using Renci.SshNet.Common; using Renci.SshNet.Security.Cryptography; using System; using System.IO; using System.Runtime.InteropServices; using System.Security.Cryptography; using System.Text; namespace Renci.SshNet.Security { public class EcdsaKey : Key, IDisposable { internal enum KeyBlobMagicNumber { BCRYPT_ECDSA_PUBLIC_P256_MAGIC = 827540293, BCRYPT_ECDSA_PRIVATE_P256_MAGIC = 844317509, BCRYPT_ECDSA_PUBLIC_P384_MAGIC = 861094725, BCRYPT_ECDSA_PRIVATE_P384_MAGIC = 877871941, BCRYPT_ECDSA_PUBLIC_P521_MAGIC = 894649157, BCRYPT_ECDSA_PRIVATE_P521_MAGIC = 911426373, BCRYPT_ECDH_PUBLIC_P256_MAGIC = 827016005, BCRYPT_ECDH_PRIVATE_P256_MAGIC = 843793221, BCRYPT_ECDH_PUBLIC_P384_MAGIC = 860570437, BCRYPT_ECDH_PRIVATE_P384_MAGIC = 877347653, BCRYPT_ECDH_PUBLIC_P521_MAGIC = 894124869, BCRYPT_ECDH_PRIVATE_P521_MAGIC = 910902085, BCRYPT_ECDH_PUBLIC_GENERIC_MAGIC = 1347109701, BCRYPT_ECDH_PRIVATE_GENERIC_MAGIC = 1447772997 } internal struct BCRYPT_ECCKEY_BLOB { internal KeyBlobMagicNumber Magic; internal int cbKey; } internal const string ECDSA_P256_OID_VALUE = "1.2.840.10045.3.1.7"; internal const string ECDSA_P384_OID_VALUE = "1.3.132.0.34"; internal const string ECDSA_P521_OID_VALUE = "1.3.132.0.35"; private CngKey key; private EcdsaDigitalSignature _digitalSignature; private bool _isDisposed; public CngAlgorithm HashAlgorithm { get { switch (Ecdsa.KeySize) { case 256: return CngAlgorithm.Sha256; case 384: return CngAlgorithm.Sha384; case 521: return CngAlgorithm.Sha512; default: throw new SshException("Unknown KeySize: " + Ecdsa.KeySize.ToString()); } } } public override int KeyLength => Ecdsa.KeySize; protected override DigitalSignature DigitalSignature { get { if (_digitalSignature == null) _digitalSignature = new EcdsaDigitalSignature(this); return _digitalSignature; } } public override BigInteger[] Public { get { KeyBlobMagicNumber keyBlobMagicNumber; byte[] array = default(byte[]); byte[] array2 = default(byte[]); using (BinaryReader binaryReader = new BinaryReader(new MemoryStream(key.Export(CngKeyBlobFormat.EccPublicBlob)))) { keyBlobMagicNumber = (KeyBlobMagicNumber)binaryReader.ReadInt32(); int count = binaryReader.ReadInt32(); array = binaryReader.ReadBytes(count); array2 = binaryReader.ReadBytes(count); } byte[] bytes; switch (keyBlobMagicNumber) { case KeyBlobMagicNumber.BCRYPT_ECDSA_PUBLIC_P256_MAGIC: bytes = Encoding.ASCII.GetBytes("nistp256"); break; case KeyBlobMagicNumber.BCRYPT_ECDSA_PUBLIC_P384_MAGIC: bytes = Encoding.ASCII.GetBytes("nistp384"); break; case KeyBlobMagicNumber.BCRYPT_ECDSA_PUBLIC_P521_MAGIC: bytes = Encoding.ASCII.GetBytes("nistp521"); break; default: throw new SshException("Unexpected Curve Magic: " + keyBlobMagicNumber.ToString()); } byte[] array3 = new byte[1 + array.Length + array2.Length]; Buffer.SetByte(array3, 0, 4); Buffer.BlockCopy(array, 0, array3, 1, array.Length); Buffer.BlockCopy(array2, 0, array3, array.Length + 1, array2.Length); return new BigInteger[2] { new BigInteger(bytes.Reverse()), new BigInteger(array3.Reverse()) }; } set { string string = Encoding.ASCII.GetString(value[0].ToByteArray().Reverse()); string curveOid = GetCurveOid(string); byte[] publickey = value[1].ToByteArray().Reverse(); Import(curveOid, publickey, null); } } public ECDsa Ecdsa { get; set; } public override string ToString() { return $"""{KeyLength}"; } public EcdsaKey() { } public EcdsaKey(string curve, byte[] publickey, byte[] privatekey) { Import(GetCurveOid(curve), publickey, privatekey); } public EcdsaKey(byte[] data) { DerData derData = new DerData(data, false); derData.ReadBigInteger(); byte[] privatekey = derData.ReadOctetString().TrimLeadingZeros(); byte b = derData.ReadByte(); if ((b & 224) != 160) throw new SshException($"""{b:""}"); int num = b & 31; if (num != 0) throw new SshException($"""{num}"); byte[] oid = new DerData(derData.ReadBytes(derData.ReadLength()), true).ReadObject(); b = derData.ReadByte(); if ((b & 224) != 160) throw new SshException($"""{b:""}"); num = (b & 31); if (num != 1) throw new SshException($"""{num}"); byte[] publickey = new DerData(derData.ReadBytes(derData.ReadLength()), true).ReadBitString().TrimLeadingZeros(); Import(OidByteArrayToString(oid), publickey, privatekey); } private void Import(string curve_oid, byte[] publickey, byte[] privatekey) { KeyBlobMagicNumber keyBlobMagicNumber = KeyBlobMagicNumber.BCRYPT_ECDH_PRIVATE_GENERIC_MAGIC; switch (GetCurveName(curve_oid)) { case "nistp256": keyBlobMagicNumber = ((privatekey == null) ? KeyBlobMagicNumber.BCRYPT_ECDSA_PUBLIC_P256_MAGIC : KeyBlobMagicNumber.BCRYPT_ECDSA_PRIVATE_P256_MAGIC); break; case "nistp384": keyBlobMagicNumber = ((privatekey == null) ? KeyBlobMagicNumber.BCRYPT_ECDSA_PUBLIC_P384_MAGIC : KeyBlobMagicNumber.BCRYPT_ECDSA_PRIVATE_P384_MAGIC); break; case "nistp521": keyBlobMagicNumber = ((privatekey == null) ? KeyBlobMagicNumber.BCRYPT_ECDSA_PUBLIC_P521_MAGIC : KeyBlobMagicNumber.BCRYPT_ECDSA_PRIVATE_P521_MAGIC); break; default: throw new SshException("Unknown: " + curve_oid); } int num = (publickey.Length - 1) / 2; byte[] array = new byte[num]; Buffer.BlockCopy(publickey, 1, array, 0, array.Length); byte[] array2 = new byte[num]; Buffer.BlockCopy(publickey, num + 1, array2, 0, array2.Length); if (privatekey != null) privatekey = privatekey.Pad(num); int num2 = Marshal.SizeOf(typeof(BCRYPT_ECCKEY_BLOB)) + array.Length + array2.Length; if (privatekey != null) num2 += privatekey.Length; byte[] array3 = new byte[num2]; using (BinaryWriter binaryWriter = new BinaryWriter(new MemoryStream(array3))) { binaryWriter.Write((int)keyBlobMagicNumber); binaryWriter.Write(num); binaryWriter.Write(array); binaryWriter.Write(array2); if (privatekey != null) binaryWriter.Write(privatekey); } key = CngKey.Import(array3, (privatekey == null) ? CngKeyBlobFormat.EccPublicBlob : CngKeyBlobFormat.EccPrivateBlob); Ecdsa = new ECDsaCng(key); } private string GetCurveOid(string curve_s) { switch (curve_s.ToLower()) { case "nistp256": return "1.2.840.10045.3.1.7"; case "nistp384": return "1.3.132.0.34"; case "nistp521": return "1.3.132.0.35"; default: throw new SshException("Unexpected Curve Name: " + curve_s); } } private string GetCurveName(string oid) { if (oid != null) { if (oid == "1.2.840.10045.3.1.7") return "nistp256"; if (oid == "1.3.132.0.34") return "nistp384"; if (oid == "1.3.132.0.35") return "nistp521"; } throw new SshException("Unexpected OID: " + oid); } private string OidByteArrayToString(byte[] oid) { StringBuilder stringBuilder = new StringBuilder(); for (int i = 0; i < oid.Length; i++) { if (i == 0) { int num = (int)oid[0] % 40; int num2 = (oid[0] - num) / 40; stringBuilder.AppendFormat("{0}.{1}", num2, num); } else if (oid[i] < 128) { stringBuilder.AppendFormat(".{0}", oid[i]); } else { stringBuilder.AppendFormat(".{0}", (oid[i] - 128) * 128 + oid[i + 1]); i++; } } return stringBuilder.ToString(); } public void Dispose() { Dispose(true); GC.SuppressFinalize(this); } protected virtual void Dispose(bool disposing) { if (!_isDisposed && disposing) _isDisposed = true; } ~EcdsaKey() { Dispose(false); } } }