/// <summary> /// Encrypt the plain text with the session key which can be obtained /// from response message. The usage indicated in section 7 of RFC4210 /// and section 3 of RFC4757 is used to derive key from the session key. /// </summary> /// <param name="type">The encryption type selected.</param> /// <param name="sessionKey">A session key used to encrypt and it can be obtained /// from the KDC's response. This key size should be equal to the symmetric algorithm /// key size. This argument can be null. If it is null, null will be returned.</param> /// <param name="plainData">The text to be encrypted. This argument can be null. /// If it is null, null will be returned.</param> /// <param name="usage">A 32 bits integer used to derive the key.</param> /// <param name="getToBeSignedDateCallback"> /// A callback to get to-be-signed data. /// The method will use plain-text data directly if this parameter is null. /// </param> /// <returns>The cipher text.</returns> internal static byte[] Encrypt(EncryptionType type, byte[] sessionKey, byte[] plainData, int usage, GetToBeSignedDataFunc getToBeSignedDateCallback) { switch (type) { case EncryptionType.AES128_CTS_HMAC_SHA1_96: return(AesCtsHmacSha1Crypto.Encrypt(sessionKey, plainData, usage, AesKeyType.Aes128BitsKey, getToBeSignedDateCallback)); case EncryptionType.AES256_CTS_HMAC_SHA1_96: return(AesCtsHmacSha1Crypto.Encrypt(sessionKey, plainData, usage, AesKeyType.Aes256BitsKey, getToBeSignedDateCallback)); case EncryptionType.DES_CBC_CRC: return(DesCbcCrypto.Encrypt(sessionKey, plainData, EncryptionType.DES_CBC_CRC, getToBeSignedDateCallback)); case EncryptionType.DES_CBC_MD5: return(DesCbcCrypto.Encrypt(sessionKey, plainData, EncryptionType.DES_CBC_MD5, getToBeSignedDateCallback)); case EncryptionType.RC4_HMAC: return(Rc4HmacCrypto.Encrypt(sessionKey, plainData, usage, EncryptionType.RC4_HMAC, getToBeSignedDateCallback)); case EncryptionType.RC4_HMAC_EXP: return(Rc4HmacCrypto.Encrypt(sessionKey, plainData, usage, EncryptionType.RC4_HMAC_EXP, getToBeSignedDateCallback)); default: throw new ArgumentException("Unsupported encryption type."); } }
/// <summary> /// Encrypt specified plain text to cypher, according to specified encryption type. /// </summary> /// <param name="key">The encrypt key.</param> /// <param name="plain">The specified plain text.</param> /// <param name="type">The specified encryption type.</param> /// <returns>The encrypted cypher.</returns> private static byte[] Encrypt(byte[] key, byte[] plain, EncryptionType_Values type) { switch (type) { case EncryptionType_Values.DES_CBC_CRC: return(DesCbcCrypto.Encrypt(key, plain, EncryptionType.DES_CBC_CRC)); case EncryptionType_Values.DES_CBC_MD5: return(DesCbcCrypto.Encrypt(key, plain, EncryptionType.DES_CBC_MD5)); case EncryptionType_Values.AES128_CTS_HMAC_SHA1_96: return(AesCtsHmacSha1Crypto.Encrypt(key, plain, KerbNonKerbSalt, AesKeyType.Aes128BitsKey)); case EncryptionType_Values.AES256_CTS_HMAC_SHA1_96: return(AesCtsHmacSha1Crypto.Encrypt(key, plain, KerbNonKerbSalt, AesKeyType.Aes256BitsKey)); case EncryptionType_Values.RC4_HMAC: return(Rc4HmacCrypto.Encrypt(key, plain, KerbNonKerbSalt, EncryptionType.RC4_HMAC)); default: throw new ArgumentOutOfRangeException("type"); } }