aes256-cts-hmac-sha1-96.go 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129
  1. package crypto
  2. import (
  3. "crypto/aes"
  4. "crypto/hmac"
  5. "crypto/sha1"
  6. "hash"
  7. "github.com/jcmturner/gokrb5/v8/crypto/common"
  8. "github.com/jcmturner/gokrb5/v8/crypto/rfc3961"
  9. "github.com/jcmturner/gokrb5/v8/crypto/rfc3962"
  10. "github.com/jcmturner/gokrb5/v8/iana/chksumtype"
  11. "github.com/jcmturner/gokrb5/v8/iana/etypeID"
  12. )
  13. // RFC 3962
  14. // Aes256CtsHmacSha96 implements Kerberos encryption type aes256-cts-hmac-sha1-96
  15. type Aes256CtsHmacSha96 struct {
  16. }
  17. // GetETypeID returns the EType ID number.
  18. func (e Aes256CtsHmacSha96) GetETypeID() int32 {
  19. return etypeID.AES256_CTS_HMAC_SHA1_96
  20. }
  21. // GetHashID returns the checksum type ID number.
  22. func (e Aes256CtsHmacSha96) GetHashID() int32 {
  23. return chksumtype.HMAC_SHA1_96_AES256
  24. }
  25. // GetKeyByteSize returns the number of bytes for key of this etype.
  26. func (e Aes256CtsHmacSha96) GetKeyByteSize() int {
  27. return 256 / 8
  28. }
  29. // GetKeySeedBitLength returns the number of bits for the seed for key generation.
  30. func (e Aes256CtsHmacSha96) GetKeySeedBitLength() int {
  31. return e.GetKeyByteSize() * 8
  32. }
  33. // GetHashFunc returns the hash function for this etype.
  34. func (e Aes256CtsHmacSha96) GetHashFunc() func() hash.Hash {
  35. return sha1.New
  36. }
  37. // GetMessageBlockByteSize returns the block size for the etype's messages.
  38. func (e Aes256CtsHmacSha96) GetMessageBlockByteSize() int {
  39. return 1
  40. }
  41. // GetDefaultStringToKeyParams returns the default key derivation parameters in string form.
  42. func (e Aes256CtsHmacSha96) GetDefaultStringToKeyParams() string {
  43. return "00001000"
  44. }
  45. // GetConfounderByteSize returns the byte count for confounder to be used during cryptographic operations.
  46. func (e Aes256CtsHmacSha96) GetConfounderByteSize() int {
  47. return aes.BlockSize
  48. }
  49. // GetHMACBitLength returns the bit count size of the integrity hash.
  50. func (e Aes256CtsHmacSha96) GetHMACBitLength() int {
  51. return 96
  52. }
  53. // GetCypherBlockBitLength returns the bit count size of the cypher block.
  54. func (e Aes256CtsHmacSha96) GetCypherBlockBitLength() int {
  55. return aes.BlockSize * 8
  56. }
  57. // StringToKey returns a key derived from the string provided.
  58. func (e Aes256CtsHmacSha96) StringToKey(secret string, salt string, s2kparams string) ([]byte, error) {
  59. return rfc3962.StringToKey(secret, salt, s2kparams, e)
  60. }
  61. // RandomToKey returns a key from the bytes provided.
  62. func (e Aes256CtsHmacSha96) RandomToKey(b []byte) []byte {
  63. return rfc3961.RandomToKey(b)
  64. }
  65. // EncryptData encrypts the data provided.
  66. func (e Aes256CtsHmacSha96) EncryptData(key, data []byte) ([]byte, []byte, error) {
  67. return rfc3962.EncryptData(key, data, e)
  68. }
  69. // EncryptMessage encrypts the message provided and concatenates it with the integrity hash to create an encrypted message.
  70. func (e Aes256CtsHmacSha96) EncryptMessage(key, message []byte, usage uint32) ([]byte, []byte, error) {
  71. return rfc3962.EncryptMessage(key, message, usage, e)
  72. }
  73. // DecryptData decrypts the data provided.
  74. func (e Aes256CtsHmacSha96) DecryptData(key, data []byte) ([]byte, error) {
  75. return rfc3962.DecryptData(key, data, e)
  76. }
  77. // DecryptMessage decrypts the message provided and verifies the integrity of the message.
  78. func (e Aes256CtsHmacSha96) DecryptMessage(key, ciphertext []byte, usage uint32) ([]byte, error) {
  79. return rfc3962.DecryptMessage(key, ciphertext, usage, e)
  80. }
  81. // DeriveKey derives a key from the protocol key based on the usage value.
  82. func (e Aes256CtsHmacSha96) DeriveKey(protocolKey, usage []byte) ([]byte, error) {
  83. return rfc3961.DeriveKey(protocolKey, usage, e)
  84. }
  85. // DeriveRandom generates data needed for key generation.
  86. func (e Aes256CtsHmacSha96) DeriveRandom(protocolKey, usage []byte) ([]byte, error) {
  87. return rfc3961.DeriveRandom(protocolKey, usage, e)
  88. }
  89. // VerifyIntegrity checks the integrity of the plaintext message.
  90. func (e Aes256CtsHmacSha96) VerifyIntegrity(protocolKey, ct, pt []byte, usage uint32) bool {
  91. return rfc3961.VerifyIntegrity(protocolKey, ct, pt, usage, e)
  92. }
  93. // GetChecksumHash returns a keyed checksum hash of the bytes provided.
  94. func (e Aes256CtsHmacSha96) GetChecksumHash(protocolKey, data []byte, usage uint32) ([]byte, error) {
  95. return common.GetHash(data, protocolKey, common.GetUsageKc(usage), e)
  96. }
  97. // VerifyChecksum compares the checksum of the message bytes is the same as the checksum provided.
  98. func (e Aes256CtsHmacSha96) VerifyChecksum(protocolKey, data, chksum []byte, usage uint32) bool {
  99. c, err := e.GetChecksumHash(protocolKey, data, usage)
  100. if err != nil {
  101. return false
  102. }
  103. return hmac.Equal(chksum, c)
  104. }