/// <summary> /// Decrypt the cipher text with the session key. The usage indicated /// in section 7 of RFC4210 and section 3 of RFC4757 is used to derive key /// from the session key. /// </summary> /// <param name="type">The decryption type selected.</param> /// <param name="sessionKey">An session key used to decrypt and it can be obtained /// from the KDC's response. This key size should be equal to the symmetric algorithm /// key size. This argument can be null. If it is null, null will be returned.</param> /// <param name="cipherData">The text to be decrypted. This argument can be null. /// If it is null, null will be returned.</param> /// <param name="usage">A 32 bits integer used to derive the key.</param> /// <param name="getToBeSignedDateCallback"> /// A callback to get to-be-signed data. /// The method will use decrypted data directly if this parameter is null. /// </param> /// <returns>The plain text.</returns> internal static byte[] Decrypt(EncryptionType type, byte[] sessionKey, byte[] cipherData, int usage, GetToBeSignedDataFunc getToBeSignedDateCallback) { switch (type) { case EncryptionType.AES128_CTS_HMAC_SHA1_96: return(AesCtsHmacSha1Crypto.Decrypt(sessionKey, cipherData, usage, AesKeyType.Aes128BitsKey, getToBeSignedDateCallback)); case EncryptionType.AES256_CTS_HMAC_SHA1_96: return(AesCtsHmacSha1Crypto.Decrypt(sessionKey, cipherData, usage, AesKeyType.Aes256BitsKey, getToBeSignedDateCallback)); case EncryptionType.DES_CBC_CRC: return(DesCbcCrypto.Decrypt(sessionKey, cipherData, EncryptionType.DES_CBC_CRC, getToBeSignedDateCallback)); case EncryptionType.DES_CBC_MD5: return(DesCbcCrypto.Decrypt(sessionKey, cipherData, EncryptionType.DES_CBC_MD5, getToBeSignedDateCallback)); case EncryptionType.RC4_HMAC: return(Rc4HmacCrypto.Decrypt(sessionKey, cipherData, usage, EncryptionType.RC4_HMAC, getToBeSignedDateCallback)); case EncryptionType.RC4_HMAC_EXP: return(Rc4HmacCrypto.Decrypt(sessionKey, cipherData, usage, EncryptionType.RC4_HMAC_EXP, getToBeSignedDateCallback)); default: throw new ArgumentException("Unsupported encryption type."); } }
/// <summary> /// Decrypt specified cypher to plain text, according to specified encryption type. /// </summary> /// <param name="key">The decrypt key.</param> /// <param name="cypher">The specified cypher.</param> /// <param name="type">The specified encryption type.</param> /// <returns>Yhe decrypted plain text.</returns> private static byte[] Decrypt(byte[] key, byte[] cypher, EncryptionType_Values type) { switch (type) { case EncryptionType_Values.DES_CBC_CRC: return(DesCbcCrypto.Decrypt(key, cypher, EncryptionType.DES_CBC_CRC)); case EncryptionType_Values.DES_CBC_MD5: return(DesCbcCrypto.Decrypt(key, cypher, EncryptionType.DES_CBC_MD5)); case EncryptionType_Values.AES128_CTS_HMAC_SHA1_96: return(AesCtsHmacSha1Crypto.Decrypt(key, cypher, KerbNonKerbSalt, AesKeyType.Aes128BitsKey)); case EncryptionType_Values.AES256_CTS_HMAC_SHA1_96: return(AesCtsHmacSha1Crypto.Decrypt(key, cypher, KerbNonKerbSalt, AesKeyType.Aes256BitsKey)); case EncryptionType_Values.RC4_HMAC: return(Rc4HmacCrypto.Decrypt(key, cypher, KerbNonKerbSalt, EncryptionType.RC4_HMAC)); default: throw new ArgumentOutOfRangeException("type"); } }