public int GenerateBytes(byte[] outBytes, int outOff, int len)
{
// TODO Create an ASN.1 class for this (RFC3278)
// ECC-CMS-SharedInfo
var s = new DerSequence(
new AlgorithmIdentifier(_algorithm, DerNull.Instance),
new DerTaggedObject(true, 2, new DerOctetString(IntegerToBytes(_keySize))));
_kdf.Init(new KdfParameters(_z, s.GetDerEncoded()));
return _kdf.GenerateBytes(outBytes, outOff, len);
}
public virtual int GenerateBytes(byte[] outBytes, int outOff, int len)
{
// TODO Create an ASN.1 class for this (RFC3278)
// ECC-CMS-SharedInfo
DerSequence s = new DerSequence(
new AlgorithmIdentifier(algorithm, DerNull.Instance),
new DerTaggedObject(true, 2, new DerOctetString(Pack.UInt32_To_BE((uint)keySize))));
kdf.Init(new KdfParameters(z, s.GetDerEncoded()));
return kdf.GenerateBytes(outBytes, outOff, len);
}
public int GenerateBytes(
byte[] outBytes,
int outOff,
int len)
{
// ECC-CMS-SharedInfo
DerSequence s = new DerSequence(
new AlgorithmIdentifier(algorithm, DerNull.Instance),
new DerTaggedObject(true, 2, new DerOctetString(integerToBytes(keySize))));
kdf.Init(new KdfParameters(z, s.GetDerEncoded()));
return kdf.GenerateBytes(outBytes, outOff, len);
}
public void TestSignRequest()
{
var agentClient = new TestAgentClient();
var data = Encoding.UTF8.GetBytes("Data to be signed");
foreach (var key in allKeys) {
agentClient.Agent.AddKey(key);
var signature = agentClient.SignRequest(key, data);
switch (key.Version) {
case SshVersion.SSH1:
using (MD5 md5 = MD5.Create()) {
var md5Buffer = new byte[48];
data.CopyTo(md5Buffer, 0);
agentClient.SessionId.CopyTo(md5Buffer, 32);
var expctedSignature = md5.ComputeHash(md5Buffer);
Assert.That(signature, Is.EqualTo(expctedSignature));
}
break;
case SshVersion.SSH2:
BlobParser signatureParser = new BlobParser(signature);
var algorithm = signatureParser.ReadString();
Assert.That(algorithm, Is.EqualTo(key.Algorithm.GetIdentifierString()));
signature = signatureParser.ReadBlob();
if (key.Algorithm == PublicKeyAlgorithm.SSH_RSA) {
Assert.That(signature.Length == key.Size / 8);
} else if (key.Algorithm == PublicKeyAlgorithm.SSH_DSS) {
Assert.That(signature.Length, Is.EqualTo(40));
var r = new BigInteger(1, signature, 0, 20);
var s = new BigInteger(1, signature, 20, 20);
var seq = new DerSequence(new DerInteger(r), new DerInteger(s));
signature = seq.GetDerEncoded();
} else if (key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP256 ||
key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP384 ||
key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP521) {
Assert.That(signature.Length, Is.AtLeast(key.Size / 4 + 8));
Assert.That(signature.Length, Is.AtMost(key.Size / 4 + 10));
BlobParser parser = new BlobParser(signature);
var r = new BigInteger(parser.ReadBlob());
var s = new BigInteger(parser.ReadBlob());
var seq = new DerSequence(new DerInteger(r), new DerInteger(s));
signature = seq.GetDerEncoded();
}
var signer = key.GetSigner();
signer.Init(false, key.GetPublicKeyParameters());
signer.BlockUpdate(data, 0, data.Length);
var valid = signer.VerifySignature(signature);
Assert.That(valid, Is.True);
break;
default:
Assert.Fail("Unexpected Ssh Version");
break;
}
}
}
public void TestAnswerSSH2_AGENTC_SIGN_REQUEST()
{
const string signatureData = "this is the data that gets signed";
byte[] signatureDataBytes = Encoding.UTF8.GetBytes(signatureData);
BlobBuilder builder = new BlobBuilder();
Agent agent = new TestAgent(allKeys);
Agent.BlobHeader header;
byte[] signatureBlob;
BlobParser signatureParser;
string algorithm;
byte[] signature;
ISigner signer;
bool signatureOk;
BigInteger r, s;
DerSequence seq;
/* test signatures */
foreach (ISshKey key in allKeys.Where(key => key.Version == SshVersion.SSH2)) {
builder.Clear();
builder.AddBlob(key.GetPublicKeyBlob());
builder.AddStringBlob(signatureData);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_SIGN_REQUEST);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
/* check that proper response type was received */
header = parser.ReadHeader();
Assert.That(header.Message,
Is.EqualTo(Agent.Message.SSH2_AGENT_SIGN_RESPONSE));
signatureBlob = parser.ReadBlob();
signatureParser = new BlobParser(signatureBlob);
algorithm = signatureParser.ReadString();
Assert.That(algorithm, Is.EqualTo(key.Algorithm.GetIdentifierString()));
signature = signatureParser.ReadBlob();
if (key.Algorithm == PublicKeyAlgorithm.SSH_RSA) {
Assert.That(signature.Length == key.Size / 8);
} else if (key.Algorithm == PublicKeyAlgorithm.SSH_DSS) {
Assert.That(signature.Length, Is.EqualTo(40));
r = new BigInteger(1, signature, 0, 20);
s = new BigInteger(1, signature, 20, 20);
seq = new DerSequence(new DerInteger(r), new DerInteger(s));
signature = seq.GetDerEncoded();
} else if (key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP256 ||
key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP384 ||
key.Algorithm == PublicKeyAlgorithm.ECDSA_SHA2_NISTP521) {
Assert.That(signature.Length, Is.AtLeast(key.Size / 4 + 8));
Assert.That(signature.Length, Is.AtMost(key.Size / 4 + 10));
BlobParser sigParser = new BlobParser(signature);
r = new BigInteger(sigParser.ReadBlob());
s = new BigInteger(sigParser.ReadBlob());
seq = new DerSequence(new DerInteger(r), new DerInteger(s));
signature = seq.GetDerEncoded();
} else if (key.Algorithm == PublicKeyAlgorithm.ED25519) {
Assert.That(signature.Length, Is.EqualTo(64));
}
signer = key.GetSigner();
signer.Init(false, key.GetPublicKeyParameters());
signer.BlockUpdate(signatureDataBytes, 0, signatureDataBytes.Length);
signatureOk = signer.VerifySignature(signature);
Assert.That(signatureOk, Is.True, "invalid signature");
Assert.That(header.BlobLength, Is.EqualTo(stream.Position - 4));
}
/* test DSA key old signature format */
builder.Clear();
builder.AddBlob(dsaKey.GetPublicKeyBlob());
builder.AddStringBlob(signatureData);
builder.AddInt((uint)Agent.SignRequestFlags.SSH_AGENT_OLD_SIGNATURE);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_SIGN_REQUEST);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header = parser.ReadHeader();
Assert.That(header.Message,
Is.EqualTo(Agent.Message.SSH2_AGENT_SIGN_RESPONSE));
signatureBlob = parser.ReadBlob();
signatureParser = new BlobParser(signatureBlob);
signature = signatureParser.ReadBlob();
Assert.That(signature.Length == 40);
r = new BigInteger(1, signature, 0, 20);
s = new BigInteger(1, signature, 20, 20);
seq = new DerSequence(new DerInteger(r), new DerInteger(s));
signature = seq.GetDerEncoded();
signer = dsaKey.GetSigner();
signer.Init(false, dsaKey.GetPublicKeyParameters());
signer.BlockUpdate(signatureDataBytes, 0, signatureDataBytes.Length);
signatureOk = signer.VerifySignature(signature);
Assert.That(signatureOk, Is.True, "invalid signature");
Assert.That(header.BlobLength, Is.EqualTo(stream.Position - 4));
/* test key not found */
agent = new TestAgent();
builder.Clear();
builder.AddBlob(dsaKey.GetPublicKeyBlob());
builder.AddStringBlob(signatureData);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_SIGN_REQUEST);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
Agent.BlobHeader header2 = parser.ReadHeader();
Assert.That(header2.BlobLength, Is.EqualTo(1));
Assert.That(header2.Message, Is.EqualTo(Agent.Message.SSH_AGENT_FAILURE));
/* test confirm constraint */
agent = new TestAgent();
Agent.KeyConstraint testConstraint = new Agent.KeyConstraint();
testConstraint.Type = Agent.KeyConstraintType.SSH_AGENT_CONSTRAIN_CONFIRM;
SshKey testKey = dsaKey.Clone();
bool confirmCallbackReturnValue = false;
agent.ConfirmUserPermissionCallback = delegate(ISshKey k, Process p)
{
return confirmCallbackReturnValue;
};
testKey.AddConstraint(testConstraint);
agent.AddKey(testKey);
builder.Clear();
builder.AddBlob(dsaKey.GetPublicKeyBlob());
builder.AddStringBlob(signatureData);
builder.InsertHeader(Agent.Message.SSH2_AGENTC_SIGN_REQUEST);
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header2 = parser.ReadHeader();
Assert.That(header2.BlobLength, Is.EqualTo(1));
Assert.That(header2.Message, Is.EqualTo(Agent.Message.SSH_AGENT_FAILURE));
confirmCallbackReturnValue = true;
PrepareMessage(builder);
agent.AnswerMessage(stream);
RewindStream();
header2 = parser.ReadHeader();
Assert.That(header2.BlobLength, Is.Not.EqualTo(1));
Assert.That(header2.Message, Is.EqualTo(Agent.Message.SSH2_AGENT_SIGN_RESPONSE));
}