public void TestPublic() { TextReader reader = new StringReader(OpenIdTestBase.LoadEmbeddedFile("dhpriv.txt")); try { string line; while ((line = reader.ReadLine()) != null) { string[] parts = line.Trim().Split(' '); byte[] x = Convert.FromBase64String(parts[0]); DiffieHellmanManaged dh = new DiffieHellmanManaged(AssociateDiffieHellmanRequest.DefaultMod, AssociateDiffieHellmanRequest.DefaultGen, x); byte[] pub = dh.CreateKeyExchange(); byte[] y = Convert.FromBase64String(parts[1]); if (y[0] == 0 && y[1] <= 127) { y.CopyTo(y, 1); } Assert.AreEqual( Convert.ToBase64String(y), Convert.ToBase64String(DiffieHellmanUtilities.EnsurePositive(pub)), line); } } finally { reader.Close(); } }
public static void Main(string[] args) { ECDiffieHellmanCng alice = new ECDiffieHellmanCng(); //alice.DeriveKeyMaterial( //CngKey.Import( // create a new DH instance DiffieHellman dh1 = new DiffieHellmanManaged(); // export the public parameters of the first DH instance DHParameters dhp = dh1.ExportParameters(false); // create a second DH instance and initialize it with the public parameters of the first instance DiffieHellman dh2 = new DiffieHellmanManaged(dhp.P, dhp.G, 160); // generate the public key of the first DH instance byte[] ke1 = dh1.CreateKeyExchange(); // generate the public key of the second DH instance byte[] ke2 = dh2.CreateKeyExchange(); // let the first DH instance compute the shared secret using the second DH public key byte[] dh1k = dh1.DecryptKeyExchange(ke2); // let the second DH instance compute the shared secret using the first DH public key byte[] dh2k = dh2.DecryptKeyExchange(ke1); // print both shared secrets to verify they are the same Console.WriteLine("Computed secret of instance 1:"); PrintBytes(dh1k); Console.WriteLine("\r\nComputed secret of instance 2:"); PrintBytes(dh2k); Console.WriteLine("\r\nPress ENTER to continue..."); Console.ReadLine(); }
public static DHKeyPair GenerateKeyPair(int keysize) { DiffieHellman dh = new DiffieHellmanManaged(_prime, new byte[] { 0x02 }, keysize); DHParameters privateKey = dh.ExportParameters(true); return new DHKeyPair( new DHPrivateKey(privateKey), new DHPublicKey(dh.CreateKeyExchange())); }
private static string Test1() { DiffieHellman dh1 = new DiffieHellmanManaged(); DiffieHellman dh2 = new DiffieHellmanManaged(); string secret1 = Convert.ToBase64String(dh1.DecryptKeyExchange(dh2.CreateKeyExchange())); string secret2 = Convert.ToBase64String(dh2.DecryptKeyExchange(dh1.CreateKeyExchange())); Assert.AreEqual(secret1, secret2, "Secret keys do not match for some reason."); return secret1; }
public void TestPublic() { StreamReader sr = new StreamReader(@"..\..\src\DotNetOpenId.Test\dhpriv.txt"); try { string line; while ((line = sr.ReadLine()) != null) { string[] parts = line.Trim().Split(' '); byte[] x = Convert.FromBase64String(parts[0]); DiffieHellmanManaged dh = new DiffieHellmanManaged(DiffieHellmanUtil.DEFAULT_MOD, DiffieHellmanUtil.DEFAULT_GEN, x); byte[] pub = dh.CreateKeyExchange(); byte[] y = Convert.FromBase64String(parts[1]); if (y[0] == 0 && y[1] <= 127) y.CopyTo(y, 1); Assert.AreEqual(y, Convert.FromBase64String(DiffieHellmanUtil.UnsignedToBase64(pub)), line); } } finally { sr.Close(); } }
/// <summary> /// Creates the association at the provider side after the association request has been received. /// </summary> /// <param name="request">The association request.</param> /// <param name="associationStore">The OpenID Provider's association store or handle encoder.</param> /// <param name="securitySettings">The security settings of the Provider.</param> /// <returns> /// The newly created association. /// </returns> /// <remarks> /// The response message is updated to include the details of the created association by this method, /// but the resulting association is <i>not</i> added to the association store and must be done by the caller. /// </remarks> public Association CreateAssociationAtProvider(AssociateRequest request, IProviderAssociationStore associationStore, ProviderSecuritySettings securitySettings) { var diffieHellmanRequest = request as AssociateDiffieHellmanRequest; ErrorUtilities.VerifyInternal(diffieHellmanRequest != null, "Expected a DH request type."); this.SessionType = this.SessionType ?? request.SessionType; // Go ahead and create the association first, complete with its secret that we're about to share. Association association = HmacShaAssociationProvider.Create(this.Protocol, this.AssociationType, AssociationRelyingPartyType.Smart, associationStore, securitySettings); // We now need to securely communicate the secret to the relying party using Diffie-Hellman. // We do this by performing a DH algorithm on the secret and setting a couple of properties // that will be transmitted to the Relying Party. The RP will perform an inverse operation // using its part of a DH secret in order to decrypt the shared secret we just invented // above when we created the association. using (DiffieHellman dh = new DiffieHellmanManaged( diffieHellmanRequest.DiffieHellmanModulus ?? AssociateDiffieHellmanRequest.DefaultMod, diffieHellmanRequest.DiffieHellmanGen ?? AssociateDiffieHellmanRequest.DefaultGen, AssociateDiffieHellmanRequest.DefaultX)) { HashAlgorithm hasher = DiffieHellmanUtilities.Lookup(this.Protocol, this.SessionType); this.DiffieHellmanServerPublic = DiffieHellmanUtilities.EnsurePositive(dh.CreateKeyExchange()); this.EncodedMacKey = DiffieHellmanUtilities.SHAHashXorSecret(hasher, dh, diffieHellmanRequest.DiffieHellmanConsumerPublic, association.SecretKey); } return association; }
private void OnConnected(ITransport transport) { try { LoggingService.LogInfo("Transport {0} connected.", transport); if (transport.Encryptor != null) { DiffieHellmanManaged dh = new DiffieHellmanManaged (); byte[] keyxBytes = dh.CreateKeyExchange (); transport.Send (dh.CreateKeyExchange (), 0, keyxBytes.Length); keyxBytes = new byte [transport.Encryptor.KeyExchangeLength]; transport.Receive (keyxBytes, 0, transport.Encryptor.KeyExchangeLength); keyxBytes = dh.DecryptKeyExchange (keyxBytes); byte[] keyBytes = new byte[transport.Encryptor.KeySize]; byte[] ivBytes = new byte[transport.Encryptor.IvSize]; Array.Copy (keyxBytes, 0, keyBytes, 0, keyBytes.Length); Array.Copy (keyxBytes, keyBytes.Length, ivBytes, 0, ivBytes.Length); transport.Encryptor.SetKey(keyBytes, ivBytes); } byte[] connectionType = EndianBitConverter.GetBytes (transport.ConnectionType); transport.Send (connectionType, 0, connectionType.Length); byte[] networkId = Common.SHA512 (transport.Network.NetworkName); transport.Send (networkId, 0, networkId.Length); // Ready, Steady, GO! TransportCallback callback = (TransportCallback) connectCallbacks [transport]; connectCallbacks.Remove (transport); callback (transport); } catch (Exception ex) { transport.Disconnect (ex); RaiseTransportError(transport, ex); } }
internal void Add(ITransport transport, TransportCallback connectCallback) { try { // XXX: This should be negotiated as part of the initial handshake. transport.Encryptor = new AESTransportEncryptor(); transports.Add (transport); if (NewTransportAdded != null) NewTransportAdded (transport); LoggingService.LogInfo(String.Format ("Transport {0} added", transport.ToString())); if (transport.Incoming == true) { if (connectCallback != null) throw new ArgumentException ("You can only specify a ConnectCallback for outoging connections!"); if (transport.Encryptor != null) { DiffieHellmanManaged dh = new DiffieHellmanManaged (); byte[] keyxBytes = new byte[transport.Encryptor.KeyExchangeLength]; transport.Receive (keyxBytes, 0, keyxBytes.Length); keyxBytes = dh.DecryptKeyExchange (keyxBytes); byte[] keyBytes = new byte[transport.Encryptor.KeySize]; byte[] ivBytes = new byte[transport.Encryptor.IvSize]; Array.Copy (keyxBytes, 0, keyBytes, 0, keyBytes.Length); Array.Copy (keyxBytes, keyBytes.Length, ivBytes, 0, ivBytes.Length); keyxBytes = dh.CreateKeyExchange (); transport.Send (keyxBytes, 0, keyxBytes.Length); transport.Encryptor.SetKey(keyBytes, ivBytes); } //Receive connection type, which is a ulong (8 bytes) byte[] responseBuffer = new byte[8]; transport.Receive (responseBuffer, 0, 8); ulong connectionType = EndianBitConverter.ToUInt64 (responseBuffer, 0); // Recieve network ID (64 bytes) responseBuffer = new byte[64]; transport.Receive (responseBuffer, 0, 64); string networkId = EndianBitConverter.ToString (responseBuffer).Replace ("-", ""); // Match to one of our known networks! foreach (Network network in Core.Networks) { if (network.NetworkID == networkId) { transport.Network = network; } } if (transport.Network == null) { throw new Exception (String.Format ("Unknown network: {0}.", networkId)); } transport.ConnectionType = connectionType; if (connectionType == ConnectionType.NodeConnection) { LocalNodeConnection connection = new LocalNodeConnection(transport); transport.Operation = connection; transport.Network.AddConnection(connection); connection.Start(); } else if (connectionType == ConnectionType.TransferConnection) { Core.FileTransferManager.NewIncomingConnection(transport); } else { throw new Exception(String.Format("Unknown connection type: {0}.", connectionType.ToString())); } } else { if (connectCallback == null) { throw new ArgumentNullException("connectCallback"); } connectCallbacks.Add (transport, connectCallback); LoggingService.LogInfo("Transport {0} connecting...", transport); TransportCallback callback = new TransportCallback (OnConnected); transport.Connect (callback); } } catch (Exception ex) { transport.Disconnect (ex); RaiseTransportError(transport, ex); } }