Showing posts with label C#. Show all posts
Showing posts with label C#. Show all posts

Saturday, 26 September 2009

C++/C# versus Java coding productivity

I still do not get it. I see some colleagues at work coding in C# using Visual Studio .NET – mainly GUIs. I see other colleagues writing C++ (Server-side), finally others doing both in Java (Swing, JDK 6). In terms of productivity it is blatantly obvious that the Java boys – they deliver fast, and well. The C# boys are struggling with Visual Studio (what a pile of c..p) – when you compare it with Eclipse (or even Netbeans) – I am not even talking about the C++ guys stuck with VC++ 6.0 (1998!).

What I do not get is why people get stuck in inferior technologies and do not even have the will do move to another platform and take advantage of powerful IDEs (Eclipse, Netbeans) and very nice monitoring and management tools (VisualVM).

I am not going to even start talking about performance (Java is slow (FALSE!), C++ is faster (FALSE!), Java does not use native threads (FALSE!), Java is not suited for multi-cores processors (FALSE!)...

Ah la la!
Posted by at No comments:
Labels: , ,

Saturday, 28 March 2009

X509 certificate

This post shows how to generate a x509 certificate using keytool (jdk/bin), and import it from C#.

1) Use keytool to generate the public key, specifying for example keytool -genkeypair etc... -keyalg RSA -keysize 1024
2) Export the key into a X509 certificate: keytool -exportcert etc.. -rfc -file itsc.cer

If this works, on Windows, you can double-click on itsc.cer and you will see a nice window with the certificate information.

In C#, to import the certificate:


var streamReader = new StreamReader(@".....\itsc.cer");
string x509Str = streamReader.ReadToEnd();
streamReader.Close();
var x509Certificate = new X509Certificate2(Encoding.UTF8.GetBytes(x509Str));
RSACryptoServiceProvider rsaCryptoServiceProvider = (RSACryptoServiceProvider)x509Certificate.PublicKey.Key;


Back to Java.

What you need to do is to extract by code the private key from the keystore:


KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(keyStorePath), "your password".toCharArray());
Key key = keyStore.getKey("your alias", "your password".toCharArray());
Posted by at No comments:
Labels: , , ,

Sunday, 18 January 2009

RSA in C# and Java

Following up on the previous post, follows an implementation of RSA in C# and Java.

First the Java version that generates a public key:


KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(4096);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
PublicKey publicKey = keyPair.getPublic();
RSAPublicKey rsaPublicKey = (RSAPublicKey)publicKey;
BigInteger publicExponent =rsaPublicKey.getPublicExponent();
BigInteger modulus = rsaPublicKey.getModulus();



with the public exponent and the modulus, you can export this key in an xml file or stream that will be used by the C# client to read the public key.

The C# part:


var rsaCryptoServiceProvider = new RSACryptoServiceProvider();
const string keyfileName = "PKI2.xml";
var streamReader = new StreamReader(@"C:\TEMP\RSAJavaPubKey.xml");

string publicKey = streamReader.ReadToEnd();
rsaCryptoServiceProvider.FromXmlString(publicKey);
streamReader.Close();



Now what?

Let's say you are using Rendez-Vous as a protocol and you are looking for a way to cipher messages between the client and the server. the Java server can generate a public key on start-up, initiate a handshake with the C# (or Java client). The client generates a symmetric key for DES-3 or AES, the client then encrypts the symmetric key with the server's public key, sends it to the server which deciphers the symmetric key, and then you have your SSL-like protocol on top of RV.

This obviously does not solve the man in the middle attack.
Posted by at No comments:
Labels: , , ,

Thursday, 8 January 2009

AES in Java and C#

In a recent project I had to implement some symmetric encryption algorithm (AES) in both Java and C# and make sure that the Java implementation could encrypt/decrypt the data decrypted/encrypted with the C# version..
So..

In Java:


Cipher aesCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKey secretKey = new SecretKeySpec(passwordKey, "AES");

Note passwordKey must be of 16 bytes in length for 128 bits encryption.

IvParameterSpec ivParameterSpec = new IvParameterSpec(rawSecretKey);

Then I decided to use Base 64 encoding for sharing data between C# and Java.
The cipher method is:

public String encryptAsBase64(byte[] clearData) throws Exception {
BASE64Encoder _64e = new BASE64Encoder();
byte[] encryptedData = encrypt(clearData);
return _64e.encode(encryptedData);
}

public byte[] encrypt(byte[] clearData) throws Exception {
aesCipher.init(Cipher.ENCRYPT_MODE, secretKey, ivParameterSpec);
byte[] encryptedData = aesCipher.doFinal(clearData);
return encryptedData;
}


Now, let's see how do decrypt in C#:


const string password = ...;
RijndaelManaged rijndael = new RijndaelManaged();
ICryptoTransform rijndaelDecryptor =
rijndael.CreateDecryptor(passwordKey, passwordKey);

Then

byte[] newClearData =
rijndaelDecryptor.TransformFinalBlock(cryptedData, 0, cryptedData.Length);


You can use the class Convert for Base 64 encoding.
Posted by at 2 comments:
Labels: , , ,
Subscribe to: Posts (Atom)

Blog Archive