAlgorithm.Sha256;
alice.HmacKey = userSecret;
serverPublicKey = ImportPublicKeyFromCngKey(alice.PublicKey.ToByteArray());
key = alice.DeriveKeyMaterial(cgnKey);
}
var prk = HKDFSecondStep(key, Encoding.UTF8.GetBytes("Content-Encoding: auth\0"), 32);
byte[] cek = HKDF(salt, prk, CreateInfoChunk("aesgcm", userKey, serverPublicKey), 16);
byte[] nonce = HKDF(salt, prk, CreateInfoChunk("nonce", userKey, serverPublicKey), 12);
var input = AddPaddingToInput(payload);
var encryptedMessage = EncryptAes(nonce, cek, input);
return(new EncryptionResult
{
Salt = salt,
Payload = encryptedMessage,
PublicKey = serverPublicKey
});
}
public ECDiffieHellman(int keySize, KeyAgreementKeyDerivationFunction kdFunc, KeyAgreementKeyDerivationHashAlgorithm hashAlgo)
: base(kdFunc, hashAlgo)
{
_ecdh = new ECDiffieHellmanCng(keySize);
_ecdh.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
switch (hashAlgo)
{
case KeyAgreementKeyDerivationHashAlgorithm.SHA256:
_ecdh.HashAlgorithm = CngAlgorithm.Sha256;
break;
case KeyAgreementKeyDerivationHashAlgorithm.SHA384:
_ecdh.HashAlgorithm = CngAlgorithm.Sha384;
break;
case KeyAgreementKeyDerivationHashAlgorithm.SHA512:
_ecdh.HashAlgorithm = CngAlgorithm.Sha512;
break;
default:
throw new CryptoException("Key derivation hash algorithm not supported.");
}
}
public void TestJWTHandling()
{
var newKey = CngKey.Create(CngAlgorithm.ECDiffieHellmanP384, null, new CngKeyCreationParameters()
{
ExportPolicy = CngExportPolicies.AllowPlaintextExport, KeyUsage = CngKeyUsages.AllUsages
});
var t = CryptoUtils.ImportECDsaCngKeyFromCngKey(newKey.Export(CngKeyBlobFormat.EccPrivateBlob));
var tk = CngKey.Import(t, CngKeyBlobFormat.EccPrivateBlob);
Assert.AreEqual(CngAlgorithmGroup.ECDsa, tk.AlgorithmGroup);
ECDiffieHellmanCng ecKey = new ECDiffieHellmanCng(newKey);
ecKey.HashAlgorithm = CngAlgorithm.Sha256;
ecKey.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
var b64key = Convert.ToBase64String(ecKey.PublicKey.GetDerEncoded());
string test = $@"
{{
""exp"": 1464983845,
""extraData"": {{
""displayName"": ""gurunx"",
""identity"": ""af6f7c5e -fcea-3e43-bf3a-e005e400e578""
}},
""identityPublicKey"": ""{b64key}""
""nbf"": 1464983844
}}";
string val = JWT.Encode(test, tk, JwsAlgorithm.ES384, new Dictionary <string, object> {
{ "x5u", b64key }
});
Assert.AreEqual(b64key, JWT.Headers(val)["x5u"]);
//Assert.AreEqual("", string.Join(";", JWT.Headers(val)));
Assert.AreEqual(test, JWT.Payload(val));
}
static void KeysExchenge()
{
byte[] inputBuffer = new byte[1024];
Stream inputStream = Console.OpenStandardInput(inputBuffer.Length);
Console.SetIn(new StreamReader(inputStream, Console.InputEncoding, false, inputBuffer.Length));
byte[] OurPublicKey;
byte[] TheirPublicKey;
using (var ec = new ECDiffieHellmanCng())
{
ec.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
ec.HashAlgorithm = CngAlgorithm.Sha256;
OurPublicKey = ec.PublicKey.ToByteArray();
Console.WriteLine("Our public key: {0}", BitConverter.ToString(OurPublicKey).Replace("-", "").ToLowerInvariant());
Console.Write("Input their public key:");
string str = Console.ReadLine();
TheirPublicKey = StringToByteArray(str);
byte[] sendKey = ec.DeriveKeyMaterial(CngKey.Import(TheirPublicKey, CngKeyBlobFormat.EccPublicBlob));
Console.WriteLine("Our secret key: {0}", BitConverter.ToString(OurPublicKey).Replace("-", "").ToLowerInvariant());
}
}
/// <summary>
/// 解密
/// </summary>
/// <param name="encrytpedData"></param>
/// <returns></returns>
private async Task BobReceivesDataAsync(byte[] encrytpedData)
{
Console.WriteLine("Bob receives encrypted data");
byte[] rawData = null;
//读取未加密的初始化矢量
AesCryptoServiceProvider aes = new AesCryptoServiceProvider();
//BlockSize属性返回块的位数,除以8就可以计算出字节数。
int nBytes = aes.BlockSize / 8;
byte[] iv = new byte[nBytes];
for (int i = 0; i < iv.Length; i++)
{
iv[i] = encrytpedData[i];
}
//实例化一个ECDiffieHellmanCng对象,使用Alice的公钥,从DeriveKeyMaterial()方法中返回对称密钥
using (ECDiffieHellmanCng bobAlgorithm = new ECDiffieHellmanCng(_bobKey))
using (CngKey alicePubKey = CngKey.Import(_alicePubKeyBlob, CngKeyBlobFormat.EccPublicBlob))
{
byte[] symmKey = bobAlgorithm.DeriveKeyMaterial(alicePubKey);
Console.WriteLine("Bob creates this symmetric key with Alices public key information:" + Convert.ToBase64String(symmKey));
aes.Key = symmKey;
aes.IV = iv;
using (ICryptoTransform decryptor = aes.CreateDecryptor())
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Write))
{
await cs.WriteAsync(encrytpedData, nBytes, encrytpedData.Length - nBytes);
}
rawData = ms.ToArray();
Console.WriteLine("Bob decrypts mesage to:" + Encoding.UTF8.GetString(rawData));
}
aes.Clear();
}
}
private void BeginEncrypting(ref sClient sC)
{
byte[] sSymKey;
CngKey sCngKey = CngKey.Create(CngAlgorithm.ECDiffieHellmanP521);
byte[] sPublic = sCngKey.Export(CngKeyBlobFormat.EccPublicBlob);
BlockingSend(sC, Headers.HEADER_HANDSHAKE, sPublic);
object[] oRecv = BlockingReceive(sC);
if (!oRecv[0].Equals(Headers.HEADER_HANDSHAKE))
{
sC.cSocket.Disconnect(true);
}
byte[] cBuf = oRecv[1] as byte[];
using (var sAlgo = new ECDiffieHellmanCng(sCngKey))
using (CngKey cPubKey = CngKey.Import(cBuf, CngKeyBlobFormat.EccPublicBlob))
sSymKey = sAlgo.DeriveKeyMaterial(cPubKey);
sC.eCls = new Encryption(sSymKey, HASH_STRENGTH.MINIMAL);
}
public async Task BobReceivesDataAsync(byte[] encryptedData)
{
Console.WriteLine("Bob receives encrypted data");
byte[] rawData = null;
var aes = new AesCryptoServiceProvider();
int nBytes = aes.BlockSize;
byte[] iv = new byte[nBytes];
for (int i = 0; i < iv.Length; i++)
{
iv[i] = encryptedData[i];
}
using (var bobAlgorithm = new ECDiffieHellmanCng(bobKey))
{
using (CngKey alicePubKey = CngKey.Import(_alicePubKeyBlob, CngKeyBlobFormat.EccFullPublicBlob))
{
byte[] symmKey = bobAlgorithm.DeriveKeyMaterial(alicePubKey);
Console.WriteLine(Convert.ToBase64String(symmKey));
aes.Key = symmKey;
aes.IV = iv;
using (ICryptoTransform decryptor = aes.CreateDecryptor())
{
using (MemoryStream ms = new MemoryStream())
{
using (var cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Write))
{
await cs.WriteAsync(encryptedData, nBytes, encryptedData.Length - nBytes);
}
rawData = ms.ToArray();
Console.WriteLine(Encoding.UTF8.GetString(rawData));
}
aes.Clear();
}
}
}
}
public static ByteString DecryptString(Hash em, ECKeyPair keyPair)
{
ECParameters parameters = new ECParameters();
byte[] ems = em;
parameters.Q.X = ems.Skip(1).Take(32).ToArray();
parameters.Q.Y = ems.Skip(33).Take(32).ToArray();
parameters.D = keyPair.D;
parameters.Curve = keyPair.ECParameters.Curve;
parameters.Validate();
using (var ecDiffieHellmanCng = new ECDiffieHellmanCng())
{
ecDiffieHellmanCng.ImportParameters(parameters);
var ek = ecDiffieHellmanCng.DeriveKeyFromHash(ecDiffieHellmanCng.PublicKey, HashAlgorithmName.SHA256, null, new byte[] { 0, 0, 0, 1 });
using (RijndaelManaged aes = new RijndaelManaged())
{
aes.Padding = PaddingMode.PKCS7;
var d = aes.CreateDecryptor(ek, new byte[16]);
var bs = d.TransformFinalBlock(ems.Skip(65).Take(ems.Length - 65 - 32).ToArray(), 0,
ems.Length - 65 - 32);
return(bs);
}
}
}
public ICertificatePal CopyWithPrivateKey(ECDiffieHellman ecdh)
{
ECDiffieHellmanCng?ecdhCng = ecdh as ECDiffieHellmanCng;
if (ecdhCng != null)
{
ICertificatePal?clone = CopyWithPersistedCngKey(ecdhCng.Key);
if (clone != null)
{
return(clone);
}
}
ECParameters privateParameters = ecdh.ExportParameters(true);
using (PinAndClear.Track(privateParameters.D !))
using (ECDiffieHellmanCng clonedKey = new ECDiffieHellmanCng())
{
clonedKey.ImportParameters(privateParameters);
return(CopyWithEphemeralKey(clonedKey.Key));
}
}
//First packet sent from client to server.
public static void SendInitialConnectPacket(NetworkClient Client, string Username)
{
PacketStream InitialPacket = new PacketStream(0x01, 0);
InitialPacket.WriteHeader();
ECDiffieHellmanCng PrivateKey = Client.ClientEncryptor.GetDecryptionArgsContainer().AESDecryptArgs.PrivateKey;
//IMPORTANT: Public key must derive from the private key!
PacketHandlers.ClientPublicKey = PrivateKey.PublicKey.ToByteArray();
byte[] NOnce = Client.ClientEncryptor.GetDecryptionArgsContainer().AESDecryptArgs.NOnce;
InitialPacket.WriteUInt16((ushort)((byte)PacketHeaders.UNENCRYPTED +
(PacketHandlers.ClientPublicKey.Length + 1) + (NOnce.Length + 1)));
InitialPacket.WriteByte((byte)PacketHandlers.ClientPublicKey.Length);
InitialPacket.WriteBytes(PacketHandlers.ClientPublicKey);
InitialPacket.WriteByte((byte)NOnce.Length);
InitialPacket.WriteBytes(NOnce);
Client.Send(InitialPacket.ToArray());
}
public static byte[] EncodeSkinJwt(CngKey newKey)
{
byte[] t = ImportECDsaCngKeyFromCngKey(newKey.Export(CngKeyBlobFormat.EccPrivateBlob));
CngKey tk = CngKey.Import(t, CngKeyBlobFormat.EccPrivateBlob);
ECDiffieHellmanCng ecKey = new ECDiffieHellmanCng(newKey);
ecKey.HashAlgorithm = CngAlgorithm.Sha256;
ecKey.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
var b64Key = Base64Url.Encode(ecKey.PublicKey.GetDerEncoded());
Skin skin = new Skin
{
Slim = false, Texture = Encoding.Default.GetBytes(new string('Z', 8192)),
SkinType = "Standard_Custom"
};
string skin64 = Convert.ToBase64String(skin.Texture);
string skinData = $@"
{{
""AdRole"": 2,
""ClientRandomId"": {new Random().Next()},
""ServerAddress"": ""pe.mineplex.com:19132"",
""SkinData"": ""{skin64}"",
""SkinId"": ""{skin.SkinType}"",
""TenantId"": """"
}}";
string val = JWT.Encode(skinData, tk, JwsAlgorithm.ES384, new Dictionary <string, object> {
{ "x5u", b64Key }
});
return(Encoding.UTF8.GetBytes(val));
}
public static byte[] DeriveKey(CngKey externalPubKey, CngKey privateKey, int keyBitLength, byte[] algorithmId, byte[] partyVInfo, byte[] partyUInfo, byte[] suppPubInfo)
{
using (var cng = new ECDiffieHellmanCng(privateKey))
{
using (SafeNCryptSecretHandle hSecretAgreement = cng.DeriveSecretAgreementHandle(externalPubKey))
{
using (var algIdBuffer = new NCrypt.NCryptBuffer(NCrypt.KDF_ALGORITHMID, algorithmId))
using (var pviBuffer = new NCrypt.NCryptBuffer(NCrypt.KDF_PARTYVINFO, partyVInfo))
using (var pvuBuffer = new NCrypt.NCryptBuffer(NCrypt.KDF_PARTYUINFO, partyUInfo))
using (var spiBuffer = new NCrypt.NCryptBuffer(NCrypt.KDF_SUPPPUBINFO, suppPubInfo))
{
using (var parameters = new NCrypt.NCryptBufferDesc(algIdBuffer, pviBuffer, pvuBuffer, spiBuffer))
{
uint derivedSecretByteSize;
uint status = NCrypt.NCryptDeriveKey(hSecretAgreement, "SP800_56A_CONCAT", parameters, null, 0, out derivedSecretByteSize, 0);
if (status != BCrypt.ERROR_SUCCESS)
{
throw new CryptographicException(string.Format("NCrypt.NCryptDeriveKey() failed with status code:{0}", status));
}
var secretKey = new byte[derivedSecretByteSize];
status = NCrypt.NCryptDeriveKey(hSecretAgreement, "SP800_56A_CONCAT", parameters, secretKey, derivedSecretByteSize, out derivedSecretByteSize, 0);
if (status != BCrypt.ERROR_SUCCESS)
{
throw new CryptographicException(string.Format("NCrypt.NCryptDeriveKey() failed with status code:{0}", status));
}
return(Arrays.LeftmostBits(secretKey, keyBitLength));
}
}
}
}
}
