RubyGems - hrr_rb_ssh - Versions diffs - 0.1.3 → 0.1.4 - Mend

hrr_rb_ssh 0.1.3 → 0.1.4

Files changed (78) hide show

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb CHANGED Viewed

@@ -9,9 +9,8 @@ module HrrRbSsh
     class ServerHostKeyAlgorithm
       class SshDss < ServerHostKeyAlgorithm
         NAME = 'ssh-dss'
         PREFERENCE = 10
+        DIGEST = 'sha1'
         SECRET_KEY = <<-EOB
 -----BEGIN DSA PRIVATE KEY-----
 MIIBuwIBAAKBgQD3fQ6cwTtOJpVI0iASOQZxkhwPRNy7UwovQkEK6bXW33HaCebO
@@ -27,41 +26,11 @@ MRl/p42OrQzL/chRPvRf
 -----END DSA PRIVATE KEY-----
         EOB
-        KEY_FORMAT_DEFINITION = [
-          [DataType::String, 'ssh-dss'],
-          [DataType::Mpint,  'p'],
-          [DataType::Mpint,  'q'],
-          [DataType::Mpint,  'g'],
-          [DataType::Mpint,  'y'],
-        ]
-        SIGN_DEFINITION = [
-          [DataType::String, 'ssh-dss'],
-          [DataType::String, 'dss_signature_blob'],
-        ]
         def initialize
           @logger = HrrRbSsh::Logger.new(self.class.name)
           @dss = OpenSSL::PKey::DSA.new SECRET_KEY
         end
-        def encode definition, payload
-          definition.map{ |data_type, field_name|
-            field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
-            data_type.encode( field_value )
-          }.join
-        end
-        def decode definition, payload
-          payload_io = StringIO.new payload, 'r'
-          definition.map{ |data_type, field_name|
-            [
-              field_name,
-              data_type.decode( payload_io )
-            ]
-          }.to_h
-        end
         def server_public_host_key
           payload = {
             'ssh-dss' => 'ssh-dss',
@@ -70,11 +39,11 @@ MRl/p42OrQzL/chRPvRf
             'g'       => @dss.g.to_i,
             'y'       => @dss.pub_key.to_i,
           }
-          encode KEY_FORMAT_DEFINITION, payload
+          PublicKeyBlob.encode payload
         end
-        def sign digest, data
-          hash = OpenSSL::Digest.digest(digest, data)
+        def sign data
+          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
           sign_der = @dss.syssign(hash)
           sign_asn1 = OpenSSL::ASN1.decode(sign_der)
           sign_r = sign_asn1.value[0].value.to_s(2).rjust(20, ["00"].pack("H"))
@@ -83,11 +52,11 @@ MRl/p42OrQzL/chRPvRf
             'ssh-dss'            => 'ssh-dss',
             'dss_signature_blob' => (sign_r + sign_s),
           }
-          encode SIGN_DEFINITION, payload
+          Signature.encode payload
         end
-        def verify digest, sign, data
-          payload = decode SIGN_DEFINITION, sign
+        def verify sign, data
+          payload = Signature.decode sign
           dss_signature_blob = payload['dss_signature_blob']
           sign_r = dss_signature_blob[ 0, 20]
           sign_s = dss_signature_blob[20, 20]
@@ -98,10 +67,13 @@ MRl/p42OrQzL/chRPvRf
             ]
           )
           sign_der = sign_asn1.to_der
-          hash = OpenSSL::Digest.digest(digest, data)
+          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
           payload['ssh-dss'] == 'ssh-dss' && @dss.sysverify(hash, sign_der)
         end
       end
     end
   end
 end
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/public_key_blob'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/signature'

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/public_key_blob.rb ADDED Viewed

@@ -0,0 +1,25 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class SshRsa
+        module PublicKeyBlob
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, 'ssh-rsa'],
+            [DataType::Mpint,  'e'],
+            [DataType::Mpint,  'n'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/signature.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class SshRsa
+        module Signature
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, 'ssh-rsa'],
+            [DataType::String, 'rsa_signature_blob'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb CHANGED Viewed

@@ -2,16 +2,14 @@
 # vim: et ts=2 sw=2
 require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/data_type'
 module HrrRbSsh
   class Transport
     class ServerHostKeyAlgorithm
       class SshRsa < ServerHostKeyAlgorithm
         NAME = 'ssh-rsa'
         PREFERENCE = 20
+        DIGEST = 'sha1'
         SECRET_KEY = <<-EOB
 -----BEGIN RSA PRIVATE KEY-----
 MIIEpAIBAAKCAQEA71zHt9RvbXmxuOCWPKR65iBHO+a8M7Mfo4vRCs/dorZN7XL1
@@ -42,61 +40,36 @@ vzTNM3SFzgt3bHkdEtDLc64aoBX+dHOot6u71XLZrshnHPtiZ0C/ZA==
 -----END RSA PRIVATE KEY-----
         EOB
-        KEY_FORMAT_DEFINITION = [
-          [DataType::String, 'ssh-rsa'],
-          [DataType::Mpint,  'e'],
-          [DataType::Mpint,  'n'],
-        ]
-        SIGN_DEFINITION = [
-          [DataType::String, 'ssh-rsa'],
-          [DataType::String, 'rsa_signature_blob'],
-        ]
         def initialize
           @logger = HrrRbSsh::Logger.new(self.class.name)
           @rsa = OpenSSL::PKey::RSA.new SECRET_KEY
         end
-        def encode definition, payload
-          definition.map{ |data_type, field_name|
-            field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
-            data_type.encode( field_value )
-          }.join
-        end
-        def decode definition, payload
-          payload_io = StringIO.new payload, 'r'
-          definition.map{ |data_type, field_name|
-            [
-              field_name,
-              data_type.decode( payload_io )
-            ]
-          }.to_h
-        end
         def server_public_host_key
           payload = {
             'ssh-rsa' => 'ssh-rsa',
             'e'       => @rsa.e.to_i,
             'n'       => @rsa.n.to_i,
           }
-          encode KEY_FORMAT_DEFINITION, payload
+          PublicKeyBlob.encode payload
         end
-        def sign digest, data
+        def sign data
           payload = {
             'ssh-rsa'            => 'ssh-rsa',
-            'rsa_signature_blob' => @rsa.sign(digest, data),
+            'rsa_signature_blob' => @rsa.sign(self.class::DIGEST, data),
           }
-          encode SIGN_DEFINITION, payload
+          Signature.encode payload
         end
-        def verify digest, sign, data
-          payload = decode SIGN_DEFINITION, sign
-          payload['ssh-rsa'] == 'ssh-rsa' && @rsa.verify(digest, payload['rsa_signature_blob'], data)
+        def verify sign, data
+          payload = Signature.decode sign
+          payload['ssh-rsa'] == 'ssh-rsa' && @rsa.verify(self.class::DIGEST, payload['rsa_signature_blob'], data)
         end
       end
     end
   end
 end
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/public_key_blob'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/signature'

data/lib/hrr_rb_ssh/transport.rb CHANGED Viewed

@@ -209,7 +209,6 @@ module HrrRbSsh
     def exchange_version
       send_version
       receive_version
       update_version_strings
     end
@@ -224,20 +223,19 @@ module HrrRbSsh
             receive_kexinit receive
           end
           update_kex_and_server_host_key_algorithms
-          case @mode
-          when HrrRbSsh::Transport::Mode::SERVER
-            receive_kexdh_init receive
-            send_kexdh_reply
-            send_newkeys
-            receive_newkeys receive
-          end
+          start_kex_algorithm
+          send_newkeys
+          receive_newkeys receive
+          update_encryption_mac_compression_algorithms
         end
       end
       @in_kex = false
     end
+    def start_kex_algorithm
+      @kex_algorithm.start self, @mode
+    end
     def verify_service_request
       service_request_message = receive_service_request
       service_name = service_request_message['service name']
@@ -383,23 +381,6 @@ module HrrRbSsh
       update_remote_algorithms message
     end
-    def receive_kexdh_init payload
-      message = HrrRbSsh::Message::SSH_MSG_KEXDH_INIT.decode payload
-      @kex_algorithm.set_e message['e']
-      @session_id ||= @kex_algorithm.hash self
-    end
-    def send_kexdh_reply
-        message = {
-          'message number'                                => HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY::VALUE,
-          'server public host key and certificates (K_S)' => @server_host_key_algorithm.server_public_host_key,
-          'f'                                             => @kex_algorithm.pub_key,
-          'signature of H'                                => @kex_algorithm.sign(self),
-        }
-        payload = HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY.encode message
-        send payload
-    end
     def send_newkeys
         message = {
           'message number' => HrrRbSsh::Message::SSH_MSG_NEWKEYS::VALUE,
@@ -410,8 +391,6 @@ module HrrRbSsh
     def receive_newkeys payload
       message = HrrRbSsh::Message::SSH_MSG_NEWKEYS.decode payload
-      update_encryption_mac_compression_algorithms
     end
     def receive_service_request
@@ -456,6 +435,7 @@ module HrrRbSsh
     end
     def update_encryption_mac_compression_algorithms
+      @session_id ||= @kex_algorithm.hash(self)
       update_encryption_algorithm
       update_mac_algorithm
       update_compression_algorithm

data/lib/hrr_rb_ssh/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 # vim: et ts=2 sw=2
 module HrrRbSsh
-  VERSION = "0.1.3"
+  VERSION = "0.1.4"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hrr_rb_ssh
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - hirura
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-04-15 00:00:00.000000000 Z
+date: 2018-04-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -94,13 +94,19 @@ files:
 - lib/hrr_rb_ssh/authentication/method/password/context.rb
 - lib/hrr_rb_ssh/authentication/method/publickey.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/algorithm.rb
-- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/codable.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/public_key_blob.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature_blob.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/public_key_blob.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature_blob.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/context.rb
 - lib/hrr_rb_ssh/closed_authentication_error.rb
 - lib/hrr_rb_ssh/closed_connection_error.rb
 - lib/hrr_rb_ssh/closed_transport_error.rb
+- lib/hrr_rb_ssh/codable.rb
 - lib/hrr_rb_ssh/compat.rb
 - lib/hrr_rb_ssh/connection.rb
 - lib/hrr_rb_ssh/connection/channel.rb
@@ -117,9 +123,16 @@ files:
 - lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/shell/context.rb
 - lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/subsystem.rb
 - lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/subsystem/context.rb
+- lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/window_change.rb
+- lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/window_change/context.rb
 - lib/hrr_rb_ssh/connection/channel/proc_chain.rb
 - lib/hrr_rb_ssh/connection/channel/proc_chain/chain_context.rb
 - lib/hrr_rb_ssh/connection/request_handler.rb
+- lib/hrr_rb_ssh/connection/request_handler/reference_env_request_handler.rb
+- lib/hrr_rb_ssh/connection/request_handler/reference_exec_request_handler.rb
+- lib/hrr_rb_ssh/connection/request_handler/reference_pty_req_request_handler.rb
+- lib/hrr_rb_ssh/connection/request_handler/reference_shell_request_handler.rb
+- lib/hrr_rb_ssh/connection/request_handler/reference_window_change_request_handler.rb
 - lib/hrr_rb_ssh/data_type.rb
 - lib/hrr_rb_ssh/logger.rb
 - lib/hrr_rb_ssh/message.rb
@@ -131,8 +144,13 @@ files:
 - lib/hrr_rb_ssh/message/006_ssh_msg_service_accept.rb
 - lib/hrr_rb_ssh/message/020_ssh_msg_kexinit.rb
 - lib/hrr_rb_ssh/message/021_ssh_msg_newkeys.rb
+- lib/hrr_rb_ssh/message/030_ssh_msg_kex_dh_gex_request_old.rb
 - lib/hrr_rb_ssh/message/030_ssh_msg_kexdh_init.rb
+- lib/hrr_rb_ssh/message/031_ssh_msg_kex_dh_gex_group.rb
 - lib/hrr_rb_ssh/message/031_ssh_msg_kexdh_reply.rb
+- lib/hrr_rb_ssh/message/032_ssh_msg_kex_dh_gex_init.rb
+- lib/hrr_rb_ssh/message/033_ssh_msg_kex_dh_gex_reply.rb
+- lib/hrr_rb_ssh/message/034_ssh_msg_kex_dh_gex_request.rb
 - lib/hrr_rb_ssh/message/050_ssh_msg_userauth_request.rb
 - lib/hrr_rb_ssh/message/051_ssh_msg_userauth_failure.rb
 - lib/hrr_rb_ssh/message/052_ssh_msg_userauth_success.rb
@@ -151,7 +169,6 @@ files:
 - lib/hrr_rb_ssh/message/098_ssh_msg_channel_request.rb
 - lib/hrr_rb_ssh/message/099_ssh_msg_channel_success.rb
 - lib/hrr_rb_ssh/message/100_ssh_msg_channel_failure.rb
-- lib/hrr_rb_ssh/message/codable.rb
 - lib/hrr_rb_ssh/subclass_with_preference_listable.rb
 - lib/hrr_rb_ssh/transport.rb
 - lib/hrr_rb_ssh/transport/compression_algorithm.rb
@@ -177,8 +194,18 @@ files:
 - lib/hrr_rb_ssh/transport/encryption_algorithm/unfunctionable.rb
 - lib/hrr_rb_ssh/transport/kex_algorithm.rb
 - lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman/h0.rb
 - lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha1.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha256.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group15_sha512.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group16_sha512.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group17_sha512.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group18_sha512.rb
 - lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group1_sha1.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange/h0.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange_sha1.rb
+- lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange_sha256.rb
 - lib/hrr_rb_ssh/transport/mac_algorithm.rb
 - lib/hrr_rb_ssh/transport/mac_algorithm/functionable.rb
 - lib/hrr_rb_ssh/transport/mac_algorithm/hmac_md5.rb
@@ -193,7 +220,11 @@ files:
 - lib/hrr_rb_ssh/transport/sequence_number.rb
 - lib/hrr_rb_ssh/transport/server_host_key_algorithm.rb
 - lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb
+- lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/public_key_blob.rb
+- lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/signature.rb
 - lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb
+- lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/public_key_blob.rb
+- lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/signature.rb
 - lib/hrr_rb_ssh/version.rb
 homepage: https://github.com/hirura/hrr_rb_ssh
 licenses:

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/codable.rb DELETED Viewed

@@ -1,33 +0,0 @@
-# coding: utf-8
-# vim: et ts=2 sw=2
-require 'hrr_rb_ssh/data_type'
-module HrrRbSsh
-  class Authentication
-    class Method
-      class Publickey
-        class Algorithm
-          module Codable
-            def encode definition, payload
-              definition.map{ |data_type, field_name|
-                field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
-                data_type.encode(field_value)
-              }.join
-            end
-            def decode definition, payload
-              payload_io = StringIO.new payload, 'r'
-              definition.map{ |data_type, field_name|
-                [
-                  field_name,
-                  data_type.decode(payload_io)
-                ]
-              }.to_h
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/hrr_rb_ssh/message/codable.rb DELETED Viewed

@@ -1,66 +0,0 @@
-# coding: utf-8
-# vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-module HrrRbSsh
-  module Message
-    module Codable
-      def logger
-        @logger ||= HrrRbSsh::Logger.new self.name
-      end
-      def common_definition
-        self::DEFINITION
-      end
-      def conditional_definition message
-        message.inject([]){ |a, (k,v)|
-          field_name  = k
-          field_value = if v.instance_of? ::Proc then v.call else v end
-          a + ((self::CONDITIONAL_DEFINITION rescue {}).fetch(field_name, {})[field_value] || [])
-        }
-      end
-      def encode message, complementary_message={}
-        logger.debug('encoding message: ' + message.inspect)
-        definition = common_definition + conditional_definition(message.merge complementary_message)
-        definition.map{ |data_type, field_name|
-          field_value = if message[field_name].instance_of? ::Proc then message[field_name].call else message[field_name] end
-          data_type.encode( field_value )
-        }.join
-      end
-      def decode payload, complementary_message={}
-        def decode_recursively payload_io, message=nil
-          if message.class == Array and message.size == 0
-            []
-          else
-            definition = case message
-                         when nil
-                           common_definition
-                         when Array
-                           conditional_definition(message)
-                         end
-            decoded_message = definition.map{ |data_type, field_name|
-              [
-                field_name,
-                data_type.decode( payload_io )
-              ]
-            }
-            decoded_message + decode_recursively(payload_io, decoded_message)
-          end
-        end
-        payload_io = StringIO.new payload
-        decoded_message = decode_recursively(payload_io).to_h
-        if complementary_message.any?
-          decoded_message.merge! decode_recursively(payload_io, complementary_message.to_a).to_h
-        end
-        logger.debug('decoded message: ' + decoded_message.inspect)
-        decoded_message
-      end
-    end
-  end
-end