Last active
February 23, 2017 14:18
-
-
Save dhcgn/4ea235cdb20155ec5ea9dc9bbf3c9887 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| private const string LibraryPath = @"C:\Windows\System32\opensc-pkcs11.dll"; | |
| public static byte[] Derive(string privateEc, string publicEc) | |
| { | |
| Func<string, Session, CKO, ObjectHandle> getObjectHandle = (label, session, keyType) => | |
| { | |
| var objectAttributes = new List<ObjectAttribute> | |
| { | |
| new ObjectAttribute(CKA.CKA_CLASS, keyType), | |
| new ObjectAttribute(CKA.CKA_LABEL, label), | |
| new ObjectAttribute(CKA.CKA_TOKEN, true) | |
| }; | |
| return session.FindAllObjects(objectAttributes).First(); | |
| }; | |
| Func<ObjectHandle, Session, CKA, byte[]> getDataFromObject = (handle, session, type) => | |
| { | |
| var attributes = new List<ulong> {(ulong) type}; | |
| var requiredAttributes = session.GetAttributeValue(handle, attributes); | |
| return requiredAttributes[0].GetValueAsByteArray(); | |
| }; | |
| using (Pkcs11 pk = new Pkcs11(LibraryPath, false)) | |
| { | |
| var slot = pk.GetSlotList(false).First(); | |
| using (Session session = slot.OpenSession(false)) | |
| { | |
| session.Login(CKU.CKU_USER, UserPin); | |
| var objectPrivate = getObjectHandle(privateEc, session, CKO.CKO_PRIVATE_KEY); | |
| var objectPublic = getObjectHandle(publicEc, session, CKO.CKO_PUBLIC_KEY); | |
| var publicKey = getDataFromObject(objectPublic, session, CKA.CKA_VALUE); | |
| byte[] data = session.GenerateRandom(32); | |
| var mechanism = new Mechanism(CKM.CKM_ECDH1_DERIVE, new CkEcdh1DeriveParams(1000, data, publicKey)); | |
| var deriveAttributes = new List<ObjectAttribute> | |
| { | |
| new ObjectAttribute(CKA.CKA_TOKEN, false), | |
| new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_SECRET_KEY), | |
| new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_GENERIC_SECRET), | |
| new ObjectAttribute(CKA.CKA_SENSITIVE, false), | |
| new ObjectAttribute(CKA.CKA_EXTRACTABLE, true), | |
| new ObjectAttribute(CKA.CKA_ENCRYPT, true), | |
| new ObjectAttribute(CKA.CKA_DECRYPT, true), | |
| new ObjectAttribute(CKA.CKA_WRAP, true), | |
| new ObjectAttribute(CKA.CKA_UNWRAP, true), | |
| new ObjectAttribute( CKA.CKA_VALUE_LEN, 320/8), | |
| }; | |
| var derivedKey = session.DeriveKey(mechanism, objectPrivate, deriveAttributes); | |
| var derivedSecret = getDataFromObject(derivedKey, session, CKA.CKA_VALUE); | |
| Console.Out.WriteLine(Convert.ToBase64String(derivedSecret)); | |
| return derivedSecret; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment