RubyGems - hrr_rb_ssh - Versions diffs - 0.1.1 → 0.1.2 - Mend

hrr_rb_ssh 0.1.1 → 0.1.2

Files changed (86) hide show

data/lib/hrr_rb_ssh/transport/kex_algorithm.rb CHANGED Viewed

@@ -1,22 +1,23 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group1_sha1'
-require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha1'
 module HrrRbSsh
   class Transport
     class KexAlgorithm
-      @@list ||= Hash.new
-      def self.[] key
-        @@list[key]
+      def self.list
+        KexAlgorithm.list
       end
       def self.name_list
-        @@list.keys
+        KexAlgorithm.name_list
+      end
+      def self.[] key
+        KexAlgorithm[key]
       end
     end
   end
 end
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group1_sha1'
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha1'

data/lib/hrr_rb_ssh/transport/mac_algorithm/functionable.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      module Functionable
+        def initialize key
+          super
+          @key = key
+        end
+        def digest_length
+          self.class::DIGEST_LENGTH
+        end
+        def key_length
+          self.class::KEY_LENGTH
+        end
+        def compute sequence_number, unencrypted_packet
+          data = HrrRbSsh::Transport::DataType::Uint32.encode(sequence_number) + unencrypted_packet
+          digest = OpenSSL::HMAC.digest self.class::DIGEST, @key, data
+          digest[0, digest_length]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_md5.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      class HmacMd5 < MacAlgorithm
+        NAME   = 'hmac-md5'
+        DIGEST = 'md5'
+        DIGEST_LENGTH = 16
+        KEY_LENGTH    = 16
+        include Functionable
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_md5_96.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      class HmacMd5_96 < MacAlgorithm
+        NAME   = 'hmac-md5-96'
+        DIGEST = 'md5'
+        DIGEST_LENGTH = 12
+        KEY_LENGTH    = 16
+        include Functionable
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_sha1.rb CHANGED Viewed

@@ -1,44 +1,20 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
 module HrrRbSsh
   class Transport
     class MacAlgorithm
-      name_list = [
-        'hmac-sha1'
-      ]
-      class HmacSha1
+      class HmacSha1 < MacAlgorithm
+        NAME   = 'hmac-sha1'
         DIGEST = 'sha1'
         DIGEST_LENGTH = 20
         KEY_LENGTH    = 20
-        def initialize key
-          @logger = HrrRbSsh::Logger.new self.class.name
-          @key = key
-        end
-        def compute sequence_number, unencrypted_packet
-          data = HrrRbSsh::Transport::DataType::Uint32.encode(sequence_number) + unencrypted_packet
-          OpenSSL::HMAC.digest DIGEST, @key, data
-        end
-        def digest_length
-          DIGEST_LENGTH
-        end
-        def key_length
-          KEY_LENGTH
-        end
-      end
-      @@list ||= Hash.new
-      name_list.each do |name|
-        @@list[name] = HmacSha1
+        include Functionable
       end
     end
   end

data/lib/hrr_rb_ssh/transport/mac_algorithm/hmac_sha1_96.rb ADDED Viewed

@@ -0,0 +1,21 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/functionable'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      class HmacSha1_96 < MacAlgorithm
+        NAME   = 'hmac-sha1-96'
+        DIGEST = 'sha1'
+        DIGEST_LENGTH = 12
+        KEY_LENGTH    = 20
+        include Functionable
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm/mac_algorithm.rb ADDED Viewed

@@ -0,0 +1,34 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      class MacAlgorithm
+        @@list = Array.new
+        def self.inherited klass
+          @@list.push klass
+        end
+        def self.list
+          @@list
+        end
+        def self.name_list
+          @@list.map{ |klass| klass::NAME }
+        end
+        def self.[] key
+          @@list.find{ |klass| key == klass::NAME }
+        end
+        def initialize key
+          @logger = HrrRbSsh::Logger.new self.class.name
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm/none.rb CHANGED Viewed

@@ -1,39 +1,23 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/unfunctionable'
 module HrrRbSsh
   class Transport
     class MacAlgorithm
-      name_list = [
-        'none'
-      ]
+      class None < MacAlgorithm
+        NAME   = 'none'
-      class None
         DIGEST_LENGTH = 0
         KEY_LENGTH    = 0
         def initialize key=nil
-          @logger = HrrRbSsh::Logger.new self.class.name
+          super
         end
-        def compute sequence_number, unencrypted_packet
-          String.new
-        end
-        def digest_length
-          DIGEST_LENGTH
-        end
-        def key_length
-          KEY_LENGTH
-        end
-      end
-      @@list ||= Hash.new
-      name_list.each do |name|
-        @@list[name] = None
+        include Unfunctionable
       end
     end
   end

data/lib/hrr_rb_ssh/transport/mac_algorithm/unfunctionable.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+module HrrRbSsh
+  class Transport
+    class MacAlgorithm
+      module Unfunctionable
+        def digest_length
+          self.class::DIGEST_LENGTH
+        end
+        def key_length
+          self.class::KEY_LENGTH
+        end
+        def compute sequence_number, unencrypted_packet
+          String.new
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm.rb CHANGED Viewed

@@ -1,22 +1,27 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/transport/mac_algorithm/none'
-require 'hrr_rb_ssh/transport/mac_algorithm/hmac_sha1'
 module HrrRbSsh
   class Transport
     class MacAlgorithm
-      @@list ||= Hash.new
-      def self.[] key
-        @@list[key]
+      def self.list
+        MacAlgorithm.list
       end
       def self.name_list
-        @@list.keys
+        MacAlgorithm.name_list
+      end
+      def self.[] key
+        MacAlgorithm[key]
       end
     end
   end
 end
+require 'hrr_rb_ssh/transport/mac_algorithm/mac_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm/none'
+require 'hrr_rb_ssh/transport/mac_algorithm/hmac_sha1'
+require 'hrr_rb_ssh/transport/mac_algorithm/hmac_sha1_96'
+require 'hrr_rb_ssh/transport/mac_algorithm/hmac_md5'
+require 'hrr_rb_ssh/transport/mac_algorithm/hmac_md5_96'

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/server_host_key_algorithm.rb ADDED Viewed

@@ -0,0 +1,34 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class ServerHostKeyAlgorithm
+        @@list = Array.new
+        def self.inherited klass
+          @@list.push klass
+        end
+        def self.list
+          @@list
+        end
+        def self.name_list
+          @@list.map{ |klass| klass::NAME }
+        end
+        def self.[] key
+          @@list.find{ |klass| key == klass::NAME }
+        end
+        def initialize
+          @logger = HrrRbSsh::Logger.new self.class.name
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb ADDED Viewed

@@ -0,0 +1,106 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/transport/data_type'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/server_host_key_algorithm'
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class SshDss < ServerHostKeyAlgorithm
+        NAME = 'ssh-dss'
+        SECRET_KEY = <<-EOB
+-----BEGIN DSA PRIVATE KEY-----
+MIIBuwIBAAKBgQD3fQ6cwTtOJpVI0iASOQZxkhwPRNy7UwovQkEK6bXW33HaCebO
+PnNiY/rR4uFhjvHRzF8KnC8xk3fNo4ZJQJlaEHv6qySiXHeX1fw/eo/uzM5WafLd
+oaRtE2muky1i3FBCiboXDlNcwuA/efsOE5qsGBbk6svw+8pGolHmOZFSvQIVAN2G
+ZxtE9Kqqh6z48/VulQZsrh5hAoGAH3191okH8kUwP3dinp5j5YtNzrJ20sBXNNZG
+0aWjtS2xjSjIXjnlkiwhhvcUcCEkUQ507exvSLgf4dyV/V4+nf5Q5zjLztiSMe9D
+qhTRIR23lsDu0OdITQihTu+Y4GEvNLUL9r2P1aoF/sde97xzzqmXPKx0UL1nNzcL
+dnAdjjMCgYAa1dRvXe65jufPk0kRwhewRSScfg+YK4DOLUYGalsjHZbXtXqHKNpB
+YkTlWKMg6QVREN0+5aNY1z1aJAbNboLz55YBnS9tOBYzvsXQF7ZP1ECMO6m4I8DI
+wxt35i8hEVOJc+8x/xtmogzbjepar+1UycJQTMjhvqCW7RF4LuepvwIVANELTvnl
+MRl/p42OrQzL/chRPvRf
+-----END DSA PRIVATE KEY-----
+        EOB
+        KEY_FORMAT_DEFINITION = [
+          ['string', 'ssh-dss'],
+          ['mpint',  'p'],
+          ['mpint',  'q'],
+          ['mpint',  'g'],
+          ['mpint',  'y'],
+        ]
+        SIGN_DEFINITION = [
+          ['string', 'ssh-dss'],
+          ['string', 'dss_signature_blob'],
+        ]
+        def initialize
+          super
+          @dss = OpenSSL::PKey::DSA.new SECRET_KEY
+        end
+        def encode definition, payload
+          definition.map{ |data_type, field_name|
+            field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
+            HrrRbSsh::Transport::DataType[data_type].encode( field_value )
+          }.join
+        end
+        def decode definition, payload
+          payload_io = StringIO.new payload, 'r'
+          definition.map{ |data_type, field_name|
+            [
+              field_name,
+              HrrRbSsh::Transport::DataType[data_type].decode( payload_io )
+            ]
+          }.to_h
+        end
+        def server_public_host_key
+          payload = {
+            'ssh-dss' => 'ssh-dss',
+            'p'       => @dss.p.to_i,
+            'q'       => @dss.q.to_i,
+            'g'       => @dss.g.to_i,
+            'y'       => @dss.pub_key.to_i,
+          }
+          encode KEY_FORMAT_DEFINITION, payload
+        end
+        def sign digest, data
+          hash = OpenSSL::Digest.digest(digest, data)
+          sign_der = @dss.syssign(hash)
+          sign_asn1 = OpenSSL::ASN1.decode(sign_der)
+          sign_r = sign_asn1.value[0].value.to_s(2).rjust(20, ["00"].pack("H"))
+          sign_s = sign_asn1.value[1].value.to_s(2).rjust(20, ["00"].pack("H"))
+          payload = {
+            'ssh-dss'            => 'ssh-dss',
+            'dss_signature_blob' => (sign_r + sign_s),
+          }
+          encode SIGN_DEFINITION, payload
+        end
+        def verify digest, sign, data
+          payload = decode SIGN_DEFINITION, sign
+          dss_signature_blob = payload['dss_signature_blob']
+          sign_r = dss_signature_blob[ 0, 20]
+          sign_s = dss_signature_blob[20, 20]
+          sign_asn1 = OpenSSL::ASN1::Sequence.new(
+            [
+              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_r, 2)),
+              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_s, 2)),
+            ]
+          )
+          sign_der = sign_asn1.to_der
+          hash = OpenSSL::Digest.digest(digest, data)
+          payload['ssh-dss'] == 'ssh-dss' && @dss.sysverify(hash, sign_der)
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb CHANGED Viewed

@@ -1,17 +1,15 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
 require 'hrr_rb_ssh/transport/data_type'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/server_host_key_algorithm'
 module HrrRbSsh
   class Transport
     class ServerHostKeyAlgorithm
-      name_list = [
-        'ssh-rsa'
-      ]
+      class SshRsa < ServerHostKeyAlgorithm
+        NAME = 'ssh-rsa'
-      class SshRsa
         SECRET_KEY = <<-EOB
 -----BEGIN RSA PRIVATE KEY-----
 MIIEpAIBAAKCAQEA71zHt9RvbXmxuOCWPKR65iBHO+a8M7Mfo4vRCs/dorZN7XL1
@@ -54,7 +52,7 @@ vzTNM3SFzgt3bHkdEtDLc64aoBX+dHOot6u71XLZrshnHPtiZ0C/ZA==
         ]
         def initialize
-          @logger = HrrRbSsh::Logger.new self.class.name
+          super
           @rsa = OpenSSL::PKey::RSA.new SECRET_KEY
         end
@@ -98,11 +96,6 @@ vzTNM3SFzgt3bHkdEtDLc64aoBX+dHOot6u71XLZrshnHPtiZ0C/ZA==
           payload['ssh-rsa'] == 'ssh-rsa' && @rsa.verify(digest, payload['rsa_signature_blob'], data)
         end
       end
-      @@list ||= Hash.new
-      name_list.each do |name|
-        @@list[name] = SshRsa
-      end
     end
   end
 end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm.rb CHANGED Viewed

@@ -1,21 +1,23 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa'
 module HrrRbSsh
   class Transport
     class ServerHostKeyAlgorithm
-      @@list ||= Hash.new
-      def self.[] key
-        @@list[key]
+      def self.list
+        ServerHostKeyAlgorithm.list
       end
       def self.name_list
-        @@list.keys
+        ServerHostKeyAlgorithm.name_list
+      end
+      def self.[] key
+        ServerHostKeyAlgorithm[key]
       end
     end
   end
 end
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa'

data/lib/hrr_rb_ssh/transport.rb CHANGED Viewed

@@ -7,6 +7,7 @@ require 'hrr_rb_ssh/message'
 require 'hrr_rb_ssh/closed_transport_error'
 require 'hrr_rb_ssh/transport/constant'
 require 'hrr_rb_ssh/transport/mode'
+require 'hrr_rb_ssh/transport/direction'
 require 'hrr_rb_ssh/transport/data_type'
 require 'hrr_rb_ssh/transport/sequence_number'
 require 'hrr_rb_ssh/transport/sender'
@@ -91,20 +92,27 @@ module HrrRbSsh
     def start
       @logger.info("start transport")
-      exchange_version
-      exchange_key
-      case @mode
-      when HrrRbSsh::Transport::Mode::SERVER
-        verify_service_request
-      end
+      begin
+        exchange_version
+        exchange_key
-      @closed = false
+        case @mode
+        when HrrRbSsh::Transport::Mode::SERVER
+          verify_service_request
+        end
-      @sender_thread   = sender_thread
-      @receiver_thread = receiver_thread
+        @closed = false
+      rescue EOFError => e
+        close
+      rescue => e
+        @logger.error([e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join)
+        close
+      else
+        @sender_thread   = sender_thread
+        @receiver_thread = receiver_thread
-      @logger.info("transport started")
+        @logger.info("transport started")
+      end
     end
     def close
@@ -426,8 +434,8 @@ module HrrRbSsh
         incoming_crpt_key = @kex_algorithm.key_c_to_s self, incoming_encryption_algorithm_name
         outgoing_crpt_key = @kex_algorithm.key_s_to_c self, outgoing_encryption_algorithm_name
       end
-      @incoming_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[incoming_encryption_algorithm_name].new incoming_crpt_iv, incoming_crpt_key
-      @outgoing_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[outgoing_encryption_algorithm_name].new outgoing_crpt_iv, outgoing_crpt_key
+      @incoming_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[incoming_encryption_algorithm_name].new Direction::INCOMING, incoming_crpt_iv, incoming_crpt_key
+      @outgoing_encryption_algorithm = HrrRbSsh::Transport::EncryptionAlgorithm[outgoing_encryption_algorithm_name].new Direction::OUTGOING, outgoing_crpt_iv, outgoing_crpt_key
     end
     def update_mac_algorithm
@@ -452,8 +460,8 @@ module HrrRbSsh
         incoming_compression_algorithm_name = compression_algorithm_c_to_s_name
         outgoing_compression_algorithm_name = compression_algorithm_s_to_c_name
       end
-      @incoming_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[incoming_compression_algorithm_name].new
-      @outgoing_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[outgoing_compression_algorithm_name].new
+      @incoming_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[incoming_compression_algorithm_name].new Direction::INCOMING
+      @outgoing_compression_algorithm = HrrRbSsh::Transport::CompressionAlgorithm[outgoing_compression_algorithm_name].new Direction::OUTGOING
     end
   end
 end

data/lib/hrr_rb_ssh/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # vim: et ts=2 sw=2
 module HrrRbSsh
-  VERSION = "0.1.1"
+  VERSION = "0.1.2"
 end