public void TestAnswerSSH2_AGENTC_REMOVE_ALL_IDENTITIES()
{
Agent agent = new TestAgent(allKeys);
/* test that remove all keys removes keys */
PrepareSimpleMessage(Agent.Message.SSH2_AGENTC_REMOVE_ALL_IDENTITIES);
agent.AnswerMessage(stream);
RewindStream();
Agent.BlobHeader header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
int actualKeyCount = agent.GetAllKeys()
.Count(key => key.Version != SshVersion.SSH2);
int expectedKeyCount = allKeys.Count(key => key.Version != SshVersion.SSH2);
Assert.That(actualKeyCount, Is.EqualTo(expectedKeyCount));
/* test that remove all keys returns success even when there are no keys */
agent = new TestAgent();
PrepareSimpleMessage(Agent.Message.SSH2_AGENTC_REMOVE_ALL_IDENTITIES);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
/* test that returns failure when locked */
agent.Lock(new byte[0]);
PrepareSimpleMessage(Agent.Message.SSH2_AGENTC_REMOVE_ALL_IDENTITIES);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_FAILURE));
}
public void TestAnswerSSH2_AGENTC_REQUEST_IDENTITIES()
{
Agent agent = new TestAgent(allKeys);
/* send request for SSH2 identities */
PrepareSimpleMessage(Agent.Message.SSH2_AGENTC_REQUEST_IDENTITIES);
agent.AnswerMessage(stream);
RewindStream();
/* check that we received proper response type */
Agent.BlobHeader header = parser.ReadHeader();
Assert.That(header.Message,
Is.EqualTo(Agent.Message.SSH2_AGENT_IDENTITIES_ANSWER));
/* check that we received the correct key count */
UInt32 actualKeyCount = parser.ReadInt();
List<ISshKey> ssh2KeyList =
agent.GetAllKeys().Where(key => key.Version == SshVersion.SSH2).ToList();
int expectedSsh2KeyCount = ssh2KeyList.Count;
Assert.That(actualKeyCount, Is.EqualTo(expectedSsh2KeyCount));
/* check that we have data for each key */
for (int i = 0; i < actualKeyCount; i++) {
byte[] actualPublicKeyBlob = parser.ReadBlob();
byte[] expectedPublicKeyBlob =
ssh2KeyList[i].GetPublicKeyBlob();
Assert.That(actualPublicKeyBlob, Is.EqualTo(expectedPublicKeyBlob));
string actualComment = parser.ReadString();
string expectedComment = ssh2KeyList[i].Comment;
Assert.That(actualComment, Is.EqualTo(expectedComment));
}
/* verify that the overall response length is correct */
Assert.That(header.BlobLength, Is.EqualTo(stream.Position - 4));
}
public void TestAnswerSSH2_AGENTC_REMOVE_IDENTITY()
{
Agent agent = new TestAgent(allKeys);
BlobBuilder builder = new BlobBuilder();
/* test remove key returns success when key is removed */
builder.AddBlob(rsaKey.GetPublicKeyBlob());
builder.InsertHeader(Agent.Message.SSH2_AGENTC_REMOVE_IDENTITY);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
Agent.BlobHeader header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
Assert.That(agent.GetAllKeys()
.SequenceEqual(allKeys.Where(key => key != rsaKey)));
/* test remove key returns failure when key does not exist */
int startCount = agent.GetAllKeys().Count();
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_FAILURE));
Assert.That(agent.GetAllKeys().Count(), Is.EqualTo(startCount));
/* test returns failure when locked */
agent.Lock(new byte[0]);
startCount = agent.GetAllKeys().Count();
builder.AddBlob(dsaKey.GetPublicKeyBlob());
builder.InsertHeader(Agent.Message.SSH2_AGENTC_REMOVE_IDENTITY);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_FAILURE));
Assert.That(agent.GetAllKeys().Count(), Is.EqualTo(startCount));
}
public void TestAnswerSSH1_AGENTC_REQUEST_RSA_IDENTITIES()
{
Agent agent = new TestAgent(allKeys);
/* send request for SSH1 identities */
PrepareSimpleMessage(Agent.Message.SSH1_AGENTC_REQUEST_RSA_IDENTITIES);
agent.AnswerMessage(stream);
RewindStream();
/* check that we received proper response type */
Agent.BlobHeader header = parser.ReadHeader();
Assert.That(header.Message,
Is.EqualTo(Agent.Message.SSH1_AGENT_RSA_IDENTITIES_ANSWER));
/* check that we received the correct key count */
UInt32 actualKeyCount = parser.ReadInt();
List<ISshKey> ssh1KeyList =
agent.GetAllKeys().Where(key => key.Version == SshVersion.SSH1).ToList();
int expectedSsh1KeyCount = ssh1KeyList.Count;
Assert.That(actualKeyCount, Is.EqualTo(expectedSsh1KeyCount));
/* check that we have data for each key */
for (int i = 0; i < actualKeyCount; i++) {
uint actualKeySizeBlob = parser.ReadInt();
BigInteger actualExponentBlob = new BigInteger(1, parser.ReadSsh1BigIntBlob());
BigInteger actualModulusBlob = new BigInteger(1, parser.ReadSsh1BigIntBlob());
Assert.That(actualKeySizeBlob, Is.EqualTo(ssh1KeyList[i].Size));
Assert.That(actualModulusBlob, Is.EqualTo((ssh1KeyList[i].GetPublicKeyParameters() as RsaKeyParameters).Modulus));
Assert.That(actualExponentBlob, Is.EqualTo((ssh1KeyList[i].GetPublicKeyParameters() as RsaKeyParameters).Exponent));
string actualComment = parser.ReadString();
string expectedComment = ssh1KeyList[i].Comment;
Assert.That(actualComment, Is.EqualTo(expectedComment));
}
/* verify that the overall response length is correct */
Assert.That(header.BlobLength, Is.EqualTo(stream.Position - 4));
}
public void TestAnswerSSH2_AGENTC_ADD_ID_CONSTRAINED()
{
/* most code is shared with SSH2_AGENTC_ADD_IDENTITY, so we just
* need to test the differences */
Agent.ConfirmUserPermissionDelegate confirmCallback =
delegate(ISshKey k, Process p) { return true; };
Agent agent = new TestAgent();
/* test that no confirmation callback returns failure */
BlobBuilder builder = new BlobBuilder();
RsaPrivateCrtKeyParameters rsaParameters =
(RsaPrivateCrtKeyParameters)rsaKey.GetPrivateKeyParameters();
builder.AddStringBlob(rsaKey.Algorithm.GetIdentifierString());
builder.AddBigIntBlob(rsaParameters.Modulus);
builder.AddBigIntBlob(rsaParameters.PublicExponent);
builder.AddBigIntBlob(rsaParameters.Exponent);
builder.AddBigIntBlob(rsaParameters.QInv);
builder.AddBigIntBlob(rsaParameters.P);
builder.AddBigIntBlob(rsaParameters.Q);
builder.AddStringBlob(rsaKey.Comment);
//save blob so far so we don't have to repeat later.
byte[] commonBlob = builder.GetBlob();
builder.AddByte((byte)Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_ADD_ID_CONSTRAINED);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
Agent.BlobHeader header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_FAILURE));
/* test adding key with confirm constraint */
agent = new TestAgent();
agent.ConfirmUserPermissionCallback = confirmCallback;
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
ISshKey returnedKey = agent.GetAllKeys().First();
Assert.That(returnedKey.Constraints.Count(), Is.EqualTo(1));
Assert.That(returnedKey.Constraints[0].Type,
Is.EqualTo(Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM));
Assert.That(returnedKey.Constraints[0].Data, Is.Null);
/* test adding key with lifetime constraint */
agent = new TestAgent();
builder.Clear();
builder.AddBytes(commonBlob);
builder.AddByte((byte)Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME);
builder.AddInt(10);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_ADD_ID_CONSTRAINED);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
returnedKey = agent.GetAllKeys().First();
Assert.That(returnedKey.Constraints.Count(), Is.EqualTo(1));
Assert.That(returnedKey.Constraints[0].Type,
Is.EqualTo(Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME));
Assert.That(returnedKey.Constraints[0].Data.GetType(),
Is.EqualTo(Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME.GetDataType()));
Assert.That(returnedKey.Constraints[0].Data, Is.EqualTo(10));
/* test adding key with multiple constraints */
agent = new TestAgent();
agent.ConfirmUserPermissionCallback = confirmCallback;
builder.Clear();
builder.AddBytes(commonBlob);
builder.AddByte((byte)Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM);
builder.AddByte((byte)Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME);
builder.AddInt(10);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_ADD_ID_CONSTRAINED);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
returnedKey = agent.GetAllKeys().First();
Assert.That(returnedKey.Constraints.Count(), Is.EqualTo(2));
Assert.That(returnedKey.Constraints[0].Type,
Is.EqualTo(Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM));
Assert.That(returnedKey.Constraints[0].Data, Is.Null);
Assert.That(returnedKey.Constraints[1].Type,
Is.EqualTo(Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME));
Assert.That(returnedKey.Constraints[1].Data, Is.EqualTo(10));
/* test adding key with multiple constraints in different order */
agent = new TestAgent();
agent.ConfirmUserPermissionCallback = confirmCallback;
builder.Clear();
builder.AddBytes(commonBlob);
builder.AddByte((byte)Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME);
builder.AddInt(10);
builder.AddByte((byte)Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_ADD_ID_CONSTRAINED);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
returnedKey = agent.GetAllKeys().First();
Assert.That(returnedKey.Constraints.Count(), Is.EqualTo(2));
Assert.That(returnedKey.Constraints[0].Type,
Is.EqualTo(Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME));
Assert.That(returnedKey.Constraints[0].Data, Is.EqualTo(10));
Assert.That(returnedKey.Constraints[1].Type,
Is.EqualTo(Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM));
Assert.That(returnedKey.Constraints[1].Data, Is.Null);
}
public void TestAnswerSSH2_AGENTC_ADD_IDENTITY()
{
Agent agent = new TestAgent();
/* test adding RSA key */
BlobBuilder builder = new BlobBuilder();
RsaPrivateCrtKeyParameters rsaParameters =
(RsaPrivateCrtKeyParameters)rsaKey.GetPrivateKeyParameters();
builder.AddStringBlob(rsaKey.Algorithm.GetIdentifierString());
builder.AddBigIntBlob(rsaParameters.Modulus);
builder.AddBigIntBlob(rsaParameters.PublicExponent);
builder.AddBigIntBlob(rsaParameters.Exponent);
builder.AddBigIntBlob(rsaParameters.QInv);
builder.AddBigIntBlob(rsaParameters.P);
builder.AddBigIntBlob(rsaParameters.Q);
builder.AddStringBlob(rsaKey.Comment);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_ADD_IDENTITY);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
Agent.BlobHeader header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
ISshKey returnedKey = agent.GetAllKeys().First();
Assert.That(returnedKey.GetPublicKeyParameters(),
Is.InstanceOf<RsaKeyParameters>());
Assert.That(returnedKey.GetPrivateKeyParameters(),
Is.InstanceOf<RsaKeyParameters>());
Assert.That(returnedKey.Size, Is.EqualTo(rsaKey.Size));
Assert.That(returnedKey.Comment, Is.EqualTo(rsaKey.Comment));
Assert.That(returnedKey.GetMD5Fingerprint(), Is.EqualTo(rsaKey.GetMD5Fingerprint()));
/* test adding DSA key */
agent = new TestAgent();
builder.Clear();
DsaPublicKeyParameters dsaPublicParameters =
(DsaPublicKeyParameters)dsaKey.GetPublicKeyParameters();
DsaPrivateKeyParameters dsaPrivateParameters =
(DsaPrivateKeyParameters)dsaKey.GetPrivateKeyParameters();
builder.AddStringBlob(dsaKey.Algorithm.GetIdentifierString());
builder.AddBigIntBlob(dsaPublicParameters.Parameters.P);
builder.AddBigIntBlob(dsaPublicParameters.Parameters.Q);
builder.AddBigIntBlob(dsaPublicParameters.Parameters.G);
builder.AddBigIntBlob(dsaPublicParameters.Y);
builder.AddBigIntBlob(dsaPrivateParameters.X);
builder.AddStringBlob(dsaKey.Comment);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_ADD_IDENTITY);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
returnedKey = agent.GetAllKeys().First();
Assert.That(returnedKey.GetPublicKeyParameters(),
Is.InstanceOf<DsaKeyParameters>());
Assert.That(returnedKey.GetPrivateKeyParameters(),
Is.InstanceOf<DsaKeyParameters>());
Assert.That(returnedKey.Size, Is.EqualTo(dsaKey.Size));
Assert.That(returnedKey.Comment, Is.EqualTo(dsaKey.Comment));
Assert.That(returnedKey.GetMD5Fingerprint(), Is.EqualTo(dsaKey.GetMD5Fingerprint()));
/* test adding ECDSA keys */
List<ISshKey> ecdsaKeysList = new List<ISshKey>();
ecdsaKeysList.Add(ecdsa256Key);
ecdsaKeysList.Add(ecdsa384Key);
ecdsaKeysList.Add(ecdsa521Key);
foreach (ISshKey key in ecdsaKeysList) {
agent = new TestAgent();
builder.Clear();
ECPublicKeyParameters ecdsaPublicParameters =
(ECPublicKeyParameters)key.GetPublicKeyParameters();
ECPrivateKeyParameters ecdsaPrivateParameters =
(ECPrivateKeyParameters)key.GetPrivateKeyParameters();
string ecdsaAlgorithm = key.Algorithm.GetIdentifierString();
builder.AddStringBlob(ecdsaAlgorithm);
ecdsaAlgorithm =
ecdsaAlgorithm.Replace(PublicKeyAlgorithmExt.ALGORITHM_ECDSA_SHA2_PREFIX,
string.Empty);
builder.AddStringBlob(ecdsaAlgorithm);
builder.AddBlob(ecdsaPublicParameters.Q.GetEncoded());
builder.AddBigIntBlob(ecdsaPrivateParameters.D);
builder.AddStringBlob(key.Comment);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_ADD_IDENTITY);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
returnedKey = agent.GetAllKeys().First();
Assert.That(returnedKey.GetPublicKeyParameters(),
Is.InstanceOf<ECPublicKeyParameters>());
Assert.That(returnedKey.GetPrivateKeyParameters(),
Is.InstanceOf<ECPrivateKeyParameters>());
Assert.That(returnedKey.Size, Is.EqualTo(key.Size));
Assert.That(returnedKey.Comment, Is.EqualTo(key.Comment));
Assert.That(returnedKey.GetMD5Fingerprint(), Is.EqualTo(key.GetMD5Fingerprint()));
Assert.That(returnedKey.Constraints.Count(), Is.EqualTo(0));
}
/* test adding key that already is in KeyList does not create duplicate */
int startingCount = agent.GetAllKeys().Count();
Assert.That(startingCount, Is.Not.EqualTo(0));
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
Assert.That(agent.GetAllKeys().Count(), Is.EqualTo(startingCount));
/* test locked => failure */
agent = new TestAgent();
agent.Lock(new byte[0]);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_FAILURE));
Assert.That(agent.GetAllKeys().Count, Is.EqualTo(0));
}
public void TestAnswerSSH1_AGENTC_ADD_RSA_IDENTITY()
{
Agent agent = new TestAgent();
/* test adding RSA key */
BlobBuilder builder = new BlobBuilder();
RsaPrivateCrtKeyParameters rsaParameters =
(RsaPrivateCrtKeyParameters)rsa1Key.GetPrivateKeyParameters();
builder.AddInt(rsa1Key.Size);
builder.AddSsh1BigIntBlob(rsaParameters.Modulus);
builder.AddSsh1BigIntBlob(rsaParameters.PublicExponent);
builder.AddSsh1BigIntBlob(rsaParameters.Exponent);
builder.AddSsh1BigIntBlob(rsaParameters.QInv);
builder.AddSsh1BigIntBlob(rsaParameters.P);
builder.AddSsh1BigIntBlob(rsaParameters.Q);
builder.AddStringBlob(rsa1Key.Comment);
builder.InsertHeader(Agent.Message.SSH1_AGENTC_ADD_RSA_IDENTITY);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
Agent.BlobHeader header = parser.ReadHeader();
Assert.That(header.BlobLength, Is.EqualTo(1));
Assert.That(header.Message, Is.EqualTo(Agent.Message.SSH_AGENT_SUCCESS));
ISshKey returnedKey = agent.GetAllKeys().First();
Assert.That(returnedKey.GetPublicKeyParameters(),
Is.InstanceOf<RsaKeyParameters>());
Assert.That(returnedKey.GetPrivateKeyParameters(),
Is.InstanceOf<RsaKeyParameters>());
Assert.That(returnedKey.Size, Is.EqualTo(rsa1Key.Size));
Assert.That(returnedKey.Comment, Is.EqualTo(rsa1Key.Comment));
Assert.That(returnedKey.GetMD5Fingerprint(), Is.EqualTo(rsa1Key.GetMD5Fingerprint()));
}
public void TestOnKeyListChanged()
{
Agent agent = new TestAgent();
/* test that key with lifetime constraint is automatically removed *
* after lifetime expires */
AsymmetricCipherKeyPair keyPair =
new AsymmetricCipherKeyPair(rsaKey.GetPublicKeyParameters(),
rsaKey.GetPrivateKeyParameters());
ISshKey key = new SshKey(SshVersion.SSH2, keyPair);
Agent.KeyConstraint constraint = new Agent.KeyConstraint();
constraint.Type = Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME;
constraint.Data = (UInt32)1;
key.AddConstraint(constraint);
agent.AddKey(key);
Thread.Sleep(500);
Assert.That(agent.GetAllKeys().Count, Is.EqualTo(1));
Thread.Sleep(1000);
Assert.That(agent.GetAllKeys().Count, Is.EqualTo(0));
}
