c# - Using iSeries cryptographic APIs with BouncyCastle -

c# - Using iSeries cryptographic APIs with BouncyCastle -

i'm attempting encrypt comms between c# client , iseries server experiencing issues. i'm trying utilize diffie hellman create shared secret shared secret not matching.

i'm using bouncy castle in c# , qc3* apis on iseries. steps are:

c# client generates dh parameters , sends them server along client public key. c service programme decodes parameters , calls qc3gendk create server public key. server calls qc3calds client public key generate shared secret. server public key sent client. bouncy castle basic dh understanding initialized client private key client calls calculateagreement dhpublickeyparameters generated parameters in step 1 , server public key.

the way info sent , forth converting hex strings , decoding on each side. conversion between ebcdic , ascii occurs in service programme on iseries. example, client public key converted follows:

public key (as biginteger) converted unsigned byte array, e.g. 256 -> { 1, 0 } byte array converted string of hex characters, e.g. { 1, 0 } -> "0100") hex string sent across iseries.

hex string converted character array of length 64 via next (rpg) code:

cvtch( %addr (@clientkey ): %addr(data4): 128); eval @clientkey = %subst( @clientkey: 1: 64);

where:

data4 - hex string

@clientkey - 64a receiver variable

and server key converted hex via:

convert hex string on server

cvthc ( %addr( @serverkeyhex ): %addr(@serverkey): 128); eval @serverkeyhex = %subst(@serverkeyhex: 1: 128);

where:

@serverkey 64a serverkey

@serverkeyhex 128a receiver variable

send hex string across c# client

interpret hex string biginteger via

var serverkey = new biginteger(serverhex, 16);

so, shared secret isn't matching don't know if how i'm interpreting keys or sending them across. suggestions.

edit: give concrete example:

in rpg debugger can see:

for client public key hex : 4f58e1463b66caac1bdd35c518a6b76e52e0464e635050b50c87329cfc4c154b8ea07b12af0e0b9754d5331235805cf59abe1bb500b4906bd03bcf6c7861e2e8

edit2 (more info): api calls on iseries (in c) can seen in gist: https://gist.github.com/ximenean/a0a9193b776f301997bb

i don't know conversion happening on c# side, rpg / mi side converting string string. take ebcdic string 'abcd' valid 4 byte binary number, valid 4 byte character. in ebcdic ccsid 37 (us english), string has code points x'c1c2c3c4'.

cvtch generate next string: 'c1c2c3c4' is, takes 4 character string , 'converts' 8 character string. in ccsid 37, x'c3f1c3f2c3f3c3f4'. if send string off client interprets in ascii, interpreted quite differently, ascii's code points x'c1c2c3c4' ascii string 'ÁÂÃÄ'

you want translate ascii before sending ibm side. 'c1c2c3c4' become '41424344' , on.

c# bouncycastle ibm-midrange