// OID 1.2.840.113554.1.2.2 in DER
/// <exception cref="System.Exception"></exception>
public override bool Start(Session session)
{
base.Start(session);
byte[] _username = Util.Str2byte(username);
packet.Reset();
// byte SSH_MSG_USERAUTH_REQUEST(50)
// string user name(in ISO-10646 UTF-8 encoding)
// string service name(in US-ASCII)
// string "gssapi"(US-ASCII)
// uint32 n, the number of OIDs client supports
// string[n] mechanism OIDS
buf.PutByte(unchecked((byte)SSH_MSG_USERAUTH_REQUEST));
buf.PutString(_username);
buf.PutString(Util.Str2byte("ssh-connection"));
buf.PutString(Util.Str2byte("gssapi-with-mic"));
buf.PutInt(supported_oid.Length);
for (int i = 0; i < supported_oid.Length; i++)
{
buf.PutString(supported_oid[i]);
}
session.Write(packet);
string method = null;
int command;
while (true)
{
buf = session.Read(buf);
command = buf.GetCommand() & unchecked((int)(0xff));
if (command == SSH_MSG_USERAUTH_FAILURE)
{
return false;
}
if (command == SSH_MSG_USERAUTH_GSSAPI_RESPONSE)
{
buf.GetInt();
buf.GetByte();
buf.GetByte();
byte[] message = buf.GetString();
for (int i_1 = 0; i_1 < supported_oid.Length; i_1++)
{
if (Util.Array_equals(message, supported_oid[i_1]))
{
method = supported_method[i_1];
break;
}
}
if (method == null)
{
return false;
}
break;
}
// success
if (command == SSH_MSG_USERAUTH_BANNER)
{
buf.GetInt();
buf.GetByte();
buf.GetByte();
byte[] _message = buf.GetString();
byte[] lang = buf.GetString();
string message = Util.Byte2str(_message);
if (userinfo != null)
{
userinfo.ShowMessage(message);
}
continue;
}
return false;
}
NSch.GSSContext context = null;
try
{
Type c = Sharpen.Runtime.GetType(session.GetConfig(method));
context = (NSch.GSSContext)(System.Activator.CreateInstance(c));
}
catch (Exception)
{
return false;
}
try
{
context.Create(username, session.host);
}
catch (JSchException)
{
return false;
}
byte[] token = new byte[0];
while (!context.IsEstablished())
{
try
{
token = context.Init(token, 0, token.Length);
}
catch (JSchException)
{
// TODO
// ERRTOK should be sent?
// byte SSH_MSG_USERAUTH_GSSAPI_ERRTOK
// string error token
return false;
}
if (token != null)
{
packet.Reset();
buf.PutByte(unchecked((byte)SSH_MSG_USERAUTH_GSSAPI_TOKEN));
buf.PutString(token);
session.Write(packet);
}
if (!context.IsEstablished())
{
buf = session.Read(buf);
command = buf.GetCommand() & unchecked((int)(0xff));
if (command == SSH_MSG_USERAUTH_GSSAPI_ERROR)
{
// uint32 major_status
// uint32 minor_status
// string message
// string language tag
buf = session.Read(buf);
command = buf.GetCommand() & unchecked((int)(0xff));
}
else
{
//return false;
if (command == SSH_MSG_USERAUTH_GSSAPI_ERRTOK)
{
// string error token
buf = session.Read(buf);
command = buf.GetCommand() & unchecked((int)(0xff));
}
}
//return false;
if (command == SSH_MSG_USERAUTH_FAILURE)
{
return false;
}
buf.GetInt();
buf.GetByte();
buf.GetByte();
token = buf.GetString();
}
}
Buffer mbuf = new Buffer();
// string session identifier
// byte SSH_MSG_USERAUTH_REQUEST
// string user name
// string service
// string "gssapi-with-mic"
mbuf.PutString(session.GetSessionId());
mbuf.PutByte(unchecked((byte)SSH_MSG_USERAUTH_REQUEST));
mbuf.PutString(_username);
mbuf.PutString(Util.Str2byte("ssh-connection"));
mbuf.PutString(Util.Str2byte("gssapi-with-mic"));
byte[] mic = context.GetMIC(mbuf.buffer, 0, mbuf.GetLength());
if (mic == null)
{
return false;
}
packet.Reset();
buf.PutByte(unchecked((byte)SSH_MSG_USERAUTH_GSSAPI_MIC));
buf.PutString(mic);
session.Write(packet);
context.Dispose();
buf = session.Read(buf);
command = buf.GetCommand() & unchecked((int)(0xff));
if (command == SSH_MSG_USERAUTH_SUCCESS)
{
return true;
}
else
{
if (command == SSH_MSG_USERAUTH_FAILURE)
{
buf.GetInt();
buf.GetByte();
buf.GetByte();
byte[] foo = buf.GetString();
int partial_success = buf.GetByte();
//System.err.println(new String(foo)+
// " partial_success:"+(partial_success!=0));
if (partial_success != 0)
{
throw new JSchPartialAuthException(Util.Byte2str(foo));
}
}
}
return false;
}
// static int min=512;
// static int preferred=1024;
// static int max=2000;
// com.jcraft.jsch.DH dh;
//private byte[] f;
/// <exception cref="System.Exception"></exception>
public override void Init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte
[] I_C)
{
this.session = session;
this.V_S = V_S;
this.V_C = V_C;
this.I_S = I_S;
this.I_C = I_C;
try
{
Type c = Sharpen.Runtime.GetType(session.GetConfig("sha-1"));
sha = (HASH)(System.Activator.CreateInstance(c));
sha.Init();
}
catch (Exception e)
{
System.Console.Error.WriteLine(e);
}
buf = new Buffer();
packet = new Packet(buf);
try
{
Type c = Sharpen.Runtime.GetType(session.GetConfig("dh"));
dh = (NSch.DH)(System.Activator.CreateInstance(c));
dh.Init();
}
catch (Exception e)
{
// System.err.println(e);
throw;
}
packet.Reset();
buf.PutByte(unchecked((byte)SSH_MSG_KEX_DH_GEX_REQUEST));
buf.PutInt(min);
buf.PutInt(preferred);
buf.PutInt(max);
session.Write(packet);
if (JSch.GetLogger().IsEnabled(Logger.INFO))
{
JSch.GetLogger().Log(Logger.INFO, "SSH_MSG_KEX_DH_GEX_REQUEST(" + min + "<" + preferred
+ "<" + max + ") sent");
JSch.GetLogger().Log(Logger.INFO, "expecting SSH_MSG_KEX_DH_GEX_GROUP");
}
state = SSH_MSG_KEX_DH_GEX_GROUP;
}
/// <exception cref="System.Exception"></exception>
public override void Init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte
[] I_C)
{
throw new NotSupportedException (); // The crypto for this method is unusably slow
this.session = session;
this.V_S = V_S;
this.V_C = V_C;
this.I_S = I_S;
this.I_C = I_C;
try
{
Type c = Sharpen.Runtime.GetType(session.GetConfig("sha-1"));
sha = (HASH)(System.Activator.CreateInstance(c));
sha.Init();
}
catch (Exception ex)
{
System.Console.Error.WriteLine(e);
}
buf = new Buffer();
packet = new Packet(buf);
try
{
Type c = Sharpen.Runtime.GetType(session.GetConfig("dh"));
dh = (NSch.DH)(System.Activator.CreateInstance(c));
dh.Init();
}
catch (Exception ex)
{
//System.err.println(e);
throw;
}
dh.SetP(p);
dh.SetG(g);
// The client responds with:
// byte SSH_MSG_KEXDH_INIT(30)
// mpint e <- g^x mod p
// x is a random number (1 < x < (p-1)/2)
e = dh.GetE();
packet.Reset();
buf.PutByte(unchecked((byte)SSH_MSG_KEXDH_INIT));
buf.PutMPInt(e);
if (V_S == null)
{
// This is a really ugly hack for Session.checkKexes ;-(
return;
}
session.Write(packet);
if (JSch.GetLogger().IsEnabled(Logger.INFO))
{
JSch.GetLogger().Log(Logger.INFO, "SSH_MSG_KEXDH_INIT sent");
JSch.GetLogger().Log(Logger.INFO, "expecting SSH_MSG_KEXDH_REPLY");
}
state = SSH_MSG_KEXDH_REPLY;
}
