/// <summary>
/// Decrypt the bytes with Shared secret
/// </summary>
/// <param name="ebytes">Array of the bytes to decrypt</param>
/// <param name="bobAddress">Receiver Neblio Address</param>
/// <param name="secret">Neblio Private Key of the Sender in the form of BitcoinSecret</param>
/// <param name="sharedkey">Shared key from some previous call</param>
/// <returns></returns>
public static async Task <(bool, byte[])> DecryptBytesWithSharedSecret(byte[] ebytes, string bobAddress, BitcoinSecret secret, string sharedkey = "")
{
if (ebytes == null || ebytes.Length == 0)
{
throw new Exception("Input cannot be empty or null.");
}
if (string.IsNullOrEmpty(bobAddress))
{
throw new Exception("Partner Address cannot be empty or null.");
}
if (secret == null)
{
throw new Exception("Input secret cannot null.");
}
(bool, string)key = (false, "");
if (string.IsNullOrEmpty(sharedkey))
{
key = await GetSharedSecret(bobAddress, secret);
if (!key.Item1)
{
return(false, null);
}
}
else
{
key = (true, sharedkey);
}
try
{
var bytes = SymetricProvider.DecryptBytes(key.Item2, ebytes);
return(true, bytes);
}
catch (Exception ex)
{
Console.WriteLine("Cannot decrypt bytes. " + ex.Message);
return(false, null);
}
}
/// <summary>
///
/// </summary>
/// <param name="encrypted"></param>
/// <param name="privateKey"></param>
/// <returns></returns>
/// <exception cref="ArgumentNullException"></exception>
/// <exception cref="ArgumentException"></exception>
public static byte[] DecryptBytesWithPrivateKey(byte[] encrypted, Key privateKey)
{
if (encrypted is null)
{
throw new ArgumentNullException(nameof(encrypted));
}
if (encrypted.Length < 85)
{
throw new ArgumentException("Encrypted text is invalid, it should be length >= 85.");
}
var magic = encrypted.SafeSubarray(0, 4);
var ephemeralPubkeyBytes = encrypted.SafeSubarray(4, 33);
var cipherText = encrypted.SafeSubarray(37, encrypted.Length - 32 - 37);
var mac = encrypted.SafeSubarray(encrypted.Length - 32);
if (!Utils.ArrayEqual(magic, Encoders.ASCII.DecodeData("BIE1")))
{
throw new ArgumentException("Encrypted text is invalid, Invalid magic number.");
}
var ephemeralPubkey = new PubKey(ephemeralPubkeyBytes);
var sharedKey = NBitcoin.Crypto.Hashes.SHA512(ephemeralPubkey.GetSharedPubkey(privateKey).ToBytes());
var iv = sharedKey.SafeSubarray(0, 16);
var encryptionKey = sharedKey.SafeSubarray(16, 16);
var hashingKey = sharedKey.SafeSubarray(32);
var hashMAC = HMACSHA256(hashingKey, encrypted.SafeSubarray(0, encrypted.Length - 32));
if (!Utils.ArrayEqual(mac, hashMAC))
{
throw new ArgumentException("Encrypted text is invalid, Invalid mac.");
}
var message = SymetricProvider.DecryptBytes(encryptionKey, cipherText, iv);
return(message);
}