public static byte[] GenerateClientDecryptionKey(byte[] sessionKey, SMB2Dialect dialect, byte[] preauthIntegrityHashValue)
{
if (dialect == SMB2Dialect.SMB311 && preauthIntegrityHashValue == null)
{
throw new ArgumentNullException(nameof(preauthIntegrityHashValue));
}
string labelString = (dialect == SMB2Dialect.SMB311) ? "SMBS2CCipherKey" : "SMB2AESCCM";
byte[] label = GetNullTerminatedAnsiString(labelString);
byte[] context = (dialect == SMB2Dialect.SMB311) ? preauthIntegrityHashValue : GetNullTerminatedAnsiString("ServerOut");
using HMACSHA256 hmac = new HMACSHA256(sessionKey);
return(SP800_1008.DeriveKey(hmac, label, context, 128));
}
public static byte[] GenerateSigningKey(byte[] sessionKey, SMB2Dialect dialect, byte[]?preauthIntegrityHashValue)
{
if (dialect == SMB2Dialect.SMB202 || dialect == SMB2Dialect.SMB210)
{
return(sessionKey);
}
if (dialect == SMB2Dialect.SMB311 && preauthIntegrityHashValue == null)
{
throw new ArgumentNullException(nameof(preauthIntegrityHashValue));
}
string labelString = (dialect == SMB2Dialect.SMB311) ? "SMBSigningKey" : "SMB2AESCMAC";
byte[] label = GetNullTerminatedAnsiString(labelString);
byte[] context = (dialect == SMB2Dialect.SMB311) ? preauthIntegrityHashValue ! : GetNullTerminatedAnsiString("SmbSign");
using HMACSHA256 hmac = new HMACSHA256(sessionKey);
return(SP800_1008.DeriveKey(hmac, label, context, 128));
}