RubyGems - hrr_rb_ssh - Versions diffs - 0.1.9 → 0.2.0 - Mend

hrr_rb_ssh 0.1.9 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (123) hide show

data/lib/hrr_rb_ssh/transport/kex_algorithm/iv_computable.rb ADDED Viewed

@@ -0,0 +1,57 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/transport/encryption_algorithm'
+require 'hrr_rb_ssh/transport/mac_algorithm'
+module HrrRbSsh
+  class Transport
+    class KexAlgorithm
+      module IvComputable
+        def build_key(_k, h, _x, session_id, key_length)
+          k = DataType::Mpint.encode _k
+          x = DataType::Byte.encode _x
+          key = OpenSSL::Digest.digest(self.class::DIGEST, k + h + x + session_id)
+          while key.length < key_length
+            key = key + OpenSSL::Digest.digest(self.class::DIGEST, k + h + key )
+          end
+          key[0, key_length]
+        end
+        def iv_c_to_s transport, encryption_algorithm_c_to_s_name
+          key_length = EncryptionAlgorithm[encryption_algorithm_c_to_s_name]::IV_LENGTH
+          build_key(shared_secret, hash(transport), 'A'.ord, transport.session_id, key_length)
+        end
+        def iv_s_to_c transport, encryption_algorithm_s_to_c_name
+          key_length = EncryptionAlgorithm[encryption_algorithm_s_to_c_name]::IV_LENGTH
+          build_key(shared_secret, hash(transport), 'B'.ord, transport.session_id, key_length)
+        end
+        def key_c_to_s transport, encryption_algorithm_c_to_s_name
+          key_length = EncryptionAlgorithm[encryption_algorithm_c_to_s_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'C'.ord, transport.session_id, key_length)
+        end
+        def key_s_to_c transport, encryption_algorithm_s_to_c_name
+          key_length = EncryptionAlgorithm[encryption_algorithm_s_to_c_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'D'.ord, transport.session_id, key_length)
+        end
+        def mac_c_to_s transport, mac_algorithm_c_to_s_name
+          key_length = MacAlgorithm[mac_algorithm_c_to_s_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'E'.ord, transport.session_id, key_length)
+        end
+        def mac_s_to_c transport, mac_algorithm_s_to_c_name
+          key_length = MacAlgorithm[mac_algorithm_s_to_c_name]::KEY_LENGTH
+          build_key(shared_secret, hash(transport), 'F'.ord, transport.session_id, key_length)
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/mac_algorithm/functionable.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module HrrRbSsh
     class MacAlgorithm
       module Functionable
         def initialize key
-          @logger = HrrRbSsh::Logger.new(self.class.name)
+          @logger = Logger.new(self.class.name)
           @key = key
         end
@@ -21,7 +21,7 @@ module HrrRbSsh
         end
         def compute sequence_number, unencrypted_packet
-          data = HrrRbSsh::DataType::Uint32.encode(sequence_number) + unencrypted_packet
+          data = DataType::Uint32.encode(sequence_number) + unencrypted_packet
           digest = OpenSSL::HMAC.digest self.class::DIGEST, @key, data
           digest[0, digest_length]
         end

data/lib/hrr_rb_ssh/transport/mac_algorithm/unfunctionable.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module HrrRbSsh
     class MacAlgorithm
       module Unfunctionable
         def initialize key=nil
-          @logger = HrrRbSsh::Logger.new(self.class.name)
+          @logger = Logger.new(self.class.name)
         end
         def digest_length

data/lib/hrr_rb_ssh/transport/receiver.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module HrrRbSsh
   class Transport
     class Receiver
       def initialize
-        @logger = HrrRbSsh::Logger.new self.class.name
+        @logger = Logger.new self.class.name
       end
       def depacketize transport, packet

data/lib/hrr_rb_ssh/transport/sender.rb CHANGED Viewed

@@ -7,7 +7,7 @@ module HrrRbSsh
   class Transport
     class Sender
       def initialize
-        @logger = HrrRbSsh::Logger.new self.class.name
+        @logger = Logger.new self.class.name
       end
       def packetize transport, payload

data/lib/hrr_rb_ssh/transport/sequence_number.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module HrrRbSsh
       def initialize
         @sequence_number = 0
-        @logger = HrrRbSsh::Logger.new self.class.name
+        @logger = Logger.new self.class.name
       end
       def increment

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp256.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
 require 'hrr_rb_ssh/openssl_secure_random'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/functionable'
 module HrrRbSsh
   class Transport
@@ -10,65 +10,11 @@ module HrrRbSsh
       class EcdsaSha2Nistp256 < ServerHostKeyAlgorithm
         NAME = 'ecdsa-sha2-nistp256'
         PREFERENCE = 30
-        DIGEST = 'sha256'
         IDENTIFIER = 'nistp256'
         SECRET_KEY = OpenSSL::PKey::EC.new('prime256v1').generate_key.to_pem
-        def initialize secret_key=nil
-          @logger = HrrRbSsh::Logger.new(self.class.name)
-          @algorithm = OpenSSL::PKey::EC.new (secret_key || self.class::SECRET_KEY)
-        end
-        def server_public_host_key
-          payload = {
-            :'ecdsa-sha2-[identifier]' => self.class::NAME,
-            :'[identifier]'            => self.class::IDENTIFIER,
-            :'Q'                       => @algorithm.public_key.to_bn.to_s(2)
-          }
-          PublicKeyBlob.encode payload
-        end
-        def ecdsa_signature_blob data
-          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
-          sign_der = @algorithm.dsa_sign_asn1(hash)
-          sign_asn1 = OpenSSL::ASN1.decode(sign_der)
-          r = sign_asn1.value[0].value.to_i
-          s = sign_asn1.value[1].value.to_i
-          payload = {
-            :'r' => r,
-            :'s' => s,
-          }
-          EcdsaSignatureBlob.encode payload
-        end
-        def sign data
-          payload = {
-            :'ecdsa-sha2-[identifier]' => self.class::NAME,
-            :'ecdsa_signature_blob'    => ecdsa_signature_blob(data),
-          }
-          Signature.encode payload
-        end
-        def verify sign, data
-          payload = Signature.decode sign
-          ecdsa_signature_blob = EcdsaSignatureBlob.decode payload[:'ecdsa_signature_blob']
-          r = ecdsa_signature_blob[:'r']
-          s = ecdsa_signature_blob[:'s']
-          sign_asn1 = OpenSSL::ASN1::Sequence.new(
-            [
-              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(r)),
-              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(s)),
-            ]
-          )
-          sign_der = sign_asn1.to_der
-          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
-          payload[:'ecdsa-sha2-[identifier]'] == self.class::NAME && @algorithm.dsa_verify_asn1(hash, sign_der)
-        end
+        include Functionable
       end
     end
   end
 end
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp256/public_key_blob'
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp256/ecdsa_signature_blob'
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp256/signature'

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp384.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
 require 'hrr_rb_ssh/openssl_secure_random'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/functionable'
 module HrrRbSsh
   class Transport
@@ -10,65 +10,11 @@ module HrrRbSsh
       class EcdsaSha2Nistp384 < ServerHostKeyAlgorithm
         NAME = 'ecdsa-sha2-nistp384'
         PREFERENCE = 40
-        DIGEST = 'sha384'
         IDENTIFIER = 'nistp384'
         SECRET_KEY = OpenSSL::PKey::EC.new('secp384r1').generate_key.to_pem
-        def initialize secret_key=nil
-          @logger = HrrRbSsh::Logger.new(self.class.name)
-          @algorithm = OpenSSL::PKey::EC.new (secret_key || self.class::SECRET_KEY)
-        end
-        def server_public_host_key
-          payload = {
-            :'ecdsa-sha2-[identifier]' => self.class::NAME,
-            :'[identifier]'            => self.class::IDENTIFIER,
-            :'Q'                       => @algorithm.public_key.to_bn.to_s(2)
-          }
-          PublicKeyBlob.encode payload
-        end
-        def ecdsa_signature_blob data
-          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
-          sign_der = @algorithm.dsa_sign_asn1(hash)
-          sign_asn1 = OpenSSL::ASN1.decode(sign_der)
-          r = sign_asn1.value[0].value.to_i
-          s = sign_asn1.value[1].value.to_i
-          payload = {
-            :'r' => r,
-            :'s' => s,
-          }
-          EcdsaSignatureBlob.encode payload
-        end
-        def sign data
-          payload = {
-            :'ecdsa-sha2-[identifier]' => self.class::NAME,
-            :'ecdsa_signature_blob'    => ecdsa_signature_blob(data),
-          }
-          Signature.encode payload
-        end
-        def verify sign, data
-          payload = Signature.decode sign
-          ecdsa_signature_blob = EcdsaSignatureBlob.decode payload[:'ecdsa_signature_blob']
-          r = ecdsa_signature_blob[:'r']
-          s = ecdsa_signature_blob[:'s']
-          sign_asn1 = OpenSSL::ASN1::Sequence.new(
-            [
-              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(r)),
-              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(s)),
-            ]
-          )
-          sign_der = sign_asn1.to_der
-          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
-          payload[:'ecdsa-sha2-[identifier]'] == self.class::NAME && @algorithm.dsa_verify_asn1(hash, sign_der)
-        end
+        include Functionable
       end
     end
   end
 end
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp384/public_key_blob'
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp384/ecdsa_signature_blob'
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp384/signature'

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp521.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
 require 'hrr_rb_ssh/openssl_secure_random'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/functionable'
 module HrrRbSsh
   class Transport
@@ -10,65 +10,11 @@ module HrrRbSsh
       class EcdsaSha2Nistp521 < ServerHostKeyAlgorithm
         NAME = 'ecdsa-sha2-nistp521'
         PREFERENCE = 50
-        DIGEST = 'sha512'
         IDENTIFIER = 'nistp521'
         SECRET_KEY = OpenSSL::PKey::EC.new('secp521r1').generate_key.to_pem
-        def initialize secret_key=nil
-          @logger = HrrRbSsh::Logger.new(self.class.name)
-          @algorithm = OpenSSL::PKey::EC.new (secret_key || self.class::SECRET_KEY)
-        end
-        def server_public_host_key
-          payload = {
-            :'ecdsa-sha2-[identifier]' => self.class::NAME,
-            :'[identifier]'            => self.class::IDENTIFIER,
-            :'Q'                       => @algorithm.public_key.to_bn.to_s(2)
-          }
-          PublicKeyBlob.encode payload
-        end
-        def ecdsa_signature_blob data
-          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
-          sign_der = @algorithm.dsa_sign_asn1(hash)
-          sign_asn1 = OpenSSL::ASN1.decode(sign_der)
-          r = sign_asn1.value[0].value.to_i
-          s = sign_asn1.value[1].value.to_i
-          payload = {
-            :'r' => r,
-            :'s' => s,
-          }
-          EcdsaSignatureBlob.encode payload
-        end
-        def sign data
-          payload = {
-            :'ecdsa-sha2-[identifier]' => self.class::NAME,
-            :'ecdsa_signature_blob'    => ecdsa_signature_blob(data),
-          }
-          Signature.encode payload
-        end
-        def verify sign, data
-          payload = Signature.decode sign
-          ecdsa_signature_blob = EcdsaSignatureBlob.decode payload[:'ecdsa_signature_blob']
-          r = ecdsa_signature_blob[:'r']
-          s = ecdsa_signature_blob[:'s']
-          sign_asn1 = OpenSSL::ASN1::Sequence.new(
-            [
-              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(r)),
-              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(s)),
-            ]
-          )
-          sign_der = sign_asn1.to_der
-          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
-          payload[:'ecdsa-sha2-[identifier]'] == self.class::NAME && @algorithm.dsa_verify_asn1(hash, sign_der)
-        end
+        include Functionable
       end
     end
   end
 end
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp521/public_key_blob'
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp521/ecdsa_signature_blob'
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp521/signature'

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/functionable.rb ADDED Viewed

@@ -0,0 +1,29 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+require 'hrr_rb_ssh/logger'
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      module Functionable
+        def initialize secret_key=nil
+          @logger = Logger.new(self.class.name)
+          @publickey = Algorithm::Publickey[self.class::NAME].new (secret_key || self.class::SECRET_KEY)
+        end
+        def server_public_host_key
+          @publickey.to_public_key_blob
+        end
+        def sign signature_blob
+          @publickey.sign signature_blob
+        end
+        def verify signature, signature_blob
+          @publickey.verify signature, signature_blob
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb CHANGED Viewed

@@ -1,9 +1,8 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
-require 'hrr_rb_ssh/data_type'
 require 'hrr_rb_ssh/openssl_secure_random'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/functionable'
 module HrrRbSsh
   class Transport
@@ -11,57 +10,10 @@ module HrrRbSsh
       class SshDss < ServerHostKeyAlgorithm
         NAME = 'ssh-dss'
         PREFERENCE = 10
-        DIGEST = 'sha1'
         SECRET_KEY = OpenSSL::PKey::DSA.new(1024).to_pem
-        def initialize secret_key=nil
-          @logger = HrrRbSsh::Logger.new(self.class.name)
-          @dss = OpenSSL::PKey::DSA.new (secret_key || self.class::SECRET_KEY)
-        end
-        def server_public_host_key
-          payload = {
-            :'ssh-dss' => "ssh-dss",
-            :'p'       => @dss.p.to_i,
-            :'q'       => @dss.q.to_i,
-            :'g'       => @dss.g.to_i,
-            :'y'       => @dss.pub_key.to_i,
-          }
-          PublicKeyBlob.encode payload
-        end
-        def sign data
-          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
-          sign_der = @dss.syssign(hash)
-          sign_asn1 = OpenSSL::ASN1.decode(sign_der)
-          sign_r = sign_asn1.value[0].value.to_s(2).rjust(20, ["00"].pack("H"))
-          sign_s = sign_asn1.value[1].value.to_s(2).rjust(20, ["00"].pack("H"))
-          payload = {
-            :'ssh-dss'            => "ssh-dss",
-            :'dss_signature_blob' => (sign_r + sign_s),
-          }
-          Signature.encode payload
-        end
-        def verify sign, data
-          payload = Signature.decode sign
-          dss_signature_blob = payload[:'dss_signature_blob']
-          sign_r = dss_signature_blob[ 0, 20]
-          sign_s = dss_signature_blob[20, 20]
-          sign_asn1 = OpenSSL::ASN1::Sequence.new(
-            [
-              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_r, 2)),
-              OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_s, 2)),
-            ]
-          )
-          sign_der = sign_asn1.to_der
-          hash = OpenSSL::Digest.digest(self.class::DIGEST, data)
-          payload[:'ssh-dss'] == "ssh-dss" && @dss.sysverify(hash, sign_der)
-        end
+        include Functionable
       end
     end
   end
 end
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/public_key_blob'
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/signature'

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
 require 'hrr_rb_ssh/openssl_secure_random'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/functionable'
 module HrrRbSsh
   class Transport
@@ -10,39 +10,10 @@ module HrrRbSsh
       class SshRsa < ServerHostKeyAlgorithm
         NAME = 'ssh-rsa'
         PREFERENCE = 20
-        DIGEST = 'sha1'
         SECRET_KEY = OpenSSL::PKey::RSA.new(2048).to_pem
-        def initialize secret_key=nil
-          @logger = HrrRbSsh::Logger.new(self.class.name)
-          @rsa = OpenSSL::PKey::RSA.new (secret_key || self.class::SECRET_KEY)
-        end
-        def server_public_host_key
-          payload = {
-            :'ssh-rsa' => "ssh-rsa",
-            :'e'       => @rsa.e.to_i,
-            :'n'       => @rsa.n.to_i,
-          }
-          PublicKeyBlob.encode payload
-        end
-        def sign data
-          payload = {
-            :'ssh-rsa'            => "ssh-rsa",
-            :'rsa_signature_blob' => @rsa.sign(self.class::DIGEST, data),
-          }
-          Signature.encode payload
-        end
-        def verify sign, data
-          payload = Signature.decode sign
-          payload[:'ssh-rsa'] == "ssh-rsa" && @rsa.verify(self.class::DIGEST, payload[:'rsa_signature_blob'], data)
-        end
+        include Functionable
       end
     end
   end
 end
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/public_key_blob'
-require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/signature'