public void RemoveAllKeys(SshVersion version)
{
BlobBuilder builder = new BlobBuilder();
ICollection <ISshKey> keys = null;
if (KeyRemoved != null)
{
keys = ListKeys(version);
}
switch (version)
{
case SshVersion.SSH1:
builder.InsertHeader(Agent.Message.SSH1_AGENTC_REMOVE_ALL_RSA_IDENTITIES);
break;
case SshVersion.SSH2:
builder.InsertHeader(Agent.Message.SSH2_AGENTC_REMOVE_ALL_IDENTITIES);
break;
default:
throw new Exception(cUnsupportedSshVersion);
}
SendMessageAndCheckSuccess(builder);
if (keys != null)
{
foreach (var key in keys)
{
FireKeyRemoved(key);
}
}
}
public ICollection <ISshKey> ListKeys(SshVersion aVersion)
{
if (IsLocked)
{
return(new List <ISshKey>());
}
return(mKeyList.Where(key => key.Version == aVersion).ToList());
}
public SshKey(SshVersion version, AsymmetricKeyParameter publicKeyParameter,
AsymmetricKeyParameter privateKeyParameter = null, string comment = "")
{
if (publicKeyParameter == null) {
throw new ArgumentNullException("publicKeyParameter");
}
IsPublicOnly = (privateKeyParameter == null);
Version = version;
this.publicKeyParameter = publicKeyParameter;
this.privateKeyParameter = privateKeyParameter;
Comment = comment;
keyConstraints = new List<Agent.KeyConstraint>();
}
public void RemoveAllKeys(SshVersion aVersion)
{
if (IsLocked)
{
throw new AgentLockedException();
}
var removeKeyList = ListKeys(aVersion);
foreach (ISshKey key in removeKeyList)
{
RemoveKey(key);
}
}
public static ISshKey Get(this ICollection <ISshKey> aKeyList,
SshVersion aVersion,
byte[] aPublicKeyBlob)
{
foreach (ISshKey key in aKeyList.Where(key => key.Version == aVersion))
{
byte[] keyBlob = key.GetPublicKeyBlob();
if (keyBlob.SequenceEqual(aPublicKeyBlob))
{
return(key);
}
}
return(null);
}
public SshKey(SshVersion version, AsymmetricKeyParameter publicKeyParameter,
AsymmetricKeyParameter privateKeyParameter = null, string comment = "",
OpensshCertificate certificate = null)
{
if (publicKeyParameter == null)
{
throw new ArgumentNullException("publicKeyParameter");
}
IsPublicOnly = (privateKeyParameter == null);
Version = version;
this.publicKeyParameter = publicKeyParameter;
this.privateKeyParameter = privateKeyParameter;
Certificate = certificate;
Comment = comment;
keyConstraints = new List <Agent.KeyConstraint>();
}
public SshKey(SshVersion version, AsymmetricCipherKeyPair cipherKeyPair,
string comment = "", OpensshCertificate certificate = null)
: this(version, cipherKeyPair.Public, cipherKeyPair.Private, comment, certificate)
{
}
public void RemoveAllKeys(SshVersion aVersion)
{
if (IsLocked) {
throw new AgentLockedException();
}
var removeKeyList = ListKeys(aVersion);
foreach (ISshKey key in removeKeyList) {
RemoveKey(key);
}
}
public ICollection<ISshKey> ListKeys(SshVersion aVersion)
{
if (IsLocked) {
return new List<ISshKey>();
}
return mKeyList.Where(key => key.Version == aVersion).ToList();
}
public ICollection <ISshKey> ListKeys(SshVersion aVersion)
{
BlobBuilder builder = new BlobBuilder();
switch (aVersion)
{
case SshVersion.SSH1:
builder.InsertHeader(Agent.Message.SSH1_AGENTC_REQUEST_RSA_IDENTITIES);
break;
case SshVersion.SSH2:
builder.InsertHeader(Agent.Message.SSH2_AGENTC_REQUEST_IDENTITIES);
break;
default:
throw new Exception(cUnsupportedSshVersion);
}
BlobParser replyParser = SendMessage(builder);
var keyCollection = new List <ISshKey>();
var header = replyParser.ReadHeader();
switch (aVersion)
{
case SshVersion.SSH1:
if (header.Message != Agent.Message.SSH1_AGENT_RSA_IDENTITIES_ANSWER)
{
throw new AgentFailureException();
}
var ssh1KeyCount = replyParser.ReadUInt32();
for (var i = 0; i < ssh1KeyCount; i++)
{
var publicKeyParams = replyParser.ReadSsh1PublicKeyData(true);
var comment = replyParser.ReadString();
keyCollection.Add(
new SshKey(SshVersion.SSH1, publicKeyParams, null, comment));
}
break;
case SshVersion.SSH2:
if (header.Message != Agent.Message.SSH2_AGENT_IDENTITIES_ANSWER)
{
throw new AgentFailureException();
}
var ssh2KeyCount = replyParser.ReadUInt32();
for (var i = 0; i < ssh2KeyCount; i++)
{
var publicKeyBlob = replyParser.ReadBlob();
var publicKeyParser = new BlobParser(publicKeyBlob);
OpensshCertificate cert;
var publicKeyParams = publicKeyParser.ReadSsh2PublicKeyData(out cert);
var comment = replyParser.ReadString();
keyCollection.Add(
new SshKey(SshVersion.SSH2, publicKeyParams, null, comment, cert));
}
break;
default:
throw new Exception(cUnsupportedSshVersion);
}
return(keyCollection);
}
public static ISshKey Get(this ICollection<ISshKey> aKeyList,
SshVersion aVersion,
byte[] aPublicKeyBlob)
{
foreach (ISshKey key in aKeyList.Where(key => key.Version == aVersion)) {
byte[] keyBlob = key.GetPublicKeyBlob();
if (keyBlob.SequenceEqual(aPublicKeyBlob)) {
return key;
}
}
return null;
}
public static SshKey CreateKey(SshVersion version,
PublicKeyAlgorithm algorithm, string comment = "")
{
if (version == SshVersion.SSH1 &&
algorithm != PublicKeyAlgorithm.SSH_RSA) {
throw new Exception("unsupported version/algorithm combination");
}
switch (algorithm) {
case PublicKeyAlgorithm.SSH_RSA:
KeyGenerationParameters keyGenParam =
new KeyGenerationParameters(secureRandom, 512);
RsaKeyPairGenerator rsaKeyPairGen = new RsaKeyPairGenerator();
rsaKeyPairGen.Init(keyGenParam);
AsymmetricCipherKeyPair keyPair = rsaKeyPairGen.GenerateKeyPair();
var rsaKey = new SshKey(version, keyPair);
rsaKey.Comment = comment;
return rsaKey;
case PublicKeyAlgorithm.SSH_DSS:
DsaParametersGenerator dsaParamGen = new DsaParametersGenerator();
dsaParamGen.Init(512, 10, secureRandom);
DsaParameters dsaParam = dsaParamGen.GenerateParameters();
DsaKeyGenerationParameters dsaKeyGenParam =
new DsaKeyGenerationParameters(secureRandom, dsaParam);
DsaKeyPairGenerator dsaKeyPairGen = new DsaKeyPairGenerator();
dsaKeyPairGen.Init(dsaKeyGenParam);
keyPair = dsaKeyPairGen.GenerateKeyPair();
var dsaKey = new SshKey(SshVersion.SSH2, keyPair);
dsaKey.Comment = comment;
return dsaKey;
case PublicKeyAlgorithm.ECDSA_SHA2_NISTP256:
X9ECParameters ecdsa256X9Params =
SecNamedCurves.GetByName("secp256r1");
ECDomainParameters ecdsa256DomainParams =
new ECDomainParameters(ecdsa256X9Params.Curve, ecdsa256X9Params.G,
ecdsa256X9Params.N, ecdsa256X9Params.H);
ECKeyGenerationParameters ecdsa256GenParams =
new ECKeyGenerationParameters(ecdsa256DomainParams, secureRandom);
ECKeyPairGenerator ecdsa256Gen = new ECKeyPairGenerator();
ecdsa256Gen.Init(ecdsa256GenParams);
keyPair = ecdsa256Gen.GenerateKeyPair();
var ecdsa256Key = new SshKey(SshVersion.SSH2, keyPair);
ecdsa256Key.Comment = comment;
return ecdsa256Key;
case PublicKeyAlgorithm.ECDSA_SHA2_NISTP384:
X9ECParameters ecdsa384X9Params =
SecNamedCurves.GetByName("secp384r1");
ECDomainParameters ecdsa384DomainParams =
new ECDomainParameters(ecdsa384X9Params.Curve, ecdsa384X9Params.G,
ecdsa384X9Params.N, ecdsa384X9Params.H);
ECKeyGenerationParameters ecdsa384GenParams =
new ECKeyGenerationParameters(ecdsa384DomainParams, secureRandom);
ECKeyPairGenerator ecdsa384Gen = new ECKeyPairGenerator();
ecdsa384Gen.Init(ecdsa384GenParams);
keyPair = ecdsa384Gen.GenerateKeyPair();
var ecdsa384Key = new SshKey(SshVersion.SSH2, keyPair);
ecdsa384Key.Comment = comment;
return ecdsa384Key;
case PublicKeyAlgorithm.ECDSA_SHA2_NISTP521:
X9ECParameters ecdsa521X9Params =
SecNamedCurves.GetByName("secp521r1");
ECDomainParameters ecdsa521DomainParams =
new ECDomainParameters(ecdsa521X9Params.Curve, ecdsa521X9Params.G,
ecdsa521X9Params.N, ecdsa521X9Params.H);
ECKeyGenerationParameters ecdsa521GenParams =
new ECKeyGenerationParameters(ecdsa521DomainParams, secureRandom);
ECKeyPairGenerator ecdsa521Gen = new ECKeyPairGenerator();
ecdsa521Gen.Init(ecdsa521GenParams);
keyPair = ecdsa521Gen.GenerateKeyPair();
var ecdsa521Key = new SshKey(SshVersion.SSH2, keyPair);
ecdsa521Key.Comment = comment;
return ecdsa521Key;
case PublicKeyAlgorithm.ED25519:
var privateKeySeed = secureRandom.GenerateSeed(Ed25519.PrivateKeySeedSizeInBytes);
var publicKeyBytes = new byte[Ed25519.PublicKeySizeInBytes];
var privateKeyBytes = new byte[Ed25519.ExpandedPrivateKeySizeInBytes];
Ed25519.KeyPairFromSeed(out publicKeyBytes, out privateKeyBytes, privateKeySeed);
var publicKey = new Ed25519PublicKeyParameter(publicKeyBytes);
var privateKey = new Ed25519PrivateKeyParameter(privateKeyBytes);
var ed25519Key = new SshKey(SshVersion.SSH2, publicKey, privateKey, comment);
return ed25519Key;
default:
throw new Exception("unsupported algorithm");
}
}
public SshKey(SshVersion version, AsymmetricCipherKeyPair cipherKeyPair,
string comment = "")
: this(version, cipherKeyPair.Public, cipherKeyPair.Private, comment)
{
}
public void RemoveAllKeys(SshVersion version)
{
BlobBuilder builder = new BlobBuilder();
ICollection<ISshKey> keys = null;
if (KeyRemoved != null)
keys = ListKeys(version);
switch (version) {
case SshVersion.SSH1:
builder.InsertHeader(Agent.Message.SSH1_AGENTC_REMOVE_ALL_RSA_IDENTITIES);
break;
case SshVersion.SSH2:
builder.InsertHeader(Agent.Message.SSH2_AGENTC_REMOVE_ALL_IDENTITIES);
break;
default:
throw new Exception(cUnsupportedSshVersion);
}
SendMessageAndCheckSuccess(builder);
if (keys != null) {
foreach (var key in keys)
FireKeyRemoved(key);
}
}
public ICollection<ISshKey> ListKeys(SshVersion aVersion)
{
BlobBuilder builder = new BlobBuilder();
switch (aVersion) {
case SshVersion.SSH1:
builder.InsertHeader(Agent.Message.SSH1_AGENTC_REQUEST_RSA_IDENTITIES);
break;
case SshVersion.SSH2:
builder.InsertHeader(Agent.Message.SSH2_AGENTC_REQUEST_IDENTITIES);
break;
default:
throw new Exception(cUnsupportedSshVersion);
}
BlobParser replyParser = SendMessage(builder);
var keyCollection = new List<ISshKey>();
var header = replyParser.ReadHeader();
switch (aVersion) {
case SshVersion.SSH1:
if (header.Message != Agent.Message.SSH1_AGENT_RSA_IDENTITIES_ANSWER) {
throw new AgentFailureException();
}
var ssh1KeyCount = replyParser.ReadInt();
for (var i = 0; i < ssh1KeyCount; i++) {
var publicKeyParams = replyParser.ReadSsh1PublicKeyData(true);
var comment = replyParser.ReadString();
keyCollection.Add(
new SshKey(SshVersion.SSH1, publicKeyParams, null, comment));
}
break;
case SshVersion.SSH2:
if (header.Message != Agent.Message.SSH2_AGENT_IDENTITIES_ANSWER) {
throw new AgentFailureException();
}
var ssh2KeyCount = replyParser.ReadInt();
for (var i = 0; i < ssh2KeyCount; i++) {
var publicKeyBlob = replyParser.ReadBlob();
var publicKeyParser = new BlobParser(publicKeyBlob);
var publicKeyParams = publicKeyParser.ReadSsh2PublicKeyData();
var comment = replyParser.ReadString();
keyCollection.Add(
new SshKey(SshVersion.SSH2, publicKeyParams, null, comment));
}
break;
default:
throw new Exception(cUnsupportedSshVersion);
}
return keyCollection;
}
public static SshKey CreateKey(SshVersion version,
PublicKeyAlgorithm algorithm, string comment = "")
{
if (version == SshVersion.SSH1 &&
algorithm != PublicKeyAlgorithm.SSH_RSA)
{
throw new Exception("unsupported version/algorithm combination");
}
switch (algorithm)
{
case PublicKeyAlgorithm.SSH_RSA:
case PublicKeyAlgorithm.SSH_RSA_CERT_V1:
KeyGenerationParameters keyGenParam =
new KeyGenerationParameters(secureRandom, 512);
var rsaKeyPairGen = new RsaKeyPairGenerator();
rsaKeyPairGen.Init(keyGenParam);
var keyPair = rsaKeyPairGen.GenerateKeyPair();
var rsaKey = new SshKey(version, keyPair, comment);
return(rsaKey);
case PublicKeyAlgorithm.SSH_DSS:
case PublicKeyAlgorithm.SSH_DSS_CERT_V1:
DsaParametersGenerator dsaParamGen = new DsaParametersGenerator();
dsaParamGen.Init(512, 10, secureRandom);
DsaParameters dsaParam = dsaParamGen.GenerateParameters();
DsaKeyGenerationParameters dsaKeyGenParam =
new DsaKeyGenerationParameters(secureRandom, dsaParam);
DsaKeyPairGenerator dsaKeyPairGen = new DsaKeyPairGenerator();
dsaKeyPairGen.Init(dsaKeyGenParam);
keyPair = dsaKeyPairGen.GenerateKeyPair();
var dsaKey = new SshKey(SshVersion.SSH2, keyPair);
dsaKey.Comment = comment;
return(dsaKey);
case PublicKeyAlgorithm.ECDSA_SHA2_NISTP256:
case PublicKeyAlgorithm.ECDSA_SHA2_NISTP256_CERT_V1:
X9ECParameters ecdsa256X9Params =
SecNamedCurves.GetByName("secp256r1");
ECDomainParameters ecdsa256DomainParams =
new ECDomainParameters(ecdsa256X9Params.Curve, ecdsa256X9Params.G,
ecdsa256X9Params.N, ecdsa256X9Params.H);
ECKeyGenerationParameters ecdsa256GenParams =
new ECKeyGenerationParameters(ecdsa256DomainParams, secureRandom);
ECKeyPairGenerator ecdsa256Gen = new ECKeyPairGenerator();
ecdsa256Gen.Init(ecdsa256GenParams);
keyPair = ecdsa256Gen.GenerateKeyPair();
var ecdsa256Key = new SshKey(SshVersion.SSH2, keyPair);
ecdsa256Key.Comment = comment;
return(ecdsa256Key);
case PublicKeyAlgorithm.ECDSA_SHA2_NISTP384:
case PublicKeyAlgorithm.ECDSA_SHA2_NISTP384_CERT_V1:
X9ECParameters ecdsa384X9Params =
SecNamedCurves.GetByName("secp384r1");
ECDomainParameters ecdsa384DomainParams =
new ECDomainParameters(ecdsa384X9Params.Curve, ecdsa384X9Params.G,
ecdsa384X9Params.N, ecdsa384X9Params.H);
ECKeyGenerationParameters ecdsa384GenParams =
new ECKeyGenerationParameters(ecdsa384DomainParams, secureRandom);
ECKeyPairGenerator ecdsa384Gen = new ECKeyPairGenerator();
ecdsa384Gen.Init(ecdsa384GenParams);
keyPair = ecdsa384Gen.GenerateKeyPair();
var ecdsa384Key = new SshKey(SshVersion.SSH2, keyPair);
ecdsa384Key.Comment = comment;
return(ecdsa384Key);
case PublicKeyAlgorithm.ECDSA_SHA2_NISTP521:
case PublicKeyAlgorithm.ECDSA_SHA2_NISTP521_CERT_V1:
X9ECParameters ecdsa521X9Params =
SecNamedCurves.GetByName("secp521r1");
ECDomainParameters ecdsa521DomainParams =
new ECDomainParameters(ecdsa521X9Params.Curve, ecdsa521X9Params.G,
ecdsa521X9Params.N, ecdsa521X9Params.H);
ECKeyGenerationParameters ecdsa521GenParams =
new ECKeyGenerationParameters(ecdsa521DomainParams, secureRandom);
ECKeyPairGenerator ecdsa521Gen = new ECKeyPairGenerator();
ecdsa521Gen.Init(ecdsa521GenParams);
keyPair = ecdsa521Gen.GenerateKeyPair();
var ecdsa521Key = new SshKey(SshVersion.SSH2, keyPair);
ecdsa521Key.Comment = comment;
return(ecdsa521Key);
case PublicKeyAlgorithm.ED25519:
case PublicKeyAlgorithm.ED25519_CERT_V1:
var privateKeySeed = secureRandom.GenerateSeed(Ed25519.PrivateKeySeedSizeInBytes);
var publicKeyBytes = new byte[Ed25519.PublicKeySizeInBytes];
var privateKeyBytes = new byte[Ed25519.ExpandedPrivateKeySizeInBytes];
Ed25519.KeyPairFromSeed(out publicKeyBytes, out privateKeyBytes, privateKeySeed);
var publicKey = new Ed25519PublicKeyParameter(publicKeyBytes);
var privateKey = new Ed25519PrivateKeyParameter(privateKeyBytes);
var ed25519Key = new SshKey(SshVersion.SSH2, publicKey, privateKey, comment);
return(ed25519Key);
default:
throw new Exception("unsupported algorithm");
}
}
