using Renci.SshNet.Abstractions; using Renci.SshNet.Common; using Renci.SshNet.Compression; using Renci.SshNet.Messages.Authentication; using Renci.SshNet.Messages.Connection; using Renci.SshNet.Security; using Renci.SshNet.Security.Cryptography; using Renci.SshNet.Security.Cryptography.Ciphers; using Renci.SshNet.Security.Cryptography.Ciphers.Modes; using System; using System.Collections.Generic; using System.Linq; using System.Security.Cryptography; using System.Text; namespace Renci.SshNet { public class ConnectionInfo : IConnectionInfoInternal, IConnectionInfo { internal const int DefaultPort = 22; private static readonly TimeSpan DefaultTimeout = TimeSpan.FromSeconds(30); private static readonly TimeSpan DefaultChannelCloseTimeout = TimeSpan.FromSeconds(1); private TimeSpan _timeout; private TimeSpan _channelCloseTimeout; public IDictionary<string, Func<IKeyExchange>> KeyExchangeAlgorithms { get; set; } public IDictionary<string, CipherInfo> Encryptions { get; set; } public IDictionary<string, HashInfo> HmacAlgorithms { get; set; } public IDictionary<string, Func<byte[], KeyHostAlgorithm>> HostKeyAlgorithms { get; set; } public IList<AuthenticationMethod> AuthenticationMethods { get; set; } public IDictionary<string, Func<Compressor>> CompressionAlgorithms { get; set; } public IDictionary<string, RequestInfo> ChannelRequests { get; set; } public bool IsAuthenticated { get; set; } public string Host { get; set; } public int Port { get; set; } public string Username { get; set; } public ProxyTypes ProxyType { get; set; } public string ProxyHost { get; set; } public int ProxyPort { get; set; } public string ProxyUsername { get; set; } public string ProxyPassword { get; set; } public TimeSpan Timeout { get { return _timeout; } set { value.EnsureValidTimeout("Timeout"); _timeout = value; } } public TimeSpan ChannelCloseTimeout { get { return _channelCloseTimeout; } set { value.EnsureValidTimeout("ChannelCloseTimeout"); _channelCloseTimeout = value; } } public Encoding Encoding { get; set; } public int RetryAttempts { get; set; } public int MaxSessions { get; set; } public string CurrentKeyExchangeAlgorithm { get; set; } public string CurrentServerEncryption { get; set; } public string CurrentClientEncryption { get; set; } public string CurrentServerHmacAlgorithm { get; set; } public string CurrentClientHmacAlgorithm { get; set; } public string CurrentHostKeyAlgorithm { get; set; } public string CurrentServerCompressionAlgorithm { get; set; } public string ServerVersion { get; set; } public string ClientVersion { get; set; } public string CurrentClientCompressionAlgorithm { get; set; } IList<IAuthenticationMethod> IConnectionInfoInternal.AuthenticationMethods { get { return AuthenticationMethods.Cast<IAuthenticationMethod>().ToList(); } } public event EventHandler<AuthenticationBannerEventArgs> AuthenticationBanner; public ConnectionInfo(string host, string username, params AuthenticationMethod[] authenticationMethods) : this(host, 22, username, ProxyTypes.None, null, 0, null, null, authenticationMethods) { } public ConnectionInfo(string host, int port, string username, params AuthenticationMethod[] authenticationMethods) : this(host, port, username, ProxyTypes.None, null, 0, null, null, authenticationMethods) { } public ConnectionInfo(string host, int port, string username, ProxyTypes proxyType, string proxyHost, int proxyPort, string proxyUsername, string proxyPassword, params AuthenticationMethod[] authenticationMethods) { if (host == null) throw new ArgumentNullException("host"); port.ValidatePort("port"); if (username == null) throw new ArgumentNullException("username"); if (username.All(char.IsWhiteSpace)) throw new ArgumentException("Cannot be empty or contain only whitespace.", "username"); if (proxyType != 0) { if (proxyHost == null) throw new ArgumentNullException("proxyHost"); proxyPort.ValidatePort("proxyPort"); } if (authenticationMethods == null) throw new ArgumentNullException("authenticationMethods"); if (authenticationMethods.Length == 0) throw new ArgumentException("At least one authentication method should be specified.", "authenticationMethods"); Timeout = DefaultTimeout; ChannelCloseTimeout = DefaultChannelCloseTimeout; RetryAttempts = 10; MaxSessions = 10; Encoding = Encoding.UTF8; KeyExchangeAlgorithms = new Dictionary<string, Func<IKeyExchange>> { { "curve25519-sha256", () => new KeyExchangeECCurve25519() }, { "curve25519-sha256@libssh.org", () => new KeyExchangeECCurve25519() }, { "ecdh-sha2-nistp256", () => new KeyExchangeECDH256() }, { "ecdh-sha2-nistp384", () => new KeyExchangeECDH384() }, { "ecdh-sha2-nistp521", () => new KeyExchangeECDH521() }, { "diffie-hellman-group-exchange-sha256", () => new KeyExchangeDiffieHellmanGroupExchangeSha256() }, { "diffie-hellman-group-exchange-sha1", () => new KeyExchangeDiffieHellmanGroupExchangeSha1() }, { "diffie-hellman-group16-sha512", () => new KeyExchangeDiffieHellmanGroup16Sha512() }, { "diffie-hellman-group14-sha256", () => new KeyExchangeDiffieHellmanGroup14Sha256() }, { "diffie-hellman-group14-sha1", () => new KeyExchangeDiffieHellmanGroup14Sha1() }, { "diffie-hellman-group1-sha1", () => new KeyExchangeDiffieHellmanGroup1Sha1() } }; Encryptions = new Dictionary<string, CipherInfo>(); Encryptions.Add("aes128-ctr", new CipherInfo(128, (byte[] key, byte[] iv) => new AesCipher(key, iv, AesCipherMode.CTR, false), false)); Encryptions.Add("aes192-ctr", new CipherInfo(192, (byte[] key, byte[] iv) => new AesCipher(key, iv, AesCipherMode.CTR, false), false)); Encryptions.Add("aes256-ctr", new CipherInfo(256, (byte[] key, byte[] iv) => new AesCipher(key, iv, AesCipherMode.CTR, false), false)); Encryptions.Add("aes128-cbc", new CipherInfo(128, (byte[] key, byte[] iv) => new AesCipher(key, iv, AesCipherMode.CBC, false), false)); Encryptions.Add("aes192-cbc", new CipherInfo(192, (byte[] key, byte[] iv) => new AesCipher(key, iv, AesCipherMode.CBC, false), false)); Encryptions.Add("aes256-cbc", new CipherInfo(256, (byte[] key, byte[] iv) => new AesCipher(key, iv, AesCipherMode.CBC, false), false)); Encryptions.Add("3des-cbc", new CipherInfo(192, (byte[] key, byte[] iv) => new TripleDesCipher(key, new CbcCipherMode(iv), null), false)); Encryptions.Add("blowfish-cbc", new CipherInfo(128, (byte[] key, byte[] iv) => new BlowfishCipher(key, new CbcCipherMode(iv), null), false)); Encryptions.Add("twofish-cbc", new CipherInfo(256, (byte[] key, byte[] iv) => new TwofishCipher(key, new CbcCipherMode(iv), null), false)); Encryptions.Add("twofish192-cbc", new CipherInfo(192, (byte[] key, byte[] iv) => new TwofishCipher(key, new CbcCipherMode(iv), null), false)); Encryptions.Add("twofish128-cbc", new CipherInfo(128, (byte[] key, byte[] iv) => new TwofishCipher(key, new CbcCipherMode(iv), null), false)); Encryptions.Add("twofish256-cbc", new CipherInfo(256, (byte[] key, byte[] iv) => new TwofishCipher(key, new CbcCipherMode(iv), null), false)); Encryptions.Add("arcfour", new CipherInfo(128, (byte[] key, byte[] iv) => new Arc4Cipher(key, false), false)); Encryptions.Add("arcfour128", new CipherInfo(128, (byte[] key, byte[] iv) => new Arc4Cipher(key, true), false)); Encryptions.Add("arcfour256", new CipherInfo(256, (byte[] key, byte[] iv) => new Arc4Cipher(key, true), false)); Encryptions.Add("cast128-cbc", new CipherInfo(128, (byte[] key, byte[] iv) => new CastCipher(key, new CbcCipherMode(iv), null), false)); HmacAlgorithms = new Dictionary<string, HashInfo> { { "hmac-sha2-256", new HashInfo(256, (byte[] key) => CryptoAbstraction.CreateHMACSHA256(key), false) }, { "hmac-sha2-512", new HashInfo(512, (byte[] key) => CryptoAbstraction.CreateHMACSHA512(key), false) }, { "hmac-sha2-512-96", new HashInfo(512, (byte[] key) => CryptoAbstraction.CreateHMACSHA512(key, 96), false) }, { "hmac-sha2-256-96", new HashInfo(256, (byte[] key) => CryptoAbstraction.CreateHMACSHA256(key, 96), false) }, { "hmac-sha1", new HashInfo(160, (byte[] key) => CryptoAbstraction.CreateHMACSHA1(key), false) }, { "hmac-sha1-96", new HashInfo(160, (byte[] key) => CryptoAbstraction.CreateHMACSHA1(key, 96), false) }, { "hmac-md5", new HashInfo(128, (byte[] key) => CryptoAbstraction.CreateHMACMD5(key), false) }, { "hmac-md5-96", new HashInfo(128, (byte[] key) => CryptoAbstraction.CreateHMACMD5(key, 96), false) }, { "hmac-sha2-256-etm@openssh.com", new HashInfo(256, (byte[] key) => CryptoAbstraction.CreateHMACSHA256(key), true) }, { "hmac-sha2-512-etm@openssh.com", new HashInfo(512, (byte[] key) => CryptoAbstraction.CreateHMACSHA512(key), true) }, { "hmac-sha1-etm@openssh.com", new HashInfo(160, (byte[] key) => CryptoAbstraction.CreateHMACSHA1(key), true) }, { "hmac-sha1-96-etm@openssh.com", new HashInfo(160, (byte[] key) => CryptoAbstraction.CreateHMACSHA1(key, 96), true) }, { "hmac-md5-etm@openssh.com", new HashInfo(128, (byte[] key) => CryptoAbstraction.CreateHMACMD5(key), true) }, { "hmac-md5-96-etm@openssh.com", new HashInfo(128, (byte[] key) => CryptoAbstraction.CreateHMACMD5(key, 96), true) } }; HostKeyAlgorithms = new Dictionary<string, Func<byte[], KeyHostAlgorithm>> { { "ssh-ed25519", (byte[] data) => new KeyHostAlgorithm("ssh-ed25519", new ED25519Key(new SshKeyData(data))) }, { "ecdsa-sha2-nistp256", (byte[] data) => new KeyHostAlgorithm("ecdsa-sha2-nistp256", new EcdsaKey(new SshKeyData(data))) }, { "ecdsa-sha2-nistp384", (byte[] data) => new KeyHostAlgorithm("ecdsa-sha2-nistp384", new EcdsaKey(new SshKeyData(data))) }, { "ecdsa-sha2-nistp521", (byte[] data) => new KeyHostAlgorithm("ecdsa-sha2-nistp521", new EcdsaKey(new SshKeyData(data))) }, { "rsa-sha2-512", delegate(byte[] data) { RsaKey rsaKey2 = new RsaKey(new SshKeyData(data)); return new KeyHostAlgorithm("rsa-sha2-512", rsaKey2, new RsaDigitalSignature(rsaKey2, HashAlgorithmName.SHA512)); } }, { "rsa-sha2-256", delegate(byte[] data) { RsaKey rsaKey = new RsaKey(new SshKeyData(data)); return new KeyHostAlgorithm("rsa-sha2-256", rsaKey, new RsaDigitalSignature(rsaKey, HashAlgorithmName.SHA256)); } }, { "ssh-rsa", (byte[] data) => new KeyHostAlgorithm("ssh-rsa", new RsaKey(new SshKeyData(data))) }, { "ssh-dss", (byte[] data) => new KeyHostAlgorithm("ssh-dss", new DsaKey(new SshKeyData(data))) } }; CompressionAlgorithms = new Dictionary<string, Func<Compressor>> { { "none", null } }; ChannelRequests = new Dictionary<string, RequestInfo> { { "env", new EnvironmentVariableRequestInfo() }, { "exec", new ExecRequestInfo() }, { "exit-signal", new ExitSignalRequestInfo() }, { "exit-status", new ExitStatusRequestInfo() }, { "pty-req", new PseudoTerminalRequestInfo() }, { "shell", new ShellRequestInfo() }, { "signal", new SignalRequestInfo() }, { "subsystem", new SubsystemRequestInfo() }, { "window-change", new WindowChangeRequestInfo() }, { "x11-req", new X11ForwardingRequestInfo() }, { "xon-xoff", new XonXoffRequestInfo() }, { "eow@openssh.com", new EndOfWriteRequestInfo() }, { "keepalive@openssh.com", new KeepAliveRequestInfo() } }; Host = host; Port = port; Username = username; ProxyType = proxyType; ProxyHost = proxyHost; ProxyPort = proxyPort; ProxyUsername = proxyUsername; ProxyPassword = proxyPassword; AuthenticationMethods = authenticationMethods; } internal void Authenticate(ISession session, IServiceFactory serviceFactory) { if (serviceFactory == null) throw new ArgumentNullException("serviceFactory"); IsAuthenticated = false; serviceFactory.CreateClientAuthentication().Authenticate(this, session); IsAuthenticated = true; } void IConnectionInfoInternal.UserAuthenticationBannerReceived(object sender, MessageEventArgs<BannerMessage> e) { this.AuthenticationBanner?.Invoke(this, new AuthenticationBannerEventArgs(Username, e.Message.Message, e.Message.Language)); } IAuthenticationMethod IConnectionInfoInternal.CreateNoneAuthenticationMethod() { return new NoneAuthenticationMethod(Username); } } }