private static ReadOnlyMemory <byte> DR(ReadOnlyMemory <byte> key, ReadOnlyMemory <byte> constant, int keySize, int blockSize)
{
var keyBytes = new Memory <byte>(new byte[keySize]);
ReadOnlyMemory <byte> Ki;
if (constant.Length != blockSize)
{
Ki = NFold(constant.Span, blockSize);
}
else
{
Ki = constant;
}
var n = 0;
do
{
Ki = AESCTS.Encrypt(Ki, key, AllZerosInitVector);
if (n + blockSize >= keySize)
{
Ki.CopyTo(keyBytes.Slice(n, keySize - n));
break;
}
Ki.CopyTo(keyBytes.Slice(n, blockSize));
n += blockSize;
}while (n < keySize);
return(keyBytes);
}
public override ReadOnlyMemory <byte> Encrypt(ReadOnlyMemory <byte> data, KerberosKey kerberosKey, KeyUsage usage)
{
var Ke = kerberosKey.GetOrDeriveKey(
this,
$"{usage}|Ke|{KeySize}|{BlockSize}",
key => DK(key.Span, usage, KeyDerivationMode.Ke, KeySize, BlockSize)
);
var confounder = GenerateRandomBytes(ConfounderSize);
var concatLength = confounder.Length + data.Length;
using (var cleartextPool = CryptoPool.Rent <byte>(concatLength))
{
var cleartext = Concat(confounder.Span, data.Span, cleartextPool.Memory.Slice(0, concatLength));
var encrypted = AESCTS.Encrypt(
cleartext,
Ke.Span,
AllZerosInitVector.Span
);
var checksum = MakeChecksum(cleartext, kerberosKey, usage, KeyDerivationMode.Ki, ChecksumSize);
return(Concat(encrypted.Span, checksum.Span));
}
}
private byte[] DR(byte[] key, byte[] constant)
{
var keyBytes = new byte[KeySize];
byte[] Ki;
if (constant.Length != BlockSize)
{
Ki = NFold(constant, BlockSize);
}
else
{
Ki = new byte[constant.Length];
Buffer.BlockCopy(constant, 0, Ki, 0, constant.Length);
}
var n = 0;
do
{
Ki = AESCTS.Encrypt(Ki, key, AllZerosInitVector);
if (n + BlockSize >= KeySize)
{
Buffer.BlockCopy(Ki, 0, keyBytes, n, KeySize - n);
break;
}
Buffer.BlockCopy(Ki, 0, keyBytes, n, BlockSize);
n += BlockSize;
}while (n < KeySize);
return(keyBytes);
}
public override ReadOnlyMemory <byte> Encrypt(ReadOnlyMemory <byte> data, KerberosKey kerberosKey, KeyUsage usage)
{
var Ke = kerberosKey.GetOrDeriveKey(
this,
$"{usage}|Ke|{KeySize}|{BlockSize}",
key => DK(key.Span, usage, KeyDerivationMode.Ke, KeySize, BlockSize).AsMemory()
);
var confounder = GenerateRandomBytes(ConfounderSize);
var cleartext = Concat(confounder.Span, data.Span);
var encrypted = AESCTS.Encrypt(
cleartext.Span,
Ke,
AllZerosInitVector.Span
);
var checksum = MakeChecksum(cleartext.Span, kerberosKey, usage, KeyDerivationMode.Ki, ChecksumSize);
return(Concat(encrypted, checksum));
}
public override ReadOnlyMemory <byte> Encrypt(ReadOnlyMemory <byte> data, KerberosKey kerberosKey, KeyUsage usage)
{
var key = kerberosKey.GetKey(this);
var Ke = DK(key, usage, KeyDerivationMode.Ke);
var cleartext = new Memory <byte>(new byte[ConfounderSize + data.Length]);
var confounder = GenerateRandomBytes(ConfounderSize);
confounder.CopyTo(cleartext.Slice(0, ConfounderSize));
data.CopyTo(cleartext.Slice(ConfounderSize, data.Length));
var encrypted = AESCTS.Encrypt(
cleartext.ToArray(),
Ke,
AllZerosInitVector
);
var checksum = MakeChecksum(cleartext.ToArray(), key, usage, KeyDerivationMode.Ki, ChecksumSize);
return(new ReadOnlyMemory <byte>(encrypted.Concat(checksum).ToArray()));
}
public override ReadOnlyMemory <byte> Encrypt(ReadOnlyMemory <byte> data, KerberosKey kerberosKey, KeyUsage usage)
{
var ke = this.GetOrDeriveKey(kerberosKey, usage);
var confounder = this.GenerateRandomBytes(this.ConfounderSize);
var concatLength = confounder.Length + data.Length;
using (var cleartextPool = CryptoPool.Rent <byte>(concatLength))
{
var cleartext = Concat(confounder.Span, data.Span, cleartextPool.Memory.Slice(0, concatLength));
var encrypted = AESCTS.Encrypt(
cleartext,
ke,
AllZerosInitVector
);
var checksum = this.MakeChecksum(cleartext, kerberosKey, usage, KeyDerivationMode.Ki, this.ChecksumSize);
return(Concat(encrypted.Span, checksum.Span));
}
}