private void authService_AuthenticateUserHostBased(object sender, AuthUserHostBasedEventArgs e)
{
var authService = (SshAuthenticationService)sender;
e.Result = AuthenticationResult.Success;
// Write to event log.
LogClientAuthEvent(authService.Client, AuthenticationMethod.HostBased, e);
}
protected void ProcessMsgUserAuthRequestHostBased(SshStreamReader msgReader)
{
if (_isDisposed) throw new ObjectDisposedException(this.GetType().FullName);
// Raise event to specify requested auth method.
if (AuthenticationMethodRequested != null) AuthenticationMethodRequested(this,
new AuthMethodRequestedEventArgs(AuthenticationMethod.HostBased));
// Read request information.
string keyAlgName = msgReader.ReadString();
byte[] keyAndCertsData = msgReader.ReadByteString();
string clientHostName = msgReader.ReadString();
string clientUserName = msgReader.ReadString();
// Try to find public key algorithm.
PublicKeyAlgorithm keyAlg = null;
try
{
keyAlg = (PublicKeyAlgorithm)_client.PublicKeyAlgorithms.Single(item =>
item.Name == keyAlgName).Clone();
}
catch (InvalidOperationException)
{
// Public key algorithm is not supported.
SendMsgUserAuthFailure(false);
}
// Load key and certificats data for algorithm.
keyAlg.LoadKeyAndCertificatesData(keyAndCertsData);
// Read client signature.
var signatureData = msgReader.ReadByteString();
var signature = keyAlg.GetSignature(signatureData);
// Verify signature.
var payloadData = ((MemoryStream)msgReader.BaseStream).ToArray();
if (VerifyPublicKeySignature(keyAlg, payloadData, 0, payloadData.Length -
signatureData.Length - 4, signature))
{
// Raise event to get result of auth attempt.
var authUserEventArgs = new AuthUserHostBasedEventArgs(_lastUserName, clientHostName,
clientUserName, keyAlg.ExportPublicKey());
if (AuthenticateUserHostBased != null) AuthenticateUserHostBased(this, authUserEventArgs);
// Check result of auth attempt.
switch (authUserEventArgs.Result)
{
case AuthenticationResult.Success:
// Auth has succeeded.
AuthenticateUser(_lastServiceName);
break;
case AuthenticationResult.FurtherAuthRequired:
// Auth has succeeded, but further auth is required.
SendMsgUserAuthFailure(true);
break;
case AuthenticationResult.Failure:
// Auth has failed.
SendMsgUserAuthFailure(false);
break;
}
}
else
{
// Signature is invalid.
SendMsgUserAuthFailure(false);
}
}
protected void ProcessMsgUserAuthRequestHostBased(SshStreamReader msgReader)
{
if (_isDisposed)
{
throw new ObjectDisposedException(this.GetType().FullName);
}
// Raise event to specify requested auth method.
if (AuthenticationMethodRequested != null)
{
AuthenticationMethodRequested(this,
new AuthMethodRequestedEventArgs(AuthenticationMethod.HostBased));
}
// Read request information.
string keyAlgName = msgReader.ReadString();
byte[] keyAndCertsData = msgReader.ReadByteString();
string clientHostName = msgReader.ReadString();
string clientUserName = msgReader.ReadString();
// Try to find public key algorithm.
PublicKeyAlgorithm keyAlg = null;
try
{
keyAlg = (PublicKeyAlgorithm)_client.PublicKeyAlgorithms.Single(item =>
item.Name == keyAlgName).Clone();
}
catch (InvalidOperationException)
{
// Public key algorithm is not supported.
SendMsgUserAuthFailure(false);
}
// Load key and certificats data for algorithm.
keyAlg.LoadKeyAndCertificatesData(keyAndCertsData);
// Read client signature.
var signatureData = msgReader.ReadByteString();
var signature = keyAlg.GetSignature(signatureData);
// Verify signature.
var payloadData = ((MemoryStream)msgReader.BaseStream).ToArray();
if (VerifyPublicKeySignature(keyAlg, payloadData, 0, payloadData.Length -
signatureData.Length - 4, signature))
{
// Raise event to get result of auth attempt.
var authUserEventArgs = new AuthUserHostBasedEventArgs(_lastUserName, clientHostName,
clientUserName, keyAlg.ExportPublicKey());
if (AuthenticateUserHostBased != null)
{
AuthenticateUserHostBased(this, authUserEventArgs);
}
// Check result of auth attempt.
switch (authUserEventArgs.Result)
{
case AuthenticationResult.Success:
// Auth has succeeded.
AuthenticateUser(_lastServiceName);
break;
case AuthenticationResult.FurtherAuthRequired:
// Auth has succeeded, but further auth is required.
SendMsgUserAuthFailure(true);
break;
case AuthenticationResult.Failure:
// Auth has failed.
SendMsgUserAuthFailure(false);
break;
}
}
else
{
// Signature is invalid.
SendMsgUserAuthFailure(false);
}
}
