public void TestRemoveAllKeys()
{
var agentClient = new TestAgentClient();
/* test SSH1 */
agentClient.Agent.AddKey(rsa1Key);
agentClient.Agent.AddKey(rsaKey);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(2));
agentClient.RemoveAllKeys(SshVersion.SSH1);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
/* test SSH2 */
agentClient.Agent.AddKey(rsa1Key);
agentClient.Agent.AddKey(rsaKey);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(2));
agentClient.RemoveAllKeys(SshVersion.SSH2);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
/* test remove *all* keys */
agentClient.Agent.AddKey(rsa1Key);
agentClient.Agent.AddKey(rsaKey);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(2));
agentClient.RemoveAllKeys();
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(0));
}
public void TestLockUnlock()
{
var passphrase = Encoding.UTF8.GetBytes("passphrase");
var agentClient = new TestAgentClient();
/* verify that locking works */
Assert.That(() => agentClient.Lock(passphrase),
Throws.Nothing);
/* verify that locking already locked agent fails */
Assert.That(() => agentClient.Lock(passphrase),
Throws.Exception.TypeOf <AgentFailureException>());
/* verify that unlocking works */
Assert.That(() => agentClient.Unlock(passphrase),
Throws.Nothing);
/* verify that unlocking already unlocked agent fails */
Assert.That(() => agentClient.Unlock(passphrase),
Throws.Exception.TypeOf <AgentFailureException>());
/* try with null passphrase */
Assert.That(() => agentClient.Lock(null),
Throws.Nothing);
Assert.That(() => agentClient.Unlock(null),
Throws.Nothing);
/* verify that bad passphrase fails */
Assert.That(() => agentClient.Lock(passphrase),
Throws.Nothing);
Assert.That(() => agentClient.Unlock(null),
Throws.Exception.TypeOf <AgentFailureException>());
}
public void TestAddConstrainedKey()
{
var agentClient = new TestAgentClient();
agentClient.Agent.ConfirmUserPermissionCallback = delegate
{
return(true);
};
Agent.KeyConstraint constraint;
List <Agent.KeyConstraint> constraints = new List <Agent.KeyConstraint>();
constraint = new Agent.KeyConstraint();
constraint.Type = Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM;
constraints.Add(constraint);
agentClient.AddKey(rsaKey, constraints);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
Assert.That(agentClient.Agent.GetAllKeys().First().Constraints.Count,
Is.EqualTo(1));
Assert.That(agentClient.Agent.GetAllKeys().First().Constraints.First().Type,
Is.EqualTo(Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM));
constraint = new Agent.KeyConstraint();
constraint.Type = Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME;
constraint.Data = (uint)10;
constraints.Clear();
constraints.Add(constraint);
agentClient.AddKey(rsaKey, constraints);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
Assert.That(agentClient.Agent.GetAllKeys().First().Constraints.Count,
Is.EqualTo(1));
Assert.That(agentClient.Agent.GetAllKeys().First().Constraints.First().Type,
Is.EqualTo(Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME));
}
public void TesListKeys()
{
var agentClient = new TestAgentClient();
ICollection <ISshKey> keyList;
foreach (var key in allKeys)
{
agentClient.Agent.AddKey(key);
}
// check that SS1 keys worked
keyList = agentClient.ListKeys(SshVersion.SSH1);
var expectedKeyList = allKeys.Where(key => key.Version == SshVersion.SSH1).ToList();
Assert.That(keyList.Count, Is.EqualTo(expectedKeyList.Count));
foreach (var key in expectedKeyList)
{
Assert.That(keyList.Get(key.Version, key.GetPublicKeyBlob()), Is.Not.Null);
}
// check that ssh2 keys worked
keyList = agentClient.ListKeys(SshVersion.SSH2);
expectedKeyList = allKeys.Where(key => key.Version == SshVersion.SSH2).ToList();
Assert.That(keyList.Count, Is.EqualTo(expectedKeyList.Count));
foreach (var key in expectedKeyList)
{
Assert.That(keyList.Get(key.Version, key.GetPublicKeyBlob()), Is.Not.Null);
}
}
private void SaveAgents()
{
if (!Directory.Exists(_settingsFolder))
{
Directory.CreateDirectory(_settingsFolder);
}
TestAgentClient.ExportMultipleToXml(_agents.Select(a => a.Client), _agentsFileLocation);
}
public void Remove(TestAgentClient client)
{
var agent = _agents.FirstOrDefault(a => a.Client == client);
if (agent != null)
{
_agents.Remove(agent);
client.TestOutputReceived -= client_TestOutputReceived;
NotifyOfPropertyChange(() => TestAgentNames);
NotifyOfPropertyChange(() => Agents);
}
}
public void TestAddKey()
{
var agentClient = new TestAgentClient();
int keyCount = 0;
foreach (var key in allKeys)
{
agentClient.AddKey(key);
keyCount += 1;
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(keyCount));
Assert.That(agentClient.Agent.GetAllKeys()
.Get(key.Version, key.GetPublicKeyBlob()), Is.Not.Null);
}
}
private void LoadSavedAgents()
{
if (File.Exists(_agentsFileLocation))
{
var agents = TestAgentClient.ImportMultipleFromXml(_agentsFileLocation);
foreach (var testAgentClient in agents)
{
testAgentClient.Connect();
testAgentClient.TestOutputReceived += client_TestOutputReceived;
_agents.Add(new TestAgentViewModel(testAgentClient, this));
}
NotifyOfPropertyChange(() => TestAgentNames);
NotifyOfPropertyChange(() => Agents);
}
}
public void AddAgent()
{
var addAgent = new AddAgentViewModel(_windowManager);
dynamic settings = new ExpandoObject();
settings.WindowStartupLocation = WindowStartupLocation.CenterOwner;
settings.Owner = GetView();
if (_windowManager.ShowDialog(addAgent, null, settings) == true)
{
var client = new TestAgentClient(addAgent.Hostname, addAgent.Port);
client.Connect();
_agents.Add(new TestAgentViewModel(client, this));
client.TestOutputReceived += client_TestOutputReceived;
NotifyOfPropertyChange(() => TestAgentNames);
NotifyOfPropertyChange(() => Agents);
}
}
public void TestRemoveKey()
{
var agentClient = new TestAgentClient();
/* test SSH1 */
agentClient.Agent.AddKey(rsa1Key);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
agentClient.RemoveKey(rsa1Key);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(0));
/* test SSH2 */
agentClient.Agent.AddKey(rsaKey);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
agentClient.RemoveKey(rsaKey);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(0));
/* test key not found */
agentClient.Agent.AddKey(rsaKey);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
Assert.That(() => agentClient.RemoveKey(dsaKey),
Throws.TypeOf <AgentFailureException>());
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
}
public void TestRemoveAllKeys()
{
var agentClient = new TestAgentClient();
/* test SSH1 */
agentClient.Agent.AddKey(rsa1Key);
agentClient.Agent.AddKey(rsaKey);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(2));
agentClient.RemoveAllKeys(SshVersion.SSH1);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
/* test SSH2 */
agentClient.Agent.AddKey(rsa1Key);
agentClient.Agent.AddKey(rsaKey);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(2));
agentClient.RemoveAllKeys(SshVersion.SSH2);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
/* test remove *all* keys */
agentClient.Agent.AddKey(rsa1Key);
agentClient.Agent.AddKey(rsaKey);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(2));
agentClient.RemoveAllKeys();
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(0));
}
public void TestRemoveKey()
{
var agentClient = new TestAgentClient();
/* test SSH1 */
agentClient.Agent.AddKey(rsa1Key);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
agentClient.RemoveKey(rsa1Key);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(0));
/* test SSH2 */
agentClient.Agent.AddKey(rsaKey);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
agentClient.RemoveKey(rsaKey);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(0));
/* test key not found */
agentClient.Agent.AddKey(rsaKey);
Assume.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
Assert.That(() => agentClient.RemoveKey(dsaKey),
Throws.TypeOf<AgentFailureException>());
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
}
public void TestLockUnlock()
{
var passphrase = Encoding.UTF8.GetBytes("passphrase");
var agentClient = new TestAgentClient();
/* verify that locking works */
Assert.That(() => agentClient.Lock(passphrase),
Throws.Nothing);
/* verify that locking already locked agent fails */
Assert.That(() => agentClient.Lock(passphrase),
Throws.Exception.TypeOf<AgentFailureException>());
/* verify that unlocking works */
Assert.That(() => agentClient.Unlock(passphrase),
Throws.Nothing);
/* verify that unlocking already unlocked agent fails */
Assert.That(() => agentClient.Unlock(passphrase),
Throws.Exception.TypeOf<AgentFailureException>());
/* try with null passphrase */
Assert.That(() => agentClient.Lock(null),
Throws.Nothing);
Assert.That(() => agentClient.Unlock(null),
Throws.Nothing);
/* verify that bad passphrase fails */
Assert.That(() => agentClient.Lock(passphrase),
Throws.Nothing);
Assert.That(() => agentClient.Unlock(null),
Throws.Exception.TypeOf<AgentFailureException>());
}
public void TestAddKey()
{
var agentClient = new TestAgentClient();
int keyCount = 0;
foreach (var key in allKeys) {
agentClient.AddKey(key);
keyCount += 1;
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(keyCount));
Assert.That(agentClient.Agent.GetAllKeys()
.Get(key.Version, key.GetPublicKeyBlob()), Is.Not.Null);
}
}
public void TestAddConstrainedKey()
{
var agentClient = new TestAgentClient();
agentClient.Agent.ConfirmUserPermissionCallback = delegate
{
return true;
};
Agent.KeyConstraint constraint;
List<Agent.KeyConstraint> constraints = new List<Agent.KeyConstraint>();
constraint = new Agent.KeyConstraint();
constraint.Type = Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM;
constraints.Add(constraint);
agentClient.AddKey(rsaKey, constraints);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
Assert.That(agentClient.Agent.GetAllKeys().First().Constraints.Count,
Is.EqualTo(1));
Assert.That(agentClient.Agent.GetAllKeys().First().Constraints.First().Type,
Is.EqualTo(Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM));
constraint = new Agent.KeyConstraint();
constraint.Type = Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME;
constraint.Data = (uint)10;
constraints.Clear();
constraints.Add(constraint);
agentClient.AddKey(rsaKey, constraints);
Assert.That(agentClient.Agent.KeyCount, Is.EqualTo(1));
Assert.That(agentClient.Agent.GetAllKeys().First().Constraints.Count,
Is.EqualTo(1));
Assert.That(agentClient.Agent.GetAllKeys().First().Constraints.First().Type,
Is.EqualTo(Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_LIFETIME));
}
public TestAgentViewModel(TestAgentClient client, ITestAgentManager manager)
{
_agentManager = manager;
_client = client;
_client.IsConnectedChanged += _client_IsConnectedChanged;
}
public void TestSignRequest()
{
var agentClient = new TestAgentClient();
var data = Encoding.UTF8.GetBytes("Data to be signed");
foreach (var key in allKeys) {
agentClient.Agent.AddKey(key);
var signature = agentClient.SignRequest(key, data);
switch (key.Version) {
case SshVersion.SSH1:
using (MD5 md5 = MD5.Create()) {
var md5Buffer = new byte[48];
data.CopyTo(md5Buffer, 0);
agentClient.SessionId.CopyTo(md5Buffer, 32);
var expctedSignature = md5.ComputeHash(md5Buffer);
Assert.That(signature, Is.EqualTo(expctedSignature));
}
break;
case SshVersion.SSH2:
BlobParser signatureParser = new BlobParser(signature);
var algorithm = signatureParser.ReadString();
Assert.That(algorithm, Is.EqualTo(key.Algorithm.GetIdentifierString()));
signature = signatureParser.ReadBlob();
if (key.Algorithm == PublicKeyAlgorithm.SSH_RSA) {
Assert.That(signature.Length == key.Size / 8);
} else if (key.Algorithm == PublicKeyAlgorithm.SSH_DSS) {
Assert.That(signature.Length, Is.EqualTo(40));
var r = new BigInteger(1, signature, 0, 20);
var s = new BigInteger(1, signature, 20, 20);
var seq = new DerSequence(new DerInteger(r), new DerInteger(s));
signature = seq.GetDerEncoded();
} else if (key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP256 ||
key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP384 ||
key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP521) {
Assert.That(signature.Length, Is.AtLeast(key.Size / 4 + 8));
Assert.That(signature.Length, Is.AtMost(key.Size / 4 + 10));
BlobParser parser = new BlobParser(signature);
var r = new BigInteger(parser.ReadBlob());
var s = new BigInteger(parser.ReadBlob());
var seq = new DerSequence(new DerInteger(r), new DerInteger(s));
signature = seq.GetDerEncoded();
}
var signer = key.GetSigner();
signer.Init(false, key.GetPublicKeyParameters());
signer.BlockUpdate(data, 0, data.Length);
var valid = signer.VerifySignature(signature);
Assert.That(valid, Is.True);
break;
default:
Assert.Fail("Unexpected Ssh Version");
break;
}
}
}
public void TesListKeys()
{
var agentClient = new TestAgentClient();
ICollection<ISshKey> keyList;
foreach (var key in allKeys) {
agentClient.Agent.AddKey(key);
}
// check that SS1 keys worked
keyList = agentClient.ListKeys(SshVersion.SSH1);
var expectedKeyList = allKeys.Where(key => key.Version == SshVersion.SSH1).ToList();
Assert.That(keyList.Count, Is.EqualTo(expectedKeyList.Count));
foreach (var key in expectedKeyList) {
Assert.That(keyList.Get(key.Version, key.GetPublicKeyBlob()), Is.Not.Null);
}
// check that ssh2 keys worked
keyList = agentClient.ListKeys(SshVersion.SSH2);
expectedKeyList = allKeys.Where(key => key.Version == SshVersion.SSH2).ToList();
Assert.That(keyList.Count, Is.EqualTo(expectedKeyList.Count));
foreach (var key in expectedKeyList) {
Assert.That(keyList.Get(key.Version, key.GetPublicKeyBlob()), Is.Not.Null);
}
}
public void TestSignRequest()
{
var agentClient = new TestAgentClient();
var data = Encoding.UTF8.GetBytes("Data to be signed");
foreach (var key in allKeys)
{
agentClient.Agent.AddKey(key);
var signature = agentClient.SignRequest(key, data);
switch (key.Version)
{
case SshVersion.SSH1:
using (MD5 md5 = MD5.Create()) {
var md5Buffer = new byte[48];
data.CopyTo(md5Buffer, 0);
agentClient.SessionId.CopyTo(md5Buffer, 32);
var expctedSignature = md5.ComputeHash(md5Buffer);
Assert.That(signature, Is.EqualTo(expctedSignature));
}
break;
case SshVersion.SSH2:
BlobParser signatureParser = new BlobParser(signature);
var algorithm = signatureParser.ReadString();
Assert.That(algorithm, Is.EqualTo(key.Algorithm.GetIdentifierString()));
signature = signatureParser.ReadBlob();
if (key.Algorithm == PublicKeyAlgorithm.SSH_RSA)
{
Assert.That(signature.Length == key.Size / 8);
}
else if (key.Algorithm == PublicKeyAlgorithm.SSH_DSS)
{
Assert.That(signature.Length, Is.EqualTo(40));
var r = new BigInteger(1, signature, 0, 20);
var s = new BigInteger(1, signature, 20, 20);
var seq = new DerSequence(new DerInteger(r), new DerInteger(s));
signature = seq.GetDerEncoded();
}
else if (key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP256 ||
key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP384 ||
key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP521)
{
Assert.That(signature.Length, Is.AtLeast(key.Size / 4 + 8));
Assert.That(signature.Length, Is.AtMost(key.Size / 4 + 10));
BlobParser parser = new BlobParser(signature);
var r = new BigInteger(parser.ReadBlob());
var s = new BigInteger(parser.ReadBlob());
var seq = new DerSequence(new DerInteger(r), new DerInteger(s));
signature = seq.GetDerEncoded();
}
var signer = key.GetSigner();
signer.Init(false, key.GetPublicKeyParameters());
signer.BlockUpdate(data, 0, data.Length);
var valid = signer.VerifySignature(signature);
Assert.That(valid, Is.True);
break;
default:
Assert.Fail("Unexpected Ssh Version");
break;
}
}
}
