private static byte[] Decrypt(byte[] k1, byte[] ciphertext, KeyUsage keyType) { var salt = GetSalt((int)keyType); var k2 = KerberosHash.HMACMD5(k1, salt); var checksum = new byte[HashSize]; Buffer.BlockCopy(ciphertext, 0, checksum, 0, HashSize); var k3 = KerberosHash.HMACMD5(k2, checksum); var ciphertextOffset = new byte[ciphertext.Length - HashSize]; Buffer.BlockCopy(ciphertext, HashSize, ciphertextOffset, 0, ciphertextOffset.Length); var plaintext = RC4.Decrypt(k3, ciphertextOffset); var calculatedHmac = KerberosHash.HMACMD5(k2, plaintext); if (!KerberosHash.AreEqualSlow(calculatedHmac, ciphertext, calculatedHmac.Length)) { throw new SecurityException("Invalid Checksum"); } var output = new byte[plaintext.Length - ConfounderSize]; Buffer.BlockCopy(plaintext, ConfounderSize, output, 0, output.Length); return(output); }
public static byte[] NFold(byte[] inBytes, int size) { var inBytesNum = inBytes.Length; var outBytesNum = size; var a = outBytesNum; var b = inBytesNum; var c = 0; while (b != 0) { c = b; b = a % b; a = c; } var lcm = (outBytesNum * inBytesNum) / a; var outBytes = new byte[outBytesNum]; KerberosHash.Fill(outBytes, (byte)0); var tmpByte = 0; for (var i = lcm - 1; i >= 0; i--) { var tmp = ((inBytesNum << 3) - 1); tmp += (((inBytesNum << 3) + 13) * (i / inBytesNum)); tmp += ((inBytesNum - (i % inBytesNum)) << 3); var msbit = tmp % (inBytesNum << 3); tmp = ((((inBytes[((inBytesNum - 1) - (msbit >> 3)) % inBytesNum] & 0xff) << 8) | (inBytes[((inBytesNum) - (msbit >> 3)) % inBytesNum] & 0xff)) >> ((msbit & 7) + 1)) & 0xff; tmpByte += tmp; tmp = outBytes[i % outBytesNum] & 0xff; tmpByte += tmp; outBytes[i % outBytesNum] = (byte)(tmpByte & 0xff); tmpByte >>= 8; } if (tmpByte != 0) { for (var i = outBytesNum - 1; i >= 0; i--) { tmpByte += (outBytes[i] & 0xff); outBytes[i] = (byte)(tmpByte & 0xff); tmpByte >>= 8; } } return(outBytes); }
public virtual byte[] MakeChecksum(byte[] key, byte[] data, int hashSize) { var hash = KerberosHash.KerberosHMAC(hasher, key, data); var output = new byte[hashSize]; Buffer.BlockCopy(hash, 0, output, 0, hashSize); return(output); }
protected override bool ValidateInternal(KerberosKey key) { var actualChecksum = KerberosHash.KerbChecksumHmacMd5( key.GetKey(new MD4Encryptor()), (int)KeyUsage.KU_PA_FOR_USER_ENC_CKSUM, Pac ); return(KerberosHash.AreEqualSlow(actualChecksum, Signature)); }
protected override bool ValidateInternal(KerberosKey key) { var constant = new byte[5]; KerberosHash.ConvertToBigEndian((int)KeyUsage.KU_PA_FOR_USER_ENC_CKSUM, constant, 0); constant[4] = 0x99; var Ki = encryptor.DK(key.GetKey(encryptor), constant); var actualChecksum = decryptor.MakeChecksum(Ki, Pac, decryptor.ChecksumSize); return(KerberosHash.AreEqualSlow(actualChecksum, Signature)); }
public byte[] String2Key(KerberosKey key) { return(KerberosHash.MD4(key.PasswordBytes)); }