private byte[] WriteToDataWriter()
{
SSH2DataWriter wr = new SSH2DataWriter();
wr.WriteString(SSH2Util.PublicKeyAlgorithmName(_hostkey.Algorithm));
if (_hostkey.Algorithm == PublicKeyAlgorithm.RSA)
{
RSAPublicKey rsa = (RSAPublicKey)_hostkey;
wr.WriteBigInteger(rsa.Exponent);
wr.WriteBigInteger(rsa.Modulus);
}
else if (_hostkey.Algorithm == PublicKeyAlgorithm.DSA)
{
DSAPublicKey dsa = (DSAPublicKey)_hostkey;
wr.WriteBigInteger(dsa.P);
wr.WriteBigInteger(dsa.Q);
wr.WriteBigInteger(dsa.G);
wr.WriteBigInteger(dsa.Y);
}
else
{
throw new SSHException("Host key algorithm is unsupported");
}
return(wr.ToByteArray());
}
private void SendSign(SSH2DataReader r)
{
byte[] blob = r.ReadString();
byte[] data = r.ReadString();
//Debug.WriteLine(String.Format("SignRequest blobsize={0} datasize={1}", blob.Length, data.Length));
SSH2UserAuthKey[] keys = _client.GetAvailableSSH2UserAuthKeys();
SSH2UserAuthKey key = FindKey(keys, blob);
if (key == null)
{
TransmitWriter(OpenWriter(AgentForwadPacketType.SSH_AGENT_FAILURE));
_client.NotifyPublicKeyDidNotMatch();
}
else
{
SSH2DataWriter signpack = new SSH2DataWriter();
signpack.WriteString(SSH2Util.PublicKeyAlgorithmName(key.Algorithm));
signpack.WriteAsString(key.Sign(data));
SSH2DataWriter wr = OpenWriter(AgentForwadPacketType.SSH2_AGENT_SIGN_RESPONSE);
wr.WriteAsString(signpack.ToByteArray());
TransmitWriter(wr);
}
}
private void TransmitWriter(SSH2DataWriter wr)
{
int o = wr.Length;
wr.SetOffset(0);
wr.WriteInt32(o - 4); //length of int32
_channel.Transmit(wr.UnderlyingBuffer, 0, o);
}
//writer util
private SSH2DataWriter OpenWriter(AgentForwadPacketType pt)
{
SSH2DataWriter wr = new SSH2DataWriter();
wr.WriteInt32(0); //length field
wr.WriteByte((byte)pt);
return(wr);
}
public byte[] GetPublicKeyBlob()
{
SSH2DataWriter w = new SSH2DataWriter();
w.Write(SSH2Util.PublicKeyAlgorithmName(_keypair.Algorithm));
_keypair.PublicKey.WriteTo(w);
return(w.ToByteArray());
}
private string FormatBase64EncodedPublicKeyBody()
{
SSH2DataWriter wr = new SSH2DataWriter();
wr.Write(SSH2Util.PublicKeyAlgorithmName(_keypair.Algorithm));
_keypair.PublicKey.WriteTo(wr);
return(Encoding.ASCII.GetString(Base64.Encode(wr.ToByteArray())));
}
/// <summary>
/// Open packet with specifying a packet type.
/// </summary>
/// <param name="packetType">SFTP packet type.</param>
/// <param name="remoteChannel">remote channel number</param>
public void Open(SFTPPacketType packetType, int remoteChannel)
{
base.Open();
SSH2DataWriter writer = DataWriter;
writer.WritePacketType(Granados.SSH2.PacketType.SSH_MSG_CHANNEL_DATA);
writer.WriteInt32(remoteChannel);
writer.SetOffset(OFFSET_SFTP_PACKET_TYPE);
writer.WriteByte((byte)packetType);
}
private void SendKeyList()
{
SSH2DataWriter wr = OpenWriter(AgentForwadPacketType.SSH2_AGENT_IDENTITIES_ANSWER);
// keycount, ((blob-len, pubkey-blob, comment-len, comment) * keycount)
SSH2UserAuthKey[] keys = _client.GetAvailableSSH2UserAuthKeys();
wr.WriteInt32(keys.Length);
foreach (SSH2UserAuthKey key in keys)
{
byte[] blob = key.GetPublicKeyBlob();
wr.WriteAsString(blob);
Debug.WriteLine("Userkey comment=" + key.Comment);
wr.WriteAsString(Encoding.UTF8.GetBytes(key.Comment));
}
TransmitWriter(wr);
}
internal void dump(SSH2DataWriter writer)
{
writer.Write(flags);
if ((flags & SSH_FILEXFER_ATTR_SIZE) != 0)
{
writer.WriteLong(size);
}
if ((flags & SSH_FILEXFER_ATTR_UIDGID) != 0)
{
writer.Write(uid);
writer.Write(gid);
}
if ((flags & SSH_FILEXFER_ATTR_PERMISSIONS) != 0)
{
writer.Write(permissions);
}
if ((flags & SSH_FILEXFER_ATTR_ACMODTIME) != 0)
{
writer.Write(atime);
}
if ((flags & SSH_FILEXFER_ATTR_ACMODTIME) != 0)
{
writer.Write(mtime);
}
if ((flags & SSH_FILEXFER_ATTR_EXTENDED) != 0)
{
int count = extended.Length / 2;
if (count > 0)
{
for (int i = 0; i < count; i++)
{
writer.Write(extended[i * 2].GetBytes());
writer.Write(extended[i * 2 + 1].GetBytes());
}
}
}
}
public void WritePrivatePartInSECSHStyleFile(Stream dest, string comment, string passphrase)
{
//step1 key body
SSH2DataWriter wr = new SSH2DataWriter();
wr.WriteInt32(0); //this field is filled later
if (_keypair.Algorithm == PublicKeyAlgorithm.RSA)
{
RSAKeyPair rsa = (RSAKeyPair)_keypair;
RSAPublicKey pub = (RSAPublicKey)_keypair.PublicKey;
wr.WriteBigIntWithBits(pub.Exponent);
wr.WriteBigIntWithBits(rsa.D);
wr.WriteBigIntWithBits(pub.Modulus);
wr.WriteBigIntWithBits(rsa.U);
wr.WriteBigIntWithBits(rsa.P);
wr.WriteBigIntWithBits(rsa.Q);
}
else
{
DSAKeyPair dsa = (DSAKeyPair)_keypair;
DSAPublicKey pub = (DSAPublicKey)_keypair.PublicKey;
wr.WriteInt32(0);
wr.WriteBigIntWithBits(pub.P);
wr.WriteBigIntWithBits(pub.G);
wr.WriteBigIntWithBits(pub.Q);
wr.WriteBigIntWithBits(pub.Y);
wr.WriteBigIntWithBits(dsa.X);
}
int padding_len = 0;
if (passphrase != null)
{
padding_len = 8 - (int)wr.Length % 8;
wr.Write(new byte[padding_len]);
}
byte[] encrypted_body = wr.ToByteArray();
SSHUtil.WriteIntToByteArray(encrypted_body, 0, encrypted_body.Length - padding_len - 4);
//encrypt if necessary
if (passphrase != null)
{
Cipher c = CipherFactory.CreateCipher(SSHProtocol.SSH2, CipherAlgorithm.TripleDES, PassphraseToKey(passphrase, 24));
Debug.Assert(encrypted_body.Length % 8 == 0);
byte[] tmp = new Byte[encrypted_body.Length];
c.Encrypt(encrypted_body, 0, encrypted_body.Length, tmp, 0);
encrypted_body = tmp;
}
//step2 make binary key data
wr = new SSH2DataWriter();
wr.WriteInt32(MAGIC_VAL);
wr.WriteInt32(0); //for total size
wr.WriteString(_keypair.Algorithm == PublicKeyAlgorithm.RSA ?
"if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}" :
"dl-modp{sign{dsa-nist-sha1},dh{plain}}");
wr.WriteString(passphrase == null ? "none" : "3des-cbc");
wr.WriteAsString(encrypted_body);
byte[] rawdata = wr.ToByteArray();
SSHUtil.WriteIntToByteArray(rawdata, 4, rawdata.Length); //fix total length
//step3 write final data
StreamWriter sw = new StreamWriter(dest, Encoding.ASCII);
sw.WriteLine("---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----");
if (comment != null)
{
WriteKeyFileBlock(sw, "Comment: " + comment, true);
}
WriteKeyFileBlock(sw, Encoding.ASCII.GetString(Base64.Encode(rawdata)), false);
sw.WriteLine("---- END SSH2 ENCRYPTED PRIVATE KEY ----");
sw.Close();
}
public byte[] ToByteArray(string passphrase)
{
//step1 key body
SSH2DataWriter wr = new SSH2DataWriter();
wr.Write(0); //this field is filled later
if (_keypair.Algorithm == PublicKeyAlgorithm.RSA)
{
RSAKeyPair rsa = (RSAKeyPair)_keypair;
RSAPublicKey pub = (RSAPublicKey)_keypair.PublicKey;
wr.WriteBigIntWithBits(pub.Exponent);
wr.WriteBigIntWithBits(rsa.D);
wr.WriteBigIntWithBits(pub.Modulus);
wr.WriteBigIntWithBits(rsa.U);
wr.WriteBigIntWithBits(rsa.P);
wr.WriteBigIntWithBits(rsa.Q);
}
else
{
DSAKeyPair dsa = (DSAKeyPair)_keypair;
DSAPublicKey pub = (DSAPublicKey)_keypair.PublicKey;
wr.Write(0);
wr.WriteBigIntWithBits(pub.P);
wr.WriteBigIntWithBits(pub.G);
wr.WriteBigIntWithBits(pub.Q);
wr.WriteBigIntWithBits(pub.Y);
wr.WriteBigIntWithBits(dsa.X);
}
int padding_len = 0;
if (passphrase != null)
{
padding_len = 8 - (int)wr.Length % 8;
wr.Write(new byte[padding_len]);
}
byte[] encrypted_body = wr.ToByteArray();
SSHUtil.WriteIntToByteArray(encrypted_body, 0, encrypted_body.Length - padding_len - 4);
//encrypt if necessary
if (passphrase != null)
{
Cipher c = CipherFactory.CreateCipher(SSHProtocol.SSH2, CipherAlgorithm.TripleDES, PassphraseToKey(passphrase, 24));
Debug.Assert(encrypted_body.Length % 8 == 0);
byte[] tmp = new Byte[encrypted_body.Length];
c.Encrypt(encrypted_body, 0, encrypted_body.Length, tmp, 0);
encrypted_body = tmp;
}
//step2 make binary key data
wr = new SSH2DataWriter();
wr.Write(MAGIC_VAL);
wr.Write(0); //for total size
wr.Write(_keypair.Algorithm == PublicKeyAlgorithm.RSA ?
"if-modn{sign{rsa-pkcs1-sha1},encrypt{rsa-pkcs1v2-oaep}}" :
"dl-modp{sign{dsa-nist-sha1},dh{plain}}");
wr.Write(passphrase == null ? "none" : "3des-cbc");
wr.WriteAsString(encrypted_body);
byte[] rawdata = wr.ToByteArray();
SSHUtil.WriteIntToByteArray(rawdata, 4, rawdata.Length); //fix total length
return(rawdata);
}
public SSH2TransmissionPacket()
{
_writer = new SSH2DataWriter();
_dataFragment = new DataFragment(null, 0, 0);
_isOpen = false;
}
public SSH2TransmissionPacket()
{
_padding = new byte[32];
_writer = new SSH2DataWriter();
_is_open = false;
}
