Added ssh-rsa-cert-v01@openssh.com algorithm, added algorithm priorities

README.md

@@ -38,6 +38,7 @@ the missing test once you figure things out.  🤓
 * Supports publickey, password and keyboard-interactive authentication methods 
 * Supports two-factor or higher authentication
 * Supports SOCKS4, SOCKS5 and HTTP Proxy
+* Supports both client and host-side OpenSSH certificates (ssh-rsa-cert-v01@openssh.com) *[added by msvprogs]*
 
 ## Encryption Method
 

src/Renci.SshNet.Tests/Classes/CipherInfoTest.cs

@@ -21,7 +21,7 @@ public void CipherInfoConstructorTest()
         {
             int keySize = 0; // TODO: Initialize to an appropriate value
             Func<byte[], byte[], Cipher> cipher = null; // TODO: Initialize to an appropriate value
-            CipherInfo target = new CipherInfo(keySize, cipher);
+            CipherInfo target = new CipherInfo(keySize, 1, cipher);
             Assert.Inconclusive("TODO: Implement code to verify target");
         }
     }

src/Renci.SshNet.Tests/Classes/Security/CertificateHostAlgorithmTest.cs

@@ -19,7 +19,7 @@ public class CertificateHostAlgorithmTest : TestBase
         public void CertificateHostAlgorithmConstructorTest()
         {
             string name = string.Empty; // TODO: Initialize to an appropriate value
-            CertificateHostAlgorithm target = new CertificateHostAlgorithm(name);
+            CertificateHostAlgorithm target = new CertificateHostAlgorithm(name, default);
             Assert.Inconclusive("TODO: Implement code to verify target");
         }
 
@@ -31,7 +31,7 @@ public void CertificateHostAlgorithmConstructorTest()
         public void SignTest()
         {
             string name = string.Empty; // TODO: Initialize to an appropriate value
-            CertificateHostAlgorithm target = new CertificateHostAlgorithm(name); // TODO: Initialize to an appropriate value
+            CertificateHostAlgorithm target = new CertificateHostAlgorithm(name, default); // TODO: Initialize to an appropriate value
             byte[] data = null; // TODO: Initialize to an appropriate value
             byte[] expected = null; // TODO: Initialize to an appropriate value
             byte[] actual;
@@ -48,7 +48,7 @@ public void SignTest()
         public void VerifySignatureTest()
         {
             string name = string.Empty; // TODO: Initialize to an appropriate value
-            CertificateHostAlgorithm target = new CertificateHostAlgorithm(name); // TODO: Initialize to an appropriate value
+            CertificateHostAlgorithm target = new CertificateHostAlgorithm(name, default); // TODO: Initialize to an appropriate value
             byte[] data = null; // TODO: Initialize to an appropriate value
             byte[] signature = null; // TODO: Initialize to an appropriate value
             bool expected = false; // TODO: Initialize to an appropriate value
@@ -66,7 +66,7 @@ public void VerifySignatureTest()
         public void DataTest()
         {
             string name = string.Empty; // TODO: Initialize to an appropriate value
-            CertificateHostAlgorithm target = new CertificateHostAlgorithm(name); // TODO: Initialize to an appropriate value
+            CertificateHostAlgorithm target = new CertificateHostAlgorithm(name, default); // TODO: Initialize to an appropriate value
             byte[] actual;
             actual = target.Data;
             Assert.Inconclusive("Verify the correctness of this test method.");

src/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/AesCipherTest.cs

@@ -92,7 +92,7 @@ public void Test_Cipher_AEes128CBC_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("aes128-cbc", new CipherInfo(128, (key, iv) => { return new AesCipher(key, new CbcCipherMode(iv), null); }));
+            connectionInfo.Encryptions.Add("aes128-cbc", new CipherInfo(128, 1, (key, iv) => { return new AesCipher(key, new CbcCipherMode(iv), null); }));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -109,7 +109,7 @@ public void Test_Cipher_Aes192CBC_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("aes192-cbc", new CipherInfo(192, (key, iv) => { return new AesCipher(key, new CbcCipherMode(iv), null); }));
+            connectionInfo.Encryptions.Add("aes192-cbc", new CipherInfo(192, 1, (key, iv) => { return new AesCipher(key, new CbcCipherMode(iv), null); }));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -126,7 +126,7 @@ public void Test_Cipher_Aes256CBC_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("aes256-cbc", new CipherInfo(256, (key, iv) => { return new AesCipher(key, new CbcCipherMode(iv), null); }));
+            connectionInfo.Encryptions.Add("aes256-cbc", new CipherInfo(256, 1, (key, iv) => { return new AesCipher(key, new CbcCipherMode(iv), null); }));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -143,7 +143,7 @@ public void Test_Cipher_Aes128CTR_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("aes128-ctr", new CipherInfo(128, (key, iv) => { return new AesCipher(key, new CtrCipherMode(iv), null); }));
+            connectionInfo.Encryptions.Add("aes128-ctr", new CipherInfo(128, 1, (key, iv) => { return new AesCipher(key, new CtrCipherMode(iv), null); }));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -160,7 +160,7 @@ public void Test_Cipher_Aes192CTR_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("aes192-ctr", new CipherInfo(192, (key, iv) => { return new AesCipher(key, new CtrCipherMode(iv), null); }));
+            connectionInfo.Encryptions.Add("aes192-ctr", new CipherInfo(192, 1, (key, iv) => { return new AesCipher(key, new CtrCipherMode(iv), null); }));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -177,7 +177,7 @@ public void Test_Cipher_Aes256CTR_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("aes256-ctr", new CipherInfo(256, (key, iv) => { return new AesCipher(key, new CtrCipherMode(iv), null); }));
+            connectionInfo.Encryptions.Add("aes256-ctr", new CipherInfo(256, 1, (key, iv) => { return new AesCipher(key, new CtrCipherMode(iv), null); }));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -194,7 +194,7 @@ public void Test_Cipher_Arcfour_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("arcfour", new CipherInfo(128, (key, iv) => { return new Arc4Cipher(key, false); }));
+            connectionInfo.Encryptions.Add("arcfour", new CipherInfo(128, 1, (key, iv) => { return new Arc4Cipher(key, false); }));
 
             using (var client = new SshClient(connectionInfo))
             {

src/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/Arc4CipherTest.cs

@@ -165,7 +165,7 @@ public void Test_Cipher_Arcfour128_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("arcfour128", new CipherInfo(128, (key, iv) => { return new Arc4Cipher(key, true); }));
+            connectionInfo.Encryptions.Add("arcfour128", new CipherInfo(128, 1, (key, iv) => { return new Arc4Cipher(key, true); }));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -182,7 +182,7 @@ public void Test_Cipher_Arcfour256_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("arcfour256", new CipherInfo(256, (key, iv) => { return new Arc4Cipher(key, true); }));
+            connectionInfo.Encryptions.Add("arcfour256", new CipherInfo(256, 1, (key, iv) => { return new Arc4Cipher(key, true); }));
 
             using (var client = new SshClient(connectionInfo))
             {

src/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/BlowfishCipherTest.cs

@@ -35,7 +35,7 @@ public void Test_Cipher_BlowfishCBC_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("blowfish-cbc", new CipherInfo(128, (key, iv) => { return new BlowfishCipher(key, new CbcCipherMode(iv), null); }));
+            connectionInfo.Encryptions.Add("blowfish-cbc", new CipherInfo(128, 1, (key, iv) => { return new BlowfishCipher(key, new CbcCipherMode(iv), null); }));
 
             using (var client = new SshClient(connectionInfo))
             {

src/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/CastCipherTest.cs

@@ -47,7 +47,7 @@ public void Test_Cipher_Cast128CBC_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("cast128-cbc", new CipherInfo(128, (key, iv) => { return new CastCipher(key, new CbcCipherMode(iv), null); }));
+            connectionInfo.Encryptions.Add("cast128-cbc", new CipherInfo(128, 1, (key, iv) => { return new CastCipher(key, new CbcCipherMode(iv), null); }));
 
             using (var client = new SshClient(connectionInfo))
             {

src/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/TripleDesCipherTest.cs

@@ -35,7 +35,7 @@ public void Test_Cipher_TripleDESCBC_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.Encryptions.Clear();
-            connectionInfo.Encryptions.Add("3des-cbc", new CipherInfo(192, (key, iv) => { return new TripleDesCipher(key, new CbcCipherMode(iv), null); }));
+            connectionInfo.Encryptions.Add("3des-cbc", new CipherInfo(192, 1, (key, iv) => { return new TripleDesCipher(key, new CbcCipherMode(iv), null); }));
 
             using (var client = new SshClient(connectionInfo))
             {

src/Renci.SshNet.Tests/Classes/Security/Cryptography/HMacTest.cs

@@ -18,7 +18,7 @@ public void Test_HMac_MD5_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.HmacAlgorithms.Clear();
-            connectionInfo.HmacAlgorithms.Add("hmac-md5", new HashInfo(16 * 8, CryptoAbstraction.CreateHMACMD5));
+            connectionInfo.HmacAlgorithms.Add("hmac-md5", new HashInfo(16 * 8, 1, CryptoAbstraction.CreateHMACMD5));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -33,7 +33,7 @@ public void Test_HMac_Sha1_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.HmacAlgorithms.Clear();
-            connectionInfo.HmacAlgorithms.Add("hmac-sha1", new HashInfo(20 * 8, CryptoAbstraction.CreateHMACSHA1));
+            connectionInfo.HmacAlgorithms.Add("hmac-sha1", new HashInfo(20 * 8, 1, CryptoAbstraction.CreateHMACSHA1));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -48,7 +48,7 @@ public void Test_HMac_MD5_96_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.HmacAlgorithms.Clear();
-            connectionInfo.HmacAlgorithms.Add("hmac-md5", new HashInfo(16 * 8, key => CryptoAbstraction.CreateHMACMD5(key, 96)));
+            connectionInfo.HmacAlgorithms.Add("hmac-md5", new HashInfo(16 * 8, 1, key => CryptoAbstraction.CreateHMACMD5(key, 96)));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -63,7 +63,7 @@ public void Test_HMac_Sha1_96_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.HmacAlgorithms.Clear();
-            connectionInfo.HmacAlgorithms.Add("hmac-sha1", new HashInfo(20 * 8, key => CryptoAbstraction.CreateHMACSHA1(key, 96)));
+            connectionInfo.HmacAlgorithms.Add("hmac-sha1", new HashInfo(20 * 8, 1, key => CryptoAbstraction.CreateHMACSHA1(key, 96)));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -78,7 +78,7 @@ public void Test_HMac_Sha256_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.HmacAlgorithms.Clear();
-            connectionInfo.HmacAlgorithms.Add("hmac-sha2-256", new HashInfo(32 * 8, CryptoAbstraction.CreateHMACSHA256));
+            connectionInfo.HmacAlgorithms.Add("hmac-sha2-256", new HashInfo(32 * 8, 1, CryptoAbstraction.CreateHMACSHA256));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -93,7 +93,7 @@ public void Test_HMac_Sha256_96_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.HmacAlgorithms.Clear();
-            connectionInfo.HmacAlgorithms.Add("hmac-sha2-256-96", new HashInfo(32 * 8, (key) => CryptoAbstraction.CreateHMACSHA256(key, 96)));
+            connectionInfo.HmacAlgorithms.Add("hmac-sha2-256-96", new HashInfo(32 * 8, 1, (key) => CryptoAbstraction.CreateHMACSHA256(key, 96)));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -108,7 +108,7 @@ public void Test_HMac_RIPEMD160_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.HmacAlgorithms.Clear();
-            connectionInfo.HmacAlgorithms.Add("hmac-ripemd160", new HashInfo(160, CryptoAbstraction.CreateHMACRIPEMD160));
+            connectionInfo.HmacAlgorithms.Add("hmac-ripemd160", new HashInfo(160, 1, CryptoAbstraction.CreateHMACRIPEMD160));
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -123,7 +123,7 @@ public void Test_HMac_RIPEMD160_OPENSSH_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.HmacAlgorithms.Clear();
-            connectionInfo.HmacAlgorithms.Add("hmac-ripemd160@openssh.com", new HashInfo(160, CryptoAbstraction.CreateHMACRIPEMD160));
+            connectionInfo.HmacAlgorithms.Add("hmac-ripemd160@openssh.com", new HashInfo(160, 1, CryptoAbstraction.CreateHMACRIPEMD160));
 
             using (var client = new SshClient(connectionInfo))
             {

src/Renci.SshNet.Tests/Classes/Security/KeyHostAlgorithmTest.cs

@@ -17,7 +17,7 @@ public void Test_HostKey_SshRsa_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.HostKeyAlgorithms.Clear();
-            connectionInfo.HostKeyAlgorithms.Add("ssh-rsa", (data) => { return new KeyHostAlgorithm("ssh-rsa", new RsaKey(), data); });
+            connectionInfo.HostKeyAlgorithms.Add("ssh-rsa", (data) => { return new KeyHostAlgorithm("ssh-rsa", 1, new RsaKey(), data, 2); });
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -32,7 +32,7 @@ public void Test_HostKey_SshDss_Connection()
         {
             var connectionInfo = new PasswordConnectionInfo(Resources.HOST, int.Parse(Resources.PORT), Resources.USERNAME, Resources.PASSWORD);
             connectionInfo.HostKeyAlgorithms.Clear();
-            connectionInfo.HostKeyAlgorithms.Add("ssh-dss", (data) => { return new KeyHostAlgorithm("ssh-dss", new DsaKey(), data); });
+            connectionInfo.HostKeyAlgorithms.Add("ssh-dss", (data) => { return new KeyHostAlgorithm("ssh-dss", 1, new DsaKey(), data, int.MaxValue); });
 
             using (var client = new SshClient(connectionInfo))
             {
@@ -64,7 +64,7 @@ public void KeyHostAlgorithmConstructorTest1()
             string name = string.Empty; // TODO: Initialize to an appropriate value
             Key key = null; // TODO: Initialize to an appropriate value
             byte[] data = null; // TODO: Initialize to an appropriate value
-            KeyHostAlgorithm target = new KeyHostAlgorithm(name, key, data);
+            KeyHostAlgorithm target = new KeyHostAlgorithm(name, 1, key, data, int.MaxValue);
             Assert.Inconclusive("TODO: Implement code to verify target");
         }
 

src/Renci.SshNet/CipherInfo.cs

@@ -22,14 +22,21 @@ public class CipherInfo
         /// </summary>
         public Func<byte[], byte[], Cipher> Cipher { get; private set; }
 
+        /// <summary>
+        /// 
+        /// </summary>
+        public int Priority { get; private set; }
+
         /// <summary>
         /// Initializes a new instance of the <see cref="CipherInfo"/> class.
         /// </summary>
         /// <param name="keySize">Size of the key.</param>
+        /// <param name="priority"></param>
         /// <param name="cipher">The cipher.</param>
-        public CipherInfo(int keySize, Func<byte[], byte[], Cipher> cipher)
+        public CipherInfo(int keySize, int priority, Func<byte[], byte[], Cipher> cipher)
         {
             KeySize = keySize;
+            Priority = priority;
             Cipher = (key, iv) => (cipher(key.Take(KeySize / 8), iv));
         }
     }

src/Renci.SshNet/Common/HostKeyEventArgs.cs

@@ -25,7 +25,7 @@ public class HostKeyEventArgs : EventArgs
         /// <summary>
         /// Gets the host key name.
         /// </summary>
-        public string HostKeyName{ get; private set; }
+        public string HostKeyName { get; private set; }
 
         /// <summary>
         /// Gets the finger print.