Ana Sayfa Keşfet Yardım
Üye Ol Giriş Yap
publics
/
gokrb5.v7
0
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Dal: master
Dallar Biçim İmleri
gokrb5.v7
/
crypto
/
common
/
common.go

common.go 4.7 KB
Kalıcı Bağlantı Geçmiş Ham

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143 
  1. // Package common provides encryption methods common across encryption types
    2. 

  2. package common
    3. 

  3. 

  4. import (
    5. 

  5. 	"bytes"
    6. 

  6. 	"crypto/hmac"
    7. 

  7. 	"encoding/binary"
    8. 

  8. 	"encoding/hex"
    9. 

  9. 	"errors"
    10. 

  10. 	"fmt"
    11. 

  11. 

  12. 	"gopkg.in/jcmturner/gokrb5.v7/crypto/etype"
    13. 

  13. )
    14. 

  14. 

  15. // ZeroPad pads bytes with zeros to nearest multiple of message size m.
    16. 

  16. func ZeroPad(b []byte, m int) ([]byte, error) {
    17. 

  17. 	if m <= 0 {
    18. 

  18. 		return nil, errors.New("Invalid message block size when padding")
    19. 

  19. 	}
    20. 

  20. 	if b == nil || len(b) == 0 {
    21. 

  21. 		return nil, errors.New("Data not valid to pad: Zero size")
    22. 

  22. 	}
    23. 

  23. 	if l := len(b) % m; l != 0 {
    24. 

  24. 		n := m - l
    25. 

  25. 		z := make([]byte, n)
    26. 

  26. 		b = append(b, z...)
    27. 

  27. 	}
    28. 

  28. 	return b, nil
    29. 

  29. }
    30. 

  30. 

  31. // PKCS7Pad pads bytes according to RFC 2315 to nearest multiple of message size m.
    32. 

  32. func PKCS7Pad(b []byte, m int) ([]byte, error) {
    33. 

  33. 	if m <= 0 {
    34. 

  34. 		return nil, errors.New("Invalid message block size when padding")
    35. 

  35. 	}
    36. 

  36. 	if b == nil || len(b) == 0 {
    37. 

  37. 		return nil, errors.New("Data not valid to pad: Zero size")
    38. 

  38. 	}
    39. 

  39. 	n := m - (len(b) % m)
    40. 

  40. 	pb := make([]byte, len(b)+n)
    41. 

  41. 	copy(pb, b)
    42. 

  42. 	copy(pb[len(b):], bytes.Repeat([]byte{byte(n)}, n))
    43. 

  43. 	return pb, nil
    44. 

  44. }
    45. 

  45. 

  46. // PKCS7Unpad removes RFC 2315 padding from byes where message size is m.
    47. 

  47. func PKCS7Unpad(b []byte, m int) ([]byte, error) {
    48. 

  48. 	if m <= 0 {
    49. 

  49. 		return nil, errors.New("invalid message block size when unpadding")
    50. 

  50. 	}
    51. 

  51. 	if b == nil || len(b) == 0 {
    52. 

  52. 		return nil, errors.New("padded data not valid: Zero size")
    53. 

  53. 	}
    54. 

  54. 	if len(b)%m != 0 {
    55. 

  55. 		return nil, errors.New("padded data not valid: Not multiple of message block size")
    56. 

  56. 	}
    57. 

  57. 	c := b[len(b)-1]
    58. 

  58. 	n := int(c)
    59. 

  59. 	if n == 0 || n > len(b) {
    60. 

  60. 		return nil, errors.New("padded data not valid: Data may not have been padded")
    61. 

  61. 	}
    62. 

  62. 	for i := 0; i < n; i++ {
    63. 

  63. 		if b[len(b)-n+i] != c {
    64. 

  64. 			return nil, errors.New("padded data not valid")
    65. 

  65. 		}
    66. 

  66. 	}
    67. 

  67. 	return b[:len(b)-n], nil
    68. 

  68. }
    69. 

  69. 

  70. // GetHash generates the keyed hash value according to the etype's hash function.
    71. 

  71. func GetHash(pt, key []byte, usage []byte, etype etype.EType) ([]byte, error) {
    72. 

  72. 	k, err := etype.DeriveKey(key, usage)
    73. 

  73. 	if err != nil {
    74. 

  74. 		return nil, fmt.Errorf("unable to derive key for checksum: %v", err)
    75. 

  75. 	}
    76. 

  76. 	mac := hmac.New(etype.GetHashFunc(), k)
    77. 

  77. 	p := make([]byte, len(pt))
    78. 

  78. 	copy(p, pt)
    79. 

  79. 	mac.Write(p)
    80. 

  80. 	return mac.Sum(nil)[:etype.GetHMACBitLength()/8], nil
    81. 

  81. }
    82. 

  82. 

  83. // GetChecksumHash returns a keyed checksum hash of the bytes provided.
    84. 

  84. func GetChecksumHash(b, key []byte, usage uint32, etype etype.EType) ([]byte, error) {
    85. 

  85. 	return GetHash(b, key, GetUsageKc(usage), etype)
    86. 

  86. }
    87. 

  87. 

  88. // GetIntegrityHash returns a keyed integrity hash of the bytes provided.
    89. 

  89. func GetIntegrityHash(b, key []byte, usage uint32, etype etype.EType) ([]byte, error) {
    90. 

  90. 	return GetHash(b, key, GetUsageKi(usage), etype)
    91. 

  91. }
    92. 

  92. 

  93. // VerifyChecksum compares the checksum of the msg bytes is the same as the checksum provided.
    94. 

  94. func VerifyChecksum(key, chksum, msg []byte, usage uint32, etype etype.EType) bool {
    95. 

  95. 	//The ciphertext output is the concatenation of the output of the basic
    96. 

  96. 	//encryption function E and a (possibly truncated) HMAC using the
    97. 

  97. 	//specified hash function H, both applied to the plaintext with a
    98. 

  98. 	//random confounder prefix and sufficient padding to bring it to a
    99. 

  99. 	//multiple of the message block size.  When the HMAC is computed, the
    100. 

  100. 	//key is used in the protocol key form.
    101. 

  101. 	expectedMAC, _ := GetChecksumHash(msg, key, usage, etype)
    102. 

  102. 	return hmac.Equal(chksum, expectedMAC)
    103. 

  103. }
    104. 

  104. 

  105. // GetUsageKc returns the checksum key usage value for the usage number un.
    106. 

  106. //
    107. 

  107. // RFC 3961: The "well-known constant" used for the DK function is the key usage number, expressed as four octets in big-endian order, followed by one octet indicated below.
    108. 

  108. //
    109. 

  109. // Kc = DK(base-key, usage | 0x99);
    110. 

  110. func GetUsageKc(un uint32) []byte {
    111. 

  111. 	return getUsage(un, 0x99)
    112. 

  112. }
    113. 

  113. 

  114. // GetUsageKe returns the encryption key usage value for the usage number un
    115. 

  115. //
    116. 

  116. // RFC 3961: The "well-known constant" used for the DK function is the key usage number, expressed as four octets in big-endian order, followed by one octet indicated below.
    117. 

  117. //
    118. 

  118. // Ke = DK(base-key, usage | 0xAA);
    119. 

  119. func GetUsageKe(un uint32) []byte {
    120. 

  120. 	return getUsage(un, 0xAA)
    121. 

  121. }
    122. 

  122. 

  123. // GetUsageKi returns the integrity key usage value for the usage number un
    124. 

  124. //
    125. 

  125. // RFC 3961: The "well-known constant" used for the DK function is the key usage number, expressed as four octets in big-endian order, followed by one octet indicated below.
    126. 

  126. //
    127. 

  127. // Ki = DK(base-key, usage | 0x55);
    128. 

  128. func GetUsageKi(un uint32) []byte {
    129. 

  129. 	return getUsage(un, 0x55)
    130. 

  130. }
    131. 

  131. 

  132. func getUsage(un uint32, o byte) []byte {
    133. 

  133. 	var buf bytes.Buffer
    134. 

  134. 	binary.Write(&buf, binary.BigEndian, un)
    135. 

  135. 	return append(buf.Bytes(), o)
    136. 

  136. }
    137. 

  137. 

  138. // IterationsToS2Kparams converts the number of iterations as an integer to a string representation.
    139. 

  139. func IterationsToS2Kparams(i uint32) string {
    140. 

  140. 	b := make([]byte, 4, 4)
    141. 

  141. 	binary.BigEndian.PutUint32(b, i)
    142. 

  142. 	return hex.EncodeToString(b)
    143. 

  143. }
    144.