hrr_rb_ssh 0.2.1 → 0.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 61d3c0613da093138597cc6a8e7ba24168e7374b0fffd31d26d58efabc234224
-  data.tar.gz: 60c45a6fb8eedc3cdadfa42bb79f686a42bbe955623637199e08bce44272d805
+  metadata.gz: 0c8f4e84817663132562929cf774d32295eb62df8820d7c08aa621672ae6a002
+  data.tar.gz: 783f325e4514b69f5bc2c9936ad012d07d263e1c93aa813393afb773ee72c4c9
 SHA512:
-  metadata.gz: bde652be2f850130028aecca6f6dc401e334198aa73f7fa28dcd88fa059a79378bf2e0b1d075c134fc49403aad491b6d49d4d4cbc53098bd12459f27829293b1
-  data.tar.gz: acf3496654c007e03ef390cfd1057b99ba85d0f82c965eea31647ea8bd919b4362783039405922bcb3243ab2ff0fc269e53a4faf05ebde8a0039210ebecffd15
+  metadata.gz: b08a544e2085ea9399564ae5a0ce654ba81adbcf5eaa28b17dbea438d29dadeafb89a450d7cf3151115cce29d1e32a3dada2c14e96efe1f47516fad75076c551
+  data.tar.gz: 204b40938e402920729b2e96261faf2be13851b9ee4e2b0de996db9bba17363b169bfb107bc951917008c9950fc314a53807c1ea639d8512378ecc9711540e21

data/README.md

@@ -7,6 +7,8 @@
 
 hrr_rb_ssh is a pure Ruby SSH 2.0 server implementation.
 
+With hrr_rb_ssh, it is possible to write an SSH server easily, and also possible to write an original server side application on secure connection provided by SSH protocol.
+
 ## Table of Contents
 
 - [Installation](#installation)
@@ -299,9 +301,9 @@ p HrrRbSsh::Transport::EncryptionAlgorithm.list_preferred
 # => ["aes128-ctr", "aes192-ctr", "aes256-ctr", "aes128-cbc", "3des-cbc", "blowfish-cbc", "cast128-cbc", "aes192-cbc", "aes256-cbc", "arcfour"]
 
 p HrrRbSsh::Transport::ServerHostKeyAlgorithm.list_supported
-# => ["ssh-dss", "ssh-rsa", "ecdsa-sha2-nistp256", "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521"]
+# => ["ssh-dss", "ssh-rsa", "ecdsa-sha2-nistp256", "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521", "ssh-ed25519"]
 p HrrRbSsh::Transport::ServerHostKeyAlgorithm.list_preferred
-# => ["ecdsa-sha2-nistp521", "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp256", "ssh-rsa", "ssh-dss"]
+# => ["ssh-ed25519", "ecdsa-sha2-nistp521", "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp256", "ssh-rsa", "ssh-dss"]
 
 p HrrRbSsh::Transport::KexAlgorithm.list_supported
 # => ["diffie-hellman-group1-sha1", "diffie-hellman-group14-sha1", "diffie-hellman-group-exchange-sha1", "diffie-hellman-group-exchange-sha256", "diffie-hellman-group14-sha256", "diffie-hellman-group15-sha512", "diffie-hellman-group16-sha512", "diffie-hellman-group17-sha512", "diffie-hellman-group18-sha512", "ecdh-sha2-nistp256", "ecdh-sha2-nistp384", "ecdh-sha2-nistp521"]
@@ -346,6 +348,7 @@ The following features are currently supported.
     - ecdsa-sha2-nistp256
     - ecdsa-sha2-nistp384
     - ecdsa-sha2-nistp521
+    - ssh-ed25519
 - Keyboard interactive (generic interactive / challenge response) authentication
 
 ### Transport layer
@@ -368,6 +371,7 @@ The following features are currently supported.
     - ecdsa-sha2-nistp256
     - ecdsa-sha2-nistp384
     - ecdsa-sha2-nistp521
+    - ssh-ed25519
 - Kex algorithm
     - diffie-hellman-group1-sha1
     - diffie-hellman-group14-sha1

data/demo/server.rb

@@ -18,7 +18,7 @@ def start_service io, logger=nil
   HrrRbSsh::Logger.initialize logger if logger
 
   tran_preferred_encryption_algorithms      = %w(aes128-ctr aes192-ctr aes256-ctr aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc aes256-cbc arcfour)
-  tran_preferred_server_host_key_algorithms = %w(ecdsa-sha2-nistp521 ecdsa-sha2-nistp384 ecdsa-sha2-nistp256 ssh-rsa ssh-dss)
+  tran_preferred_server_host_key_algorithms = %w(ssh-ed25519 ecdsa-sha2-nistp521 ecdsa-sha2-nistp384 ecdsa-sha2-nistp256 ssh-rsa ssh-dss)
   tran_preferred_kex_algorithms             = %w(ecdh-sha2-nistp521 ecdh-sha2-nistp384 ecdh-sha2-nistp256 diffie-hellman-group14-sha1 diffie-hellman-group1-sha1)
   tran_preferred_mac_algorithms             = %w(hmac-sha2-512 hmac-sha2-256 hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96)
   tran_preferred_compression_algorithms     = %w(none zlib)

data/hrr_rb_ssh.gemspec

@@ -20,6 +20,7 @@ Gem::Specification.new do |spec|
 
   spec.required_ruby_version = '>= 2.0.0'
 
+  spec.add_dependency "ed25519", "~> 1.2"
   spec.add_development_dependency "bundler", "~> 1.16"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "rspec", "~> 3.0"

data/lib/hrr_rb_ssh.rb

@@ -1,6 +1,12 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
 
+
+
+# HrrRbSsh is a pure Ruby SSH 2.0 implementation.
+module HrrRbSsh
+end
+
 require "hrr_rb_ssh/version"
 require "hrr_rb_ssh/compat"
 require "hrr_rb_ssh/logger"
@@ -11,7 +17,3 @@ require "hrr_rb_ssh/transport"
 require "hrr_rb_ssh/authentication"
 require "hrr_rb_ssh/connection"
 require "hrr_rb_ssh/server"
-
-module HrrRbSsh
-  # Your code goes here...
-end

data/lib/hrr_rb_ssh/algorithm/publickey.rb

@@ -1,25 +1,14 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
 
+require 'hrr_rb_ssh/subclass_without_preference_listable'
+
 module HrrRbSsh
   module Algorithm
     class Publickey
       @subclass_list = Array.new
       class << self
-        def inherited klass
-          @subclass_list.push klass if @subclass_list
-        end
-
-        def [] key
-          __subclass_list__(__method__).find{ |klass| klass::NAME == key }
-        end
-
-        def __subclass_list__ method_name
-          send(:method_missing, method_name) unless @subclass_list
-          @subclass_list
-        end
-
-        private :__subclass_list__
+        include SubclassWithoutPreferenceListable
       end
     end
   end
@@ -30,3 +19,4 @@ require 'hrr_rb_ssh/algorithm/publickey/ssh_rsa'
 require 'hrr_rb_ssh/algorithm/publickey/ecdsa_sha2_nistp256'
 require 'hrr_rb_ssh/algorithm/publickey/ecdsa_sha2_nistp384'
 require 'hrr_rb_ssh/algorithm/publickey/ecdsa_sha2_nistp521'
+require 'hrr_rb_ssh/algorithm/publickey/ssh_ed25519'

data/lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519.rb

@@ -0,0 +1,61 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/logger'
+
+module HrrRbSsh
+  module Algorithm
+    class Publickey
+      class SshEd25519 < Publickey
+        NAME = 'ssh-ed25519'
+
+        def initialize arg
+          begin
+            new_by_key_str arg
+          rescue PKey::Error
+            new_by_public_key_blob arg
+          end
+        end
+
+        def new_by_key_str key_str
+          @publickey = PKey.new(key_str)
+        end
+
+        def new_by_public_key_blob public_key_blob
+          public_key_blob_h = PublicKeyBlob.decode(public_key_blob)
+          @publickey = PKey.new
+          @publickey.set_public_key(public_key_blob_h[:key])
+        end
+
+        def to_pem
+          @publickey.public_key.to_pem
+        end
+
+        def to_public_key_blob
+          public_key_blob_h = {
+            :'public key algorithm name' => self.class::NAME,
+            :'key'                       => @publickey.public_key.key_str,
+          }
+          PublicKeyBlob.encode(public_key_blob_h)
+        end
+
+        def sign signature_blob
+          signature_h = {
+            :'public key algorithm name' => self.class::NAME,
+            :'signature blob'            => @publickey.sign(signature_blob),
+          }
+          Signature.encode signature_h
+        end
+
+        def verify signature, signature_blob
+          signature_h = Signature.decode signature
+          signature_h[:'public key algorithm name'] == self.class::NAME && @publickey.public_key.verify(signature_h[:'signature blob'], signature_blob)
+        end
+      end
+    end
+  end
+end
+
+require 'hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey'
+require 'hrr_rb_ssh/algorithm/publickey/ssh_ed25519/public_key_blob'
+require 'hrr_rb_ssh/algorithm/publickey/ssh_ed25519/signature'

data/lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/openssh_private_key.rb

@@ -0,0 +1,29 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+
+module HrrRbSsh
+  module Algorithm
+    class Publickey
+      class SshEd25519
+        module OpenSSHPrivateKey
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, :'cipher'],
+            [DataType::String, :'kdfname'],
+            [DataType::Uint32, :'kdfopts'],
+            [DataType::Uint32, :'number of public keys'],
+            [DataType::Uint32, :'first public key length'],
+            [DataType::String, :'name'],
+            [DataType::String, :'public key'],
+            [DataType::String, :'content'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/openssh_private_key_content.rb

@@ -0,0 +1,26 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+
+module HrrRbSsh
+  module Algorithm
+    class Publickey
+      class SshEd25519
+        module OpenSSHPrivateKeyContent
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::Uint64, :'unknown'],
+            [DataType::String, :'name'],
+            [DataType::String, :'public key'],
+            [DataType::String, :'key pair'],
+            [DataType::String, :'padding'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb

@@ -0,0 +1,158 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'stringio'
+require 'base64'
+require 'ed25519'
+
+module HrrRbSsh
+  module Algorithm
+    class Publickey
+      class SshEd25519
+        class PKey
+          class Error < ::StandardError
+          end
+
+          def initialize arg=nil
+            case arg
+            when ::Ed25519::SigningKey, ::Ed25519::VerifyKey
+              @key = arg
+            when ::String
+              @key = load_key_str arg
+            when nil
+              # do nothing
+            end
+          end
+
+          def load_key_str key_str
+            begin
+              load_openssh_key key_str
+            rescue
+              begin
+                load_openssl_key key_str
+              rescue
+                raise Error
+              end
+            end
+          end
+
+          def load_openssh_key key_str
+            begin_marker = "-----BEGIN OPENSSH PRIVATE KEY-----\n"
+            end_marker   = "-----END OPENSSH PRIVATE KEY-----\n"
+            magic        = "openssh-key-v1"
+
+            raise Error unless key_str.start_with? begin_marker
+            raise Error unless key_str.end_with? end_marker
+            decoded_key_str = Base64.decode64(key_str[begin_marker.size...-end_marker.size])
+            raise Error unless decoded_key_str[0,14] == magic
+
+            private_key_h = OpenSSHPrivateKey.decode decoded_key_str[15..-1]
+            private_key_content_h = OpenSSHPrivateKeyContent.decode private_key_h[:'content']
+            key_pair = private_key_content_h[:'key pair']
+
+            ::Ed25519::SigningKey.new(key_pair[0,32])
+          end
+
+          def load_openssl_key key_str
+            private_key_begin_marker = "-----BEGIN PRIVATE KEY-----\n"
+            public_key_begin_marker  = "-----BEGIN PUBLIC KEY-----\n"
+            if key_str.start_with? private_key_begin_marker
+              begin_marker = "-----BEGIN PRIVATE KEY-----\n"
+              end_marker   = "-----END PRIVATE KEY-----\n"
+
+              raise Error unless key_str.start_with? begin_marker
+              raise Error unless key_str.end_with? end_marker
+
+              decoded_key_str = Base64.decode64(key_str[begin_marker.size...-end_marker.size])
+              key_der = OpenSSL::ASN1.decode decoded_key_str
+
+              ::Ed25519::SigningKey.new(key_der.value[2].value[2..-1])
+            elsif key_str.start_with? public_key_begin_marker
+              begin_marker = "-----BEGIN PUBLIC KEY-----\n"
+              end_marker   = "-----END PUBLIC KEY-----\n"
+
+              raise Error unless key_str.start_with? begin_marker
+              raise Error unless key_str.end_with? end_marker
+
+              decoded_key_str = Base64.decode64(key_str[begin_marker.size...-end_marker.size])
+              key_der = OpenSSL::ASN1.decode decoded_key_str
+
+              ::Ed25519::VerifyKey.new(key_der.value[1].value)
+            else
+              raise Error
+            end
+          end
+
+          def set_public_key key_str
+            @key = ::Ed25519::VerifyKey.new(key_str)
+          end
+
+          def to_pem
+            ed25519_object_id = '1.3.101.112'
+            case @key
+=begin
+            when ::Ed25519::SigningKey
+              begin_marker = "-----BEGIN PRIVATE KEY-----\n"
+              end_marker   = "-----END PRIVATE KEY-----\n"
+              key_asn1 = OpenSSL::ASN1::Sequence.new(
+                [
+                  OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(0)),
+                  OpenSSL::ASN1::Sequence.new(
+                    [
+                      OpenSSL::ASN1::ObjectId.new(ed25519_object_id),
+                    ]
+                  ),
+                  OpenSSL::ASN1::OctetString.new(@key.to_bytes),
+                ]
+              )
+=end
+            when ::Ed25519::VerifyKey
+              begin_marker = "-----BEGIN PUBLIC KEY-----\n"
+              end_marker   = "-----END PUBLIC KEY-----\n"
+              key_asn1 = OpenSSL::ASN1::Sequence.new(
+                [
+                  OpenSSL::ASN1::Sequence.new(
+                    [
+                      OpenSSL::ASN1::ObjectId.new(ed25519_object_id),
+                    ]
+                  ),
+                  OpenSSL::ASN1::BitString.new(@key.to_bytes),
+                ]
+              )
+            end
+            pem_str = Base64.encode64(key_asn1.to_der)
+            begin_marker + pem_str + end_marker
+          end
+
+          def public_key
+            case @key
+            when ::Ed25519::SigningKey
+              self.class.new @key.verify_key
+            when ::Ed25519::VerifyKey
+              self
+            end
+          end
+
+          def key_str
+            @key.to_bytes
+          end
+
+          def sign data
+            @key.sign data
+          end
+
+          def verify signature, data
+            begin
+              @key.verify signature, data
+            rescue ::Ed25519::VerifyError
+              false
+            end
+          end
+        end
+      end
+    end
+  end
+end
+
+require 'hrr_rb_ssh/algorithm/publickey/ssh_ed25519/openssh_private_key'
+require 'hrr_rb_ssh/algorithm/publickey/ssh_ed25519/openssh_private_key_content'

data/lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/public_key_blob.rb

@@ -0,0 +1,23 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+
+module HrrRbSsh
+  module Algorithm
+    class Publickey
+      class SshEd25519
+        module PublicKeyBlob
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, :'public key algorithm name'],
+            [DataType::String, :'key'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/signature.rb

@@ -0,0 +1,23 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/data_type'
+require 'hrr_rb_ssh/codable'
+
+module HrrRbSsh
+  module Algorithm
+    class Publickey
+      class SshEd25519
+        module Signature
+          class << self
+            include Codable
+          end
+          DEFINITION = [
+            [DataType::String, :'public key algorithm name'],
+            [DataType::String, :'signature blob'],
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm.rb

@@ -23,3 +23,4 @@ require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa'
 require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp256'
 require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp384'
 require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ecdsa_sha2_nistp521'
+require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_ed25519'

data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_ed25519.rb

@@ -0,0 +1,21 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/authentication/method/publickey/algorithm/functionable'
+
+module HrrRbSsh
+  class Authentication
+    class Method
+      class Publickey
+        class Algorithm
+          class SshEd25519 < Algorithm
+            NAME = 'ssh-ed25519'
+            PREFERENCE = 60
+
+            include Functionable
+          end
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/codable.rb

@@ -14,10 +14,11 @@ module HrrRbSsh
     end
 
     def conditional_definition message
+      return [] unless self.const_defined? :CONDITIONAL_DEFINITION
       message.inject([]){ |a, (k,v)|
         field_name  = k
         field_value = if v.instance_of? ::Proc then v.call else v end
-        a + ((self::CONDITIONAL_DEFINITION rescue {}).fetch(field_name, {})[field_value] || [])
+        a + (self::CONDITIONAL_DEFINITION.fetch(field_name, {})[field_value] || [])
       }
     end
 

data/lib/hrr_rb_ssh/connection/channel/channel_type.rb

@@ -1,26 +1,15 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
 
+require 'hrr_rb_ssh/subclass_without_preference_listable'
+
 module HrrRbSsh
   class Connection
     class Channel
       class ChannelType
         @subclass_list = Array.new
         class << self
-          def inherited klass
-            @subclass_list.push klass if @subclass_list
-          end
-
-          def [] key
-            __subclass_list__(__method__).find{ |klass| klass::NAME == key }
-          end
-
-          def __subclass_list__ method_name
-            send(:method_missing, method_name) unless @subclass_list
-            @subclass_list
-          end
-
-          private :__subclass_list__
+          include SubclassWithoutPreferenceListable
         end
       end
     end

data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type.rb

@@ -1,6 +1,8 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
 
+require 'hrr_rb_ssh/subclass_without_preference_listable'
+
 module HrrRbSsh
   class Connection
     class Channel
@@ -9,20 +11,7 @@ module HrrRbSsh
           class RequestType
             @subclass_list = Array.new
             class << self
-              def inherited klass
-                @subclass_list.push klass if @subclass_list
-              end
-
-              def [] key
-                __subclass_list__(__method__).find{ |klass| klass::NAME == key }
-              end
-
-              def __subclass_list__ method_name
-                send(:method_missing, method_name) unless @subclass_list
-                @subclass_list
-              end
-
-              private :__subclass_list__
+              include SubclassWithoutPreferenceListable
             end
           end
         end

data/lib/hrr_rb_ssh/connection/request_handler/reference_pty_req_request_handler.rb

@@ -67,19 +67,13 @@ module HrrRbSsh
                   }
                   chain.call_next
                 ensure
+                  context.logger.info { "closing pty-req request handler chain_proc" }
                   context.vars[:ptm].close rescue nil
                   context.vars[:pts].close rescue nil
-                  begin
-                    ptm_read_thread.join
-                  rescue => e
-                    context.logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
-                  end
-                  begin
-                    ptm_write_thread.exit
-                    ptm_write_thread.join
-                  rescue => e
-                    context.logger.error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
-                  end
+                  ptm_read_thread.join
+                  ptm_write_thread.exit
+                  ptm_write_thread.join
+                  context.logger.info { "pty-req request handler chain_proc closed" }
                 end
               }
             rescue => e

data/lib/hrr_rb_ssh/data_type.rb

@@ -1,150 +1,16 @@
 # coding: utf-8
 # vim: et ts=2 sw=2
 
-require 'openssl'
-
 module HrrRbSsh
-  module DataType
-    class Byte
-      def self.encode arg
-        case arg
-        when 0x00..0xff
-          [arg].pack("C")
-        else
-          raise ArgumentError, "must be in #{0x00}..#{0xff}, but got #{arg.inspect}"
-        end
-      end
-
-      def self.decode io
-        io.read(1).unpack("C")[0]
-      end
-    end
-
-    class Boolean
-      def self.encode arg
-        case arg
-        when false
-          [0].pack("C")
-        when true
-          [1].pack("C")
-        else
-          raise ArgumentError, "must be #{true} or #{false}, but got #{arg.inspect}"
-        end
-      end
-
-      def self.decode io
-        if 0 == io.read(1).unpack("C")[0]
-          false
-        else
-          true
-        end
-      end
-    end
-
-    class Uint32
-      def self.encode arg
-        case arg
-        when 0x0000_0000..0xffff_ffff
-          [arg].pack("N")
-        else
-          raise ArgumentError, "must be in #{0x0000_0000}..#{0xffff_ffff}, but got #{arg.inspect}"
-        end
-      end
-
-      def self.decode io
-        io.read(4).unpack("N")[0]
-      end
-    end
-
-    class Uint64
-      def self.encode arg
-        case arg
-        when 0x0000_0000_0000_0000..0xffff_ffff_ffff_ffff
-          [arg >> 32].pack("N") + [arg & 0x0000_0000_ffff_ffff].pack("N")
-        else
-          raise ArgumentError, "must be in #{0x0000_0000_0000_0000}..#{0xffff_ffff_ffff_ffff}, but got #{arg.inspect}"
-        end
-      end
-
-      def self.decode io
-        (io.read(4).unpack("N")[0] << 32) + (io.read(4).unpack("N")[0])
-      end
-    end
-
-    class String
-      def self.encode arg
-        unless arg.kind_of? ::String
-          raise ArgumentError, "must be a kind of String, but got #{arg.inspect}"
-        end
-        if arg.length > 0xffff_ffff
-          raise ArgumentError, "must be shorter than or equal to #{0xffff_ffff}, but got length #{arg.length}"
-        end
-        [arg.length, arg].pack("Na*")
-      end
-
-      def self.decode io
-        length = io.read(4).unpack("N")[0]
-        io.read(length).unpack("a*")[0]
-      end
-    end
-
-    class Mpint
-      def self.encode arg
-        unless arg.kind_of? ::Integer
-          raise ArgumentError, "must be a kind of Integer, but got #{arg.inspect}"
-        end
-        bn = ::OpenSSL::BN.new(arg)
-        if bn < 0
-          # get 2's complement
-          tc = bn.to_i & ((1 << (bn.num_bytes * 8)) - 1)
-          # get hex representation
-          hex_str = "%x" % tc
-
-          if tc[(bn.num_bytes * 8) - 1] == 1
-            [bn.num_bytes, hex_str].pack("NH*")
-          else
-            [bn.num_bytes + 1, "ff" + hex_str].pack("NH*")
-          end
-        else
-          bn.to_s(0)
-        end
-      end
-
-      def self.decode io
-        length = io.read(4).unpack("N")[0]
-        hex_str = io.read(length).unpack("H*")[0]
-        # get temporal integer value
-        value = hex_str.hex
-        if length == 0
-          0
-        elsif value[(length * 8) - 1] == 0
-          value
-        else
-          num_bytes = if hex_str.start_with?("ff") then length - 1 else length end
-          - (((~ value) & ((1 << (num_bytes * 8)) - 1)) + 1)
-        end
-      end
-    end
-
-    class NameList
-      def self.encode arg
-        unless arg.kind_of? Array
-          raise ArgumentError, "must be a kind of Array, but got #{arg.inspect}"
-        end
-        unless (arg.map(&:class) - [::String]).empty?
-          raise ArgumentError, "must be with all elements of String, but got #{arg.inspect}"
-        end
-        joined_arg = arg.join(',')
-        if joined_arg.length > 0xffff_ffff
-          raise ArgumentError, "must be shorter than or equal to #{0xffff_ffff}, but got length #{joined_arg.length}"
-        end
-        [joined_arg.length, joined_arg].pack("Na*")
-      end
-
-      def self.decode io
-        length = io.read(4).unpack("N")[0]
-        io.read(length).unpack("a*")[0].split(',')
-      end
-    end
+  # DataType is a parent class of classes that provide methods to convert value and binary string each other.
+  class DataType
   end
 end
+
+require 'hrr_rb_ssh/data_type/byte'
+require 'hrr_rb_ssh/data_type/boolean'
+require 'hrr_rb_ssh/data_type/uint32'
+require 'hrr_rb_ssh/data_type/uint64'
+require 'hrr_rb_ssh/data_type/string'
+require 'hrr_rb_ssh/data_type/mpint'
+require 'hrr_rb_ssh/data_type/name_list'

data/lib/hrr_rb_ssh/data_type/boolean.rb

@@ -0,0 +1,37 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+module HrrRbSsh
+  class DataType
+    # Boolean provides methods to convert boolean value and 8-bit unsigned binary string each other.
+    class Boolean < DataType
+      # Convert boolean value into 8-bit unsigned binary string.
+      #
+      # @param [::Boolean] arg boolean value to be converted
+      # @raise [::ArgumentError] when arg is not true nor false
+      # @return [::String] converted 8-bit unsigned binary string
+      def self.encode arg
+        case arg
+        when false
+          [0].pack("C")
+        when true
+          [1].pack("C")
+        else
+          raise ArgumentError, "must be #{true} or #{false}, but got #{arg.inspect}"
+        end
+      end
+
+      # Convert 8-bit unsigned binary into boolean value.
+      #
+      # @param [::IO] io IO instance that has buffer to be read
+      # @return [::Boolean] converted boolean value
+      def self.decode io
+        if 0 == io.read(1).unpack("C")[0]
+          false
+        else
+          true
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/data_type/byte.rb

@@ -0,0 +1,31 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+module HrrRbSsh
+  class DataType
+    # Byte provides methods to convert integer value and 8-bit unsigned binary string each other.
+    class Byte < DataType
+      # Convert integer value into 8-bit unsigned binary string.
+      #
+      # @param [::Integer] arg integer value to be converted
+      # @raise [::ArgumentError] when arg is not between 0x00 and 0xff
+      # @return [::String] converted 8-bit unsigned binary string
+      def self.encode arg
+        case arg
+        when 0x00..0xff
+          [arg].pack("C")
+        else
+          raise ArgumentError, "must be in #{0x00}..#{0xff}, but got #{arg.inspect}"
+        end
+      end
+
+      # Convert 8-bit unsigned binary into Integer value.
+      #
+      # @param [::IO] io IO instance that has buffer to be read
+      # @return [::Integer] converted integer value
+      def self.decode io
+        io.read(1).unpack("C")[0]
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/data_type/mpint.rb

@@ -0,0 +1,56 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'openssl'
+
+module HrrRbSsh
+  class DataType
+    # Mpint provides methods to convert integer value and multiple precision integer in two's complement as binary string each other.
+    class Mpint < DataType
+      # Convert integer value into multiple precision integer in two's complement as binary string.
+      #
+      # @param [::Integer] arg integer value to be converted
+      # @raise [::ArgumentError] when arg is not an integer value
+      # @return [::String] converted multiple precision integer in two's complement as binary string
+      def self.encode arg
+        unless arg.kind_of? ::Integer
+          raise ArgumentError, "must be a kind of Integer, but got #{arg.inspect}"
+        end
+        bn = ::OpenSSL::BN.new(arg)
+        if bn < 0
+          # get 2's complement
+          tc = bn.to_i & ((1 << (bn.num_bytes * 8)) - 1)
+          # get hex representation
+          hex_str = "%x" % tc
+
+          if tc[(bn.num_bytes * 8) - 1] == 1
+            [bn.num_bytes, hex_str].pack("NH*")
+          else
+            [bn.num_bytes + 1, "ff" + hex_str].pack("NH*")
+          end
+        else
+          bn.to_s(0)
+        end
+      end
+
+      # Convert multiple precision integer in two's complement as binary string into integer value.
+      #
+      # @param [::IO] io IO instance that has buffer to be read
+      # @return [::Integer] converted integer value
+      def self.decode io
+        length = io.read(4).unpack("N")[0]
+        hex_str = io.read(length).unpack("H*")[0]
+        # get temporal integer value
+        value = hex_str.hex
+        if length == 0
+          0
+        elsif value[(length * 8) - 1] == 0
+          value
+        else
+          num_bytes = if hex_str.start_with?("ff") then length - 1 else length end
+          - (((~ value) & ((1 << (num_bytes * 8)) - 1)) + 1)
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/data_type/name_list.rb

@@ -0,0 +1,38 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+module HrrRbSsh
+  class DataType
+    # NameList provides methods to convert a comma-separated list of names and binary string each other.
+    class NameList < DataType
+      # Convert a comma-separated list of names into binary string.
+      #
+      # @param [::Array] arg an array that containes names to be converted
+      # @raise [::ArgumentError] when arg is not an array
+      # @raise [::ArgumentError] when arg array containes an instance of not string
+      # @return [::String] converted binary string
+      def self.encode arg
+        unless arg.kind_of? ::Array
+          raise ArgumentError, "must be a kind of Array, but got #{arg.inspect}"
+        end
+        unless arg.all?{ |e| e.kind_of? ::String }
+          raise ArgumentError, "must be with all elements of String, but got #{arg.inspect}"
+        end
+        joined_arg = arg.join(',')
+        if joined_arg.length > 0xffff_ffff
+          raise ArgumentError, "must be shorter than or equal to #{0xffff_ffff}, but got length #{joined_arg.length}"
+        end
+        [joined_arg.length, joined_arg].pack("Na*")
+      end
+
+      # Convert binary string into a comma-separated list of names.
+      #
+      # @param [::IO] io IO instance that has buffer to be read
+      # @return [::Array] converted a comma-separated list of names
+      def self.decode io
+        length = io.read(4).unpack("N")[0]
+        io.read(length).unpack("a*")[0].split(',')
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/data_type/string.rb

@@ -0,0 +1,34 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+module HrrRbSsh
+  class DataType
+    # String provides methods to convert Ruby's string value and binary string each other.
+    class String < DataType
+      # Convert Ruby's string value into binary string.
+      #
+      # @param [::String] arg Ruby's string value to be converted
+      # @raise [::ArgumentError] when arg is not string
+      # @raise [::ArgumentError] when length of arg is longer than 0xffff_ffff
+      # @return [::String] converted binary string
+      def self.encode arg
+        unless arg.kind_of? ::String
+          raise ArgumentError, "must be a kind of String, but got #{arg.inspect}"
+        end
+        if arg.length > 0xffff_ffff
+          raise ArgumentError, "must be shorter than or equal to #{0xffff_ffff}, but got length #{arg.length}"
+        end
+        [arg.length, arg].pack("Na*")
+      end
+
+      # Convert binary string into Ruby's string value.
+      #
+      # @param [::IO] io IO instance that has buffer to be read
+      # @return [::String] converted Ruby's string value
+      def self.decode io
+        length = io.read(4).unpack("N")[0]
+        io.read(length).unpack("a*")[0]
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/data_type/uint32.rb

@@ -0,0 +1,31 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+module HrrRbSsh
+  class DataType
+    # Uint32 provides methods to convert integer value and 32-bit unsigned binary string each other.
+    class Uint32 < DataType
+      # Convert integer value into 32-bit unsigned binary string.
+      #
+      # @param [::Integer] arg integer value to be converted
+      # @raise [::ArgumentError] when arg is not between 0x0000_0000 and 0xffff_ffff
+      # @return [::String] converted 32-bit unsigned binary string
+      def self.encode arg
+        case arg
+        when 0x0000_0000..0xffff_ffff
+          [arg].pack("N")
+        else
+          raise ArgumentError, "must be in #{0x0000_0000}..#{0xffff_ffff}, but got #{arg.inspect}"
+        end
+      end
+
+      # Convert 32-bit unsigned binary into Integer value.
+      #
+      # @param [::IO] io IO instance that has buffer to be read
+      # @return [::Integer] converted integer value
+      def self.decode io
+        io.read(4).unpack("N")[0]
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/data_type/uint64.rb

@@ -0,0 +1,31 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+module HrrRbSsh
+  class DataType
+    # Uint64 provides methods to convert integer value and 64-bit unsigned binary string each other.
+    class Uint64 < DataType
+      # Convert integer value into 64-bit unsigned binary string.
+      #
+      # @param [::Integer] arg integer value to be converted
+      # @raise [::ArgumentError] when arg is not between 0x0000_0000_0000_0000 and 0xffff_ffff_ffff_ffff
+      # @return [::String] converted 64-bit unsigned binary string
+      def self.encode arg
+        case arg
+        when 0x0000_0000_0000_0000..0xffff_ffff_ffff_ffff
+          [arg >> 32].pack("N") + [arg & 0x0000_0000_ffff_ffff].pack("N")
+        else
+          raise ArgumentError, "must be in #{0x0000_0000_0000_0000}..#{0xffff_ffff_ffff_ffff}, but got #{arg.inspect}"
+        end
+      end
+
+      # Convert 64-bit unsigned binary into Integer value.
+      #
+      # @param [::IO] io IO instance that has buffer to be read
+      # @return [::Integer] converted integer value
+      def self.decode io
+        (io.read(4).unpack("N")[0] << 32) + (io.read(4).unpack("N")[0])
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/subclass_without_preference_listable.rb

@@ -0,0 +1,25 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+module HrrRbSsh
+  module SubclassWithoutPreferenceListable
+    def inherited klass
+      @subclass_list.push klass if @subclass_list
+    end
+
+    def [] key
+      __subclass_list__(__method__).find{ |klass| klass::NAME == key }
+    end
+
+    def list_supported
+      __subclass_list__(__method__).map{ |klass| klass::NAME }
+    end
+
+    def __subclass_list__ method_name
+      send(:method_missing, method_name) unless @subclass_list
+      @subclass_list
+    end
+
+    private :__subclass_list__
+  end
+end

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm.rb

@@ -19,3 +19,4 @@ require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa'
 require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp256'
 require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp384'
 require 'hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp521'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/ssh_ed25519'

data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_ed25519.rb

@@ -0,0 +1,20 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'ed25519'
+require 'hrr_rb_ssh/openssl_secure_random'
+require 'hrr_rb_ssh/transport/server_host_key_algorithm/functionable'
+
+module HrrRbSsh
+  class Transport
+    class ServerHostKeyAlgorithm
+      class SshEd25519 < ServerHostKeyAlgorithm
+        NAME = 'ssh-ed25519'
+        PREFERENCE = 60
+        SECRET_KEY = ::Ed25519::SigningKey.generate
+
+        include Functionable
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/version.rb

@@ -2,5 +2,5 @@
 # vim: et ts=2 sw=2
 
 module HrrRbSsh
-  VERSION = "0.2.1"
+  VERSION = "0.2.2"
 end

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: hrr_rb_ssh
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - hirura
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-05-27 00:00:00.000000000 Z
+date: 2018-08-30 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: ed25519
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -98,6 +112,12 @@ files:
 - lib/hrr_rb_ssh/algorithm/publickey/ssh_dss.rb
 - lib/hrr_rb_ssh/algorithm/publickey/ssh_dss/public_key_blob.rb
 - lib/hrr_rb_ssh/algorithm/publickey/ssh_dss/signature.rb
+- lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519.rb
+- lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/openssh_private_key.rb
+- lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/openssh_private_key_content.rb
+- lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb
+- lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/public_key_blob.rb
+- lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/signature.rb
 - lib/hrr_rb_ssh/algorithm/publickey/ssh_rsa.rb
 - lib/hrr_rb_ssh/algorithm/publickey/ssh_rsa/public_key_blob.rb
 - lib/hrr_rb_ssh/algorithm/publickey/ssh_rsa/signature.rb
@@ -120,6 +140,7 @@ files:
 - lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/algorithm/signature_blob.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_ed25519.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa.rb
 - lib/hrr_rb_ssh/authentication/method/publickey/context.rb
 - lib/hrr_rb_ssh/codable.rb
@@ -161,6 +182,13 @@ files:
 - lib/hrr_rb_ssh/connection/request_handler/reference_shell_request_handler.rb
 - lib/hrr_rb_ssh/connection/request_handler/reference_window_change_request_handler.rb
 - lib/hrr_rb_ssh/data_type.rb
+- lib/hrr_rb_ssh/data_type/boolean.rb
+- lib/hrr_rb_ssh/data_type/byte.rb
+- lib/hrr_rb_ssh/data_type/mpint.rb
+- lib/hrr_rb_ssh/data_type/name_list.rb
+- lib/hrr_rb_ssh/data_type/string.rb
+- lib/hrr_rb_ssh/data_type/uint32.rb
+- lib/hrr_rb_ssh/data_type/uint64.rb
 - lib/hrr_rb_ssh/error.rb
 - lib/hrr_rb_ssh/error/closed_authentication.rb
 - lib/hrr_rb_ssh/error/closed_connection.rb
@@ -208,6 +236,7 @@ files:
 - lib/hrr_rb_ssh/openssl_secure_random.rb
 - lib/hrr_rb_ssh/server.rb
 - lib/hrr_rb_ssh/subclass_with_preference_listable.rb
+- lib/hrr_rb_ssh/subclass_without_preference_listable.rb
 - lib/hrr_rb_ssh/transport.rb
 - lib/hrr_rb_ssh/transport/compression_algorithm.rb
 - lib/hrr_rb_ssh/transport/compression_algorithm/functionable.rb
@@ -269,6 +298,7 @@ files:
 - lib/hrr_rb_ssh/transport/server_host_key_algorithm/ecdsa_sha2_nistp521.rb
 - lib/hrr_rb_ssh/transport/server_host_key_algorithm/functionable.rb
 - lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb
+- lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_ed25519.rb
 - lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb
 - lib/hrr_rb_ssh/version.rb
 homepage: https://github.com/hirura/hrr_rb_ssh