hrr_rb_ssh 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (115) hide show
  1. checksums.yaml +4 -4
  2. data/demo/server.rb +10 -2
  3. data/lib/hrr_rb_ssh/authentication/method/none.rb +1 -1
  4. data/lib/hrr_rb_ssh/authentication/method/password.rb +2 -2
  5. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256/ecdsa_signature_blob.rb +27 -0
  6. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256/public_key_blob.rb +28 -0
  7. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256/signature.rb +27 -0
  8. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256/signature_blob.rb +33 -0
  9. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256.rb +84 -0
  10. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384/ecdsa_signature_blob.rb +27 -0
  11. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384/public_key_blob.rb +28 -0
  12. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384/signature.rb +27 -0
  13. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384/signature_blob.rb +33 -0
  14. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384.rb +84 -0
  15. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521/ecdsa_signature_blob.rb +27 -0
  16. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521/public_key_blob.rb +28 -0
  17. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521/signature.rb +27 -0
  18. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521/signature_blob.rb +33 -0
  19. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521.rb +84 -0
  20. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/public_key_blob.rb +5 -5
  21. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature.rb +2 -2
  22. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature_blob.rb +8 -8
  23. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss.rb +24 -24
  24. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/public_key_blob.rb +3 -3
  25. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature.rb +2 -2
  26. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature_blob.rb +8 -8
  27. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa.rb +19 -19
  28. data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm.rb +3 -0
  29. data/lib/hrr_rb_ssh/authentication/method/publickey/context.rb +7 -7
  30. data/lib/hrr_rb_ssh/authentication/method/publickey.rb +7 -7
  31. data/lib/hrr_rb_ssh/authentication.rb +6 -6
  32. data/lib/hrr_rb_ssh/codable.rb +7 -2
  33. data/lib/hrr_rb_ssh/connection/channel/channel_type/direct_tcpip.rb +102 -0
  34. data/lib/hrr_rb_ssh/connection/channel/channel_type/session/proc_chain/chain_context.rb +26 -0
  35. data/lib/hrr_rb_ssh/connection/channel/channel_type/session/proc_chain.rb +29 -0
  36. data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/env/context.rb +2 -2
  37. data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/exec/context.rb +1 -1
  38. data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/pty_req/context.rb +6 -6
  39. data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/subsystem/context.rb +1 -1
  40. data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/window_change/context.rb +4 -4
  41. data/lib/hrr_rb_ssh/connection/channel/channel_type/session.rb +42 -0
  42. data/lib/hrr_rb_ssh/connection/channel/channel_type.rb +1 -0
  43. data/lib/hrr_rb_ssh/connection/channel.rb +50 -63
  44. data/lib/hrr_rb_ssh/connection/request_handler/reference_shell_request_handler.rb +29 -9
  45. data/lib/hrr_rb_ssh/connection.rb +22 -27
  46. data/lib/hrr_rb_ssh/message/001_ssh_msg_disconnect.rb +4 -4
  47. data/lib/hrr_rb_ssh/message/002_ssh_msg_ignore.rb +2 -2
  48. data/lib/hrr_rb_ssh/message/003_ssh_msg_unimplemented.rb +2 -2
  49. data/lib/hrr_rb_ssh/message/004_ssh_msg_debug.rb +4 -4
  50. data/lib/hrr_rb_ssh/message/005_ssh_msg_service_request.rb +2 -2
  51. data/lib/hrr_rb_ssh/message/006_ssh_msg_service_accept.rb +2 -2
  52. data/lib/hrr_rb_ssh/message/020_ssh_msg_kexinit.rb +29 -29
  53. data/lib/hrr_rb_ssh/message/021_ssh_msg_newkeys.rb +1 -1
  54. data/lib/hrr_rb_ssh/message/030_ssh_msg_kex_dh_gex_request_old.rb +2 -2
  55. data/lib/hrr_rb_ssh/message/030_ssh_msg_kexdh_init.rb +2 -2
  56. data/lib/hrr_rb_ssh/message/030_ssh_msg_kexecdh_init.rb +24 -0
  57. data/lib/hrr_rb_ssh/message/031_ssh_msg_kex_dh_gex_group.rb +3 -3
  58. data/lib/hrr_rb_ssh/message/031_ssh_msg_kexdh_reply.rb +4 -4
  59. data/lib/hrr_rb_ssh/message/031_ssh_msg_kexecdh_reply.rb +26 -0
  60. data/lib/hrr_rb_ssh/message/032_ssh_msg_kex_dh_gex_init.rb +2 -2
  61. data/lib/hrr_rb_ssh/message/033_ssh_msg_kex_dh_gex_reply.rb +4 -4
  62. data/lib/hrr_rb_ssh/message/034_ssh_msg_kex_dh_gex_request.rb +4 -4
  63. data/lib/hrr_rb_ssh/message/050_ssh_msg_userauth_request.rb +17 -17
  64. data/lib/hrr_rb_ssh/message/051_ssh_msg_userauth_failure.rb +3 -3
  65. data/lib/hrr_rb_ssh/message/052_ssh_msg_userauth_success.rb +1 -1
  66. data/lib/hrr_rb_ssh/message/060_ssh_msg_userauth_pk_ok.rb +3 -3
  67. data/lib/hrr_rb_ssh/message/080_ssh_msg_global_request.rb +12 -12
  68. data/lib/hrr_rb_ssh/message/081_ssh_msg_request_success.rb +5 -5
  69. data/lib/hrr_rb_ssh/message/082_ssh_msg_request_failure.rb +1 -1
  70. data/lib/hrr_rb_ssh/message/090_ssh_msg_channel_open.rb +24 -24
  71. data/lib/hrr_rb_ssh/message/091_ssh_msg_channel_open_confirmation.rb +14 -24
  72. data/lib/hrr_rb_ssh/message/092_ssh_msg_channel_open_failure.rb +5 -5
  73. data/lib/hrr_rb_ssh/message/093_ssh_msg_channel_window_adjust.rb +3 -3
  74. data/lib/hrr_rb_ssh/message/094_ssh_msg_channel_data.rb +3 -3
  75. data/lib/hrr_rb_ssh/message/095_ssh_msg_channel_extended_data.rb +4 -4
  76. data/lib/hrr_rb_ssh/message/096_ssh_msg_channel_eof.rb +2 -2
  77. data/lib/hrr_rb_ssh/message/097_ssh_msg_channel_close.rb +2 -2
  78. data/lib/hrr_rb_ssh/message/098_ssh_msg_channel_request.rb +51 -51
  79. data/lib/hrr_rb_ssh/message/099_ssh_msg_channel_success.rb +2 -2
  80. data/lib/hrr_rb_ssh/message/100_ssh_msg_channel_failure.rb +2 -2
  81. data/lib/hrr_rb_ssh/message.rb +2 -0
  82. data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman/h0.rb +8 -8
  83. data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman.rb +13 -13
  84. data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange/h0.rb +13 -13
  85. data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange.rb +24 -24
  86. data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman/h0.rb +29 -0
  87. data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman.rb +132 -0
  88. data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp256.rb +18 -0
  89. data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp384.rb +18 -0
  90. data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp521.rb +18 -0
  91. data/lib/hrr_rb_ssh/transport/kex_algorithm.rb +3 -0
  92. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp256/ecdsa_signature_blob.rb +23 -0
  93. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp256/public_key_blob.rb +25 -0
  94. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp256/signature.rb +23 -0
  95. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp256.rb +79 -0
  96. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp384/ecdsa_signature_blob.rb +23 -0
  97. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp384/public_key_blob.rb +25 -0
  98. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp384/signature.rb +23 -0
  99. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp384.rb +80 -0
  100. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp521/ecdsa_signature_blob.rb +23 -0
  101. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp521/public_key_blob.rb +25 -0
  102. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp521/signature.rb +23 -0
  103. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp521.rb +81 -0
  104. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/public_key_blob.rb +5 -5
  105. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/signature.rb +2 -2
  106. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb +9 -9
  107. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/public_key_blob.rb +3 -3
  108. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/signature.rb +2 -2
  109. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb +6 -6
  110. data/lib/hrr_rb_ssh/transport/server_host_key_algorithm.rb +3 -0
  111. data/lib/hrr_rb_ssh/transport.rb +30 -30
  112. data/lib/hrr_rb_ssh/version.rb +1 -1
  113. metadata +39 -4
  114. data/lib/hrr_rb_ssh/connection/channel/proc_chain/chain_context.rb +0 -22
  115. data/lib/hrr_rb_ssh/connection/channel/proc_chain.rb +0 -25
@@ -32,106 +32,106 @@ module HrrRbSsh
32
32
 
33
33
  DEFINITION = [
34
34
  #[DataType, Field Name]
35
- [DataType::Byte, 'message number'],
36
- [DataType::Uint32, 'recipient channel'],
37
- [DataType::String, 'request type'],
38
- [DataType::Boolean, 'want reply'],
35
+ [DataType::Byte, :'message number'],
36
+ [DataType::Uint32, :'recipient channel'],
37
+ [DataType::String, :'request type'],
38
+ [DataType::Boolean, :'want reply'],
39
39
  ]
40
40
 
41
41
  PTY_REQ_DEFINITION = [
42
42
  #[DataType, Field Name]
43
- #[DataType::String, 'request type' : "pty-req"],
44
- [DataType::String, 'TERM environment variable value'],
45
- [DataType::Uint32, 'terminal width, characters'],
46
- [DataType::Uint32, 'terminal height, rows'],
47
- [DataType::Uint32, 'terminal width, pixels'],
48
- [DataType::Uint32, 'terminal height, pixels'],
49
- [DataType::String, 'encoded terminal modes'],
43
+ #[DataType::String, :'request type' : "pty-req"],
44
+ [DataType::String, :'TERM environment variable value'],
45
+ [DataType::Uint32, :'terminal width, characters'],
46
+ [DataType::Uint32, :'terminal height, rows'],
47
+ [DataType::Uint32, :'terminal width, pixels'],
48
+ [DataType::Uint32, :'terminal height, pixels'],
49
+ [DataType::String, :'encoded terminal modes'],
50
50
  ]
51
51
 
52
52
  X11_REQ_DEFINITION = [
53
53
  #[DataType, Field Name]
54
- #[DataType::String, 'request type' : "x11-req"],
55
- [DataType::Boolean, 'single connection'],
56
- [DataType::String, 'x11 authentication protocol'],
57
- [DataType::String, 'x11 authentication cookie'],
58
- [DataType::Uint32, 'x11 screen number'],
54
+ #[DataType::String, :'request type' : "x11-req"],
55
+ [DataType::Boolean, :'single connection'],
56
+ [DataType::String, :'x11 authentication protocol'],
57
+ [DataType::String, :'x11 authentication cookie'],
58
+ [DataType::Uint32, :'x11 screen number'],
59
59
  ]
60
60
 
61
61
  ENV_DEFINITION = [
62
62
  #[DataType, Field Name]
63
63
  #[DataType::String, 'request type' : "env"],
64
- [DataType::String, 'variable name'],
65
- [DataType::String, 'variable value'],
64
+ [DataType::String, :'variable name'],
65
+ [DataType::String, :'variable value'],
66
66
  ]
67
67
 
68
68
  SHELL_DEFINITION = [
69
69
  #[DataType, Field Name]
70
- #[DataType::String, 'request type' : "shell"],
70
+ #[DataType::String, :'request type' : "shell"],
71
71
  ]
72
72
 
73
73
  EXEC_DEFINITION = [
74
74
  #[DataType, Field Name]
75
- #[DataType::String, 'request type' : "exec"],
76
- [DataType::String, 'command'],
75
+ #[DataType::String, :'request type' : "exec"],
76
+ [DataType::String, :'command'],
77
77
  ]
78
78
 
79
79
  SUBSYSTEM_DEFINITION = [
80
80
  #[DataType, Field Name]
81
- #[DataType::String, 'request type' : "subsystem"],
82
- [DataType::String, 'subsystem name'],
81
+ #[DataType::String, :'request type' : "subsystem"],
82
+ [DataType::String, :'subsystem name'],
83
83
  ]
84
84
 
85
85
  WINDOW_CHANGE_DEFINITION = [
86
86
  #[DataType, Field Name]
87
- #[DataType::String, 'request type' : "window-change"],
88
- [DataType::Uint32, 'terminal width, columns'],
89
- [DataType::Uint32, 'terminal height, rows'],
90
- [DataType::Uint32, 'terminal width, pixels'],
91
- [DataType::Uint32, 'terminal height, pixels'],
87
+ #[DataType::String, :'request type' : "window-change"],
88
+ [DataType::Uint32, :'terminal width, columns'],
89
+ [DataType::Uint32, :'terminal height, rows'],
90
+ [DataType::Uint32, :'terminal width, pixels'],
91
+ [DataType::Uint32, :'terminal height, pixels'],
92
92
  ]
93
93
 
94
94
  XON_XOFF_DEFINITION = [
95
95
  #[DataType, Field Name]
96
- #[DataType::String, 'request type' : "xon-xoff"],
97
- [DataType::Boolean, 'client can do'],
96
+ #[DataType::String, :'request type' : "xon-xoff"],
97
+ [DataType::Boolean, :'client can do'],
98
98
  ]
99
99
 
100
100
  SIGNAL_DEFINITION = [
101
101
  #[DataType, Field Name]
102
- #[DataType::String, 'request type' : "signal"],
103
- [DataType::String, 'signal name'],
102
+ #[DataType::String, :'request type' : "signal"],
103
+ [DataType::String, :'signal name'],
104
104
  ]
105
105
 
106
106
  EXIT_STATUS_DEFINITION = [
107
107
  #[DataType, Field Name]
108
- #[DataType::String, 'request type' : "exit-status"],
109
- [DataType::Uint32, 'exit status'],
108
+ #[DataType::String, :'request type' : "exit-status"],
109
+ [DataType::Uint32, :'exit status'],
110
110
  ]
111
111
 
112
112
  EXIT_SIGNAL_DEFINITION = [
113
113
  #[DataType, Field Name]
114
- #[DataType::String, 'request type' : "exit-signal"],
115
- [DataType::String, 'signal name'],
116
- [DataType::Boolean, 'core dumped'],
117
- [DataType::String, 'error message'],
118
- [DataType::String, 'language tag'],
114
+ #[DataType::String, :'request type' : "exit-signal"],
115
+ [DataType::String, :'signal name'],
116
+ [DataType::Boolean, :'core dumped'],
117
+ [DataType::String, :'error message'],
118
+ [DataType::String, :'language tag'],
119
119
  ]
120
120
 
121
121
  CONDITIONAL_DEFINITION = {
122
122
  # Field Name => {Field Value => Conditional Definition}
123
- 'request type' => {
124
- 'pty-req' => PTY_REQ_DEFINITION,
125
- 'x11-req' => X11_REQ_DEFINITION,
126
- 'env' => ENV_DEFINITION,
127
- 'shell' => SHELL_DEFINITION,
128
- 'exec' => EXEC_DEFINITION,
129
- 'subsystem' => SUBSYSTEM_DEFINITION,
130
- 'window-change' => WINDOW_CHANGE_DEFINITION,
131
- 'xon-xoff' => XON_XOFF_DEFINITION,
132
- 'signal' => SIGNAL_DEFINITION,
133
- 'exit-status' => EXIT_STATUS_DEFINITION,
134
- 'exit-signal' => EXIT_SIGNAL_DEFINITION,
123
+ :'request type' => {
124
+ "pty-req" => PTY_REQ_DEFINITION,
125
+ "x11-req" => X11_REQ_DEFINITION,
126
+ "env" => ENV_DEFINITION,
127
+ "shell" => SHELL_DEFINITION,
128
+ "exec" => EXEC_DEFINITION,
129
+ "subsystem" => SUBSYSTEM_DEFINITION,
130
+ "window-change" => WINDOW_CHANGE_DEFINITION,
131
+ "xon-xoff" => XON_XOFF_DEFINITION,
132
+ "signal" => SIGNAL_DEFINITION,
133
+ "exit-status" => EXIT_STATUS_DEFINITION,
134
+ "exit-signal" => EXIT_SIGNAL_DEFINITION,
135
135
  },
136
136
  }
137
137
  end
@@ -16,8 +16,8 @@ module HrrRbSsh
16
16
 
17
17
  DEFINITION = [
18
18
  #[DataType, Field Name]
19
- [DataType::Byte, 'message number'],
20
- [DataType::Uint32, 'recipient channel'],
19
+ [DataType::Byte, :'message number'],
20
+ [DataType::Uint32, :'recipient channel'],
21
21
  ]
22
22
  end
23
23
  end
@@ -16,8 +16,8 @@ module HrrRbSsh
16
16
 
17
17
  DEFINITION = [
18
18
  #[DataType, Field Name]
19
- [DataType::Byte, 'message number'],
20
- [DataType::Uint32, 'recipient channel'],
19
+ [DataType::Byte, :'message number'],
20
+ [DataType::Uint32, :'recipient channel'],
21
21
  ]
22
22
  end
23
23
  end
@@ -16,6 +16,8 @@ require 'hrr_rb_ssh/message/031_ssh_msg_kex_dh_gex_group'
16
16
  require 'hrr_rb_ssh/message/032_ssh_msg_kex_dh_gex_init'
17
17
  require 'hrr_rb_ssh/message/033_ssh_msg_kex_dh_gex_reply'
18
18
  require 'hrr_rb_ssh/message/034_ssh_msg_kex_dh_gex_request'
19
+ require 'hrr_rb_ssh/message/030_ssh_msg_kexecdh_init'
20
+ require 'hrr_rb_ssh/message/031_ssh_msg_kexecdh_reply'
19
21
  require 'hrr_rb_ssh/message/050_ssh_msg_userauth_request'
20
22
  require 'hrr_rb_ssh/message/051_ssh_msg_userauth_failure'
21
23
  require 'hrr_rb_ssh/message/052_ssh_msg_userauth_success'
@@ -13,14 +13,14 @@ module HrrRbSsh
13
13
  include Codable
14
14
  end
15
15
  DEFINITION = [
16
- [DataType::String, 'V_C'],
17
- [DataType::String, 'V_S'],
18
- [DataType::String, 'I_C'],
19
- [DataType::String, 'I_S'],
20
- [DataType::String, 'K_S'],
21
- [DataType::Mpint, 'e'],
22
- [DataType::Mpint, 'f'],
23
- [DataType::Mpint, 'k'],
16
+ [DataType::String, :'V_C'],
17
+ [DataType::String, :'V_S'],
18
+ [DataType::String, :'I_C'],
19
+ [DataType::String, :'I_S'],
20
+ [DataType::String, :'K_S'],
21
+ [DataType::Mpint, :'e'],
22
+ [DataType::Mpint, :'f'],
23
+ [DataType::Mpint, :'k'],
24
24
  ]
25
25
  end
26
26
  end
@@ -49,14 +49,14 @@ module HrrRbSsh
49
49
  f = pub_key
50
50
 
51
51
  h0_payload = {
52
- 'V_C' => transport.v_c,
53
- 'V_S' => transport.v_s,
54
- 'I_C' => transport.i_c,
55
- 'I_S' => transport.i_s,
56
- 'K_S' => transport.server_host_key_algorithm.server_public_host_key,
57
- 'e' => e,
58
- 'f' => f,
59
- 'k' => k,
52
+ :'V_C' => transport.v_c,
53
+ :'V_S' => transport.v_s,
54
+ :'I_C' => transport.i_c,
55
+ :'I_S' => transport.i_s,
56
+ :'K_S' => transport.server_host_key_algorithm.server_public_host_key,
57
+ :'e' => e,
58
+ :'f' => f,
59
+ :'k' => k,
60
60
  }
61
61
  h0 = H0.encode h0_payload
62
62
 
@@ -117,15 +117,15 @@ module HrrRbSsh
117
117
 
118
118
  def receive_kexdh_init payload
119
119
  message = HrrRbSsh::Message::SSH_MSG_KEXDH_INIT.decode payload
120
- set_e message['e']
120
+ set_e message[:'e']
121
121
  end
122
122
 
123
123
  def send_kexdh_reply transport
124
124
  message = {
125
- 'message number' => HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY::VALUE,
126
- 'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
127
- 'f' => pub_key,
128
- 'signature of H' => sign(transport),
125
+ :'message number' => HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY::VALUE,
126
+ :'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
127
+ :'f' => pub_key,
128
+ :'signature of H' => sign(transport),
129
129
  }
130
130
  payload = HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY.encode message
131
131
  transport.send payload
@@ -13,19 +13,19 @@ module HrrRbSsh
13
13
  include Codable
14
14
  end
15
15
  DEFINITION = [
16
- [DataType::String, 'V_C'],
17
- [DataType::String, 'V_S'],
18
- [DataType::String, 'I_C'],
19
- [DataType::String, 'I_S'],
20
- [DataType::String, 'K_S'],
21
- [DataType::Uint32, 'min'],
22
- [DataType::Uint32, 'n'],
23
- [DataType::Uint32, 'max'],
24
- [DataType::Mpint, 'p'],
25
- [DataType::Mpint, 'g'],
26
- [DataType::Mpint, 'e'],
27
- [DataType::Mpint, 'f'],
28
- [DataType::Mpint, 'k'],
16
+ [DataType::String, :'V_C'],
17
+ [DataType::String, :'V_S'],
18
+ [DataType::String, :'I_C'],
19
+ [DataType::String, :'I_S'],
20
+ [DataType::String, :'K_S'],
21
+ [DataType::Uint32, :'min'],
22
+ [DataType::Uint32, :'n'],
23
+ [DataType::Uint32, :'max'],
24
+ [DataType::Mpint, :'p'],
25
+ [DataType::Mpint, :'g'],
26
+ [DataType::Mpint, :'e'],
27
+ [DataType::Mpint, :'f'],
28
+ [DataType::Mpint, :'k'],
29
29
  ]
30
30
  end
31
31
  end
@@ -60,19 +60,19 @@ module HrrRbSsh
60
60
  f = pub_key
61
61
 
62
62
  h0_payload = {
63
- 'V_C' => transport.v_c,
64
- 'V_S' => transport.v_s,
65
- 'I_C' => transport.i_c,
66
- 'I_S' => transport.i_s,
67
- 'K_S' => transport.server_host_key_algorithm.server_public_host_key,
68
- 'min' => @min,
69
- 'n' => @n,
70
- 'max' => @max,
71
- 'p' => @dh.p.to_i,
72
- 'g' => @dh.g.to_i,
73
- 'e' => e,
74
- 'f' => f,
75
- 'k' => k,
63
+ :'V_C' => transport.v_c,
64
+ :'V_S' => transport.v_s,
65
+ :'I_C' => transport.i_c,
66
+ :'I_S' => transport.i_s,
67
+ :'K_S' => transport.server_host_key_algorithm.server_public_host_key,
68
+ :'min' => @min,
69
+ :'n' => @n,
70
+ :'max' => @max,
71
+ :'p' => @dh.p.to_i,
72
+ :'g' => @dh.g.to_i,
73
+ :'e' => e,
74
+ :'f' => f,
75
+ :'k' => k,
76
76
  }
77
77
  h0 = H0.encode h0_payload
78
78
 
@@ -132,16 +132,16 @@ module HrrRbSsh
132
132
 
133
133
  def receive_kex_dh_gex_request payload
134
134
  message = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_REQUEST.decode payload
135
- @min = message['min']
136
- @n = message['n']
137
- @max = message['max']
135
+ @min = message[:'min']
136
+ @n = message[:'n']
137
+ @max = message[:'max']
138
138
  end
139
139
 
140
140
  def send_kex_dh_gex_group transport
141
141
  message = {
142
- 'message number' => HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_GROUP::VALUE,
143
- 'p' => @dh.p.to_i,
144
- 'g' => @dh.g.to_i,
142
+ :'message number' => HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_GROUP::VALUE,
143
+ :'p' => @dh.p.to_i,
144
+ :'g' => @dh.g.to_i,
145
145
  }
146
146
  payload = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_GROUP.encode message
147
147
  transport.send payload
@@ -149,15 +149,15 @@ module HrrRbSsh
149
149
 
150
150
  def receive_kex_dh_gex_init payload
151
151
  message = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_INIT.decode payload
152
- set_e message['e']
152
+ set_e message[:'e']
153
153
  end
154
154
 
155
155
  def send_kex_dh_gex_reply transport
156
156
  message = {
157
- 'message number' => HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_REPLY::VALUE,
158
- 'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
159
- 'f' => pub_key,
160
- 'signature of H' => sign(transport),
157
+ :'message number' => HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_REPLY::VALUE,
158
+ :'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
159
+ :'f' => pub_key,
160
+ :'signature of H' => sign(transport),
161
161
  }
162
162
  payload = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_REPLY.encode message
163
163
  transport.send payload
@@ -0,0 +1,29 @@
1
+ # coding: utf-8
2
+ # vim: et ts=2 sw=2
3
+
4
+ require 'hrr_rb_ssh/data_type'
5
+ require 'hrr_rb_ssh/codable'
6
+
7
+ module HrrRbSsh
8
+ class Transport
9
+ class KexAlgorithm
10
+ module EllipticCurveDiffieHellman
11
+ module H0
12
+ class << self
13
+ include Codable
14
+ end
15
+ DEFINITION = [
16
+ [DataType::String, :'V_C'],
17
+ [DataType::String, :'V_S'],
18
+ [DataType::String, :'I_C'],
19
+ [DataType::String, :'I_S'],
20
+ [DataType::String, :'K_S'],
21
+ [DataType::Mpint, :'Q_C'],
22
+ [DataType::Mpint, :'Q_S'],
23
+ [DataType::Mpint, :'K'],
24
+ ]
25
+ end
26
+ end
27
+ end
28
+ end
29
+ end
@@ -0,0 +1,132 @@
1
+ # coding: utf-8
2
+ # vim: et ts=2 sw=2
3
+
4
+ require 'openssl'
5
+ require 'hrr_rb_ssh/logger'
6
+ require 'hrr_rb_ssh/data_type'
7
+
8
+ module HrrRbSsh
9
+ class Transport
10
+ class KexAlgorithm
11
+ module EllipticCurveDiffieHellman
12
+ def initialize
13
+ @logger = HrrRbSsh::Logger.new(self.class.name)
14
+ @dh = OpenSSL::PKey::EC.new(self.class::CURVE_NAME)
15
+ @dh.generate_key
16
+ end
17
+
18
+ def start transport, mode
19
+ case mode
20
+ when HrrRbSsh::Transport::Mode::SERVER
21
+ receive_kexecdh_init transport.receive
22
+ send_kexecdh_reply transport
23
+ else
24
+ raise "unsupported mode"
25
+ end
26
+ end
27
+
28
+ def set_q_c q_c
29
+ @q_c = q_c
30
+ end
31
+
32
+ def shared_secret
33
+ k = OpenSSL::BN.new(@dh.dh_compute_key(OpenSSL::PKey::EC::Point.new(OpenSSL::PKey::EC.new(self.class::CURVE_NAME).group, OpenSSL::BN.new(@q_c))), 2).to_i
34
+ end
35
+
36
+ def public_key
37
+ f = @dh.public_key.to_bn.to_i
38
+ end
39
+
40
+ def hash transport
41
+ q_c = @q_c
42
+ q_s = public_key
43
+ k = shared_secret
44
+
45
+ h0_payload = {
46
+ :'V_C' => transport.v_c,
47
+ :'V_S' => transport.v_s,
48
+ :'I_C' => transport.i_c,
49
+ :'I_S' => transport.i_s,
50
+ :'K_S' => transport.server_host_key_algorithm.server_public_host_key,
51
+ :'Q_C' => q_c,
52
+ :'Q_S' => q_s,
53
+ :'K' => k,
54
+ }
55
+ h0 = H0.encode h0_payload
56
+
57
+ h = OpenSSL::Digest.digest self.class::DIGEST, h0
58
+
59
+ h
60
+ end
61
+
62
+ def sign transport
63
+ h = hash transport
64
+ s = transport.server_host_key_algorithm.sign h
65
+
66
+ s
67
+ end
68
+
69
+ def build_key(_k, h, _x, session_id, key_length)
70
+ k = DataType::Mpint.encode _k
71
+ x = DataType::Byte.encode _x
72
+
73
+ key = OpenSSL::Digest.digest(self.class::DIGEST, k + h + x + session_id)
74
+
75
+ while key.length < key_length
76
+ key = key + OpenSSL::Digest.digest(self.class::DIGEST, k + h + key )
77
+ end
78
+
79
+ key[0, key_length]
80
+ end
81
+
82
+ def iv_c_to_s transport, encryption_algorithm_c_to_s_name
83
+ key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_c_to_s_name]::IV_LENGTH
84
+ build_key(shared_secret, hash(transport), 'A'.ord, transport.session_id, key_length)
85
+ end
86
+
87
+ def iv_s_to_c transport, encryption_algorithm_s_to_c_name
88
+ key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_s_to_c_name]::IV_LENGTH
89
+ build_key(shared_secret, hash(transport), 'B'.ord, transport.session_id, key_length)
90
+ end
91
+
92
+ def key_c_to_s transport, encryption_algorithm_c_to_s_name
93
+ key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_c_to_s_name]::KEY_LENGTH
94
+ build_key(shared_secret, hash(transport), 'C'.ord, transport.session_id, key_length)
95
+ end
96
+
97
+ def key_s_to_c transport, encryption_algorithm_s_to_c_name
98
+ key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_s_to_c_name]::KEY_LENGTH
99
+ build_key(shared_secret, hash(transport), 'D'.ord, transport.session_id, key_length)
100
+ end
101
+
102
+ def mac_c_to_s transport, mac_algorithm_c_to_s_name
103
+ key_length = HrrRbSsh::Transport::MacAlgorithm[mac_algorithm_c_to_s_name]::KEY_LENGTH
104
+ build_key(shared_secret, hash(transport), 'E'.ord, transport.session_id, key_length)
105
+ end
106
+
107
+ def mac_s_to_c transport, mac_algorithm_s_to_c_name
108
+ key_length = HrrRbSsh::Transport::MacAlgorithm[mac_algorithm_s_to_c_name]::KEY_LENGTH
109
+ build_key(shared_secret, hash(transport), 'F'.ord, transport.session_id, key_length)
110
+ end
111
+
112
+ def receive_kexecdh_init payload
113
+ message = HrrRbSsh::Message::SSH_MSG_KEXECDH_INIT.decode payload
114
+ set_q_c message[:'Q_C']
115
+ end
116
+
117
+ def send_kexecdh_reply transport
118
+ message = {
119
+ :'message number' => HrrRbSsh::Message::SSH_MSG_KEXECDH_REPLY::VALUE,
120
+ :'K_S' => transport.server_host_key_algorithm.server_public_host_key,
121
+ :'Q_S' => public_key,
122
+ :'signature of H' => sign(transport),
123
+ }
124
+ payload = HrrRbSsh::Message::SSH_MSG_KEXECDH_REPLY.encode message
125
+ transport.send payload
126
+ end
127
+ end
128
+ end
129
+ end
130
+ end
131
+
132
+ require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman/h0'
@@ -0,0 +1,18 @@
1
+ # coding: utf-8
2
+ # vim: et ts=2 sw=2
3
+
4
+ require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman'
5
+
6
+ module HrrRbSsh
7
+ class Transport
8
+ class KexAlgorithm
9
+ class EllipticCurveDiffieHellmanSha2Nistp256 < KexAlgorithm
10
+ NAME = 'ecdh-sha2-nistp256'
11
+ PREFERENCE = 100
12
+ DIGEST = 'sha256'
13
+ CURVE_NAME = 'prime256v1'
14
+ include EllipticCurveDiffieHellman
15
+ end
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,18 @@
1
+ # coding: utf-8
2
+ # vim: et ts=2 sw=2
3
+
4
+ require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman'
5
+
6
+ module HrrRbSsh
7
+ class Transport
8
+ class KexAlgorithm
9
+ class EllipticCurveDiffieHellmanSha2Nistp384 < KexAlgorithm
10
+ NAME = 'ecdh-sha2-nistp384'
11
+ PREFERENCE = 110
12
+ DIGEST = 'sha384'
13
+ CURVE_NAME = 'secp384r1'
14
+ include EllipticCurveDiffieHellman
15
+ end
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,18 @@
1
+ # coding: utf-8
2
+ # vim: et ts=2 sw=2
3
+
4
+ require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman'
5
+
6
+ module HrrRbSsh
7
+ class Transport
8
+ class KexAlgorithm
9
+ class EllipticCurveDiffieHellmanSha2Nistp521 < KexAlgorithm
10
+ NAME = 'ecdh-sha2-nistp521'
11
+ PREFERENCE = 120
12
+ DIGEST = 'sha512'
13
+ CURVE_NAME = 'secp521r1'
14
+ include EllipticCurveDiffieHellman
15
+ end
16
+ end
17
+ end
18
+ end
@@ -23,3 +23,6 @@ require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group15_sha512'
23
23
  require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group16_sha512'
24
24
  require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group17_sha512'
25
25
  require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group18_sha512'
26
+ require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp256'
27
+ require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp384'
28
+ require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp521'
@@ -0,0 +1,23 @@
1
+ # coding: utf-8
2
+ # vim: et ts=2 sw=2
3
+
4
+ require 'hrr_rb_ssh/data_type'
5
+ require 'hrr_rb_ssh/codable'
6
+
7
+ module HrrRbSsh
8
+ class Transport
9
+ class ServerHostKeyAlgorithm
10
+ class EcdsaSha2Nistp256
11
+ module EcdsaSignatureBlob
12
+ class << self
13
+ include Codable
14
+ end
15
+ DEFINITION = [
16
+ [DataType::Mpint, :'r'],
17
+ [DataType::Mpint, :'s'],
18
+ ]
19
+ end
20
+ end
21
+ end
22
+ end
23
+ end
@@ -0,0 +1,25 @@
1
+ # coding: utf-8
2
+ # vim: et ts=2 sw=2
3
+
4
+ require 'hrr_rb_ssh/data_type'
5
+ require 'hrr_rb_ssh/codable'
6
+
7
+ module HrrRbSsh
8
+ class Transport
9
+ class ServerHostKeyAlgorithm
10
+ class EcdsaSha2Nistp256
11
+ module PublicKeyBlob
12
+ class << self
13
+ include Codable
14
+ end
15
+ DEFINITION = [
16
+ [DataType::String, :'ecdsa-sha2-[identifier]'],
17
+ [DataType::String, :'[identifier]'],
18
+ [DataType::String, :'Q'],
19
+ ]
20
+ end
21
+ end
22
+ end
23
+ end
24
+ end
25
+