Example #1
0
        private bool Verify(int version, string privateMac, string privateHash,
                            SecureString passphrase, string keyTypeName, string encryptionName, string comment, byte[] publicBlob, byte[] privateBlob) {

            byte[] macData;
            using (MemoryStream macDataBuff = new MemoryStream()) {
                if (version == 1) {
                    WriteMacData(macDataBuff, privateBlob);
                }
                else {
                    WriteMacData(macDataBuff, keyTypeName);
                    WriteMacData(macDataBuff, encryptionName);
                    WriteMacData(macDataBuff, comment);
                    WriteMacData(macDataBuff, publicBlob);
                    WriteMacData(macDataBuff, privateBlob);
                }
                macDataBuff.Close();
                macData = macDataBuff.ToArray();
            }

            if (privateMac != null) {
                var sha1 = new SHA1CryptoServiceProvider();
                var a = Encoding.ASCII.GetBytes("putty-private-key-file-mac-key");
                sha1.TransformBlock(a, 0, a.Length, null, 0);
                //var b = Encoding.UTF8.GetBytes(passphrase);
                //sha1.TransformFinalBlock(b, 0, b.Length);
                sha1.HashBlock(passphrase, true);
                var key = sha1.Hash;
                sha1.Clear();

                var hmacsha1 = new HMACSHA1(key);
                byte[] hash = hmacsha1.ComputeHash(macData);
                hmacsha1.Clear();
                string mac = BinToHex(hash);
                return mac == privateMac;
            }

            if (privateHash == null) return true;

            var sha2 = new SHA1CryptoServiceProvider();
            var hash2 = sha2.ComputeHash(macData);
            sha2.Clear();
            var mac2 = BinToHex(hash2);
            return mac2 == privateHash;
        }
Example #2
0
        private static byte[] PuTTYPassphraseToKey(SecureString passphrase) {
            const int HASH_SIZE = 20;
            SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
            //byte[] pp  = Encoding.UTF8.GetBytes(passphrase);
            byte[] buf = new byte[HASH_SIZE * 2];

            sha1.TransformBlock(new byte[] { 0, 0, 0, 0 }, 0, 4, null, 0);
            sha1.HashBlock(passphrase, true);
            //sha1.TransformFinalBlock(pp, 0, pp.Length);
            Buffer.BlockCopy(sha1.Hash, 0, buf, 0, HASH_SIZE);
            sha1.Initialize();
            sha1.TransformBlock(new byte[] { 0, 0, 0, 1 }, 0, 4, null, 0);
            sha1.HashBlock(passphrase, true);
            //sha1.TransformFinalBlock(pp, 0, pp.Length);
            Buffer.BlockCopy(sha1.Hash, 0, buf, HASH_SIZE, HASH_SIZE);
            sha1.Clear();

            byte[] key = new byte[32];
            Buffer.BlockCopy(buf, 0, key, 0, key.Length);
            return key;
        }