public ReadOnlyMemory <byte> GetKey(KerberosCryptoTransformer transformer = null)
{
if (!this.RequiresDerivation)
{
return(this.key);
}
if (transformer == null)
{
transformer = CryptoService.CreateTransform(this.EncryptionType);
}
if (transformer == null)
{
throw new NotSupportedException();
}
if (this.keyCache.Length <= 0)
{
lock (this._keyLock)
{
if (this.keyCache.Length <= 0)
{
this.keyCache = transformer.String2Key(this);
}
}
}
return(this.keyCache);
}
public ReadOnlyMemory <byte> GetKey(KerberosCryptoTransformer transformer = null)
{
if (key != null && key.Length > 0)
{
return(key);
}
if (transformer == null)
{
transformer = CryptoService.CreateTransform(EncryptionType);
}
if (transformer == null)
{
throw new NotSupportedException();
}
if (keyCache.Length <= 0)
{
lock (_keyLock)
{
if (keyCache.Length <= 0)
{
keyCache = transformer.String2Key(this);
}
}
}
return(keyCache);
}
internal ReadOnlyMemory <byte> GetOrDeriveKey(
KerberosCryptoTransformer transformer,
string cacheKey,
Func <ReadOnlyMemory <byte>, ReadOnlyMemory <byte> > dk
)
{
var derived = DerivedKeyCache.GetOrAdd(cacheKey, str => dk(GetKey(transformer)));
return(derived);
}
public override bool Equals(object obj)
{
if (obj is not KerberosKey key)
{
return(base.Equals(obj));
}
return(KerberosCryptoTransformer.AreEqualSlow(this.GetKey().Span, key.GetKey().Span) &&
this.EncryptionType == key.EncryptionType);
}
public override bool Equals(object obj)
{
var key = obj as KerberosKey;
if (key == null)
{
return(base.Equals(obj));
}
return(KerberosCryptoTransformer.AreEqualSlow(this.GetKey().Span, key.GetKey().Span) &&
this.EncryptionType == key.EncryptionType);
}
public ReadOnlyMemory <byte> GetKey(KerberosCryptoTransformer transformer = null)
{
if (!this.RequiresDerivation)
{
return(this.key);
}
if (transformer == null)
{
transformer = CryptoService.CreateTransform(this.EncryptionType);
}
if (transformer == null)
{
throw new NotSupportedException($"Unknown EType: {this.EncryptionType}");
}
return(this.keyCache.GetOrAdd(transformer.EncryptionType, etype => transformer.String2Key(this)));
}
public byte[] GetKey(KerberosCryptoTransformer transformer = null)
{
if (key != null && key.Length > 0)
{
return(key);
}
if (transformer == null)
{
transformer = CryptoService.CreateTransform(EncryptionType);
}
if (transformer == null)
{
throw new NotSupportedException();
}
return(transformer.String2Key(this));
}
protected override bool ValidateInternal(KerberosKey key)
{
var actualChecksum = SignInternal(key);
return(KerberosCryptoTransformer.AreEqualSlow(actualChecksum, Signature.Span));
}
protected AesPacKerberosChecksum(KerberosCryptoTransformer decryptor, ReadOnlyMemory <byte> signature, ReadOnlyMemory <byte> pac)
: base(signature, pac)
{
this.decryptor = decryptor;
}
protected AesPacKerberosChecksum(KerberosCryptoTransformer decryptor, byte[] signature, byte[] pac)
: base(signature, pac)
{
this.decryptor = decryptor;
}
private static Memory <byte> PseudoRandomPlus(ReadOnlyMemory <byte> key, ReadOnlyMemory <byte> pepper, KerberosCryptoTransformer handler)
{
// PRF+(protocol key, octet string) -> (octet string)
// PRF+(key, shared-info) := pseudo-random(key, 1 || shared-info ) ||
// pseudo-random(key, 2 || shared-info ) ||
// pseudo-random(key, 3 || shared-info ) || ...
using (var pool = CryptoPool.Rent <byte>(pepper.Length + 1))
{
Memory <byte> input = pool.Memory.Slice(0, pepper.Length + 1);
int prfSize = handler.BlockSize;
int iterations = handler.KeySize / prfSize;
if (handler.KeySize % prfSize > 0)
{
iterations++;
}
input.Span[0] = 1;
pepper.CopyTo(input.Slice(1));
Memory <byte> result = new byte[prfSize * iterations];
for (var i = 0; i < iterations; i++)
{
handler.PseudoRandomFunction(key, input)
.Slice(0, prfSize)
.CopyTo(result.Slice(i * prfSize));
input.Span[0]++;
}
return(result);
}
}
