Skip to content

Commit 20ea8fe

Browse files
darinkesdarinkes
committed
WIP: Add Support for ECDSA Host- and Private-Keys
Also known as: - ecdsa-sha2-nistp256 - ecdsa-sha2-nistp384 - ecdsa-sha2-nistp521 Works for .NET 3.5 and 4.0 but needs some more testing and tests. Basically it translate between SSH-Data and Microsoft Crypto API. Tested with ECDSA-{256,384,521} Hostkeys and ECDSA-{256,384,521}-Pub/Private-Keys against OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016. Keys generated with: - ssh-keygen -t ecdsa - ssh-keygen -t ecdsa -b 384 - ssh-keygen -t ecdsa -b 521
1 parent bd01d97 commit 20ea8fe

File tree

20 files changed

+801
-16
lines changed

20 files changed

+801
-16
lines changed

src/Renci.SshNet.NET35/Renci.SshNet.NET35.csproj

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
<DebugType>full</DebugType>
1919
<Optimize>false</Optimize>
2020
<OutputPath>bin\Debug\</OutputPath>
21-
<DefineConstants>TRACE;DEBUG;FEATURE_REGEX_COMPILE;FEATURE_BINARY_SERIALIZATION;FEATURE_RNG_CREATE;FEATURE_SOCKET_SYNC;FEATURE_SOCKET_EAP;FEATURE_SOCKET_APM;FEATURE_SOCKET_SETSOCKETOPTION;FEATURE_SOCKET_POLL;FEATURE_STREAM_APM;FEATURE_DNS_SYNC;FEATURE_THREAD_THREADPOOL;FEATURE_THREAD_SLEEP;FEATURE_HASH_MD5;FEATURE_HASH_SHA1_CREATE;FEATURE_HASH_SHA256_CREATE;FEATURE_HASH_SHA384_CREATE;FEATURE_HASH_SHA512_CREATE;FEATURE_HASH_RIPEMD160_CREATE;FEATURE_HMAC_MD5;FEATURE_HMAC_SHA1;FEATURE_HMAC_SHA256;FEATURE_HMAC_SHA384;FEATURE_HMAC_SHA512;FEATURE_HMAC_RIPEMD160;FEATURE_MEMORYSTREAM_GETBUFFER;FEATURE_DIAGNOSTICS_TRACESOURCE;FEATURE_ENCODING_ASCII</DefineConstants>
21+
<DefineConstants>TRACE;DEBUG;FEATURE_REGEX_COMPILE;FEATURE_BINARY_SERIALIZATION;FEATURE_RNG_CREATE;FEATURE_SOCKET_SYNC;FEATURE_SOCKET_EAP;FEATURE_SOCKET_APM;FEATURE_SOCKET_SETSOCKETOPTION;FEATURE_SOCKET_POLL;FEATURE_STREAM_APM;FEATURE_DNS_SYNC;FEATURE_THREAD_THREADPOOL;FEATURE_THREAD_SLEEP;FEATURE_HASH_MD5;FEATURE_HASH_SHA1_CREATE;FEATURE_HASH_SHA256_CREATE;FEATURE_HASH_SHA384_CREATE;FEATURE_HASH_SHA512_CREATE;FEATURE_HASH_RIPEMD160_CREATE;FEATURE_HMAC_MD5;FEATURE_HMAC_SHA1;FEATURE_HMAC_SHA256;FEATURE_HMAC_SHA384;FEATURE_HMAC_SHA512;FEATURE_HMAC_RIPEMD160;FEATURE_MEMORYSTREAM_GETBUFFER;FEATURE_DIAGNOSTICS_TRACESOURCE;FEATURE_ENCODING_ASCII;FEATURE_ECDSA</DefineConstants>
2222
<ErrorReport>prompt</ErrorReport>
2323
<WarningLevel>4</WarningLevel>
2424
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
@@ -29,7 +29,7 @@
2929
<DebugType>none</DebugType>
3030
<Optimize>true</Optimize>
3131
<OutputPath>bin\Release\</OutputPath>
32-
<DefineConstants>TRACE;FEATURE_REGEX_COMPILE;FEATURE_BINARY_SERIALIZATION;FEATURE_RNG_CREATE;FEATURE_SOCKET_SYNC;FEATURE_SOCKET_EAP;FEATURE_SOCKET_APM;FEATURE_SOCKET_SETSOCKETOPTION;FEATURE_SOCKET_POLL;FEATURE_STREAM_APM;FEATURE_DNS_SYNC;FEATURE_THREAD_THREADPOOL;FEATURE_THREAD_SLEEP;FEATURE_HASH_MD5;FEATURE_HASH_SHA1_CREATE;FEATURE_HASH_SHA256_CREATE;FEATURE_HASH_SHA384_CREATE;FEATURE_HASH_SHA512_CREATE;FEATURE_HASH_RIPEMD160_CREATE;FEATURE_HMAC_MD5;FEATURE_HMAC_SHA1;FEATURE_HMAC_SHA256;FEATURE_HMAC_SHA384;FEATURE_HMAC_SHA512;FEATURE_HMAC_RIPEMD160;FEATURE_MEMORYSTREAM_GETBUFFER;FEATURE_DIAGNOSTICS_TRACESOURCE;FEATURE_ENCODING_ASCII</DefineConstants>
32+
<DefineConstants>TRACE;FEATURE_REGEX_COMPILE;FEATURE_BINARY_SERIALIZATION;FEATURE_RNG_CREATE;FEATURE_SOCKET_SYNC;FEATURE_SOCKET_EAP;FEATURE_SOCKET_APM;FEATURE_SOCKET_SETSOCKETOPTION;FEATURE_SOCKET_POLL;FEATURE_STREAM_APM;FEATURE_DNS_SYNC;FEATURE_THREAD_THREADPOOL;FEATURE_THREAD_SLEEP;FEATURE_HASH_MD5;FEATURE_HASH_SHA1_CREATE;FEATURE_HASH_SHA256_CREATE;FEATURE_HASH_SHA384_CREATE;FEATURE_HASH_SHA512_CREATE;FEATURE_HASH_RIPEMD160_CREATE;FEATURE_HMAC_MD5;FEATURE_HMAC_SHA1;FEATURE_HMAC_SHA256;FEATURE_HMAC_SHA384;FEATURE_HMAC_SHA512;FEATURE_HMAC_RIPEMD160;FEATURE_MEMORYSTREAM_GETBUFFER;FEATURE_DIAGNOSTICS_TRACESOURCE;FEATURE_ENCODING_ASCII;FEATURE_ECDSA</DefineConstants>
3333
<ErrorReport>prompt</ErrorReport>
3434
<WarningLevel>4</WarningLevel>
3535
<DocumentationFile>bin\Release\Renci.SshNet.xml</DocumentationFile>
@@ -695,6 +695,12 @@
695695
<Compile Include="..\Renci.SshNet\Security\Cryptography\Key.cs">
696696
<Link>Security\Cryptography\Key.cs</Link>
697697
</Compile>
698+
<Compile Include="..\Renci.SshNet\Security\Cryptography\EcdsaDigitalSignature.cs">
699+
<Link>Security\Cryptography\EcdsaDigitalSignature.cs</Link>
700+
</Compile>
701+
<Compile Include="..\Renci.SshNet\Security\Cryptography\EcdsaKey.cs">
702+
<Link>Security\Cryptography\EcdsaKey.cs</Link>
703+
</Compile>
698704
<Compile Include="..\Renci.SshNet\Security\Cryptography\RsaDigitalSignature.cs">
699705
<Link>Security\Cryptography\RsaDigitalSignature.cs</Link>
700706
</Compile>

src/Renci.SshNet.Tests.NET35/.vs/Renci.SshNet.Tests.NET35/v15/Server/sqlite3/db.lock

Whitespace-only changes.

src/Renci.SshNet.Tests.NET35/.vs/Renci.SshNet.Tests.NET35/v15/Server/sqlite3/storage.ide

4 KB
Binary file not shown.

src/Renci.SshNet.Tests.NET35/.vs/Renci.SshNet.Tests.NET35/v15/Server/sqlite3/storage.ide-shm

32 KB
Binary file not shown.

src/Renci.SshNet.Tests.NET35/.vs/Renci.SshNet.Tests.NET35/v15/Server/sqlite3/storage.ide-wal

1.8 MB
Binary file not shown.

src/Renci.SshNet.Tests.NET35/Renci.SshNet.Tests.NET35.csproj

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1737,6 +1737,26 @@
17371737
<Link>Data\Key.SSH2.RSA.txt</Link>
17381738
</EmbeddedResource>
17391739
</ItemGroup>
1740+
<ItemGroup>
1741+
<EmbeddedResource Include="..\Renci.SshNet.Tests\Data\Key.ECDSA.txt">
1742+
<Link>Data\Key.ECDSA.txt</Link>
1743+
</EmbeddedResource>
1744+
<EmbeddedResource Include="..\Renci.SshNet.Tests\Data\Key.ECDSA384.txt">
1745+
<Link>Data\Key.ECDSA384.txt</Link>
1746+
</EmbeddedResource>
1747+
<EmbeddedResource Include="..\Renci.SshNet.Tests\Data\Key.ECDSA521.txt">
1748+
<Link>Data\Key.ECDSA521.txt</Link>
1749+
</EmbeddedResource>
1750+
<EmbeddedResource Include="..\Renci.SshNet.Tests\Data\Key.ECDSA.Encrypted.txt">
1751+
<Link>Data\Key.ECDSA.Encrypted.txt</Link>
1752+
</EmbeddedResource>
1753+
<EmbeddedResource Include="..\Renci.SshNet.Tests\Data\Key.ECDSA384.Encrypted.txt">
1754+
<Link>Data\Key.ECDSA384.Encrypted.txt</Link>
1755+
</EmbeddedResource>
1756+
<EmbeddedResource Include="..\Renci.SshNet.Tests\Data\Key.ECDSA521.Encrypted.txt">
1757+
<Link>Data\Key.ECDSA521.Encrypted.txt</Link>
1758+
</EmbeddedResource>
1759+
</ItemGroup>
17401760
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
17411761
<ProjectExtensions>
17421762
<VisualStudio>

src/Renci.SshNet.Tests/Classes/PrivateKeyFileTest.cs

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -319,6 +319,72 @@ public void Test_PrivateKey_RSA_DES_EDE3_CFB()
319319
}
320320
}
321321

322+
[TestMethod]
323+
[Owner("darinkes")]
324+
[TestCategory("PrivateKey")]
325+
public void Test_PrivateKey_ECDSA()
326+
{
327+
using (var stream = GetData("Key.ECDSA.txt"))
328+
{
329+
new PrivateKeyFile(stream);
330+
}
331+
}
332+
333+
[TestMethod]
334+
[Owner("darinkes")]
335+
[TestCategory("PrivateKey")]
336+
public void Test_PrivateKey_ECDSA384()
337+
{
338+
using (var stream = GetData("Key.ECDSA384.txt"))
339+
{
340+
new PrivateKeyFile(stream);
341+
}
342+
}
343+
344+
[TestMethod]
345+
[Owner("darinkes")]
346+
[TestCategory("PrivateKey")]
347+
public void Test_PrivateKey_ECDSA521()
348+
{
349+
using (var stream = GetData("Key.ECDSA521.txt"))
350+
{
351+
new PrivateKeyFile(stream);
352+
}
353+
}
354+
355+
[TestMethod]
356+
[Owner("darinkes")]
357+
[TestCategory("PrivateKey")]
358+
public void Test_PrivateKey_ECDSA_Encrypted()
359+
{
360+
using (var stream = GetData("Key.ECDSA.Encrypted.txt"))
361+
{
362+
new PrivateKeyFile(stream, "12345");
363+
}
364+
}
365+
366+
[TestMethod]
367+
[Owner("darinkes")]
368+
[TestCategory("PrivateKey")]
369+
public void Test_PrivateKey_ECDSA384_Encrypted()
370+
{
371+
using (var stream = GetData("Key.ECDSA384.Encrypted.txt"))
372+
{
373+
new PrivateKeyFile(stream, "12345");
374+
}
375+
}
376+
377+
[TestMethod]
378+
[Owner("darinkes")]
379+
[TestCategory("PrivateKey")]
380+
public void Test_PrivateKey_ECDSA521_Encrypted()
381+
{
382+
using (var stream = GetData("Key.ECDSA521.Encrypted.txt"))
383+
{
384+
new PrivateKeyFile(stream, "12345");
385+
}
386+
}
387+
322388
/// <summary>
323389
///A test for Dispose
324390
///</summary>

src/Renci.SshNet.Tests/Data/Key.ECDSA.Encrypted.txt

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
-----BEGIN EC PRIVATE KEY-----
2+
Proc-Type: 4,ENCRYPTED
3+
DEK-Info: AES-128-CBC,54D46F498C989115AAE14FEA21E3AF11
4+
5+
IQdFnndcbzz10d7YQIgEE1TzuzJrm7uYJr4Hvdfz/FshVxMRqxqaqtEgo2vAHHik
6+
BOcPkm+84ERlTNPslcJqLSkKzCdxb7Rz5hfwHuN3Y6Lf01qGakDlzAUEjEyDor+4
7+
zQtAne+f+gRUJnBvLLoVhH4xdeQFC55GECNUFQpEmos=
8+
-----END EC PRIVATE KEY-----

src/Renci.SshNet.Tests/Data/Key.ECDSA.txt

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
-----BEGIN EC PRIVATE KEY-----
2+
MHcCAQEEIEdqaFKgJBIibVjyUh1v7Y35LwIQJrocdTaYFLwl7iB0oAoGCCqGSM49
3+
AwEHoUQDQgAEQD5MO/n9yqSDTszwzVpApLx5SQFecE5ZfDkgxqVdHQecm1BAPozZ
4+
4eKGNhKn72hT79mLlp9HXX+oNEcuVT83Hw==
5+
-----END EC PRIVATE KEY-----

src/Renci.SshNet.Tests/Data/Key.ECDSA384.Encrypted.txt

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
-----BEGIN EC PRIVATE KEY-----
2+
Proc-Type: 4,ENCRYPTED
3+
DEK-Info: AES-128-CBC,1D64653C5E18C2AACB0B17E3FE43C219
4+
5+
lCtRmcvKSeIACwqTtsf/ei1brtCZ386rsk/j7bSXdkZBpvzcmzbeo6w6CYm206Km
6+
hV9TMl2dIO/I1/ov5/2VIR3ZkaElyDOJD/+Be0e3aus4EZj1H1YM/Dv+4QJId+is
7+
Cw4ycWjfudYPPejGdiyjzt5qjaIJwrrEvGtMg7sWVAqDpjcAjS9KuaCu5nOgdItL
8+
s7oHuz+DTGdJQNfUHAlUnz1JaMRWzpP0MwtxdcaRY+w=
9+
-----END EC PRIVATE KEY-----

0 commit comments

Comments
 (0)