c# - Load certificate keys into CngKey class for use with DiffieHellman (ECDiffieHellmanCng class) -


this related .net / c#. lets assume there certificate + private key (p521 ecc one) inside pfx or pkcs#12 file. have loaded certificate , it's private key windows certificate store installing (either double clicking pfx or running certutil -f -p mypfxpassword -importpfx someeccert.pfx). have noted if certificate compatible (eg. p521 curve), automatically installed cng certificate/key.

now, how can load private key cngkey can use inside ecdiffiehellmancng class? load x509 (cng) certificate read it's serial #, issuer, common name etc bookkeeping. 

var mycngkey = somehowloadthecngkey("my ecc certificate"); // <== ?? var mydh = new ecdiffiehellmancng(mycngkey);

well, .net's doesn't have api cng. if scratch surface of api see it's kinda ridiculous, considering both microsoft , cng serious of crypto apis on entire windows platform.

so need use clrsecurity provides c# interfaces (via p/invoke) c++ cng api. it's not nicest of api designs; helps.

// load cert, many ways, 1 implementation var store = new x509store(storename.my, storelocation.localmachine); store.open(openflags.openexistingonly | openflags.readonly); var certs = store.certificates.find(x509findtype.findbysubjectname, "my cert subject name", true); store.close();  if (certs.count > 0)     cert = certs[0]; else     return;  // magic happens here! load private cngkey (if exists) // need clr security this, manages p/invoke // c++ api behind scenes.  var pvtcngkey = cert.getcngprivatekey();   // create diffiehellman helper var ecdh = new ecdiffiehellmancng(ourpvteccngkey) {    keyderivationfunction = ecdiffiehellmankeyderivationfunction.hash,    hashalgorithm = cngalgorithm.sha256 };  ecdiffiehellmancngpublickey theirpubcngkey = loadotherpartiescngpublickey(theircert); byte[] symkey = ecdh.derivekeymaterial(theirpubcngkey);

Comments

Post a Comment

Popular posts from this blog

curl - PHP fsockopen help required -

i trying work on cloudflare api , have found in documentation. unfortunately have no idea how can use in fsockopen or through curl. here example of post request. need know how can make request below data post using curl or fsockopen curl https://www.cloudflare.com/api_json.html -d 'a=cache_lvl' \ -d 'tkn=8afbe6dea02407989af4dd4c97bb6e25' \ -d 'email=sample@example.com' \ -d 'z=example.com' \ -d 'v=agg' here link cloudflare https://www.cloudflare.com/docs/client-api.html#s4.2 try one: $ch = curl_init("https://www.cloudflare.com/api_json.html"); curl_setopt($ch, curlopt_returntransfer,1); curl_setopt($ch, curlopt_followlocation, 1); curl_setopt($ch, curlopt_ssl_verifypeer,false); // handling of -d curl parameter here. $param = array( 'a' => 'cache_lvl', 'tkn' => '8afbe6dea02407989af4dd4c97bb6e25', 'email' => 'sample@example.com', 'z' =...
Read more

HTTP/1.0 407 Proxy Authentication Required PHP -

i working in restricted network/limited access internet. since have use proxy make web service call. here php code calling web service , response . $client = new soapclient("http: //www.xyz.com/abc/wsdls/login.wsdl", array("trace" => 1, "exceptions" => 1, 'proxy_host' => $proxy_host, 'proxy_port' => $proxy_port, 'proxy_login' => $proxy_login, 'proxy_password' => $proxy_password)); response is fatal error: uncaught soapfault exception: [wsdl] soap-error: parsing wsdl: couldn't load ' http://www.xyz.com/abc/wsdls/login.wsdl ' : failed load external entity if copy url error message , paste in browser(with same proxy settings) works. 2nd scenario is, if pass values instead of variables giving me diffarant response $client = new soapclient("http: //www.xyz.com/abc/wsdls/login.wsdl", array("trace" => 1, "exceptions" => 1, 'proxy_host' ...
Read more

c# - Resource not found error -

i have problem accessing method on homecontroller. show code of method : [httpget] public actionresult decriptidentifiantetredirige(string login_crypter, string mdp_crypter) { string loginacrypter = _globalmanager.protegemotdepasse(login_crypter); string mdpacrypter = _globalmanager.protegemotdepasse(mdp_crypter); user userapp = new models.user(login_crypter, mdp_crypter); if (userapp.authentificationvalidee(userapp.userlogin, userapp.password)) { session["name"] = userapp.userlogin; return redirecttoaction("accueil", "home"); } else { return redirecttoaction("validerauthentification", "home"); } } then in routeconfig.cs wrote route : routes.maproute( name: "authentificationapresdecryptage", url: "{controller}/{action}/{login_crypter}/{mdp_crypter}", defaults: new...
Read more