fix ca2000

https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca2000

Author: mus65

src/Renci.SshNet/PrivateKeyFile.OpenSSH.cs

@@ -32,7 +32,7 @@ public OpenSSH(byte[] data, string? passPhrase)
             /// </summary>
             public Key Parse()
             {
-                var keyReader = new SshDataStream(_data);
+                using var keyReader = new SshDataStream(_data);
 
                 // check magic header
                 var authMagic = "openssh-key-v1\0"u8;
@@ -171,7 +171,7 @@ public Key Parse()
                 // now parse the data we called the private key, it actually contains the public key again
                 // so we need to parse through it to get the private key bytes, plus there's some
                 // validation we need to do.
-                var privateKeyReader = new SshDataStream(privateKeyBytes);
+                using var privateKeyReader = new SshDataStream(privateKeyBytes);
 
                 // check ints should match, they wouldn't match for example if the wrong passphrase was supplied
                 var checkInt1 = (int)privateKeyReader.ReadUInt32();
@@ -200,7 +200,9 @@ public Key Parse()
 
                         // k || ENC(A)
                         unencryptedPrivateKey = privateKeyReader.ReadBinary();
+#pragma warning disable CA2000 // Dispose objects before losing scope
                         parsedKey = new ED25519Key(unencryptedPrivateKey);
+#pragma warning restore CA2000 // Dispose objects before losing scope
                         break;
                     case "ecdsa-sha2-nistp256":
                     case "ecdsa-sha2-nistp384":
@@ -210,7 +212,9 @@ public Key Parse()
                         publicKey = privateKeyReader.ReadBinary();
 
                         unencryptedPrivateKey = privateKeyReader.ReadBinary();
+#pragma warning disable CA2000 // Dispose objects before losing scope
                         parsedKey = new EcdsaKey(curve, publicKey, unencryptedPrivateKey.TrimLeadingZeros());
+#pragma warning restore CA2000 // Dispose objects before losing scope
                         break;
                     case "ssh-rsa":
                         var modulus = privateKeyReader.ReadBigInt();
@@ -219,7 +223,9 @@ public Key Parse()
                         var inverseQ = privateKeyReader.ReadBigInt();
                         var p = privateKeyReader.ReadBigInt();
                         var q = privateKeyReader.ReadBigInt();
+#pragma warning disable CA2000 // Dispose objects before losing scope
                         parsedKey = new RsaKey(modulus, exponent, d, p, q, inverseQ);
+#pragma warning restore CA2000 // Dispose objects before losing scope
                         break;
                     default:
                         throw new SshException("OpenSSH key type '" + keyType + "' is not supported.");

src/Renci.SshNet/PrivateKeyFile.PuTTY.cs

@@ -163,11 +163,11 @@ public Key Parse()
                     throw new SshException("MAC verification failed for PuTTY key file");
                 }
 
-                var publicKeyReader = new SshDataStream(_publicKey);
+                using var publicKeyReader = new SshDataStream(_publicKey);
                 var keyType = publicKeyReader.ReadString(Encoding.UTF8);
                 Debug.Assert(keyType == _algorithmName, $"{nameof(keyType)} is not the same as {nameof(_algorithmName)}");
 
-                var privateKeyReader = new SshDataStream(privateKey);
+                using var privateKeyReader = new SshDataStream(privateKey);
 
                 Key parsedKey;
 

src/Renci.SshNet/PrivateKeyFile.SSHCOM.cs

@@ -28,22 +28,22 @@ public SSHCOM(byte[] data, string? passPhrase)
 
             public Key Parse()
             {
-                var reader = new SshDataStream(_data);
-                var magicNumber = reader.ReadUInt32();
+                using var dataReader = new SshDataStream(_data);
+                var magicNumber = dataReader.ReadUInt32();
                 if (magicNumber != 0x3f6ff9eb)
                 {
                     throw new SshException("Invalid SSH2 private key.");
                 }
 
-                _ = reader.ReadUInt32(); // Read total bytes length including magic number
-                var keyType = reader.ReadString(SshData.Ascii);
-                var ssh2CipherName = reader.ReadString(SshData.Ascii);
-                var blobSize = (int)reader.ReadUInt32();
+                _ = dataReader.ReadUInt32(); // Read total bytes length including magic number
+                var keyType = dataReader.ReadString(SshData.Ascii);
+                var ssh2CipherName = dataReader.ReadString(SshData.Ascii);
+                var blobSize = (int)dataReader.ReadUInt32();
 
                 byte[] keyData;
                 if (ssh2CipherName == "none")
                 {
-                    keyData = reader.ReadBytes(blobSize);
+                    keyData = dataReader.ReadBytes(blobSize);
                 }
                 else if (ssh2CipherName == "3des-cbc")
                 {
@@ -53,17 +53,17 @@ public Key Parse()
                     }
 
                     var key = GetCipherKey(_passPhrase, 192 / 8);
-                    var ssh2Сipher = new TripleDesCipher(key, new byte[8], CipherMode.CBC, pkcs7Padding: false);
-                    keyData = ssh2Сipher.Decrypt(reader.ReadBytes(blobSize));
+                    using var ssh2Сipher = new TripleDesCipher(key, new byte[8], CipherMode.CBC, pkcs7Padding: false);
+                    keyData = ssh2Сipher.Decrypt(dataReader.ReadBytes(blobSize));
                 }
                 else
                 {
                     throw new SshException(string.Format("Cipher method '{0}' is not supported.", ssh2CipherName));
                 }
 
-                reader = new SshDataStream(keyData);
+                using var keyReader = new SshDataStream(keyData);
 
-                var decryptedLength = reader.ReadUInt32();
+                var decryptedLength = keyReader.ReadUInt32();
 
                 if (decryptedLength > blobSize - 4)
                 {
@@ -72,12 +72,12 @@ public Key Parse()
 
                 if (keyType.Contains("rsa"))
                 {
-                    var exponent = ReadBigIntWithBits(reader);
-                    var d = ReadBigIntWithBits(reader);
-                    var modulus = ReadBigIntWithBits(reader);
-                    var inverseQ = ReadBigIntWithBits(reader);
-                    var q = ReadBigIntWithBits(reader);
-                    var p = ReadBigIntWithBits(reader);
+                    var exponent = ReadBigIntWithBits(keyReader);
+                    var d = ReadBigIntWithBits(keyReader);
+                    var modulus = ReadBigIntWithBits(keyReader);
+                    var inverseQ = ReadBigIntWithBits(keyReader);
+                    var q = ReadBigIntWithBits(keyReader);
+                    var p = ReadBigIntWithBits(keyReader);
                     return new RsaKey(modulus, exponent, d, p, q, inverseQ);
                 }