Merge branch 'develop' into kex_mlkem768x25519-sha256

sshnet · Jan 11, 2025 · 3d5bb96 · 3d5bb96
2 parents 8ad445e + 9e1ee0a
commit 3d5bb96
Show file tree

Hide file tree

Showing 32 changed files with 82 additions and 781 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "docker"
+    directory: "/test/Renci.SshNet.IntegrationTests/"
+    schedule:
+      interval: "weekly"
diff --git a/src/Renci.SshNet/ConnectionInfo.cs b/src/Renci.SshNet/ConnectionInfo.cs
@@ -408,7 +408,6 @@ public ConnectionInfo(string host, int port, string username, ProxyTypes proxyTy
             hostAlgs.Add("rsa-sha2-512", data => { var key = new RsaKey(new SshKeyData(data)); return new KeyHostAlgorithm("rsa-sha2-512", key, new RsaDigitalSignature(key, HashAlgorithmName.SHA512)); });
             hostAlgs.Add("rsa-sha2-256", data => { var key = new RsaKey(new SshKeyData(data)); return new KeyHostAlgorithm("rsa-sha2-256", key, new RsaDigitalSignature(key, HashAlgorithmName.SHA256)); });
             hostAlgs.Add("ssh-rsa", data => new KeyHostAlgorithm("ssh-rsa", new RsaKey(new SshKeyData(data))));
-            hostAlgs.Add("ssh-dss", data => new KeyHostAlgorithm("ssh-dss", new DsaKey(new SshKeyData(data))));
 #pragma warning restore SA1107 // Code should not contain multiple statements on one line
             HostKeyAlgorithms = hostAlgs;
 

diff --git a/src/Renci.SshNet/PrivateKeyFile.PKCS1.cs b/src/Renci.SshNet/PrivateKeyFile.PKCS1.cs
@@ -80,8 +80,6 @@ public Key Parse()
                 {
                     case "RSA PRIVATE KEY":
                         return new RsaKey(decryptedData);
-                    case "DSA PRIVATE KEY":
-                        return new DsaKey(decryptedData);
                     case "EC PRIVATE KEY":
                         return new EcdsaKey(decryptedData);
                     default:

diff --git a/src/Renci.SshNet/PrivateKeyFile.PKCS8.cs b/src/Renci.SshNet/PrivateKeyFile.PKCS8.cs
@@ -54,27 +54,6 @@ public Key Parse()
                     return new RsaKey(key);
                 }
 
-                if (algorithmOid.Equals(X9ObjectIdentifiers.IdDsa))
-                {
-                    var parameters = privateKeyInfo.PrivateKeyAlgorithm.Parameters.GetDerEncoded();
-                    var parametersReader = new AsnReader(parameters, AsnEncodingRules.BER);
-                    var sequenceReader = parametersReader.ReadSequence();
-                    parametersReader.ThrowIfNotEmpty();
-
-                    var p = sequenceReader.ReadInteger();
-                    var q = sequenceReader.ReadInteger();
-                    var g = sequenceReader.ReadInteger();
-                    sequenceReader.ThrowIfNotEmpty();
-
-                    var keyReader = new AsnReader(key, AsnEncodingRules.BER);
-                    var x = keyReader.ReadInteger();
-                    keyReader.ThrowIfNotEmpty();
-
-                    var y = BigInteger.ModPow(g, x, p);
-
-                    return new DsaKey(p, q, g, y, x);
-                }
-
                 if (algorithmOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
                 {
                     var parameters = privateKeyInfo.PrivateKeyAlgorithm.Parameters.GetDerEncoded();

diff --git a/src/Renci.SshNet/PrivateKeyFile.PuTTY.cs b/src/Renci.SshNet/PrivateKeyFile.PuTTY.cs
@@ -184,20 +184,12 @@ public Key Parse()
                         var prv = privateKeyReader.ReadBignum2();
                         parsedKey = new EcdsaKey(curve, pub, prv);
                         break;
-                    case "ssh-dss":
-                        var p = publicKeyReader.ReadBignum();
-                        var q = publicKeyReader.ReadBignum();
-                        var g = publicKeyReader.ReadBignum();
-                        var y = publicKeyReader.ReadBignum();
-                        var x = privateKeyReader.ReadBignum();
-                        parsedKey = new DsaKey(p, q, g, y, x);
-                        break;
                     case "ssh-rsa":
                         var exponent = publicKeyReader.ReadBignum(); // e
                         var modulus = publicKeyReader.ReadBignum(); // n
                         var d = privateKeyReader.ReadBignum(); // d
-                        p = privateKeyReader.ReadBignum(); // p
-                        q = privateKeyReader.ReadBignum(); // q
+                        var p = privateKeyReader.ReadBignum(); // p
+                        var q = privateKeyReader.ReadBignum(); // q
                         var inverseQ = privateKeyReader.ReadBignum(); // iqmp
                         parsedKey = new RsaKey(modulus, exponent, d, p, q, inverseQ);
                         break;

diff --git a/src/Renci.SshNet/PrivateKeyFile.SSHCOM.cs b/src/Renci.SshNet/PrivateKeyFile.SSHCOM.cs
@@ -83,21 +83,6 @@ public Key Parse()
                     var p = reader.ReadBigIntWithBits(); // q
                     return new RsaKey(modulus, exponent, d, p, q, inverseQ);
                 }
-                else if (keyType.Contains("dsa"))
-                {
-                    var zero = reader.ReadUInt32();
-                    if (zero != 0)
-                    {
-                        throw new SshException("Invalid private key");
-                    }
-
-                    var p = reader.ReadBigIntWithBits();
-                    var g = reader.ReadBigIntWithBits();
-                    var q = reader.ReadBigIntWithBits();
-                    var y = reader.ReadBigIntWithBits();
-                    var x = reader.ReadBigIntWithBits();
-                    return new DsaKey(p, q, g, y, x);
-                }
 
                 throw new NotSupportedException(string.Format("Key type '{0}' is not supported.", keyType));
             }

diff --git a/src/Renci.SshNet/PrivateKeyFile.cs b/src/Renci.SshNet/PrivateKeyFile.cs
@@ -381,10 +381,6 @@ private void Open(Stream privateKey, string? passPhrase)
                 _hostAlgorithms.Add(new KeyHostAlgorithm("rsa-sha2-256", _key, new RsaDigitalSignature(rsaKey, HashAlgorithmName.SHA256)));
 #pragma warning restore CA2000 // Dispose objects before losing scope
             }
-            else if (_key is DsaKey)
-            {
-                _hostAlgorithms.Add(new KeyHostAlgorithm("ssh-dss", _key));
-            }
             else
             {
                 _hostAlgorithms.Add(new KeyHostAlgorithm(_key.ToString(), _key));

diff --git a/src/Renci.SshNet/Security/Certificate.cs b/src/Renci.SshNet/Security/Certificate.cs
@@ -348,9 +348,6 @@ private Key ReadPublicKey(out SshKeyData keyData)
                     case "ssh-rsa-cert-v01@openssh.com":
                         keyData = new SshKeyData("ssh-rsa", LoadPublicKeys(2));
                         return new RsaKey(keyData);
-                    case "ssh-dss-cert-v01@openssh.com":
-                        keyData = new SshKeyData("ssh-dss", LoadPublicKeys(4));
-                        return new DsaKey(keyData);
                     case "ecdsa-sha2-nistp256-cert-v01@openssh.com":
                     case "ecdsa-sha2-nistp384-cert-v01@openssh.com":
                     case "ecdsa-sha2-nistp521-cert-v01@openssh.com":

diff --git a/src/Renci.SshNet/Security/Cryptography/DsaDigitalSignature.cs b/src/Renci.SshNet/Security/Cryptography/DsaDigitalSignature.cs