So I’ve decided to start blogging about Meshwork, since thats what I spend most of my time on anyway. I’ve created a seporate category for Meshwork Development posts, however I’ll mark all posts under “Software Development” as well.
I finally got around to get socket< -->socket encryption up and running in Meshwork. It’s currently 192-bit TripleDES encryption using the Diffle-Hellman key exchange protocol.
I’m using the Diffle-Hellman class from Mentalis.org, which is incredibly easy to use and under an extremely generous license.
I don’t like working with streams, so I hacked together a quick wrapper to make everything much simplier. Below is a modified version of the DH test app from mentalis I wrote to figure out how to get DH and TripleDESCryptoServiceProvider working together:
using System;
using System.IO;
using Org.Mentalis.Security.Cryptography;
using System.Security;
using System.Security.Cryptography;
internal class TestApp {
public static void Main(string[] args) {
/* Do a simple DH key exchange, obviously this will usually happen
* over something like a socket */
DiffieHellman dh1 = new DiffieHellmanManaged();
DiffieHellman dh2 = new DiffieHellmanManaged();
/* This is the information that we trade with the remote client */
byte[] ke1 = dh1.CreateKeyExchange();
byte[] ke2 = dh2.CreateKeyExchange();
byte[] dh2k = dh2.DecryptKeyExchange(ke1);
byte[] dh1k = dh1.DecryptKeyExchange(ke2);
/* Print both keys to demonstrate that they are the same */
Console.WriteLine("Computed secret of instance 1:");
PrintBytes(dh1k);
Console.WriteLine("");
Console.WriteLine("Computed secret of instance 2:");
PrintBytes(dh2k);
TripleDESCryptoServiceProvider d = new TripleDESCryptoServiceProvider();
/* DH gives us 128 bytes. We want a 192-bit key so we
* use a key of 24 bytes and an iv of 8 bytes (24*8=192) */
byte[] b1 = new byte[24];
byte[] b2 = new byte[8];
Array.Copy(dh2k,0,b1,0,24);
Array.Copy(dh2k,8,b2,0,8);
/* Encrypt and decrypt a string... */
byte[] myText = System.Text.Encoding.UTF8.GetBytes("TEST? woot woot!");
byte[] ee = Encrypt(d.CreateEncryptor(b1,b2),myText);
byte[] dd = Decrypt(d.CreateDecryptor(b1,b2),ee,myText.Length);
/* Demonstrate that we got the correct result */
Console.WriteLine("");
PrintBytes(myText);
PrintBytes(dd);
Console.WriteLine("");
Console.WriteLine("Press ENTER to continue...");
Console.ReadLine();
}
private static byte[] Encrypt (ICryptoTransform theTransform , byte[] theBuffer) {
MemoryStream memStream = new MemoryStream();
CryptoStream encryptStream = new CryptoStream(memStream,theTransform, CryptoStreamMode.Write);
encryptStream.Write(theBuffer,0,theBuffer.Length);
encryptStream.FlushFinalBlock();
memStream.Position = 0;
return memStream.ToArray();
}
private static byte[] Decrypt(ICryptoTransform theTransform , byte[] theBuffer, int length) {
MemoryStream memStream = new MemoryStream();
memStream.Write(theBuffer,0,theBuffer.Length);
memStream.Position = 0;
CryptoStream decryptStream = new CryptoStream(memStream,theTransform, CryptoStreamMode.Read);
byte[] newBuff = new byte[length];
decryptStream.Read(newBuff,0,length);
decryptStream.Close();
memStream.Close();
return newBuff;
}
private static void PrintBytes(byte[] bytes) {
if (bytes == null)
return;
for(int i = 0; i < bytes.Length; i++) {
Console.Write(bytes[i].ToString("X2"));
}
Console.WriteLine();
}
}
3 Comments
sexy
is this mans middle name
Nah :)