private byte[] encrypt(byte[] plain, byte[][] _iv) { if (passphrase == null) { return(plain); } if (cipher == null) { cipher = genCipher(); } byte[] iv = _iv[0] = new byte[cipher.getIVSize()]; if (random == null) { random = genRandom(); } random.fill(iv, 0, iv.Length); byte[] key = genKey(passphrase, iv); byte[] encoded = plain; // PKCS#5Padding { //int bsize=cipher.getBlockSize(); int bsize = cipher.getIVSize(); byte[] foo = new byte[(encoded.Length / bsize + 1) * bsize]; Array.Copy(encoded, 0, foo, 0, encoded.Length); int padding = bsize - encoded.Length % bsize; for (int i = foo.Length - 1; (foo.Length - padding) <= i; i--) { foo[i] = (byte)padding; } encoded = foo; } try { cipher.init(Cipher.ENCRYPT_MODE, key, iv); cipher.update(encoded, 0, encoded.Length, encoded, 0); } catch //(Exception e) { //Console.Error.WriteLine(e); } Util.bzero(key); return(encoded); }
private void updateKeys(KeyExchange kex) { byte[] K = kex.getK(); byte[] H = kex.getH(); HASH hash = kex.getHash(); // string[] guess=kex.guess; if (session_id == null) { session_id = new byte[H.Length]; Array.Copy(H, 0, session_id, 0, H.Length); } /* Initial IV client to server: HASH (K || H || "A" || session_id) Initial IV server to client: HASH (K || H || "B" || session_id) Encryption key client to server: HASH (K || H || "C" || session_id) Encryption key server to client: HASH (K || H || "D" || session_id) Integrity key client to server: HASH (K || H || "E" || session_id) Integrity key server to client: HASH (K || H || "F" || session_id) */ buf.reset(); buf.putMPInt(K); buf.putByte(H); buf.putByte((byte)0x41); buf.putByte(session_id); hash.update(buf.buffer, 0, buf.index); IVc2s = hash.digest(); int j = buf.index - session_id.Length - 1; buf.buffer[j]++; hash.update(buf.buffer, 0, buf.index); IVs2c = hash.digest(); buf.buffer[j]++; hash.update(buf.buffer, 0, buf.index); Ec2s = hash.digest(); buf.buffer[j]++; hash.update(buf.buffer, 0, buf.index); Es2c = hash.digest(); buf.buffer[j]++; hash.update(buf.buffer, 0, buf.index); MACc2s = hash.digest(); buf.buffer[j]++; hash.update(buf.buffer, 0, buf.index); MACs2c = hash.digest(); try { Type c; string method; method = guess[KeyExchange.PROPOSAL_ENC_ALGS_STOC]; c = Type.GetType(getConfig(method)); s2ccipher = (Cipher)(c.newInstance()); while (s2ccipher.getBlockSize() > Es2c.Length) { buf.reset(); buf.putMPInt(K); buf.putByte(H); buf.putByte(Es2c); hash.update(buf.buffer, 0, buf.index); byte[] foo = hash.digest(); byte[] bar = new byte[Es2c.Length + foo.Length]; Array.Copy(Es2c, 0, bar, 0, Es2c.Length); Array.Copy(foo, 0, bar, Es2c.Length, foo.Length); Es2c = bar; } s2ccipher.init(Cipher.DECRYPT_MODE, Es2c, IVs2c); s2ccipher_size = s2ccipher.getIVSize(); method = guess[KeyExchange.PROPOSAL_MAC_ALGS_STOC]; c = Type.GetType(getConfig(method)); s2cmac = (MAC)(c.newInstance()); s2cmac.init(MACs2c); //mac_buf=new byte[s2cmac.getBlockSize()]; s2cmac_result1 = new byte[s2cmac.getBlockSize()]; s2cmac_result2 = new byte[s2cmac.getBlockSize()]; method = guess[KeyExchange.PROPOSAL_ENC_ALGS_CTOS]; c = Type.GetType(getConfig(method)); c2scipher = (Cipher)(c.newInstance()); while (c2scipher.getBlockSize() > Ec2s.Length) { buf.reset(); buf.putMPInt(K); buf.putByte(H); buf.putByte(Ec2s); hash.update(buf.buffer, 0, buf.index); byte[] foo = hash.digest(); byte[] bar = new byte[Ec2s.Length + foo.Length]; Array.Copy(Ec2s, 0, bar, 0, Ec2s.Length); Array.Copy(foo, 0, bar, Ec2s.Length, foo.Length); Ec2s = bar; } c2scipher.init(Cipher.ENCRYPT_MODE, Ec2s, IVc2s); c2scipher_size = c2scipher.getIVSize(); method = guess[KeyExchange.PROPOSAL_MAC_ALGS_CTOS]; c = Type.GetType(getConfig(method)); c2smac = (MAC)(c.newInstance()); c2smac.init(MACc2s); method = guess[KeyExchange.PROPOSAL_COMP_ALGS_CTOS]; initDeflater(method); method = guess[KeyExchange.PROPOSAL_COMP_ALGS_STOC]; initInflater(method); } catch (Exception e) { if (e is JSchException) throw e; throw new JSchException(e.ToString(), e); //Console.Error.WriteLine("updatekeys: "+e); } }
private IdentityFile(string name, byte[] prvkey, byte[] pubkey, JSch jsch) { this.identity = name; this.jsch = jsch; try { Type c; c = Type.GetType((string)JSch.getConfig("3des-cbc")); cipher = (Cipher)(c.newInstance()); key = new byte[cipher.getBlockSize()]; // 24 iv = new byte[cipher.getIVSize()]; // 8 c = Type.GetType((string)JSch.getConfig("md5")); hash = (HASH)(c.newInstance()); hash.init(); byte[] buf = prvkey; int len = buf.Length; int i = 0; while (i < len) { if (buf[i] == 'B' && buf[i + 1] == 'E' && buf[i + 2] == 'G' && buf[i + 3] == 'I') { i += 6; if (buf[i] == 'D' && buf[i + 1] == 'S' && buf[i + 2] == 'A') { type = DSS; } else if (buf[i] == 'R' && buf[i + 1] == 'S' && buf[i + 2] == 'A') { type = RSA; } else if (buf[i] == 'S' && buf[i + 1] == 'S' && buf[i + 2] == 'H') { // FSecure type = UNKNOWN; keytype = FSECURE; } else { //Console.Error.WriteLine("invalid format: "+identity); throw new JSchException("invalid privatekey: " + identity); } i += 3; continue; } if (buf[i] == 'A' && buf[i + 1] == 'E' && buf[i + 2] == 'S' && buf[i + 3] == '-' && buf[i + 4] == '2' && buf[i + 5] == '5' && buf[i + 6] == '6' && buf[i + 7] == '-') { i += 8; if (Session.checkCipher((string)JSch.getConfig("aes256-cbc"))) { c = Type.GetType((string)JSch.getConfig("aes256-cbc")); cipher = (Cipher)(c.newInstance()); key = new byte[cipher.getBlockSize()]; iv = new byte[cipher.getIVSize()]; } else { throw new JSchException("privatekey: aes256-cbc is not available " + identity); } continue; } if (buf[i] == 'C' && buf[i + 1] == 'B' && buf[i + 2] == 'C' && buf[i + 3] == ',') { i += 4; for (int ii = 0; ii < iv.Length; ii++) { iv[ii] = (byte)(((a2b(buf[i++]) << 4) & 0xf0) + (a2b(buf[i++]) & 0xf)); } continue; } if (buf[i] == 0x0d && i + 1 < buf.Length && buf[i + 1] == 0x0a) { i++; continue; } if (buf[i] == 0x0a && i + 1 < buf.Length) { if (buf[i + 1] == 0x0a) { i += 2; break; } if (buf[i + 1] == 0x0d && i + 2 < buf.Length && buf[i + 2] == 0x0a) { i += 3; break; } bool inheader = false; for (int j = i + 1; j < buf.Length; j++) { if (buf[j] == 0x0a) { break; } //if(buf[j]==0x0d) break; if (buf[j] == ':') { inheader = true; break; } } if (!inheader) { i++; encrypted = false; // no passphrase break; } } i++; } if (type == ERROR) { throw new JSchException("invalid privatekey: " + identity); } int start = i; while (i < len) { if (buf[i] == 0x0a) { bool xd = (buf[i - 1] == 0x0d); Array.Copy(buf, i + 1, buf, i - (xd ? 1 : 0), len - i - 1 - (xd ? 1 : 0) ); if (xd) { len--; } len--; continue; } if (buf[i] == '-') { break; } i++; } encoded_data = Util.fromBase64(buf, start, i - start); if (encoded_data.Length > 4 && // FSecure encoded_data[0] == (byte)0x3f && encoded_data[1] == (byte)0x6f && encoded_data[2] == (byte)0xf9 && encoded_data[3] == (byte)0xeb) { Buffer _buf = new Buffer(encoded_data); _buf.getInt(); // 0x3f6ff9be _buf.getInt(); byte[] _type = _buf.getString(); //Console.Error.WriteLine("type: "+Encoding.UTF8.GetString(_type)); byte[] _cipher = _buf.getString(); string scipher = Encoding.UTF8.GetString(_cipher); //Console.Error.WriteLine("cipher: "+cipher); if (scipher.Equals("3des-cbc")) { _buf.getInt(); byte[] foo = new byte[encoded_data.Length - _buf.getOffSet()]; _buf.getByte(foo); encoded_data = foo; encrypted = true; throw new JSchException("unknown privatekey format: " + identity); } else if (scipher.Equals("none")) { _buf.getInt(); //_buf.getInt(); encrypted = false; byte[] foo = new byte[encoded_data.Length - _buf.getOffSet()]; _buf.getByte(foo); encoded_data = foo; } } if (pubkey == null) { return; } buf = pubkey; len = buf.Length; if (buf.Length > 4 && // FSecure's public key buf[0] == '-' && buf[1] == '-' && buf[2] == '-' && buf[3] == '-') { i = 0; do { i++; } while (len > i && buf[i] != 0x0a); if (len <= i) { return; } while (i < len) { if (buf[i] == 0x0a) { bool inheader = false; for (int j = i + 1; j < len; j++) { if (buf[j] == 0x0a) { break; } if (buf[j] == ':') { inheader = true; break; } } if (!inheader) { i++; break; } } i++; } if (len <= i) { return; } start = i; while (i < len) { if (buf[i] == 0x0a) { Array.Copy(buf, i + 1, buf, i, len - i - 1); len--; continue; } if (buf[i] == '-') { break; } i++; } publickeyblob = Util.fromBase64(buf, start, i - start); if (type == UNKNOWN && publickeyblob.Length > 8) { if (publickeyblob[8] == 'd') { type = DSS; } else if (publickeyblob[8] == 'r') { type = RSA; } } } else { if (buf[0] != 's' || buf[1] != 's' || buf[2] != 'h' || buf[3] != '-') { return; } i = 0; while (i < len) { if (buf[i] == ' ') { break; } i++; } i++; if (i >= len) { return; } start = i; while (i < len) { if (buf[i] == ' ' || buf[i] == '\n') { break; } i++; } publickeyblob = Util.fromBase64(buf, start, i - start); if (publickeyblob.Length < 4 + 7) { // It must start with "ssh-XXX". if (JSch.getLogger().isEnabled(Logger.WARN)) { JSch.getLogger().log(Logger.WARN, "failed to parse the public key"); } publickeyblob = null; } } } catch (Exception e) { //Console.Error.WriteLine("IdentityFile: "+e); if (e is JSchException) { throw (JSchException)e; } throw new JSchException(e.Message, e); } }