public byte[] SignRequest(ISshKey aKey, byte[] aSignData)
{
BlobBuilder builder = new BlobBuilder();
switch (aKey.Version)
{
case SshVersion.SSH1:
builder.AddBytes(aKey.GetPublicKeyBlob());
var engine = new Pkcs1Encoding(new RsaEngine());
engine.Init(true /* encrypt */, aKey.GetPublicKeyParameters());
var encryptedData = engine.ProcessBlock(aSignData, 0, aSignData.Length);
var challenge = new BigInteger(encryptedData);
builder.AddSsh1BigIntBlob(challenge);
builder.AddBytes(SessionId);
builder.AddInt(1); // response type - must be 1
builder.InsertHeader(Agent.Message.SSH1_AGENTC_RSA_CHALLENGE);
break;
case SshVersion.SSH2:
builder.AddBlob(aKey.GetPublicKeyBlob());
builder.AddBlob(aSignData);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_SIGN_REQUEST);
break;
default:
throw new Exception(cUnsupportedSshVersion);
}
BlobParser replyParser = SendMessage(builder);
var header = replyParser.ReadHeader();
switch (aKey.Version)
{
case SshVersion.SSH1:
if (header.Message != Agent.Message.SSH1_AGENT_RSA_RESPONSE)
{
throw new AgentFailureException();
}
byte[] response = new byte[16];
for (int i = 0; i < 16; i++)
{
response[i] = replyParser.ReadUInt8();
}
return(response);
case SshVersion.SSH2:
if (header.Message != Agent.Message.SSH2_AGENT_SIGN_RESPONSE)
{
throw new AgentFailureException();
}
return(replyParser.ReadBlob());
default:
throw new Exception(cUnsupportedSshVersion);
}
}
public static string GetAuthorizedKeyString(this ISshKey aKey)
{
string result = "";
switch (aKey.Version)
{
case SshVersion.SSH1:
AsymmetricKeyParameter parameters = aKey.GetPublicKeyParameters();
RsaKeyParameters rsaPublicKeyParameters = (RsaKeyParameters)parameters;
result = aKey.Size + " " +
rsaPublicKeyParameters.Exponent.ToString(10) + " " +
rsaPublicKeyParameters.Modulus.ToString(10) + " " +
String.Format(aKey.GetMD5Fingerprint().ToHexString()) + " " +
aKey.Comment;
break;
case SshVersion.SSH2:
result = PublicKeyAlgorithmExt.GetIdentifierString(aKey.Algorithm) + " " +
Convert.ToBase64String(aKey.GetPublicKeyBlob()) + " " +
String.Format(aKey.GetMD5Fingerprint().ToHexString()) + " " +
aKey.Comment;
break;
default:
result = "# unsuported SshVersion: '" + aKey.Version + "'";
break;
}
return(result);
}
private BlobBuilder CreatePublicKeyBlob(ISshKey aKey)
{
var builder = new BlobBuilder();
switch (aKey.Version)
{
case SshVersion.SSH1:
builder.AddBytes(aKey.GetPublicKeyBlob());
break;
case SshVersion.SSH2:
builder.AddBlob(aKey.GetPublicKeyBlob());
break;
}
return(builder);
}
public void AddKey(ISshKey key)
{
if (IsLocked)
{
throw new AgentLockedException();
}
/* handle constraints */
foreach (KeyConstraint constraint in key.Constraints)
{
if (constraint.Type ==
KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM &&
ConfirmUserPermissionCallback == null)
{
// can't add key with confirm constraint if we don't have
// confirm callback
throw new CallbackNullException();
}
if (constraint.Type ==
Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME)
{
UInt32 lifetime = (UInt32)constraint.Data * 1000;
Timer timer = new Timer(lifetime);
ElapsedEventHandler onTimerElapsed = null;
onTimerElapsed =
delegate(object aSender, ElapsedEventArgs aEventArgs)
{
timer.Elapsed -= onTimerElapsed;
RemoveKey(key);
};
timer.Elapsed += onTimerElapsed;
timer.Start();
}
}
/* first remove matching key if it exists */
ISshKey matchingKey = mKeyList.Get(key.Version, key.GetPublicKeyBlob());
RemoveKey(matchingKey);
mKeyList.Add(key);
FireKeyAdded(key);
}
public static byte[] GetMD5Fingerprint(this ISshKey key)
{
try {
using (MD5 md5 = MD5.Create()) {
if (key.GetPublicKeyParameters() is RsaKeyParameters && key.Version == SshVersion.SSH1)
{
var rsaKeyParameters = key.GetPublicKeyParameters() as RsaKeyParameters;
int modSize = rsaKeyParameters.Modulus.ToByteArrayUnsigned().Length;
int expSize = rsaKeyParameters.Exponent.ToByteArrayUnsigned().Length;
byte[] md5Buffer = new byte[modSize + expSize];
rsaKeyParameters.Modulus.ToByteArrayUnsigned().CopyTo(md5Buffer, 0);
rsaKeyParameters.Exponent.ToByteArrayUnsigned().CopyTo(md5Buffer, modSize);
return(md5.ComputeHash(md5Buffer));
}
return(md5.ComputeHash(key.GetPublicKeyBlob(false)));
}
} catch (Exception) {
return(null);
}
}
public void AddKey(ISshKey key)
{
if (IsLocked) {
throw new AgentLockedException();
}
/* handle constraints */
foreach (KeyConstraint constraint in key.Constraints) {
if (constraint.Type ==
KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM &&
ConfirmUserPermissionCallback == null) {
// can't add key with confirm constraint if we don't have
// confirm callback
throw new CallbackNullException();
}
if (constraint.Type ==
Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME) {
UInt32 lifetime = (UInt32)constraint.Data * 1000;
Timer timer = new Timer(lifetime);
ElapsedEventHandler onTimerElapsed = null;
onTimerElapsed =
delegate(object aSender, ElapsedEventArgs aEventArgs)
{
timer.Elapsed -= onTimerElapsed;
RemoveKey(key);
};
timer.Elapsed += onTimerElapsed;
timer.Start();
}
}
/* first remove matching key if it exists */
ISshKey matchingKey = mKeyList.Get(key.Version, key.GetPublicKeyBlob());
RemoveKey(matchingKey);
mKeyList.Add(key);
FireKeyAdded(key);
}
private BlobBuilder CreatePublicKeyBlob(ISshKey aKey)
{
var builder = new BlobBuilder();
switch (aKey.Version) {
case SshVersion.SSH1:
builder.AddBytes(aKey.GetPublicKeyBlob());
break;
case SshVersion.SSH2:
builder.AddBlob(aKey.GetPublicKeyBlob());
break;
}
return builder;
}
public byte[] SignRequest(ISshKey aKey, byte[] aSignData)
{
BlobBuilder builder = new BlobBuilder();
switch (aKey.Version) {
case SshVersion.SSH1:
builder.AddBytes(aKey.GetPublicKeyBlob());
var engine = new Pkcs1Encoding(new RsaEngine());
engine.Init(true /* encrypt */, aKey.GetPublicKeyParameters());
var encryptedData = engine.ProcessBlock(aSignData, 0, aSignData.Length);
var challenge = new BigInteger(encryptedData);
builder.AddSsh1BigIntBlob(challenge);
builder.AddBytes(SessionId);
builder.AddInt(1); // response type - must be 1
builder.InsertHeader(Agent.Message.SSH1_AGENTC_RSA_CHALLENGE);
break;
case SshVersion.SSH2:
builder.AddBlob(aKey.GetPublicKeyBlob());
builder.AddBlob(aSignData);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_SIGN_REQUEST);
break;
default:
throw new Exception(cUnsupportedSshVersion);
}
BlobParser replyParser = SendMessage(builder);
var header = replyParser.ReadHeader();
switch (aKey.Version) {
case SshVersion.SSH1:
if (header.Message != Agent.Message.SSH1_AGENT_RSA_RESPONSE) {
throw new AgentFailureException();
}
byte[] response = new byte[16];
for (int i = 0; i < 16; i++) {
response[i] = replyParser.ReadByte();
}
return response;
case SshVersion.SSH2:
if (header.Message != Agent.Message.SSH2_AGENT_SIGN_RESPONSE) {
throw new AgentFailureException();
}
return replyParser.ReadBlob();
default:
throw new Exception(cUnsupportedSshVersion);
}
}
