diffi | A version controlled archive of web policies | Authorization library

The referenced Python code uses P-384 (aka secp384r1) as elliptic curve. This is compatible with the WebCrypto API, which supports three curves P-256 (aka secp256r1), P-384 and P-521 (aka secp521r1), see EcKeyImportParams.

The following WebCrypto code generates a shared secret using ECDH and derives an AES key from the shared secret using HKDF. In detail the following happens:

• To allow comparison of the derived key with that of the referenced Python code, predefined EC keys are applied. The private key is imported as PKCS#8, the public key as X.509/SPKI. Note that due to a Firefox bug concerning the import of EC keys, the script below cannot be run in the Firefox browser.
• After the import the shared secret is created with ECDH using deriveBits() (and not deriveKey()).
• The shared secret is imported with importKey() and then the AES key is derived using HKDF, again with deriveBits().

see below (the code collects the tables data into a dict)

Here I compute 3D transformation matrices (4 x 4 matrices) for 2D translation, scale, and rotation. I also compose them with explicit concatenation in the style transform, or by pre multiplying the matrices.

Your server/device seems to require some dummy keyboard interactive authentication:

Your server seems to issue two keyboard-interactive authentication challenges

• First, a prompt for a password
• Second, a banner with no prompts.

So you will have to do something like this:

As far as I know, the NodeJS crypto module does not support the X.509/SPKI format for the public key in ECDH context, but only the raw key. However, it is possible to derive the raw key from the X.509/SPKI key.

The X.509/SPKI key generated with the WebCrypto code encapsulates the raw (more precisely uncompressed) key, 0x04 + + , which is localized at the end. For P-256 aka prime256v1 the last 65 bytes correspond to the raw key. The front part is identical for different P-256 keys.

This way, in the NodeJS code, the raw key for P-256 can be determined as the last 65 bytes from the X.509/SPKI key.
Similarly, the front part of the X.509/SPKI key can be concatenated with the raw key generated with the NodeJS code, thus converting the raw key to the X.509/SPKI format.

The NodeJS code for this is:

Since I simply wanted an encrypted connection, going with OpenSSL was the way to go.

ECDiffieHellmanCng(CngKey.Create(CngAlgorithm.ECDsaP256))
This implies there is some kind of difference between the key types.

When you try to initialize an ECDiffieHellmanCng using a CngKey during runtime is verifies that the CngKey that you provided is part of a particular list of algorithms, MSDN calls them the Elliptic Curve Diffie-Hellman (ECDH) algorithm group, which has four valid AlgorithmGroup names ECDH,ECDiffieHellman,ECDiffieHellmanCng, and System.Security.Cryptography.ECDiffieHellmanCng, which all refer to the same implementation.

When you create a CngKey with CngAlgorithm.ECDiffieHellmanP256 you get a valid ECDH key who's AlgorithmGroup is ECDH, which is valid as a parameter to create a ECDiffieHellmanCng to perform key exchanges.

However, when you create a CngKey with CngAlgorithm.ECDsaP256 you get a key with an AlgorithmGroup of ECDSA which is not a valid AlgorithmGroup to create a ECDiffieHellmanCng to perform key exchanges.

The ECDSA AlgorithmGroup is used to denote a CngKey who's purpose to to perform Elliptic-curve Digital Signatures, and explicitly not perform key exchanges. This key can't be used with a ECDiffieHellmanCng to perform key exchanges because it most probably does not contain enough, valid and/or secure information to perform key exchanges with another party.

You're able to construct valid EC signatures using ECDsaCng with both ECDH and ECDSA CngKeys because they both contain enough, valid, or secure information to construct and perform a digital signatures. However, the reverse is not the same due to the limitations MSDN created when performing key exchanges, with their implementation of ECDiffieHellmanCng, in addition to the probable missing information/format the ECDSA CngKey key prevents the proper calculation of a key exchange.

We can verify this information with a short test script

So the issue was I was using the wrong username, but it was still throwing a key authentication error.

Per @martin-prikryl's request, I attempted to connect using PuTTY, and found a nice tutorial specifically using PuTTY to SSH into Bluehost.

I had first written a script for FTP, and that used the Bluehost FTP account you can specifically create on their site. When I decided to write my SSH script, I used the same username. Alas, but for SSH, Bluehost wants the main login's username, NOT the FTP account one.

But it still recognizes the username on some level, but then the key is not linked to it, thus the key authentication error.

So I used PuTTy with the main username and that worked fine.

I then updated my script (credit to this stackoverflow post)

My new script that uploads an entire dir to bluehost using SSH: