protected virtual ReadOnlyMemory <byte> DR(ReadOnlyMemory <byte> key, ReadOnlyMemory <byte> constant, int keySize, int blockSize)
{
var keyBytes = new Memory <byte>(new byte[keySize]);
ReadOnlyMemory <byte> ki;
if (constant.Length != blockSize)
{
ki = NFold(constant.Span, blockSize);
}
else
{
ki = constant;
}
var n = 0;
do
{
ki = AESCTS.Encrypt(ki, key, AllZerosInitVector);
if (n + blockSize >= keySize)
{
ki.CopyTo(keyBytes.Slice(n, keySize - n));
break;
}
ki.CopyTo(keyBytes.Slice(n, blockSize));
n += blockSize;
}while (n < keySize);
return(keyBytes);
}
public override ReadOnlyMemory <byte> Encrypt(ReadOnlyMemory <byte> data, KerberosKey kerberosKey, KeyUsage usage)
{
var ke = this.GetOrDeriveKey(kerberosKey, usage, KeyDerivationMode.Ke);
var confounder = this.GenerateRandomBytes(this.ConfounderSize);
var concatLength = confounder.Length + data.Length;
using (var cleartextPool = CryptoPool.Rent <byte>(concatLength))
{
var cleartext = cleartextPool.Memory.Slice(0, concatLength);
Concat(confounder.Span, data.Span, cleartext);
var encrypted = AESCTS.Encrypt(
cleartext,
ke,
AllZerosInitVector
);
var checksum = this.MakeChecksum(cleartext, kerberosKey, usage, KeyDerivationMode.Ki, this.ChecksumSize);
return(Concat(encrypted.Span, checksum.Span));
}
}
public override ReadOnlyMemory <byte> PseudoRandomFunction(ReadOnlyMemory <byte> key, ReadOnlyMemory <byte> input)
{
// aes-ecb(trunc128(sha-1(input)))
using (var sha1 = CryptoPal.Platform.Sha1())
{
var checksum = sha1.ComputeHash(input.Span).Slice(0, AesBlockSize);
var kp = this.DK(key, PrfConstant, this.KeySize, this.BlockSize);
return(AESCTS.Encrypt(checksum, kp, AllZerosInitVector));
}
}
public void Encrypt(byte[] key, byte[] iv, byte[] tmpEnc)
{
var output = AESCTS.Encrypt(tmpEnc, key, iv);
Buffer.BlockCopy(output, 0, tmpEnc, 0, output.Length);
}