public string DumpHostKeyInKnownHostsStyle() { StringBuilder bld = new StringBuilder(); bld.Append(SSH2Util.PublicKeyAlgorithmName(_hostkey.Algorithm)); bld.Append(' '); SSH2DataWriter wr = new SSH2DataWriter(); wr.Write(SSH2Util.PublicKeyAlgorithmName(_hostkey.Algorithm)); if (_hostkey.Algorithm == PublicKeyAlgorithm.RSA) { RSAPublicKey rsa = (RSAPublicKey)_hostkey; wr.Write(rsa.Exponent); wr.Write(rsa.Modulus); } else if (_hostkey.Algorithm == PublicKeyAlgorithm.DSA) { DSAPublicKey dsa = (DSAPublicKey)_hostkey; wr.Write(dsa.P); wr.Write(dsa.Q); wr.Write(dsa.G); wr.Write(dsa.Y); } else { //throw new Exception("Host key algorithm is unsupported"); throw new Exception("Host key algorithm is unsupported"); } byte[] tmpdata = Base64.Encode(wr.ToByteArray()); bld.Append(Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length)); return(bld.ToString()); }
public byte[] GetPublicKeyBlob() { SSH2DataWriter w = new SSH2DataWriter(); w.Write(SSH2Util.PublicKeyAlgorithmName(_keypair.Algorithm)); _keypair.PublicKey.WriteTo(w); return(w.ToByteArray()); }
private string FormatBase64EncodedPublicKeyBody() { SSH2DataWriter wr = new SSH2DataWriter(); wr.Write(SSH2Util.PublicKeyAlgorithmName(_keypair.Algorithm)); _keypair.PublicKey.WriteTo(wr); byte[] tmpdata = Base64.Encode(wr.ToByteArray()); return(Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length)); }
public static SSH2Packet FromDecryptedHead(byte[] head, byte[] buffer, int offset, Cipher cipher, int sequence, MAC mac) { SSH2Packet p = new SSH2Packet(); p._packetLength = SSHUtil.ReadInt32(head, 0); if (p._packetLength <= 0 || p._packetLength >= MAX_PACKET_LENGTH) { throw new Exception(String.Format("packet size {0} is invalid", p._packetLength)); } SSH2DataWriter buf = new SSH2DataWriter(); buf.Write(sequence); buf.Write(head); if (p._packetLength > (cipher.BlockSize - 4)) { byte[] tmp = new byte[p._packetLength - (cipher.BlockSize - 4)]; cipher.Decrypt(buffer, offset, tmp.Length, tmp, 0); offset += tmp.Length; buf.Write(tmp); } byte[] result = buf.ToByteArray(); int padding_len = (int)result[8]; if (padding_len < 4) { throw new Exception("padding length is invalid"); } byte[] payload = new byte[result.Length - 9 - padding_len]; Array.Copy(result, 9, payload, 0, payload.Length); p._payload = payload; if (mac != null) { p._mac = mac.Calc(result); if (SSHUtil.memcmp(p._mac, 0, buffer, offset, mac.Size) != 0) { throw new Exception("MAC Error"); } } return(p); }
public void SendEOF() { if(_connection.IsClosed()) return; SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_CHANNEL_EOF); wr.Write(_remoteID); TransmitPacket(wr.ToByteArray()); }
private AuthenticationResult ProcessAuthenticationResponse() { do { SSH2DataReader response = new SSH2DataReader(ReceivePacket().Data); PacketType h = response.ReadPacketType(); if(h==PacketType.SSH_MSG_USERAUTH_FAILURE) { byte[] tmpdata = response.ReadString(); string msg = Encoding.UTF8.GetString(tmpdata,0,tmpdata.Length); _eventReceiver.OnDebugMessage(true, tmpdata); bool partialSuccess = response.ReadBool(); return GranadosRT.Routrek.SSHC.AuthenticationResult.Failure; } else if(h==PacketType.SSH_MSG_USERAUTH_BANNER) { //Debug.WriteLine("USERAUTH_BANNER"); byte[] tmpdata = response.ReadString(); _eventReceiver.OnDebugMessage(true, tmpdata); } else if(h==PacketType.SSH_MSG_USERAUTH_SUCCESS) { _packetBuilder.Handler = new CallbackSSH2PacketHandler(this); return GranadosRT.Routrek.SSHC.AuthenticationResult.Success; //successfully exit } else if (h == PacketType.SSH_MSG_USERAUTH_INFO_REQUEST) { byte[] tmpdata = response.ReadString(); string name = Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length); tmpdata = response.ReadString(); string inst = Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length); tmpdata = response.ReadString(); string lang = Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length); int num = response.ReadInt32(); string[] prompts = new string[num]; for (int i = 0; i < num; i++) { tmpdata = response.ReadString(); prompts[i] = Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length); bool echo = response.ReadBool(); } if (prompts.Length == 0) { //TODO 0 length response SSH2DataWriter re = new SSH2DataWriter(); re.WritePacketType(PacketType.SSH_MSG_USERAUTH_INFO_RESPONSE); re.Write(0); byte[] ba = re.ToByteArray(); TransmitPacket(ba); return ProcessAuthenticationResponse(); } else { _eventReceiver.OnAuthenticationPrompt(prompts); return GranadosRT.Routrek.SSHC.AuthenticationResult.Prompt; } } else { //throw new Exception(resLoader.GetString("ProtocolError") + resLoader.GetString("UnexpectedPacket") + h); } } while(true); }
public byte[] GetPublicKeyBlob() { SSH2DataWriter w = new SSH2DataWriter(); w.Write(SSH2Util.PublicKeyAlgorithmName(_keypair.Algorithm)); _keypair.PublicKey.WriteTo(w); return w.ToByteArray(); }
private string FormatBase64EncodedPublicKeyBody() { SSH2DataWriter wr = new SSH2DataWriter(); wr.Write(SSH2Util.PublicKeyAlgorithmName(_keypair.Algorithm)); _keypair.PublicKey.WriteTo(wr); byte[] tmpdata = Base64.Encode(wr.ToByteArray()); return Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length); }
private bool ProcessKEXDHREPLY(SSH2Packet packet) { //Round2 receives response SSH2DataReader re = new SSH2DataReader(packet.Data); PacketType h = re.ReadPacketType(); if(h!=PacketType.SSH_MSG_KEXDH_REPLY) throw new Exception(String.Format("KeyExchange response is not KEXDH_REPLY but {0}", h)); byte[] key_and_cert = re.ReadString(); BigInteger f = re.ReadMPInt(); byte[] signature = re.ReadString(); Debug.Assert(re.Rest==0); //Round3 calc hash H SSH2DataWriter wr = new SSH2DataWriter(); _k = f.modPow(_x, DH_PRIME); wr = new SSH2DataWriter(); wr.Write(_cInfo._clientVersionString); wr.Write(_cInfo._serverVersionString); wr.WriteAsString(_clientKEXINITPayload); wr.WriteAsString(_serverKEXINITPayload); wr.WriteAsString(key_and_cert); wr.Write(_e); wr.Write(f); wr.Write(_k); _hash = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha1).HashData(wr.ToByteArray().AsBuffer()).ToArray(); if(!VerifyHostKey(key_and_cert, signature, _hash)) return false; //Debug.WriteLine("hash="+DebugUtil.DumpByteArray(hash)); if(_sessionID==null) _sessionID = _hash; return true; }
public void ResizeTerminal(int width, int height, int pixel_width, int pixel_height) { SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_CHANNEL_REQUEST); wr.Write(_remoteID); wr.Write("window-change"); wr.Write(false); wr.Write(width); wr.Write(height); wr.Write(pixel_width); //no graphics wr.Write(pixel_height); TransmitPacket(wr.ToByteArray()); }
private void OpenShell(ISSHChannelEventReceiver receiver, PacketType pt, SSH2DataReader reader) { if(_negotiationStatus==3) { if(pt!=PacketType.SSH_MSG_CHANNEL_OPEN_CONFIRMATION) { if(pt!=PacketType.SSH_MSG_CHANNEL_OPEN_FAILURE) receiver.OnChannelError(null, "opening channel failed; packet type="+pt); else { int errcode = reader.ReadInt32(); byte[] tmpdata = reader.ReadString(); string msg = Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length); receiver.OnChannelError(null, msg); } Close(); } else { _remoteID = reader.ReadInt32(); _serverMaxPacketSize = reader.ReadInt32(); //open pty SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_CHANNEL_REQUEST); wr.Write(_remoteID); wr.Write("pty-req"); wr.Write(true); wr.Write(_connection.Param().TerminalName); wr.Write(_connection.Param().TerminalWidth); wr.Write(_connection.Param().TerminalHeight); wr.Write(_connection.Param().TerminalPixelWidth); wr.Write(_connection.Param().TerminalPixelHeight); wr.WriteAsString(new byte[0]); TransmitPacket(wr.ToByteArray()); _negotiationStatus = 2; } } else if(_negotiationStatus==2) { if(pt!=PacketType.SSH_MSG_CHANNEL_SUCCESS) { receiver.OnChannelError(null, "opening pty failed"); Close(); } else { //open shell SSH2DataWriter wr = new SSH2DataWriter(); wr.Write((byte)PacketType.SSH_MSG_CHANNEL_REQUEST); wr.Write(_remoteID); wr.Write("shell"); wr.Write(true); TransmitPacket(wr.ToByteArray()); _negotiationStatus = 1; } } else if(_negotiationStatus==1) { if(pt!=PacketType.SSH_MSG_CHANNEL_SUCCESS) { receiver.OnChannelError(null, "Opening shell failed: packet type="+pt.ToString()); Close(); } else { receiver.OnChannelReady(); _negotiationStatus = 0; //goal! } } else Debug.Assert(false); }
private AuthenticationResult UserAuth() { string sn = "ssh-connection"; SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_USERAUTH_REQUEST); wr.Write(_param.UserName); if(_param.AuthenticationType==AuthenticationType.Password) { //Password authentication wr.Write(sn); wr.Write("password"); wr.Write(false); wr.Write(_param.Password); } else if(_param.AuthenticationType==AuthenticationType.KeyboardInteractive) { wr.Write(sn); wr.Write("keyboard-interactive"); wr.Write(""); //lang wr.Write(""); //submethod } else { //public key authentication //SSH2UserAuthKey kp = SSH2UserAuthKey.FromSECSHStyleFile(_param.IdentityFile, _param.Password); SSH2UserAuthKey kp = SSH2UserAuthKey.FromPrivateKeyFile(_param.IdentityFile, _param.Password); SSH2DataWriter signsource = new SSH2DataWriter(); signsource.WriteAsString(_sessionID); signsource.WritePacketType(PacketType.SSH_MSG_USERAUTH_REQUEST); signsource.Write(_param.UserName); signsource.Write(sn); signsource.Write("publickey"); signsource.Write(true); signsource.Write(SSH2Util.PublicKeyAlgorithmName(kp.Algorithm)); signsource.WriteAsString(kp.GetPublicKeyBlob()); SSH2DataWriter signpack = new SSH2DataWriter(); signpack.Write(SSH2Util.PublicKeyAlgorithmName(kp.Algorithm)); signpack.WriteAsString(kp.Sign(signsource.ToByteArray())); wr.Write(sn); wr.Write("publickey"); wr.Write(true); wr.Write(SSH2Util.PublicKeyAlgorithmName(kp.Algorithm)); wr.WriteAsString(kp.GetPublicKeyBlob()); wr.WriteAsString(signpack.ToByteArray()); } TransmitPacket(wr.ToByteArray()); _authenticationResult = ProcessAuthenticationResponse(); //if (_authenticationResult == GranadosRT.Routrek.SSHC.AuthenticationResult.Failure) // throw new Exception(Strings.GetString("AuthenticationFailed")); return _authenticationResult; }
internal void ProcessPacket(ISSHChannelEventReceiver receiver, PacketType pt, int data_length, SSH2DataReader re) { //NOTE: the offset of 're' is next to 'receipiant channel' field _leftWindowSize -= data_length; if (_negotiationStatus < 1) { while (_leftWindowSize <= _windowSize) { SSH2DataWriter adj = new SSH2DataWriter(); adj.WritePacketType(PacketType.SSH_MSG_CHANNEL_WINDOW_ADJUST); adj.Write(_remoteID); adj.Write(_windowSize); TransmitPacket(adj.ToByteArray()); _leftWindowSize += _windowSize; Debug.WriteLine("Window size is adjusted to " + _leftWindowSize); } } if(pt==PacketType.SSH_MSG_CHANNEL_WINDOW_ADJUST) { int w = re.ReadInt32(); //Debug.WriteLine(String.Format("Window Adjust +={0}",w)); } else if(_negotiationStatus!=0) { //when the negotiation is not completed if(_type==ChannelType.Shell) OpenShell(receiver, pt, re); else if(_type==ChannelType.ForwardedLocalToRemote) ReceivePortForwardingResponse(receiver, pt, re); else if(_type==ChannelType.Session) EstablishSession(receiver, pt, re); } else { switch(pt) { case PacketType.SSH_MSG_CHANNEL_DATA: { int len = re.ReadInt32(); //await receiver.OnData(re.Image, re.Offset, len); receiver.OnData(re.Image, re.Offset, len); } break; case PacketType.SSH_MSG_CHANNEL_EXTENDED_DATA: { int t = re.ReadInt32(); byte[] data = re.ReadString(); receiver.OnExtendedData(t, data); } break; case PacketType.SSH_MSG_CHANNEL_REQUEST: { byte[] tmpdata = re.ReadString(); string request = Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length); bool reply = re.ReadBool(); if(request=="exit-status") { int status = re.ReadInt32(); } } break; case PacketType.SSH_MSG_CHANNEL_EOF: receiver.OnChannelEOF(); break; case PacketType.SSH_MSG_CHANNEL_CLOSE: _connection.UnregisterChannelEventReceiver(_localID); receiver.OnChannelClosed(); break; case PacketType.SSH_MSG_CHANNEL_FAILURE: case PacketType.SSH_MSG_CHANNEL_SUCCESS: receiver.OnMiscPacket((byte)pt, re.Image, re.Offset, re.Rest); break; default: receiver.OnMiscPacket((byte)pt, re.Image, re.Offset, re.Rest); Debug.WriteLine(resLoader.GetString("UnexpectedPacket")+pt); break; } } }
public void CancelForwardedPort(string host, int port) { SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_GLOBAL_REQUEST); wr.Write("cancel-tcpip-forward"); wr.Write(true); wr.Write(host); wr.Write(port); TransmitPacket(wr.ToByteArray()); }
public void Transmit(byte[] data, int offset, int length) { SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_CHANNEL_DATA); wr.Write(_remoteID); wr.WriteAsString(data, offset, length); TransmitPacket(wr.ToByteArray()); }
public void Transmit(byte[] data) { //!!it is better idea that we wait a WINDOW_ADJUST if the left size is lack SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_CHANNEL_DATA); wr.Write(_remoteID); wr.WriteAsString(data); TransmitPacket(wr.ToByteArray()); }
//maybe this is SSH2 only feature public void SetEnvironmentVariable(string name, string value) { SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_CHANNEL_REQUEST); wr.Write(_remoteID); wr.Write("env"); wr.Write(false); wr.Write(name); wr.Write(value); TransmitPacket(wr.ToByteArray()); }
private void ProcessPortforwardingRequest(ISSHConnectionEventReceiver receiver, SSH2DataReader reader) { byte[] tmpdata = reader.ReadString(); string method = Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length); int remote_channel = reader.ReadInt32(); int window_size = reader.ReadInt32(); //skip initial window size int servermaxpacketsize = reader.ReadInt32(); tmpdata = reader.ReadString(); string host = Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length); int port = reader.ReadInt32(); tmpdata = reader.ReadString(); string originator_ip = Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length); int originator_port = reader.ReadInt32(); PortForwardingCheckResult r = receiver.CheckPortForwardingRequest(host,port,originator_ip,originator_port); SSH2DataWriter wr = new SSH2DataWriter(); if(r.allowed) { //send OPEN_CONFIRMATION SSH2Channel channel = new SSH2Channel(this, ChannelType.ForwardedRemoteToLocal, RegisterChannelEventReceiver(null, r.channel)._localID, remote_channel, servermaxpacketsize); wr.WritePacketType(PacketType.SSH_MSG_CHANNEL_OPEN_CONFIRMATION); wr.Write(remote_channel); wr.Write(channel.LocalChannelID()); wr.Write(_param.WindowSize); //initial window size wr.Write(_param.MaxPacketSize); //max packet size receiver.EstablishPortforwarding(r.channel, channel); } else { wr.WritePacketType(PacketType.SSH_MSG_CHANNEL_OPEN_FAILURE); wr.Write(remote_channel); wr.Write(r.reason_code); wr.Write(r.reason_message); wr.Write(""); //lang tag } TransmitPacket(wr.ToByteArray()); }
public void Disconnect(string msg) { if(_closed) return; SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_DISCONNECT); wr.Write(0); wr.Write(msg); wr.Write(""); //language TransmitPacket(wr.ToByteArray()); _stream.Flush(); _closed = true; _stream.Close(); }
private void ServiceRequest(string servicename) { SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_SERVICE_REQUEST); wr.Write(servicename); TransmitPacket(wr.ToByteArray()); byte[] response = ReceivePacket().Data; SSH2DataReader re = new SSH2DataReader(response); PacketType t = re.ReadPacketType(); if(t!=PacketType.SSH_MSG_SERVICE_ACCEPT) { throw new Exception("service establishment failed "+t); } byte[] tmpdata = re.ReadString(); string s = Encoding.UTF8.GetString(tmpdata,0,tmpdata.Length); if(servicename!=s) throw new Exception(resLoader.GetString("ProtocolError")); }
public AuthenticationResult DoKeyboardInteractiveAuth([ReadOnlyArray()] string[] input) { if(_param.AuthenticationType!=AuthenticationType.KeyboardInteractive) throw new Exception("DoKeyboardInteractiveAuth() must be called with keyboard-interactive authentication"); SSH2DataWriter re = new SSH2DataWriter(); re.WritePacketType(PacketType.SSH_MSG_USERAUTH_INFO_RESPONSE); re.Write(input.Length); foreach(string t in input) re.Write(t); byte[] ba = re.ToByteArray(); TransmitPacket(ba); _authenticationResult = ProcessAuthenticationResponse(); //try again on failure if (_authenticationResult == GranadosRT.Routrek.SSHC.AuthenticationResult.Failure) { SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_USERAUTH_REQUEST); wr.Write(_param.UserName); wr.Write("ssh-connection"); wr.Write("keyboard-interactive"); wr.Write(""); //lang wr.Write(""); //submethod TransmitPacket(wr.ToByteArray()); _authenticationResult = ProcessAuthenticationResponse(); } return _authenticationResult; }
private byte[] DeriveKey(BigInteger key, byte[] hash, char ch, int length) { byte[] result = new byte[length]; SSH2DataWriter wr = new SSH2DataWriter(); wr.Write(key); wr.Write(hash); wr.Write((byte)ch); wr.Write(_sessionID); byte[] h1 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha1).HashData(wr.ToByteArray().AsBuffer()).ToArray(); if(h1.Length >= length) { Array.Copy(h1, 0, result, 0, length); return result; } else { wr = new SSH2DataWriter(); wr.Write(key); wr.Write(_sessionID); wr.Write(h1); byte[] h2 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha1).HashData(wr.ToByteArray().AsBuffer()).ToArray(); if(h1.Length+h2.Length >= length) { Array.Copy(h1, 0, result, 0, h1.Length); Array.Copy(h2, 0, result, h1.Length, length-h1.Length); return result; } else throw new Exception("necessary key length is too big"); //long key is not supported } }
public SSHChannel ForwardPort(ISSHChannelEventReceiver receiver, string remote_host, int remote_port, string originator_host, int originator_port) { SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_CHANNEL_OPEN); wr.Write("direct-tcpip"); int local_id = RegisterChannelEventReceiver(null, receiver)._localID; wr.Write(local_id); wr.Write(_param.WindowSize); //initial window size int windowsize = _param.WindowSize; wr.Write(_param.MaxPacketSize); //max packet size wr.Write(remote_host); wr.Write(remote_port); wr.Write(originator_host); wr.Write(originator_port); SSH2Channel channel = new SSH2Channel(this, ChannelType.ForwardedLocalToRemote, local_id); TransmitPacket(wr.ToByteArray()); return channel; }
internal void WritePrivatePartInSECSHStyleFile(Stream dest, string comment, string passphrase) { //step1 key body SSH2DataWriter wr = new SSH2DataWriter(); wr.Write(0); //this field is filled later if (_keypair.Algorithm == PublicKeyAlgorithm.RSA) { RSAKeyPair rsa = (RSAKeyPair)_keypair; RSAPublicKey pub = (RSAPublicKey)_keypair.PublicKey; wr.WriteBigIntWithBits(pub.Exponent); wr.WriteBigIntWithBits(rsa.D); wr.WriteBigIntWithBits(pub.Modulus); wr.WriteBigIntWithBits(rsa.U); wr.WriteBigIntWithBits(rsa.P); wr.WriteBigIntWithBits(rsa.Q); } else { DSAKeyPair dsa = (DSAKeyPair)_keypair; DSAPublicKey pub = (DSAPublicKey)_keypair.PublicKey; wr.Write(0); wr.WriteBigIntWithBits(pub.P); wr.WriteBigIntWithBits(pub.G); wr.WriteBigIntWithBits(pub.Q); wr.WriteBigIntWithBits(pub.Y); wr.WriteBigIntWithBits(dsa.X); } int padding_len = 0; if (passphrase != null) { padding_len = 8 - (int)wr.Length % 8; wr.Write(new byte[padding_len]); } byte[] encrypted_body = wr.ToByteArray(); SSHUtil.WriteIntToByteArray(encrypted_body, 0, encrypted_body.Length - padding_len - 4); //encrypt if necessary if (passphrase != null) { Cipher c = CipherFactory.CreateCipher(SSHProtocol.SSH2, CipherAlgorithm.TripleDES, PassphraseToKey(passphrase, 24)); Debug.Assert(encrypted_body.Length % 8 == 0); byte[] tmp = new Byte[encrypted_body.Length]; c.Encrypt(encrypted_body, 0, encrypted_body.Length, tmp, 0); encrypted_body = tmp; } //step2 make binary key data wr = new SSH2DataWriter(); wr.Write(SSH_COM_MAGIC_VAL); wr.Write(0); //for total size wr.Write(_keypair.Algorithm == PublicKeyAlgorithm.RSA? "if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}" : "dl-modp{sign{dsa-nist-sha1},dh{plain}}"); wr.Write(passphrase == null? "none" : "3des-cbc"); wr.WriteAsString(encrypted_body); byte[] rawdata = wr.ToByteArray(); SSHUtil.WriteIntToByteArray(rawdata, 4, rawdata.Length); //fix total length //step3 write final data StreamWriter sw = new StreamWriter(dest, Encoding.UTF8); sw.WriteLine("---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----"); if (comment != null) { WriteKeyFileBlock(sw, "Comment: " + comment, true); } byte[] tmpdata = Base64.Encode(rawdata); WriteKeyFileBlock(sw, Encoding.UTF8.GetString(tmpdata, 0, tmpdata.Length), false); sw.WriteLine("---- END SSH2 ENCRYPTED PRIVATE KEY ----"); sw.Dispose(); }
public static SSH2Packet FromDecryptedHead(byte[] head, byte[] buffer, int offset, Cipher cipher, int sequence, MAC mac) { SSH2Packet p = new SSH2Packet(); p._packetLength = SSHUtil.ReadInt32(head, 0); if(p._packetLength<=0 || p._packetLength>=MAX_PACKET_LENGTH) throw new Exception(String.Format("packet size {0} is invalid", p._packetLength)); SSH2DataWriter buf = new SSH2DataWriter(); buf.Write(sequence); buf.Write(head); if(p._packetLength > (cipher.BlockSize - 4)) { byte[] tmp = new byte[p._packetLength-(cipher.BlockSize - 4)]; cipher.Decrypt(buffer, offset, tmp.Length, tmp, 0); offset += tmp.Length; buf.Write(tmp); } byte[] result = buf.ToByteArray(); int padding_len = (int)result[8]; if(padding_len<4) throw new Exception("padding length is invalid"); byte[] payload = new byte[result.Length-9-padding_len]; Array.Copy(result, 9, payload, 0, payload.Length); p._payload = payload; if(mac!=null) { p._mac = mac.Calc(result); if(SSHUtil.memcmp(p._mac, 0, buffer, offset, mac.Size)!=0) throw new Exception("MAC Error"); } return p; }
private void SendKEXINIT() { SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_KEXINIT); byte[] cookie = new byte[16]; _param.Random.NextBytes(cookie); wr.Write(cookie); wr.Write("diffie-hellman-group1-sha1"); // kex_algorithms wr.Write(FormatHostKeyAlgorithmDescription()); // server_host_key_algorithms wr.Write(FormatCipherAlgorithmDescription()); // encryption_algorithms_client_to_server wr.Write(FormatCipherAlgorithmDescription()); // encryption_algorithms_server_to_client wr.Write("hmac-sha1"); // mac_algorithms_client_to_server wr.Write("hmac-sha1"); // mac_algorithms_server_to_client wr.Write("none"); // compression_algorithms_client_to_server wr.Write("none"); // compression_algorithms_server_to_client wr.Write(""); // languages_client_to_server wr.Write(""); // languages_server_to_client wr.Write(false); //Indicates whether a guessed key exchange packet follows wr.Write(0); //reserved for future extension _clientKEXINITPayload = wr.ToByteArray(); _status = Status.WAIT_KEXINIT; TransmitPacket(_clientKEXINITPayload); }
private void SendKEXDHINIT() { //Round1 computes and sends [e] byte[] sx = new byte[16]; _param.Random.NextBytes(sx); _x = new BigInteger(sx); _e = new BigInteger(2).modPow(_x, DH_PRIME); SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_KEXDH_INIT); wr.Write(_e); _status = Status.WAIT_KEXDH_REPLY; TransmitPacket(wr.ToByteArray()); }
internal void WritePrivatePartInSECSHStyleFile(Stream dest, string comment, string passphrase) { //step1 key body SSH2DataWriter wr = new SSH2DataWriter(); wr.Write(0); //this field is filled later if(_keypair.Algorithm==PublicKeyAlgorithm.RSA) { RSAKeyPair rsa = (RSAKeyPair)_keypair; RSAPublicKey pub = (RSAPublicKey)_keypair.PublicKey; wr.WriteBigIntWithBits(pub.Exponent); wr.WriteBigIntWithBits(rsa.D); wr.WriteBigIntWithBits(pub.Modulus); wr.WriteBigIntWithBits(rsa.U); wr.WriteBigIntWithBits(rsa.P); wr.WriteBigIntWithBits(rsa.Q); } else { DSAKeyPair dsa = (DSAKeyPair)_keypair; DSAPublicKey pub = (DSAPublicKey)_keypair.PublicKey; wr.Write(0); wr.WriteBigIntWithBits(pub.P); wr.WriteBigIntWithBits(pub.G); wr.WriteBigIntWithBits(pub.Q); wr.WriteBigIntWithBits(pub.Y); wr.WriteBigIntWithBits(dsa.X); } int padding_len = 0; if(passphrase!=null) { padding_len = 8 - (int)wr.Length % 8; wr.Write(new byte[padding_len]); } byte[] encrypted_body = wr.ToByteArray(); SSHUtil.WriteIntToByteArray(encrypted_body, 0, encrypted_body.Length - padding_len - 4); //encrypt if necessary if(passphrase!=null) { Cipher c = CipherFactory.CreateCipher(SSHProtocol.SSH2, CipherAlgorithm.TripleDES, PassphraseToKey(passphrase,24)); Debug.Assert(encrypted_body.Length % 8 ==0); byte[] tmp = new Byte[encrypted_body.Length]; c.Encrypt(encrypted_body, 0, encrypted_body.Length, tmp, 0); encrypted_body = tmp; } //step2 make binary key data wr = new SSH2DataWriter(); wr.Write(SSH_COM_MAGIC_VAL); wr.Write(0); //for total size wr.Write(_keypair.Algorithm==PublicKeyAlgorithm.RSA? "if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}" : "dl-modp{sign{dsa-nist-sha1},dh{plain}}"); wr.Write(passphrase==null? "none" : "3des-cbc"); wr.WriteAsString(encrypted_body); byte[] rawdata = wr.ToByteArray(); SSHUtil.WriteIntToByteArray(rawdata, 4, rawdata.Length); //fix total length //step3 write final data StreamWriter sw = new StreamWriter(dest, Encoding.UTF8); sw.WriteLine("---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----"); if(comment!=null) WriteKeyFileBlock(sw, "Comment: " + comment, true); byte[] tmpdata = Base64.Encode(rawdata); WriteKeyFileBlock(sw, Encoding.UTF8.GetString(tmpdata,0,tmpdata.Length), false); sw.WriteLine("---- END SSH2 ENCRYPTED PRIVATE KEY ----"); sw.Dispose(); }
public void SendIgnorableData(string msg) { SSH2DataWriter w = new SSH2DataWriter(); w.WritePacketType(PacketType.SSH_MSG_IGNORE); w.Write(msg); TransmitPacket(w.ToByteArray()); }
public void ListenForwardedPort(string allowed_host, int bind_port) { SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_GLOBAL_REQUEST); wr.Write("tcpip-forward"); wr.Write(true); wr.Write(allowed_host); wr.Write(bind_port); _waitingForPortForwardingResponse = true; TransmitPacket(wr.ToByteArray()); }
public void SendBreak(int time) { SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_CHANNEL_REQUEST); wr.Write(_remoteID); wr.Write("break"); wr.Write(true); wr.Write(time); TransmitPacket(wr.ToByteArray()); }
public SSHChannel OpenShell(ISSHChannelEventReceiver receiver) { //open channel SSH2DataWriter wr = new SSH2DataWriter(); wr.WritePacketType(PacketType.SSH_MSG_CHANNEL_OPEN); wr.Write("session"); int local_channel = this.RegisterChannelEventReceiver(null, receiver)._localID; wr.Write(local_channel); wr.Write(_param.WindowSize); //initial window size int windowsize = _param.WindowSize; wr.Write(_param.MaxPacketSize); //max packet size SSH2Channel channel = new SSH2Channel(this, ChannelType.Shell, local_channel); TransmitPacket(wr.ToByteArray()); return channel; }
public string DumpHostKeyInKnownHostsStyle() { StringBuilder bld = new StringBuilder(); bld.Append(SSH2Util.PublicKeyAlgorithmName(_hostkey.Algorithm)); bld.Append(' '); SSH2DataWriter wr = new SSH2DataWriter(); wr.Write(SSH2Util.PublicKeyAlgorithmName(_hostkey.Algorithm)); if(_hostkey.Algorithm==PublicKeyAlgorithm.RSA) { RSAPublicKey rsa = (RSAPublicKey)_hostkey; wr.Write(rsa.Exponent); wr.Write(rsa.Modulus); } else if(_hostkey.Algorithm==PublicKeyAlgorithm.DSA) { DSAPublicKey dsa = (DSAPublicKey)_hostkey; wr.Write(dsa.P); wr.Write(dsa.Q); wr.Write(dsa.G); wr.Write(dsa.Y); } else //throw new Exception("Host key algorithm is unsupported"); throw new Exception("Host key algorithm is unsupported"); byte[] tmpdata = Base64.Encode(wr.ToByteArray()); bld.Append(Encoding.UTF8.GetString(tmpdata, 0 ,tmpdata.Length)); return bld.ToString(); }