public void HostKeyEventArgsConstructorTest()
{
KeyHostAlgorithm host = null; // TODO: Initialize to an appropriate value
HostKeyEventArgs target = new HostKeyEventArgs(host);
Assert.Inconclusive("TODO: Implement code to verify target");
}
public void KeyHostAlgorithmConstructorTest()
{
string name = string.Empty; // TODO: Initialize to an appropriate value
Key key = null; // TODO: Initialize to an appropriate value
KeyHostAlgorithm target = new KeyHostAlgorithm(name, key);
Assert.Inconclusive("TODO: Implement code to verify target");
}
public PrivateKeyAgentKey AddSsh1(KeyHostAlgorithm key, string comment)
{
if (!(key.Key is RsaKey))
{
throw new SshException("SSH1 keys can only be RSA keys.");
}
return(Add(this.keysSsh1, key, comment));
}
public void DataTest()
{
string name = string.Empty; // TODO: Initialize to an appropriate value
Key key = null; // TODO: Initialize to an appropriate value
KeyHostAlgorithm target = new KeyHostAlgorithm(name, key); // TODO: Initialize to an appropriate value
byte[] actual;
actual = target.Data;
Assert.Inconclusive("Verify the correctness of this test method.");
}
public void CanTrustTest()
{
KeyHostAlgorithm host = null; // TODO: Initialize to an appropriate value
HostKeyEventArgs target = new HostKeyEventArgs(host); // TODO: Initialize to an appropriate value
bool expected = false; // TODO: Initialize to an appropriate value
bool actual;
target.CanTrust = expected;
actual = target.CanTrust;
Assert.AreEqual(expected, actual);
Assert.Inconclusive("Verify the correctness of this test method.");
}
/// <summary>
/// Called when type specific data need to be loaded.
/// </summary>
protected override void LoadData()
{
int count = (int)this.ReadUInt32();
this.Keys = new List <PrivateKeyAgentKey>(count);
for (int i = 0; i < count; i++)
{
var key = new KeyHostAlgorithm("", new RsaKey(), this.ReadBytes());
string comment = this.ReadString();
this.Keys.Add(new PrivateKeyAgentKey(key, comment));
}
}
public void SignTest()
{
string name = string.Empty; // TODO: Initialize to an appropriate value
Key key = null; // TODO: Initialize to an appropriate value
KeyHostAlgorithm target = new KeyHostAlgorithm(name, key); // TODO: Initialize to an appropriate value
byte[] data = null; // TODO: Initialize to an appropriate value
byte[] expected = null; // TODO: Initialize to an appropriate value
byte[] actual;
actual = target.Sign(data);
Assert.AreEqual(expected, actual);
Assert.Inconclusive("Verify the correctness of this test method.");
}
/// <summary>
/// Initializes a new instance of the <see cref="HostKeyEventArgs"/> class.
/// </summary>
/// <param name="host">The host.</param>
public HostKeyEventArgs(KeyHostAlgorithm host)
{
this.CanTrust = true; // Set default value
this.HostKey = host.Data;
this.KeyLength = host.Key.KeyLength;
using (var md5 = new MD5Hash())
{
this.FingerPrint = md5.ComputeHash(host.Data);
}
}
/// <summary>
/// Initializes a new instance of the <see cref="HostKeyEventArgs"/> class.
/// </summary>
/// <param name="host">The host.</param>
public HostKeyEventArgs(KeyHostAlgorithm host)
{
this.CanTrust = true; // Set default value
this.HostKey = host.Data;
this.KeyLength = host.Key.KeyLength;
var md5 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Md5);
byte[] buffer;
CryptographicBuffer.CopyToByteArray(md5.HashData(CryptographicBuffer.CreateFromByteArray(host.Data)), out buffer);
this.FingerPrint = buffer;
}
private static PrivateKeyAgentKey Add(List <PrivateKeyAgentKey> keys, KeyHostAlgorithm key, string comment)
{
var existingKey = GetKey(keys, key.Data);
if (existingKey != null)
{
return(null);
}
var agentKey = new PrivateKeyAgentKey(key, comment);
keys.Add(agentKey);
return(agentKey);
}
/// <summary>
/// Initializes a new instance of the <see cref="HostKeyEventArgs"/> class.
/// </summary>
/// <param name="host">The host.</param>
public HostKeyEventArgs(KeyHostAlgorithm host)
{
CanTrust = true; // Set default value
HostKey = host.Data;
HostKeyName = host.Name;
KeyLength = host.Key.KeyLength;
using (var md5 = HashAlgorithmFactory.CreateMD5())
{
FingerPrint = md5.ComputeHash(host.Data);
}
}
/// <summary>
/// Initializes a new instance of the <see cref="RemoveIdentityMessage"/> class.
/// </summary>
/// <param name="serviceName">Name of the service.</param>
/// <param name="username">Authentication username.</param>
/// <param name="keyAlgorithmName">Name of private key algorithm.</param>
/// <param name="keyData">Private key data.</param>
public AddIdentityMessage(KeyHostAlgorithm key, string comment)
{
this.Key = key;
this.Comment = comment;
}
public PrivateKeyAgentKey AddSsh2(KeyHostAlgorithm key, string comment)
{
return(Add(this.keysSsh2, key, comment));
}
private void Open(Stream privateKey, string passPhrase)
{
if (privateKey == null)
{
throw new ArgumentNullException("privateKey");
}
Match privateKeyMatch = null;
using (StreamReader sr = new StreamReader(privateKey))
{
var text = sr.ReadToEnd();
privateKeyMatch = _privateKeyRegex.Match(text);
}
if (!privateKeyMatch.Success)
{
throw new SshException("Invalid private key file.");
}
var keyName = privateKeyMatch.Result("${keyName}");
var cipherName = privateKeyMatch.Result("${cipherName}");
var salt = privateKeyMatch.Result("${salt}");
var data = privateKeyMatch.Result("${data}");
var binaryData = System.Convert.FromBase64String(data);
byte[] decryptedData = null;
if (!string.IsNullOrEmpty(cipherName) && !string.IsNullOrEmpty(salt))
{
if (string.IsNullOrEmpty(passPhrase))
{
throw new SshPassPhraseNullOrEmptyException("Private key is encrypted but passphrase is empty.");
}
byte[] binarySalt = new byte[salt.Length / 2];
for (int i = 0; i < binarySalt.Length; i++)
{
binarySalt[i] = Convert.ToByte(salt.Substring(i * 2, 2), 16);
}
CipherInfo cipher;
int bytesOfSaltToPassword;
switch (cipherName)
{
case "DES-EDE3-CBC":
cipher = new CipherInfo(192, (key, iv) => { return(new TripleDesCipher(key, new CbcCipherMode(iv), new PKCS7Padding())); });
bytesOfSaltToPassword = binarySalt.Length;
break;
case "DES-EDE3-CFB":
cipher = new CipherInfo(192, (key, iv) => { return(new TripleDesCipher(key, new CfbCipherMode(iv), new PKCS7Padding())); });
bytesOfSaltToPassword = binarySalt.Length;
break;
case "DES-CBC":
cipher = new CipherInfo(64, (key, iv) => { return(new DesCipher(key, new CbcCipherMode(iv), new PKCS7Padding())); });
bytesOfSaltToPassword = binarySalt.Length;
break;
// TODO: Implement more private key ciphers
case "AES-128-CBC":
cipher = new CipherInfo(128, (key, iv) => { return(new AesCipher(key, new CbcCipherMode(iv), new PKCS7Padding())); });
bytesOfSaltToPassword = 8;
break;
//var md5 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Md5);
//byte[] password = Encoding.UTF8.GetBytes(passPhrase);
//byte[] mysalt = new byte[8];
//Buffer.BlockCopy(binarySalt, 0, mysalt, 0, 8);
//int preKeyLength = password.Length + mysalt.Length;
//byte[] preKey = new byte[preKeyLength];
//Buffer.BlockCopy(password, 0, preKey, 0, password.Length);
//Buffer.BlockCopy(mysalt, 0, preKey, password.Length, 8); // get first 8 bytes of iv
//byte[] mykey;
//CryptographicBuffer.CopyToByteArray(md5.HashData(CryptographicBuffer.CreateFromByteArray(preKey.ToArray())), out mykey);
//var aes128 = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbc);
//var aes128key = aes128.CreateSymmetricKey(CryptographicBuffer.CreateFromByteArray(mykey));
//var aes128data = CryptographicBuffer.CreateFromByteArray(binaryData);
//var aes128iv = CryptographicBuffer.CreateFromByteArray(binarySalt);
//var decryptedBuffer = CryptographicEngine.Decrypt(aes128key, aes128data, aes128iv);
//CryptographicBuffer.CopyToByteArray(decryptedBuffer, out decryptedData);
//break;
case "AES-192-CBC":
cipher = new CipherInfo(192, (key, iv) => { return(new AesCipher(key, new CbcCipherMode(iv), new PKCS7Padding())); });
bytesOfSaltToPassword = 8;
break;
case "AES-256-CBC":
cipher = new CipherInfo(256, (key, iv) => { return(new AesCipher(key, new CbcCipherMode(iv), new PKCS7Padding())); });
bytesOfSaltToPassword = 8;
break;
default:
throw new SshException(string.Format(CultureInfo.CurrentCulture, "Private key cipher \"{0}\" is not supported.", cipherName));
}
decryptedData = DecryptKey(cipher, binaryData, passPhrase, binarySalt, bytesOfSaltToPassword);
}
else
{
decryptedData = binaryData;
}
switch (keyName)
{
case "RSA":
this._key = new RsaKey(decryptedData.ToArray());
this.HostKey = new KeyHostAlgorithm("ssh-rsa", this._key);
break;
case "DSA":
this._key = new DsaKey(decryptedData.ToArray());
this.HostKey = new KeyHostAlgorithm("ssh-dss", this._key);
break;
case "SSH2 ENCRYPTED":
var reader = new SshDataReader(decryptedData);
var magicNumber = reader.ReadUInt32();
if (magicNumber != 0x3f6ff9eb)
{
throw new SshException("Invalid SSH2 private key.");
}
var totalLength = reader.ReadUInt32(); // Read total bytes length including magic number
var keyType = reader.ReadString();
var ssh2CipherName = reader.ReadString();
var blobSize = (int)reader.ReadUInt32();
byte[] keyData = null;
if (ssh2CipherName == "none")
{
keyData = reader.ReadBytes(blobSize);
}
//else if (ssh2CipherName == "3des-cbc")
//{
// var key = GetCipherKey(passPhrase, 192 / 8);
// var ssh2Сipher = new TripleDesCipher(key, null, null);
// keyData = ssh2Сipher.Decrypt(reader.ReadBytes(blobSize));
//}
else
{
throw new SshException(string.Format("Cipher method '{0}' is not supported.", ssh2CipherName));
}
reader = new SshDataReader(keyData);
var decryptedLength = reader.ReadUInt32();
if (decryptedLength + 4 != blobSize)
{
throw new SshException("Invalid passphrase.");
}
if (keyType == "if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}")
{
var exponent = reader.ReadBigIntWithBits(); //e
var d = reader.ReadBigIntWithBits(); //d
var modulus = reader.ReadBigIntWithBits(); //n
var inverseQ = reader.ReadBigIntWithBits(); //u
var q = reader.ReadBigIntWithBits(); //p
var p = reader.ReadBigIntWithBits(); //q
this._key = new RsaKey(modulus, exponent, d, p, q, inverseQ);
this.HostKey = new KeyHostAlgorithm("ssh-rsa", this._key);
}
else if (keyType == "dl-modp{sign{dsa-nist-sha1},dh{plain}}")
{
var zero = reader.ReadUInt32();
if (zero != 0)
{
throw new SshException("Invalid private key");
}
var p = reader.ReadBigIntWithBits();
var g = reader.ReadBigIntWithBits();
var q = reader.ReadBigIntWithBits();
var y = reader.ReadBigIntWithBits();
var x = reader.ReadBigIntWithBits();
this._key = new DsaKey(p, q, g, y, x);
this.HostKey = new KeyHostAlgorithm("ssh-dss", this._key);
}
else
{
throw new NotSupportedException(string.Format("Key type '{0}' is not supported.", keyType));
}
break;
default:
throw new NotSupportedException(string.Format(CultureInfo.CurrentCulture, "Key '{0}' is not supported.", keyName));
}
}
public PrivateKeyAgentKey(KeyHostAlgorithm key, string comment)
{
this.Key = key;
this.Comment = comment;
}
