using Renci.SshNet.Abstractions; using Renci.SshNet.Common; using Renci.SshNet.Messages.Authentication; using Renci.SshNet.Messages.Connection; using Renci.SshNet.Security; using Renci.SshNet.Security.Cryptography; using Renci.SshNet.Security.Cryptography.Ciphers; using Renci.SshNet.Security.Cryptography.Ciphers.Modes; using System; using System.Collections.Generic; using System.Linq; using System.Security.Cryptography; using System.Text; namespace Renci.SshNet { public class ConnectionInfo : IConnectionInfoInternal, IConnectionInfo { internal const int DefaultPort = 22; private static readonly TimeSpan DefaultTimeout = TimeSpan.FromSeconds(30); private static readonly TimeSpan DefaultChannelCloseTimeout = TimeSpan.FromSeconds(1); public IDictionary<string, Type> KeyExchangeAlgorithms { get; set; } public IDictionary<string, CipherInfo> Encryptions { get; set; } public IDictionary<string, HashInfo> HmacAlgorithms { get; set; } public IDictionary<string, Func<byte[], KeyHostAlgorithm>> HostKeyAlgorithms { get; set; } public IList<AuthenticationMethod> AuthenticationMethods { get; set; } public IDictionary<string, Type> CompressionAlgorithms { get; set; } public IDictionary<string, RequestInfo> ChannelRequests { get; set; } public bool IsAuthenticated { get; set; } public string Host { get; set; } public int Port { get; set; } public string Username { get; set; } public ProxyTypes ProxyType { get; set; } public string ProxyHost { get; set; } public int ProxyPort { get; set; } public string ProxyUsername { get; set; } public string ProxyPassword { get; set; } public TimeSpan Timeout { get; set; } public TimeSpan ChannelCloseTimeout { get; set; } public Encoding Encoding { get; set; } public int RetryAttempts { get; set; } public int MaxSessions { get; set; } public string CurrentKeyExchangeAlgorithm { get; set; } public string CurrentServerEncryption { get; set; } public string CurrentClientEncryption { get; set; } public string CurrentServerHmacAlgorithm { get; set; } public string CurrentClientHmacAlgorithm { get; set; } public string CurrentHostKeyAlgorithm { get; set; } public string CurrentServerCompressionAlgorithm { get; set; } public string ServerVersion { get; set; } public string ClientVersion { get; set; } public string CurrentClientCompressionAlgorithm { get; set; } IList<IAuthenticationMethod> IConnectionInfoInternal.AuthenticationMethods { get { return AuthenticationMethods.Cast<IAuthenticationMethod>().ToList(); } } public event EventHandler<AuthenticationBannerEventArgs> AuthenticationBanner; public ConnectionInfo(string host, string username, params AuthenticationMethod[] authenticationMethods) : this(host, 22, username, ProxyTypes.None, null, 0, null, null, authenticationMethods) { } public ConnectionInfo(string host, int port, string username, params AuthenticationMethod[] authenticationMethods) : this(host, port, username, ProxyTypes.None, null, 0, null, null, authenticationMethods) { } public ConnectionInfo(string host, int port, string username, ProxyTypes proxyType, string proxyHost, int proxyPort, string proxyUsername, string proxyPassword, params AuthenticationMethod[] authenticationMethods) { if (host == null) throw new ArgumentNullException("host"); port.ValidatePort("port"); if (username == null) throw new ArgumentNullException("username"); if (username.All(char.IsWhiteSpace)) throw new ArgumentException("Cannot be empty or contain only whitespace.", "username"); if (proxyType != 0) { if (proxyHost == null) throw new ArgumentNullException("proxyHost"); proxyPort.ValidatePort("proxyPort"); } if (authenticationMethods == null) throw new ArgumentNullException("authenticationMethods"); if (authenticationMethods.Length == 0) throw new ArgumentException("At least one authentication method should be specified.", "authenticationMethods"); Timeout = DefaultTimeout; ChannelCloseTimeout = DefaultChannelCloseTimeout; RetryAttempts = 10; MaxSessions = 10; Encoding = Encoding.UTF8; KeyExchangeAlgorithms = new Dictionary<string, Type> { { "curve25519-sha256", typeof(KeyExchangeECCurve25519) }, { "curve25519-sha256@libssh.org", typeof(KeyExchangeECCurve25519) }, { "ecdh-sha2-nistp256", typeof(KeyExchangeECDH256) }, { "ecdh-sha2-nistp384", typeof(KeyExchangeECDH384) }, { "ecdh-sha2-nistp521", typeof(KeyExchangeECDH521) }, { "diffie-hellman-group-exchange-sha256", typeof(KeyExchangeDiffieHellmanGroupExchangeSha256) }, { "diffie-hellman-group-exchange-sha1", typeof(KeyExchangeDiffieHellmanGroupExchangeSha1) }, { "diffie-hellman-group16-sha512", typeof(KeyExchangeDiffieHellmanGroup16Sha512) }, { "diffie-hellman-group14-sha256", typeof(KeyExchangeDiffieHellmanGroup14Sha256) }, { "diffie-hellman-group14-sha1", typeof(KeyExchangeDiffieHellmanGroup14Sha1) }, { "diffie-hellman-group1-sha1", typeof(KeyExchangeDiffieHellmanGroup1Sha1) } }; Encryptions = new Dictionary<string, CipherInfo> { { "aes256-ctr", new CipherInfo(256, (byte[] key, byte[] iv) => new AesCipher(key, new CtrCipherMode(iv), null)) }, { "3des-cbc", new CipherInfo(192, (byte[] key, byte[] iv) => new TripleDesCipher(key, new CbcCipherMode(iv), null)) }, { "aes128-cbc", new CipherInfo(128, (byte[] key, byte[] iv) => new AesCipher(key, new CbcCipherMode(iv), null)) }, { "aes192-cbc", new CipherInfo(192, (byte[] key, byte[] iv) => new AesCipher(key, new CbcCipherMode(iv), null)) }, { "aes256-cbc", new CipherInfo(256, (byte[] key, byte[] iv) => new AesCipher(key, new CbcCipherMode(iv), null)) }, { "blowfish-cbc", new CipherInfo(128, (byte[] key, byte[] iv) => new BlowfishCipher(key, new CbcCipherMode(iv), null)) }, { "twofish-cbc", new CipherInfo(256, (byte[] key, byte[] iv) => new TwofishCipher(key, new CbcCipherMode(iv), null)) }, { "twofish192-cbc", new CipherInfo(192, (byte[] key, byte[] iv) => new TwofishCipher(key, new CbcCipherMode(iv), null)) }, { "twofish128-cbc", new CipherInfo(128, (byte[] key, byte[] iv) => new TwofishCipher(key, new CbcCipherMode(iv), null)) }, { "twofish256-cbc", new CipherInfo(256, (byte[] key, byte[] iv) => new TwofishCipher(key, new CbcCipherMode(iv), null)) }, { "arcfour", new CipherInfo(128, (byte[] key, byte[] iv) => new Arc4Cipher(key, false)) }, { "arcfour128", new CipherInfo(128, (byte[] key, byte[] iv) => new Arc4Cipher(key, true)) }, { "arcfour256", new CipherInfo(256, (byte[] key, byte[] iv) => new Arc4Cipher(key, true)) }, { "cast128-cbc", new CipherInfo(128, (byte[] key, byte[] iv) => new CastCipher(key, new CbcCipherMode(iv), null)) }, { "aes128-ctr", new CipherInfo(128, (byte[] key, byte[] iv) => new AesCipher(key, new CtrCipherMode(iv), null)) }, { "aes192-ctr", new CipherInfo(192, (byte[] key, byte[] iv) => new AesCipher(key, new CtrCipherMode(iv), null)) } }; HmacAlgorithms = new Dictionary<string, HashInfo> { { "hmac-md5", new HashInfo(128, CryptoAbstraction.CreateHMACMD5) }, { "hmac-md5-96", new HashInfo(128, (byte[] key) => CryptoAbstraction.CreateHMACMD5(key, 96)) }, { "hmac-sha1", new HashInfo(160, CryptoAbstraction.CreateHMACSHA1) }, { "hmac-sha1-96", new HashInfo(160, (byte[] key) => CryptoAbstraction.CreateHMACSHA1(key, 96)) }, { "hmac-sha2-256", new HashInfo(256, CryptoAbstraction.CreateHMACSHA256) }, { "hmac-sha2-256-96", new HashInfo(256, (byte[] key) => CryptoAbstraction.CreateHMACSHA256(key, 96)) }, { "hmac-sha2-512", new HashInfo(512, CryptoAbstraction.CreateHMACSHA512) }, { "hmac-sha2-512-96", new HashInfo(512, (byte[] key) => CryptoAbstraction.CreateHMACSHA512(key, 96)) }, { "hmac-ripemd160", new HashInfo(160, CryptoAbstraction.CreateHMACRIPEMD160) }, { "hmac-ripemd160@openssh.com", new HashInfo(160, CryptoAbstraction.CreateHMACRIPEMD160) } }; HostKeyAlgorithms = new Dictionary<string, Func<byte[], KeyHostAlgorithm>> { { "ssh-ed25519", (byte[] data) => new KeyHostAlgorithm("ssh-ed25519", new ED25519Key(), data) }, { "ecdsa-sha2-nistp256", (byte[] data) => new KeyHostAlgorithm("ecdsa-sha2-nistp256", new EcdsaKey(), data) }, { "ecdsa-sha2-nistp384", (byte[] data) => new KeyHostAlgorithm("ecdsa-sha2-nistp384", new EcdsaKey(), data) }, { "ecdsa-sha2-nistp521", (byte[] data) => new KeyHostAlgorithm("ecdsa-sha2-nistp521", new EcdsaKey(), data) }, { "rsa-sha2-512", delegate(byte[] data) { RsaKey rsaKey2 = new RsaKey(); return new KeyHostAlgorithm("rsa-sha2-512", rsaKey2, data, new RsaDigitalSignature(rsaKey2, HashAlgorithmName.SHA512)); } }, { "rsa-sha2-256", delegate(byte[] data) { RsaKey rsaKey = new RsaKey(); return new KeyHostAlgorithm("rsa-sha2-256", rsaKey, data, new RsaDigitalSignature(rsaKey, HashAlgorithmName.SHA256)); } }, { "ssh-rsa", (byte[] data) => new KeyHostAlgorithm("ssh-rsa", new RsaKey(), data) }, { "ssh-dss", (byte[] data) => new KeyHostAlgorithm("ssh-dss", new DsaKey(), data) } }; CompressionAlgorithms = new Dictionary<string, Type> { { "none", null } }; ChannelRequests = new Dictionary<string, RequestInfo> { { "env", new EnvironmentVariableRequestInfo() }, { "exec", new ExecRequestInfo() }, { "exit-signal", new ExitSignalRequestInfo() }, { "exit-status", new ExitStatusRequestInfo() }, { "pty-req", new PseudoTerminalRequestInfo() }, { "shell", new ShellRequestInfo() }, { "signal", new SignalRequestInfo() }, { "subsystem", new SubsystemRequestInfo() }, { "window-change", new WindowChangeRequestInfo() }, { "x11-req", new X11ForwardingRequestInfo() }, { "xon-xoff", new XonXoffRequestInfo() }, { "eow@openssh.com", new EndOfWriteRequestInfo() }, { "keepalive@openssh.com", new KeepAliveRequestInfo() } }; Host = host; Port = port; Username = username; ProxyType = proxyType; ProxyHost = proxyHost; ProxyPort = proxyPort; ProxyUsername = proxyUsername; ProxyPassword = proxyPassword; AuthenticationMethods = authenticationMethods; } internal void Authenticate(ISession session, IServiceFactory serviceFactory) { if (serviceFactory == null) throw new ArgumentNullException("serviceFactory"); IsAuthenticated = false; serviceFactory.CreateClientAuthentication().Authenticate(this, session); IsAuthenticated = true; } void IConnectionInfoInternal.UserAuthenticationBannerReceived(object sender, MessageEventArgs<BannerMessage> e) { this.AuthenticationBanner?.Invoke(this, new AuthenticationBannerEventArgs(Username, e.Message.Message, e.Message.Language)); } IAuthenticationMethod IConnectionInfoInternal.CreateNoneAuthenticationMethod() { return new NoneAuthenticationMethod(Username); } } }