private IKeyAgreement FromDiffieHellmanDomainParameters(KrbSubjectPublicKeyInfo clientPublicValue) { var parameters = KrbDiffieHellmanDomainParameters.DecodeSpecial(clientPublicValue.Algorithm.Parameters.Value); IKeyAgreement agreement; if (this.IsSupportedAlgorithm(KeyAgreementAlgorithm.DiffieHellmanModp14, Oakley.Group14.Prime, parameters.P)) { var cachedKey = this.Service.Principals.RetrieveKeyCache(KeyAgreementAlgorithm.DiffieHellmanModp14); agreement = CryptoPal.Platform.DiffieHellmanModp14(cachedKey); } else if (this.IsSupportedAlgorithm(KeyAgreementAlgorithm.DiffieHellmanModp2, Oakley.Group2.Prime, parameters.P)) { var cachedKey = this.Service.Principals.RetrieveKeyCache(KeyAgreementAlgorithm.DiffieHellmanModp2); agreement = CryptoPal.Platform.DiffieHellmanModp2(cachedKey); } else { var length = parameters.P.Length * 8; throw new InvalidOperationException($"Unsupported Diffie Hellman key agreement parameter with length {length}"); } var publicKey = DiffieHellmanKey.ParsePublicKey(clientPublicValue.SubjectPublicKey, agreement.PublicKey.KeyLength); agreement.ImportPartnerKey(publicKey); return(agreement); }
private async Task <IKeyAgreement> FromDiffieHellmanDomainParametersAsync(KrbSubjectPublicKeyInfo clientPublicValue) { var parameters = KrbDiffieHellmanDomainParameters.DecodeSpecial(clientPublicValue.Algorithm.Parameters.Value); IKeyAgreement agreement = null; switch (parameters.P.Length) { case 128: agreement = CryptoPal.Platform.DiffieHellmanModp2( await Service.Principals.RetrieveKeyCache(KeyAgreementAlgorithm.DiffieHellmanModp2) ); break; case 256: agreement = CryptoPal.Platform.DiffieHellmanModp14( await Service.Principals.RetrieveKeyCache(KeyAgreementAlgorithm.DiffieHellmanModp14) ); break; default: throw new InvalidOperationException("Unknown key agreement parameter"); } var publicKey = DiffieHellmanKey.ParsePublicKey(clientPublicValue.SubjectPublicKey, agreement.PublicKey.KeyLength); agreement.ImportPartnerKey(publicKey); return(agreement); }
private ReadOnlyMemory <byte> DeriveDHKeyAgreement(KrbKdcRep kdcRep, KrbPaPkAsRep pkRep) { var dhKeyInfo = ValidateDHReply(pkRep); var kdcPublicKey = DiffieHellmanKey.ParsePublicKey(dhKeyInfo.SubjectPublicKey, agreement.PublicKey.KeyLength); agreement.ImportPartnerKey(kdcPublicKey); var derivedKey = agreement.GenerateAgreement(); ReadOnlySpan <byte> serverDHNonce = default; if (pkRep.DHInfo.ServerDHNonce.HasValue) { serverDHNonce = pkRep.DHInfo.ServerDHNonce.Value.Span; } var transform = CryptoService.CreateTransform(kdcRep.EncPart.EType); return(PKInitString2Key.String2Key(derivedKey.Span, transform.KeySize, clientDHNonce.Span, serverDHNonce)); }
private async Task <IKeyAgreement> FromDiffieHellmanDomainParametersAsync(KrbSubjectPublicKeyInfo clientPublicValue) { var parameters = KrbDiffieHellmanDomainParameters.DecodeSpecial(clientPublicValue.Algorithm.Parameters.Value); var agreement = parameters.P.Length switch { 128 => CryptoPal.Platform.DiffieHellmanModp2( await Service.Principals.RetrieveKeyCache(KeyAgreementAlgorithm.DiffieHellmanModp2) ), 256 => CryptoPal.Platform.DiffieHellmanModp14( await Service.Principals.RetrieveKeyCache(KeyAgreementAlgorithm.DiffieHellmanModp14) ), _ => throw new InvalidOperationException("Unknown key agreement parameter"), }; var publicKey = DiffieHellmanKey.ParsePublicKey(clientPublicValue.SubjectPublicKey); agreement.ImportPartnerKey(publicKey); return(agreement); }