8 سال پیش · 9242a44d21
--- a/crypto/rfc4757/checksum.go
+++ b/crypto/rfc4757/checksum.go
@@ -7,6 +7,7 @@ import (
 
				 	"io"
			
 
				 )
			
 
				 
			
 
				+// Checksum returns a hash of the data in accordance with RFC 4757
			
 
				 func Checksum(key []byte, usage uint32, data []byte) ([]byte, error) {
			
 
				 	// Create hashing key
			
 
				 	s := append([]byte(`signaturekey`), byte(0x00)) //includes zero octet at end
			
@@ -15,7 +16,7 @@ func Checksum(key []byte, usage uint32, data []byte) ([]byte, error) {
 
				 	Ksign := mac.Sum(nil)
			
 
				 
			
 
				 	// Format data
			
 
				-	tb := MessageTypeBytes(usage)
			
 
				+	tb := UsageToMSMsgType(usage)
			
 
				 	p := append(tb, data...)
			
 
				 	h := md5.New()
			
 
				 	rb := bytes.NewReader(p)
			
@@ -31,6 +32,7 @@ func Checksum(key []byte, usage uint32, data []byte) ([]byte, error) {
 
				 	return mac.Sum(nil), nil
			
 
				 }
			
 
				 
			
 
				+// HMAC returns a keyed MD5 checksum of the data
			
 
				 func HMAC(key []byte, data []byte) []byte {
			
 
				 	mac := hmac.New(md5.New, key)
			
 
				 	mac.Write(data)
			
--- a/crypto/rfc4757/encryption.go
+++ b/crypto/rfc4757/encryption.go
@@ -40,7 +40,7 @@ func EncryptMessage(key, data []byte, usage uint32, export bool, e etype.EType)
 
				 		return []byte{}, fmt.Errorf("Error generating confounder: %v", err)
			
 
				 	}
			
 
				 	k1 := key
			
 
				-	k2 := HMAC(k1, MessageTypeBytes(usage))
			
 
				+	k2 := HMAC(k1, UsageToMSMsgType(usage))
			
 
				 	toenc := append(confounder, data...)
			
 
				 	chksum := HMAC(k2, toenc)
			
 
				 	k3 := HMAC(k2, chksum)
			
--- a/crypto/rfc4757/keyDerivation.go
+++ b/crypto/rfc4757/keyDerivation.go
@@ -48,7 +48,7 @@ func deriveKeys(key, checksum []byte, usage uint32, export bool) (k1, k2, k3 []b
 
				 	//k3 = HMAC(k1, checksum)
			
 
				 	//return
			
 
				 	k1 = key
			
 
				-	k2 = HMAC(k1, MessageTypeBytes(usage))
			
 
				+	k2 = HMAC(k1, UsageToMSMsgType(usage))
			
 
				 	k3 = HMAC(k2, checksum)
			
 
				 	return
			
 
				 }
			
--- a/crypto/rfc4757/msgtype.go
+++ b/crypto/rfc4757/msgtype.go
@@ -2,18 +2,19 @@ package rfc4757
 
				 
			
 
				 import "encoding/binary"
			
 
				 
			
 
				-func MessageTypeBytes(T uint32) []byte {
			
 
				+// UsageToMSMsgType converts Kerberos key usage numbers to Microsoft message type encoded as a little-endian four byte slice.
			
 
				+func UsageToMSMsgType(usage uint32) []byte {
			
 
				 	// Translate usage numbers to the Microsoft T numbers
			
 
				-	switch T {
			
 
				+	switch usage {
			
 
				 	case 3:
			
 
				-		T = 8
			
 
				+		usage = 8
			
 
				 	case 9:
			
 
				-		T = 8
			
 
				+		usage = 8
			
 
				 	case 23:
			
 
				-		T = 13
			
 
				+		usage = 13
			
 
				 	}
			
 
				 	// Now convert to bytes
			
 
				 	tb := make([]byte, 4) // We force an int32 input so we can't go over 4 bytes
			
 
				-	binary.PutUvarint(tb, uint64(T))
			
 
				+	binary.PutUvarint(tb, uint64(usage))
			
 
				 	return tb
			
 
				 }