private void UpdateKeys()
{
if (session.SessionId == null)
{
session.SessionId = kexProcessor.ExchangeHash;
}
var a1 = Cipher.Create(ClientKexInit.EncAlgorithmsClient[0]);
var a2 = Cipher.Create(ClientKexInit.EncAlgorithmsServer[0]);
var a3 = MacWriter.Create(ClientKexInit.MacAlgorithmsClient[0]);
var a4 = MacWriter.Create(ClientKexInit.MacAlgorithmsServer[0]);
var desiredLengths = new int[] { a1.BlockSize, a2.BlockSize, a1.KeySize,
a2.KeySize, a3.KeySize, a4.KeySize };
Debug.WriteLine(string.Format("Shared Secret: {0}", kexProcessor.SharedSecret.HexDump()));
byte[][] keys = new byte[6][];
using (var hash = HashWriter.Create(ClientKexInit.KexAlgorithms[0]))
{
var i = 0;
for (char c = 'A'; c <= 'F'; c++, i++)
{
hash.WriteString(kexProcessor.SharedSecret);
hash.Write(kexProcessor.ExchangeHash);
hash.Write(c);
hash.Write(session.SessionId);
var key = hash.Hash;
hash.Reset();
while (key.Length < desiredLengths[i])
{
hash.WriteString(kexProcessor.SharedSecret);
hash.Write(kexProcessor.ExchangeHash);
hash.Write(key);
var h = hash.Hash;
var buffer = new byte[key.Length + h.Length];
Buffer.BlockCopy(key, 0, buffer, 0, key.Length);
Buffer.BlockCopy(h, 0, buffer, key.Length, h.Length);
key = buffer;
Extensions.Random.ClearBytes(buffer, 0, buffer.Length);
hash.Reset();
}
keys[i] = new byte[desiredLengths[i]];
Buffer.BlockCopy(key, 0, keys[i], 0, desiredLengths[i]);
Extensions.Random.ClearBytes(key, 0, key.Length);
Debug.WriteLine("Key '{0}': {1}", c, keys[i].HexDump());
}
}
a1.Initialize(Cipher.CipherMode.Encryption, keys[2], keys[0]);
a2.Initialize(Cipher.CipherMode.Decryption, keys[3], keys[1]);
session.Socket.Encryptor = a1;
session.Socket.Decryptor = a2;
session.Socket.EncryptorMac = MacWriter.Create(ClientKexInit.MacAlgorithmsClient[0], keys[4]);
session.Socket.DecryptorMac = MacWriter.Create(ClientKexInit.MacAlgorithmsServer[0], keys[5]);
for (var i = 0; i < keys.Length; i++)
{
Extensions.Random.ClearBytes(keys[i], 0, keys[i].Length);
}
}
private byte[] HashExchangeHash()
{
var h = new byte[0];
using (var pw = HashWriter.Create(session.Algorithms.KeyAlgorithmsServer[0]))
{
pw.Write(ExchangeHash, 0, ExchangeHash.Length);
h = pw.Hash;
}
return(h);
}
public override byte[] Sign(byte[] data)
{
Decrypt();
byte[] H;
using (var hw = HashWriter.Create(AlgorithmName))
{
hw.Write(data);
H = hw.Hash;
}
return(((ECDSAManaged)Algorithm).SignHash(H));
}
private byte[] CalculateExchangeHash()
{
using (var pw = HashWriter.Create(session.Algorithms.KexAlgorithms[0]))
{
pw.WriteString(session.ClientIdentifier.ToSshMessage());
pw.WriteString(session.ServerIdentifier.ToSshMessage());
pw.WriteString(session.KexProcessor.ClientKexInit.ToSshMessage());
pw.WriteString(session.KexProcessor.ServerKexInit.ToSshMessage());
pw.WriteString(ServerHostKey);
pw.WriteString(ClientPublicKey);
pw.WriteString(ServerPublicKey);
pw.WriteString(SharedSecret);
return(pw.Hash);
}
}
