protected bool VerifyPublicKeySignature(PublicKeyAlgorithm alg, byte[] payload, int payloadOffset,
                                                int payloadCount, byte[] signature)
        {
            using (var hashInputStream = new MemoryStream())
                using (var hashInputWriter = new SshStreamWriter(hashInputStream))
                {
                    // Write input data.
                    hashInputWriter.WriteByteString(_client.SessionId);
                    hashInputWriter.Write(payload, payloadOffset, payloadCount);

                    // Verify signature.
                    return(alg.VerifyData(hashInputStream.ToArray(), signature));
                }
        }
        protected bool VerifyPublicKeySignature(PublicKeyAlgorithm alg, byte[] payload, int payloadOffset,
            int payloadCount, byte[] signature)
        {
            using (var hashInputStream = new MemoryStream())
            using (var hashInputWriter = new SshStreamWriter(hashInputStream))
            {
                // Write input data.
                hashInputWriter.WriteByteString(_client.SessionId);
                hashInputWriter.Write(payload, payloadOffset, payloadCount);

                // Verify signature.
                return alg.VerifyData(hashInputStream.ToArray(), signature);
            }
        }
Exemplo n.º 3
0
        protected const int _lineMaxByteLength = 72; // Maxmimum length of each line, in bytes.

        #endregion Fields

        #region Constructors

        public SshPublicKey(PublicKeyAlgorithm algorithm)
            : this()
        {
            this.KeyAndCertificatesData = algorithm.CreateKeyAndCertificatesData();
        }
        protected void ProcessMsgUserAuthRequestHostBased(SshStreamReader msgReader)
        {
            if (_isDisposed)
            {
                throw new ObjectDisposedException(this.GetType().FullName);
            }

            // Raise event to specify requested auth method.
            if (AuthenticationMethodRequested != null)
            {
                AuthenticationMethodRequested(this,
                                              new AuthMethodRequestedEventArgs(AuthenticationMethod.HostBased));
            }

            // Read request information.
            string keyAlgName = msgReader.ReadString();

            byte[] keyAndCertsData = msgReader.ReadByteString();
            string clientHostName  = msgReader.ReadString();
            string clientUserName  = msgReader.ReadString();

            // Try to find public key algorithm.
            PublicKeyAlgorithm keyAlg = null;

            try
            {
                keyAlg = (PublicKeyAlgorithm)_client.PublicKeyAlgorithms.Single(item =>
                                                                                item.Name == keyAlgName).Clone();
            }
            catch (InvalidOperationException)
            {
                // Public key algorithm is not supported.
                SendMsgUserAuthFailure(false);
            }

            // Load key and certificats data for algorithm.
            keyAlg.LoadKeyAndCertificatesData(keyAndCertsData);

            // Read client signature.
            var signatureData = msgReader.ReadByteString();
            var signature     = keyAlg.GetSignature(signatureData);

            // Verify signature.
            var payloadData = ((MemoryStream)msgReader.BaseStream).ToArray();

            if (VerifyPublicKeySignature(keyAlg, payloadData, 0, payloadData.Length -
                                         signatureData.Length - 4, signature))
            {
                // Raise event to get result of auth attempt.
                var authUserEventArgs = new AuthUserHostBasedEventArgs(_lastUserName, clientHostName,
                                                                       clientUserName, keyAlg.ExportPublicKey());

                if (AuthenticateUserHostBased != null)
                {
                    AuthenticateUserHostBased(this, authUserEventArgs);
                }

                // Check result of auth attempt.
                switch (authUserEventArgs.Result)
                {
                case AuthenticationResult.Success:
                    // Auth has succeeded.
                    AuthenticateUser(_lastServiceName);

                    break;

                case AuthenticationResult.FurtherAuthRequired:
                    // Auth has succeeded, but further auth is required.
                    SendMsgUserAuthFailure(true);

                    break;

                case AuthenticationResult.Failure:
                    // Auth has failed.
                    SendMsgUserAuthFailure(false);

                    break;
                }
            }
            else
            {
                // Signature is invalid.
                SendMsgUserAuthFailure(false);
            }
        }
Exemplo n.º 5
0
 public SshPublicKey(PublicKeyAlgorithm algorithm) : this()
 {
     this.KeyAndCertificatesData = algorithm.CreateKeyAndCertificatesData();
 }