hrr_rb_ssh 0.1.4 → 0.1.5

data/lib/hrr_rb_ssh/message/098_ssh_msg_channel_request.rb

@@ -32,106 +32,106 @@ module HrrRbSsh
 
       DEFINITION = [
         #[DataType, Field Name]
-        [DataType::Byte,      'message number'],
-        [DataType::Uint32,    'recipient channel'],
-        [DataType::String,    'request type'],
-        [DataType::Boolean,   'want reply'],
+        [DataType::Byte,      :'message number'],
+        [DataType::Uint32,    :'recipient channel'],
+        [DataType::String,    :'request type'],
+        [DataType::Boolean,   :'want reply'],
       ]
 
       PTY_REQ_DEFINITION = [
         #[DataType, Field Name]
-        #[DataType::String,   'request type' : "pty-req"],
-        [DataType::String,    'TERM environment variable value'],
-        [DataType::Uint32,    'terminal width, characters'],
-        [DataType::Uint32,    'terminal height, rows'],
-        [DataType::Uint32,    'terminal width, pixels'],
-        [DataType::Uint32,    'terminal height, pixels'],
-        [DataType::String,    'encoded terminal modes'],
+        #[DataType::String,   :'request type' : "pty-req"],
+        [DataType::String,    :'TERM environment variable value'],
+        [DataType::Uint32,    :'terminal width, characters'],
+        [DataType::Uint32,    :'terminal height, rows'],
+        [DataType::Uint32,    :'terminal width, pixels'],
+        [DataType::Uint32,    :'terminal height, pixels'],
+        [DataType::String,    :'encoded terminal modes'],
       ]
 
       X11_REQ_DEFINITION = [
         #[DataType, Field Name]
-        #[DataType::String,   'request type' : "x11-req"],
-        [DataType::Boolean,   'single connection'],
-        [DataType::String,    'x11 authentication protocol'],
-        [DataType::String,    'x11 authentication cookie'],
-        [DataType::Uint32,    'x11 screen number'],
+        #[DataType::String,   :'request type' : "x11-req"],
+        [DataType::Boolean,   :'single connection'],
+        [DataType::String,    :'x11 authentication protocol'],
+        [DataType::String,    :'x11 authentication cookie'],
+        [DataType::Uint32,    :'x11 screen number'],
       ]
 
       ENV_DEFINITION = [
         #[DataType, Field Name]
         #[DataType::String,   'request type' : "env"],
-        [DataType::String,    'variable name'],
-        [DataType::String,    'variable value'],
+        [DataType::String,    :'variable name'],
+        [DataType::String,    :'variable value'],
       ]
 
       SHELL_DEFINITION = [
         #[DataType, Field Name]
-        #[DataType::String,   'request type' : "shell"],
+        #[DataType::String,   :'request type' : "shell"],
       ]
 
       EXEC_DEFINITION = [
         #[DataType, Field Name]
-        #[DataType::String,   'request type' : "exec"],
-        [DataType::String,    'command'],
+        #[DataType::String,   :'request type' : "exec"],
+        [DataType::String,    :'command'],
       ]
 
       SUBSYSTEM_DEFINITION = [
         #[DataType, Field Name]
-        #[DataType::String,   'request type' : "subsystem"],
-        [DataType::String,    'subsystem name'],
+        #[DataType::String,   :'request type' : "subsystem"],
+        [DataType::String,    :'subsystem name'],
       ]
 
       WINDOW_CHANGE_DEFINITION = [
         #[DataType, Field Name]
-        #[DataType::String,   'request type' : "window-change"],
-        [DataType::Uint32,    'terminal width, columns'],
-        [DataType::Uint32,    'terminal height, rows'],
-        [DataType::Uint32,    'terminal width, pixels'],
-        [DataType::Uint32,    'terminal height, pixels'],
+        #[DataType::String,   :'request type' : "window-change"],
+        [DataType::Uint32,    :'terminal width, columns'],
+        [DataType::Uint32,    :'terminal height, rows'],
+        [DataType::Uint32,    :'terminal width, pixels'],
+        [DataType::Uint32,    :'terminal height, pixels'],
       ]
 
       XON_XOFF_DEFINITION = [
         #[DataType, Field Name]
-        #[DataType::String,   'request type' : "xon-xoff"],
-        [DataType::Boolean,   'client can do'],
+        #[DataType::String,   :'request type' : "xon-xoff"],
+        [DataType::Boolean,   :'client can do'],
       ]
 
       SIGNAL_DEFINITION = [
         #[DataType, Field Name]
-        #[DataType::String,   'request type' : "signal"],
-        [DataType::String,    'signal name'],
+        #[DataType::String,   :'request type' : "signal"],
+        [DataType::String,    :'signal name'],
       ]
 
       EXIT_STATUS_DEFINITION = [
         #[DataType, Field Name]
-        #[DataType::String,   'request type' : "exit-status"],
-        [DataType::Uint32,    'exit status'],
+        #[DataType::String,   :'request type' : "exit-status"],
+        [DataType::Uint32,    :'exit status'],
       ]
 
       EXIT_SIGNAL_DEFINITION = [
         #[DataType, Field Name]
-        #[DataType::String,   'request type' : "exit-signal"],
-        [DataType::String,    'signal name'],
-        [DataType::Boolean,   'core dumped'],
-        [DataType::String,    'error message'],
-        [DataType::String,    'language tag'],
+        #[DataType::String,   :'request type' : "exit-signal"],
+        [DataType::String,    :'signal name'],
+        [DataType::Boolean,   :'core dumped'],
+        [DataType::String,    :'error message'],
+        [DataType::String,    :'language tag'],
       ]
 
       CONDITIONAL_DEFINITION = {
         # Field Name => {Field Value => Conditional Definition}
-        'request type' => {
-          'pty-req'       => PTY_REQ_DEFINITION,
-          'x11-req'       => X11_REQ_DEFINITION,
-          'env'           => ENV_DEFINITION,
-          'shell'         => SHELL_DEFINITION,
-          'exec'          => EXEC_DEFINITION,
-          'subsystem'     => SUBSYSTEM_DEFINITION,
-          'window-change' => WINDOW_CHANGE_DEFINITION,
-          'xon-xoff'      => XON_XOFF_DEFINITION,
-          'signal'        => SIGNAL_DEFINITION,
-          'exit-status'   => EXIT_STATUS_DEFINITION,
-          'exit-signal'   => EXIT_SIGNAL_DEFINITION,
+        :'request type' => {
+          "pty-req"       => PTY_REQ_DEFINITION,
+          "x11-req"       => X11_REQ_DEFINITION,
+          "env"           => ENV_DEFINITION,
+          "shell"         => SHELL_DEFINITION,
+          "exec"          => EXEC_DEFINITION,
+          "subsystem"     => SUBSYSTEM_DEFINITION,
+          "window-change" => WINDOW_CHANGE_DEFINITION,
+          "xon-xoff"      => XON_XOFF_DEFINITION,
+          "signal"        => SIGNAL_DEFINITION,
+          "exit-status"   => EXIT_STATUS_DEFINITION,
+          "exit-signal"   => EXIT_SIGNAL_DEFINITION,
         },
       }
     end

data/lib/hrr_rb_ssh/message/099_ssh_msg_channel_success.rb

@@ -16,8 +16,8 @@ module HrrRbSsh
 
       DEFINITION = [
         #[DataType, Field Name]
-        [DataType::Byte,      'message number'],
-        [DataType::Uint32,    'recipient channel'],
+        [DataType::Byte,      :'message number'],
+        [DataType::Uint32,    :'recipient channel'],
       ]
     end
   end

data/lib/hrr_rb_ssh/message/100_ssh_msg_channel_failure.rb

@@ -16,8 +16,8 @@ module HrrRbSsh
 
       DEFINITION = [
         #[DataType, Field Name]
-        [DataType::Byte,      'message number'],
-        [DataType::Uint32,    'recipient channel'],
+        [DataType::Byte,      :'message number'],
+        [DataType::Uint32,    :'recipient channel'],
       ]
     end
   end

data/lib/hrr_rb_ssh/message.rb

@@ -16,6 +16,8 @@ require 'hrr_rb_ssh/message/031_ssh_msg_kex_dh_gex_group'
 require 'hrr_rb_ssh/message/032_ssh_msg_kex_dh_gex_init'
 require 'hrr_rb_ssh/message/033_ssh_msg_kex_dh_gex_reply'
 require 'hrr_rb_ssh/message/034_ssh_msg_kex_dh_gex_request'
+require 'hrr_rb_ssh/message/030_ssh_msg_kexecdh_init'
+require 'hrr_rb_ssh/message/031_ssh_msg_kexecdh_reply'
 require 'hrr_rb_ssh/message/050_ssh_msg_userauth_request'
 require 'hrr_rb_ssh/message/051_ssh_msg_userauth_failure'
 require 'hrr_rb_ssh/message/052_ssh_msg_userauth_success'

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman/h0.rb

@@ -13,14 +13,14 @@ module HrrRbSsh
             include Codable
           end
           DEFINITION = [
-            [DataType::String, 'V_C'],
-            [DataType::String, 'V_S'],
-            [DataType::String, 'I_C'],
-            [DataType::String, 'I_S'],
-            [DataType::String, 'K_S'],
-            [DataType::Mpint,  'e'],
-            [DataType::Mpint,  'f'],
-            [DataType::Mpint,  'k'],
+            [DataType::String, :'V_C'],
+            [DataType::String, :'V_S'],
+            [DataType::String, :'I_C'],
+            [DataType::String, :'I_S'],
+            [DataType::String, :'K_S'],
+            [DataType::Mpint,  :'e'],
+            [DataType::Mpint,  :'f'],
+            [DataType::Mpint,  :'k'],
           ]
         end
       end

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman.rb

@@ -49,14 +49,14 @@ module HrrRbSsh
           f = pub_key
 
           h0_payload = {
-            'V_C' => transport.v_c,
-            'V_S' => transport.v_s,
-            'I_C' => transport.i_c,
-            'I_S' => transport.i_s,
-            'K_S' => transport.server_host_key_algorithm.server_public_host_key,
-            'e'   => e,
-            'f'   => f,
-            'k'   => k,
+            :'V_C' => transport.v_c,
+            :'V_S' => transport.v_s,
+            :'I_C' => transport.i_c,
+            :'I_S' => transport.i_s,
+            :'K_S' => transport.server_host_key_algorithm.server_public_host_key,
+            :'e'   => e,
+            :'f'   => f,
+            :'k'   => k,
           }
           h0 = H0.encode h0_payload
 
@@ -117,15 +117,15 @@ module HrrRbSsh
 
         def receive_kexdh_init payload
           message = HrrRbSsh::Message::SSH_MSG_KEXDH_INIT.decode payload
-          set_e message['e']
+          set_e message[:'e']
         end
 
         def send_kexdh_reply transport
           message = {
-            'message number'                                => HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY::VALUE,
-            'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
-            'f'                                             => pub_key,
-            'signature of H'                                => sign(transport),
+            :'message number'                                => HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY::VALUE,
+            :'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
+            :'f'                                             => pub_key,
+            :'signature of H'                                => sign(transport),
           }
           payload = HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY.encode message
           transport.send payload

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange/h0.rb

@@ -13,19 +13,19 @@ module HrrRbSsh
             include Codable
           end
           DEFINITION = [
-            [DataType::String, 'V_C'],
-            [DataType::String, 'V_S'],
-            [DataType::String, 'I_C'],
-            [DataType::String, 'I_S'],
-            [DataType::String, 'K_S'],
-            [DataType::Uint32, 'min'],
-            [DataType::Uint32, 'n'],
-            [DataType::Uint32, 'max'],
-            [DataType::Mpint,  'p'],
-            [DataType::Mpint,  'g'],
-            [DataType::Mpint,  'e'],
-            [DataType::Mpint,  'f'],
-            [DataType::Mpint,  'k'],
+            [DataType::String, :'V_C'],
+            [DataType::String, :'V_S'],
+            [DataType::String, :'I_C'],
+            [DataType::String, :'I_S'],
+            [DataType::String, :'K_S'],
+            [DataType::Uint32, :'min'],
+            [DataType::Uint32, :'n'],
+            [DataType::Uint32, :'max'],
+            [DataType::Mpint,  :'p'],
+            [DataType::Mpint,  :'g'],
+            [DataType::Mpint,  :'e'],
+            [DataType::Mpint,  :'f'],
+            [DataType::Mpint,  :'k'],
           ]
         end
       end

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange.rb

@@ -60,19 +60,19 @@ module HrrRbSsh
           f = pub_key
 
           h0_payload = {
-            'V_C' => transport.v_c,
-            'V_S' => transport.v_s,
-            'I_C' => transport.i_c,
-            'I_S' => transport.i_s,
-            'K_S' => transport.server_host_key_algorithm.server_public_host_key,
-            'min' => @min,
-            'n'   => @n,
-            'max' => @max,
-            'p'   => @dh.p.to_i,
-            'g'   => @dh.g.to_i,
-            'e'   => e,
-            'f'   => f,
-            'k'   => k,
+            :'V_C' => transport.v_c,
+            :'V_S' => transport.v_s,
+            :'I_C' => transport.i_c,
+            :'I_S' => transport.i_s,
+            :'K_S' => transport.server_host_key_algorithm.server_public_host_key,
+            :'min' => @min,
+            :'n'   => @n,
+            :'max' => @max,
+            :'p'   => @dh.p.to_i,
+            :'g'   => @dh.g.to_i,
+            :'e'   => e,
+            :'f'   => f,
+            :'k'   => k,
           }
           h0 = H0.encode h0_payload
 
@@ -132,16 +132,16 @@ module HrrRbSsh
 
         def receive_kex_dh_gex_request payload
           message = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_REQUEST.decode payload
-          @min = message['min']
-          @n   = message['n']
-          @max = message['max']
+          @min = message[:'min']
+          @n   = message[:'n']
+          @max = message[:'max']
         end
 
         def send_kex_dh_gex_group transport
           message = {
-            'message number' => HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_GROUP::VALUE,
-            'p'              => @dh.p.to_i,
-            'g'              => @dh.g.to_i,
+            :'message number' => HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_GROUP::VALUE,
+            :'p'              => @dh.p.to_i,
+            :'g'              => @dh.g.to_i,
           }
           payload = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_GROUP.encode message
           transport.send payload
@@ -149,15 +149,15 @@ module HrrRbSsh
 
         def receive_kex_dh_gex_init payload
           message = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_INIT.decode payload
-          set_e message['e']
+          set_e message[:'e']
         end
 
         def send_kex_dh_gex_reply transport
           message = {
-            'message number'                                => HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_REPLY::VALUE,
-            'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
-            'f'                                             => pub_key,
-            'signature of H'                                => sign(transport),
+            :'message number'                                => HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_REPLY::VALUE,
+            :'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
+            :'f'                                             => pub_key,
+            :'signature of H'                                => sign(transport),
           }
           payload = HrrRbSsh::Message::SSH_MSG_KEX_DH_GEX_REPLY.encode message
           transport.send payload

data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman/h0.rb

@@ -0,0 +1,29 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      module EllipticCurveDiffieHellman
+        module H0
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, :'V_C'],
+            [DataType::String, :'V_S'],
+            [DataType::String, :'I_C'],
+            [DataType::String, :'I_S'],
+            [DataType::String, :'K_S'],
+            [DataType::Mpint,  :'Q_C'],
+            [DataType::Mpint,  :'Q_S'],
+            [DataType::Mpint,  :'K'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman.rb

@@ -0,0 +1,132 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'openssl'
+require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/data_type'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      module EllipticCurveDiffieHellman
+        def initialize
+          @logger = HrrRbSsh::Logger.new(self.class.name)
+          @dh = OpenSSL::PKey::EC.new(self.class::CURVE_NAME)
+          @dh.generate_key
+        end
+
+        def start transport, mode
+          case mode
+          when HrrRbSsh::Transport::Mode::SERVER
+            receive_kexecdh_init transport.receive
+            send_kexecdh_reply transport
+          else
+            raise "unsupported mode"
+          end
+        end
+
+        def set_q_c q_c
+          @q_c = q_c
+        end
+
+        def shared_secret
+          k = OpenSSL::BN.new(@dh.dh_compute_key(OpenSSL::PKey::EC::Point.new(OpenSSL::PKey::EC.new(self.class::CURVE_NAME).group, OpenSSL::BN.new(@q_c))), 2).to_i
+        end
+
+        def public_key
+          f = @dh.public_key.to_bn.to_i
+        end
+
+        def hash transport
+          q_c = @q_c
+          q_s = public_key
+          k   = shared_secret
+
+          h0_payload = {
+            :'V_C' => transport.v_c,
+            :'V_S' => transport.v_s,
+            :'I_C' => transport.i_c,
+            :'I_S' => transport.i_s,
+            :'K_S' => transport.server_host_key_algorithm.server_public_host_key,
+            :'Q_C' => q_c,
+            :'Q_S' => q_s,
+            :'K'   => k,
+          }
+          h0 = H0.encode h0_payload
+
+          h = OpenSSL::Digest.digest self.class::DIGEST, h0
+
+          h
+        end
+
+        def sign transport
+          h = hash transport
+          s = transport.server_host_key_algorithm.sign h
+
+          s
+        end
+
+        def build_key(_k, h, _x, session_id, key_length)
+          k = DataType::Mpint.encode _k
+          x = DataType::Byte.encode _x
+
+          key = OpenSSL::Digest.digest(self.class::DIGEST, k + h + x + session_id)
+
+          while key.length < key_length
+            key = key + OpenSSL::Digest.digest(self.class::DIGEST, k + h + key )
+          end
+
+          key[0, key_length]
+        end
+
+        def iv_c_to_s transport, encryption_algorithm_c_to_s_name
+          key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_c_to_s_name]::IV_LENGTH
+          build_key(shared_secret, hash(transport), 'A'.ord, transport.session_id, key_length)
+        end
+
+        def iv_s_to_c transport, encryption_algorithm_s_to_c_name
+          key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_s_to_c_name]::IV_LENGTH
+          build_key(shared_secret, hash(transport), 'B'.ord, transport.session_id, key_length)
+        end
+
+        def key_c_to_s transport, encryption_algorithm_c_to_s_name
+          key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_c_to_s_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'C'.ord, transport.session_id, key_length)
+        end
+
+        def key_s_to_c transport, encryption_algorithm_s_to_c_name
+          key_length = HrrRbSsh::Transport::EncryptionAlgorithm[encryption_algorithm_s_to_c_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'D'.ord, transport.session_id, key_length)
+        end
+
+        def mac_c_to_s transport, mac_algorithm_c_to_s_name
+          key_length = HrrRbSsh::Transport::MacAlgorithm[mac_algorithm_c_to_s_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'E'.ord, transport.session_id, key_length)
+        end
+
+        def mac_s_to_c transport, mac_algorithm_s_to_c_name
+          key_length = HrrRbSsh::Transport::MacAlgorithm[mac_algorithm_s_to_c_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'F'.ord, transport.session_id, key_length)
+        end
+
+        def receive_kexecdh_init payload
+          message = HrrRbSsh::Message::SSH_MSG_KEXECDH_INIT.decode payload
+          set_q_c message[:'Q_C']
+        end
+
+        def send_kexecdh_reply transport
+          message = {
+            :'message number' => HrrRbSsh::Message::SSH_MSG_KEXECDH_REPLY::VALUE,
+            :'K_S'            => transport.server_host_key_algorithm.server_public_host_key,
+            :'Q_S'            => public_key,
+            :'signature of H' => sign(transport),
+          }
+          payload = HrrRbSsh::Message::SSH_MSG_KEXECDH_REPLY.encode message
+          transport.send payload
+        end
+      end
+    end
+  end
+end
+
+require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman/h0'

data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp256.rb

@@ -0,0 +1,18 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      class EllipticCurveDiffieHellmanSha2Nistp256 < KexAlgorithm
+        NAME = 'ecdh-sha2-nistp256'
+        PREFERENCE = 100
+        DIGEST = 'sha256'
+        CURVE_NAME = 'prime256v1'
+        include EllipticCurveDiffieHellman
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp384.rb

@@ -0,0 +1,18 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      class EllipticCurveDiffieHellmanSha2Nistp384 < KexAlgorithm
+        NAME = 'ecdh-sha2-nistp384'
+        PREFERENCE = 110
+        DIGEST = 'sha384'
+        CURVE_NAME = 'secp384r1'
+        include EllipticCurveDiffieHellman
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp521.rb

@@ -0,0 +1,18 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman'
+
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      class EllipticCurveDiffieHellmanSha2Nistp521 < KexAlgorithm
+        NAME = 'ecdh-sha2-nistp521'
+        PREFERENCE = 120
+        DIGEST = 'sha512'
+        CURVE_NAME = 'secp521r1'
+        include EllipticCurveDiffieHellman
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/kex_algorithm.rb

@@ -23,3 +23,6 @@ require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group15_sha512'
 require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group16_sha512'
 require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group17_sha512'
 require 'hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group18_sha512'
+require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp256'
+require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp384'
+require 'hrr_rb_ssh/transport/kex_algorithm/elliptic_curve_diffie_hellman_sha2_nistp521'

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp256/ecdsa_signature_blob.rb

@@ -0,0 +1,23 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class EcdsaSha2Nistp256
+        module EcdsaSignatureBlob
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::Mpint, :'r'],
+            [DataType::Mpint, :'s'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp256/public_key_blob.rb

@@ -0,0 +1,25 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class EcdsaSha2Nistp256
+        module PublicKeyBlob
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, :'ecdsa-sha2-[identifier]'],
+            [DataType::String, :'[identifier]'],
+            [DataType::String, :'Q'],
+          ]
+        end
+      end
+    end
+  end
+end
+