RubyGems - hrr_rb_ssh - Versions diffs - 0.1.3 → 0.1.4 - Mend

hrr_rb_ssh 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (78) hide show

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb CHANGED Viewed

@@ -9,9 +9,8 @@ module HrrRbSsh
     class ServerHostKeyAlgorithm
       class SshDss < ServerHostKeyAlgorithm
         NAME = 'ssh-dss'
         PREFERENCE = 10
+        DIGEST = 'sha1'
         SECRET_KEY = <<-EOB
 -----BEGIN DSA PRIVATE KEY-----
 MIIBuwIBAAKBgQD3fQ6cwTtOJpVI0iASOQZxkhwPRNy7UwovQkEK6bXW33HaCebO
@@ -27,41 +26,11 @@ MRl/p42OrQzL/chRPvRf
 -----END DSA PRIVATE KEY-----
         EOB
-        KEY_FORMAT_DEFINITION = [
-          [DataType::String, 'ssh-dss'],
-          [DataType::Mpint,  'p'],
-          [DataType::Mpint,  'q'],
-          [DataType::Mpint,  'g'],
-          [DataType::Mpint,  'y'],
-        ]
-        SIGN_DEFINITION = [
-          [DataType::String, 'ssh-dss'],
-          [DataType::String, 'dss_signature_blob'],
-        ]
         def initialize
           @logger = HrrRbSsh::Logger.new(self.class.name)
           @dss = OpenSSL::PKey::DSA.new SECRET_KEY
         end
-        def encode definition, payload
-          definition.map{ |data_type, field_name|
-            field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
-            data_type.encode( field_value )
-          }.join
-        end
-        def decode definition, payload
-          payload_io = StringIO.new payload, 'r'
-          definition.map{ |data_type, field_name|
-            [
-              field_name,
-              data_type.decode( payload_io )
-            ]
-          }.to_h
-        end
         def server_public_host_key
           payload = {
             'ssh-dss' => 'ssh-dss',
@@ -70,11 +39,11 @@ MRl/p42OrQzL/chRPvRf
             'g'       => @dss.g.to_i,
             'y'       => @dss.pub_key.to_i,
           }
-          encode KEY_FORMAT_DEFINITION, payload
+          PublicKeyBlob.encode payload
         end
-        def sign digest, data
-          hash = OpenSSL::Digest.digest(digest, data)
+        def sign data
+          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
           sign_der = @dss.syssign(hash)
           sign_asn1 = OpenSSL::ASN1.decode(sign_der)
           sign_r = sign_asn1.value[0].value.to_s(2).rjust(20, ["00"].pack("H"))
@@ -83,11 +52,11 @@ MRl/p42OrQzL/chRPvRf
             'ssh-dss'            => 'ssh-dss',
             'dss_signature_blob' => (sign_r + sign_s),
           }
-          encode SIGN_DEFINITION, payload
+          Signature.encode payload
         end
-        def verify digest, sign, data
-          payload = decode SIGN_DEFINITION, sign
+        def verify sign, data
+          payload = Signature.decode sign
           dss_signature_blob = payload['dss_signature_blob']
           sign_r = dss_signature_blob[ 0, 20]
           sign_s = dss_signature_blob[20, 20]
@@ -98,10 +67,13 @@ MRl/p42OrQzL/chRPvRf
             ]
           )
           sign_der = sign_asn1.to_der
-          hash = OpenSSL::Digest.digest(digest, data)
+          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
           payload['ssh-dss'] == 'ssh-dss' && @dss.sysverify(hash, sign_der)
         end
       end
     end
   end
 end
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/public_key_blob'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/signature'

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/public_key_blob.rb ADDED Viewed

@@ -0,0 +1,25 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class SshRsa
+        module PublicKeyBlob
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, 'ssh-rsa'],
+            [DataType::Mpint,  'e'],
+            [DataType::Mpint,  'n'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/signature.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class SshRsa
+        module Signature
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, 'ssh-rsa'],
+            [DataType::String, 'rsa_signature_blob'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb CHANGED Viewed

@@ -2,16 +2,14 @@
 # vim: et ts=2 sw=2
 require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/data_type'
 module HrrRbSsh
   class Transport
     class ServerHostKeyAlgorithm
       class SshRsa < ServerHostKeyAlgorithm
         NAME = 'ssh-rsa'
         PREFERENCE = 20
+        DIGEST = 'sha1'
         SECRET_KEY = <<-EOB
 -----BEGIN RSA PRIVATE KEY-----
 MIIEpAIBAAKCAQEA71zHt9RvbXmxuOCWPKR65iBHO+a8M7Mfo4vRCs/dorZN7XL1
@@ -42,61 +40,36 @@ vzTNM3SFzgt3bHkdEtDLc64aoBX+dHOot6u71XLZrshnHPtiZ0C/ZA==
 -----END RSA PRIVATE KEY-----
         EOB
-        KEY_FORMAT_DEFINITION = [
-          [DataType::String, 'ssh-rsa'],
-          [DataType::Mpint,  'e'],
-          [DataType::Mpint,  'n'],
-        ]
-        SIGN_DEFINITION = [
-          [DataType::String, 'ssh-rsa'],
-          [DataType::String, 'rsa_signature_blob'],
-        ]
         def initialize
           @logger = HrrRbSsh::Logger.new(self.class.name)
           @rsa = OpenSSL::PKey::RSA.new SECRET_KEY
         end
-        def encode definition, payload
-          definition.map{ |data_type, field_name|
-            field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
-            data_type.encode( field_value )
-          }.join
-        end
-        def decode definition, payload
-          payload_io = StringIO.new payload, 'r'
-          definition.map{ |data_type, field_name|
-            [
-              field_name,
-              data_type.decode( payload_io )
-            ]
-          }.to_h
-        end
         def server_public_host_key
           payload = {
             'ssh-rsa' => 'ssh-rsa',
             'e'       => @rsa.e.to_i,
             'n'       => @rsa.n.to_i,
           }
-          encode KEY_FORMAT_DEFINITION, payload
+          PublicKeyBlob.encode payload
         end
-        def sign digest, data
+        def sign data
           payload = {
             'ssh-rsa'            => 'ssh-rsa',
-            'rsa_signature_blob' => @rsa.sign(digest, data),
+            'rsa_signature_blob' => @rsa.sign(self.class::DIGEST, data),
           }
-          encode SIGN_DEFINITION, payload
+          Signature.encode payload
         end
-        def verify digest, sign, data
-          payload = decode SIGN_DEFINITION, sign
-          payload['ssh-rsa'] == 'ssh-rsa' && @rsa.verify(digest, payload['rsa_signature_blob'], data)
+        def verify sign, data
+          payload = Signature.decode sign
+          payload['ssh-rsa'] == 'ssh-rsa' && @rsa.verify(self.class::DIGEST, payload['rsa_signature_blob'], data)
         end
       end
     end
   end
 end
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/public_key_blob'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/signature'

data/lib/hrr_rb_ssh/transport.rb CHANGED Viewed

@@ -209,7 +209,6 @@ module HrrRbSsh
     def exchange_version
       send_version
       receive_version
       update_version_strings
     end
@@ -224,20 +223,19 @@ module HrrRbSsh
             receive_kexinit receive
           end
           update_kex_and_server_host_key_algorithms
-          case @mode
-          when HrrRbSsh::Transport::Mode::SERVER
-            receive_kexdh_init receive
-            send_kexdh_reply
-            send_newkeys
-            receive_newkeys receive
-          end
+          start_kex_algorithm
+          send_newkeys
+          receive_newkeys receive
+          update_encryption_mac_compression_algorithms
         end
       end
       @in_kex = false
     end
+    def start_kex_algorithm
+      @kex_algorithm.start self, @mode
+    end
     def verify_service_request
       service_request_message = receive_service_request
       service_name = service_request_message['service name']
@@ -383,23 +381,6 @@ module HrrRbSsh
       update_remote_algorithms message
     end
-    def receive_kexdh_init payload
-      message = HrrRbSsh::Message::SSH_MSG_KEXDH_INIT.decode payload
-      @kex_algorithm.set_e message['e']
-      @session_id ||= @kex_algorithm.hash self
-    end
-    def send_kexdh_reply
-        message = {
-          'message number'                                => HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY::VALUE,
-          'server public host key and certificates (K_S)' => @server_host_key_algorithm.server_public_host_key,
-          'f'                                             => @kex_algorithm.pub_key,
-          'signature of H'                                => @kex_algorithm.sign(self),
-        }
-        payload = HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY.encode message
-        send payload
-    end
     def send_newkeys
         message = {
           'message number' => HrrRbSsh::Message::SSH_MSG_NEWKEYS::VALUE,
@@ -410,8 +391,6 @@ module HrrRbSsh
     def receive_newkeys payload
       message = HrrRbSsh::Message::SSH_MSG_NEWKEYS.decode payload
-      update_encryption_mac_compression_algorithms
     end
     def receive_service_request
@@ -456,6 +435,7 @@ module HrrRbSsh
     end
     def update_encryption_mac_compression_algorithms
+      @session_id ||= @kex_algorithm.hash(self)
       update_encryption_algorithm
       update_mac_algorithm
       update_compression_algorithm

data/lib/hrr_rb_ssh/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # vim: et ts=2 sw=2
 module HrrRbSsh
-  VERSION = "0.1.3"
+  VERSION = "0.1.4"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hrr_rb_ssh
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - hirura
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-04-15 00:00:00.000000000 Z
+date: 2018-04-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -94,13 +94,19 @@ files:
 - lib/hrr_rb_ssh/authentication/method/password/context.rb
 - lib/hrr_rb_ssh/authentication/method/publickey.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/algorithm.rb
-- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/codable.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/public_key_blob.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature_blob.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/public_key_blob.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature_blob.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/context.rb
 - lib/hrr_rb_ssh/closed_authentication_error.rb
 - lib/hrr_rb_ssh/closed_connection_error.rb
 - lib/hrr_rb_ssh/closed_transport_error.rb
+- lib/hrr_rb_ssh/codable.rb
 - lib/hrr_rb_ssh/compat.rb
 - lib/hrr_rb_ssh/connection.rb
 - lib/hrr_rb_ssh/connection/channel.rb
@@ -117,9 +123,16 @@ files:
 - lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/shell/context.rb
 - lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/subsystem.rb
 - lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/subsystem/context.rb
+- lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/window_change.rb
+- lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/window_change/context.rb
 - lib/hrr_rb_ssh/connection/channel/proc_chain.rb
 - lib/hrr_rb_ssh/connection/channel/proc_chain/chain_context.rb
 - lib/hrr_rb_ssh/connection/request_handler.rb
+- lib/hrr_rb_ssh/connection/request_handler/reference_env_request_handler.rb
+- lib/hrr_rb_ssh/connection/request_handler/reference_exec_request_handler.rb
+- lib/hrr_rb_ssh/connection/request_handler/reference_pty_req_request_handler.rb
+- lib/hrr_rb_ssh/connection/request_handler/reference_shell_request_handler.rb
+- lib/hrr_rb_ssh/connection/request_handler/reference_window_change_request_handler.rb
 - lib/hrr_rb_ssh/data_type.rb
 - lib/hrr_rb_ssh/logger.rb
 - lib/hrr_rb_ssh/message.rb
@@ -131,8 +144,13 @@ files:
 - lib/hrr_rb_ssh/message/006_ssh_msg_service_accept.rb
 - lib/hrr_rb_ssh/message/020_ssh_msg_kexinit.rb
 - lib/hrr_rb_ssh/message/021_ssh_msg_newkeys.rb
+- lib/hrr_rb_ssh/message/030_ssh_msg_kex_dh_gex_request_old.rb
 - lib/hrr_rb_ssh/message/030_ssh_msg_kexdh_init.rb
+- lib/hrr_rb_ssh/message/031_ssh_msg_kex_dh_gex_group.rb
 - lib/hrr_rb_ssh/message/031_ssh_msg_kexdh_reply.rb
+- lib/hrr_rb_ssh/message/032_ssh_msg_kex_dh_gex_init.rb
+- lib/hrr_rb_ssh/message/033_ssh_msg_kex_dh_gex_reply.rb
+- lib/hrr_rb_ssh/message/034_ssh_msg_kex_dh_gex_request.rb
 - lib/hrr_rb_ssh/message/050_ssh_msg_userauth_request.rb
 - lib/hrr_rb_ssh/message/051_ssh_msg_userauth_failure.rb
 - lib/hrr_rb_ssh/message/052_ssh_msg_userauth_success.rb
@@ -151,7 +169,6 @@ files:
 - lib/hrr_rb_ssh/message/098_ssh_msg_channel_request.rb
 - lib/hrr_rb_ssh/message/099_ssh_msg_channel_success.rb
 - lib/hrr_rb_ssh/message/100_ssh_msg_channel_failure.rb
-- lib/hrr_rb_ssh/message/codable.rb
 - lib/hrr_rb_ssh/subclass_with_preference_listable.rb
 - lib/hrr_rb_ssh/transport.rb
 - lib/hrr_rb_ssh/transport/compression_algorithm.rb
@@ -177,8 +194,18 @@ files:
 - lib/hrr_rb_ssh/transport/encryption_algorithm/unfunctionable.rb
 - lib/hrr_rb_ssh/transport/kex_algorithm.rb
 - lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman/h0.rb
 - lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha1.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha256.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group15_sha512.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group16_sha512.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group17_sha512.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group18_sha512.rb
 - lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group1_sha1.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange/h0.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange_sha1.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange_sha256.rb
 - lib/hrr_rb_ssh/transport/mac_algorithm.rb
 - lib/hrr_rb_ssh/transport/mac_algorithm/functionable.rb
 - lib/hrr_rb_ssh/transport/mac_algorithm/hmac_md5.rb
@@ -193,7 +220,11 @@ files:
 - lib/hrr_rb_ssh/transport/sequence_number.rb
 - lib/hrr_rb_ssh/transport/server_host_key_algorithm.rb
 - lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb
+- lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/public_key_blob.rb
+- lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/signature.rb
 - lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb
+- lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/public_key_blob.rb
+- lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/signature.rb
 - lib/hrr_rb_ssh/version.rb
 homepage: https://github.com/hirura/hrr_rb_ssh
 licenses:

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/codable.rb DELETED Viewed

@@ -1,33 +0,0 @@
-# coding: utf-8
-# vim: et ts=2 sw=2
-require 'hrr_rb_ssh/data_type'
-module HrrRbSsh
-  class Authentication
-    class Method
-      class Publickey
-        class Algorithm
-          module Codable
-            def encode definition, payload
-              definition.map{ |data_type, field_name|
-                field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
-                data_type.encode(field_value)
-              }.join
-            end
-            def decode definition, payload
-              payload_io = StringIO.new payload, 'r'
-              definition.map{ |data_type, field_name|
-                [
-                  field_name,
-                  data_type.decode(payload_io)
-                ]
-              }.to_h
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/hrr_rb_ssh/message/codable.rb DELETED Viewed

@@ -1,66 +0,0 @@
-# coding: utf-8
-# vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-module HrrRbSsh
-  module Message
-    module Codable
-      def logger
-        @logger ||= HrrRbSsh::Logger.new self.name
-      end
-      def common_definition
-        self::DEFINITION
-      end
-      def conditional_definition message
-        message.inject([]){ |a, (k,v)|
-          field_name  = k
-          field_value = if v.instance_of? ::Proc then v.call else v end
-          a + ((self::CONDITIONAL_DEFINITION rescue {}).fetch(field_name, {})[field_value] || [])
-        }
-      end
-      def encode message, complementary_message={}
-        logger.debug('encoding message: ' + message.inspect)
-        definition = common_definition + conditional_definition(message.merge complementary_message)
-        definition.map{ |data_type, field_name|
-          field_value = if message[field_name].instance_of? ::Proc then message[field_name].call else message[field_name] end
-          data_type.encode( field_value )
-        }.join
-      end
-      def decode payload, complementary_message={}
-        def decode_recursively payload_io, message=nil
-          if message.class == Array and message.size == 0
-            []
-          else
-            definition = case message
-                         when nil
-                           common_definition
-                         when Array
-                           conditional_definition(message)
-                         end
-            decoded_message = definition.map{ |data_type, field_name|
-              [
-                field_name,
-                data_type.decode( payload_io )
-              ]
-            }
-            decoded_message + decode_recursively(payload_io, decoded_message)
-          end
-        end
-        payload_io = StringIO.new payload
-        decoded_message = decode_recursively(payload_io).to_h
-        if complementary_message.any?
-          decoded_message.merge! decode_recursively(payload_io, complementary_message.to_a).to_h
-        end
-        logger.debug('decoded message: ' + decoded_message.inspect)
-        decoded_message
-      end
-    end
-  end
-end