byte[] getSignature_rsa(Session session, byte[] data)
{
try
{
//Type t=Type.GetType(jsch.getConfig("signature.rsa"));
//SignatureRSA rsa=(SignatureRSA)Activator.CreateInstance(t);
ISignatureRSA rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
rsa.init();
rsa.setPrvKey(e_array, n_array, d_array, p_array, q_array, dmp1_array, dmq1_array, iqmp_array);
/*
* byte[] goo=new byte[4];
* goo[0]=(byte)(session.getSessionId().Length>>>24);
* goo[1]=(byte)(session.getSessionId().Length>>>16);
* goo[2]=(byte)(session.getSessionId().Length>>>8);
* goo[3]=(byte)(session.getSessionId().Length);
* rsa.update(goo);
* rsa.update(session.getSessionId());
*/
rsa.update(data);
byte[] sig = rsa.sign();
Buffer buf = new Buffer("ssh-rsa".Length + 4 +
sig.Length + 4);
buf.putString(System.Text.Encoding.Default.GetBytes("ssh-rsa"));
buf.putString(sig);
return(buf.buffer);
}
catch (Exception e)
{
Console.WriteLine(e);
}
return(null);
}
public static void testSigFromJava()
{
FileStream fs = File.OpenRead("e.bin");
byte[] e = new byte[fs.Length];
fs.Read(e, 0, e.Length);
fs.Close();
fs = File.OpenRead("n.bin");
byte[] n = new byte[fs.Length];
fs.Read(n, 0, n.Length);
fs.Close();
fs = File.OpenRead("sig.bin");
byte[] sig = new byte[fs.Length];
fs.Read(sig, 0, sig.Length);
fs.Close();
Console.Write("E: ");
Console.WriteLine(hex(e));
Console.Write("N: ");
Console.WriteLine(hex(n));
Console.Write("SIG: ");
Console.WriteLine(hex(sig));
byte[] hash = Util.getBytes("Tamir");
Tamir.SharpSsh.jsch.jce.SignatureRSA dec_rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
dec_rsa.init();
dec_rsa.setPubKey(e, n);
dec_rsa.update(hash);
Console.WriteLine(dec_rsa.verify(sig));
}
public byte[] getSignature(Session session, byte[] data)
{
try
{
SignatureRSA rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
rsa.init();
rsa.setPrvKey(_e_array, _n_array, _d_array, _p_array, _q_array, _dmp1_array, _dmq1_array, _iqmp_array);
rsa.update(data);
byte[] sig = rsa.sign();
Buffer buf = new Buffer(ALGORITHM_NAME.Length + 4 + sig.Length + 4);
buf.putString(System.Text.Encoding.Default.GetBytes(ALGORITHM_NAME));
buf.putString(sig);
return(buf.buffer);
}
catch (Exception e)
{
Console.WriteLine(e);
}
return(null);
}
public static void testDumpBase64()
{
String fname = "e.bin";
StreamReader fs = File.OpenText(fname);
string base64 = fs.ReadToEnd();
byte[] e = Convert.FromBase64String(base64);
fs.Close();
fname = "n.bin";
fs = File.OpenText(fname);
base64 = fs.ReadToEnd();
byte[] n = Convert.FromBase64String(base64);
fs.Close();
fname = "sig.bin";
fs = File.OpenText(fname);
base64 = fs.ReadToEnd();
byte[] sig = Convert.FromBase64String(base64);
fs.Close();
fname = "hash.bin";
fs = File.OpenText(fname);
base64 = fs.ReadToEnd();
byte[] hash = Convert.FromBase64String(base64);
fs.Close();
print("E", e);
print("N", n);
print("SIG", sig);
print("HASH", hash);
Tamir.SharpSsh.jsch.jce.SignatureRSA dec_rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
dec_rsa.init();
dec_rsa.setPubKey(e, n);
dec_rsa.update(hash);
Console.WriteLine(dec_rsa.verify(sig));
Console.WriteLine();
}
public static void testDump()
{
String fname = "e.bin";
FileStream fs = File.OpenRead(fname);
byte[] e = new byte[fs.Length];
fs.Read(e, 0, e.Length);
fs.Close();
fname = "n.bin";
fs = File.OpenRead(fname);
byte[] n = new byte[fs.Length];
fs.Read(n, 0, n.Length);
fs.Close();
fname = "sig.bin";
fs = File.OpenRead(fname);
byte[] sig = new byte[fs.Length];
fs.Read(sig, 0, sig.Length);
fs.Close();
fname = "hash.bin";
fs = File.OpenRead(fname);
byte[] hash = new byte[fs.Length];
fs.Read(hash, 0, hash.Length);
fs.Close();
print("E", e);
print("N", n);
print("SIG", sig);
print("HASH", hash);
Tamir.SharpSsh.jsch.jce.SignatureRSA dec_rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
dec_rsa.init();
dec_rsa.setPubKey(e, n);
dec_rsa.update(hash);
Console.WriteLine(dec_rsa.verify(sig));
Console.WriteLine();
}
public static void testSig()
{
byte[] hash = Util.getBytes("Tamir");
Tamir.SharpSsh.jsch.jce.SignatureRSA enc_rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
Tamir.SharpSsh.jsch.jce.SignatureRSA dec_rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
Tamir.SharpSsh.jsch.jce.KeyPairGenRSA gen = new Tamir.SharpSsh.jsch.jce.KeyPairGenRSA();
gen.init(512);
enc_rsa.init();
enc_rsa.setPrvKey(gen.KeyInfo);
enc_rsa.update(hash);
byte[] sig = enc_rsa.sign();
dump(gen.getE(), gen.getN(), sig, hash);
dec_rsa.init();
dec_rsa.setPubKey(gen.getE(), gen.getN());
dec_rsa.update(hash);
Console.WriteLine(dec_rsa.verify(sig));
}
public static void testSig()
{
byte[] hash = Util.getBytes( "Tamir" );
Tamir.SharpSsh.jsch.jce.SignatureRSA enc_rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
Tamir.SharpSsh.jsch.jce.SignatureRSA dec_rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
Tamir.SharpSsh.jsch.jce.KeyPairGenRSA gen = new Tamir.SharpSsh.jsch.jce.KeyPairGenRSA();
gen.init(512);
enc_rsa.init();
enc_rsa.setPrvKey(gen.KeyInfo);
enc_rsa.update(hash);
byte[] sig = enc_rsa.sign();
dump(gen.getE(), gen.getN(), sig, hash);
dec_rsa.init();
dec_rsa.setPubKey(gen.getE(), gen.getN());
dec_rsa.update(hash);
Console.WriteLine( dec_rsa.verify(sig) );
}
public override bool next(Buffer _buf)
{
int i, j;
bool result = false;
switch (state)
{
case SSH_MSG_KEXDH_REPLY:
// The server responds with:
// byte SSH_MSG_KEXDH_REPLY(31)
// string server public host key and certificates (K_S)
// mpint f
// string signature of H
j = _buf.getInt();
j = _buf.getByte();
j = _buf.getByte();
if (j != 31)
{
Console.WriteLine("type: must be 31 " + j);
result = false;
break;
}
K_S = _buf.getString();
// K_S is server_key_blob, which includes ....
// string ssh-dss
// impint p of dsa
// impint q of dsa
// impint g of dsa
// impint pub_key of dsa
//System.out.print("K_S: "); //dump(K_S, 0, K_S.length);
byte[] f = _buf.getMPInt();
byte[] sig_of_H = _buf.getString();
/*
* for(int ii=0; ii<sig_of_H.length;ii++){
* System.out.print(Integer.toHexString(sig_of_H[ii]&0xff));
* System.out.print(": ");
* }
* Console.WriteLine("");
*/
dh.setF(f);
K = dh.getK();
//The hash H is computed as the HASH hash of the concatenation of the
//following:
// string V_C, the client's version string (CR and NL excluded)
// string V_S, the server's version string (CR and NL excluded)
// string I_C, the payload of the client's SSH_MSG_KEXINIT
// string I_S, the payload of the server's SSH_MSG_KEXINIT
// string K_S, the host key
// mpint e, exchange value sent by the client
// mpint f, exchange value sent by the server
// mpint K, the shared secret
// This value is called the exchange hash, and it is used to authenti-
// cate the key exchange.
buf.reset();
buf.putString(V_C); buf.putString(V_S);
buf.putString(I_C); buf.putString(I_S);
buf.putString(K_S);
buf.putMPInt(e); buf.putMPInt(f);
buf.putMPInt(K);
byte[] foo = new byte[buf.getLength()];
buf.getByte(foo);
sha.update(foo, 0, foo.Length);
H = sha.digest();
//System.out.print("H -> "); //dump(H, 0, H.length);
i = 0;
j = 0;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
String alg = Util.getString(K_S, i, j);
i += j;
result = false;
if (alg.Equals("ssh-rsa"))
{
byte[] tmp;
byte[] ee;
byte[] n;
type = RSA;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
ee = tmp;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
n = tmp;
// SignatureRSA sig=new SignatureRSA();
// sig.init();
ISignatureRSA sig = null;
try
{
sig = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
sig.init();
}
catch (Exception eee)
{
Console.WriteLine(eee);
}
sig.setPubKey(ee, n);
sig.update(H);
result = sig.verify(sig_of_H);
//MainClass.dump(ee, n, sig_of_H, H);
}
else if (alg.Equals("ssh-dss"))
{
byte[] q = null;
byte[] tmp;
byte[] p;
byte[] g;
type = DSS;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
p = tmp;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
q = tmp;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
g = tmp;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
f = tmp;
// SignatureDSA sig=new SignatureDSA();
// sig.init();
ISignatureDSA sig = null;
try
{
sig = new Tamir.SharpSsh.jsch.jce.SignatureDSA();
sig.init();
}
catch (Exception ee)
{
Console.WriteLine(ee);
}
sig.setPubKey(f, p, q, g);
sig.update(H);
result = sig.verify(sig_of_H);
}
else
{
Console.WriteLine("unknow alg");
}
state = STATE_END;
break;
}
return(result);
}
public static void testSigFromJava()
{
FileStream fs = File.OpenRead("e.bin");
byte[] e = new byte[fs.Length];
fs.Read(e, 0, e.Length);
fs.Close();
fs = File.OpenRead("n.bin");
byte[] n = new byte[fs.Length];
fs.Read(n, 0, n.Length);
fs.Close();
fs = File.OpenRead("sig.bin");
byte[] sig = new byte[fs.Length];
fs.Read(sig, 0, sig.Length);
fs.Close();
Console.Write("E: ");
Console.WriteLine( hex(e) );
Console.Write("N: ");
Console.WriteLine( hex(n) );
Console.Write("SIG: ");
Console.WriteLine( hex(sig) );
byte[] hash = Util.getBytes( "Tamir" );
Tamir.SharpSsh.jsch.jce.SignatureRSA dec_rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
dec_rsa.init();
dec_rsa.setPubKey(e, n);
dec_rsa.update(hash);
Console.WriteLine( dec_rsa.verify(sig) );
}
public static void testDumpBase64()
{
String fname = "e.bin";
StreamReader fs = File.OpenText(fname);
string base64 = fs.ReadToEnd();
byte[] e = Convert.FromBase64String( base64 );
fs.Close();
fname = "n.bin";
fs = File.OpenText(fname);
base64 = fs.ReadToEnd();
byte[] n = Convert.FromBase64String( base64 );
fs.Close();
fname = "sig.bin";
fs = File.OpenText(fname);
base64 = fs.ReadToEnd();
byte[] sig = Convert.FromBase64String( base64 );
fs.Close();
fname = "hash.bin";
fs = File.OpenText(fname);
base64 = fs.ReadToEnd();
byte[] hash = Convert.FromBase64String( base64 );
fs.Close();
print("E", e);
print("N", n);
print("SIG", sig);
print("HASH", hash);
Tamir.SharpSsh.jsch.jce.SignatureRSA dec_rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
dec_rsa.init();
dec_rsa.setPubKey(e, n);
dec_rsa.update(hash);
Console.WriteLine( dec_rsa.verify(sig) );
Console.WriteLine();
}
public static void testDump()
{
String fname = "e.bin";
FileStream fs = File.OpenRead(fname);
byte[] e = new byte[fs.Length];
fs.Read(e, 0, e.Length);
fs.Close();
fname = "n.bin";
fs = File.OpenRead(fname);
byte[] n = new byte[fs.Length];
fs.Read(n, 0, n.Length);
fs.Close();
fname = "sig.bin";
fs = File.OpenRead(fname);
byte[] sig = new byte[fs.Length];
fs.Read(sig, 0, sig.Length);
fs.Close();
fname = "hash.bin";
fs = File.OpenRead(fname);
byte[] hash = new byte[fs.Length];
fs.Read(hash, 0, hash.Length);
fs.Close();
print("E", e);
print("N", n);
print("SIG", sig);
print("HASH", hash);
Tamir.SharpSsh.jsch.jce.SignatureRSA dec_rsa = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
dec_rsa.init();
dec_rsa.setPubKey(e, n);
dec_rsa.update(hash);
Console.WriteLine( dec_rsa.verify(sig) );
Console.WriteLine();
}
public override bool next(Buffer _buf)
{
int i, j;
bool result = false;
switch (state)
{
case SSH_MSG_KEX_DH_GEX_GROUP:
// byte SSH_MSG_KEX_DH_GEX_GROUP(31)
// mpint p, safe prime
// mpint g, generator for subgroup in GF (p)
_buf.getInt();
_buf.getByte();
j = _buf.getByte();
if (j != 31)
{
Console.WriteLine("type: must be 31 " + j);
result = false;
}
p = _buf.getMPInt();
g = _buf.getMPInt();
/*
* for(int iii=0; iii<p.length; iii++){
* System.out.println("0x"+Integer.toHexString(p[iii]&0xff)+",");
* }
* System.out.println("");
* for(int iii=0; iii<g.length; iii++){
* System.out.println("0x"+Integer.toHexString(g[iii]&0xff)+",");
* }
*/
dh.setP(p);
dh.setG(g);
// The client responds with:
// byte SSH_MSG_KEX_DH_GEX_INIT(32)
// mpint e <- g^x mod p
// x is a random number (1 < x < (p-1)/2)
e = dh.getE();
packet.reset();
buf.putByte((byte)0x20);
buf.putMPInt(e);
session.write(packet);
state = SSH_MSG_KEX_DH_GEX_REPLY;
result = true;
break;
case SSH_MSG_KEX_DH_GEX_REPLY:
// The server responds with:
// byte SSH_MSG_KEX_DH_GEX_REPLY(33)
// string server public host key and certificates (K_S)
// mpint f
// string signature of H
j = _buf.getInt();
j = _buf.getByte();
j = _buf.getByte();
if (j != 33)
{
Console.WriteLine("type: must be 33 " + j);
result = false;
}
K_S = _buf.getString();
// K_S is server_key_blob, which includes ....
// string ssh-dss
// impint p of dsa
// impint q of dsa
// impint g of dsa
// impint pub_key of dsa
//System.out.print("K_S: "); dump(K_S, 0, K_S.length);
byte[] f = _buf.getMPInt();
byte[] sig_of_H = _buf.getString();
dh.setF(f);
K = dh.getK();
//The hash H is computed as the HASH hash of the concatenation of the
//following:
// string V_C, the client's version string (CR and NL excluded)
// string V_S, the server's version string (CR and NL excluded)
// string I_C, the payload of the client's SSH_MSG_KEXINIT
// string I_S, the payload of the server's SSH_MSG_KEXINIT
// string K_S, the host key
// uint32 min, minimal size in bits of an acceptable group
// uint32 n, preferred size in bits of the group the server should send
// uint32 max, maximal size in bits of an acceptable group
// mpint p, safe prime
// mpint g, generator for subgroup
// mpint e, exchange value sent by the client
// mpint f, exchange value sent by the server
// mpint K, the shared secret
// This value is called the exchange hash, and it is used to authenti-
// cate the key exchange.
buf.reset();
buf.putString(V_C); buf.putString(V_S);
buf.putString(I_C); buf.putString(I_S);
buf.putString(K_S);
buf.putInt(min); buf.putInt(preferred); buf.putInt(max);
buf.putMPInt(p); buf.putMPInt(g); buf.putMPInt(e); buf.putMPInt(f);
buf.putMPInt(K);
byte[] foo = new byte[buf.getLength()];
buf.getByte(foo);
sha.update(foo, 0, foo.Length);
H = sha.digest();
// System.out.print("H -> "); dump(H, 0, H.length);
i = 0;
j = 0;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
String alg = Util.getString(K_S, i, j);
i += j;
if (alg.Equals("ssh-rsa"))
{
byte[] tmp;
byte[] ee;
byte[] n;
type = RSA;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
ee = tmp;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
n = tmp;
// SignatureRSA sig=new SignatureRSA();
// sig.init();
ISignatureRSA sig = null;
try
{
sig = new Tamir.SharpSsh.jsch.jce.SignatureRSA();
sig.init();
}
catch (Exception eee)
{
Console.WriteLine(eee);
}
sig.setPubKey(ee, n);
sig.update(H);
result = sig.verify(sig_of_H);
}
else if (alg.Equals("ssh-dss"))
{
byte[] q = null;
byte[] tmp;
type = DSS;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
p = tmp;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
q = tmp;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
g = tmp;
j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) |
((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j;
f = tmp;
// SignatureDSA sig=new SignatureDSA();
// sig.init();
ISignatureDSA sig = null;
try
{
sig = new Tamir.SharpSsh.jsch.jce.SignatureDSA();
sig.init();
}
catch (Exception ee)
{
Console.WriteLine(ee);
}
sig.setPubKey(f, p, q, g);
sig.update(H);
result = sig.verify(sig_of_H);
}
else
{
Console.WriteLine("unknow alg");
}
state = STATE_END;
break;
}
return(result);
}
