Merge branch 'develop' into develop

Author: znamenap

src/Renci.SshNet.Benchmarks/Security/Cryptography/Ciphers/RsaCipherBenchmarks.cs

@@ -21,7 +21,8 @@ public RsaCipherBenchmarks()
 
             using (var s = typeof(RsaCipherBenchmarks).Assembly.GetManifestResourceStream("Renci.SshNet.Benchmarks.Data.Key.RSA.txt"))
             {
-                _privateKey = (RsaKey)((KeyHostAlgorithm) new PrivateKeyFile(s).HostKey).Key;
+                
+                _privateKey = (RsaKey)new PrivateKeyFile(s).Key;
 
                 // The implementations of RsaCipher.Encrypt/Decrypt differ based on whether the supplied RsaKey has private key information
                 // or only public. So we extract out the public key information to a separate variable.

src/Renci.SshNet.Benchmarks/Security/Cryptography/ED25519DigitalSignatureBenchmarks.cs

@@ -21,7 +21,7 @@ public ED25519DigitalSignatureBenchmarks()
 
             using (var s = typeof(ED25519DigitalSignatureBenchmarks).Assembly.GetManifestResourceStream("Renci.SshNet.Benchmarks.Data.Key.OPENSSH.ED25519.txt"))
             {
-                _key = (ED25519Key) ((KeyHostAlgorithm) new PrivateKeyFile(s).HostKey).Key;
+                _key = (ED25519Key) new PrivateKeyFile(s).Key;
             }
             _signature = new ED25519DigitalSignature(_key).Sign(_data);
         }

src/Renci.SshNet.IntegrationTests/Common/RemoteSshdConfigExtensions.cs

@@ -20,9 +20,7 @@ public static void Reset(this RemoteSshdConfig remoteSshdConfig)
                             .ClearCiphers()
                             .ClearKeyExchangeAlgorithms()
                             .ClearHostKeyAlgorithms()
-                            .AddHostKeyAlgorithm(HostKeyAlgorithm.SshRsa)
                             .ClearPublicKeyAcceptedAlgorithms()
-                            .AddPublicKeyAcceptedAlgorithms(PublicKeyAlgorithm.SshRsa)
                             .WithUsePAM(true)
                             .Update()
                             .Restart();

src/Renci.SshNet.IntegrationTests/Dockerfile

@@ -14,7 +14,6 @@ RUN apk update && apk upgrade --no-cache && \
     chmod 400 /etc/ssh/ssh*key && \
     sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config && \
     sed -i 's/#LogLevel\s*INFO/LogLevel DEBUG3/' /etc/ssh/sshd_config && \
-    echo 'PubkeyAcceptedAlgorithms ssh-rsa' >> /etc/ssh/sshd_config && \
     chmod 646 /etc/ssh/sshd_config && \
     # install and configure sudo
     apk add --no-cache sudo && \

src/Renci.SshNet.IntegrationTests/HostKeyAlgorithmTests.cs

@@ -22,63 +22,46 @@ public void TearDown()
         {
             _remoteSshdConfig?.Reset();
         }
-        
+
         [TestMethod]
         [Ignore] // No longer supported in recent versions of OpenSSH
+        // TODO: We should be able to enable some legacy settings to make it work
+        // https://www.openssh.com/legacy.html e.g. PubkeyAcceptedKeyTypes / HostbasedAcceptedKeyTypes ?
         public void SshDsa()
         {
-            _remoteSshdConfig.ClearHostKeyAlgorithms()
-                             .AddHostKeyAlgorithm(HostKeyAlgorithm.SshDsa)
-                             .ClearHostKeyFiles()
-                             .AddHostKeyFile(HostKeyFile.Dsa.FilePath)
-                             .Update()
-                             .Restart();
-
-            HostKeyEventArgs hostKeyEventsArgs = null;
-
-            using (var client = new SshClient(_connectionInfoFactory.Create()))
-            {
-                client.HostKeyReceived += (sender, e) => hostKeyEventsArgs = e;
-                client.Connect();
-                client.Disconnect();
-            }
-
-            Assert.IsNotNull(hostKeyEventsArgs);
-            Assert.AreEqual(HostKeyFile.Dsa.KeyName, hostKeyEventsArgs.HostKeyName);
-            Assert.AreEqual(1024, hostKeyEventsArgs.KeyLength);
-            Assert.IsTrue(hostKeyEventsArgs.FingerPrint.SequenceEqual(HostKeyFile.Dsa.FingerPrint));
+            DoTest(HostKeyAlgorithm.SshDsa, HostKeyFile.Dsa, 1024);
         }
 
         [TestMethod]
         public void SshRsa()
         {
-            _remoteSshdConfig.ClearHostKeyAlgorithms()
-                             .AddHostKeyAlgorithm(HostKeyAlgorithm.SshRsa)
-                             .Update()
-                             .Restart();
-
-            HostKeyEventArgs hostKeyEventsArgs = null;
+            DoTest(HostKeyAlgorithm.SshRsa, HostKeyFile.Rsa, 3072);
+        }
 
-            using (var client = new SshClient(_connectionInfoFactory.Create()))
-            {
-                client.HostKeyReceived += (sender, e) => hostKeyEventsArgs = e;
-                client.Connect();
-                client.Disconnect();
-            }
+        [TestMethod]
+        public void SshRsaSha256()
+        {
+            DoTest(HostKeyAlgorithm.RsaSha2256, HostKeyFile.Rsa, 3072);
+        }
 
-            Assert.IsNotNull(hostKeyEventsArgs);
-            Assert.AreEqual(HostKeyFile.Rsa.KeyName, hostKeyEventsArgs.HostKeyName);
-            Assert.AreEqual(3072, hostKeyEventsArgs.KeyLength);
-            Assert.IsTrue(hostKeyEventsArgs.FingerPrint.SequenceEqual(HostKeyFile.Rsa.FingerPrint));
+        [TestMethod]
+        public void SshRsaSha512()
+        {
+            DoTest(HostKeyAlgorithm.RsaSha2512, HostKeyFile.Rsa, 3072);
         }
 
         [TestMethod]
         public void SshEd25519()
+        {
+            DoTest(HostKeyAlgorithm.SshEd25519, HostKeyFile.Ed25519, 256);
+        }
+
+        private void DoTest(HostKeyAlgorithm hostKeyAlgorithm, HostKeyFile hostKeyFile, int keyLength)
         {
             _remoteSshdConfig.ClearHostKeyAlgorithms()
-                             .AddHostKeyAlgorithm(HostKeyAlgorithm.SshEd25519)
+                             .AddHostKeyAlgorithm(hostKeyAlgorithm)
                              .ClearHostKeyFiles()
-                             .AddHostKeyFile(HostKeyFile.Ed25519.FilePath)
+                             .AddHostKeyFile(hostKeyFile.FilePath)
                              .Update()
                              .Restart();
 
@@ -92,14 +75,9 @@ public void SshEd25519()
             }
 
             Assert.IsNotNull(hostKeyEventsArgs);
-            Assert.AreEqual(HostKeyFile.Ed25519.KeyName, hostKeyEventsArgs.HostKeyName);
-            Assert.AreEqual(256, hostKeyEventsArgs.KeyLength);
-            Assert.IsTrue(hostKeyEventsArgs.FingerPrint.SequenceEqual(HostKeyFile.Ed25519.FingerPrint));
-        }
-
-        private void Client_HostKeyReceived(object sender, HostKeyEventArgs e)
-        {
-            throw new NotImplementedException();
+            Assert.AreEqual(hostKeyAlgorithm.Name, hostKeyEventsArgs.HostKeyName);
+            Assert.AreEqual(keyLength, hostKeyEventsArgs.KeyLength);
+            CollectionAssert.AreEqual(hostKeyFile.FingerPrint, hostKeyEventsArgs.FingerPrint);
         }
     }
 }

src/Renci.SshNet.IntegrationTests/PrivateKeyAuthenticationTests.cs

@@ -5,7 +5,7 @@ namespace Renci.SshNet.IntegrationTests
 {
     [TestClass]
     public class PrivateKeyAuthenticationTests : TestBase
-        {
+    {
         private IConnectionInfoFactory _connectionInfoFactory;
         private RemoteSshdConfig _remoteSshdConfig;
 
@@ -23,43 +23,64 @@ public void TearDown()
         }
 
         [TestMethod]
-        public void Ecdsa256()
+        [Ignore] // No longer supported in recent versions of OpenSSH
+        // TODO: We should be able to enable some legacy settings to make it work
+        // https://www.openssh.com/legacy.html e.g. PubkeyAcceptedKeyTypes / HostbasedAcceptedKeyTypes ?
+        public void SshDsa()
         {
-            _remoteSshdConfig.AddPublicKeyAcceptedAlgorithms(PublicKeyAlgorithm.EcdsaSha2Nistp256)
-                             .Update()
-                             .Restart();
+            DoTest(PublicKeyAlgorithm.SshDss, "id_dsa");
+        }
 
-            var connectionInfo = _connectionInfoFactory.Create(CreatePrivateKeyAuthenticationMethod("key_ecdsa_256_openssh"));
+        [TestMethod]
+        public void SshRsa()
+        {
+            DoTest(PublicKeyAlgorithm.SshRsa, "id_rsa");
+        }
 
-            using (var client = new SshClient(connectionInfo))
-            {
-                client.Connect();
-            }
+        [TestMethod]
+        public void SshRsaSha256()
+        {
+            DoTest(PublicKeyAlgorithm.RsaSha2256, "id_rsa");
         }
 
         [TestMethod]
-        public void Ecdsa384()
+        public void SshRsaSha512()
         {
-            _remoteSshdConfig.AddPublicKeyAcceptedAlgorithms(PublicKeyAlgorithm.EcdsaSha2Nistp384)
-                             .Update()
-                             .Restart();
+            DoTest(PublicKeyAlgorithm.RsaSha2512, "id_rsa");
+        }
 
-            var connectionInfo = _connectionInfoFactory.Create(CreatePrivateKeyAuthenticationMethod("key_ecdsa_384_openssh"));
+        [TestMethod]
+        public void Ecdsa256()
+        {
+            DoTest(PublicKeyAlgorithm.EcdsaSha2Nistp256, "key_ecdsa_256_openssh");
+        }
 
-            using (var client = new SshClient(connectionInfo))
-            {
-                client.Connect();
-            }
+        [TestMethod]
+        public void Ecdsa384()
+        {
+            DoTest(PublicKeyAlgorithm.EcdsaSha2Nistp384, "key_ecdsa_384_openssh");
         }
 
         [TestMethod]
-        public void EcdsaA521()
+        public void Ecdsa521()
+        {
+            DoTest(PublicKeyAlgorithm.EcdsaSha2Nistp521, "key_ecdsa_521_openssh");
+        }
+
+        [TestMethod]
+        public void Ed25519()
+        {
+            DoTest(PublicKeyAlgorithm.SshEd25519, "key_ed25519_openssh");
+        }
+
+        private void DoTest(PublicKeyAlgorithm publicKeyAlgorithm, string keyResource)
         {
-            _remoteSshdConfig.AddPublicKeyAcceptedAlgorithms(PublicKeyAlgorithm.EcdsaSha2Nistp521)
+            _remoteSshdConfig.ClearPublicKeyAcceptedAlgorithms()
+                             .AddPublicKeyAcceptedAlgorithms(publicKeyAlgorithm)
                              .Update()
                              .Restart();
 
-            var connectionInfo = _connectionInfoFactory.Create(CreatePrivateKeyAuthenticationMethod("key_ecdsa_521_openssh"));
+            var connectionInfo = _connectionInfoFactory.Create(CreatePrivateKeyAuthenticationMethod(keyResource));
 
             using (var client = new SshClient(connectionInfo))
             {

src/Renci.SshNet.IntegrationTests/Renci.SshNet.IntegrationTests.csproj

@@ -60,6 +60,7 @@
     <EmbeddedResource Include="resources\client\key_ecdsa_256_openssh" />
     <EmbeddedResource Include="resources\client\key_ecdsa_384_openssh" />
     <EmbeddedResource Include="resources\client\key_ecdsa_521_openssh" />
+    <EmbeddedResource Include="resources\client\key_ed25519_openssh" />
     <EmbeddedResource Include="resources\issue #70.png" />
   </ItemGroup>
 </Project>

src/Renci.SshNet.IntegrationTests/user/sshnet/authorized_keys

@@ -1,4 +1,5 @@
 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4N0T6VopnwPSYQUw0waQNhBjz0DYFQwvkv4OwWYSf//fJF3M6bH42Tn2J+IlQ+4/fCFnE3m99seV5T1myEj7fsupNteY2sKFGXENLGtAD/76FM0iBmXx76xlSTyZSSmNDIRU4xUR23cfc+al84F5mO2lEk+5Zr3Qn5JUpucBfis4vtu0sMDgZ4w1d0tcuXkT/MEJn2iX2cnxbSy5qNAPHu7b+LEfXBv2OrMDqPrx/X6QREgi3w5RxL5kz7bvitWsIwIvb3ST2ARAArBwb8pEyp2A/w5p22rkQtL+3ibZ8fkmpgn33f31AZPgtM++iJPBmPKFjArcWEJ9fIVB/6DAj
 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPzzrPpItEjNG7tU0DpJJ4pkI01E9d6K61OKTVPdFQSyGCdMj9XdP93lC6sJA+9/ahvf5F3gWEKxUJL2CKUiFWw=
 ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBLSsu/HNKiaALhQ26UDv+N0AFdMb26fMVrOKe866CGu6ajSf9HUOhJFdjhseihB2rTalMPr8MrcXNLufii4mL8u4l9fUQXFgwnM/ZpiVPSs6C+8i4u/ZDg7Nx2NXybNIgQ==
-ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACB4WgRgGBRo6Uk+cRgg8tJPCbEtGURRWlUA7PDDerXR+P9O6mm3L99Etxsyh5XNYqXyaMNtH5c51ooMajrFwcayAHIhPPb8X3CsTwEfIUQ96aDyHQMotbRfnkn6uefeUTRrSNcqeAndUtVyAqBdqbsq2mgJYXHrz2NUKlPFYgauQi+WQ==
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACB4WgRgGBRo6Uk+cRgg8tJPCbEtGURRWlUA7PDDerXR+P9O6mm3L99Etxsyh5XNYqXyaMNtH5c51ooMajrFwcayAHIhPPb8X3CsTwEfIUQ96aDyHQMotbRfnkn6uefeUTRrSNcqeAndUtVyAqBdqbsq2mgJYXHrz2NUKlPFYgauQi+WQ==
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAkNGPVOTuzuKTgGfHcve2MRj57yXhmZgkUyi9RpmJrl

src/Renci.SshNet.TestTools.OpenSSH/SshdConfig.cs

@@ -211,8 +211,11 @@ public void SaveTo(TextWriter writer)
                 writer.WriteLine("MACs " + string.Join(",", MessageAuthenticationCodeAlgorithms.Select(c => c.Name).ToArray()));
             }
 
-            writer.WriteLine("PubkeyAcceptedAlgorithms " + string.Join(",", PublicKeyAcceptedAlgorithms.Select(c => c.Name).ToArray()));
-
+            if (PublicKeyAcceptedAlgorithms.Count > 0)
+            {
+                writer.WriteLine("PubkeyAcceptedAlgorithms " + string.Join(",", PublicKeyAcceptedAlgorithms.Select(c => c.Name).ToArray()));
+            }
+            
             foreach (var match in Matches)
             {
                 _matchFormatter.Format(match, writer);

src/Renci.SshNet.Tests/Classes/BaseClientTest_Connect_OnConnectedThrowsException.cs

@@ -1,4 +1,5 @@
 using System;
+using System.Linq;
 using System.Reflection;
 using System.Threading;
 using Microsoft.VisualStudio.TestTools.UnitTesting;
@@ -140,7 +141,7 @@ private static KeyHostAlgorithm GetKeyHostAlgorithm()
             using (var s = executingAssembly.GetManifestResourceStream(string.Format("Renci.SshNet.Tests.Data.{0}", "Key.RSA.txt")))
             {
                 var privateKey = new PrivateKeyFile(s);
-                return (KeyHostAlgorithm) privateKey.HostKey;
+                return (KeyHostAlgorithm) privateKey.HostKeyAlgorithms.First();
             }
         }