RubyGems - hrr_rb_ssh - Versions diffs - 0.1.1 → 0.1.2 - Mend

hrr_rb_ssh 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (86) hide show

data/lib/hrr_rb_ssh/transport/kex_algorithm.rb CHANGED Viewed

@@ -1,22 +1,23 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group1_sha1'
-require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha1'
 module HrrRbSsh
   class Transport
     class KexAlgorithm
-      @@list ||= Hash.new
-      def self.[] key
-        @@list[key]
+      def self.list
+        KexAlgorithm.list
       end
       def self.name_list
-        @@list.keys
+        KexAlgorithm.name_list
+      end
+      def self.[] key
+        KexAlgorithm[key]
       end
     end
   end
 end
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group1_sha1'
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha1'

data/lib/hrr_rb_ssh/transport/mac_algorithm/functionable.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      module Functionable
+        def initialize key
+          super
+          @key = key
+        end
+        def digest_length
+          self.class::DIGEST_LENGTH
+        end
+        def key_length
+          self.class::KEY_LENGTH
+        end
+        def compute sequence_number, unencrypted_packet
+          data = HrrRbSsh::Transport::DataType::Uint32.encode(sequence_number) + unencrypted_packet
+          digest = OpenSSL::HMAC.digest self.class::DIGEST, @key, data
+          digest[0, digest_length]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_md5.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      class HmacMd5 < MacAlgorithm
+        NAME   = 'hmac-md5'
+        DIGEST = 'md5'
+        DIGEST_LENGTH = 16
+        KEY_LENGTH    = 16
+        include Functionable
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_md5_96.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      class HmacMd5_96 < MacAlgorithm
+        NAME   = 'hmac-md5-96'
+        DIGEST = 'md5'
+        DIGEST_LENGTH = 12
+        KEY_LENGTH    = 16
+        include Functionable
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_sha1.rb CHANGED Viewed

@@ -1,44 +1,20 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
 module HrrRbSsh
   class Transport
     class MacAlgorithm
-      name_list = [
-        'hmac-sha1'
-      ]
-      class HmacSha1
+      class HmacSha1 < MacAlgorithm
+        NAME   = 'hmac-sha1'
         DIGEST = 'sha1'
         DIGEST_LENGTH = 20
         KEY_LENGTH    = 20
-        def initialize key
-          @logger = HrrRbSsh::Logger.new self.class.name
-          @key = key
-        end
-        def compute sequence_number, unencrypted_packet
-          data = HrrRbSsh::Transport::DataType::Uint32.encode(sequence_number) + unencrypted_packet
-          OpenSSL::HMAC.digest DIGEST, @key, data
-        end
-        def digest_length
-          DIGEST_LENGTH
-        end
-        def key_length
-          KEY_LENGTH
-        end
-      end
-      @@list ||= Hash.new
-      name_list.each do |name|
-        @@list[name] = HmacSha1
+        include Functionable
       end
     end
   end

data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_sha1_96.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      class HmacSha1_96 < MacAlgorithm
+        NAME   = 'hmac-sha1-96'
+        DIGEST = 'sha1'
+        DIGEST_LENGTH = 12
+        KEY_LENGTH    = 20
+        include Functionable
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm/mac_algorithm.rb ADDED Viewed

@@ -0,0 +1,34 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      class MacAlgorithm
+        @@list = Array.new
+        def self.inherited klass
+          @@list.push klass
+        end
+        def self.list
+          @@list
+        end
+        def self.name_list
+          @@list.map{ |klass| klass::NAME }
+        end
+        def self.[] key
+          @@list.find{ |klass| key == klass::NAME }
+        end
+        def initialize key
+          @logger = HrrRbSsh::Logger.new self.class.name
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm/none.rb CHANGED Viewed

@@ -1,39 +1,23 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/unfunctionable'
 module HrrRbSsh
   class Transport
     class MacAlgorithm
-      name_list = [
-        'none'
-      ]
+      class None < MacAlgorithm
+        NAME   = 'none'
-      class None
         DIGEST_LENGTH = 0
         KEY_LENGTH    = 0
         def initialize key=nil
-          @logger = HrrRbSsh::Logger.new self.class.name
+          super
         end
-        def compute sequence_number, unencrypted_packet
-          String.new
-        end
-        def digest_length
-          DIGEST_LENGTH
-        end
-        def key_length
-          KEY_LENGTH
-        end
-      end
-      @@list ||= Hash.new
-      name_list.each do |name|
-        @@list[name] = None
+        include Unfunctionable
       end
     end
   end

data/lib/hrr_rb_ssh/transport/mac_algorithm/unfunctionable.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      module Unfunctionable
+        def digest_length
+          self.class::DIGEST_LENGTH
+        end
+        def key_length
+          self.class::KEY_LENGTH
+        end
+        def compute sequence_number, unencrypted_packet
+          String.new
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm.rb CHANGED Viewed

@@ -1,22 +1,27 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/transport/mac_algorithm/none'
-require 'hrr_rb_ssh/transport/mac_algorithm/hmac_sha1'
 module HrrRbSsh
   class Transport
     class MacAlgorithm
-      @@list ||= Hash.new
-      def self.[] key
-        @@list[key]
+      def self.list
+        MacAlgorithm.list
       end
       def self.name_list
-        @@list.keys
+        MacAlgorithm.name_list
+      end
+      def self.[] key
+        MacAlgorithm[key]
       end
     end
   end
 end
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/none'
+require 'hrr_rb_ssh/transport/mac_algorithm/hmac_sha1'
+require 'hrr_rb_ssh/transport/mac_algorithm/hmac_sha1_96'
+require 'hrr_rb_ssh/transport/mac_algorithm/hmac_md5'
+require 'hrr_rb_ssh/transport/mac_algorithm/hmac_md5_96'

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/server_host_key_algorithm.rb ADDED Viewed

@@ -0,0 +1,34 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class ServerHostKeyAlgorithm
+        @@list = Array.new
+        def self.inherited klass
+          @@list.push klass
+        end
+        def self.list
+          @@list
+        end
+        def self.name_list
+          @@list.map{ |klass| klass::NAME }
+        end
+        def self.[] key
+          @@list.find{ |klass| key == klass::NAME }
+        end
+        def initialize
+          @logger = HrrRbSsh::Logger.new self.class.name
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb ADDED Viewed

@@ -0,0 +1,106 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/transport/data_type'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/server_host_key_algorithm'
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class SshDss < ServerHostKeyAlgorithm
+        NAME = 'ssh-dss'
+        SECRET_KEY = <<-EOB
+-----BEGIN DSA PRIVATE KEY-----
+MIIBuwIBAAKBgQD3fQ6cwTtOJpVI0iASOQZxkhwPRNy7UwovQkEK6bXW33HaCebO
+PnNiY/rR4uFhjvHRzF8KnC8xk3fNo4ZJQJlaEHv6qySiXHeX1fw/eo/uzM5WafLd
+oaRtE2muky1i3FBCiboXDlNcwuA/efsOE5qsGBbk6svw+8pGolHmOZFSvQIVAN2G
+ZxtE9Kqqh6z48/VulQZsrh5hAoGAH3191okH8kUwP3dinp5j5YtNzrJ20sBXNNZG
+0aWjtS2xjSjIXjnlkiwhhvcUcCEkUQ507exvSLgf4dyV/V4+nf5Q5zjLztiSMe9D
+qhTRIR23lsDu0OdITQihTu+Y4GEvNLUL9r2P1aoF/sde97xzzqmXPKx0UL1nNzcL
+dnAdjjMCgYAa1dRvXe65jufPk0kRwhewRSScfg+YK4DOLUYGalsjHZbXtXqHKNpB
+YkTlWKMg6QVREN0+5aNY1z1aJAbNboLz55YBnS9tOBYzvsXQF7ZP1ECMO6m4I8DI
+wxt35i8hEVOJc+8x/xtmogzbjepar+1UycJQTMjhvqCW7RF4LuepvwIVANELTvnl
+MRl/p42OrQzL/chRPvRf
+-----END DSA PRIVATE KEY-----
+        EOB
+        KEY_FORMAT_DEFINITION = [
+          ['string', 'ssh-dss'],
+          ['mpint',  'p'],
+          ['mpint',  'q'],
+          ['mpint',  'g'],
+          ['mpint',  'y'],
+        ]
+        SIGN_DEFINITION = [
+          ['string', 'ssh-dss'],
+          ['string', 'dss_signature_blob'],
+        ]
+        def initialize
+          super
+          @dss = OpenSSL::PKey::DSA.new SECRET_KEY
+        end
+        def encode definition, payload
+          definition.map{ |data_type, field_name|
+            field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
+            HrrRbSsh::Transport::DataType[data_type].encode( field_value )
+          }.join
+        end
+        def decode definition, payload
+          payload_io = StringIO.new payload, 'r'
+          definition.map{ |data_type, field_name|
+            [
+              field_name,
+              HrrRbSsh::Transport::DataType[data_type].decode( payload_io )
+            ]
+          }.to_h
+        end
+        def server_public_host_key
+          payload = {
+            'ssh-dss' => 'ssh-dss',
+            'p'       => @dss.p.to_i,
+            'q'       => @dss.q.to_i,
+            'g'       => @dss.g.to_i,
+            'y'       => @dss.pub_key.to_i,
+          }
+          encode KEY_FORMAT_DEFINITION, payload
+        end
+        def sign digest, data
+          hash = OpenSSL::Digest.digest(digest, data)
+          sign_der = @dss.syssign(hash)
+          sign_asn1 = OpenSSL::ASN1.decode(sign_der)
+          sign_r = sign_asn1.value[0].value.to_s(2).rjust(20, ["00"].pack("H"))
+          sign_s = sign_asn1.value[1].value.to_s(2).rjust(20, ["00"].pack("H"))
+          payload = {
+            'ssh-dss'            => 'ssh-dss',
+            'dss_signature_blob' => (sign_r + sign_s),
+          }
+          encode SIGN_DEFINITION, payload
+        end
+        def verify digest, sign, data
+          payload = decode SIGN_DEFINITION, sign
+          dss_signature_blob = payload['dss_signature_blob']
+          sign_r = dss_signature_blob[ 0, 20]
+          sign_s = dss_signature_blob[20, 20]
+          sign_asn1 = OpenSSL::ASN1::Sequence.new(
+            [
+              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_r, 2)),
+              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_s, 2)),
+            ]
+          )
+          sign_der = sign_asn1.to_der
+          hash = OpenSSL::Digest.digest(digest, data)
+          payload['ssh-dss'] == 'ssh-dss' && @dss.sysverify(hash, sign_der)
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb CHANGED Viewed

@@ -1,17 +1,15 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
 require 'hrr_rb_ssh/transport/data_type'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/server_host_key_algorithm'
 module HrrRbSsh
   class Transport
     class ServerHostKeyAlgorithm
-      name_list = [
-        'ssh-rsa'
-      ]
+      class SshRsa < ServerHostKeyAlgorithm
+        NAME = 'ssh-rsa'
-      class SshRsa
         SECRET_KEY = <<-EOB
 -----BEGIN RSA PRIVATE KEY-----
 MIIEpAIBAAKCAQEA71zHt9RvbXmxuOCWPKR65iBHO+a8M7Mfo4vRCs/dorZN7XL1
@@ -54,7 +52,7 @@ vzTNM3SFzgt3bHkdEtDLc64aoBX+dHOot6u71XLZrshnHPtiZ0C/ZA==
         ]
         def initialize
-          @logger = HrrRbSsh::Logger.new self.class.name
+          super
           @rsa = OpenSSL::PKey::RSA.new SECRET_KEY
         end
@@ -98,11 +96,6 @@ vzTNM3SFzgt3bHkdEtDLc64aoBX+dHOot6u71XLZrshnHPtiZ0C/ZA==
           payload['ssh-rsa'] == 'ssh-rsa' && @rsa.verify(digest, payload['rsa_signature_blob'], data)
         end
       end
-      @@list ||= Hash.new
-      name_list.each do |name|
-        @@list[name] = SshRsa
-      end
     end
   end
 end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm.rb CHANGED Viewed

@@ -1,21 +1,23 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa'
 module HrrRbSsh
   class Transport
     class ServerHostKeyAlgorithm
-      @@list ||= Hash.new
-      def self.[] key
-        @@list[key]
+      def self.list
+        ServerHostKeyAlgorithm.list
       end
       def self.name_list
-        @@list.keys
+        ServerHostKeyAlgorithm.name_list
+      end
+      def self.[] key
+        ServerHostKeyAlgorithm[key]
       end
     end
   end
 end
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa'

data/lib/hrr_rb_ssh/transport.rb CHANGED Viewed

@@ -7,6 +7,7 @@ require 'hrr_rb_ssh/message'
 require 'hrr_rb_ssh/closed_transport_error'
 require 'hrr_rb_ssh/transport/constant'
 require 'hrr_rb_ssh/transport/mode'
+require 'hrr_rb_ssh/transport/direction'
 require 'hrr_rb_ssh/transport/data_type'
 require 'hrr_rb_ssh/transport/sequence_number'
 require 'hrr_rb_ssh/transport/sender'
@@ -91,20 +92,27 @@ module HrrRbSsh
     def start
       @logger.info("start transport")
-      exchange_version
-      exchange_key
-      case @mode
-      when HrrRbSsh::Transport::Mode::SERVER
-        verify_service_request
-      end
+      begin
+        exchange_version
+        exchange_key
-      @closed = false
+        case @mode
+        when HrrRbSsh::Transport::Mode::SERVER
+          verify_service_request
+        end
-      @sender_thread   = sender_thread
-      @receiver_thread = receiver_thread
+        @closed = false
+      rescue EOFError => e
+        close
+      rescue => e
+        @logger.error([e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join)
+        close
+      else
+        @sender_thread   = sender_thread
+        @receiver_thread = receiver_thread
-      @logger.info("transport started")
+        @logger.info("transport started")
+      end
     end
     def close
@@ -426,8 +434,8 @@ module HrrRbSsh
         incoming_crpt_key = @kex_algorithm.key_c_to_s self, incoming_encryption_algorithm_name
         outgoing_crpt_key = @kex_algorithm.key_s_to_c self, outgoing_encryption_algorithm_name
       end
-      @incoming_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[incoming_encryption_algorithm_name].new incoming_crpt_iv, incoming_crpt_key
-      @outgoing_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[outgoing_encryption_algorithm_name].new outgoing_crpt_iv, outgoing_crpt_key
+      @incoming_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[incoming_encryption_algorithm_name].new Direction::INCOMING, incoming_crpt_iv, incoming_crpt_key
+      @outgoing_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[outgoing_encryption_algorithm_name].new Direction::OUTGOING, outgoing_crpt_iv, outgoing_crpt_key
     end
     def update_mac_algorithm
@@ -452,8 +460,8 @@ module HrrRbSsh
         incoming_compression_algorithm_name = compression_algorithm_c_to_s_name
         outgoing_compression_algorithm_name = compression_algorithm_s_to_c_name
       end
-      @incoming_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[incoming_compression_algorithm_name].new
-      @outgoing_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[outgoing_compression_algorithm_name].new
+      @incoming_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[incoming_compression_algorithm_name].new Direction::INCOMING
+      @outgoing_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[outgoing_compression_algorithm_name].new Direction::OUTGOING
     end
   end
 end

data/lib/hrr_rb_ssh/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # vim: et ts=2 sw=2
 module HrrRbSsh
-  VERSION = "0.1.1"
+  VERSION = "0.1.2"
 end