0

I am using ECDSA with SHA1 encryption because I am trying to make a licencing activation for a desktop application. For that I use a PHP server to which I give PC information and the server gives me the public the key and then I want to validate the data in C#.

I generated this public key in PHP:

"-----BEGIN PUBLIC KEY-----
MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEKzL3PFVVo3IWftdEYmwiSO/4zULGM/wB
8BrLjQ==
-----END PUBLIC KEY-----";

I used the code from here http://securitydriven.net/inferno/ To get to this

byte[] thePublicKeyToBytes = GetBytesFromPEM(thePublicKey2, "PUBLIC KEY");
CngKey dsaKeyPublic2 = thePublicKeyToBytes.ToPublicKeyFromBlob();

byte[] theRestToBytes = GetBytes(theRestInBinary);
byte[] meinData = GetBytes("Blabla");

using (var ecdsa = new ECDsaCng(dsaKeyPublic2) { HashAlgorithm = CngAlgorithm.Sha1 }) // verify DSA signature with public key
{
    if (ecdsa.VerifyData(meinData, theRestToBytes)) MessageBox.Show("Signature verified.");
    else MessageBox.Show("Signature verification failed.");
}

where the procedure is:

byte[] GetBytesFromPEM(string pemString, string section)
{
    var header = String.Format("-----BEGIN {0}-----", section);
    var footer = String.Format("-----END {0}-----", section);

    var start = pemString.IndexOf(header, StringComparison.Ordinal) + header.Length;
    var end = pemString.IndexOf(footer, start, StringComparison.Ordinal) - start;

    if (start < 0 || end < 0)
    {
        return null;
    }

    return Convert.FromBase64String(pemString.Substring(start, end));
}

The problem is that I get this exception "cryptographicexception the parameter is incorrect" at this line:

CngKey dsaKeyPublic2 = thePublicKeyToBytes.ToPublicKeyFromBlob();

I can't show the inferno's public key, but I saw that the length of their key is 384. Is this where I am doing it wrong? The length of the generated public key?

Andrei Dobrin
  • 1,164
  • 4
  • 19
  • 35

2 Answers2

1

Your public key is 52 bytes long - it is too short. How are you generating it?
The ToPublicKeyFromBlob() method is a shortcut for return CngKey.Import(byteArray, CngKeyBlobFormat.EccPublicBlob) - it works only on Ecc-based keys, and those generated by .NET. Inferno uses ECC keys over P384 curve, which means that each public key will have 48*2=96 bytes, plus 8 header bytes (as described here), for a total of 104 bytes.

Community
  • 1
  • 1
0

Andrei, Inferno uses the NIST P-384 curve only. More importantly, the only curves supported by .NET framework (out-of-the-box) are P-256, P-384, and P-521.