public CipherSuiteInfo(BulkCipherAlgorithm cipher, CipherType cipherType, byte encKeyLen, byte blockLen, byte ivLen, byte recordIVLen, MACAlgorithm mac, KeyExchangeAlgorithm exchangeAlgo) { _bulk_cipher = cipher; _cipherType = cipherType; _enc_key_length = encKeyLen; _block_length = blockLen; _fixed_iv_length = ivLen; _record_iv_length = recordIVLen; _mac = mac; _exchangeAlgo = exchangeAlgo; switch (mac) { case MACAlgorithm.HMAC_MD5: _mac_length = _mac_key_length = 16; break; case MACAlgorithm.HMAC_SHA1: _mac_length = _mac_key_length = 20; break; case MACAlgorithm.HMAC_SHA256: _mac_length = _mac_key_length = 32; break; case MACAlgorithm.HMAC_SHA384: _mac_length = _mac_key_length = 48; break; case MACAlgorithm.HMAC_SHA512: _mac_length = _mac_key_length = 64; break; default: throw new ArgumentOutOfRangeException(); } _isECC = exchangeAlgo == KeyExchangeAlgorithm.ECDH_anon || exchangeAlgo == KeyExchangeAlgorithm.ECDH_ECDSA || exchangeAlgo == KeyExchangeAlgorithm.ECDH_RSA || exchangeAlgo == KeyExchangeAlgorithm.ECDHE_ECDSA || exchangeAlgo == KeyExchangeAlgorithm.ECDHE_RSA; }
public CipherSuiteInfo(BulkCipherAlgorithm cipher, CipherType cipherType, byte encKeyLen, byte blockLen, byte ivLen, byte recordIVLen, MACAlgorithm mac, KeyExchangeAlgorithm exchangeAlgo) { _bulk_cipher = cipher; _cipherType = cipherType; _enc_key_length = encKeyLen; _block_length = blockLen; _fixed_iv_length = ivLen; _record_iv_length = recordIVLen; _mac = mac; _exchangeAlgo = exchangeAlgo; switch (mac) { case MACAlgorithm.HMAC_MD5: _mac_length = _mac_key_length = 16; break; case MACAlgorithm.HMAC_SHA1: _mac_length = _mac_key_length = 20; break; case MACAlgorithm.HMAC_SHA256: _mac_length = _mac_key_length = 32; break; case MACAlgorithm.HMAC_SHA384: _mac_length = _mac_key_length = 48; break; case MACAlgorithm.HMAC_SHA512: _mac_length = _mac_key_length = 64; break; default: throw new ArgumentOutOfRangeException (); } _isECC = exchangeAlgo == KeyExchangeAlgorithm.ECDH_anon || exchangeAlgo == KeyExchangeAlgorithm.ECDH_ECDSA || exchangeAlgo == KeyExchangeAlgorithm.ECDH_RSA || exchangeAlgo == KeyExchangeAlgorithm.ECDHE_ECDSA || exchangeAlgo == KeyExchangeAlgorithm.ECDHE_RSA; }
public static MAC CreateMAC(MACAlgorithm algorithm, byte[] key) { if (algorithm == MACAlgorithm.HMACSHA1) { return(new MACSHA1(key)); } else { throw new SSHException("unknown algorithm " + algorithm); } }
public static int GetSize(MACAlgorithm algorithm) { if (algorithm == MACAlgorithm.HMACSHA1) { return(20); } else { throw new SSHException("unknown algorithm " + algorithm); } }
public Cipher(CipherSuite suite, BulkEncryptionAlgorithm encrypalgo, MACAlgorithm macalgo, byte nBlockSize, byte nIVSize, int nKeyBits, byte nKeyMaterialSize) { CipherSuite = suite; BulkEncryptionAlgorithm = encrypalgo; MACAlgorithm = macalgo; BlockSizeBytes = nBlockSize; IVSize = nIVSize; KeySizeBits = nKeyBits; KeyMaterialLength = nKeyMaterialSize; KeyBlockSize = (this.KeyMaterialLength + this.HashSize + this.IVSize) << 1; }
private void Setup(string strTripleDES, byte[] rgbKey) { this.tdes = TripleDES.Create(strTripleDES); this.tdes.Padding = PaddingMode.Zeros; if (rgbKey != null) { this.tdes.Key = rgbKey; } this.HashSizeValue = this.tdes.BlockSize; this.Key = this.tdes.Key; this.mac = new MACAlgorithm(this.tdes); this.m_disposed = false; }
public void SetCipherSuite(CipherSuite suite, AsymmetricAlgorithm signAlgo) { CipherSuiteInfo info = SupportedCipherSuites.GetSuiteInfo(suite); if (info == null) { throw new NotSupportedException(); } _bulk_cipher = info.BulkCipherAlgorithm; _cipherType = info.CipherType; _enc_key_length = info.EncKeyLength; _block_length = info.BlockLength; _fixed_iv_length = info.FixedIVLength; _record_iv_length = info.RecordIVLength; _mac = info.MACAlgorithm; _mac_length = info.MACLength; _mac_key_length = info.MACKeyLength; _keyExchange = info.KeyExchangeAlgorithm; // TODO: TLS1.2spec ? switch (_prfType) { case PRFAlgorithm.MD5_AND_SHA1: _prf = new MD5_AND_SHA1(); break; case PRFAlgorithm.SSL3: _prf = new SSL3_PRF(this); break; default: throw new NotSupportedException(); } switch (_keyExchange) { case KeyExchangeAlgorithm.ECDHE_ECDSA: _keyExchanger = new ECDHE_ECDSA((openCrypto.EllipticCurve.Signature.ECDSA)signAlgo); break; case KeyExchangeAlgorithm.DHE_DSS: _keyExchanger = new DHE_DSS((DSACryptoServiceProvider)signAlgo); break; case KeyExchangeAlgorithm.RSA: _keyExchanger = new KeyExchange.RSA((RSACryptoServiceProvider)signAlgo); break; default: throw new NotImplementedException(); } }
/// <summary> /// Creates a <see cref="MAC"/> object. /// </summary> /// <param name="algorithm">MAC algorithm</param> /// <param name="key">key data</param> /// <returns>new MAC object.</returns> public static MAC CreateMAC(MACAlgorithm algorithm, byte[] key) { switch (algorithm) { case MACAlgorithm.HMACSHA1: return(new MACImpl(new HMACSHA1(key))); case MACAlgorithm.HMACSHA256: return(new MACImpl(new HMACSHA256(key))); case MACAlgorithm.HMACSHA512: return(new MACImpl(new HMACSHA512(key))); default: throw new SSHException("unknown algorithm " + algorithm); } }
/// <summary> /// Gets length of the MAC in bytes. /// </summary> /// <param name="algorithm">MAC algorithm</param> /// <returns>length of the MAC</returns> public static int GetSize(MACAlgorithm algorithm) { switch (algorithm) { case MACAlgorithm.HMACSHA1: return(20); case MACAlgorithm.HMACSHA256: return(32); case MACAlgorithm.HMACSHA512: return(64); default: throw new SSHException("unknown algorithm " + algorithm); } }
/// <summary> /// Gets name of a MAC algorithm for SSH2. /// </summary> /// <param name="algorithm">MAC algorithm</param> /// <returns></returns> public static string AlgorithmToSSH2Name(MACAlgorithm algorithm) { switch (algorithm) { case MACAlgorithm.HMACSHA1: return("hmac-sha1"); case MACAlgorithm.HMACSHA256: return("hmac-sha2-256"); case MACAlgorithm.HMACSHA512: return("hmac-sha2-512"); default: throw new SSHException("unknown algorithm " + algorithm); } }
/// <summary> /// Constructor /// </summary> /// <param name="hostName">Host name</param> /// <param name="portNumber">port number</param> /// <param name="protocol">SSH protocol version</param> /// <param name="authType">authentication type</param> /// <param name="userName">user name for login</param> /// <param name="password">password for login. pass empty string for the keyboard interactive mode.</param> public SSHConnectionParameter(string hostName, int portNumber, SSHProtocol protocol, AuthenticationType authType, string userName, string password) { HostName = hostName; PortNumber = portNumber; Protocol = protocol; PreferableCipherAlgorithms = new CipherAlgorithm[] { CipherAlgorithm.AES256CTR, CipherAlgorithm.AES256, CipherAlgorithm.AES192CTR, CipherAlgorithm.AES192, CipherAlgorithm.AES128CTR, CipherAlgorithm.AES128, CipherAlgorithm.Blowfish, CipherAlgorithm.TripleDES }; PreferableMacAlgorithms = new MACAlgorithm[] { MACAlgorithm.HMACSHA256, MACAlgorithm.HMACSHA512, MACAlgorithm.HMACSHA1 }; PreferableHostKeyAlgorithms = new PublicKeyAlgorithm[] { PublicKeyAlgorithm.DSA, PublicKeyAlgorithm.RSA }; AuthenticationType = authType; UserName = userName; Password = password; TerminalName = "vt100"; WindowSize = 0x1000; MaxPacketSize = 0x10000; CheckMACError = true; VerifySSHHostKey = p => true; Timeouts = new SSHTimeouts(); }
private void Setup(string strTripleDES, byte[] rgbKey) { tdes = TripleDES.Create(strTripleDES); // default padding (as using in Fx 1.0 and 1.1) tdes.Padding = PaddingMode.Zeros; // if rgbKey is null we keep the randomly generated key if (rgbKey != null) { // this way we get the TripleDES key validation (like weak // and semi-weak keys) tdes.Key = rgbKey; } HashSizeValue = tdes.BlockSize; // we use Key property to get the additional validations // (from KeyedHashAlgorithm ancestor) Key = tdes.Key; mac = new MACAlgorithm(tdes); m_disposed = false; }
public SSL3CompatibleHMAC(MACAlgorithm algo, byte[] secret) { _mac = algo; switch (algo) { case MACAlgorithm.HMAC_MD5: _hash = new MD5CryptoServiceProvider(); HashSizeValue = 128; _padLen = 48; break; case MACAlgorithm.HMAC_SHA1: _hash = new SHA1Managed(); HashSizeValue = 160; _padLen = 40; break; default: // SSL3はMD5 or SHA1のみ throw new Exception(); } KeyValue = (byte[])secret.Clone(); }
public void SetCipherSuite(CipherSuite suite, AsymmetricAlgorithm signAlgo) { CipherSuiteInfo info = SupportedCipherSuites.GetSuiteInfo (suite); if (info == null) throw new NotSupportedException (); _bulk_cipher = info.BulkCipherAlgorithm; _cipherType = info.CipherType; _enc_key_length = info.EncKeyLength; _block_length = info.BlockLength; _fixed_iv_length = info.FixedIVLength; _record_iv_length = info.RecordIVLength; _mac = info.MACAlgorithm; _mac_length = info.MACLength; _mac_key_length = info.MACKeyLength; _keyExchange = info.KeyExchangeAlgorithm; // TODO: TLS1.2spec ? switch (_prfType) { case PRFAlgorithm.MD5_AND_SHA1: _prf = new MD5_AND_SHA1 (); break; case PRFAlgorithm.SSL3: _prf = new SSL3_PRF (this); break; default: throw new NotSupportedException (); } switch (_keyExchange) { case KeyExchangeAlgorithm.ECDHE_ECDSA: _keyExchanger = new ECDHE_ECDSA ((openCrypto.EllipticCurve.Signature.ECDSA)signAlgo); break; case KeyExchangeAlgorithm.DHE_DSS: _keyExchanger = new DHE_DSS ((DSACryptoServiceProvider)signAlgo); break; case KeyExchangeAlgorithm.RSA: _keyExchanger = new KeyExchange.RSA ((RSACryptoServiceProvider)signAlgo); break; default: throw new NotImplementedException (); } }
public static int GetSize(MACAlgorithm algorithm) { if (algorithm == MACAlgorithm.HMACSHA1) return 20; else throw new SSHException("unknown algorithm " + algorithm); }
public static MAC CreateMAC(MACAlgorithm algorithm, byte[] key) { if (algorithm == MACAlgorithm.HMACSHA1) return new MACSHA1(key); else throw new SSHException("unknown algorithm " + algorithm); }
public Cipher(CipherSuite suite, BulkEncryptionAlgorithm encrypalgo, MACAlgorithm macalgo, byte nBlockSize, byte nIVSize, int nKeyBits, byte nKeyMaterialSize) { CipherSuite = suite; BulkEncryptionAlgorithm = encrypalgo; MACAlgorithm = macalgo; BlockSizeBytes = nBlockSize; IVSize = nIVSize; KeySizeBits= nKeyBits; KeyMaterialLength = nKeyMaterialSize; KeyBlockSize = (this.KeyMaterialLength + this.HashSize + this.IVSize) << 1; }