using Renci.SshNet.Common; using Renci.SshNet.Security.Cryptography; using System.Text; namespace Renci.SshNet.Security { public class KeyHostAlgorithm : HostAlgorithm { internal sealed class SignatureKeyData : SshData { public string AlgorithmName { get; set; } public byte[] Signature { get; set; } protected override int BufferCapacity => base.BufferCapacity + 4 + Encoding.UTF8.GetByteCount(AlgorithmName) + 4 + Signature.Length; public SignatureKeyData() { } public SignatureKeyData(string name, byte[] signature) { AlgorithmName = name; Signature = signature; } protected override void LoadData() { AlgorithmName = ReadString(null); Signature = ReadBinary(); } protected override void SaveData() { Write(AlgorithmName); WriteBinaryString(Signature); } } public Key Key { get; set; } public DigitalSignature DigitalSignature { get; set; } public override byte[] Data => new SshKeyData((Key is RsaKey) ? "ssh-rsa" : base.Name, Key.Public).GetBytes(); public KeyHostAlgorithm(string name, Key key) : base(name) { Key = key; DigitalSignature = key.DigitalSignature; } public KeyHostAlgorithm(string name, Key key, DigitalSignature digitalSignature) : base(name) { Key = key; DigitalSignature = digitalSignature; } public override byte[] Sign(byte[] data) { return new SignatureKeyData(base.Name, DigitalSignature.Sign(data)).GetBytes(); } public override bool VerifySignature(byte[] data, byte[] signature) { SignatureKeyData signatureKeyData = new SignatureKeyData(); signatureKeyData.Load(signature); return DigitalSignature.Verify(data, signatureKeyData.Signature); } } }