/// <summary> /// Дешифровка марканта с помошью ключа согласования /// </summary> /// <param name="markant">Маркант для дешифровки</param> /// <param name="providerInitData">Информация для инициализации контейнера криптопровайдера c закрытым ключом получателя</param> /// <returns>Дешифрованный сессионный ключ</returns> public static Gost28147 DecryptMarkantWithKeyAgree(Markant markant, ProviderInitData providerInitData) { //Готовим параметры контейнера CspParameters decrypt_cspParameters = new CspParameters { ProviderType = (int)providerInitData.ProviderType, Flags = CspProviderFlags.NoPrompt, KeyPassword = providerInitData.ProviderPassword, KeyContainerName = providerInitData.ProviderContainerName }; //Открываем контейнер Gost3410_2012_256CryptoServiceProvider decrypt_gost3410 = new Gost3410_2012_256CryptoServiceProvider(decrypt_cspParameters); // Читаем открытый ключ Gost3410Parameters decrypt_gost3410PublicKeyParameters = (Gost3410Parameters)Helper.ByteArrayToObject(markant.PublicKey); // Создаем agree ключ GostSharedSecretAlgorithm agree = decrypt_gost3410.CreateAgree(decrypt_gost3410PublicKeyParameters); // Расшифровываем симметричный ключ на agree Gost28147 decrypt_gost28147 = (Gost28147)agree.Unwrap(markant.SessionKey, GostKeyWrapMethod.CryptoProKeyWrap); decrypt_gost28147.IV = markant.IV; if (decrypt_gost28147 == null) { throw new Exception("Invalid decrypted session key"); } // Устанавливаем синхропосылку. decrypt_gost28147.IV = markant.IV; return(decrypt_gost28147); }
/// <summary> /// Восстановления по данным обмена симметричного ключа /// на основе <a href="http://www.ietf.org/rfc/rfc4490">ГОСТ Р 34.10 /// транспорта</a>. /// </summary> /// /// <param name="transport"> Зашифрованные данные обмена /// ключами.</param> /// /// <returns>Симметричный ключ.</returns> /// /// <argnull name="transport" /> public SymmetricAlgorithm DecryptKeyExchange(GostKeyTransport transport) { GostSharedSecretAlgorithm agree = gostKey_.CreateAgree( transport.TransportParameters); return(agree.Unwrap(transport.SessionEncryptedKey.GetXmlWrappedKey(), GostKeyWrapMethod.CryptoPro12KeyWrap)); }
// Шифрование тестового файла. static void EncryptTestFile( Gost3410_2012_512 publicKey, Gost3410_2012_512CryptoServiceProvider privateKey, string fileId = "2012_512") { // Создаем симметричный ключ. Gost28147 symmetric = Gost28147.Create(); // Открываем ключ отправителя. Gost3410Parameters srcPublicKeyParameters = privateKey.ExportParameters(false); // Создаем agree ключ GostSharedSecretAlgorithm agree = privateKey.CreateAgree( publicKey.ExportParameters(false)); // Зашифровываем симметричный ключ на agree ключе. byte[] WrappedKey = agree.Wrap(symmetric, GostKeyWrapMethod.CryptoPro12KeyWrap); // Создаем поток шифратора. ICryptoTransform transform = symmetric.CreateEncryptor(); // Создаем зашифрованный файл. using (FileStream ofs = new FileStream(string.Format(EncryptedFileName, fileId), FileMode.Create)) { BinaryWriter bw = new BinaryWriter(ofs); // Записываем зашифрованный симметричный ключ. bw.Write(WrappedKey.Length); bw.Write(WrappedKey); // Записываем синхропосылку bw.Write(symmetric.IV.Length); bw.Write(symmetric.IV); // Передаем открытый ключ. BinaryFormatter formatter = new BinaryFormatter(); formatter.Serialize(ofs, srcPublicKeyParameters); // Создаем поток шифрования для записи в файл. using (CryptoStream cs = new CryptoStream(ofs, transform, CryptoStreamMode.Write)) { byte[] data = new byte[4096]; // Открываем входной файл. using (FileStream ifs = new FileStream(string.Format(SourceFileName, fileId), FileMode.Open, FileAccess.Read)) { // и переписываем содержимое в выходной поток. int length = ifs.Read(data, 0, data.Length); while (length > 0) { cs.Write(data, 0, length); length = ifs.Read(data, 0, data.Length); } } } } }
// Расшифрование тестового файла. static void DecryptTestFile(Gost3410_2012_512CryptoServiceProvider privateKey, string fileId = "2012_512") { // Открываем зашифрованный файл. using (FileStream ifs = new FileStream(string.Format(EncryptedFileName, fileId), FileMode.Open, FileAccess.Read)) { // Читаем зашифрованный симметричный ключ. BinaryReader br = new BinaryReader(ifs); byte[] cek; int cekLength = br.ReadInt32(); cek = br.ReadBytes(cekLength); // Читаем синхропосылку byte[] iv; int ivLength = br.ReadInt32(); iv = br.ReadBytes(ivLength); // Читаем открытый ключ. BinaryFormatter formatter = new BinaryFormatter(); Gost3410Parameters srcPublicKeyParameters = (Gost3410Parameters)formatter.Deserialize(ifs); // Создаем agree ключ GostSharedSecretAlgorithm agree = privateKey.CreateAgree( srcPublicKeyParameters); // Расшифровываем симметричный ключ на agree SymmetricAlgorithm symmetric = agree.Unwrap(cek, GostKeyWrapMethod.CryptoPro12KeyWrap); symmetric.IV = iv; // Создаем поток разшифрования. ICryptoTransform transform = symmetric.CreateDecryptor(); // Создаем поток разшифрования из файла. using (CryptoStream cs = new CryptoStream(ifs, transform, CryptoStreamMode.Read)) { // Открываем расшифрованный файл using (FileStream ofs = new FileStream(string.Format(DecryptedFileName, fileId), FileMode.Create)) { byte[] data = new byte[4096]; // и переписываем содержимое в выходной поток. int length = cs.Read(data, 0, data.Length); while (length > 0) { ofs.Write(data, 0, length); length = cs.Read(data, 0, data.Length); } } } } }
private static void EncriptFile(X509Certificate2 sert, string sourceFile, string encFile) { var publicKey = (Gost3410_2012_256CryptoServiceProvider)sert.PublicKey.Key; var asymmetricAlg = publicKey as Gost3410_2012_256; if (asymmetricAlg == null) { throw new CryptographicException("Not a gost certificate"); } var symmetricKey = Gost28147.Create(); Gost3410_2012_256 senderRndKey = Gost3410_2012_256.Create(); Gost3410Parameters senderRndKeyParameters = senderRndKey.ExportParameters(false); GostSharedSecretAlgorithm agreeKey = senderRndKey.CreateAgree(asymmetricAlg.ExportParameters(false)); var encodedSymmetricKey = agreeKey.Wrap(symmetricKey, GostKeyWrapMethod.CryptoProKeyWrap); ICryptoTransform transform = symmetricKey.CreateEncryptor(); using (FileStream writer = new FileStream(encFile, FileMode.Create)) { BinaryWriter binaryWriter = new BinaryWriter(writer); binaryWriter.Write(encodedSymmetricKey.Length); binaryWriter.Write(encodedSymmetricKey); binaryWriter.Write(symmetricKey.IV.Length); binaryWriter.Write(symmetricKey.IV); BinaryFormatter binaryFormatter = new BinaryFormatter(); binaryFormatter.Serialize(writer, senderRndKeyParameters); using (CryptoStream cryptoStream = new CryptoStream(writer, transform, CryptoStreamMode.Write)) { var buffer = new byte[100]; using (FileStream reader = new FileStream(sourceFile, FileMode.Open, FileAccess.Read)) { var length = reader.Read(buffer, 0, buffer.Length); while (length > 0) { cryptoStream.Write(buffer, 0, buffer.Length); length = reader.Read(buffer, 0, buffer.Length); } } } } }
private static void DecriptFile(string sertPublisherName, string encDataFile, string decDataFile) { var sert = GetSert(sertPublisherName)[0]; var provider = (Gost3410_2012_256CryptoServiceProvider)sert.PrivateKey; using (FileStream reader = new FileStream(encDataFile, FileMode.Open, FileAccess.Read)) { BinaryReader binaryReader = new BinaryReader(reader); byte[] simKeyByData; var symKeyLen = binaryReader.ReadInt32(); simKeyByData = binaryReader.ReadBytes(symKeyLen); byte[] ivByData; var ivLen = binaryReader.ReadInt32(); ivByData = binaryReader.ReadBytes(ivLen); BinaryFormatter binaryFormatter = new BinaryFormatter(); var senderRndKeyParameters = (Gost3410Parameters)binaryFormatter.Deserialize(reader); GostSharedSecretAlgorithm agreeKey = provider.CreateAgree(senderRndKeyParameters); var sessionKey = agreeKey.Unwrap(simKeyByData, GostKeyWrapMethod.CryptoProKeyWrap); ICryptoTransform transform = sessionKey.CreateDecryptor(); using (CryptoStream cryptoStream = new CryptoStream(reader, transform, CryptoStreamMode.Read)) { var buffer = new byte[100]; using (FileStream writer = new FileStream(decDataFile, FileMode.Create)) { var length = cryptoStream.Read(buffer, 0, buffer.Length); while (length > 0) { writer.Write(buffer, 0, buffer.Length); length = reader.Read(buffer, 0, buffer.Length); } } } } }
/// <summary> /// Формирование данных обмена, на основе симметричного /// ключа шифрования сообщения ГОСТ 28147. /// </summary> /// /// <param name="alg">Симметричный ключ ГОСТ 28147.</param> /// <param name="wrapMethod">Алгоритм экпорта</param> /// <returns>Зашифрованные данные для отправки стороне /// получателю.</returns> /// /// <argnull name="alg" /> public GostKeyTransport CreateKeyExchange(SymmetricAlgorithm alg, GostKeyWrapMethod wrapMethod) { if (alg == null) { throw new ArgumentNullException("alg"); } if (wrapMethod != GostKeyWrapMethod.CryptoProKeyWrap && wrapMethod != GostKeyWrapMethod.CryptoPro12KeyWrap) { throw new CryptographicException( string.Format(Properties.Resources.Cryptography_UnsupportedWrapMethod, wrapMethod)); } // Получаем параметры получателя. Gost3410Parameters senderParameters = gostKey_.ExportParameters( false); GostKeyTransportObject transport = new GostKeyTransportObject(); // Создаем эфимерный ключ с параметрами получателя. using (Gost3410_2012_512EphemeralCryptoServiceProvider sender = new Gost3410_2012_512EphemeralCryptoServiceProvider( senderParameters)) { // Создаем распределенный секрет. byte[] wrapped_data; using (GostSharedSecretAlgorithm agree = sender.CreateAgree( senderParameters)) { // Зашифровываем симметричный ключ. wrapped_data = agree.Wrap(alg, wrapMethod); } GostWrappedKeyObject wrapped = new GostWrappedKeyObject(); wrapped.SetByXmlWrappedKey(wrapped_data); transport.sessionEncryptedKey_ = wrapped; transport.transportParameters_ = new Gost3410CspObject(); transport.transportParameters_.Parameters = sender.ExportParameters(false); } return(transport.Transport); }
/// <summary> /// Создает маркант с помошью ключа согласования /// </summary> /// <param name="gost28147">Сессионный ключ</param> /// <param name="certFileName">Путь к файлу сертификата получателя</param> /// <param name="providerInitData">Информация для инициализации контейнера криптопровайдера c закрытым ключом отправителя</param> /// <returns>Сгенерированный маркант</returns> public static Markant CreateMarkantWithKeyAgree(Gost28147 gost28147, string certFileName, ProviderInitData providerInitData) { // Разбираем сертификат получателя X509Certificate2 cert = new X509Certificate2(certFileName); if (!(cert.PublicKey.Key is Gost3410_2012_256 gost3410)) { throw new CryptographicException("Not a GOST certificate"); } //Готовим параметры контейнера CspParameters cspParameters = new CspParameters { ProviderType = (int)providerInitData.ProviderType, Flags = CspProviderFlags.NoPrompt, KeyPassword = providerInitData.ProviderPassword, KeyContainerName = providerInitData.ProviderContainerName }; //Открываем контейнер Gost3410_2012_256CryptoServiceProvider encrypt_gost3410 = new Gost3410_2012_256CryptoServiceProvider(cspParameters); Gost3410Parameters encrypt_gost3410PublicKeyParameters = encrypt_gost3410.ExportParameters(false); // Создаем agree ключ GostSharedSecretAlgorithm agree = encrypt_gost3410.CreateAgree(gost3410.ExportParameters(false)); // Зашифровываем симметричный ключ на agree ключе. byte[] wrappedKey = agree.Wrap(gost28147, GostKeyWrapMethod.CryptoProKeyWrap); //Формируем маркант Markant m = new Markant { Version = 2, SessionKey = wrappedKey, IV = gost28147.IV, PublicKey = Helper.ObjectToByteArray(encrypt_gost3410PublicKeyParameters) }; return(m); }
private void button4_Click(object sender, EventArgs e) { if (checkBox2.Checked && !checkBox1.Checked) { string plain_text = richTextBox1.Text; byte[] plain_text_bytes = Encoding.ASCII.GetBytes(plain_text); Gost3411CryptoServiceProvider hash = new Gost3411CryptoServiceProvider(); byte[] signature = csp.SignData(plain_text_bytes, hash); BERelement main_seq = new BERelement(0x30); BERelement sign_seq = new BERelement(0x30); sign_seq.AddItem(new BERelement(0x0C, cert_name)); sign_seq.AddItem(new BERelement(0x04, signature)); sign_seq.AddItem(new BERelement(0x04, plain_text_bytes)); main_seq.AddItem(sign_seq); byte[] test = main_seq.GetEncodedPacket().ToArray(); File.WriteAllBytes("signature", test); try { Int32 port = 9595; TcpClient client = new TcpClient("127.0.0.1", port); NetworkStream stream = client.GetStream(); stream.Write(mode, 1, 1); stream.Write(test, 0, test.Length); stream.Close(); client.Close(); } catch (ArgumentNullException exception) { MessageBox.Show("ArgumentNullException: " + exception); } catch (SocketException exception) { MessageBox.Show("SocketException: " + exception); } } else if (checkBox1.Checked && !checkBox2.Checked) { Gost28147 gost = Gost28147.Create(); Gost3410Parameters public_key = csp.ExportParameters(false); GostSharedSecretAlgorithm agree_key = csp.CreateAgree(sign.ExportParameters(false)); byte[] wrapped_key = agree_key.Wrap(gost, GostKeyWrapMethod.CryptoProKeyWrap); BinaryFormatter bf = new BinaryFormatter(); MemoryStream ms = new MemoryStream(); bf.Serialize(ms, public_key); byte[] public_key_bytes = ms.ToArray(); ms.Close(); MemoryStream memory_stream = new MemoryStream(); CryptoStream cs = new CryptoStream(memory_stream, gost.CreateEncryptor(), CryptoStreamMode.Write); string plain_text = richTextBox1.Text; byte[] plain_text_bytes = Encoding.ASCII.GetBytes(plain_text); cs.Write(plain_text_bytes, 0, plain_text_bytes.Length); cs.FlushFinalBlock(); byte[] cipher_text_bytes = memory_stream.ToArray(); memory_stream.Close(); cs.Close(); BERelement main_seq = new BERelement(0x30); BERelement sign_seq = new BERelement(0x30); sign_seq.AddItem(new BERelement(0x0C, cert_name)); sign_seq.AddItem(new BERelement(0x04, wrapped_key)); sign_seq.AddItem(new BERelement(0x04, gost.IV)); sign_seq.AddItem(new BERelement(0x04, public_key_bytes)); sign_seq.AddItem(new BERelement(0x04, cipher_text_bytes)); main_seq.AddItem(sign_seq); byte[] test = main_seq.GetEncodedPacket().ToArray(); File.WriteAllBytes("encryption", test); try { Int32 port = 9595; TcpClient client = new TcpClient("127.0.0.1", port); NetworkStream stream = client.GetStream(); stream.Write(mode, 0, 1); stream.Write(test, 0, test.Length); stream.Close(); client.Close(); } catch (ArgumentNullException exception) { MessageBox.Show("ArgumentNullException: " + exception); } catch (SocketException exception) { MessageBox.Show("SocketException: " + exception); } } else if (checkBox2.Checked && checkBox1.Checked) { MessageBox.Show("suka!"); string plain_text = richTextBox1.Text; byte[] plain_text_bytes = Encoding.ASCII.GetBytes(plain_text); Gost3411CryptoServiceProvider hash = new Gost3411CryptoServiceProvider(); byte[] signature = csp.SignData(plain_text_bytes, hash); BERelement main_seq = new BERelement(0x30); BERelement sign_seq = new BERelement(0x30); sign_seq.AddItem(new BERelement(0x0C, cert_name)); sign_seq.AddItem(new BERelement(0x04, signature)); sign_seq.AddItem(new BERelement(0x04, plain_text_bytes)); main_seq.AddItem(sign_seq); byte[] test = main_seq.GetEncodedPacket().ToArray(); File.WriteAllBytes("signature_and_encryption", test); Gost28147 gost = Gost28147.Create(); Gost3410Parameters public_key = csp.ExportParameters(false); GostSharedSecretAlgorithm agree_key = csp.CreateAgree(sign.ExportParameters(false)); byte[] wrapped_key = agree_key.Wrap(gost, GostKeyWrapMethod.CryptoProKeyWrap); BinaryFormatter bf = new BinaryFormatter(); MemoryStream ms = new MemoryStream(); bf.Serialize(ms, public_key); byte[] public_key_bytes = ms.ToArray(); ms.Close(); MemoryStream memory_stream = new MemoryStream(); CryptoStream cs = new CryptoStream(memory_stream, gost.CreateEncryptor(), CryptoStreamMode.Write); //string plain_text = richTextBox1.Text; //byte[] plain_text_bytes = Encoding.ASCII.GetBytes(plain_text); byte[] plain_text_bytes2 = test; cs.Write(plain_text_bytes2, 0, plain_text_bytes2.Length); cs.FlushFinalBlock(); byte[] cipher_text_bytes2 = memory_stream.ToArray(); memory_stream.Close(); cs.Close(); BERelement main_seq2 = new BERelement(0x30); BERelement sign_seq2 = new BERelement(0x30); sign_seq2.AddItem(new BERelement(0x0C, cert_name)); sign_seq2.AddItem(new BERelement(0x04, wrapped_key)); sign_seq2.AddItem(new BERelement(0x04, gost.IV)); sign_seq2.AddItem(new BERelement(0x04, public_key_bytes)); sign_seq2.AddItem(new BERelement(0x04, cipher_text_bytes2)); main_seq2.AddItem(sign_seq2); byte[] test2 = main_seq2.GetEncodedPacket().ToArray(); try { Int32 port = 9595; TcpClient client = new TcpClient("127.0.0.1", port); NetworkStream stream = client.GetStream(); stream.Write(mode, 2, 1); stream.Write(test2, 0, test2.Length); stream.Close(); client.Close(); } catch (ArgumentNullException exception) { MessageBox.Show("ArgumentNullException: " + exception); } catch (SocketException exception) { MessageBox.Show("SocketException: " + exception); } } }
private void button1_Click(object sender, EventArgs e) { Gost28147 gost = Gost28147.Create(); Gost3410Parameters public_key = csp.ExportParameters(false); GostSharedSecretAlgorithm agree_key = csp.CreateAgree(sign.ExportParameters(false)); byte[] wrapped_key = agree_key.Wrap(gost, GostKeyWrapMethod.CryptoProKeyWrap); BinaryFormatter bf = new BinaryFormatter(); MemoryStream ms = new MemoryStream(); bf.Serialize(ms, public_key); byte[] public_key_bytes = ms.ToArray(); ms.Close(); MemoryStream memory_stream = new MemoryStream(); CryptoStream cs = new CryptoStream(memory_stream, gost.CreateEncryptor(), CryptoStreamMode.Write); string plain_text = richTextBox1.Text; byte[] plain_text_bytes = Encoding.ASCII.GetBytes(plain_text); cs.Write(plain_text_bytes, 0, plain_text_bytes.Length); cs.FlushFinalBlock(); byte[] cipher_text_bytes = memory_stream.ToArray(); memory_stream.Close(); cs.Close(); BERelement main_seq = new BERelement(0x30); BERelement sign_seq = new BERelement(0x30); sign_seq.AddItem(new BERelement(0x02, wrapped_key)); sign_seq.AddItem(new BERelement(0x02, gost.IV)); sign_seq.AddItem(new BERelement(0x02, public_key_bytes)); sign_seq.AddItem(new BERelement(0x02, cipher_text_bytes)); main_seq.AddItem(sign_seq); byte[] test = main_seq.GetEncodedPacket().ToArray(); //File.WriteAllBytes("asn1", test); /* * sign_seq.AddItem(new BERelement(0x02, signature)); * sign_seq.AddItem(new BERelement(0x02, plain_text_bytes)); * * main_seq.AddItem(sign_seq); * byte[] test = main_seq.GetEncodedPacket().ToArray(); */ //send data try { Int32 port = 9595; TcpClient client = new TcpClient("127.0.0.1", port); NetworkStream stream = client.GetStream(); stream.Write(mode, 0, 1); stream.Write(test, 0, test.Length); //stream.Write(wrapped_key, 0, wrapped_key.Length); //stream.Write(gost.IV, 0, gost.IV.Length); //stream.Write(public_key_bytes, 0, public_key_bytes.Length); //stream.Write(cipher_text_bytes, 0, cipher_text_bytes.Length); stream.Close(); client.Close(); } catch (ArgumentNullException exception) { MessageBox.Show("ArgumentNullException: " + exception); } catch (SocketException exception) { MessageBox.Show("SocketException: " + exception); } }
private void check_response() { TcpClient client = null; try { TcpListener listener = new TcpListener(IPAddress.Parse("127.0.0.1"), 9595); listener.Start(); Byte[] bytes = new Byte[256]; String data = null; while (true) { client = listener.AcceptTcpClient(); NetworkStream ns = client.GetStream(); Byte[] mode_bytes = new Byte[1]; int mode = ns.Read(mode_bytes, 0, mode_bytes.Length); if (mode_bytes[0] == 0x01) { richTextBox1.Text += "Received encrypted msg. Try to decrypt: \n"; int bytes_read = ns.Read(buffer, 0, buffer.Length); byte[] message = new byte[bytes_read]; Array.Copy(buffer, message, bytes_read); BERelement mSeq = BERelement.DecodePacket(message); BERelement sSeq = null; sSeq = mSeq.Items[0]; var cert_name = sSeq.Items[0].Value; var wrapped_key2 = sSeq.Items[1].Value; var iv2 = sSeq.Items[2].Value; var public_key_bytes = sSeq.Items[3].Value; var cipher_text_bytes = sSeq.Items[4].Value; MemoryStream ms = new MemoryStream(public_key_bytes); BinaryFormatter bf = new BinaryFormatter(); Gost3410Parameters key_params = (Gost3410Parameters)bf.Deserialize(ms); GostSharedSecretAlgorithm agree_key = csp.CreateAgree(key_params); SymmetricAlgorithm gost = agree_key.Unwrap(wrapped_key2, GostKeyWrapMethod.CryptoProKeyWrap); gost.IV = iv2; MemoryStream memoryStream = new MemoryStream(); CryptoStream cryptoStream = new CryptoStream(memoryStream, gost.CreateDecryptor(), CryptoStreamMode.Write); int bytesRead = cipher_text_bytes.Length; cryptoStream.Write(cipher_text_bytes, 0, bytesRead); cryptoStream.FlushFinalBlock(); byte[] plain_text_bytes = memoryStream.ToArray(); richTextBox1.Text += Encoding.ASCII.GetString(plain_text_bytes, 0, plain_text_bytes.Length) + "\n"; } if (mode_bytes[0] == 0x02) { richTextBox1.Text += "Received sign. Try to check it: \n"; Gost3411CryptoServiceProvider hash = new Gost3411CryptoServiceProvider(); int bytes_read = ns.Read(buffer, 0, buffer.Length); byte[] message = new byte[bytes_read]; Array.Copy(buffer, message, bytes_read); BERelement mSeq = BERelement.DecodePacket(message); BERelement sSeq = null; sSeq = mSeq.Items[0]; var cert_name = sSeq.Items[0].Value; var signed2 = sSeq.Items[1].Value; var msg = sSeq.Items[2].Value; int len = signed2.Length; bool test = csp.VerifyData(msg, hash, signed2); if (test) { richTextBox1.Text += "Подпись корректна.\r\n"; } else { richTextBox1.Text += "Подпись некорректна.\r\n"; } /* * bool test = csp.VerifyData(message, hash, signed); * if (test) richTextBox1.Text += "Подпись корректна.\r\n"; * else richTextBox1.Text += "Подпись некорректна.\r\n"; * */ } if (mode_bytes[0] == 0x03) { richTextBox1.Text += "Received sign and encryption. Making magic: \n"; int bytes_read = ns.Read(buffer, 0, buffer.Length); byte[] message = new byte[bytes_read]; Array.Copy(buffer, message, bytes_read); BERelement mSeq = BERelement.DecodePacket(message); BERelement sSeq = null; sSeq = mSeq.Items[0]; var cert_name = sSeq.Items[0].Value; var wrapped_key2 = sSeq.Items[1].Value; var iv2 = sSeq.Items[2].Value; var public_key_bytes = sSeq.Items[3].Value; var cipher_text_bytes = sSeq.Items[4].Value; MemoryStream ms = new MemoryStream(public_key_bytes); BinaryFormatter bf = new BinaryFormatter(); Gost3410Parameters key_params = (Gost3410Parameters)bf.Deserialize(ms); GostSharedSecretAlgorithm agree_key = csp.CreateAgree(key_params); SymmetricAlgorithm gost = agree_key.Unwrap(wrapped_key2, GostKeyWrapMethod.CryptoProKeyWrap); gost.IV = iv2; MemoryStream memoryStream = new MemoryStream(); CryptoStream cryptoStream = new CryptoStream(memoryStream, gost.CreateDecryptor(), CryptoStreamMode.Write); int bytesRead = cipher_text_bytes.Length; cryptoStream.Write(cipher_text_bytes, 0, bytesRead); cryptoStream.FlushFinalBlock(); byte[] plain_text_bytes = memoryStream.ToArray(); //check signature Gost3411CryptoServiceProvider hash = new Gost3411CryptoServiceProvider(); //Array.Copy(buffer, message, bytes_read); BERelement mSeq2 = BERelement.DecodePacket(plain_text_bytes); BERelement sSeq2 = null; sSeq2 = mSeq2.Items[0]; var cert_name2 = sSeq2.Items[0].Value; var signed3 = sSeq2.Items[1].Value; var msg2 = sSeq2.Items[2].Value; int len2 = signed3.Length; bool test = csp.VerifyData(msg2, hash, signed3); richTextBox1.Text += "Полученное сообщение: " + Encoding.ASCII.GetString(msg2, 0, msg2.Length) + "\r\n"; if (test) { richTextBox1.Text += "Подпись корректна.\r\n"; } else { richTextBox1.Text += "Подпись некорректна.\r\n"; } } int i; while ((i = ns.Read(bytes, 0, bytes.Length)) != 0) { data = System.Text.Encoding.ASCII.GetString(bytes, 0, i); richTextBox1.Text = DateTime.Now.ToString() + "\n"; richTextBox1.Text += data; } client.Close(); } } catch (SocketException exception) { MessageBox.Show("SocketException: " + exception); } }