hrr_rb_ssh 0.1.3 → 0.1.4

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman.rb

@@ -9,17 +9,6 @@ module HrrRbSsh
   class Transport
     class KexAlgorithm
       module DiffieHellman
-        H0_DEFINITION = [
-          [DataType::String, 'V_C'],
-          [DataType::String, 'V_S'],
-          [DataType::String, 'I_C'],
-          [DataType::String, 'I_S'],
-          [DataType::String, 'K_S'],
-          [DataType::Mpint,  'e'],
-          [DataType::Mpint,  'f'],
-          [DataType::Mpint,  'k'],
-        ]
-
         def initialize
           @logger = HrrRbSsh::Logger.new(self.class.name)
           @dh = OpenSSL::PKey::DH.new
@@ -32,11 +21,14 @@ module HrrRbSsh
           @dh.generate_key!
         end
 
-        def encode definition, payload
-          definition.map{ |data_type, field_name|
-            field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
-            data_type.encode(field_value)
-          }.join
+        def start transport, mode
+          case mode
+          when HrrRbSsh::Transport::Mode::SERVER
+            receive_kexdh_init transport.receive
+            send_kexdh_reply transport
+          else
+            raise "unsupported mode"
+          end
         end
 
         def set_e e
@@ -66,7 +58,7 @@ module HrrRbSsh
             'f'   => f,
             'k'   => k,
           }
-          h0 = encode H0_DEFINITION, h0_payload
+          h0 = H0.encode h0_payload
 
           h = OpenSSL::Digest.digest self.class::DIGEST, h0
 
@@ -75,7 +67,7 @@ module HrrRbSsh
 
         def sign transport
           h = hash transport
-          s = transport.server_host_key_algorithm.sign self.class::DIGEST, h
+          s = transport.server_host_key_algorithm.sign h
 
           s
         end
@@ -122,7 +114,25 @@ module HrrRbSsh
           key_length = HrrRbSsh::Transport::MacAlgorithm[mac_algorithm_s_to_c_name]::KEY_LENGTH
           build_key(shared_secret, hash(transport), 'F'.ord, transport.session_id, key_length)
         end
+
+        def receive_kexdh_init payload
+          message = HrrRbSsh::Message::SSH_MSG_KEXDH_INIT.decode payload
+          set_e message['e']
+        end
+
+        def send_kexdh_reply transport
+          message = {
+            'message number'                                => HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY::VALUE,
+            'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
+            'f'                                             => pub_key,
+            'signature of H'                                => sign(transport),
+          }
+          payload = HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY.encode message
+          transport.send payload
+        end
       end
     end
   end
 end
+
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman/h0'

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha256.rb

@@ -0,0 +1,35 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      class DiffieHellmanGroup14Sha256 < KexAlgorithm
+        NAME = 'diffie-hellman-group14-sha256'
+        PREFERENCE = 50
+        DIGEST = 'sha256'
+        P = \
+          "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" \
+          "C4C6628B" "80DC1CD1" "29024E08" "8A67CC74" \
+          "020BBEA6" "3B139B22" "514A0879" "8E3404DD" \
+          "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" \
+          "4FE1356D" "6D51C245" "E485B576" "625E7EC6" \
+          "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" \
+          "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" \
+          "49286651" "ECE45B3D" "C2007CB8" "A163BF05" \
+          "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F" \
+          "83655D23" "DCA3AD96" "1C62F356" "208552BB" \
+          "9ED52907" "7096966D" "670C354E" "4ABC9804" \
+          "F1746C08" "CA18217C" "32905E46" "2E36CE3B" \
+          "E39E772C" "180E8603" "9B2783A2" "EC07A28F" \
+          "B5C55DF0" "6F4C52C9" "DE2BCBF6" "95581718" \
+          "3995497C" "EA956AE5" "15D22618" "98FA0510" \
+          "15728E5A" "8AACAA68" "FFFFFFFF" "FFFFFFFF"
+        G = 2
+        include DiffieHellman
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group15_sha512.rb

@@ -0,0 +1,35 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      class DiffieHellmanGroup15Sha512 < KexAlgorithm
+        NAME = 'diffie-hellman-group15-sha512'
+        PREFERENCE = 60
+        DIGEST = 'sha512'
+        P = \
+          "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" \
+          "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" \
+          "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" \
+          "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" \
+          "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D" \
+          "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F" \
+          "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D" \
+          "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B" \
+          "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9" \
+          "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510" \
+          "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64" \
+          "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7" \
+          "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B" \
+          "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C" \
+          "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31" \
+          "43DB5BFC" "E0FD108E" "4B82D120" "A93AD2CA" "FFFFFFFF" "FFFFFFFF"
+        G = 2
+        include DiffieHellman
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group16_sha512.rb

@@ -0,0 +1,41 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      class DiffieHellmanGroup16Sha512 < KexAlgorithm
+        NAME = 'diffie-hellman-group16-sha512'
+        PREFERENCE = 70
+        DIGEST = 'sha512'
+        P = \
+          "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" \
+          "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" \
+          "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" \
+          "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" \
+          "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D" \
+          "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F" \
+          "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D" \
+          "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B" \
+          "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9" \
+          "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510" \
+          "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64" \
+          "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7" \
+          "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B" \
+          "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C" \
+          "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31" \
+          "43DB5BFC" "E0FD108E" "4B82D120" "A9210801" "1A723C12" "A787E6D7" \
+          "88719A10" "BDBA5B26" "99C32718" "6AF4E23C" "1A946834" "B6150BDA" \
+          "2583E9CA" "2AD44CE8" "DBBBC2DB" "04DE8EF9" "2E8EFC14" "1FBECAA6" \
+          "287C5947" "4E6BC05D" "99B2964F" "A090C3A2" "233BA186" "515BE7ED" \
+          "1F612970" "CEE2D7AF" "B81BDD76" "2170481C" "D0069127" "D5B05AA9" \
+          "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34063199" \
+          "FFFFFFFF" "FFFFFFFF"
+        G = 2
+        include DiffieHellman
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group17_sha512.rb

@@ -0,0 +1,47 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      class DiffieHellmanGroup17Sha512 < KexAlgorithm
+        NAME = 'diffie-hellman-group17-sha512'
+        PREFERENCE = 80
+        DIGEST = 'sha512'
+        P = \
+          "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1 29024E08" \
+          "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" "EF9519B3 CD3A431B" \
+          "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" "E485B576" "625E7EC6 F44C42E9" \
+          "A637ED6B" "0BFF5CB6" "F406B7ED" "EE386BFB" "5A899FA5" "AE9F2411 7C4B1FE6" \
+          "49286651" "ECE45B3D" "C2007CB8" "A163BF05" "98DA4836" "1C55D39A 69163FA8" \
+          "FD24CF5F" "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907 7096966D" \
+          "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B E39E772C" \
+          "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9" "DE2BCBF6 95581718" \
+          "3995497C" "EA956AE5" "15D22618" "98FA0510" "15728E5A" "8AAAC42D AD33170D" \
+          "04507A33" "A85521AB" "DF1CBA64" "ECFB8504" "58DBEF0A" "8AEA7157 5D060C7D" \
+          "B3970F85" "A6E1E4C7" "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D CEE3D226" \
+          "1AD2EE6B" "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18 177B200C" \
+          "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31 43DB5BFC" \
+          "E0FD108E" "4B82D120" "A9210801" "1A723C12" "A787E6D7" "88719A10 BDBA5B26" \
+          "99C32718" "6AF4E23C" "1A946834" "B6150BDA" "2583E9CA" "2AD44CE8 DBBBC2DB" \
+          "04DE8EF9" "2E8EFC14" "1FBECAA6" "287C5947" "4E6BC05D" "99B2964F A090C3A2" \
+          "233BA186" "515BE7ED" "1F612970" "CEE2D7AF" "B81BDD76" "2170481C D0069127" \
+          "D5B05AA9" "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9 34028492" \
+          "36C3FAB4" "D27C7026" "C1D4DCB2" "602646DE" "C9751E76" "3DBA37BD F8FF9406" \
+          "AD9E530E" "E5DB382F" "413001AE" "B06A53ED" "9027D831" "179727B0 865A8918" \
+          "DA3EDBEB" "CF9B14ED" "44CE6CBA" "CED4BB1B" "DB7F1447" "E6CC254B 33205151" \
+          "2BD7AF42" "6FB8F401" "378CD2BF" "5983CA01" "C64B92EC" "F032EA15 D1721D03" \
+          "F482D7CE" "6E74FEF6" "D55E702F" "46980C82" "B5A84031" "900B1C9E 59E7C97F" \
+          "BEC7E8F3" "23A97A7E" "36CC88BE" "0F1D45B7" "FF585AC5" "4BD407B2 2B4154AA" \
+          "CC8F6D7E" "BF48E1D8" "14CC5ED2" "0F8037E0" "A79715EE" "F29BE328 06A1D58B" \
+          "B7C5DA76" "F550AA3D" "8A1FBFF0" "EB19CCB1" "A313D55C" "DA56C9EC 2EF29632" \
+          "387FE8D7" "6E3C0468" "043E8F66" "3F4860EE" "12BF2D5B" "0B7474D6 E694F91E" \
+          "6DCC4024" "FFFFFFFF" "FFFFFFFF"
+        G = 2
+        include DiffieHellman
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group18_sha512.rb

@@ -0,0 +1,62 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      class DiffieHellmanGroup18Sha512 < KexAlgorithm
+        NAME = 'diffie-hellman-group18-sha512'
+        PREFERENCE = 90
+        DIGEST = 'sha512'
+        P = \
+          "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" \
+          "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" \
+          "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" \
+          "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" \
+          "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D" \
+          "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F" \
+          "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D" \
+          "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B" \
+          "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9" \
+          "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510" \
+          "15728E5A" "8AAAC42D" "AD33170D" "04507A33" "A85521AB" "DF1CBA64" \
+          "ECFB8504" "58DBEF0A" "8AEA7157" "5D060C7D" "B3970F85" "A6E1E4C7" \
+          "ABF5AE8C" "DB0933D7" "1E8C94E0" "4A25619D" "CEE3D226" "1AD2EE6B" \
+          "F12FFA06" "D98A0864" "D8760273" "3EC86A64" "521F2B18" "177B200C" \
+          "BBE11757" "7A615D6C" "770988C0" "BAD946E2" "08E24FA0" "74E5AB31" \
+          "43DB5BFC" "E0FD108E" "4B82D120" "A9210801" "1A723C12" "A787E6D7" \
+          "88719A10" "BDBA5B26" "99C32718" "6AF4E23C" "1A946834" "B6150BDA" \
+          "2583E9CA" "2AD44CE8" "DBBBC2DB" "04DE8EF9" "2E8EFC14" "1FBECAA6" \
+          "287C5947" "4E6BC05D" "99B2964F" "A090C3A2" "233BA186" "515BE7ED" \
+          "1F612970" "CEE2D7AF" "B81BDD76" "2170481C" "D0069127" "D5B05AA9" \
+          "93B4EA98" "8D8FDDC1" "86FFB7DC" "90A6C08F" "4DF435C9" "34028492" \
+          "36C3FAB4" "D27C7026" "C1D4DCB2" "602646DE" "C9751E76" "3DBA37BD" \
+          "F8FF9406" "AD9E530E" "E5DB382F" "413001AE" "B06A53ED" "9027D831" \
+          "179727B0" "865A8918" "DA3EDBEB" "CF9B14ED" "44CE6CBA" "CED4BB1B" \
+          "DB7F1447" "E6CC254B" "33205151" "2BD7AF42" "6FB8F401" "378CD2BF" \
+          "5983CA01" "C64B92EC" "F032EA15" "D1721D03" "F482D7CE" "6E74FEF6" \
+          "D55E702F" "46980C82" "B5A84031" "900B1C9E" "59E7C97F" "BEC7E8F3" \
+          "23A97A7E" "36CC88BE" "0F1D45B7" "FF585AC5" "4BD407B2" "2B4154AA" \
+          "CC8F6D7E" "BF48E1D8" "14CC5ED2" "0F8037E0" "A79715EE" "F29BE328" \
+          "06A1D58B" "B7C5DA76" "F550AA3D" "8A1FBFF0" "EB19CCB1" "A313D55C" \
+          "DA56C9EC" "2EF29632" "387FE8D7" "6E3C0468" "043E8F66" "3F4860EE" \
+          "12BF2D5B" "0B7474D6" "E694F91E" "6DBE1159" "74A3926F" "12FEE5E4" \
+          "38777CB6" "A932DF8C" "D8BEC4D0" "73B931BA" "3BC832B6" "8D9DD300" \
+          "741FA7BF" "8AFC47ED" "2576F693" "6BA42466" "3AAB639C" "5AE4F568" \
+          "3423B474" "2BF1C978" "238F16CB" "E39D652D" "E3FDB8BE" "FC848AD9" \
+          "22222E04" "A4037C07" "13EB57A8" "1A23F0C7" "3473FC64" "6CEA306B" \
+          "4BCBC886" "2F8385DD" "FA9D4B7F" "A2C087E8" "79683303" "ED5BDD3A" \
+          "062B3CF5" "B3A278A6" "6D2A13F8" "3F44F82D" "DF310EE0" "74AB6A36" \
+          "4597E899" "A0255DC1" "64F31CC5" "0846851D" "F9AB4819" "5DED7EA1" \
+          "B1D510BD" "7EE74D73" "FAF36BC3" "1ECFA268" "359046F4" "EB879F92" \
+          "4009438B" "481C6CD7" "889A002E" "D5EE382B" "C9190DA6" "FC026E47" \
+          "9558E447" "5677E9AA" "9E3050E2" "765694DF" "C81F56E8" "80B96E71" \
+          "60C980DD" "98EDD3DF" "FFFFFFFF" "FFFFFFFF"
+        G = 2
+        include DiffieHellman
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange/h0.rb

@@ -0,0 +1,34 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      module DiffieHellmanGroupExchange
+        module H0
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, 'V_C'],
+            [DataType::String, 'V_S'],
+            [DataType::String, 'I_C'],
+            [DataType::String, 'I_S'],
+            [DataType::String, 'K_S'],
+            [DataType::Uint32, 'min'],
+            [DataType::Uint32, 'n'],
+            [DataType::Uint32, 'max'],
+            [DataType::Mpint,  'p'],
+            [DataType::Mpint,  'g'],
+            [DataType::Mpint,  'e'],
+            [DataType::Mpint,  'f'],
+            [DataType::Mpint,  'k'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange.rb

@@ -0,0 +1,170 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'openssl'
+require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/data_type'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      module DiffieHellmanGroupExchange
+        def initialize
+          @logger = HrrRbSsh::Logger.new(self.class.name)
+        end
+
+        def start transport, mode
+          case mode
+          when HrrRbSsh::Transport::Mode::SERVER
+            receive_kex_dh_gex_request transport.receive
+            set_dh
+            send_kex_dh_gex_group transport
+            receive_kex_dh_gex_init transport.receive
+            send_kex_dh_gex_reply transport
+          else
+            raise "unsupported mode"
+          end
+        end
+
+        def set_dh
+          p_list = KexAlgorithm.list_supported.map{ |e| KexAlgorithm[e] }.select{ |e| e.const_defined?(:P) }.map{ |e| [OpenSSL::BN.new(e::P,16).num_bits, e::P] }.sort_by{ |e| e[0] }.reverse
+          candidate = p_list.find{ |e| e[0] <= @n }
+          raise unless (@min .. @max).include?(candidate[0])
+          p = candidate[1]
+          g = 2
+          @dh = OpenSSL::PKey::DH.new
+          if @dh.respond_to?(:set_pqg)
+            @dh.set_pqg OpenSSL::BN.new(p, 16), nil, OpenSSL::BN.new(g)
+          else
+            @dh.p = OpenSSL::BN.new(p, 16)
+            @dh.g = OpenSSL::BN.new(g)
+          end
+          @dh.generate_key!
+        end
+
+        def set_e e
+          @e = e
+        end
+
+        def shared_secret
+          k = OpenSSL::BN.new(@dh.compute_key(OpenSSL::BN.new(@e)), 2).to_i
+        end
+
+        def pub_key
+          f = @dh.pub_key.to_i
+        end
+
+        def hash transport
+          e = @e
+          k = shared_secret
+          f = pub_key
+
+          h0_payload = {
+            'V_C' => transport.v_c,
+            'V_S' => transport.v_s,
+            'I_C' => transport.i_c,
+            'I_S' => transport.i_s,
+            'K_S' => transport.server_host_key_algorithm.server_public_host_key,
+            'min' => @min,
+            'n'   => @n,
+            'max' => @max,
+            'p'   => @dh.p.to_i,
+            'g'   => @dh.g.to_i,
+            'e'   => e,
+            'f'   => f,
+            'k'   => k,
+          }
+          h0 = H0.encode h0_payload
+
+          h = OpenSSL::Digest.digest self.class::DIGEST, h0
+
+          h
+        end
+
+        def sign transport
+          h = hash transport
+          s = transport.server_host_key_algorithm.sign h
+          s
+        end
+
+        def build_key(_k, h, _x, session_id, key_length)
+          k = DataType::Mpint.encode _k
+          x = DataType::Byte.encode _x
+
+          key = OpenSSL::Digest.digest(self.class::DIGEST, k + h + x + session_id)
+
+          while key.length < key_length
+            key = key + OpenSSL::Digest.digest(self.class::DIGEST, k + h + key )
+          end
+
+          key[0, key_length]
+        end
+
+        def iv_c_to_s transport, encryption_algorithm_c_to_s_name
+          key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_c_to_s_name]::IV_LENGTH
+          build_key(shared_secret, hash(transport), 'A'.ord, transport.session_id, key_length)
+        end
+
+        def iv_s_to_c transport, encryption_algorithm_s_to_c_name
+          key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_s_to_c_name]::IV_LENGTH
+          build_key(shared_secret, hash(transport), 'B'.ord, transport.session_id, key_length)
+        end
+
+        def key_c_to_s transport, encryption_algorithm_c_to_s_name
+          key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_c_to_s_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'C'.ord, transport.session_id, key_length)
+        end
+
+        def key_s_to_c transport, encryption_algorithm_s_to_c_name
+          key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_s_to_c_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'D'.ord, transport.session_id, key_length)
+        end
+
+        def mac_c_to_s transport, mac_algorithm_c_to_s_name
+          key_length = HrrRbSsh::Transport::MacAlgorithm[mac_algorithm_c_to_s_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'E'.ord, transport.session_id, key_length)
+        end
+
+        def mac_s_to_c transport, mac_algorithm_s_to_c_name
+          key_length = HrrRbSsh::Transport::MacAlgorithm[mac_algorithm_s_to_c_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'F'.ord, transport.session_id, key_length)
+        end
+
+        def receive_kex_dh_gex_request payload
+          message = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_REQUEST.decode payload
+          @min = message['min']
+          @n   = message['n']
+          @max = message['max']
+        end
+
+        def send_kex_dh_gex_group transport
+          message = {
+            'message number' => HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_GROUP::VALUE,
+            'p'              => @dh.p.to_i,
+            'g'              => @dh.g.to_i,
+          }
+          payload = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_GROUP.encode message
+          transport.send payload
+        end
+
+        def receive_kex_dh_gex_init payload
+          message = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_INIT.decode payload
+          set_e message['e']
+        end
+
+        def send_kex_dh_gex_reply transport
+          message = {
+            'message number'                                => HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_REPLY::VALUE,
+            'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
+            'f'                                             => pub_key,
+            'signature of H'                                => sign(transport),
+          }
+          payload = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_REPLY.encode message
+          transport.send payload
+        end
+      end
+    end
+  end
+end
+
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange/h0'

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange_sha1.rb

@@ -0,0 +1,17 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      class DiffieHellmanGroupExchangeSha1 < KexAlgorithm
+        NAME = 'diffie-hellman-group-exchange-sha1'
+        PREFERENCE = 30
+        DIGEST = 'sha1'
+        include DiffieHellmanGroupExchange
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange_sha256.rb

@@ -0,0 +1,17 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      class DiffieHellmanGroupExchangeSha256 < KexAlgorithm
+        NAME = 'diffie-hellman-group-exchange-sha256'
+        PREFERENCE = 40
+        DIGEST = 'sha256'
+        include DiffieHellmanGroupExchange
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm.rb

@@ -16,3 +16,10 @@ end
 
 require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group1_sha1'
 require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha1'
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange_sha1'
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange_sha256'
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha256'
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group15_sha512'
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group16_sha512'
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group17_sha512'
+require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group18_sha512'

data/lib/hrr_rb_ssh/transport/receiver.rb

@@ -25,28 +25,30 @@ module HrrRbSsh
       end
 
       def receive_packet transport
-        packet_length_field_length  = 4
-        minimum_block_size          = 8
+        packet_length_field_length = 4
+        minimum_block_size         = 8
+
+        encrypted_packet   = Array.new
+        unencrypted_packet = Array.new
 
-        block_size                 = [transport.incoming_encryption_algorithm.block_size, minimum_block_size].max
-        initial_encrypted_packet   = transport.io.read block_size
-        if (initial_encrypted_packet == nil) || (initial_encrypted_packet.length != block_size)
+        block_size = [transport.incoming_encryption_algorithm.block_size, minimum_block_size].max
+        encrypted_packet.push transport.io.read(block_size)
+        if (encrypted_packet.last == nil) || (encrypted_packet.last.length != block_size)
           @logger.warn("IO is EOF")
           raise EOFError
         end
-        initial_unencrypted_packet = transport.incoming_encryption_algorithm.decrypt initial_encrypted_packet
-        packet_length              = initial_unencrypted_packet[0,4].unpack("N")[0]
-        last_packet_length         = packet_length_field_length + packet_length - block_size
-        last_encrypted_packet      = transport.io.read last_packet_length
-        if (last_encrypted_packet == nil) || (last_encrypted_packet.length != last_packet_length)
+        unencrypted_packet.push transport.incoming_encryption_algorithm.decrypt(encrypted_packet.last)
+
+        packet_length           = unencrypted_packet.last[0,4].unpack("N")[0]
+        following_packet_length = packet_length_field_length + packet_length - block_size
+        encrypted_packet.push transport.io.read(following_packet_length)
+        if (encrypted_packet.last == nil) || (encrypted_packet.last.length != following_packet_length)
           @logger.warn("IO is EOF")
           raise EOFError
         end
-        last_unencrypted_packet    = transport.incoming_encryption_algorithm.decrypt last_encrypted_packet
-        encrypted_packet           = initial_encrypted_packet + last_encrypted_packet
-        unencrypted_packet         = initial_unencrypted_packet + last_unencrypted_packet
+        unencrypted_packet.push transport.incoming_encryption_algorithm.decrypt(encrypted_packet.last)
 
-        unencrypted_packet
+        unencrypted_packet.join
       end
 
       def receive_mac transport

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/public_key_blob.rb

@@ -0,0 +1,26 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class SshDss
+        module PublicKeyBlob
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, 'ssh-dss'],
+            [DataType::Mpint,  'p'],
+            [DataType::Mpint,  'q'],
+            [DataType::Mpint,  'g'],
+            [DataType::Mpint,  'y'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/signature.rb

@@ -0,0 +1,23 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class SshDss
+        module Signature
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, 'ssh-dss'],
+            [DataType::String, 'dss_signature_blob'],
+          ]
+        end
+      end
+    end
+  end
+end