public static void Main(string[] args)
{
// create a new DH instance
DiffieHellman dh1 = new DiffieHellmanManaged();
// export the public parameters of the first DH instance
DHParameters dhp = dh1.ExportParameters(false);
// create a second DH instance and initialize it with the public parameters of the first instance
DiffieHellman dh2 = new DiffieHellmanManaged(dhp.P, dhp.G, 160);
// generate the public key of the first DH instance
byte[] ke1 = dh1.CreateKeyExchange();
// generate the public key of the second DH instance
byte[] ke2 = dh2.CreateKeyExchange();
// let the first DH instance compute the shared secret using the second DH public key
byte[] dh1k = dh1.DecryptKeyExchange(ke2);
// let the second DH instance compute the shared secret using the first DH public key
byte[] dh2k = dh2.DecryptKeyExchange(ke1);
// print both shared secrets to verify they are the same
Console.WriteLine("Computed secret of instance 1:");
PrintBytes(dh1k);
Console.WriteLine("\r\nComputed secret of instance 2:");
PrintBytes(dh2k);
Console.WriteLine("\r\nPress ENTER to continue...");
Console.ReadLine();
}
public override void HandleClient(TlsContext ctx, KeyExchange clientExchange)
{
var serverDh = (DiffieHellmanKeyExchange)clientExchange;
using (var X = new SecureBuffer(dh.DecryptKeyExchange(serverDh.Y))) {
ComputeMasterSecret(ctx, X);
}
}
public override void GenerateClient(TlsContext ctx)
{
using (var dh = new DiffieHellmanManaged(P, G, 0)) {
using (var X = new SecureBuffer(dh.DecryptKeyExchange(Y))) {
Y = dh.CreateKeyExchange();
ComputeMasterSecret(ctx, X);
}
}
}
public void should_be_able_to_create_an_end_to_end_handshake()
{
var diffieHellmanManaged1 = new DiffieHellmanManaged("23", "5");
string exchange1 = diffieHellmanManaged1.CreateKeyExchange();
var diffieHellmanManaged2 = new DiffieHellmanManaged("23", "5");
string exchange2 = diffieHellmanManaged2.CreateKeyExchange();
Assert.IsTrue(diffieHellmanManaged1.DecryptKeyExchange(exchange2) == diffieHellmanManaged2.DecryptKeyExchange(exchange1));
}
public void should_be_able_to_create_an_end_to_end_handshake()
{
var diffieHellmanManaged1 = new DiffieHellmanManaged("23", "5");
string exchange1 = diffieHellmanManaged1.CreateKeyExchange();
var diffieHellmanManaged2 = new DiffieHellmanManaged("23", "5");
string exchange2 = diffieHellmanManaged2.CreateKeyExchange();
Assert.IsTrue(diffieHellmanManaged1.DecryptKeyExchange(exchange2) == diffieHellmanManaged2.DecryptKeyExchange(exchange1));
}
private static string Test1()
{
DiffieHellman dh1 = new DiffieHellmanManaged();
DiffieHellman dh2 = new DiffieHellmanManaged();
string secret1 = Convert.ToBase64String(dh1.DecryptKeyExchange(dh2.CreateKeyExchange()));
string secret2 = Convert.ToBase64String(dh2.DecryptKeyExchange(dh1.CreateKeyExchange()));
Assert.AreEqual(secret1, secret2, "Secret keys do not match for some reason.");
return(secret1);
}
public void should_create_a_final_key_with_the_collaborators_key()
{
_diffieHellmanManaged = new DiffieHellmanManaged("23", "5", "15");
_diffieHellmanManaged.CreateKeyExchange();
Assert.AreEqual("2", _diffieHellmanManaged.DecryptKeyExchange("8"));
_diffieHellmanManaged = new DiffieHellmanManaged("23", "5", "6");
_diffieHellmanManaged.CreateKeyExchange();
Assert.AreEqual("2", _diffieHellmanManaged.DecryptKeyExchange("19"));
}
public void should_create_a_final_key_with_the_collaborators_key()
{
_diffieHellmanManaged = new DiffieHellmanManaged("23", "5", "15");
_diffieHellmanManaged.CreateKeyExchange();
Assert.AreEqual("2", _diffieHellmanManaged.DecryptKeyExchange("8"));
_diffieHellmanManaged = new DiffieHellmanManaged("23", "5", "6");
_diffieHellmanManaged.CreateKeyExchange();
Assert.AreEqual("2", _diffieHellmanManaged.DecryptKeyExchange("19"));
}
internal void DecryptKeyExchange(byte[] keyExchangeBytes)
{
keyExchangeBytes = diffieHellman.DecryptKeyExchange(keyExchangeBytes);
keyBytes = new byte[keySize];
ivBytes = new byte[ivSize];
Array.Copy(keyExchangeBytes, 0, keyBytes, 0, keySize);
Array.Copy(keyExchangeBytes, keySize, ivBytes, 0, ivSize);
//deTransform = alg.CreateDecryptor(keyBytes, ivBytes);
//enTransform = alg.CreateEncryptor(keyBytes, ivBytes);
localHasKey = true;
}
public static void Main(string[] args)
{
DiffieHellman diffieHellman = new DiffieHellmanManaged();
DHParameters dHParameters = diffieHellman.ExportParameters(includePrivate: false);
DiffieHellman diffieHellman2 = new DiffieHellmanManaged(dHParameters.P, dHParameters.G, 160);
byte[] keyEx = diffieHellman.CreateKeyExchange();
byte[] keyEx2 = diffieHellman2.CreateKeyExchange();
byte[] bytes = diffieHellman.DecryptKeyExchange(keyEx2);
byte[] bytes2 = diffieHellman2.DecryptKeyExchange(keyEx);
Console.WriteLine("Computed secret of instance 1:");
PrintBytes(bytes);
Console.WriteLine("\r\nComputed secret of instance 2:");
PrintBytes(bytes2);
Console.WriteLine("\r\nPress ENTER to continue...");
Console.ReadLine();
}
/// <summary>
/// Генерация клиентского запроса с параметрами Диффи-Хеллмана
/// </summary>
/// <param name="serverDh"></param>
/// <returns></returns>
private Combinator SetClientDhParams(Combinator serverDh)
{
var g = serverDh.Get <int>("g");
var dhPrime = serverDh.Get <byte[]>("dh_prime");
var gA = serverDh.Get <byte[]>("g_a");
var dh = new DiffieHellmanManaged(dhPrime, new BigInteger(g).GetBytes(), 2048);
// generate the public key of the second DH instance
byte[] gB = dh.CreateKeyExchange();
// let the second DH instance compute the shared secret using the first DH public key
_authKey = dh.DecryptKeyExchange(gA);
// Сформируем ответ
// отдаем g_b в BE
var clientDhInnerData = new Combinator("client_DH_inner_data", _nonce, _serverNonce, (long)0, gB);
byte[] s = clientDhInnerData.Serialize();
// Шифрование строки
var aes = new Aes256IgeManaged(CalculateTmpAesKey(_newNonce, _serverNonce)
, CalculateTmpAesIV(_newNonce, _serverNonce));
using (var ms = new MemoryStream())
using (var bw = new BinaryWriter(ms))
{
SHA1 sha1 = SHA1.Create();
bw.Write(sha1.ComputeHash(s));
bw.Write(s);
var r = new Random();
while (bw.BaseStream.Length % 16 != 0)
{
bw.Write((byte)r.Next());
}
s = aes.Encrypt(ms.ToArray());
}
// Сформируем ответ
var setClientDhParams = new Combinator("set_client_DH_params", _nonce, _serverNonce, s);
return(setClientDhParams);
}
public void KeyExchange()
{
// create a new DH instance
DiffieHellman dh1 = new DiffieHellmanManaged();
// export the public parameters of the first DH instance
DHParameters dhp = dh1.ExportParameters(false);
// create a second DH instance and initialize it with the public parameters of the first instance
DiffieHellman dh2 = new DiffieHellmanManaged(dhp.P, dhp.G, 160);
// generate the public key of the first DH instance
byte[] ke1 = dh1.CreateKeyExchange();
// generate the public key of the second DH instance
byte[] ke2 = dh2.CreateKeyExchange();
// let the first DH instance compute the shared secret using the second DH public key
byte[] dh1k = dh1.DecryptKeyExchange(ke2);
// let the second DH instance compute the shared secret using the first DH public key
byte[] dh2k = dh2.DecryptKeyExchange(ke1);
// both shared secrets are the same
AssertEquals("Shared Secret", dh1k, dh2k);
}
private void OnConnected(ITransport transport)
{
try {
LoggingService.LogInfo("Transport {0} connected.", transport);
if (transport.Encryptor != null)
{
var dh = new DiffieHellmanManaged();
var keyxBytes = dh.CreateKeyExchange();
transport.Send(dh.CreateKeyExchange(), 0, keyxBytes.Length);
keyxBytes = new byte [transport.Encryptor.KeyExchangeLength];
transport.Receive(keyxBytes, 0, transport.Encryptor.KeyExchangeLength);
keyxBytes = dh.DecryptKeyExchange(keyxBytes);
var keyBytes = new byte[transport.Encryptor.KeySize];
var ivBytes = new byte[transport.Encryptor.IvSize];
Array.Copy(keyxBytes, 0, keyBytes, 0, keyBytes.Length);
Array.Copy(keyxBytes, keyBytes.Length, ivBytes, 0, ivBytes.Length);
transport.Encryptor.SetKey(keyBytes, ivBytes);
}
var connectionType = EndianBitConverter.GetBytes(transport.ConnectionType);
transport.Send(connectionType, 0, connectionType.Length);
var networkId = Common.Utils.SHA512(transport.Network.NetworkName);
transport.Send(networkId, 0, networkId.Length);
// Ready, Steady, GO!
var callback = connectCallbacks [transport];
connectCallbacks.Remove(transport);
callback(transport);
} catch (Exception ex) {
transport.Disconnect(ex);
RaiseTransportError(transport, ex);
}
}
public override bool SetNetworkInitRequiredData(byte[] data)
{
if (data != null)
{
DiffieHellmanWireContainer container = Serializer <GladNetProtobufNetSerializer> .Instance.Deserialize <DiffieHellmanWireContainer>(data);
if (container == null)
{
throw new LoggableException("Failed to set DiffieHellman params.", null, LogType.Error);
}
//If we're the second peer we want to import the parameters.
if (!SentPublicKey)
{
this.internalEncryptionObj.Clear();
this.internalEncryptionObj = new DiffieHellmanManaged(container.Parameters.P, container.Parameters.G, 160);
}
if (container.PublicKey == null)
{
throw new LoggableException("Recieved a null public key for mentalis DiffieHellman exchange.", null, LogType.Error);
}
secretKey = internalEncryptionObj.DecryptKeyExchange(container.PublicKey);
/*Console.WriteLine("DH KeyLength: " + secretKey.Length);
*
* for (int i = 0; i < secretKey.Length; i++)
* Console.Write(secretKey[i] + " ");*/
Bytes = secretKey;
return(secretKey != null);
}
else
{
return(false);
}
}
// =========================加密相关===================================
// 加密通讯
public void Encrypt(Int32 send_seed, Int32 receive_seed)
{
Byte[] _send = BitConverter.GetBytes(send_seed);
if (BitConverter.IsLittleEndian)
{
Array.Reverse(_send);
}
Byte[] _recv = BitConverter.GetBytes(receive_seed);
if (BitConverter.IsLittleEndian)
{
Array.Reverse(_recv);
}
string key1;
string key2;
Byte[] _key1 = dhEnc.DecryptKeyExchange(_send);
BigInteger bi1 = new BigInteger(_key1);
key1 = Config.SALT + bi1.ToString();
Byte[] _key2 = dhDec.DecryptKeyExchange(_recv);
BigInteger bi2 = new BigInteger(_key2);
key2 = Config.SALT + bi2.ToString();
RC4 rc4enc = RC4.Create();
RC4 rc4dec = RC4.Create();
Byte[] seed1 = Encoding.ASCII.GetBytes(key1);
Byte[] seed2 = Encoding.ASCII.GetBytes(key2);
// en/decryptor不为null时自动启动加密
// Get an encryptor.
encryptor = rc4enc.CreateEncryptor(seed1, null);
// Get a decryptor.
decryptor = rc4dec.CreateDecryptor(seed2, null);
}
public override byte[] GenerateSecret()
{
return(dh.DecryptKeyExchange(pubk.GetY().GetBytes()));
}
public static byte[] ComputeSharedKey(DHPrivateKey privateKey, DHPublicKey publicKey)
{
DiffieHellman dh = new DiffieHellmanManaged(privateKey.P, privateKey.G, privateKey.X);
return(dh.DecryptKeyExchange(publicKey.KeyExchangeData));
}
public void Add(ITransport transport, TransportCallback connectCallback)
{
try {
// XXX: This should be negotiated as part of the initial handshake.
transport.Encryptor = new AESTransportEncryptor();
transports.Add(transport);
NewTransportAdded?.Invoke(this, new TransportEventArgs(transport));
this.loggingService.LogInfo(String.Format("Transport {0} added", transport.ToString()));
if (transport.Incoming == true)
{
if (connectCallback != null)
{
throw new ArgumentException("You can only specify a ConnectCallback for outoging connections!");
}
if (transport.Encryptor != null)
{
DiffieHellmanManaged dh = new DiffieHellmanManaged();
byte[] keyxBytes = new byte[transport.Encryptor.KeyExchangeLength];
transport.Receive(keyxBytes, 0, keyxBytes.Length);
keyxBytes = dh.DecryptKeyExchange(keyxBytes);
byte[] keyBytes = new byte[transport.Encryptor.KeySize];
byte[] ivBytes = new byte[transport.Encryptor.IvSize];
Array.Copy(keyxBytes, 0, keyBytes, 0, keyBytes.Length);
Array.Copy(keyxBytes, keyBytes.Length, ivBytes, 0, ivBytes.Length);
keyxBytes = dh.CreateKeyExchange();
transport.Send(keyxBytes, 0, keyxBytes.Length);
transport.Encryptor.SetKey(keyBytes, ivBytes);
}
//Receive connection type, which is a ulong (8 bytes)
byte[] responseBuffer = new byte[8];
transport.Receive(responseBuffer, 0, 8);
ulong connectionType = EndianBitConverter.ToUInt64(responseBuffer, 0);
// Recieve network ID (64 bytes)
responseBuffer = new byte[64];
transport.Receive(responseBuffer, 0, 64);
string networkId = EndianBitConverter.ToString(responseBuffer).Replace("-", "");
// Match to one of our known networks!
foreach (Network network in Core.Networks)
{
if (network.NetworkID == networkId)
{
transport.Network = network;
}
}
if (transport.Network == null)
{
throw new Exception(String.Format("Unknown network: {0}.", networkId));
}
transport.ConnectionType = connectionType;
if (connectionType == ConnectionType.NodeConnection)
{
LocalNodeConnection connection = new LocalNodeConnection(transport);
transport.Operation = connection;
transport.Network.AddConnection(connection);
connection.Start();
}
else if (connectionType == ConnectionType.TransferConnection)
{
this.fileTransferManager.HandleIncomingTransport(transport);
}
else
{
throw new Exception(String.Format("Unknown connection type: {0}.",
connectionType.ToString()));
}
}
else
{
if (connectCallback == null)
{
throw new ArgumentNullException("connectCallback");
}
connectCallbacks.Add(transport, connectCallback);
this.loggingService.LogInfo("Transport {0} connecting...", transport);
TransportCallback callback = new TransportCallback(OnConnected);
transport.Connect(callback);
}
} catch (Exception ex) {
transport.Disconnect(ex);
RaiseTransportError(transport, ex);
}
}
internal void Add(ITransport transport, TransportCallback connectCallback)
{
try {
// XXX: This should be negotiated as part of the initial handshake.
transport.Encryptor = new AESTransportEncryptor();
transports.Add(transport);
if (NewTransportAdded != null)
{
NewTransportAdded(transport);
}
LoggingService.LogInfo($"Transport {transport} added");
if (transport.Incoming)
{
if (connectCallback != null)
{
throw new ArgumentException("You can only specify a ConnectCallback for outoging connections!");
}
if (transport.Encryptor != null)
{
var dh = new DiffieHellmanManaged();
var keyxBytes = new byte[transport.Encryptor.KeyExchangeLength];
transport.Receive(keyxBytes, 0, keyxBytes.Length);
keyxBytes = dh.DecryptKeyExchange(keyxBytes);
var keyBytes = new byte[transport.Encryptor.KeySize];
var ivBytes = new byte[transport.Encryptor.IvSize];
Array.Copy(keyxBytes, 0, keyBytes, 0, keyBytes.Length);
Array.Copy(keyxBytes, keyBytes.Length, ivBytes, 0, ivBytes.Length);
keyxBytes = dh.CreateKeyExchange();
transport.Send(keyxBytes, 0, keyxBytes.Length);
transport.Encryptor.SetKey(keyBytes, ivBytes);
}
//Receive connection type, which is a ulong (8 bytes)
var responseBuffer = new byte[8];
transport.Receive(responseBuffer, 0, 8);
var connectionType = EndianBitConverter.ToUInt64(responseBuffer, 0);
// Recieve network ID (64 bytes)
responseBuffer = new byte[64];
transport.Receive(responseBuffer, 0, 64);
var networkId = EndianBitConverter.ToString(responseBuffer).Replace("-", "");
// Match to one of our known networks!
foreach (var network in core.Networks)
{
if (network.NetworkID == networkId)
{
transport.Network = network;
}
}
if (transport.Network == null)
{
throw new Exception($"Unknown network: {networkId}.");
}
transport.ConnectionType = connectionType;
if (connectionType == ConnectionType.NodeConnection)
{
var connection = new LocalNodeConnection(transport);
transport.Operation = connection;
transport.Network.AddConnection(connection);
connection.Start();
}
else if (connectionType == ConnectionType.TransferConnection)
{
core.FileTransferManager.NewIncomingConnection(transport);
}
else
{
throw new Exception($"Unknown connection type: {connectionType}.");
}
}
else
{
if (connectCallback == null)
{
throw new ArgumentNullException(nameof(connectCallback));
}
connectCallbacks.Add(transport, connectCallback);
LoggingService.LogInfo("Transport {0} connecting...", transport);
TransportCallback callback = OnConnected;
transport.Connect(callback);
}
} catch (Exception ex) {
transport.Disconnect(ex);
RaiseTransportError(transport, ex);
}
}
