Develop Reference

ECDH nodejs and C# key exchange

I've lost my self and I need help to go in the right direction :)
I have nodejs server that have to exchange some critical data with the server that is written in C#, so in that case, I want my data to be encrypted somehow. I was thinking about AES, and to safely exchange keys i want to use ECDH but I don't know how to make it work correctly... If I'm thinking right way I can make my C# "allice" side like this :
ECDiffieHellman alice = ECDiffieHellman.Create(ECCurve.NamedCurves.brainpoolP192t1);
var aliceKey = alice.PublicKey;
var ketyToExport = Convert.ToBase64String(aliceKey.ToByteArray());
//send ketyToExport to nodejs
//KEY FROM nodejs
var key1 = Convert.FromBase64String("BIzSJ1dmTXpSS8rqkVFISZ+vumhqXYMWfWoU5vB9GHhOtxxDInu/GZ92VJpqhrE3vw==").ToList();
var keyType = new byte[] { 0x45, 0x43, 0x4B, 0x31 };
var keyLength = new byte[] { 0x20, 0x00, 0x00, 0x00 };
key1.RemoveAt(0);
key1 = keyType.Concat(keyLength).Concat(key1).ToList();
byte[] bobKeyBytes = key1.ToArray();
//and I have a problem with that line bellow, I do not know how to make it work
var aliceSecret = alice.DeriveKeyMaterial(/*ECDiffieHellmanPublicKey bobKeyBytes*/);
And nodejs "Bob" side like this:
const crypto = require("crypto");
const bob = crypto.createECDH('brainpoolP192t1')
const bobKey = bob.generateKeys('base64');
var bobLength = Buffer.from(bobKey, 'base64').length;
//send bobkey to c#
//recive alicekey
var tmp = "RUNLUBgAAAAR9C7kO2o+vxNT/UBvvEuJHNdI8NfU4fUxUT431ER1q3kJbeUVHepoG5SWUM2NHj8="
var aliceKeyBuffer = Buffer.from(tmp, 'base64');
var aliceKey = Buffer.alloc(bobLength)
aliceKeyBuffer.copy(aliceKey, 1, 8);
aliceKey[0] = 4;
bob.computeSecret(aliceKey);
//create aes
//get mesage and iv ...
Okay so I've made some adjustments to all of that but right now I don't know what to do about this line how to make it work...
var aliceSecret = alice.DeriveKeyMaterial(/*ECDiffieHellmanPublicKey bobKeyBytes*/);
#BIG EDIT
I got help in ECDiffieHellmanPublicKey from ByteArray (using ECDiffieHellman NamedCurves)
and now I have another problem -_-
my node js code didn't change from above but c# looks like:
using (ECDiffieHellman alice = ECDiffieHellman.Create(ECCurve.NamedCurves.brainpoolP256r1))
{
var alicePublicKey = Convert.ToBase64String(alice.PublicKey.ToByteArray());
//NODEJS brainpoolP256r1 publickey
var key1 = Convert.FromBase64String("BASsbkule53ARqlMBA8hYysyyoRi3xGxGnSzIJ2fS5FlLniQD/zYiiGUVydmO/BBkQwVTUo5f4OMCxVNtQ/LuMQ=");
byte[] keyX = new byte[key1.Length / 2];
byte[] keyY = new byte[keyX.Length];
Buffer.BlockCopy(key1, 1, keyX, 0, keyX.Length);
Buffer.BlockCopy(key1, 1 + keyX.Length, keyY, 0, keyY.Length);
ECParameters parameters = new ECParameters
{
Curve = ECCurve.NamedCurves.brainpoolP256r1,
Q =
{
X = keyX,
Y = keyY,
},
};
byte[] derivedKey;
using (ECDiffieHellman bob = ECDiffieHellman.Create(parameters))
using (ECDiffieHellmanPublicKey bobPublic = bob.PublicKey)
{
derivedKey = alice.DeriveKeyFromHash(bobPublic, HashAlgorithmName.SHA256);
}
var aliceKey = Convert.ToBase64String(derivedKey);
byte[] encryptedMessage = null;
byte[] iv = null;
// Send(aliceKey, "Secret message", out encryptedMessage, out iv);
}
and it is working but it gives me different secret keys ...
out of bob.computeSecret(aliceKey) i got iIoH9aJoWf3666QQ6X+kj4iUKrk9j+hbRuXbhgs7YzM=
and out of alice.DeriveKeyFromHash(bobPublic, HashAlgorithmName.SHA256);
I got wJ7O4Hm2Jxs1FcLx6KaMmENvqdTQJPZ/YNSs1+MQDOQ=
if I'm thinking correctly they should be equal. am I thinking wrong?
#EDIT DONE !!
So this adding this code on end of js file gave me what I needed.
const hash = crypto.createHash('sha256');
var tt = bob.computeSecret(aliceKey);
hash.update(tt);
console.log(hash.digest('base64'));

##SOLUTION##
C#
class Program
{
static void Main(string[] args)
{
using (ECDiffieHellman alice = ECDiffieHellman.Create(ECCurve.NamedCurves.brainpoolP256r1))
{
var alicePublicKey = Convert.ToBase64String(alice.PublicKey.ToByteArray());
//send alicePublicKey
var nodejsKey = ""; //NODEJS brainpoolP256r1 publickey base64
byte[] nodejsKeyBytes= Convert.FromBase64String(nodejsKey);
var aliceKey = Convert.ToBase64String(getDeriveKey(nodejsKeyBytes,alice));
byte[] encryptedMessage = null;
byte[] iv = null;
// Send(aliceKey, "Secret message", out encryptedMessage, out iv);
}
}
static byte[] getDeriveKey(byte[] key1, ECDiffieHellman alice)
{
byte[] keyX = new byte[key1.Length / 2];
byte[] keyY = new byte[keyX.Length];
Buffer.BlockCopy(key1, 1, keyX, 0, keyX.Length);
Buffer.BlockCopy(key1, 1 + keyX.Length, keyY, 0, keyY.Length);
ECParameters parameters = new ECParameters
{
Curve = ECCurve.NamedCurves.brainpoolP256r1,
Q =
{
X = keyX,
Y = keyY,
},
};
byte[] derivedKey;
using (ECDiffieHellman bob = ECDiffieHellman.Create(parameters))
using (ECDiffieHellmanPublicKey bobPublic = bob.PublicKey)
{
return derivedKey = alice.DeriveKeyFromHash(bobPublic, HashAlgorithmName.SHA256);
}
}
}
NODEJS
const crypto = require("crypto");
const bob = crypto.createECDH('brainpoolP256r1')
bob.generateKeys();
const bobKey = bob.getPublicKey('base64');
var bobLength = Buffer.from(bobKey, 'base64').length;
//send bobkey to c#
//recive alicekey
var alicePublicKey = "RUNLUCAAAAB/xP7JhSIhYIYAijyC2zHu7obB5CwfK/ynQPxcRAIhBI6OLRRcHyPo61AhfSZN3qA2vGDfWO2mrdWWvqqhVaDf";
var aliceKeyBuffer = Buffer.from(alicePublicKey, 'base64');
var aliceKey = Buffer.alloc(bobLength)
aliceKeyBuffer.copy(aliceKey, 1, 8);
aliceKey[0] = 4;
const hash = crypto.createHash('sha256');
var tt = bob.computeSecret(aliceKey);
var bobSecretKey = hash.update(tt).digest('base64');
big thanks for #bartonjs and #Maarten Bodewes

The above answer helped me a lot. I am using secp521r1/nistP521 to do the key generation in both NodeJS and C#. In my case, a call to alice.PublicKey.ToByteArray() would result in an exception:
Unhandled exception. System.PlatformNotSupportedException: Operation is not supported on this platform.
at System.Security.Cryptography.ECDiffieHellmanImplementation.ECDiffieHellmanSecurityTransforms.ECDiffieHellmanSecurityTransformsPublicKey.ToByteArray()
According to an issue logged with the dotnet runtime team here:
ECDiffieHellmanPublicKey.ToByteArray() doesn't have a (standards-)defined export format. The version used by ECDiffieHellmanPublicKeyCng is Windows-specific, and only works for NIST P-256 (secp256r1), NIST P-384 (secp384r1), and NIST P-521 (secp521r1).
To create a copy of a key you should use the ExportParameters() method to obtain the rich ECParameters object; which can then be sent through ECDiffieHellman.Create(ECParameters) and the PublicKey property of that object be read to get back a second instance of ECDiffieHellmanPublicKey.
Assuming I send my X and Y from Alice to Bob (I used hex instead of base64), the corresponding process to arrive at the same shared secret on the NodeJS side looks like this:
// Alice's public key X, Y coordinates from DotNet Core
const aliceHexX = '00248F624728B17196B22005742C13D80D3DFF75BCA74AF865195E5A29F41C013653B0931BC544245402EDD7922F38692F38DCCF780CF1A9E27D3CFB5E09E53883C0';
const aliceHexY = '0043517F3B2EF33ED70EFA2BC4163E9B99558A7C2ECB7C659A12EA4024633CFA8B9FC997F0A42D30759B4280FDADC13A67A3E7BB0227047C907FAAE92E7716E8A10D';
const alicePublicKeyXBytes = Buffer.from(aliceHexX, 'hex');
const alicePublicKeyYBytes = Buffer.from(aliceHexY, 'hex');
const alicePublicKey = Buffer.concat([Buffer.from([0x04]), alicePublicKeyXBytes, alicePublicKeyYBytes])
const bobSecret = bob.computeSecret(alicePublicKey);
const hash = crypto.createHash('sha256');
hash.update(bobSecret);
const sharedSecret = hash.digest('hex');
console.log(`Shared Secret: ${sharedSecret.toString('hex')}`);

C# - Convert String with Public Key (mod) and Exponent RSA PKCS#1.5

I have a publickey that is:
a383a2916281721498ff28226f851613bab6f89eb0536e9f237e158596d3b012e5707eba9f2a2963faca63fcb10f5de79caf246c1f587ee6e8f895fd848f2da5aba9d71af4dd8d06e99ff3729631626ed3f3202e56962957c0110a99d2b3893feb148291e09b54fe7df121751fb8bb589576542321b4f548be06b9845ebc6bbef1427741c00b632c05854146b597fdef5a89ace1556a769c5eaff8fc0589e7ad4adb2e2a929969c77f395b2f5a276a9389d1f43c061c9459a65b77bcd581c107aa8424223a0b44ee52582362cc96b90eea071a0dda5e9cb8fd5c9fd4ac86e177c07d79071788cb08231240dc1c9169af2629ecec31751069f0c7ccc1c1752303
(Not Base64)
and an exponent thats:
010001
(Again not base64)
and I need to convert this along with a small string to RSA PKCS#1.5
But im a bit confused, it keeps giving me errors when trying to do it
apparently the exponent is formatted wrong and the public key isnt base64?
Heres my code
string publicKey = "a383a2916281721498ff28226f851613bab6f89eb0536e9f237e158596d3b012e5707eba9f2a2963faca63fcb10f5de79caf246c1f587ee6e8f895fd848f2da5aba9d71af4dd8d06e99ff3729631626ed3f3202e56962957c0110a99d2b3893feb148291e09b54fe7df121751fb8bb589576542321b4f548be06b9845ebc6bbef1427741c00b632c05854146b597fdef5a89ace1556a769c5eaff8fc0589e7ad4adb2e2a929969c77f395b2f5a276a9389d1f43c061c9459a65b77bcd581c107aa8424223a0b44ee52582362cc96b90eea071a0dda5e9cb8fd5c9fd4ac86e177c07d79071788cb08231240dc1c9169af2629ecec31751069f0c7ccc1c1752303";
string exponant = "010001";
string toEncrypt = "Test123";
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
RSAParameters rsap = new RSAParameters {
Modulus = Encoding.UTF8.GetBytes(Convert.ToBase64String(Encoding.UTF8.GetBytes(publicKey))),
Exponent = Encoding.UTF8.GetBytes(Convert.ToBase64String(Encoding.UTF8.GetBytes(exponant)))
};
//Tried with and without the whole base64 thing
rsa.ImportParameters(rsap);
byte[] encryptedData = rsa.Encrypt(Encoding.UTF8.GetBytes(toEncrypt), false);
string base64Encrypted = Convert.ToBase64String(encryptedData);
x = x.Replace(match, text.Contains("(URLENCODE)") ? WebUtility.UrlEncode(base64Encrypted) : base64Encrypted);
}
CryptographicException: Bad Data.
Occuring On: rsa.ImportParameters(rsap);
I do have the finished result:
PV7v6F8AOJvIJA6yYJReUf3jRD8HL5LzNIIqs4ehKlwxt00xyvnCCy/MiSX/4ZP6+IZfXPGAs57kM2/KsUau+fgU4p0rxJM569MLZ+RFjBnI/ATE1Ru5v8D2ZcJ89Y0Z3xowVnNMaytwacRf/LZqxIAFpBr/E5G6KSHkSg+3zQIu6RrxbHPrWeiYYUWB5XfYDKlPcezW3QYi9lktGCp2Eqsg+ULX1GD6qIlHySslYlT3kqVZbQb1B5ak416Rq1RMLhUgpsBazuB50jr5I1zfrFdi4UeNlkBWxFcJaGOY8HScCKwvlGU7TqGbjucB1rA3mQhGvSTUmfDeGBnGrLwCdA==
(Got this from using the same data in a non c# non open-source application).

The public key string you have looks like the hexadecimal representation of a byte array to me. Therefore, I tested to convert it to a byte[] using the following conversion:
public static byte[] HexStringToByteArray(string hexString)
{
MemoryStream stream = new MemoryStream(hexString.Length / 2);
for (int i = 0; i < hexString.Length; i += 2)
{
stream.WriteByte(byte.Parse(hexString.Substring(i, 2), System.Globalization.NumberStyles.AllowHexSpecifier));
}
return stream.ToArray();
}
Also, the exponent probably has the same format (3 bytes, 0x01 0x00 0x01), therefore I am using the same approach to convert it to a byte[]
At the end, the code looks like:
string publicKey = "a383a2916281721498ff28226f851613bab6f89eb0536e9f237e158596d3b012e5707eba9f2a2963faca63fcb10f5de79caf246c1f587ee6e8f895fd848f2da5aba9d71af4dd8d06e99ff3729631626ed3f3202e56962957c0110a99d2b3893feb148291e09b54fe7df121751fb8bb589576542321b4f548be06b9845ebc6bbef1427741c00b632c05854146b597fdef5a89ace1556a769c5eaff8fc0589e7ad4adb2e2a929969c77f395b2f5a276a9389d1f43c061c9459a65b77bcd581c107aa8424223a0b44ee52582362cc96b90eea071a0dda5e9cb8fd5c9fd4ac86e177c07d79071788cb08231240dc1c9169af2629ecec31751069f0c7ccc1c1752303";
string exponant = "010001";
string toEncrypt = "Test123";
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
RSAParameters rsap = new RSAParameters
{
Modulus = HexStringToByteArray(publicKey),
Exponent = HexStringToByteArray(exponant)
};
//Tried with and without the whole base64 thing
rsa.ImportParameters(rsap);
byte[] encryptedData = rsa.Encrypt(Encoding.UTF8.GetBytes(toEncrypt), false);
string base64Encrypted = Convert.ToBase64String(encryptedData);
The import of the RSA parameters is successful, and the encryption too.
The output looks like the following. It does not have to be the same as yours (which you produced by using a non C#, non open source application, by the way with which I sensed some kind of reproach) because there are other factors like padding which affects the result, but the encryption is successful.
VXg8wRZz7SDnhg3T1GPs8CztjPsGwES+ngJAaBBVMSNkBiBOU+ju70pI5sAjvFS34+ztY8VLUZZ4vzf9
NkBNCgEn7Q2NezOwgP029yHY169Jc7Kqkwy0UbJLAwCwmqR+/G6B/S2hL2ADV+5EeaEn4ZmmKl/WRp+P
ruwWKDQx46/ih0itvh7uF5/OfKCqeIrcsqpZgQ4pByNQNOTs1sFlKB+/8TZ6Ey00lYU8c3bRLOef0Nh+
uivY0LI2ryOYI//EtmoZqfkeJH2ZqOQPy/I4R/OXHs1RcEZpnam8/OF1c/DlGVp3//RO8owmStxSj/eF
TD5arc3a1kiNma+/DDQYuQ==

Weak Key error on Github, with 4096 RSAkey generated with C#

I am generating a RSA KEY with 4096 bits according to RFC4716 (Or at least I thought so) using C# and the standard cryptography library, however git hub says I have a key with the wrong size, returning the following error when I try to add it to the keys associated to my account.
This is the code to generate the key:
public static void GenerateKeys()
{
// Create the CspParameters object and set the key container
// name used to store the RSA key pair.
CspParameters cp = new CspParameters();
//cp.KeyContainerName = ContainerName;
CspKeyContainerInfo info = new CspKeyContainerInfo(cp);
//string filename = info.UniqueKeyContainerName;
// Create a new instance of RSACryptoServiceProvider that accesses
// the key container MyKeyContainerName.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(4096, cp);
var test = rsa.KeySize;
using (StreamWriter privateKeyWriter = new StreamWriter(GitStandard.PrivateSSHKeyPath))
{
ExportPrivateKey(rsa, privateKeyWriter);
}
using (StreamWriter publicKeyWriter = new StreamWriter(GitStandard.PublicSSHKeyPath))
{
ExportPublicKeyOpenSSH(rsa, publicKeyWriter);
}
}
The method ExportPublicKeyOpenSSH is a small modification of the code found in this thread with answers on how to convert the key to RFC4716, the only thing I do differently is to add a zero (0) before the modulus is converted.
private static void ExportPublicKeyOpenSSH(RSACryptoServiceProvider csp, TextWriter outputStream)
{
var parameters = csp.ExportParameters(false);
byte[] sshrsa_bytes = Encoding.Default.GetBytes("ssh-rsa");
//initializing modulus array
byte[] n = new Byte[parameters.Modulus.Length + 1];
//adding initial zero before modulus to conform with OpenSSH
n[0] = 0;
System.Buffer.BlockCopy(parameters.Modulus, 0, n, 1, parameters.Modulus.Length);
//byte[] n = parameters.Modulus;
byte[] e = parameters.Exponent;
System.Array.Resize<Byte>(ref n, n.Length + 1);
string base64;
using (var stream = new MemoryStream())
{
stream.Write(ToBytes(sshrsa_bytes.Length), 0, 4);
stream.Write(sshrsa_bytes, 0, sshrsa_bytes.Length);
stream.Write(ToBytes(e.Length), 0, 4);
stream.Write(e, 0, e.Length);
stream.Write(ToBytes(n.Length), 0, 4);
stream.Write(n, 0, n.Length);
stream.Flush();
base64 = Convert.ToBase64String(stream.ToArray());
}
var result = string.Format("ssh-rsa {0}", base64);
outputStream.Write(result);
}
What the key generated looks like
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAACAgD171Y9VeinRALRfU8adS2K0vYHGfKkQwqs8SOQbhURFNtazupsocmpW96dYF346UVVCiKQCYrCW6t0QpGE3ch7onqTvXBszA9mfcuLX9hlhesJqFyUTHxDUopCc2tc5fWYuZ4MeySKuOetBEmPfN3Eu+SWC8j3VS9YzIDjwhkBPcJoxOnv3l7pSxEzGBGQXwdGmL8TFxxsBhue1ajralYPXgJo1nra70ChHcr8PfJvIXigBYCkwnb0KuofbPyhHETo4fNJqCPa1rLjnKoz5iTpyak2SWnhD5FX0/t4juaL/OKNE4YSaAqpWwA9VS1i+y7doeSRc22tm5LHgSLmlxg6h5lPKm5emB840eMLOPvZLS/4uODzFPMo4NFC2ZwNwdlXhcQE9EVtz9EZox1isKpJgShqJPh0sHVH9RnCuBSxW5N79KtsvcXI2zAiLBczKukqU2rTkvYdV1Wkx4zHSvLe42PQuJvSwhwW1tlgyFemd2aRwGDltQyGTPNOZ28E6SGgvxYtB4nvcu8gLyxob4Hz3ysohDB0Z9ZEismSK/8eSeMrBPosTBO77tsjUk1L8v2lHXQ+p1raLpd3ETeae7vZjt6zMFCIhNKDvdJL9b0mIKLB26PMhWG4DzSTJGeIANjiNryWK7y0gdgdPs5953H1EJVRQ0wd2ceFFg2+kpqlrQA=
Using the command ssh-keygen -l -f custom_rsa.pub to test the validity of the key.
$ ssh-keygen -l -f custom_rsa.pub
4104 SHA256:uGO4sHOXXuX1waf+8jrdsWr3/57npF5AuUKUgYVWbCI no comment (RSA)

You resize n both to add a 0 on the left (by manually copying into it starting at index 1) and to add a 0 on the right (via Array.Resize). The latter one is probably getting you into trouble.
Also, (unrelated) you probably shouldn't use Encoding.Default, but rather whatever encoding you intend. Encoding.ASCII, probably.

Cryptopp Ephemeral Diffie Hellman to C# Bouncy Castle

I'm trying to convert cryptopp DiffieHellman 2 key agreement method to c# bouncy castle library.
Here is the help page about cryptoo c++ library: http://www.cryptopp.com/wiki/Diffie-Hellman
I'm trying to implement RFC 5114's 1024-bit MODP group to C#.
But there are a lot of problems I couldn't solve.
When keyPair generates a key, it is 131 bytes, but it must be 128 bytes, because server sending to me 256 bytes key with static and ephemeral key. I must send 256 bytes too .But 1-, 2-, and 3-byte values are static in every key so I'm removing first 3 bytes in keys is it true?
Which secret key must I use for converting shared secret to other encryption system keys?
Example I have a secret key, how can I convert it for Twofish, RC6, xTEA, Serpent etc?
Here is my code:
public byte[] CreateaNewDiffieHellmanKey()
{
public static string Phex = "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C69A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C013ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD7098488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708DF1FB2BC2E4A4371";
public static string Ghex = "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507FD6406CFF14266D31266FEA1E5C41564B777E690F5504F213160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28AD662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24855E6EEB22B3B2E5";
public static string Qhex = "F518AA8781A8DF278ABA4E7D64B7CB9D49462353";
BigInteger P = new BigInteger(Phex, 16);
BigInteger G = new BigInteger(Ghex, 16);
BigInteger Q = new BigInteger(Qhex, 16);
IAsymmetricCipherKeyPairGenerator staticKeyGen = GeneratorUtilities.GetKeyPairGenerator("DH");
IAsymmetricCipherKeyPairGenerator ephemeralKeyGen = GeneratorUtilities.GetKeyPairGenerator("DH");
DHParameters dhParams = new DHParameters(P, G, Q, 0, 160);
DHP = dhParams;
KeyGenerationParameters kgpSt = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
KeyGenerationParameters kgpEp = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
staticKeyGen.Init(kgpSt);
ephemeralKeyGen.Init(kgpEp);
AsymmetricCipherKeyPair staticKeyPayir = staticKeyGen.GenerateKeyPair();
staticKeyEgri = AgreementUtilities.GetBasicAgreement("DH");
staticKeyEgri.Init(staticKeyPayir.Private);
AsymmetricCipherKeyPair ephemeralKeyPair = ephemeralKeyGen.GenerateKeyPair();
ephemeralKeyEgri = AgreementUtilities.GetBasicAgreement("DH");
ephemeralKeyEgri.Init(staticKeyPayir.Private);
AsymmetricKeyParameter StaticPublicKey = staticKeyPayir.Public;
SubjectPublicKeyInfo StaticPublicKeyinfomuz = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(StaticPublicKey);
byte[] st1 = StaticPublicKeyinfomuz.PublicKeyData.GetBytes();
byte[] staticPublic = new byte[128];
Array.Copy(st1, 3, staticPublic, 0, staticPublic.Length);
AsymmetricKeyParameter EphPublicKey = staticKeyPayir.Public;
SubjectPublicKeyInfo EphPublicKeyinfomuz = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(EphPublicKey);
byte[] ep1 = StaticPublicKeyinfomuz.PublicKeyData.GetBytes();
byte[] ephemeralPublic = new byte[128];
Array.Copy(ep1, 3, ephemeralPublic, 0, ephemeralPublic.Length);
return Bot.Birleştir(staticPublic, ephemeralPublic); // Combine 2 byte arrays
}
public bool AgreeTheKey(byte[] buffer)
{
byte[] staticpublic = new byte[128];
byte[] ephemeralpublic = new byte[128];
Array.Copy(buffer, 0, staticpublic, 0, staticpublic.Length);
Array.Copy(buffer, staticpublic.Length, ephemeralpublic, 0, ephemeralpublic.Length);
ICipherParameters istatic = new KeyParameter(staticpublic);
ICipherParameters iphemeral = new KeyParameter(ephemeralpublic);
DHPublicKeyParameters dhkpST = new DHPublicKeyParameters(new BigInteger(staticpublic), DHP);
DHPublicKeyParameters dhkpEP = new DHPublicKeyParameters(new BigInteger(staticpublic), DHP);
SharedStatic = staticKeyEgri.CalculateAgreement(dhkpST).ToByteArray();
SharedEphemeral = ephemeralKeyEgri.CalculateAgreement(dhkpEP).ToByteArray();
byte[] Sharedkey = SharedStatic;
return true;
}

If you don't want to have the added encoding, you may always cast from AsymmetricKeyParameter to DHPublicKeyParameters and retrieve Y using getY(). Of course, after getting the value as an integer, you may still want to encode it to a fixed number of octets (bytes). In general, unsigned, left padded big endian encoding is used for the numbers.

Playing around with C# encryption

Been trying to venture out and learn some C# and powershell, giving myself little projects to try and learn. Recently I have been trying to convert some code from powershell to C# and I believe I got it working but am coming across some errors creating the IV for RijndaelManaged.
This is the powershell code that works fine, pulled from the internet
function Decrypt-String($Encrypted, $Passphrase, $salt, $init="Yet another key")
{
if($Encrypted -is [string]){
$Encrypted = [Convert]::FromBase64String($Encrypted)
}
$r = new-Object System.Security.Cryptography.RijndaelManaged
$pass = [System.Text.Encoding]::UTF8.GetBytes($Passphrase)
$salt = [System.Text.Encoding]::UTF8.GetBytes($salt)
$r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
$r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
$d = $r.CreateDecryptor()
$ms = new-Object IO.MemoryStream #(,$Encrypted)
$cs = new-Object Security.Cryptography.CryptoStream $ms,$d,"Read"
$sr = new-Object IO.StreamReader $cs
Write-Output $sr.ReadToEnd()
$sr.Close()
$cs.Close()
$ms.Close()
$r.Clear()
}
And this is the C# code i moved it over to
public static string Decrypt_String(string cipherText, string passPhrase, string Salt)
{
string hashAlgorithm = "SHA1";
int passwordIterations = 5;
initName = "Yet another key";
using (RijndaelManaged r = new RijndaelManaged())
{
byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
byte[] PassPhraseBytes = Encoding.UTF8.GetBytes(passPhrase);
byte[] SaltBytes = Encoding.UTF8.GetBytes(Salt);
byte[] initVectorBytes = Encoding.UTF8.GetBytes(initName);
PasswordDeriveBytes password = new PasswordDeriveBytes(PassPhraseBytes,SaltBytes,hashAlgorithm,passwordIterations);
byte[] keyBytes = password.GetBytes(32); //(256 / 32)
r.Key = keyBytes;
SHA1Managed cHash = new SHA1Managed();
r.IV = cHash.ComputeHash(Encoding.UTF8.GetBytes(initName),0,16);
ICryptoTransform decryptor = r.CreateDecryptor();
MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
CryptoStream cryptoStream = new CryptoStream(memoryStream,
decryptor,
CryptoStreamMode.Read);
StreamReader streamReader = new StreamReader(cryptoStream);
string output = streamReader.ReadToEnd();
return output;
}
}
Currently the ComputeHash is spitting back an error telling me the value is invalid.
here are the values I am using from the working encrypt function
cipherText = "s6ZqNpJq05jsMh2+1BxZzJQDDiJGRQPqIYzBjYQHsgw="
saltValue = "}=[BJ8%)vjJDnQfmvC))))3Q"
passphrase = "S#lt3d"
Any ideas on why the IV wont set properly?
EDIT:
Sorry the exception is
Line 38: r.IV = cHash.ComputeHash(initVectorBytes, 0, 16);
Exception Details: System.ArgumentException: Value was invalid.
Kind of generic

#Nate is correct, you are using a different overload of the ComputeHash method, and you are not quite handling it properly:
Encoding.UTF8.GetBytes(initName)
This will return a byte array the same length as your string - 15. But by passing 0 and 16, you are asking ComputeHash to use the first 16 elements of the array.
cHash.ComputeHash(Encoding.UTF8.GetBytes(initName),0,16);
So this first fix is to either pass 0 and 15 (or maybe 0 and initName.Length), or better yet, go back to the overload you are using in your powershell script, which figures out the array length automatically:
cHash.ComputeHash(Encoding.UTF8.GetBytes(initName));
But you will need to shorten the resulting array (it comes back length 20, but you only want 16):
using System.Linq;
...
cHash.ComputeHash(Encoding.UTF8.GetBytes(initName)).Take(16).ToArray();