RubyGems - hrr_rb_ssh - Versions diffs - 0.1.9 → 0.2.0 - Mend

hrr_rb_ssh 0.1.9 → 0.2.0

Files changed (123) hide show

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb ADDED Viewed

@@ -0,0 +1,54 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/algorithm/publickey'
+module HrrRbSsh
+  class Authentication
+    class Method
+      class Publickey
+        class Algorithm
+          module Functionable
+            def initialize
+              @logger = Logger.new(self.class.name)
+            end
+            def verify_public_key public_key_algorithm_name, public_key, public_key_blob
+              begin
+                publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new public_key
+                public_key_algorithm_name == self.class::NAME && public_key_blob == publickey.to_public_key_blob
+              rescue => e
+                @logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
+                false
+              end
+            end
+            def verify_signature session_id, message
+              begin
+                signature_blob_h = {
+                  :'session identifier'        => session_id,
+                  :'message number'            => message[:'message number'],
+                  :'user name'                 => message[:'user name'],
+                  :'service name'              => message[:'service name'],
+                  :'method name'               => message[:'method name'],
+                  :'with signature'            => message[:'with signature'],
+                  :'public key algorithm name' => message[:'public key algorithm name'],
+                  :'public key blob'           => message[:'public key blob'],
+                }
+                signature_blob = SignatureBlob.encode signature_blob_h
+                publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new message[:'public key blob']
+                publickey.verify message[:'signature'], signature_blob
+              rescue => e
+                @logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
+                false
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end
+require 'hrr_rb_ssh/authentication/method/publickey/algorithm/signature_blob'

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/signature_blob.rb ADDED Viewed

@@ -0,0 +1,31 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+module HrrRbSsh
+  class Authentication
+    class Method
+      class Publickey
+        class Algorithm
+          module SignatureBlob
+            class << self
+              include Codable
+            end
+            DEFINITION = [
+              [DataType::String,  :'session identifier'],
+              [DataType::Byte,    :'message number'],
+              [DataType::String,  :'user name'],
+              [DataType::String,  :'service name'],
+              [DataType::String,  :'method name'],
+              [DataType::Boolean, :'with signature'],
+              [DataType::String,  :'public key algorithm name'],
+              [DataType::String,  :'public key blob'],
+            ]
+          end
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss.rb CHANGED Viewed

@@ -1,8 +1,7 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/authentication/method/publickey/algorithm/functionable'
 module HrrRbSsh
   class Authentication
@@ -14,80 +13,10 @@ module HrrRbSsh
             PREFERENCE = 10
             DIGEST = 'sha1'
-            def initialize
-              @logger = HrrRbSsh::Logger.new(self.class.name)
-            end
-            def verify_public_key public_key_algorithm_name, public_key, public_key_blob
-              public_key = case public_key
-                           when String
-                             OpenSSL::PKey::DSA.new(public_key)
-                           when OpenSSL::PKey::DSA
-                             public_key
-                           else
-                             return false
-                           end
-              public_key_message = {
-                :'public key algorithm name' => public_key_algorithm_name,
-                :'p'                         => public_key.p.to_i,
-                :'g'                         => public_key.g.to_i,
-                :'q'                         => public_key.q.to_i,
-                :'y'                         => public_key.pub_key.to_i,
-              }
-              public_key_blob == PublicKeyBlob.encode(public_key_message)
-            end
-            def verify_signature session_id, message
-              signature_message   = Signature.decode message[:'signature']
-              signature_algorithm = signature_message[:'public key algorithm name']
-              signature_blob      = signature_message[:'signature blob']
-              public_key = PublicKeyBlob.decode message[:'public key blob']
-              algorithm = OpenSSL::PKey::DSA.new
-              if algorithm.respond_to?(:set_pqg)
-                algorithm.set_pqg public_key[:'p'], public_key[:'q'], public_key[:'g']
-              else
-                algorithm.p = public_key[:'p']
-                algorithm.q = public_key[:'q']
-                algorithm.g = public_key[:'g']
-              end
-              if algorithm.respond_to?(:set_key)
-                algorithm.set_key public_key[:'y'], nil
-              else
-                algorithm.pub_key = public_key[:'y']
-              end
-              data_message = {
-                :'session identifier'        => session_id,
-                :'message number'            => message[:'message number'],
-                :'user name'                 => message[:'user name'],
-                :'service name'              => message[:'service name'],
-                :'method name'               => message[:'method name'],
-                :'with signature'            => message[:'with signature'],
-                :'public key algorithm name' => message[:'public key algorithm name'],
-                :'public key blob'           => message[:'public key blob'],
-              }
-              data_blob = SignatureBlob.encode data_message
-              hash = OpenSSL::Digest.digest(DIGEST, data_blob)
-              sign_r = signature_blob[ 0, 20]
-              sign_s = signature_blob[20, 20]
-              sign_asn1 = OpenSSL::ASN1::Sequence.new(
-                [
-                  OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_r, 2)),
-                  OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_s, 2)),
-                ]
-              )
-              sign_der = sign_asn1.to_der
-              (signature_algorithm == message[:'public key algorithm name']) && algorithm.sysverify(hash, sign_der)
-            end
+            include Functionable
           end
         end
       end
     end
   end
 end
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/public_key_blob'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature_blob'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature'

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa.rb CHANGED Viewed

@@ -1,8 +1,7 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/authentication/method/publickey/algorithm/functionable'
 module HrrRbSsh
   class Authentication
@@ -14,62 +13,10 @@ module HrrRbSsh
             PREFERENCE = 20
             DIGEST = 'sha1'
-            def initialize
-              @logger = HrrRbSsh::Logger.new(self.class.name)
-            end
-            def verify_public_key public_key_algorithm_name, public_key, public_key_blob
-              public_key = case public_key
-                           when String
-                             OpenSSL::PKey::RSA.new(public_key)
-                           when OpenSSL::PKey::RSA
-                             public_key
-                           else
-                             return false
-                           end
-              public_key_message = {
-                :'public key algorithm name' => public_key_algorithm_name,
-                :'e'                         => public_key.e.to_i,
-                :'n'                         => public_key.n.to_i,
-              }
-              public_key_blob == PublicKeyBlob.encode(public_key_message)
-            end
-            def verify_signature session_id, message
-              signature_message   = Signature.decode message[:'signature']
-              signature_algorithm = signature_message[:'public key algorithm name']
-              signature_blob      = signature_message[:'signature blob']
-              public_key = PublicKeyBlob.decode message[:'public key blob']
-              algorithm = OpenSSL::PKey::RSA.new
-              if algorithm.respond_to?(:set_key)
-                algorithm.set_key public_key[:'n'], public_key[:'e'], nil
-              else
-                algorithm.e = public_key[:'e']
-                algorithm.n = public_key[:'n']
-              end
-              data_message = {
-                :'session identifier'        => session_id,
-                :'message number'            => message[:'message number'],
-                :'user name'                 => message[:'user name'],
-                :'service name'              => message[:'service name'],
-                :'method name'               => message[:'method name'],
-                :'with signature'            => message[:'with signature'],
-                :'public key algorithm name' => message[:'public key algorithm name'],
-                :'public key blob'           => message[:'public key blob'],
-              }
-              data_blob = SignatureBlob.encode data_message
-              (signature_algorithm == message[:'public key algorithm name']) && algorithm.verify(DIGEST, signature_blob, data_blob)
-            end
+            include Functionable
           end
         end
       end
     end
   end
 end
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/public_key_blob'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature_blob'
-require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature'

data/lib/hrr_rb_ssh/authentication/method/publickey.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module HrrRbSsh
         PREFERENCE = 20
         def initialize options
-          @logger = HrrRbSsh::Logger.new(self.class.name)
+          @logger = Logger.new(self.class.name)
           @session_id = options['session id']
           @authenticator = options.fetch( 'authentication_publickey_authenticator', Authenticator.new { false } )
         end
@@ -37,11 +37,11 @@ module HrrRbSsh
         def userauth_pk_ok_message public_key_algorithm_name, public_key_blob
           message = {
-            :'message number'                             => HrrRbSsh::Message::SSH_MSG_USERAUTH_PK_OK::VALUE,
+            :'message number'                             => Message::SSH_MSG_USERAUTH_PK_OK::VALUE,
             :'public key algorithm name from the request' => public_key_algorithm_name,
             :'public key blob from the request'           => public_key_blob,
           }
-          payload = HrrRbSsh::Message::SSH_MSG_USERAUTH_PK_OK.encode message
+          payload = Message::SSH_MSG_USERAUTH_PK_OK.encode message
         end
       end
     end

data/lib/hrr_rb_ssh/authentication.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 require 'hrr_rb_ssh/logger'
 require 'hrr_rb_ssh/message'
-require 'hrr_rb_ssh/closed_authentication_error'
+require 'hrr_rb_ssh/error/closed_authentication'
 require 'hrr_rb_ssh/authentication/authenticator'
 require 'hrr_rb_ssh/authentication/method'
@@ -15,7 +15,7 @@ module HrrRbSsh
       @transport = transport
       @options = options
-      @logger = HrrRbSsh::Logger.new self.class.name
+      @logger = Logger.new self.class.name
       @transport.register_acceptable_service SERVICE_NAME
@@ -25,20 +25,20 @@ module HrrRbSsh
     end
     def send payload
-      raise HrrRbSsh::ClosedAuthenticationError if @closed
+      raise Error::ClosedAuthentication if @closed
       begin
         @transport.send payload
-      rescue HrrRbSsh::ClosedTransportError
-        raise HrrRbSsh::ClosedAuthenticationError
+      rescue Error::ClosedTransport
+        raise Error::ClosedAuthentication
       end
     end
     def receive
-      raise HrrRbSsh::ClosedAuthenticationError if @closed
+      raise Error::ClosedAuthentication if @closed
       begin
         @transport.receive
-      rescue HrrRbSsh::ClosedTransportError
-        raise HrrRbSsh::ClosedAuthenticationError
+      rescue Error::ClosedTransport
+        raise Error::ClosedAuthentication
       end
     end
@@ -58,7 +58,7 @@ module HrrRbSsh
     end
     def username
-      raise HrrRbSsh::ClosedAuthenticationError if @closed
+      raise Error::ClosedAuthentication if @closed
       @username
     end
@@ -66,8 +66,8 @@ module HrrRbSsh
       loop do
         payload = @transport.receive
         case payload[0,1].unpack("C")[0]
-        when HrrRbSsh::Message::SSH_MSG_USERAUTH_REQUEST::VALUE
-          userauth_request_message = HrrRbSsh::Message::SSH_MSG_USERAUTH_REQUEST.decode payload
+        when Message::SSH_MSG_USERAUTH_REQUEST::VALUE
+          userauth_request_message = Message::SSH_MSG_USERAUTH_REQUEST.decode payload
           method_name = userauth_request_message[:'method name']
           method = Method[method_name].new({'session id' => @transport.session_id}.merge(@options))
           result = method.authenticate(userauth_request_message)
@@ -94,19 +94,19 @@ module HrrRbSsh
     def send_userauth_failure
       message = {
-        :'message number'                    => HrrRbSsh::Message::SSH_MSG_USERAUTH_FAILURE::VALUE,
+        :'message number'                    => Message::SSH_MSG_USERAUTH_FAILURE::VALUE,
         :'authentications that can continue' => Method.list_preferred,
         :'partial success'                   => false,
       }
-      payload = HrrRbSsh::Message::SSH_MSG_USERAUTH_FAILURE.encode message
+      payload = Message::SSH_MSG_USERAUTH_FAILURE.encode message
       @transport.send payload
     end
     def send_userauth_success
       message = {
-        :'message number' => HrrRbSsh::Message::SSH_MSG_USERAUTH_SUCCESS::VALUE,
+        :'message number' => Message::SSH_MSG_USERAUTH_SUCCESS::VALUE,
       }
-      payload = HrrRbSsh::Message::SSH_MSG_USERAUTH_SUCCESS.encode message
+      payload = Message::SSH_MSG_USERAUTH_SUCCESS.encode message
       @transport.send payload
     end

data/lib/hrr_rb_ssh/codable.rb CHANGED Viewed

@@ -6,7 +6,7 @@ require 'hrr_rb_ssh/logger'
 module HrrRbSsh
   module Codable
     def logger
-      @logger ||= HrrRbSsh::Logger.new self.name
+      @logger ||= Logger.new self.name
     end
     def common_definition

data/lib/hrr_rb_ssh/compat/openssh/public_key.rb CHANGED Viewed

@@ -11,45 +11,8 @@ module HrrRbSsh
         def initialize data_line
           splitted = data_line.split(' ')
           @algorithm_name = splitted[0]
-          public_key_blob = Authentication::Method::Publickey::Algorithm[@algorithm_name]::PublicKeyBlob.decode Base64.decode64(splitted[1])
-          case @algorithm_name
-          when 'ssh-dss'
-            @algorithm = OpenSSL::PKey::DSA.new
-            if @algorithm.respond_to?(:set_pqg)
-              @algorithm.set_pqg public_key_blob[:'p'], public_key_blob[:'q'], public_key_blob[:'g']
-            else
-              @algorithm.p = public_key_blob[:'p']
-              @algorithm.q = public_key_blob[:'q']
-              @algorithm.g = public_key_blob[:'g']
-            end
-            if @algorithm.respond_to?(:set_key)
-              @algorithm.set_key public_key_blob[:'y'], nil
-            else
-              @algorithm.pub_key = public_key_blob[:'y']
-            end
-            @pem = @algorithm.public_key.to_pem
-          when 'ssh-rsa'
-            @algorithm = OpenSSL::PKey::RSA.new
-            if @algorithm.respond_to?(:set_key)
-              @algorithm.set_key public_key_blob[:'n'], public_key_blob[:'e'], nil
-            else
-              @algorithm.e = public_key_blob[:'e']
-              @algorithm.n = public_key_blob[:'n']
-            end
-            @pem = @algorithm.public_key.to_pem
-          when 'ecdsa-sha2-nistp256'
-            @algorithm = OpenSSL::PKey::EC.new('prime256v1')
-            @algorithm.public_key = OpenSSL::PKey::EC::Point.new(@algorithm.group, OpenSSL::BN.new(public_key_blob[:'Q'], 2))
-            @pem = @algorithm.to_pem
-          when 'ecdsa-sha2-nistp384'
-            @algorithm = OpenSSL::PKey::EC.new('secp384r1')
-            @algorithm.public_key = OpenSSL::PKey::EC::Point.new(@algorithm.group, OpenSSL::BN.new(public_key_blob[:'Q'], 2))
-            @pem = @algorithm.to_pem
-          when 'ecdsa-sha2-nistp521'
-            @algorithm = OpenSSL::PKey::EC.new('secp521r1')
-            @algorithm.public_key = OpenSSL::PKey::EC::Point.new(@algorithm.group, OpenSSL::BN.new(public_key_blob[:'Q'], 2))
-            @pem = @algorithm.to_pem
-          end
+          public_key_blob = Base64.decode64(splitted[1])
+          @publickey = Algorithm::Publickey[@algorithm_name].new public_key_blob
         end
         def algorithm_name
@@ -57,7 +20,7 @@ module HrrRbSsh
         end
         def to_pem
-          @pem
+          @publickey.to_pem
         end
       end
     end

data/lib/hrr_rb_ssh/compat/ruby/array.rb ADDED Viewed

@@ -0,0 +1,14 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+if RUBY_VERSION < "2.1"
+  class Array
+    def to_h
+      h = Hash.new
+      self.each do |k, v|
+        h[k] = v
+      end
+      h
+    end
+  end
+end

data/lib/hrr_rb_ssh/compat/ruby/openssl/bn.rb ADDED Viewed

@@ -0,0 +1,20 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+if RUBY_VERSION < "2.1"
+  require 'openssl'
+  class OpenSSL::BN
+    alias_method :__initialize__, :initialize
+    def initialize *args
+      args[0] = case args[0]
+                when OpenSSL::BN, Fixnum, Bignum
+                  args[0].to_s
+                else
+                  args[0]
+                end
+      __initialize__ *args
+    end
+  end
+end

data/lib/hrr_rb_ssh/compat/ruby/openssl.rb ADDED Viewed

@@ -0,0 +1,4 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/compat/ruby/openssl/bn'

data/lib/hrr_rb_ssh/compat/ruby/queue.rb ADDED Viewed

@@ -0,0 +1,38 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+if RUBY_VERSION < "2.3"
+  require 'timeout'
+  class ClosedQueueError < StandardError
+  end
+  class Queue
+    alias_method :__enq__, :enq
+    alias_method :__deq__, :deq
+    def close
+      @closed = true
+    end
+    def closed?
+      @closed == true
+    end
+    def enq arg
+      raise ClosedQueueError if @closed == true
+      __enq__ arg
+    end
+    def deq
+      begin
+        Timeout.timeout(0.1) do
+          __deq__
+        end
+      rescue Timeout::Error
+        return nil if @closed == true
+        retry
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/compat/ruby.rb ADDED Viewed

@@ -0,0 +1,6 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/compat/ruby/array'
+require 'hrr_rb_ssh/compat/ruby/openssl'
+require 'hrr_rb_ssh/compat/ruby/queue'

data/lib/hrr_rb_ssh/compat.rb CHANGED Viewed

@@ -1,67 +1,5 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
+require 'hrr_rb_ssh/compat/ruby'
 require 'hrr_rb_ssh/compat/openssh'
-if RUBY_VERSION < "2.1"
-  class Array
-    def to_h
-      h = Hash.new
-      self.each do |k, v|
-        h[k] = v
-      end
-      h
-    end
-  end
-  require 'openssl'
-  class OpenSSL::BN
-    alias_method :__initialize__, :initialize
-    def initialize *args
-      args[0] = case args[0]
-                when OpenSSL::BN, Fixnum, Bignum
-                  args[0].to_s
-                else
-                  args[0]
-                end
-      __initialize__ *args
-    end
-  end
-end
-if RUBY_VERSION < "2.3"
-  class ClosedQueueError < StandardError
-  end
-  class Queue
-    require 'timeout'
-    alias_method :__enq__, :enq
-    alias_method :__deq__, :deq
-    def close
-      @closed = true
-    end
-    def closed?
-      @closed == true
-    end
-    def enq arg
-      raise ClosedQueueError if @closed == true
-      __enq__ arg
-    end
-    def deq
-      begin
-        Timeout.timeout(0.1) do
-          __deq__
-        end
-      rescue Timeout::Error
-        return nil if @closed == true
-        retry
-      end
-    end
-  end
-end

data/lib/hrr_rb_ssh/connection/channel/channel_type/direct_tcpip.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module HrrRbSsh
           NAME = 'direct-tcpip'
           def initialize connection, channel, message, socket=nil
-            @logger = HrrRbSsh::Logger.new self.class.name
+            @logger = Logger.new self.class.name
             @connection = connection
             @channel = channel
             @host_to_connect       = message[:'host to connect']

data/lib/hrr_rb_ssh/connection/channel/channel_type/forwarded_tcpip.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module HrrRbSsh
           NAME = 'forwarded-tcpip'
           def initialize connection, channel, message, socket
-            @logger = HrrRbSsh::Logger.new self.class.name
+            @logger = Logger.new self.class.name
             @connection = connection
             @channel = channel
             @socket = socket

data/lib/hrr_rb_ssh/connection/channel/channel_type/session/proc_chain/chain_context.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module HrrRbSsh
           class ProcChain
             class ChainContext
               def initialize proc_chain
-                @logger = HrrRbSsh::Logger.new self.class.name
+                @logger = Logger.new self.class.name
                 @proc_chain = proc_chain
               end
               def call_next *args

data/lib/hrr_rb_ssh/connection/channel/channel_type/session/proc_chain.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module HrrRbSsh
         class Session
           class ProcChain
             def initialize
-              @logger = HrrRbSsh::Logger.new self.class.name
+              @logger = Logger.new self.class.name
               @q = Queue.new
             end
             def connect next_proc

data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/env/context.rb CHANGED Viewed

@@ -21,7 +21,7 @@ module HrrRbSsh
                   :variable_value
                 def initialize proc_chain, username, io, variables, message
-                  @logger = HrrRbSsh::Logger.new self.class.name
+                  @logger = Logger.new self.class.name
                   @proc_chain = proc_chain
                   @username   = username

data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/env.rb CHANGED Viewed

@@ -14,7 +14,7 @@ module HrrRbSsh
               NAME = 'env'
               def self.run proc_chain, username, io, variables, message, options
-                logger = HrrRbSsh::Logger.new self.class.name
+                logger = Logger.new self.class.name
                 context = Context.new proc_chain, username, io, variables, message
                 handler = options.fetch('connection_channel_request_env', RequestHandler.new {})

data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/exec/context.rb CHANGED Viewed

@@ -20,7 +20,7 @@ module HrrRbSsh
                   :command
                 def initialize proc_chain, username, io, variables, message
-                  @logger = HrrRbSsh::Logger.new self.class.name
+                  @logger = Logger.new self.class.name
                   @proc_chain = proc_chain
                   @username   = username

data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/exec.rb CHANGED Viewed

@@ -14,7 +14,7 @@ module HrrRbSsh
               NAME = 'exec'
               def self.run proc_chain, username, io, variables, message, options
-                logger = HrrRbSsh::Logger.new self.class.name
+                logger = Logger.new self.class.name
                 context = Context.new proc_chain, username, io, variables, message
                 handler = options.fetch('connection_channel_request_exec', RequestHandler.new {})