Programming .NET Security : Extending the .NET Framework (part 1) - Defining the Key Exchange Formatter

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

1. ElGamal Key Exchange Explained

Our implementation of the ElGamal encryption functions exposes the "raw" algorithm; that is, unlike the Microsoft RSA implementation, our ElGamalManaged class does not format data prior to encryption.

To provide support for session key exchange, we must provide classes that extend the AsymmetricExchangeFormatter and AsymmetricExchangeDeformatter classes that we discussed in the previous section. We have selected the OAEP formatting scheme for our key exchange; we have listed the complete code for our formatting classes, which naturally includes the details of the OAEP scheme. We do not discuss the details of OAEP, and you should refer to the PKCS #1 standard (which defines both the OAEP and PKCS #1 v1.5 formatting schemes) for details.

2. Defining the Key Exchange Formatter

We begin by defining ElGamalOAEPKeyExchangeFormatter, which is our formatter class, extending the AsymmetricKeyExchangeFormatter class that we discussed in the previous section:

using System;
using System.IO;
using System.Security.Cryptography;

public class ElGamalOAEPKeyExchangeFormatter : AsymmetricKeyExchangeFormatter {
private ElGamalManaged o_algorithm;
private Random o_random;
private PKCS1MaskGenerationMethod o_mask_generator;

The constructor creates an instance of the ElGamal implementation class, ElGamalManaged. As you see in the SetKey method, you can import the keys from any implementation class that extends the abstract ElGamal class using the common parameter import and export methods. The other instance variables are related to the OAEP formatting process:

        public ElGamalOAEPKeyExchangeFormatter(  ) {
// create the instance of the algorithm
o_algorithm = new ElGamalManaged( );
// init the rnd
o_random = new Random( );
// init the mask generator
o_mask_generator = new PKCS1MaskGenerationMethod( );

The Parameters property returns the parameters of the public key that will be used to encrypt the session key; we create the result by using the ToXmlString method defined in the AsymmetricAlgorithm class:

    public override string Parameters {
get {
return o_algorithm.ToXmlString(false);

The SetKey method allows the user to specify an instance of the ElGamal algorithm that should be used for encryption; if the class is not an instance of our abstract ElGamal class, throw an exception; otherwise, import the public key parameters into the ElGamal instance created by the constructor:

    public override void SetKey(AsymmetricAlgorithm p_key) {
// encure that we are dealing with an ElGamal algorithm
if (p_key is ElGamal) {
// export the key and push it into the algorithm
} else {
// we can't continue because the algorithm
// is the one for this class
throw new ArgumentException("Key Algorithm is not ElGamal", "p_key");

The CreateKeyExchange method is responsible for formatting the session key and encrypting the result using the ElGamal implementation class; there are two overloaded versions of this method, but they are functionality equivalent, because the differentiating argument is not currently used by the .NET Framework:

    public override byte[] CreateKeyExchange(byte[] p_byte, Type p_type) {
// the Type parameter is not curently supported by the
// .NET Framework, so we just need to work with the byte array
return CreateKeyExchange(p_byte);

public override byte[] CreateKeyExchange(byte[] p_byte) {
// create the OAEP padded data
byte[] x_padded_data = CreateOAEPPaddedData(p_byte);
// create the ciphertext from the padded data
byte[] x_ciphertext = o_algorithm.EncryptData(x_padded_data);
// return the ciphertext
return x_ciphertext;

The remaining methods in this class are responsible for applying the OAEP formatting, which is outside the scope of this book:

    // the lHash value which is the preamble to an OAEP block
private byte[] o_lhash
= new BigInteger("da39a3ee5e6b4b0d3255bfef95601890afd80709", 16).getBytes( );

private byte[] CreateOAEPPaddedData(byte[] p_data) {
// create a memory stream to hold the padded data
MemoryStream x_stream = new MemoryStream( );

// define K
int x_K = o_algorithm.KeySize/8 -1;

// determine the block size
int x_max_bytes = x_K - (2 * o_lhash.Length) - 2;
// determine how many complete blocks there are
int x_complete_blocks = p_data.Length / x_max_bytes;

// run through and process the complete blocks
int i = 0;
byte[] x_block;
for (; i < x_complete_blocks; i++) {
x_block = CreateSingleOAEPBlock(p_data, i * x_max_bytes,
x_max_bytes, x_K);
x_stream.Write(x_block, 0, x_block.Length);

// process any remaining data
x_block = CreateSingleOAEPBlock(p_data, i * x_max_bytes,
p_data.Length - (i * x_max_bytes), x_K);
x_stream.Write(x_block, 0, x_block.Length);

// return the padded data
return x_stream.ToArray( );

private byte[] CreateSingleOAEPBlock(byte[] p_data, int p_offset,
int p_count, int p_K) {

// b. Generate an octet string PS consisting of
// k - mLen - 2hLen - 2 zero octets.
// The length of PS may be zero.
byte[] x_PS = new byte[p_K - p_count - (2*o_lhash.Length) -2];

// c. Concatenate lHash, PS, a single octet with
// hexadecimal value 0x01, and the message M to form a data
// block DB of length k - hLen - 1 octets as
// DB = lHash || PS || 0x01 || M .
byte[] x_DB = new byte[o_lhash.Length + x_PS.Length + 1 + p_count];
Array.Copy(o_lhash, 0, x_DB, 0, o_lhash.Length);
Array.Copy(x_PS, 0, x_DB, o_lhash.Length, x_PS.Length);
x_DB[o_lhash.Length + x_PS.Length] = 0x01;
Array.Copy(p_data, p_offset, x_DB,
o_lhash.Length + x_PS.Length + 1, p_count);

// d. Generate a random octet string seed of length hLen
BigInteger x_temp = new BigInteger( );
x_temp.genRandomBits(o_lhash.Length * 8, o_random);
byte[] x_seed = x_temp.getBytes( );

// e. Let dbMask = MGF (seed, k - hLen - 1)
byte[] x_dbMask = o_mask_generator.GenerateMask(x_seed,
p_K - o_lhash.Length -1);

// f. Let maskedDB = DB XOR dbMask.
byte[] x_maskedDB = new byte[x_DB.Length];
byte[] x_temp_arr =
(new BigInteger(x_DB) ^ new BigInteger(x_dbMask)).getBytes( );
Array.Copy(x_temp_arr, 0, x_maskedDB,
x_maskedDB.Length - x_temp_arr.Length, x_temp_arr.Length);

// g. Let seedMask = MGF (maskedDB, hLen).
byte[] x_seedMask = o_mask_generator.GenerateMask(x_maskedDB,

// h. Let maskedSeed = seed XOR seedMask.
byte[] x_maskedSeed
= (new BigInteger(x_seed) ^ new BigInteger(x_seedMask)).getBytes( );

// i. Concatenate a single octet with hexadecimal value 0x00, maskedSeed,
// and maskedDB to form an encoded message EM of length k octets as
// EM = 0x00 || maskedSeed || maskedDB
byte[] x_EM = new byte[1 + o_lhash.Length + x_DB.Length];
Array.Copy(x_maskedSeed, 0, x_EM, x_EM.Length - x_DB.Length
- x_maskedSeed.Length, x_maskedSeed.Length);
Array.Copy(x_maskedDB, 0, x_EM, x_EM.Length - x_maskedDB.Length,

// return the result
return x_EM;

  •  Programming .NET Security : Programming Cryptographic Keys (part 3) - Key Exchange Formatting
  •  Programming .NET Security : Programming Cryptographic Keys (part 2) - Using Key Persistence
  •  Programming .NET Security : Programming Cryptographic Keys (part 1) - Creating Keys
  •  Deploying a Windows Server 2008 R2 Network Policy Server
  •  Understanding Network Access Protection (NAP) in Windows Server 2008 R2
  •  Programming .NET Security : Cryptographic Keys Explained
  •  Windows Server 2008 : Transport-Level Security - Using IPSec Encryption with Windows Server 2008 R2
  •  Windows Server 2008 : Transport-Level Security - Active Directory Rights Management Services
  •  Understanding Active Directory Certificate Services (AD CS) in Windows Server 2008 R2
  •  Deploying a Public Key Infrastructure with Windows Server 2008 R2
    Top 10
    Free Mobile And Desktop Apps For Accessing Restricted Websites
    MASERATI QUATTROPORTE; DIESEL : Lure of Italian limos
    TOYOTA CAMRY 2; 2.5 : Camry now more comely
    KIA SORENTO 2.2CRDi : Fuel-sipping slugger
    How To Setup, Password Protect & Encrypt Wireless Internet Connection
    Emulate And Run iPad Apps On Windows, Mac OS X & Linux With iPadian
    Backup & Restore Game Progress From Any Game With SaveGameProgress
    Generate A Facebook Timeline Cover Using A Free App
    New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
    SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
    - Messages forwarded by Outlook rule go nowhere
    - Create and Deploy Windows 7 Image
    - How do I check to see if my exchange 2003 is an open relay? (not using a open relay tester tool online, but on the console)
    - Creating and using an unencrypted cookie in ASP.NET
    - Directories
    - Poor Performance on Sharepoint 2010 Server
    - SBS 2008 ~ The e-mail alias already exists...
    - Public to Private IP - DNS Changes
    - Send Email from Winform application
    - How to create a .mdb file from ms sql server database.......
    programming4us programming4us