Hi All
New to these forums (and XProtect). Am wondering if there are any C# (or VB) examples for the Diffie-Hellman key exchange for the mobile server. I’m no expert on SSL etc, but it seems the format is quite specific and trying to translate from Milestone’s JS example is proving difficult.
Any help would be much appreciated!
Thanks
Gary
You can take a look at the mobile server sample coded in JScript - these libraries contains handling of connection etc. It might even make sense to convert the JScript to whatever language you prefer 
MIPSDK/ProtocolSamples/MobilePlaybackSample/DemoApp2/js/Security
Thanks for the response. Yes that’s what I’ve been trying to work through. I have the have the connection working fine without SSL but of course i need to secure the connection and the problem is that there are hundreds / possibly thousands of lines of code just for the key exchange. Unless I can find some utility that translates accurately from JS to C# it’s going to be a nightmare to replicate.
Ok, after much wailing and gnashing of teeth, I managed to get this working. I created my own IO translation methods, Diffie Hellman methods, plus wrappers for the standard c# encryption libs. The main problems were in just trying to translate what some of the standard JS libs were actually doing/outputting (CryptoJS is a pain since not particularly well documented). Also, the data changes format so many times between it’s SOAP and fully decoded formats that it’s easy to get bogged down and for errors to be introduced at lots of different points - ie the data formats include base64, hex, byte array, reversed byte array, Big Integer, AES encrypted…
Anyway, if anyone needs any help with this, please DM me
Cheers
Gary
HI Gary,
I’m wokring on a similar c# project. Instead of using the CryptoJS library I want to use my own c# implementation of it. I think what you figured out would be beneficail to me. Please share…
My problem is when I send my public key (172 bytes. using IV as part of the key) to mobile server, it responds back with its own public key (140 bytes). Since they are different byte sizes it fails my DH import to create the private key.
I’m using the System,Security.Cryptography ECDiffieHellmanCng library.
with SHA256 and AES to encrypt\decrypt. I would like to hear more about how you implemented it.
Thanks,
Mike
Hi Gary,
can u share it??
Thank you Gary.
Note that the Mobile Server protocol sample has for some time had routines for authentication that was lacking in the Mobile Playback protocol sample, but in the upcoming MIP SDK 2017R3 the Mobile Playback protocol sample has been updated, and the two samples should now be aligned.
I do not know if the routines in the [C:\Program](file:C:/Program) Files\Milestone\MIPSDK\ProtocolSamples\MobileServerSample\DemoApp\js\security folder could have helped you. I suspect you have done work beyond the samples content. Thank you for your update.