RubyGems - hrr_rb_ssh - Versions diffs - 0.3.0.pre1 → 0.4.2 - Mend

hrr_rb_ssh 0.3.0.pre1 → 0.4.2

Files changed (139) hide show

data/lib/hrr_rb_ssh/transport/compression_algorithm/functionable.rb CHANGED Viewed

@@ -2,14 +2,16 @@
 # vim: et ts=2 sw=2
 require 'zlib'
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Transport
     class CompressionAlgorithm
       module Functionable
-        def initialize direction
-          @logger = Logger.new(self.class.name)
+        include Loggable
+        def initialize direction, logger: nil
+          self.logger = logger
           case direction
           when Direction::OUTGOING
             @deflator = ::Zlib::Deflate.new

data/lib/hrr_rb_ssh/transport/compression_algorithm/unfunctionable.rb CHANGED Viewed

@@ -1,14 +1,16 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Transport
     class CompressionAlgorithm
       module Unfunctionable
-        def initialize direction=nil
-          @logger = Logger.new(self.class.name)
+        include Loggable
+        def initialize direction=nil, logger: nil
+          self.logger = logger
         end
         def deflate data

data/lib/hrr_rb_ssh/transport/encryption_algorithm/functionable.rb CHANGED Viewed

@@ -1,20 +1,22 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Transport
     class EncryptionAlgorithm
       module Functionable
+        include Loggable
         def self.included klass
           cipher = OpenSSL::Cipher.new(klass::CIPHER_NAME)
           klass.const_set(:IV_LENGTH,  cipher.iv_len)
           klass.const_set(:KEY_LENGTH, cipher.key_len)
         end
-        def initialize direction, iv, key
-          @logger = Logger.new(self.class.name)
+        def initialize direction, iv, key, logger: nil
+          self.logger = logger
           @cipher = OpenSSL::Cipher.new(self.class::CIPHER_NAME)
           case direction
           when Direction::OUTGOING

data/lib/hrr_rb_ssh/transport/encryption_algorithm/unfunctionable.rb CHANGED Viewed

@@ -1,19 +1,21 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 module HrrRbSsh
   class Transport
     class EncryptionAlgorithm
       module Unfunctionable
+        include Loggable
         def self.included klass
           klass.const_set(:IV_LENGTH,  0)
           klass.const_set(:KEY_LENGTH, 0)
         end
-        def initialize direction=nil, iv=nil, key=nil
-          @logger = Logger.new(self.class.name)
+        def initialize direction=nil, iv=nil, key=nil, logger: nil
+          self.logger = logger
         end
         def block_size

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman.rb CHANGED Viewed

@@ -2,7 +2,7 @@
 # vim: et ts=2 sw=2
 require 'openssl'
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 require 'hrr_rb_ssh/data_type'
 require 'hrr_rb_ssh/transport/kex_algorithm/iv_computable'
@@ -10,10 +10,11 @@ module HrrRbSsh
   class Transport
     class KexAlgorithm
       module DiffieHellman
+        include Loggable
         include IvComputable
-        def initialize
-          @logger = Logger.new(self.class.name)
+        def initialize logger: nil
+          self.logger = logger
           @dh = OpenSSL::PKey::DH.new
           if @dh.respond_to?(:set_pqg)
             @dh.set_pqg OpenSSL::BN.new(self.class::P, 16), nil, OpenSSL::BN.new(self.class::G)
@@ -22,74 +23,79 @@ module HrrRbSsh
             @dh.g = OpenSSL::BN.new(self.class::G)
           end
           @dh.generate_key!
+          @public_key = @dh.pub_key.to_i
         end
-        def start transport, mode
-          case mode
+        def start transport
+          case transport.mode
           when Mode::SERVER
-            receive_kexdh_init transport.receive
+            @k_s = transport.server_host_key_algorithm.server_public_host_key
+            @f   = @public_key
+            message = receive_kexdh_init transport.receive
+            @e = message[:'e']
+            @shared_secret = OpenSSL::BN.new(@dh.compute_key(OpenSSL::BN.new(@e)), 2).to_i
             send_kexdh_reply transport
-          else
-            raise "unsupported mode"
+          when Mode::CLIENT
+            @e   = @public_key
+            send_kexdh_init transport
+            message = receive_kexdh_reply transport.receive
+            @k_s = message[:'server public host key and certificates (K_S)']
+            @f   = message[:'f']
+            @shared_secret = OpenSSL::BN.new(@dh.compute_key(OpenSSL::BN.new(@f)), 2).to_i
           end
         end
-        def set_e e
-          @e = e
-        end
         def shared_secret
-          k = OpenSSL::BN.new(@dh.compute_key(OpenSSL::BN.new(@e)), 2).to_i
-        end
-        def pub_key
-          f = @dh.pub_key.to_i
+          @shared_secret
         end
         def hash transport
-          e = @e
-          k = shared_secret
-          f = pub_key
           h0_payload = {
             :'V_C' => transport.v_c,
             :'V_S' => transport.v_s,
             :'I_C' => transport.i_c,
             :'I_S' => transport.i_s,
-            :'K_S' => transport.server_host_key_algorithm.server_public_host_key,
-            :'e'   => e,
-            :'f'   => f,
-            :'k'   => k,
+            :'K_S' => @k_s,
+            :'e'   => @e,
+            :'f'   => @f,
+            :'k'   => @shared_secret,
           }
-          h0 = H0.encode h0_payload
-          h = OpenSSL::Digest.digest self.class::DIGEST, h0
-          h
+          h0 = H0.new(logger: logger).encode h0_payload
+          h  = OpenSSL::Digest.digest self.class::DIGEST, h0
         end
         def sign transport
           h = hash transport
           s = transport.server_host_key_algorithm.sign h
-          s
         end
         def receive_kexdh_init payload
-          message = Message::SSH_MSG_KEXDH_INIT.decode payload
-          set_e message[:'e']
+          Message::SSH_MSG_KEXDH_INIT.new(logger: logger).decode payload
         end
         def send_kexdh_reply transport
           message = {
             :'message number'                                => Message::SSH_MSG_KEXDH_REPLY::VALUE,
-            :'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
-            :'f'                                             => pub_key,
+            :'server public host key and certificates (K_S)' => @k_s,
+            :'f'                                             => @f,
             :'signature of H'                                => sign(transport),
           }
-          payload = Message::SSH_MSG_KEXDH_REPLY.encode message
+          payload = Message::SSH_MSG_KEXDH_REPLY.new(logger: logger).encode message
+          transport.send payload
+        end
+        def send_kexdh_init transport
+          message = {
+            :'message number' => Message::SSH_MSG_KEXDH_INIT::VALUE,
+            :'e'              => @e,
+          }
+          payload = Message::SSH_MSG_KEXDH_INIT.new(logger: logger).encode message
           transport.send payload
         end
+        def receive_kexdh_reply payload
+          Message::SSH_MSG_KEXDH_REPLY.new(logger: logger).decode payload
+        end
       end
     end
   end

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman/h0.rb CHANGED Viewed

@@ -8,10 +8,8 @@ module HrrRbSsh
   class Transport
     class KexAlgorithm
       module DiffieHellman
-        module H0
-          class << self
-            include Codable
-          end
+        class H0
+          include Codable
           DEFINITION = [
             [DataType::String, :'V_C'],
             [DataType::String, :'V_S'],

data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange.rb CHANGED Viewed

@@ -2,7 +2,7 @@
 # vim: et ts=2 sw=2
 require 'openssl'
-require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/loggable'
 require 'hrr_rb_ssh/data_type'
 require 'hrr_rb_ssh/transport/kex_algorithm/iv_computable'
@@ -10,31 +10,57 @@ module HrrRbSsh
   class Transport
     class KexAlgorithm
       module DiffieHellmanGroupExchange
+        include Loggable
         include IvComputable
-        def initialize
-          @logger = Logger.new(self.class.name)
+        def initialize logger: nil
+          self.logger = logger
         end
-        def start transport, mode
-          case mode
+        def start transport
+          case transport.mode
           when Mode::SERVER
-            receive_kex_dh_gex_request transport.receive
-            set_dh
+            message = receive_kex_dh_gex_request transport.receive
+            @min = message[:'min']
+            @n   = message[:'n']
+            @max = message[:'max']
+            initialize_dh
+            @p = @dh.p.to_i
+            @g = @dh.g.to_i
             send_kex_dh_gex_group transport
-            receive_kex_dh_gex_init transport.receive
+            @k_s = transport.server_host_key_algorithm.server_public_host_key
+            @f   = @public_key
+            message = receive_kex_dh_gex_init transport.receive
+            @e   = message[:'e']
+            @shared_secret = OpenSSL::BN.new(@dh.compute_key(OpenSSL::BN.new(@e)), 2).to_i
             send_kex_dh_gex_reply transport
-          else
-            raise "unsupported mode"
+          when Mode::CLIENT
+            @min = 1024
+            @n   = 2048
+            @max = 8192
+            send_kex_dh_gex_request transport
+            message = receive_kex_dh_gex_group transport.receive
+            @p   = message[:'p']
+            @g   = message[:'g']
+            initialize_dh [@p, @g]
+            @e   = @public_key
+            send_kex_dh_gex_init transport
+            message = receive_kex_dh_gex_reply transport.receive
+            @k_s = message[:'server public host key and certificates (K_S)']
+            @f   = message[:'f']
+            @shared_secret = OpenSSL::BN.new(@dh.compute_key(OpenSSL::BN.new(@f)), 2).to_i
           end
         end
-        def set_dh
-          p_list = KexAlgorithm.list_supported.map{ |e| KexAlgorithm[e] }.select{ |e| e.const_defined?(:P) }.map{ |e| [OpenSSL::BN.new(e::P,16).num_bits, e::P] }.sort_by{ |e| e[0] }.reverse
-          candidate = p_list.find{ |e| e[0] <= @n }
-          raise unless (@min .. @max).include?(candidate[0])
-          p = candidate[1]
-          g = 2
+        def initialize_dh pg=nil
+          unless pg
+            p_list = KexAlgorithm.list_supported.map{ |e| KexAlgorithm[e] }.select{ |e| e.const_defined?(:P) }.map{ |e| [OpenSSL::BN.new(e::P,16).num_bits, e::P] }.sort_by{ |e| e[0] }.reverse
+            candidate = p_list.find{ |e| e[0] <= @n }
+            raise unless (@min .. @max).include?(candidate[0])
+            p, g = candidate[1], 2
+          else
+            p, g = pg
+          end
           @dh = OpenSSL::PKey::DH.new
           if @dh.respond_to?(:set_pqg)
             @dh.set_pqg OpenSSL::BN.new(p, 16), nil, OpenSSL::BN.new(g)
@@ -43,85 +69,94 @@ module HrrRbSsh
             @dh.g = OpenSSL::BN.new(g)
           end
           @dh.generate_key!
-        end
-        def set_e e
-          @e = e
+          @public_key = @dh.pub_key.to_i
         end
         def shared_secret
-          k = OpenSSL::BN.new(@dh.compute_key(OpenSSL::BN.new(@e)), 2).to_i
-        end
-        def pub_key
-          f = @dh.pub_key.to_i
+          @shared_secret
         end
         def hash transport
-          e = @e
-          k = shared_secret
-          f = pub_key
           h0_payload = {
             :'V_C' => transport.v_c,
             :'V_S' => transport.v_s,
             :'I_C' => transport.i_c,
             :'I_S' => transport.i_s,
-            :'K_S' => transport.server_host_key_algorithm.server_public_host_key,
+            :'K_S' => @k_s,
             :'min' => @min,
             :'n'   => @n,
             :'max' => @max,
-            :'p'   => @dh.p.to_i,
-            :'g'   => @dh.g.to_i,
-            :'e'   => e,
-            :'f'   => f,
-            :'k'   => k,
+            :'p'   => @p,
+            :'g'   => @g,
+            :'e'   => @e,
+            :'f'   => @f,
+            :'k'   => @shared_secret,
           }
-          h0 = H0.encode h0_payload
+          h0 = H0.new(logger: logger).encode h0_payload
           h = OpenSSL::Digest.digest self.class::DIGEST, h0
-          h
         end
         def sign transport
           h = hash transport
           s = transport.server_host_key_algorithm.sign h
-          s
         end
         def receive_kex_dh_gex_request payload
-          message = Message::SSH_MSG_KEX_DH_GEX_REQUEST.decode payload
-          @min = message[:'min']
-          @n   = message[:'n']
-          @max = message[:'max']
+          Message::SSH_MSG_KEX_DH_GEX_REQUEST.new(logger: logger).decode payload
         end
         def send_kex_dh_gex_group transport
           message = {
             :'message number' => Message::SSH_MSG_KEX_DH_GEX_GROUP::VALUE,
-            :'p'              => @dh.p.to_i,
-            :'g'              => @dh.g.to_i,
+            :'p'              => @p,
+            :'g'              => @g,
           }
-          payload = Message::SSH_MSG_KEX_DH_GEX_GROUP.encode message
+          payload = Message::SSH_MSG_KEX_DH_GEX_GROUP.new(logger: logger).encode message
           transport.send payload
         end
         def receive_kex_dh_gex_init payload
-          message = Message::SSH_MSG_KEX_DH_GEX_INIT.decode payload
-          set_e message[:'e']
+          Message::SSH_MSG_KEX_DH_GEX_INIT.new(logger: logger).decode payload
         end
         def send_kex_dh_gex_reply transport
           message = {
             :'message number'                                => Message::SSH_MSG_KEX_DH_GEX_REPLY::VALUE,
-            :'server public host key and certificates (K_S)' => transport.server_host_key_algorithm.server_public_host_key,
-            :'f'                                             => pub_key,
+            :'server public host key and certificates (K_S)' => @k_s,
+            :'f'                                             => @f,
             :'signature of H'                                => sign(transport),
           }
-          payload = Message::SSH_MSG_KEX_DH_GEX_REPLY.encode message
+          payload = Message::SSH_MSG_KEX_DH_GEX_REPLY.new(logger: logger).encode message
+          transport.send payload
+        end
+        def send_kex_dh_gex_request transport
+          message = {
+            :'message number' => Message::SSH_MSG_KEX_DH_GEX_REQUEST::VALUE,
+            :'min'            => @min,
+            :'n'              => @n,
+            :'max'            => @max,
+          }
+          payload = Message::SSH_MSG_KEX_DH_GEX_REQUEST.new(logger: logger).encode message
+          transport.send payload
+        end
+        def receive_kex_dh_gex_group payload
+          Message::SSH_MSG_KEX_DH_GEX_GROUP.new(logger: logger).decode payload
+        end
+        def send_kex_dh_gex_init transport
+          message = {
+            :'message number' => Message::SSH_MSG_KEX_DH_GEX_INIT::VALUE,
+            :'e'              => @e,
+          }
+          payload = Message::SSH_MSG_KEX_DH_GEX_INIT.new(logger: logger).encode message
           transport.send payload
         end
+        def receive_kex_dh_gex_reply payload
+          Message::SSH_MSG_KEX_DH_GEX_REPLY.new(logger: logger).decode payload
+        end
       end
     end
   end