RubyGems - hrr_rb_ssh - Versions diffs - 0.1.9 → 0.2.0 - Mend

hrr_rb_ssh 0.1.9 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (123) hide show

data/lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2_nistp384.rb ADDED Viewed

@@ -0,0 +1,19 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/algorithm/publickey/ecdsa_sha2'
+module HrrRbSsh
+  module Algorithm
+    class Publickey
+      class EcdsaSha2Nistp384 < Publickey
+        NAME = 'ecdsa-sha2-nistp384'
+        DIGEST = 'sha384'
+        IDENTIFIER = 'nistp384'
+        CURVE_NAME = 'secp384r1'
+        include EcdsaSha2
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2_nistp521.rb ADDED Viewed

@@ -0,0 +1,19 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/algorithm/publickey/ecdsa_sha2'
+module HrrRbSsh
+  module Algorithm
+    class Publickey
+      class EcdsaSha2Nistp521 < Publickey
+        NAME = 'ecdsa-sha2-nistp521'
+        DIGEST = 'sha512'
+        IDENTIFIER = 'nistp521'
+        CURVE_NAME = 'secp521r1'
+        include EcdsaSha2
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/{transport/server_host_key_algorithm → algorithm/publickey}/ssh_dss/public_key_blob.rb RENAMED Viewed

@@ -5,15 +5,15 @@ require 'hrr_rb_ssh/data_type'
 require 'hrr_rb_ssh/codable'
 module HrrRbSsh
-  class Transport
-    class ServerHostKeyAlgorithm
+  module Algorithm
+    class Publickey
       class SshDss
         module PublicKeyBlob
           class << self
             include Codable
           end
           DEFINITION = [
-            [DataType::String, :'ssh-dss'],
+            [DataType::String, :'public key algorithm name'],
             [DataType::Mpint,  :'p'],
             [DataType::Mpint,  :'q'],
             [DataType::Mpint,  :'g'],

data/lib/hrr_rb_ssh/{transport/server_host_key_algorithm → algorithm/publickey}/ssh_dss/signature.rb RENAMED Viewed

@@ -5,16 +5,16 @@ require 'hrr_rb_ssh/data_type'
 require 'hrr_rb_ssh/codable'
 module HrrRbSsh
-  class Transport
-    class ServerHostKeyAlgorithm
+  module Algorithm
+    class Publickey
       class SshDss
         module Signature
           class << self
             include Codable
           end
           DEFINITION = [
-            [DataType::String, :'ssh-dss'],
-            [DataType::String, :'dss_signature_blob'],
+            [DataType::String, :'public key algorithm name'],
+            [DataType::String, :'signature blob'],
           ]
         end
       end

data/lib/hrr_rb_ssh/algorithm/publickey/ssh_dss.rb ADDED Viewed

@@ -0,0 +1,90 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+module HrrRbSsh
+  module Algorithm
+    class Publickey
+      class SshDss < Publickey
+        NAME = 'ssh-dss'
+        DIGEST = 'sha1'
+        def initialize arg
+          begin
+            new_by_key_str arg
+          rescue OpenSSL::PKey::DSAError
+            new_by_public_key_blob arg
+          end
+        end
+        def new_by_key_str key_str
+          @publickey = OpenSSL::PKey::DSA.new(key_str)
+        end
+        def new_by_public_key_blob public_key_blob
+          public_key_blob_h = PublicKeyBlob.decode(public_key_blob)
+          @publickey = OpenSSL::PKey::DSA.new
+          if @publickey.respond_to?(:set_pqg)
+            @publickey.set_pqg public_key_blob_h[:'p'], public_key_blob_h[:'q'], public_key_blob_h[:'g']
+          else
+            @publickey.p = public_key_blob_h[:'p']
+            @publickey.q = public_key_blob_h[:'q']
+            @publickey.g = public_key_blob_h[:'g']
+          end
+          if @publickey.respond_to?(:set_key)
+            @publickey.set_key public_key_blob_h[:'y'], nil
+          else
+            @publickey.pub_key = public_key_blob_h[:'y']
+          end
+        end
+        def to_pem
+          @publickey.public_key.to_pem
+        end
+        def to_public_key_blob
+          public_key_blob_h = {
+            :'public key algorithm name' => self.class::NAME,
+            :'p'                         => @publickey.p.to_i,
+            :'q'                         => @publickey.q.to_i,
+            :'g'                         => @publickey.g.to_i,
+            :'y'                         => @publickey.pub_key.to_i,
+          }
+          PublicKeyBlob.encode(public_key_blob_h)
+        end
+        def sign signature_blob
+          hash = OpenSSL::Digest.digest(self.class::DIGEST, signature_blob)
+          sign_der = @publickey.syssign(hash)
+          sign_asn1 = OpenSSL::ASN1.decode(sign_der)
+          sign_r = sign_asn1.value[0].value.to_s(2).rjust(20, ["00"].pack("H"))
+          sign_s = sign_asn1.value[1].value.to_s(2).rjust(20, ["00"].pack("H"))
+          signature_h = {
+            :'public key algorithm name' => self.class::NAME,
+            :'signature blob'            => (sign_r + sign_s),
+          }
+          Signature.encode signature_h
+        end
+        def verify signature, signature_blob
+          signature_h = Signature.decode signature
+          sign_r = signature_h[:'signature blob'][ 0, 20]
+          sign_s = signature_h[:'signature blob'][20, 20]
+          sign_asn1 = OpenSSL::ASN1::Sequence.new(
+            [
+              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_r, 2)),
+              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_s, 2)),
+            ]
+          )
+          sign_der = sign_asn1.to_der
+          hash = OpenSSL::Digest.digest(self.class::DIGEST, signature_blob)
+          signature_h[:'public key algorithm name'] == self.class::NAME && @publickey.sysverify(hash, sign_der)
+        end
+      end
+    end
+  end
+end
+require 'hrr_rb_ssh/algorithm/publickey/ssh_dss/public_key_blob'
+require 'hrr_rb_ssh/algorithm/publickey/ssh_dss/signature'

data/lib/hrr_rb_ssh/{transport/server_host_key_algorithm → algorithm/publickey}/ssh_rsa/public_key_blob.rb RENAMED Viewed

@@ -5,15 +5,15 @@ require 'hrr_rb_ssh/data_type'
 require 'hrr_rb_ssh/codable'
 module HrrRbSsh
-  class Transport
-    class ServerHostKeyAlgorithm
+  module Algorithm
+    class Publickey
       class SshRsa
         module PublicKeyBlob
           class << self
             include Codable
           end
           DEFINITION = [
-            [DataType::String, :'ssh-rsa'],
+            [DataType::String, :'public key algorithm name'],
             [DataType::Mpint,  :'e'],
             [DataType::Mpint,  :'n'],
           ]
@@ -22,4 +22,3 @@ module HrrRbSsh
     end
   end
 end

data/lib/hrr_rb_ssh/{transport/server_host_key_algorithm → algorithm/publickey}/ssh_rsa/signature.rb RENAMED Viewed

@@ -5,16 +5,16 @@ require 'hrr_rb_ssh/data_type'
 require 'hrr_rb_ssh/codable'
 module HrrRbSsh
-  class Transport
-    class ServerHostKeyAlgorithm
+  module Algorithm
+    class Publickey
       class SshRsa
         module Signature
           class << self
             include Codable
           end
           DEFINITION = [
-            [DataType::String, :'ssh-rsa'],
-            [DataType::String, :'rsa_signature_blob'],
+            [DataType::String, :'public key algorithm name'],
+            [DataType::String, :'signature blob'],
           ]
         end
       end

data/lib/hrr_rb_ssh/algorithm/publickey/ssh_rsa.rb ADDED Viewed

@@ -0,0 +1,67 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+module HrrRbSsh
+  module Algorithm
+    class Publickey
+      class SshRsa < Publickey
+        NAME = 'ssh-rsa'
+        DIGEST = 'sha1'
+        def initialize arg
+          begin
+            new_by_key_str arg
+          rescue OpenSSL::PKey::RSAError
+            new_by_public_key_blob arg
+          end
+        end
+        def new_by_key_str key_str
+          @publickey = OpenSSL::PKey::RSA.new(key_str)
+        end
+        def new_by_public_key_blob public_key_blob
+          public_key_blob_h = PublicKeyBlob.decode(public_key_blob)
+          @publickey = OpenSSL::PKey::RSA.new
+          if @publickey.respond_to?(:set_key)
+            @publickey.set_key public_key_blob_h[:'n'], public_key_blob_h[:'e'], nil
+          else
+            @publickey.n = public_key_blob_h[:'n']
+            @publickey.e = public_key_blob_h[:'e']
+          end
+        end
+        def to_pem
+          @publickey.public_key.to_pem
+        end
+        def to_public_key_blob
+          public_key_blob_h = {
+            :'public key algorithm name' => self.class::NAME,
+            :'e'                         => @publickey.e.to_i,
+            :'n'                         => @publickey.n.to_i,
+          }
+          PublicKeyBlob.encode(public_key_blob_h)
+        end
+        def sign signature_blob
+          signature_h = {
+            :'public key algorithm name' => self.class::NAME,
+            :'signature blob'            => @publickey.sign(self.class::DIGEST, signature_blob),
+          }
+          Signature.encode signature_h
+        end
+        def verify signature, signature_blob
+          signature_h = Signature.decode signature
+          signature_h[:'public key algorithm name'] == self.class::NAME && @publickey.verify(self.class::DIGEST, signature_h[:'signature blob'], signature_blob)
+        end
+      end
+    end
+  end
+end
+require 'hrr_rb_ssh/algorithm/publickey/ssh_rsa/public_key_blob'
+require 'hrr_rb_ssh/algorithm/publickey/ssh_rsa/signature'

data/lib/hrr_rb_ssh/algorithm/publickey.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+module HrrRbSsh
+  module Algorithm
+    class Publickey
+      @subclass_list = Array.new
+      class << self
+        def inherited klass
+          @subclass_list.push klass if @subclass_list
+        end
+        def [] key
+          __subclass_list__(__method__).find{ |klass| klass::NAME == key }
+        end
+        def __subclass_list__ method_name
+          send(:method_missing, method_name) unless @subclass_list
+          @subclass_list
+        end
+        private :__subclass_list__
+      end
+    end
+  end
+end
+require 'hrr_rb_ssh/algorithm/publickey/ssh_dss'
+require 'hrr_rb_ssh/algorithm/publickey/ssh_rsa'
+require 'hrr_rb_ssh/algorithm/publickey/ecdsa_sha2_nistp256'
+require 'hrr_rb_ssh/algorithm/publickey/ecdsa_sha2_nistp384'
+require 'hrr_rb_ssh/algorithm/publickey/ecdsa_sha2_nistp521'

data/lib/hrr_rb_ssh/algorithm.rb ADDED Viewed

@@ -0,0 +1,9 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+module HrrRbSsh
+  module Algorithm
+  end
+end
+require 'hrr_rb_ssh/algorithm/publickey'

data/lib/hrr_rb_ssh/authentication/method/none/context.rb CHANGED Viewed

@@ -13,7 +13,7 @@ module HrrRbSsh
           def initialize username
             @username = username
-            @logger = HrrRbSsh::Logger.new self.class.name
+            @logger = Logger.new self.class.name
           end
           def verify username

data/lib/hrr_rb_ssh/authentication/method/none.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module HrrRbSsh
         PREFERENCE = 0
         def initialize options
-          @logger = HrrRbSsh::Logger.new(self.class.name)
+          @logger = Logger.new(self.class.name)
           @authenticator = options.fetch( 'authentication_none_authenticator', Authenticator.new { false } )
         end

data/lib/hrr_rb_ssh/authentication/method/password/context.rb CHANGED Viewed

@@ -14,7 +14,7 @@ module HrrRbSsh
             @username = username
             @password = password
-            @logger = HrrRbSsh::Logger.new self.class.name
+            @logger = Logger.new self.class.name
           end
           def verify username, password

data/lib/hrr_rb_ssh/authentication/method/password.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module HrrRbSsh
         PREFERENCE = 10
         def initialize options
-          @logger = HrrRbSsh::Logger.new(self.class.name)
+          @logger = Logger.new(self.class.name)
           @authenticator = options.fetch( 'authentication_password_authenticator', Authenticator.new { false } )
         end

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256.rb CHANGED Viewed

@@ -1,8 +1,7 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/authentication/method/publickey/algorithm/functionable'
 module HrrRbSsh
   class Authentication
@@ -12,73 +11,11 @@ module HrrRbSsh
           class EcdsaSha2Nistp256 < Algorithm
             NAME = 'ecdsa-sha2-nistp256'
             PREFERENCE = 30
-            DIGEST = 'sha256'
-            IDENTIFIER = 'nistp256'
-            CURVE_NAME = 'prime256v1'
-            def initialize
-              @logger = HrrRbSsh::Logger.new(self.class.name)
-            end
-            def verify_public_key public_key_algorithm_name, public_key, public_key_blob
-              public_key = case public_key
-                           when String
-                             OpenSSL::PKey::EC.new(public_key)
-                           when OpenSSL::PKey::EC
-                             public_key
-                           else
-                             return false
-                           end
-              public_key_message = {
-                :'public key algorithm name' => public_key_algorithm_name,
-                :'[identifier]'              => self.class::IDENTIFIER,
-                :'Q'                         => public_key.public_key.to_bn.to_s(2)
-              }
-              public_key_blob == PublicKeyBlob.encode(public_key_message)
-            end
-            def verify_signature session_id, message
-              signature_message   = Signature.decode message[:'signature']
-              signature_algorithm = signature_message[:'public key algorithm name']
-              signature_blob      = signature_message[:'signature blob']
-              public_key = PublicKeyBlob.decode message[:'public key blob']
-              algorithm = OpenSSL::PKey::EC.new(self.class::CURVE_NAME)
-              algorithm.public_key = OpenSSL::PKey::EC::Point.new(algorithm.group, OpenSSL::BN.new(public_key[:'Q'], 2))
-              data_message = {
-                :'session identifier'        => session_id,
-                :'message number'            => message[:'message number'],
-                :'user name'                 => message[:'user name'],
-                :'service name'              => message[:'service name'],
-                :'method name'               => message[:'method name'],
-                :'with signature'            => message[:'with signature'],
-                :'public key algorithm name' => message[:'public key algorithm name'],
-                :'public key blob'           => message[:'public key blob'],
-              }
-              data_blob = SignatureBlob.encode data_message
-              hash = OpenSSL::Digest.digest(DIGEST, data_blob)
-              ecdsa_signature_blob = EcdsaSignatureBlob.decode signature_blob
-              sign_r = ecdsa_signature_blob[:'r']
-              sign_s = ecdsa_signature_blob[:'s']
-              sign_asn1 = OpenSSL::ASN1::Sequence.new(
-                [
-                  OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_r)),
-                  OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_s)),
-                ]
-              )
-              sign_der = sign_asn1.to_der
-              (signature_algorithm == message[:'public key algorithm name']) && algorithm.dsa_verify_asn1(hash, sign_der)
-            end
+            include Functionable
           end
         end
       end
     end
   end
 end
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256/public_key_blob'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256/signature_blob'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256/signature'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256/ecdsa_signature_blob'

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384.rb CHANGED Viewed

@@ -1,8 +1,7 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/authentication/method/publickey/algorithm/functionable'
 module HrrRbSsh
   class Authentication
@@ -12,73 +11,11 @@ module HrrRbSsh
           class EcdsaSha2Nistp384 < Algorithm
             NAME = 'ecdsa-sha2-nistp384'
             PREFERENCE = 40
-            DIGEST = 'sha384'
-            IDENTIFIER = 'nistp384'
-            CURVE_NAME = 'secp384r1'
-            def initialize
-              @logger = HrrRbSsh::Logger.new(self.class.name)
-            end
-            def verify_public_key public_key_algorithm_name, public_key, public_key_blob
-              public_key = case public_key
-                           when String
-                             OpenSSL::PKey::EC.new(public_key)
-                           when OpenSSL::PKey::EC
-                             public_key
-                           else
-                             return false
-                           end
-              public_key_message = {
-                :'public key algorithm name' => public_key_algorithm_name,
-                :'[identifier]'              => self.class::IDENTIFIER,
-                :'Q'                         => public_key.public_key.to_bn.to_s(2)
-              }
-              public_key_blob == PublicKeyBlob.encode(public_key_message)
-            end
-            def verify_signature session_id, message
-              signature_message   = Signature.decode message[:'signature']
-              signature_algorithm = signature_message[:'public key algorithm name']
-              signature_blob      = signature_message[:'signature blob']
-              public_key = PublicKeyBlob.decode message[:'public key blob']
-              algorithm = OpenSSL::PKey::EC.new(self.class::CURVE_NAME)
-              algorithm.public_key = OpenSSL::PKey::EC::Point.new(algorithm.group, OpenSSL::BN.new(public_key[:'Q'], 2))
-              data_message = {
-                :'session identifier'        => session_id,
-                :'message number'            => message[:'message number'],
-                :'user name'                 => message[:'user name'],
-                :'service name'              => message[:'service name'],
-                :'method name'               => message[:'method name'],
-                :'with signature'            => message[:'with signature'],
-                :'public key algorithm name' => message[:'public key algorithm name'],
-                :'public key blob'           => message[:'public key blob'],
-              }
-              data_blob = SignatureBlob.encode data_message
-              hash = OpenSSL::Digest.digest(DIGEST, data_blob)
-              ecdsa_signature_blob = EcdsaSignatureBlob.decode signature_blob
-              sign_r = ecdsa_signature_blob[:'r']
-              sign_s = ecdsa_signature_blob[:'s']
-              sign_asn1 = OpenSSL::ASN1::Sequence.new(
-                [
-                  OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_r)),
-                  OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_s)),
-                ]
-              )
-              sign_der = sign_asn1.to_der
-              (signature_algorithm == message[:'public key algorithm name']) && algorithm.dsa_verify_asn1(hash, sign_der)
-            end
+            include Functionable
           end
         end
       end
     end
   end
 end
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384/public_key_blob'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384/signature_blob'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384/signature'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384/ecdsa_signature_blob'

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521.rb CHANGED Viewed

@@ -1,8 +1,7 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/authentication/method/publickey/algorithm/functionable'
 module HrrRbSsh
   class Authentication
@@ -12,73 +11,11 @@ module HrrRbSsh
           class EcdsaSha2Nistp521 < Algorithm
             NAME = 'ecdsa-sha2-nistp521'
             PREFERENCE = 50
-            DIGEST = 'sha512'
-            IDENTIFIER = 'nistp521'
-            CURVE_NAME = 'secp521r1'
-            def initialize
-              @logger = HrrRbSsh::Logger.new(self.class.name)
-            end
-            def verify_public_key public_key_algorithm_name, public_key, public_key_blob
-              public_key = case public_key
-                           when String
-                             OpenSSL::PKey::EC.new(public_key)
-                           when OpenSSL::PKey::EC
-                             public_key
-                           else
-                             return false
-                           end
-              public_key_message = {
-                :'public key algorithm name' => public_key_algorithm_name,
-                :'[identifier]'              => self.class::IDENTIFIER,
-                :'Q'                         => public_key.public_key.to_bn.to_s(2)
-              }
-              public_key_blob == PublicKeyBlob.encode(public_key_message)
-            end
-            def verify_signature session_id, message
-              signature_message   = Signature.decode message[:'signature']
-              signature_algorithm = signature_message[:'public key algorithm name']
-              signature_blob      = signature_message[:'signature blob']
-              public_key = PublicKeyBlob.decode message[:'public key blob']
-              algorithm = OpenSSL::PKey::EC.new(self.class::CURVE_NAME)
-              algorithm.public_key = OpenSSL::PKey::EC::Point.new(algorithm.group, OpenSSL::BN.new(public_key[:'Q'], 2))
-              data_message = {
-                :'session identifier'        => session_id,
-                :'message number'            => message[:'message number'],
-                :'user name'                 => message[:'user name'],
-                :'service name'              => message[:'service name'],
-                :'method name'               => message[:'method name'],
-                :'with signature'            => message[:'with signature'],
-                :'public key algorithm name' => message[:'public key algorithm name'],
-                :'public key blob'           => message[:'public key blob'],
-              }
-              data_blob = SignatureBlob.encode data_message
-              hash = OpenSSL::Digest.digest(DIGEST, data_blob)
-              ecdsa_signature_blob = EcdsaSignatureBlob.decode signature_blob
-              sign_r = ecdsa_signature_blob[:'r']
-              sign_s = ecdsa_signature_blob[:'s']
-              sign_asn1 = OpenSSL::ASN1::Sequence.new(
-                [
-                  OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_r)),
-                  OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_s)),
-                ]
-              )
-              sign_der = sign_asn1.to_der
-              (signature_algorithm == message[:'public key algorithm name']) && algorithm.dsa_verify_asn1(hash, sign_der)
-            end
+            include Functionable
           end
         end
       end
     end
   end
 end
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521/public_key_blob'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521/signature_blob'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521/signature'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521/ecdsa_signature_blob'