hrr_rb_ssh 0.1.1 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/demo/server.rb +23 -3
- data/hrr_rb_ssh.gemspec +2 -2
- data/lib/hrr_rb_ssh/authentication/method/method.rb +34 -0
- data/lib/hrr_rb_ssh/authentication/method/none.rb +5 -14
- data/lib/hrr_rb_ssh/authentication/method/password.rb +6 -12
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/algorithm.rb +41 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/codable.rb +33 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss.rb +105 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa.rb +85 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm.rb +28 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey.rb +9 -25
- data/lib/hrr_rb_ssh/authentication/method.rb +12 -9
- data/lib/hrr_rb_ssh/connection/channel/channel_type/channel_type.rb +30 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/env/context.rb +46 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/env.rb +34 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/exec/context.rb +44 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/exec.rb +34 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/pty_req/context.rb +54 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/pty_req.rb +34 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/request_type.rb +34 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/shell/context.rb +41 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/shell.rb +34 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/subsystem/context.rb +44 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/subsystem.rb +34 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type.rb +33 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session.rb +30 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type.rb +25 -0
- data/lib/hrr_rb_ssh/connection/channel.rb +2 -12
- data/lib/hrr_rb_ssh/transport/compression_algorithm/compression_algorithm.rb +34 -0
- data/lib/hrr_rb_ssh/transport/compression_algorithm/functionable.rb +31 -0
- data/lib/hrr_rb_ssh/transport/compression_algorithm/none.rb +7 -19
- data/lib/hrr_rb_ssh/transport/compression_algorithm/unfunctionable.rb +20 -0
- data/lib/hrr_rb_ssh/transport/compression_algorithm/zlib.rb +7 -24
- data/lib/hrr_rb_ssh/transport/compression_algorithm.rb +11 -9
- data/lib/hrr_rb_ssh/transport/direction.rb +11 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/aes128_cbc.rb +19 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/aes128_ctr.rb +19 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/aes192_cbc.rb +19 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/aes192_ctr.rb +19 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/aes256_cbc.rb +19 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/aes256_ctr.rb +19 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/arcfour.rb +19 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/blowfish_cbc.rb +19 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/cast128_cbc.rb +19 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/encryption_algorithm.rb +34 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/functionable.rb +61 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/none.rb +6 -33
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/three_des_cbc.rb +19 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/unfunctionable.rb +35 -0
- data/lib/hrr_rb_ssh/transport/encryption_algorithm.rb +20 -9
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman.rb +3 -4
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha1.rb +4 -8
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group1_sha1.rb +4 -8
- data/lib/hrr_rb_ssh/transport/kex_algorithm/kex_algorithm.rb +34 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm.rb +10 -9
- data/lib/hrr_rb_ssh/transport/mac_algorithm/functionable.rb +32 -0
- data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_md5.rb +21 -0
- data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_md5_96.rb +21 -0
- data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_sha1.rb +5 -29
- data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_sha1_96.rb +21 -0
- data/lib/hrr_rb_ssh/transport/mac_algorithm/mac_algorithm.rb +34 -0
- data/lib/hrr_rb_ssh/transport/mac_algorithm/none.rb +6 -22
- data/lib/hrr_rb_ssh/transport/mac_algorithm/unfunctionable.rb +24 -0
- data/lib/hrr_rb_ssh/transport/mac_algorithm.rb +14 -9
- data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/server_host_key_algorithm.rb +34 -0
- data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb +106 -0
- data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb +4 -11
- data/lib/hrr_rb_ssh/transport/server_host_key_algorithm.rb +10 -8
- data/lib/hrr_rb_ssh/transport.rb +23 -15
- data/lib/hrr_rb_ssh/version.rb +1 -1
- metadata +51 -17
- data/lib/hrr_rb_ssh/authentication/method/publickey/ssh_rsa.rb +0 -116
- data/lib/hrr_rb_ssh/connection/channel/session/env/context.rb +0 -43
- data/lib/hrr_rb_ssh/connection/channel/session/env.rb +0 -31
- data/lib/hrr_rb_ssh/connection/channel/session/exec/context.rb +0 -41
- data/lib/hrr_rb_ssh/connection/channel/session/exec.rb +0 -31
- data/lib/hrr_rb_ssh/connection/channel/session/pty_req/context.rb +0 -50
- data/lib/hrr_rb_ssh/connection/channel/session/pty_req.rb +0 -31
- data/lib/hrr_rb_ssh/connection/channel/session/shell/context.rb +0 -37
- data/lib/hrr_rb_ssh/connection/channel/session/shell.rb +0 -31
- data/lib/hrr_rb_ssh/connection/channel/session/subsystem/context.rb +0 -40
- data/lib/hrr_rb_ssh/connection/channel/session/subsystem.rb +0 -31
- data/lib/hrr_rb_ssh/connection/channel/session.rb +0 -31
- data/lib/hrr_rb_ssh/transport/encryption_algorithm/aes_128_cbc.rb +0 -73
@@ -1,22 +1,23 @@
|
|
1
1
|
# coding: utf-8
|
2
2
|
# vim: et ts=2 sw=2
|
3
3
|
|
4
|
-
require 'hrr_rb_ssh/logger'
|
5
|
-
require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group1_sha1'
|
6
|
-
require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha1'
|
7
|
-
|
8
4
|
module HrrRbSsh
|
9
5
|
class Transport
|
10
6
|
class KexAlgorithm
|
11
|
-
|
12
|
-
|
13
|
-
def self.[] key
|
14
|
-
@@list[key]
|
7
|
+
def self.list
|
8
|
+
KexAlgorithm.list
|
15
9
|
end
|
16
10
|
|
17
11
|
def self.name_list
|
18
|
-
|
12
|
+
KexAlgorithm.name_list
|
13
|
+
end
|
14
|
+
|
15
|
+
def self.[] key
|
16
|
+
KexAlgorithm[key]
|
19
17
|
end
|
20
18
|
end
|
21
19
|
end
|
22
20
|
end
|
21
|
+
|
22
|
+
require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group1_sha1'
|
23
|
+
require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha1'
|
@@ -0,0 +1,32 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/logger'
|
5
|
+
|
6
|
+
module HrrRbSsh
|
7
|
+
class Transport
|
8
|
+
class MacAlgorithm
|
9
|
+
module Functionable
|
10
|
+
def initialize key
|
11
|
+
super
|
12
|
+
|
13
|
+
@key = key
|
14
|
+
end
|
15
|
+
|
16
|
+
def digest_length
|
17
|
+
self.class::DIGEST_LENGTH
|
18
|
+
end
|
19
|
+
|
20
|
+
def key_length
|
21
|
+
self.class::KEY_LENGTH
|
22
|
+
end
|
23
|
+
|
24
|
+
def compute sequence_number, unencrypted_packet
|
25
|
+
data = HrrRbSsh::Transport::DataType::Uint32.encode(sequence_number) + unencrypted_packet
|
26
|
+
digest = OpenSSL::HMAC.digest self.class::DIGEST, @key, data
|
27
|
+
digest[0, digest_length]
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
|
5
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Transport
|
9
|
+
class MacAlgorithm
|
10
|
+
class HmacMd5 < MacAlgorithm
|
11
|
+
NAME = 'hmac-md5'
|
12
|
+
DIGEST = 'md5'
|
13
|
+
|
14
|
+
DIGEST_LENGTH = 16
|
15
|
+
KEY_LENGTH = 16
|
16
|
+
|
17
|
+
include Functionable
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
|
5
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Transport
|
9
|
+
class MacAlgorithm
|
10
|
+
class HmacMd5_96 < MacAlgorithm
|
11
|
+
NAME = 'hmac-md5-96'
|
12
|
+
DIGEST = 'md5'
|
13
|
+
|
14
|
+
DIGEST_LENGTH = 12
|
15
|
+
KEY_LENGTH = 16
|
16
|
+
|
17
|
+
include Functionable
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -1,44 +1,20 @@
|
|
1
1
|
# coding: utf-8
|
2
2
|
# vim: et ts=2 sw=2
|
3
3
|
|
4
|
-
require 'hrr_rb_ssh/
|
4
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
|
5
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
|
5
6
|
|
6
7
|
module HrrRbSsh
|
7
8
|
class Transport
|
8
9
|
class MacAlgorithm
|
9
|
-
|
10
|
-
'hmac-sha1'
|
11
|
-
]
|
12
|
-
|
13
|
-
class HmacSha1
|
10
|
+
class HmacSha1 < MacAlgorithm
|
11
|
+
NAME = 'hmac-sha1'
|
14
12
|
DIGEST = 'sha1'
|
15
13
|
|
16
14
|
DIGEST_LENGTH = 20
|
17
15
|
KEY_LENGTH = 20
|
18
16
|
|
19
|
-
|
20
|
-
@logger = HrrRbSsh::Logger.new self.class.name
|
21
|
-
|
22
|
-
@key = key
|
23
|
-
end
|
24
|
-
|
25
|
-
def compute sequence_number, unencrypted_packet
|
26
|
-
data = HrrRbSsh::Transport::DataType::Uint32.encode(sequence_number) + unencrypted_packet
|
27
|
-
OpenSSL::HMAC.digest DIGEST, @key, data
|
28
|
-
end
|
29
|
-
|
30
|
-
def digest_length
|
31
|
-
DIGEST_LENGTH
|
32
|
-
end
|
33
|
-
|
34
|
-
def key_length
|
35
|
-
KEY_LENGTH
|
36
|
-
end
|
37
|
-
end
|
38
|
-
|
39
|
-
@@list ||= Hash.new
|
40
|
-
name_list.each do |name|
|
41
|
-
@@list[name] = HmacSha1
|
17
|
+
include Functionable
|
42
18
|
end
|
43
19
|
end
|
44
20
|
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
|
5
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Transport
|
9
|
+
class MacAlgorithm
|
10
|
+
class HmacSha1_96 < MacAlgorithm
|
11
|
+
NAME = 'hmac-sha1-96'
|
12
|
+
DIGEST = 'sha1'
|
13
|
+
|
14
|
+
DIGEST_LENGTH = 12
|
15
|
+
KEY_LENGTH = 20
|
16
|
+
|
17
|
+
include Functionable
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/logger'
|
5
|
+
|
6
|
+
module HrrRbSsh
|
7
|
+
class Transport
|
8
|
+
class MacAlgorithm
|
9
|
+
class MacAlgorithm
|
10
|
+
@@list = Array.new
|
11
|
+
|
12
|
+
def self.inherited klass
|
13
|
+
@@list.push klass
|
14
|
+
end
|
15
|
+
|
16
|
+
def self.list
|
17
|
+
@@list
|
18
|
+
end
|
19
|
+
|
20
|
+
def self.name_list
|
21
|
+
@@list.map{ |klass| klass::NAME }
|
22
|
+
end
|
23
|
+
|
24
|
+
def self.[] key
|
25
|
+
@@list.find{ |klass| key == klass::NAME }
|
26
|
+
end
|
27
|
+
|
28
|
+
def initialize key
|
29
|
+
@logger = HrrRbSsh::Logger.new self.class.name
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -1,39 +1,23 @@
|
|
1
1
|
# coding: utf-8
|
2
2
|
# vim: et ts=2 sw=2
|
3
3
|
|
4
|
-
require 'hrr_rb_ssh/
|
4
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
|
5
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/unfunctionable'
|
5
6
|
|
6
7
|
module HrrRbSsh
|
7
8
|
class Transport
|
8
9
|
class MacAlgorithm
|
9
|
-
|
10
|
-
'none'
|
11
|
-
]
|
10
|
+
class None < MacAlgorithm
|
11
|
+
NAME = 'none'
|
12
12
|
|
13
|
-
class None
|
14
13
|
DIGEST_LENGTH = 0
|
15
14
|
KEY_LENGTH = 0
|
16
15
|
|
17
16
|
def initialize key=nil
|
18
|
-
|
17
|
+
super
|
19
18
|
end
|
20
19
|
|
21
|
-
|
22
|
-
String.new
|
23
|
-
end
|
24
|
-
|
25
|
-
def digest_length
|
26
|
-
DIGEST_LENGTH
|
27
|
-
end
|
28
|
-
|
29
|
-
def key_length
|
30
|
-
KEY_LENGTH
|
31
|
-
end
|
32
|
-
end
|
33
|
-
|
34
|
-
@@list ||= Hash.new
|
35
|
-
name_list.each do |name|
|
36
|
-
@@list[name] = None
|
20
|
+
include Unfunctionable
|
37
21
|
end
|
38
22
|
end
|
39
23
|
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/logger'
|
5
|
+
|
6
|
+
module HrrRbSsh
|
7
|
+
class Transport
|
8
|
+
class MacAlgorithm
|
9
|
+
module Unfunctionable
|
10
|
+
def digest_length
|
11
|
+
self.class::DIGEST_LENGTH
|
12
|
+
end
|
13
|
+
|
14
|
+
def key_length
|
15
|
+
self.class::KEY_LENGTH
|
16
|
+
end
|
17
|
+
|
18
|
+
def compute sequence_number, unencrypted_packet
|
19
|
+
String.new
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -1,22 +1,27 @@
|
|
1
1
|
# coding: utf-8
|
2
2
|
# vim: et ts=2 sw=2
|
3
3
|
|
4
|
-
require 'hrr_rb_ssh/logger'
|
5
|
-
require 'hrr_rb_ssh/transport/mac_algorithm/none'
|
6
|
-
require 'hrr_rb_ssh/transport/mac_algorithm/hmac_sha1'
|
7
|
-
|
8
4
|
module HrrRbSsh
|
9
5
|
class Transport
|
10
6
|
class MacAlgorithm
|
11
|
-
|
12
|
-
|
13
|
-
def self.[] key
|
14
|
-
@@list[key]
|
7
|
+
def self.list
|
8
|
+
MacAlgorithm.list
|
15
9
|
end
|
16
10
|
|
17
11
|
def self.name_list
|
18
|
-
|
12
|
+
MacAlgorithm.name_list
|
13
|
+
end
|
14
|
+
|
15
|
+
def self.[] key
|
16
|
+
MacAlgorithm[key]
|
19
17
|
end
|
20
18
|
end
|
21
19
|
end
|
22
20
|
end
|
21
|
+
|
22
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
|
23
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/none'
|
24
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/hmac_sha1'
|
25
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/hmac_sha1_96'
|
26
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/hmac_md5'
|
27
|
+
require 'hrr_rb_ssh/transport/mac_algorithm/hmac_md5_96'
|
@@ -0,0 +1,34 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/logger'
|
5
|
+
|
6
|
+
module HrrRbSsh
|
7
|
+
class Transport
|
8
|
+
class ServerHostKeyAlgorithm
|
9
|
+
class ServerHostKeyAlgorithm
|
10
|
+
@@list = Array.new
|
11
|
+
|
12
|
+
def self.inherited klass
|
13
|
+
@@list.push klass
|
14
|
+
end
|
15
|
+
|
16
|
+
def self.list
|
17
|
+
@@list
|
18
|
+
end
|
19
|
+
|
20
|
+
def self.name_list
|
21
|
+
@@list.map{ |klass| klass::NAME }
|
22
|
+
end
|
23
|
+
|
24
|
+
def self.[] key
|
25
|
+
@@list.find{ |klass| key == klass::NAME }
|
26
|
+
end
|
27
|
+
|
28
|
+
def initialize
|
29
|
+
@logger = HrrRbSsh::Logger.new self.class.name
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,106 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/transport/data_type'
|
5
|
+
require 'hrr_rb_ssh/transport/server_host_key_algorithm/server_host_key_algorithm'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Transport
|
9
|
+
class ServerHostKeyAlgorithm
|
10
|
+
class SshDss < ServerHostKeyAlgorithm
|
11
|
+
NAME = 'ssh-dss'
|
12
|
+
|
13
|
+
SECRET_KEY = <<-EOB
|
14
|
+
-----BEGIN DSA PRIVATE KEY-----
|
15
|
+
MIIBuwIBAAKBgQD3fQ6cwTtOJpVI0iASOQZxkhwPRNy7UwovQkEK6bXW33HaCebO
|
16
|
+
PnNiY/rR4uFhjvHRzF8KnC8xk3fNo4ZJQJlaEHv6qySiXHeX1fw/eo/uzM5WafLd
|
17
|
+
oaRtE2muky1i3FBCiboXDlNcwuA/efsOE5qsGBbk6svw+8pGolHmOZFSvQIVAN2G
|
18
|
+
ZxtE9Kqqh6z48/VulQZsrh5hAoGAH3191okH8kUwP3dinp5j5YtNzrJ20sBXNNZG
|
19
|
+
0aWjtS2xjSjIXjnlkiwhhvcUcCEkUQ507exvSLgf4dyV/V4+nf5Q5zjLztiSMe9D
|
20
|
+
qhTRIR23lsDu0OdITQihTu+Y4GEvNLUL9r2P1aoF/sde97xzzqmXPKx0UL1nNzcL
|
21
|
+
dnAdjjMCgYAa1dRvXe65jufPk0kRwhewRSScfg+YK4DOLUYGalsjHZbXtXqHKNpB
|
22
|
+
YkTlWKMg6QVREN0+5aNY1z1aJAbNboLz55YBnS9tOBYzvsXQF7ZP1ECMO6m4I8DI
|
23
|
+
wxt35i8hEVOJc+8x/xtmogzbjepar+1UycJQTMjhvqCW7RF4LuepvwIVANELTvnl
|
24
|
+
MRl/p42OrQzL/chRPvRf
|
25
|
+
-----END DSA PRIVATE KEY-----
|
26
|
+
EOB
|
27
|
+
|
28
|
+
KEY_FORMAT_DEFINITION = [
|
29
|
+
['string', 'ssh-dss'],
|
30
|
+
['mpint', 'p'],
|
31
|
+
['mpint', 'q'],
|
32
|
+
['mpint', 'g'],
|
33
|
+
['mpint', 'y'],
|
34
|
+
]
|
35
|
+
|
36
|
+
SIGN_DEFINITION = [
|
37
|
+
['string', 'ssh-dss'],
|
38
|
+
['string', 'dss_signature_blob'],
|
39
|
+
]
|
40
|
+
|
41
|
+
def initialize
|
42
|
+
super
|
43
|
+
|
44
|
+
@dss = OpenSSL::PKey::DSA.new SECRET_KEY
|
45
|
+
end
|
46
|
+
|
47
|
+
def encode definition, payload
|
48
|
+
definition.map{ |data_type, field_name|
|
49
|
+
field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
|
50
|
+
HrrRbSsh::Transport::DataType[data_type].encode( field_value )
|
51
|
+
}.join
|
52
|
+
end
|
53
|
+
|
54
|
+
def decode definition, payload
|
55
|
+
payload_io = StringIO.new payload, 'r'
|
56
|
+
definition.map{ |data_type, field_name|
|
57
|
+
[
|
58
|
+
field_name,
|
59
|
+
HrrRbSsh::Transport::DataType[data_type].decode( payload_io )
|
60
|
+
]
|
61
|
+
}.to_h
|
62
|
+
end
|
63
|
+
|
64
|
+
def server_public_host_key
|
65
|
+
payload = {
|
66
|
+
'ssh-dss' => 'ssh-dss',
|
67
|
+
'p' => @dss.p.to_i,
|
68
|
+
'q' => @dss.q.to_i,
|
69
|
+
'g' => @dss.g.to_i,
|
70
|
+
'y' => @dss.pub_key.to_i,
|
71
|
+
}
|
72
|
+
encode KEY_FORMAT_DEFINITION, payload
|
73
|
+
end
|
74
|
+
|
75
|
+
def sign digest, data
|
76
|
+
hash = OpenSSL::Digest.digest(digest, data)
|
77
|
+
sign_der = @dss.syssign(hash)
|
78
|
+
sign_asn1 = OpenSSL::ASN1.decode(sign_der)
|
79
|
+
sign_r = sign_asn1.value[0].value.to_s(2).rjust(20, ["00"].pack("H"))
|
80
|
+
sign_s = sign_asn1.value[1].value.to_s(2).rjust(20, ["00"].pack("H"))
|
81
|
+
payload = {
|
82
|
+
'ssh-dss' => 'ssh-dss',
|
83
|
+
'dss_signature_blob' => (sign_r + sign_s),
|
84
|
+
}
|
85
|
+
encode SIGN_DEFINITION, payload
|
86
|
+
end
|
87
|
+
|
88
|
+
def verify digest, sign, data
|
89
|
+
payload = decode SIGN_DEFINITION, sign
|
90
|
+
dss_signature_blob = payload['dss_signature_blob']
|
91
|
+
sign_r = dss_signature_blob[ 0, 20]
|
92
|
+
sign_s = dss_signature_blob[20, 20]
|
93
|
+
sign_asn1 = OpenSSL::ASN1::Sequence.new(
|
94
|
+
[
|
95
|
+
OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_r, 2)),
|
96
|
+
OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_s, 2)),
|
97
|
+
]
|
98
|
+
)
|
99
|
+
sign_der = sign_asn1.to_der
|
100
|
+
hash = OpenSSL::Digest.digest(digest, data)
|
101
|
+
payload['ssh-dss'] == 'ssh-dss' && @dss.sysverify(hash, sign_der)
|
102
|
+
end
|
103
|
+
end
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
@@ -1,17 +1,15 @@
|
|
1
1
|
# coding: utf-8
|
2
2
|
# vim: et ts=2 sw=2
|
3
3
|
|
4
|
-
require 'hrr_rb_ssh/logger'
|
5
4
|
require 'hrr_rb_ssh/transport/data_type'
|
5
|
+
require 'hrr_rb_ssh/transport/server_host_key_algorithm/server_host_key_algorithm'
|
6
6
|
|
7
7
|
module HrrRbSsh
|
8
8
|
class Transport
|
9
9
|
class ServerHostKeyAlgorithm
|
10
|
-
|
11
|
-
'ssh-rsa'
|
12
|
-
]
|
10
|
+
class SshRsa < ServerHostKeyAlgorithm
|
11
|
+
NAME = 'ssh-rsa'
|
13
12
|
|
14
|
-
class SshRsa
|
15
13
|
SECRET_KEY = <<-EOB
|
16
14
|
-----BEGIN RSA PRIVATE KEY-----
|
17
15
|
MIIEpAIBAAKCAQEA71zHt9RvbXmxuOCWPKR65iBHO+a8M7Mfo4vRCs/dorZN7XL1
|
@@ -54,7 +52,7 @@ vzTNM3SFzgt3bHkdEtDLc64aoBX+dHOot6u71XLZrshnHPtiZ0C/ZA==
|
|
54
52
|
]
|
55
53
|
|
56
54
|
def initialize
|
57
|
-
|
55
|
+
super
|
58
56
|
|
59
57
|
@rsa = OpenSSL::PKey::RSA.new SECRET_KEY
|
60
58
|
end
|
@@ -98,11 +96,6 @@ vzTNM3SFzgt3bHkdEtDLc64aoBX+dHOot6u71XLZrshnHPtiZ0C/ZA==
|
|
98
96
|
payload['ssh-rsa'] == 'ssh-rsa' && @rsa.verify(digest, payload['rsa_signature_blob'], data)
|
99
97
|
end
|
100
98
|
end
|
101
|
-
|
102
|
-
@@list ||= Hash.new
|
103
|
-
name_list.each do |name|
|
104
|
-
@@list[name] = SshRsa
|
105
|
-
end
|
106
99
|
end
|
107
100
|
end
|
108
101
|
end
|
@@ -1,21 +1,23 @@
|
|
1
1
|
# coding: utf-8
|
2
2
|
# vim: et ts=2 sw=2
|
3
3
|
|
4
|
-
require 'hrr_rb_ssh/logger'
|
5
|
-
require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa'
|
6
|
-
|
7
4
|
module HrrRbSsh
|
8
5
|
class Transport
|
9
6
|
class ServerHostKeyAlgorithm
|
10
|
-
|
11
|
-
|
12
|
-
def self.[] key
|
13
|
-
@@list[key]
|
7
|
+
def self.list
|
8
|
+
ServerHostKeyAlgorithm.list
|
14
9
|
end
|
15
10
|
|
16
11
|
def self.name_list
|
17
|
-
|
12
|
+
ServerHostKeyAlgorithm.name_list
|
13
|
+
end
|
14
|
+
|
15
|
+
def self.[] key
|
16
|
+
ServerHostKeyAlgorithm[key]
|
18
17
|
end
|
19
18
|
end
|
20
19
|
end
|
21
20
|
end
|
21
|
+
|
22
|
+
require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss'
|
23
|
+
require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa'
|
data/lib/hrr_rb_ssh/transport.rb
CHANGED
@@ -7,6 +7,7 @@ require 'hrr_rb_ssh/message'
|
|
7
7
|
require 'hrr_rb_ssh/closed_transport_error'
|
8
8
|
require 'hrr_rb_ssh/transport/constant'
|
9
9
|
require 'hrr_rb_ssh/transport/mode'
|
10
|
+
require 'hrr_rb_ssh/transport/direction'
|
10
11
|
require 'hrr_rb_ssh/transport/data_type'
|
11
12
|
require 'hrr_rb_ssh/transport/sequence_number'
|
12
13
|
require 'hrr_rb_ssh/transport/sender'
|
@@ -91,20 +92,27 @@ module HrrRbSsh
|
|
91
92
|
def start
|
92
93
|
@logger.info("start transport")
|
93
94
|
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
case @mode
|
98
|
-
when HrrRbSsh::Transport::Mode::SERVER
|
99
|
-
verify_service_request
|
100
|
-
end
|
95
|
+
begin
|
96
|
+
exchange_version
|
97
|
+
exchange_key
|
101
98
|
|
102
|
-
|
99
|
+
case @mode
|
100
|
+
when HrrRbSsh::Transport::Mode::SERVER
|
101
|
+
verify_service_request
|
102
|
+
end
|
103
103
|
|
104
|
-
|
105
|
-
|
104
|
+
@closed = false
|
105
|
+
rescue EOFError => e
|
106
|
+
close
|
107
|
+
rescue => e
|
108
|
+
@logger.error([e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join)
|
109
|
+
close
|
110
|
+
else
|
111
|
+
@sender_thread = sender_thread
|
112
|
+
@receiver_thread = receiver_thread
|
106
113
|
|
107
|
-
|
114
|
+
@logger.info("transport started")
|
115
|
+
end
|
108
116
|
end
|
109
117
|
|
110
118
|
def close
|
@@ -426,8 +434,8 @@ module HrrRbSsh
|
|
426
434
|
incoming_crpt_key = @kex_algorithm.key_c_to_s self, incoming_encryption_algorithm_name
|
427
435
|
outgoing_crpt_key = @kex_algorithm.key_s_to_c self, outgoing_encryption_algorithm_name
|
428
436
|
end
|
429
|
-
@incoming_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[incoming_encryption_algorithm_name].new incoming_crpt_iv, incoming_crpt_key
|
430
|
-
@outgoing_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[outgoing_encryption_algorithm_name].new outgoing_crpt_iv, outgoing_crpt_key
|
437
|
+
@incoming_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[incoming_encryption_algorithm_name].new Direction::INCOMING, incoming_crpt_iv, incoming_crpt_key
|
438
|
+
@outgoing_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[outgoing_encryption_algorithm_name].new Direction::OUTGOING, outgoing_crpt_iv, outgoing_crpt_key
|
431
439
|
end
|
432
440
|
|
433
441
|
def update_mac_algorithm
|
@@ -452,8 +460,8 @@ module HrrRbSsh
|
|
452
460
|
incoming_compression_algorithm_name = compression_algorithm_c_to_s_name
|
453
461
|
outgoing_compression_algorithm_name = compression_algorithm_s_to_c_name
|
454
462
|
end
|
455
|
-
@incoming_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[incoming_compression_algorithm_name].new
|
456
|
-
@outgoing_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[outgoing_compression_algorithm_name].new
|
463
|
+
@incoming_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[incoming_compression_algorithm_name].new Direction::INCOMING
|
464
|
+
@outgoing_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[outgoing_compression_algorithm_name].new Direction::OUTGOING
|
457
465
|
end
|
458
466
|
end
|
459
467
|
end
|
data/lib/hrr_rb_ssh/version.rb
CHANGED