public override ReadOnlyMemory <byte> PseudoRandomFunction(ReadOnlyMemory <byte> key, ReadOnlyMemory <byte> input) { // aes-ecb(trunc128(sha-1(input))) using (var sha1 = CryptoPal.Platform.Sha1()) { var checksum = sha1.ComputeHash(input.Span).Slice(0, AesBlockSize); var kp = this.DK(key, PrfConstant, this.KeySize, this.BlockSize); return(AESCTS.Encrypt(checksum, kp, AllZerosInitVector)); } }
public override ReadOnlyMemory <byte> Encrypt(ReadOnlyMemory <byte> data, KerberosKey kerberosKey, KeyUsage usage) { var ke = this.GetOrDeriveKey(kerberosKey, usage, KeyDerivationMode.Ke); ReadOnlyMemory <byte> confounder; if (this.Confounder.Length > 0) { confounder = this.Confounder; } else { confounder = this.GenerateRandomBytes(this.ConfounderSize); } var concatLength = confounder.Length + data.Length; using (var cleartextPool = CryptoPool.Rent <byte>(concatLength)) { var cleartext = cleartextPool.Memory.Slice(0, concatLength); Concat(confounder.Span, data.Span, cleartext); var encrypted = AESCTS.Encrypt( cleartext, ke, AllZerosInitVector ); var checksumDataLength = AllZerosInitVector.Length + encrypted.Length; using (var checksumDataRented = CryptoPool.Rent <byte>(checksumDataLength)) { var checksumData = checksumDataRented.Memory.Slice(0, checksumDataLength); Concat(AllZerosInitVector.Span, encrypted.Span, checksumData); var checksum = this.MakeChecksum(checksumData, kerberosKey, usage, KeyDerivationMode.Ki, this.ChecksumSize); return(Concat(encrypted.Span, checksum.Span)); } } }
public override ReadOnlyMemory <byte> Decrypt(ReadOnlyMemory <byte> cipher, KerberosKey kerberosKey, KeyUsage usage) { var cipherLength = cipher.Length - this.ChecksumSize; var ke = this.GetOrDeriveKey(kerberosKey, usage, KeyDerivationMode.Ke); var decrypted = AESCTS.Decrypt( cipher.Slice(0, cipherLength), ke, AllZerosInitVector ); var actualChecksum = this.MakeChecksum(decrypted, kerberosKey, usage, KeyDerivationMode.Ki, this.ChecksumSize); var expectedChecksum = cipher.Slice(cipherLength, this.ChecksumSize); if (!AreEqualSlow(expectedChecksum.Span, actualChecksum.Span)) { throw new SecurityException("Invalid checksum"); } return(decrypted.Slice(this.ConfounderSize, cipherLength - this.ConfounderSize)); }
public void Encrypt(byte[] key, byte[] iv, byte[] tmpEnc) { var output = AESCTS.Encrypt(tmpEnc, key, iv); Buffer.BlockCopy(output, 0, tmpEnc, 0, output.Length); }