public static string GetAuthorizedKeyString(this ISshKey aKey) { string result = ""; switch (aKey.Version) { case SshVersion.SSH1: AsymmetricKeyParameter parameters = aKey.GetPublicKeyParameters(); RsaKeyParameters rsaPublicKeyParameters = (RsaKeyParameters)parameters; result = aKey.Size + " " + rsaPublicKeyParameters.Exponent.ToString(10) + " " + rsaPublicKeyParameters.Modulus.ToString(10) + " " + String.Format(aKey.GetMD5Fingerprint().ToHexString()) + " " + aKey.Comment; break; case SshVersion.SSH2: result = PublicKeyAlgorithmExt.GetIdentifierString(aKey.Algorithm) + " " + Convert.ToBase64String(aKey.GetPublicKeyBlob()) + " " + String.Format(aKey.GetMD5Fingerprint().ToHexString()) + " " + aKey.Comment; break; default: result = "# unsuported SshVersion: '" + aKey.Version + "'"; break; } return(result); }
public static ISigner GetSigner(this ISshKey key) { AsymmetricKeyParameter publicKey = key.GetPublicKeyParameters(); if (publicKey is DsaPublicKeyParameters) { return(SignerUtilities.GetSigner(X9ObjectIdentifiers.IdDsaWithSha1)); } else if (publicKey is RsaKeyParameters) { return(SignerUtilities.GetSigner(PkcsObjectIdentifiers.Sha1WithRsaEncryption)); } else if (publicKey is ECPublicKeyParameters) { int ecdsaFieldSize = ((ECPublicKeyParameters)publicKey).Q.Curve.FieldSize; if (ecdsaFieldSize <= 256) { return(SignerUtilities.GetSigner(X9ObjectIdentifiers.ECDsaWithSha256)); } else if (ecdsaFieldSize > 256 && ecdsaFieldSize <= 384) { return(SignerUtilities.GetSigner(X9ObjectIdentifiers.ECDsaWithSha384)); } else if (ecdsaFieldSize > 384) { return(SignerUtilities.GetSigner(X9ObjectIdentifiers.ECDsaWithSha512)); } } else if (publicKey is Ed25519PublicKeyParameter) { return(new Ed25519Signer()); } throw new Exception("Unsupported algorithm"); }
public byte[] SignRequest(ISshKey aKey, byte[] aSignData) { BlobBuilder builder = new BlobBuilder(); switch (aKey.Version) { case SshVersion.SSH1: builder.AddBytes(aKey.GetPublicKeyBlob()); var engine = new Pkcs1Encoding(new RsaEngine()); engine.Init(true /* encrypt */, aKey.GetPublicKeyParameters()); var encryptedData = engine.ProcessBlock(aSignData, 0, aSignData.Length); var challenge = new BigInteger(encryptedData); builder.AddSsh1BigIntBlob(challenge); builder.AddBytes(SessionId); builder.AddInt(1); // response type - must be 1 builder.InsertHeader(Agent.Message.SSH1_AGENTC_RSA_CHALLENGE); break; case SshVersion.SSH2: builder.AddBlob(aKey.GetPublicKeyBlob()); builder.AddBlob(aSignData); builder.InsertHeader(Agent.Message.SSH2_AGENTC_SIGN_REQUEST); break; default: throw new Exception(cUnsupportedSshVersion); } BlobParser replyParser = SendMessage(builder); var header = replyParser.ReadHeader(); switch (aKey.Version) { case SshVersion.SSH1: if (header.Message != Agent.Message.SSH1_AGENT_RSA_RESPONSE) { throw new AgentFailureException(); } byte[] response = new byte[16]; for (int i = 0; i < 16; i++) { response[i] = replyParser.ReadUInt8(); } return(response); case SshVersion.SSH2: if (header.Message != Agent.Message.SSH2_AGENT_SIGN_RESPONSE) { throw new AgentFailureException(); } return(replyParser.ReadBlob()); default: throw new Exception(cUnsupportedSshVersion); } }
public static byte[] FormatSignature(this ISshKey key, byte[] signature) { AsymmetricKeyParameter publicKey = key.GetPublicKeyParameters(); if (publicKey is DsaPublicKeyParameters || publicKey is ECPublicKeyParameters) { Asn1Sequence seq = (Asn1Sequence)Asn1Object.FromByteArray(signature); BigInteger r = ((DerInteger)seq[0]).PositiveValue; BigInteger s = ((DerInteger)seq[1]).PositiveValue; BlobBuilder formatedSignature = new BlobBuilder(); if (publicKey is ECPublicKeyParameters) { var bytes = r.ToByteArray().ToList(); while (bytes.Count < 20) { bytes.Insert(0, 0); } formatedSignature.AddBlob(bytes.ToArray()); bytes = s.ToByteArray().ToList(); while (bytes.Count < 20) { bytes.Insert(0, 0); } formatedSignature.AddBlob(bytes.ToArray()); } else { var bytes = r.ToByteArrayUnsigned().ToList(); while (bytes.Count < 20) { bytes.Insert(0, 0); } formatedSignature.AddBytes(bytes.ToArray()); bytes = s.ToByteArrayUnsigned().ToList(); while (bytes.Count < 20) { bytes.Insert(0, 0); } formatedSignature.AddBytes(bytes.ToArray()); } return(formatedSignature.GetBlob()); } else if (publicKey is RsaKeyParameters || publicKey is Ed25519PublicKeyParameter) { return(signature); } throw new Exception("Unsupported algorithm"); }
public static byte[] GetMD5Fingerprint(this ISshKey key) { try { using (MD5 md5 = MD5.Create()) { if (key.GetPublicKeyParameters() is RsaKeyParameters && key.Version == SshVersion.SSH1) { var rsaKeyParameters = key.GetPublicKeyParameters() as RsaKeyParameters; int modSize = rsaKeyParameters.Modulus.ToByteArrayUnsigned().Length; int expSize = rsaKeyParameters.Exponent.ToByteArrayUnsigned().Length; byte[] md5Buffer = new byte[modSize + expSize]; rsaKeyParameters.Modulus.ToByteArrayUnsigned().CopyTo(md5Buffer, 0); rsaKeyParameters.Exponent.ToByteArrayUnsigned().CopyTo(md5Buffer, modSize); return(md5.ComputeHash(md5Buffer)); } return(md5.ComputeHash(key.GetPublicKeyBlob(false))); } } catch (Exception) { return(null); } }
/// <summary> /// Get a signer for a key. The algorithm is determined by the type of the /// key and in the case of RSA keys, the optional flags. /// </summary> /// <param name="key">A SSH key</param> /// <param name="flags">Optional flags</param> /// <returns>A Signer</returns> public static ISigner GetSigner(this ISshKey key, SignRequestFlags flags = default(SignRequestFlags)) { var publicKey = key.GetPublicKeyParameters(); if (publicKey is DsaPublicKeyParameters) { return(SignerUtilities.GetSigner(X9ObjectIdentifiers.IdDsaWithSha1)); } else if (publicKey is RsaKeyParameters) { // flags can influence hash type for RSA keys if (flags.HasFlag(SignRequestFlags.SSH_AGENT_RSA_SHA2_512)) { return(SignerUtilities.GetSigner(PkcsObjectIdentifiers.Sha512WithRsaEncryption)); } if (flags.HasFlag(SignRequestFlags.SSH_AGENT_RSA_SHA2_256)) { return(SignerUtilities.GetSigner(PkcsObjectIdentifiers.Sha256WithRsaEncryption)); } return(SignerUtilities.GetSigner(PkcsObjectIdentifiers.Sha1WithRsaEncryption)); } else if (publicKey is ECPublicKeyParameters) { var ecdsaFieldSize = ((ECPublicKeyParameters)publicKey).Q.Curve.FieldSize; if (ecdsaFieldSize <= 256) { return(SignerUtilities.GetSigner(X9ObjectIdentifiers.ECDsaWithSha256)); } else if (ecdsaFieldSize > 256 && ecdsaFieldSize <= 384) { return(SignerUtilities.GetSigner(X9ObjectIdentifiers.ECDsaWithSha384)); } else if (ecdsaFieldSize > 384) { return(SignerUtilities.GetSigner(X9ObjectIdentifiers.ECDsaWithSha512)); } } else if (publicKey is Ed25519PublicKeyParameter) { return(new Ed25519Signer()); } throw new ArgumentException("Unsupported algorithm", "key"); }
public override void Serialize(Stream stream, object obj) { /* check for required parameters */ if (stream == null) { throw new ArgumentNullException("stream"); } if (obj == null) { throw new ArgumentNullException("obj"); } PinnedArray <char> passphrase = null; string ciphername; if (passphrase == null || passphrase.Data.Length == 0) { ciphername = KDFNAME_NONE; } else { ciphername = KDFNAME_BCRYPT; } var builder = new BlobBuilder(); ISshKey sshKey = obj as ISshKey; if (sshKey == null) { throw new ArgumentException("Expected ISshKey", "obj"); } var publicKeyParams = sshKey.GetPublicKeyParameters() as Ed25519PublicKeyParameter; var privateKeyParams = sshKey.GetPrivateKeyParameters() as Ed25519PrivateKeyParameter; /* writing info headers */ builder.AddBytes(Encoding.ASCII.GetBytes(AUTH_MAGIC)); builder.AddStringBlob(ciphername); builder.AddStringBlob(ciphername); //kdfname builder.AddBlob(new byte[0]); // kdfoptions /* writing public key */ builder.AddInt(1); // number of keys N var publicKeyBuilder = new BlobBuilder(); publicKeyBuilder.AddStringBlob(PublicKeyAlgorithm.ED25519.GetIdentifierString()); publicKeyBuilder.AddBlob(publicKeyParams.Key); builder.AddBlob(publicKeyBuilder.GetBlob()); /* writing private key */ BlobBuilder privateKeyBuilder = new BlobBuilder(); var checkint = new SecureRandom().NextInt(); privateKeyBuilder.AddInt(checkint); privateKeyBuilder.AddInt(checkint); privateKeyBuilder.AddStringBlob(PublicKeyAlgorithm.ED25519.GetIdentifierString()); privateKeyBuilder.AddBlob(publicKeyParams.Key); privateKeyBuilder.AddBlob(privateKeyParams.Signature); privateKeyBuilder.AddStringBlob(sshKey.Comment); if (ciphername == KDFNAME_NONE) { /* plain-text */ builder.AddBlob(privateKeyBuilder.GetBlobAsPinnedByteArray().Data); } else { byte[] keydata; using (MD5 md5 = MD5.Create()) { keydata = md5.ComputeHash(Encoding.ASCII.GetBytes(passphrase.Data)); } passphrase.Dispose(); } /* writing result to file */ var builderOutput = builder.GetBlobAsPinnedByteArray(); using (var writer = new StreamWriter(stream)) { writer.NewLine = "\n"; writer.WriteLine(MARK_BEGIN); var base64Data = Util.ToBase64(builderOutput.Data); var base64String = Encoding.UTF8.GetString(base64Data); var offset = 0; while (offset < base64String.Length) { const int maxLineLength = 70; if (offset + maxLineLength > base64String.Length) { writer.WriteLine(base64String.Substring(offset)); } else { writer.WriteLine(base64String.Substring(offset, maxLineLength)); } offset += maxLineLength; } writer.WriteLine(MARK_END); } }
/// <summary> /// Gets OpenSsh formatted bytes from public key /// </summary> /// <param name="key">The key.</param> /// <param name="cert">When set to <c>true</c> and the key has a certificate, the certificate blob will be used.</param> /// <returns>byte array containing key information</returns> public static byte[] GetPublicKeyBlob(this ISshKey key, bool cert = true) { if (cert && key.Certificate != null) { return(key.Certificate.Blob); } AsymmetricKeyParameter parameters = key.GetPublicKeyParameters(); BlobBuilder builder = new BlobBuilder(); if (parameters is RsaKeyParameters) { RsaKeyParameters rsaPublicKeyParameters = (RsaKeyParameters)parameters; if (key.Version == SshVersion.SSH1) { builder.AddInt(key.Size); builder.AddSsh1BigIntBlob(rsaPublicKeyParameters.Exponent); builder.AddSsh1BigIntBlob(rsaPublicKeyParameters.Modulus); } else { builder.AddStringBlob(PublicKeyAlgorithm.SSH_RSA.GetIdentifierString()); builder.AddBigIntBlob(rsaPublicKeyParameters.Exponent); builder.AddBigIntBlob(rsaPublicKeyParameters.Modulus); } } else if (parameters is DsaPublicKeyParameters) { DsaPublicKeyParameters dsaParameters = (DsaPublicKeyParameters)parameters; builder.AddStringBlob(PublicKeyAlgorithm.SSH_DSS.GetIdentifierString()); builder.AddBigIntBlob(dsaParameters.Parameters.P); builder.AddBigIntBlob(dsaParameters.Parameters.Q); builder.AddBigIntBlob(dsaParameters.Parameters.G); builder.AddBigIntBlob(dsaParameters.Y); } else if (parameters is ECPublicKeyParameters) { ECPublicKeyParameters ecdsaParameters = (ECPublicKeyParameters)parameters; string algorithm; switch (ecdsaParameters.Parameters.Curve.FieldSize) { case 256: algorithm = PublicKeyAlgorithm.ECDSA_SHA2_NISTP256.GetIdentifierString(); break; case 384: algorithm = PublicKeyAlgorithm.ECDSA_SHA2_NISTP384.GetIdentifierString(); break; case 521: algorithm = PublicKeyAlgorithm.ECDSA_SHA2_NISTP521.GetIdentifierString(); break; default: throw new ArgumentException("Unsupported EC size: " + ecdsaParameters.Parameters.Curve.FieldSize); } builder.AddStringBlob(algorithm); algorithm = algorithm.Replace(PublicKeyAlgorithmExt.ALGORITHM_ECDSA_SHA2_PREFIX, string.Empty); builder.AddStringBlob(algorithm); builder.AddBlob(ecdsaParameters.Q.GetEncoded()); } else if (parameters is Ed25519PublicKeyParameter) { builder.AddStringBlob(PublicKeyAlgorithm.ED25519.GetIdentifierString()); builder.AddBlob(((Ed25519PublicKeyParameter)parameters).Key); } else { throw new ArgumentException(parameters.GetType() + " is not supported"); } byte[] result = builder.GetBlob(); builder.Clear(); return(result); }
BlobBuilder CreatePrivateKeyBlob(ISshKey key) { var builder = new BlobBuilder(); switch (key.Version) { case SshVersion.SSH1: var privateKeyParams = key.GetPrivateKeyParameters() as RsaPrivateCrtKeyParameters; builder.AddInt(key.Size); builder.AddSsh1BigIntBlob(privateKeyParams.Modulus); builder.AddSsh1BigIntBlob(privateKeyParams.PublicExponent); builder.AddSsh1BigIntBlob(privateKeyParams.Exponent); builder.AddSsh1BigIntBlob(privateKeyParams.QInv); builder.AddSsh1BigIntBlob(privateKeyParams.Q); builder.AddSsh1BigIntBlob(privateKeyParams.P); break; case SshVersion.SSH2: builder.AddStringBlob(key.Algorithm.GetIdentifierString()); switch (key.Algorithm) { case PublicKeyAlgorithm.SSH_DSS: var dsaPublicKeyParameters = key.GetPublicKeyParameters() as DsaPublicKeyParameters; var dsaPrivateKeyParamters = key.GetPrivateKeyParameters() as DsaPrivateKeyParameters; builder.AddBigIntBlob(dsaPublicKeyParameters.Parameters.P); builder.AddBigIntBlob(dsaPublicKeyParameters.Parameters.Q); builder.AddBigIntBlob(dsaPublicKeyParameters.Parameters.G); builder.AddBigIntBlob(dsaPublicKeyParameters.Y); builder.AddBigIntBlob(dsaPrivateKeyParamters.X); break; case PublicKeyAlgorithm.ECDSA_SHA2_NISTP256: case PublicKeyAlgorithm.ECDSA_SHA2_NISTP384: case PublicKeyAlgorithm.ECDSA_SHA2_NISTP521: var ecdsaPublicKeyParameters = key.GetPublicKeyParameters() as ECPublicKeyParameters; var ecdsaPrivateKeyParameters = key.GetPrivateKeyParameters() as ECPrivateKeyParameters; builder.AddStringBlob(key.Algorithm.GetIdentifierString() .Replace(PublicKeyAlgorithmExt.ALGORITHM_ECDSA_SHA2_PREFIX, string.Empty)); builder.AddBlob(ecdsaPublicKeyParameters.Q.GetEncoded()); builder.AddBigIntBlob(ecdsaPrivateKeyParameters.D); break; case PublicKeyAlgorithm.SSH_RSA: var rsaPrivateKeyParameters = key.GetPrivateKeyParameters() as RsaPrivateCrtKeyParameters; builder.AddBigIntBlob(rsaPrivateKeyParameters.Modulus); builder.AddBigIntBlob(rsaPrivateKeyParameters.PublicExponent); builder.AddBigIntBlob(rsaPrivateKeyParameters.Exponent); builder.AddBigIntBlob(rsaPrivateKeyParameters.QInv); builder.AddBigIntBlob(rsaPrivateKeyParameters.P); builder.AddBigIntBlob(rsaPrivateKeyParameters.Q); break; case PublicKeyAlgorithm.ED25519: var ed25519PublicKeyParameters = key.GetPublicKeyParameters() as Ed25519PublicKeyParameter; var ed25519PrivateKeyParameters = key.GetPrivateKeyParameters() as Ed25519PrivateKeyParameter; builder.AddBlob(ed25519PublicKeyParameters.Key); builder.AddBlob(ed25519PrivateKeyParameters.Signature); break; default: throw new Exception("Unsupported algorithm"); } break; default: throw new Exception(cUnsupportedSshVersion); } builder.AddStringBlob(key.Comment); return(builder); }
public override void Serialize(Stream aStream, object aObject) { /* check for required parameters */ if (aStream == null) { throw new ArgumentNullException("aStream"); } if (aObject == null) { throw new ArgumentNullException("aObject"); } PasswordFinder pwFinder = null; if (GetPassphraseCallbackMethod != null) { pwFinder = new PasswordFinder(GetPassphraseCallbackMethod); } PinnedArray <char> passphrase = null; if (pwFinder != null) { passphrase = new PinnedArray <char>(0); passphrase.Data = pwFinder.GetPassword(); } byte cipherType; if (passphrase == null || passphrase.Data.Length == 0) { cipherType = SSH_CIPHER_NONE; } else { cipherType = SSH_CIPHER_3DES; } BlobBuilder builder = new BlobBuilder(); ISshKey sshKey = aObject as ISshKey; RsaKeyParameters publicKeyParams = sshKey.GetPublicKeyParameters() as RsaKeyParameters; RsaPrivateCrtKeyParameters privateKeyParams = sshKey.GetPrivateKeyParameters() as RsaPrivateCrtKeyParameters; /* writing info headers */ builder.AddBytes(Encoding.ASCII.GetBytes(FILE_HEADER_LINE + "\n")); builder.AddUInt8(0); //end of string builder.AddUInt8(cipherType); //cipher builder.AddInt(0); //reserved /* writing public key */ builder.AddInt(sshKey.Size); builder.AddSsh1BigIntBlob(publicKeyParams.Modulus); builder.AddSsh1BigIntBlob(publicKeyParams.Exponent); builder.AddStringBlob(sshKey.Comment); /* writing private key */ BlobBuilder privateKeyBuilder = new BlobBuilder(); /* adding some control values */ Random random = new Random(); byte[] resultCheck = new byte[2]; random.NextBytes(resultCheck); privateKeyBuilder.AddUInt8(resultCheck[0]); privateKeyBuilder.AddUInt8(resultCheck[1]); privateKeyBuilder.AddUInt8(resultCheck[0]); privateKeyBuilder.AddUInt8(resultCheck[1]); privateKeyBuilder.AddSsh1BigIntBlob(privateKeyParams.Exponent); privateKeyBuilder.AddSsh1BigIntBlob(privateKeyParams.DQ); privateKeyBuilder.AddSsh1BigIntBlob(privateKeyParams.P); privateKeyBuilder.AddSsh1BigIntBlob(privateKeyParams.Q); if (cipherType == SSH_CIPHER_NONE) { /* plain-text */ builder.AddBytes(privateKeyBuilder.GetBlobAsPinnedByteArray().Data); } else { byte[] keydata; using (MD5 md5 = MD5.Create()) { keydata = md5.ComputeHash(Encoding.ASCII.GetBytes(passphrase.Data)); } /* encryption */ DesSsh1Engine desEngine = new DesSsh1Engine(); desEngine.Init(true, new KeyParameter(keydata)); BufferedBlockCipher bufferedBlockCipher = new BufferedBlockCipher(desEngine); byte[] ouputBuffer = bufferedBlockCipher.ProcessBytes( privateKeyBuilder.GetBlobAsPinnedByteArray().Data); builder.AddBytes(ouputBuffer); passphrase.Dispose(); } /* writing result to file */ var builderOutput = builder.GetBlobAsPinnedByteArray(); aStream.Write(builderOutput.Data, 0, builderOutput.Data.Length); aStream.Close(); }
BlobBuilder CreatePrivateKeyBlob(ISshKey key) { var builder = new BlobBuilder(); switch (key.Version) { case SshVersion.SSH1: var privateKeyParams = key.GetPrivateKeyParameters() as RsaPrivateCrtKeyParameters; builder.AddInt(key.Size); builder.AddSsh1BigIntBlob(privateKeyParams.Modulus); builder.AddSsh1BigIntBlob(privateKeyParams.PublicExponent); builder.AddSsh1BigIntBlob(privateKeyParams.Exponent); builder.AddSsh1BigIntBlob(privateKeyParams.QInv); builder.AddSsh1BigIntBlob(privateKeyParams.Q); builder.AddSsh1BigIntBlob(privateKeyParams.P); break; case SshVersion.SSH2: builder.AddStringBlob(key.Algorithm.GetIdentifierString()); switch (key.Algorithm) { case PublicKeyAlgorithm.SSH_DSS: var dsaPublicKeyParameters = key.GetPublicKeyParameters() as DsaPublicKeyParameters; var dsaPrivateKeyParamters = key.GetPrivateKeyParameters() as DsaPrivateKeyParameters; builder.AddBigIntBlob(dsaPublicKeyParameters.Parameters.P); builder.AddBigIntBlob(dsaPublicKeyParameters.Parameters.Q); builder.AddBigIntBlob(dsaPublicKeyParameters.Parameters.G); builder.AddBigIntBlob(dsaPublicKeyParameters.Y); builder.AddBigIntBlob(dsaPrivateKeyParamters.X); break; case PublicKeyAlgorithm.ECDSA_SHA2_NISTP256: case PublicKeyAlgorithm.ECDSA_SHA2_NISTP384: case PublicKeyAlgorithm.ECDSA_SHA2_NISTP521: var ecdsaPublicKeyParameters = key.GetPublicKeyParameters() as ECPublicKeyParameters; var ecdsaPrivateKeyParameters = key.GetPrivateKeyParameters() as ECPrivateKeyParameters; builder.AddStringBlob(key.Algorithm.GetIdentifierString() .Replace(PublicKeyAlgorithmExt.ALGORITHM_ECDSA_SHA2_PREFIX, string.Empty)); builder.AddBlob(ecdsaPublicKeyParameters.Q.GetEncoded()); builder.AddBigIntBlob(ecdsaPrivateKeyParameters.D); break; case PublicKeyAlgorithm.SSH_RSA: var rsaPrivateKeyParameters = key.GetPrivateKeyParameters() as RsaPrivateCrtKeyParameters; builder.AddBigIntBlob(rsaPrivateKeyParameters.Modulus); builder.AddBigIntBlob(rsaPrivateKeyParameters.PublicExponent); builder.AddBigIntBlob(rsaPrivateKeyParameters.Exponent); builder.AddBigIntBlob(rsaPrivateKeyParameters.QInv); builder.AddBigIntBlob(rsaPrivateKeyParameters.P); builder.AddBigIntBlob(rsaPrivateKeyParameters.Q); break; case PublicKeyAlgorithm.ED25519: var ed25519PublicKeyParameters = key.GetPublicKeyParameters() as Ed25519PublicKeyParameter; var ed25519PrivateKeyParameters = key.GetPrivateKeyParameters() as Ed25519PrivateKeyParameter; builder.AddBlob(ed25519PublicKeyParameters.Key); builder.AddBlob(ed25519PrivateKeyParameters.Signature); break; default: throw new Exception("Unsupported algorithm"); } break; default: throw new Exception(cUnsupportedSshVersion); } builder.AddStringBlob(key.Comment); return builder; }
public byte[] SignRequest(ISshKey aKey, byte[] aSignData) { BlobBuilder builder = new BlobBuilder(); switch (aKey.Version) { case SshVersion.SSH1: builder.AddBytes(aKey.GetPublicKeyBlob()); var engine = new Pkcs1Encoding(new RsaEngine()); engine.Init(true /* encrypt */, aKey.GetPublicKeyParameters()); var encryptedData = engine.ProcessBlock(aSignData, 0, aSignData.Length); var challenge = new BigInteger(encryptedData); builder.AddSsh1BigIntBlob(challenge); builder.AddBytes(SessionId); builder.AddInt(1); // response type - must be 1 builder.InsertHeader(Agent.Message.SSH1_AGENTC_RSA_CHALLENGE); break; case SshVersion.SSH2: builder.AddBlob(aKey.GetPublicKeyBlob()); builder.AddBlob(aSignData); builder.InsertHeader(Agent.Message.SSH2_AGENTC_SIGN_REQUEST); break; default: throw new Exception(cUnsupportedSshVersion); } BlobParser replyParser = SendMessage(builder); var header = replyParser.ReadHeader(); switch (aKey.Version) { case SshVersion.SSH1: if (header.Message != Agent.Message.SSH1_AGENT_RSA_RESPONSE) { throw new AgentFailureException(); } byte[] response = new byte[16]; for (int i = 0; i < 16; i++) { response[i] = replyParser.ReadByte(); } return response; case SshVersion.SSH2: if (header.Message != Agent.Message.SSH2_AGENT_SIGN_RESPONSE) { throw new AgentFailureException(); } return replyParser.ReadBlob(); default: throw new Exception(cUnsupportedSshVersion); } }