/// <summary>
/// Decrypt the cipher text with the session key. The usage indicated
/// in section 7 of RFC4210 and section 3 of RFC4757 is used to derive key
/// from the session key.
/// </summary>
/// <param name="type">The decryption type selected.</param>
/// <param name="sessionKey">An session key used to decrypt and it can be obtained
/// from the KDC's response. This key size should be equal to the symmetric algorithm
/// key size. This argument can be null. If it is null, null will be returned.</param>
/// <param name="cipherData">The text to be decrypted. This argument can be null.
/// If it is null, null will be returned.</param>
/// <param name="usage">A 32 bits integer used to derive the key.</param>
/// <param name="getToBeSignedDateCallback">
/// A callback to get to-be-signed data.
/// The method will use decrypted data directly if this parameter is null.
/// </param>
/// <returns>The plain text.</returns>
internal static byte[] Decrypt(EncryptionType type, byte[] sessionKey, byte[] cipherData, int usage, GetToBeSignedDataFunc getToBeSignedDateCallback)
{
switch (type)
{
case EncryptionType.AES128_CTS_HMAC_SHA1_96:
return(AesCtsHmacSha1Crypto.Decrypt(sessionKey, cipherData, usage, AesKeyType.Aes128BitsKey, getToBeSignedDateCallback));
case EncryptionType.AES256_CTS_HMAC_SHA1_96:
return(AesCtsHmacSha1Crypto.Decrypt(sessionKey, cipherData, usage, AesKeyType.Aes256BitsKey, getToBeSignedDateCallback));
case EncryptionType.DES_CBC_CRC:
return(DesCbcCrypto.Decrypt(sessionKey, cipherData, EncryptionType.DES_CBC_CRC, getToBeSignedDateCallback));
case EncryptionType.DES_CBC_MD5:
return(DesCbcCrypto.Decrypt(sessionKey, cipherData, EncryptionType.DES_CBC_MD5, getToBeSignedDateCallback));
case EncryptionType.RC4_HMAC:
return(Rc4HmacCrypto.Decrypt(sessionKey, cipherData, usage, EncryptionType.RC4_HMAC, getToBeSignedDateCallback));
case EncryptionType.RC4_HMAC_EXP:
return(Rc4HmacCrypto.Decrypt(sessionKey, cipherData, usage, EncryptionType.RC4_HMAC_EXP, getToBeSignedDateCallback));
default:
throw new ArgumentException("Unsupported encryption type.");
}
}
/// <summary>
/// Decrypt specified cypher to plain text, according to specified encryption type.
/// </summary>
/// <param name="key">The decrypt key.</param>
/// <param name="cypher">The specified cypher.</param>
/// <param name="type">The specified encryption type.</param>
/// <returns>Yhe decrypted plain text.</returns>
private static byte[] Decrypt(byte[] key, byte[] cypher, EncryptionType_Values type)
{
switch (type)
{
case EncryptionType_Values.DES_CBC_CRC:
return(DesCbcCrypto.Decrypt(key, cypher, EncryptionType.DES_CBC_CRC));
case EncryptionType_Values.DES_CBC_MD5:
return(DesCbcCrypto.Decrypt(key, cypher, EncryptionType.DES_CBC_MD5));
case EncryptionType_Values.AES128_CTS_HMAC_SHA1_96:
return(AesCtsHmacSha1Crypto.Decrypt(key, cypher, KerbNonKerbSalt, AesKeyType.Aes128BitsKey));
case EncryptionType_Values.AES256_CTS_HMAC_SHA1_96:
return(AesCtsHmacSha1Crypto.Decrypt(key, cypher, KerbNonKerbSalt, AesKeyType.Aes256BitsKey));
case EncryptionType_Values.RC4_HMAC:
return(Rc4HmacCrypto.Decrypt(key, cypher, KerbNonKerbSalt, EncryptionType.RC4_HMAC));
default:
throw new ArgumentOutOfRangeException("type");
}
}
