I know that there are similiar questions here but still I didn't find a clear answer. Is it possible to derive the session key with the .NET library with the given concatenation function without using bouncy castle? It seems that there are some differences as I am not getting the same session key on both sides (second part: Embedded implementation).
This is how I am currently trying (TempPubKeySCC is the pubkey in raw uncompressed format which I receive and ECDHtempPublicKey will be sent to the other party):
byte[] blobMagic = new byte[4] { 0x45, 0x43, 0x4B, 0x31 };
byte[] eccBlob = new byte[8 + 64];
byte[] lengthData = new byte[4] { 0x20, 0x0, 0x0, 0x0 };
Buffer.BlockCopy(blobMagic, 0, eccBlob, 0, 4);
Buffer.BlockCopy(lengthData, 0, eccBlob, 4, 4);
Buffer.BlockCopy(TempPubKeySCC, 1, eccBlob, 8, 64);
CngKey PubKeyBySCC = CngKey.Import(eccBlob, CngKeyBlobFormat.EccPublicBlob);
byte[] SharedSecret;
byte[] ECDHtempPublicKey = new byte[65];
using (ECDiffieHellmanCng TempECDH = new ECDiffieHellmanCng(ECCurve.NamedCurves.nistP256))
{
byte[] secpre = new byte[4] { 0x00, 0x00, 0x00, 0x01 };
byte[] secpost = new byte[3] { 0x01, 0x55, 0x56 };
TempECDH.HashAlgorithm = CngAlgorithm.Sha256;
TempECDH.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
TempECDH.SecretPrepend = secpre;
TempECDH.SecretAppend = secpost;
ECDHtempPublicKey[0] = 0x04;
Buffer.BlockCopy(TempECDH.PublicKey.ToByteArray(), 8, ECDHtempPublicKey, 1, 64);
SharedSecret = TempECDH.DeriveKeyMaterial(PubKeyBySCC);
}
So my question? Is there something wrong or will I need to invest some time with bouncycastle? secp256r1 & concatenated KDF (NIST SP 800-56A) need to be used.
Thanks a lot =)
Regards Matze
