private static void AssertKeysAgree(IKeyAgreement alice, IKeyAgreement bob) { var aliceDerived = alice.GenerateAgreement(); var bobDerived = bob.GenerateAgreement(); var match = aliceDerived.Span.SequenceEqual(bobDerived.Span); if (!match) { Hex.Debug(aliceDerived.ToArray()); Hex.Debug(bobDerived.ToArray()); } Assert.IsTrue(match); var empty = new byte[aliceDerived.Length]; Assert.IsFalse(aliceDerived.Span.SequenceEqual(empty)); }
private ReadOnlyMemory <byte> DeriveDHKeyAgreement(KrbKdcRep kdcRep, KrbPaPkAsRep pkRep) { var dhKeyInfo = ValidateDHReply(pkRep); var kdcPublicKey = DiffieHellmanKey.ParsePublicKey(dhKeyInfo.SubjectPublicKey, agreement.PublicKey.KeyLength); agreement.ImportPartnerKey(kdcPublicKey); var derivedKey = agreement.GenerateAgreement(); ReadOnlySpan <byte> serverDHNonce = default; if (pkRep.DHInfo.ServerDHNonce.HasValue) { serverDHNonce = pkRep.DHInfo.ServerDHNonce.Value.Span; } var transform = CryptoService.CreateTransform(kdcRep.EncPart.EType); return(PKInitString2Key.String2Key(derivedKey.Span, transform.KeySize, clientDHNonce.Span, serverDHNonce)); }