internal void PerformKeyExchange(SSHPacket packet) { lock (kexlock) { if (localkex == null) { SendKeyExchangeInit(); } SSH2Context context = (SSH2Context)client.Context; currentState = TransportProtocolState.PERFORMING_KEYEXCHANGE; remotekex = packet.Payload; // Ignore the cookie packet.Skip(16); String remoteKeyExchanges = packet.ReadString(); String remotePublicKeys = packet.ReadString(); String remoteCiphersCS = packet.ReadString(); String remoteCiphersSC = packet.ReadString(); String remoteHMacCS = packet.ReadString(); String remoteHMacSC = packet.ReadString(); String cipherCS = SelectNegotiatedComponent(context.SupportedCiphers.List( context.PreferredCipherCS), remoteCiphersCS); String cipherSC = SelectNegotiatedComponent(context.SupportedCiphers.List( context.PreferredCipherSC), remoteCiphersSC); Cipher encryption = (Cipher)context.SupportedCiphers.GetInstance(cipherCS); Cipher decryption = (Cipher)context.SupportedCiphers.GetInstance(cipherSC); String macCS = SelectNegotiatedComponent(context.SupportedMACs.List( context.PreferredMacCS), remoteHMacCS); String macSC = SelectNegotiatedComponent(context.SupportedMACs.List( context.PreferredMacSC), remoteHMacSC); SSH2Hmac outgoingMac = (SSH2Hmac)context.SupportedMACs.GetInstance(macCS); SSH2Hmac incomingMac = (SSH2Hmac)context.SupportedMACs.GetInstance(macSC); // Ignore compression and languages as were not interested in that atm // Create a Key Exchange instance String kex = SelectNegotiatedComponent(context.SupportedKeyExchanges.List( context.PreferredKeyExchange), remoteKeyExchanges); String publickey = SelectNegotiatedComponent(context.SupportedPublicKeys.List( context.PreferredPublicKey), remotePublicKeys); #if DEBUG // Output the local settings System.Diagnostics.Trace.WriteLine("Local Key exchange settings follow:"); System.Diagnostics.Trace.WriteLine("Key exchange: " + context.SupportedKeyExchanges.List( context.PreferredKeyExchange)); System.Diagnostics.Trace.WriteLine("Public keys : " + context.SupportedPublicKeys.List( context.PreferredPublicKey)); System.Diagnostics.Trace.WriteLine("Ciphers client->server: " + context.SupportedCiphers.List( context.PreferredCipherCS)); System.Diagnostics.Trace.WriteLine("Ciphers server->client: " + context.SupportedCiphers.List( context.PreferredCipherSC)); System.Diagnostics.Trace.WriteLine("HMAC client->server: " + context.SupportedMACs.List( context.PreferredMacCS)); System.Diagnostics.Trace.WriteLine("HMAC server->client: " + context.SupportedMACs.List( context.PreferredMacSC)); // Output the remote settings System.Diagnostics.Trace.WriteLine("Remote Key exchange settings follow:"); System.Diagnostics.Trace.WriteLine("Key exchange: " + remoteKeyExchanges); System.Diagnostics.Trace.WriteLine("Public keys : " + remotePublicKeys); System.Diagnostics.Trace.WriteLine("Ciphers client->server: " + remoteCiphersCS); System.Diagnostics.Trace.WriteLine("Ciphers server->client: " + remoteCiphersSC); System.Diagnostics.Trace.WriteLine("HMAC client->server: " + remoteHMacCS); System.Diagnostics.Trace.WriteLine("HMAC server->client: " + remoteHMacSC); // Output the selected settigns System.Diagnostics.Trace.WriteLine("Selected kex exchange: " + kex); System.Diagnostics.Trace.WriteLine("Selected public key: " + publickey); System.Diagnostics.Trace.WriteLine("Selected cipher client->server: " + cipherCS); System.Diagnostics.Trace.WriteLine("Selected cipher server->client: " + cipherSC); System.Diagnostics.Trace.WriteLine("Selected HMAC client->server: " + macCS); System.Diagnostics.Trace.WriteLine("Selected HMAC server->client: " + macSC); #endif keyexchange = (SSH2KeyExchange)context.SupportedKeyExchanges.GetInstance(kex); keyexchange.Init(this); // Perform the key exchange keyexchange.PerformClientExchange(client.LocalIdentification, client.RemoteIdentification, localkex, remotekex); SSHPublicKey hostkey = (SSHPublicKey)context.SupportedPublicKeys.GetInstance(publickey); hostkey.Init(keyexchange.HostKey, 0, keyexchange.HostKey.Length); if (context.KnownHosts != null) { if (!context.KnownHosts.VerifyHost(transport.Hostname, hostkey)) { Disconnect("Host key not accepted", DisconnectionReason.HOST_KEY_NOT_VERIFIABLE); throw new SSHException("The host key was not accepted", SSHException.CANCELLED_CONNECTION); } } if (!hostkey.VerifySignature(keyexchange.Signature, keyexchange.ExchangeHash)) { Disconnect("The host key signature is invalid", DisconnectionReason.HOST_KEY_NOT_VERIFIABLE); throw new SSHException("The host key signature is invalid", SSHException.PROTOCOL_VIOLATION); } if (sessionIdentifier == null) { sessionIdentifier = keyexchange.ExchangeHash; } packet = GetSSHPacket(true); packet.WriteByte(SSH_MSG_NEWKEYS); #if DEBUG System.Diagnostics.Trace.WriteLine("Sending SSH_MSG_NEWKEYS"); #endif SendMessage(packet); encryption.Init(Cipher.ENCRYPT_MODE, MakeSSHKey('A'), MakeSSHKey('C')); outgoingCipherLength = encryption.BlockSize; outgoingMac.Init(MakeSSHKey('E')); outgoingMacLength = outgoingMac.MacLength; this.encryption = encryption; this.outgoingMac = outgoingMac; do { packet = ReadMessage(); // Process the transport protocol message, must only be // SSH_MSH_INGORE, SSH_MSG_DEBUG, SSH_MSG_DISCONNECT or SSH_MSG_NEWKEYS if (!ProcessMessage(packet)) { Disconnect("Invalid message received during key exchange", DisconnectionReason.PROTOCOL_ERROR); throw new SSHException( "Invalid message received during key exchange", SSHException.PROTOCOL_VIOLATION); } }while(packet.MessageID != SSH_MSG_NEWKEYS); // Put the incoming components into use decryption.Init(Cipher.DECRYPT_MODE, MakeSSHKey('B'), MakeSSHKey('D')); incomingCipherLength = decryption.BlockSize; incomingMac.Init(MakeSSHKey('F')); incomingMacLength = incomingMac.MacLength; this.decryption = decryption; this.incomingMac = incomingMac; //this.incomingCompression = incomingCompression; currentState = TransportProtocolState.CONNECTED; FireStateChange(TransportProtocolState.CONNECTED); lock (kexqueue) { #if DEBUG System.Diagnostics.Trace.WriteLine("Sending queued messages"); #endif for (System.Collections.IEnumerator e = kexqueue.GetEnumerator(); e.MoveNext();) { SendMessage((SSHPacket)e.Current); } kexqueue.Clear(); } // Clean up and reset any parameters localkex = null; remotekex = null; } }
/// <summary> /// Send a message to the remote side of the connection. /// </summary> /// <param name="packet"></param> /// <param name="returnPayload">Return the unecrypted payload of this packet.</param> public byte[] SendMessage(SSHPacket packet, bool returnPayload) { byte[] payload = null; lock (this) { if (currentState == TransportProtocolState.PERFORMING_KEYEXCHANGE && !IsTransportMessage(packet.MessageID)) { lock (kexqueue) { kexqueue.Add(packet); return(payload); } } try { int padding = 4; // Compress the payload if necersary /*if (outgoingCompression != null) * { * msgdata = outgoingCompression.compress(msgdata, 0, msgdata.Length); * }*/ // Determine the padding length padding += ((outgoingCipherLength - ((packet.Length + padding) % outgoingCipherLength)) % outgoingCipherLength); packet.MoveToPosition(0); // Write the packet length field packet.WriteUINT32(packet.Length - 4 + padding); // Write the padding length packet.WriteByte((byte)padding); // Now skip back up to the end of the packet packet.MoveToEnd(); if (returnPayload) { payload = packet.Payload; } // Create some random data for the padding byte[] pad = new byte[padding]; rnd.GetBytes(pad); packet.WriteBytes(pad); // Generate the MAC if (outgoingMac != null) { outgoingMac.Generate(outgoingSequence, packet.Array, 0, packet.Length, packet.Array, packet.Length); } // Perfrom encrpytion if (encryption != null) { encryption.Transform(packet.Array, 0, packet.Array, 0, packet.Length); } packet.Skip(outgoingMacLength); outgoingBytes += packet.Length; // Send! packet.WriteToStream(transport.GetStream()); outgoingSequence++; numOutgoingBytesSinceKEX += (uint)packet.Length; numOutgoingSSHPacketsSinceKEX++; ReleaseSSHPacket(packet); if (outgoingSequence > 4294967295) { outgoingSequence = 0; } if (numOutgoingBytesSinceKEX >= MAX_NUM_BYTES_BEFORE_REKEY || numOutgoingSSHPacketsSinceKEX >= MAX_NUM_PACKETS_BEFORE_REKEY) { SendKeyExchangeInit(); } } catch (System.IO.IOException ex) { InternalDisconnect(); throw new SSHException("Unexpected termination: " + ex.Message, SSHException.UNEXPECTED_TERMINATION); } catch (System.ObjectDisposedException ex) { InternalDisconnect(); throw new SSHException("Unexpected terminaton: " + ex.Message, SSHException.UNEXPECTED_TERMINATION); } } return(payload); }
internal bool ProcessMessage(SSHPacket packet) { try { if (packet.Length < 1) { Disconnect("Invalid message received", DisconnectionReason.PROTOCOL_ERROR); throw new SSHException("Invalid transport protocol message", SSHException.INTERNAL_ERROR); } switch (packet.MessageID) { case SSH_MSG_DISCONNECT: { packet.ReadInt(); #if DEBUG System.Diagnostics.Trace.WriteLine("Received SSH_MSG_DISCONNECT: " + packet.ReadString()); #endif InternalDisconnect(); throw new SSHException(packet.ReadString(), SSHException.REMOTE_HOST_DISCONNECTED); } case SSH_MSG_IGNORE: { #if DEBUG System.Diagnostics.Trace.WriteLine("Received SSH_MSG_IGNORE"); #endif return(true); } case SSH_MSG_DEBUG: { #if DEBUG System.Diagnostics.Trace.WriteLine("Received SSH_MSG_DEBUG"); packet.Skip(1); System.Diagnostics.Trace.WriteLine(packet.ReadString()); #endif return(true); } case SSH_MSG_NEWKEYS: { // This lightweight implemention ignores these messages #if DEBUG System.Diagnostics.Trace.WriteLine("Received SSH_MSG_NEWKEYS"); #endif return(true); } case SSH_MSG_KEX_INIT: { #if DEBUG System.Diagnostics.Trace.WriteLine("Received SSH_MSG_KEX_INIT"); #endif if (remotekex != null) { Disconnect("Key exchange already in progress!", DisconnectionReason.PROTOCOL_ERROR); throw new SSHException("Key exchange already in progress!", SSHException.PROTOCOL_VIOLATION); } PerformKeyExchange(packet); return(true); } default: { // Not a transport protocol message return(false); } } } catch (System.IO.IOException ex1) { throw new SSHException(ex1.Message, SSHException.INTERNAL_ERROR); } }