net-ssh-backports 6.3.0.backports

data/lib/net/ssh/authentication/ed25519.rb

@@ -0,0 +1,185 @@
+gem 'ed25519', '~> 1.2'
+gem 'bcrypt_pbkdf', '~> 1.0' unless RUBY_PLATFORM == "java"
+
+require 'ed25519'
+
+require 'base64'
+
+require 'net/ssh/transport/cipher_factory'
+require 'net/ssh/authentication/pub_key_fingerprint'
+require 'bcrypt_pbkdf' unless RUBY_PLATFORM == "java"
+
+module Net
+  module SSH
+    module Authentication
+      module ED25519
+        class SigningKeyFromFile < SimpleDelegator
+          def initialize(pk,sk)
+            key = ::Ed25519::SigningKey.from_keypair(sk)
+            raise ArgumentError, "pk does not match sk" unless pk == key.verify_key.to_bytes
+
+            super(key)
+          end
+        end
+
+        class OpenSSHPrivateKeyLoader
+          CipherFactory = Net::SSH::Transport::CipherFactory
+
+          MBEGIN = "-----BEGIN OPENSSH PRIVATE KEY-----\n"
+          MEND = "-----END OPENSSH PRIVATE KEY-----"
+          MAGIC = "openssh-key-v1"
+
+          class DecryptError < ArgumentError
+            def initialize(message, encrypted_key: false)
+              super(message)
+              @encrypted_key = encrypted_key
+            end
+
+            def encrypted_key?
+              return @encrypted_key
+            end
+          end
+
+          def self.read(datafull, password)
+            datafull = datafull.strip
+            raise ArgumentError.new("Expected #{MBEGIN} at start of private key") unless datafull.start_with?(MBEGIN)
+            raise ArgumentError.new("Expected #{MEND} at end of private key") unless datafull.end_with?(MEND)
+
+            datab64 = datafull[MBEGIN.size...-MEND.size]
+            data = Base64.decode64(datab64)
+            raise ArgumentError.new("Expected #{MAGIC} at start of decoded private key") unless data.start_with?(MAGIC)
+
+            buffer = Net::SSH::Buffer.new(data[MAGIC.size + 1..-1])
+
+            ciphername = buffer.read_string
+            raise ArgumentError.new("#{ciphername} in private key is not supported") unless
+              CipherFactory.supported?(ciphername)
+
+            kdfname = buffer.read_string
+            raise ArgumentError.new("Expected #{kdfname} to be or none or bcrypt") unless %w[none bcrypt].include?(kdfname)
+
+            kdfopts = Net::SSH::Buffer.new(buffer.read_string)
+            num_keys = buffer.read_long
+            raise ArgumentError.new("Only 1 key is supported in ssh keys #{num_keys} was in private key") unless num_keys == 1
+
+            _pubkey = buffer.read_string
+
+            len = buffer.read_long
+
+            keylen, blocksize, ivlen = CipherFactory.get_lengths(ciphername, iv_len: true)
+            raise ArgumentError.new("Private key len:#{len} is not a multiple of #{blocksize}") if
+              ((len < blocksize) || ((blocksize > 0) && (len % blocksize) != 0))
+
+            if kdfname == 'bcrypt'
+              salt = kdfopts.read_string
+              rounds = kdfopts.read_long
+
+              raise "BCryptPbkdf is not implemented for jruby" if RUBY_PLATFORM == "java"
+
+              key = BCryptPbkdf::key(password, salt, keylen + ivlen, rounds)
+            else
+              key = '\x00' * (keylen + ivlen)
+            end
+
+            cipher = CipherFactory.get(ciphername, key: key[0...keylen], iv: key[keylen...keylen + ivlen], decrypt: true)
+
+            decoded = cipher.update(buffer.remainder_as_buffer.to_s)
+            decoded << cipher.final
+
+            decoded = Net::SSH::Buffer.new(decoded)
+            check1 = decoded.read_long
+            check2 = decoded.read_long
+
+            raise DecryptError.new("Decrypt failed on private key", encrypted_key: kdfname == 'bcrypt') if (check1 != check2)
+
+            type_name = decoded.read_string
+            case type_name
+            when "ssh-ed25519"
+              PrivKey.new(decoded)
+            else
+              decoded.read_private_keyblob(type_name)
+            end
+          end
+        end
+
+        class PubKey
+          include Net::SSH::Authentication::PubKeyFingerprint
+
+          attr_reader :verify_key
+
+          def initialize(data)
+            @verify_key = ::Ed25519::VerifyKey.new(data)
+          end
+
+          def self.read_keyblob(buffer)
+            PubKey.new(buffer.read_string)
+          end
+
+          def to_blob
+            Net::SSH::Buffer.from(:mstring,"ssh-ed25519".dup,:string,@verify_key.to_bytes).to_s
+          end
+
+          def ssh_type
+            "ssh-ed25519"
+          end
+
+          def ssh_signature_type
+            ssh_type
+          end
+
+          def ssh_do_verify(sig, data, options = {})
+            @verify_key.verify(sig,data)
+          end
+
+          def to_pem
+            # TODO this is not pem
+            ssh_type + Base64.encode64(@verify_key.to_bytes)
+          end
+        end
+
+        class PrivKey
+          CipherFactory = Net::SSH::Transport::CipherFactory
+
+          MBEGIN = "-----BEGIN OPENSSH PRIVATE KEY-----\n"
+          MEND = "-----END OPENSSH PRIVATE KEY-----\n"
+          MAGIC = "openssh-key-v1"
+
+          attr_reader :sign_key
+
+          def initialize(buffer)
+            pk = buffer.read_string
+            sk = buffer.read_string
+            _comment = buffer.read_string
+
+            @pk = pk
+            @sign_key = SigningKeyFromFile.new(pk,sk)
+          end
+
+          def to_blob
+            public_key.to_blob
+          end
+
+          def ssh_type
+            "ssh-ed25519"
+          end
+
+          def ssh_signature_type
+            ssh_type
+          end
+
+          def public_key
+            PubKey.new(@pk)
+          end
+
+          def ssh_do_sign(data)
+            @sign_key.sign(data)
+          end
+
+          def self.read(data, password)
+            OpenSSHPrivateKeyLoader.read(data, password)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/net/ssh/authentication/ed25519_loader.rb

@@ -0,0 +1,31 @@
+module Net
+  module SSH
+    module Authentication
+      # Loads ED25519 support which requires optinal dependecies like
+      # ed25519, bcrypt_pbkdf
+      module ED25519Loader
+        begin
+          require 'net/ssh/authentication/ed25519'
+          LOADED = true
+          ERROR = nil
+        rescue LoadError => e
+          ERROR = e
+          LOADED = false
+        end
+
+        def self.raiseUnlessLoaded(message)
+          description = ERROR.is_a?(LoadError) ? dependenciesRequiredForED25519 : ''
+          description << "#{ERROR.class} : \"#{ERROR.message}\"\n" if ERROR
+          raise NotImplementedError, "#{message}\n#{description}" unless LOADED
+        end
+
+        def self.dependenciesRequiredForED25519
+          result = "net-ssh requires the following gems for ed25519 support:\n"
+          result << " * ed25519 (>= 1.2, < 2.0)\n"
+          result << " * bcrypt_pbkdf (>= 1.0, < 2.0)\n" unless RUBY_PLATFORM == "java"
+          result << "See https://github.com/net-ssh/net-ssh/issues/565 for more information\n"
+        end
+      end
+    end
+  end
+end

data/lib/net/ssh/authentication/key_manager.rb

@@ -0,0 +1,297 @@
+require 'net/ssh/errors'
+require 'net/ssh/key_factory'
+require 'net/ssh/loggable'
+require 'net/ssh/authentication/agent'
+
+module Net
+  module SSH
+    module Authentication
+      # A trivial exception class used to report errors in the key manager.
+      class KeyManagerError < Net::SSH::Exception; end
+
+      # This class encapsulates all operations done by clients on a user's
+      # private keys. In practice, the client should never need a reference
+      # to a private key; instead, they grab a list of "identities" (public
+      # keys) that are available from the KeyManager, and then use
+      # the KeyManager to do various private key operations using those
+      # identities.
+      #
+      # The KeyManager also uses the Agent class to encapsulate the
+      # ssh-agent. Thus, from a client's perspective it is completely
+      # hidden whether an identity comes from the ssh-agent or from a file
+      # on disk.
+      class KeyManager
+        include Loggable
+
+        # The list of user key files that will be examined
+        attr_reader :key_files
+
+        # The list of user key data that will be examined
+        attr_reader :key_data
+
+        # The list of user key certificate files that will be examined
+        attr_reader :keycert_files
+
+        # The map of loaded identities
+        attr_reader :known_identities
+
+        # The map of options that were passed to the key-manager
+        attr_reader :options
+
+        # Create a new KeyManager. By default, the manager will
+        # use the ssh-agent if it is running and the `:use_agent` option
+        # is not false.
+        def initialize(logger, options={})
+          self.logger = logger
+          @key_files = []
+          @key_data = []
+          @keycert_files = []
+          @use_agent = options[:use_agent] != false
+          @known_identities = {}
+          @agent = nil
+          @options = options
+        end
+
+        # Clear all knowledge of any loaded user keys. This also clears the list
+        # of default identity files that are to be loaded, thus making it
+        # appropriate to use if a client wishes to NOT use the default identity
+        # files.
+        def clear!
+          key_files.clear
+          key_data.clear
+          known_identities.clear
+          self
+        end
+
+        # Add the given key_file to the list of key files that will be used.
+        def add(key_file)
+          key_files.push(File.expand_path(key_file)).uniq!
+          self
+        end
+
+        # Add the given keycert_file to the list of keycert files that will be used.
+        def add_keycert(keycert_file)
+          keycert_files.push(File.expand_path(keycert_file)).uniq!
+          self
+        end
+
+        # Add the given key_file to the list of keys that will be used.
+        def add_key_data(key_data_)
+          key_data.push(key_data_).uniq!
+          self
+        end
+
+        # This is used as a hint to the KeyManager indicating that the agent
+        # connection is no longer needed. Any other open resources may be closed
+        # at this time.
+        #
+        # Calling this does NOT indicate that the KeyManager will no longer
+        # be used. Identities may still be requested and operations done on
+        # loaded identities, in which case, the agent will be automatically
+        # reconnected. This method simply allows the client connection to be
+        # closed when it will not be used in the immediate future.
+        def finish
+          @agent.close if @agent
+          @agent = nil
+        end
+
+        # Iterates over all available identities (public keys) known to this
+        # manager. As it finds one, it will then yield it to the caller.
+        # The origin of the identities may be from files on disk or from an
+        # ssh-agent. Note that identities from an ssh-agent are always listed
+        # first in the array, with other identities coming after.
+        #
+        # If key manager was created with :keys_only option, any identity
+        # from ssh-agent will be ignored unless it present in key_files or
+        # key_data.
+        def each_identity
+          prepared_identities = prepare_identities_from_files + prepare_identities_from_data
+
+          user_identities = load_identities(prepared_identities, false, true)
+
+          if agent
+            agent.identities.each do |key|
+              corresponding_user_identity = user_identities.detect { |identity|
+                identity[:public_key] && identity[:public_key].to_pem == key.to_pem
+              }
+              user_identities.delete(corresponding_user_identity) if corresponding_user_identity
+
+              if !options[:keys_only] || corresponding_user_identity
+                known_identities[key] = { from: :agent, identity: key }
+                yield key
+              end
+            end
+          end
+
+          user_identities = load_identities(user_identities, !options[:non_interactive], false)
+
+          user_identities.each do |identity|
+            key = identity.delete(:public_key)
+            known_identities[key] = identity
+            yield key
+          end
+
+          known_identity_blobs = known_identities.keys.map(&:to_blob)
+          keycert_files.each do |keycert_file|
+            keycert = KeyFactory.load_public_key(keycert_file)
+            next if known_identity_blobs.include?(keycert.to_blob)
+
+            (_, corresponding_identity) = known_identities.detect { |public_key, _|
+              public_key.to_pem == keycert.to_pem
+            }
+
+            if corresponding_identity
+              known_identities[keycert] = corresponding_identity
+              yield keycert
+            end
+          end
+
+          self
+        end
+
+        # Sign the given data, using the corresponding private key of the given
+        # identity. If the identity was originally obtained from an ssh-agent,
+        # then the ssh-agent will be used to sign the data, otherwise the
+        # private key for the identity will be loaded from disk (if it hasn't
+        # been loaded already) and will then be used to sign the data.
+        #
+        # Regardless of the identity's origin or who does the signing, this
+        # will always return the signature in an SSH2-specified "signature
+        # blob" format.
+        def sign(identity, data)
+          info = known_identities[identity] or raise KeyManagerError, "the given identity is unknown to the key manager"
+
+          if info[:key].nil? && info[:from] == :file
+            begin
+              info[:key] = KeyFactory.load_private_key(info[:file], options[:passphrase], !options[:non_interactive], options[:password_prompt])
+            rescue OpenSSL::OpenSSLError, Exception => e
+              raise KeyManagerError, "the given identity is known, but the private key could not be loaded: #{e.class} (#{e.message})"
+            end
+          end
+
+          if info[:key]
+            return Net::SSH::Buffer.from(:string, identity.ssh_signature_type,
+              :mstring, info[:key].ssh_do_sign(data.to_s)).to_s
+          end
+
+          if info[:from] == :agent
+            raise KeyManagerError, "the agent is no longer available" unless agent
+
+            return agent.sign(info[:identity], data.to_s)
+          end
+
+          raise KeyManagerError, "[BUG] can't determine identity origin (#{info.inspect})"
+        end
+
+        # Identifies whether the ssh-agent will be used or not.
+        def use_agent?
+          @use_agent
+        end
+
+        # Toggles whether the ssh-agent will be used or not. If true, an
+        # attempt will be made to use the ssh-agent. If false, any existing
+        # connection to an agent is closed and the agent will not be used.
+        def use_agent=(use_agent)
+          finish if !use_agent
+          @use_agent = use_agent
+        end
+
+        # Returns an Agent instance to use for communicating with an SSH
+        # agent process. Returns nil if use of an SSH agent has been disabled,
+        # or if the agent is otherwise not available.
+        def agent
+          return unless use_agent?
+
+          @agent ||= Agent.connect(logger, options[:agent_socket_factory], options[:identity_agent])
+        rescue AgentNotAvailable
+          @use_agent = false
+          nil
+        end
+
+        def no_keys?
+          key_files.empty? && key_data.empty?
+        end
+
+        private
+
+        # Prepares identities from user key_files for loading, preserving their order and sources.
+        def prepare_identities_from_files
+          key_files.map do |file|
+            if readable_file?(file)
+              identity = {}
+              cert_file = file + "-cert.pub"
+              public_key_file = file + ".pub"
+              if readable_file?(cert_file)
+                identity[:load_from] = :pubkey_file
+                identity[:pubkey_file] = cert_file
+              elsif readable_file?(public_key_file)
+                identity[:load_from] = :pubkey_file
+                identity[:pubkey_file] = public_key_file
+              else
+                identity[:load_from] = :privkey_file
+              end
+              identity.merge(privkey_file: file)
+            end
+          end.compact
+        end
+
+        def readable_file?(path)
+          File.file?(path) && File.readable?(path)
+        end
+
+        # Prepared identities from user key_data, preserving their order and sources.
+        def prepare_identities_from_data
+          key_data.map do |data|
+            { load_from: :data, data: data }
+          end
+        end
+
+        # Load prepared identities. Private key decryption errors ignored if ignore_decryption_errors
+        def load_identities(identities, ask_passphrase, ignore_decryption_errors)
+          identities.map do |identity|
+            case identity[:load_from]
+            when :pubkey_file
+              key = KeyFactory.load_public_key(identity[:pubkey_file])
+              { public_key: key, from: :file, file: identity[:privkey_file] }
+            when :privkey_file
+              private_key = KeyFactory.load_private_key(
+                identity[:privkey_file], options[:passphrase], ask_passphrase, options[:password_prompt]
+              )
+              key = private_key.send(:public_key)
+              { public_key: key, from: :file, file: identity[:privkey_file], key: private_key }
+            when :data
+              private_key = KeyFactory.load_data_private_key(
+                identity[:data], options[:passphrase], ask_passphrase, "<key in memory>", options[:password_prompt]
+              )
+              key = private_key.send(:public_key)
+              { public_key: key, from: :key_data, data: identity[:data], key: private_key }
+            else
+              identity
+            end
+          rescue OpenSSL::PKey::RSAError, OpenSSL::PKey::DSAError, OpenSSL::PKey::ECError, OpenSSL::PKey::PKeyError, ArgumentError => e
+            if ignore_decryption_errors
+              identity
+            else
+              process_identity_loading_error(identity, e)
+              nil
+            end
+          rescue Exception => e
+            process_identity_loading_error(identity, e)
+            nil
+          end.compact
+        end
+
+        def process_identity_loading_error(identity, e)
+          case identity[:load_from]
+          when :pubkey_file
+            error { "could not load public key file `#{identity[:pubkey_file]}': #{e.class} (#{e.message})" }
+          when :privkey_file
+            error { "could not load private key file `#{identity[:privkey_file]}': #{e.class} (#{e.message})" }
+          else
+            raise e
+          end
+        end
+      end
+    end
+  end
+end

data/lib/net/ssh/authentication/methods/abstract.rb

@@ -0,0 +1,69 @@
+require 'net/ssh/buffer'
+require 'net/ssh/errors'
+require 'net/ssh/loggable'
+require 'net/ssh/authentication/constants'
+
+module Net
+  module SSH
+    module Authentication
+      module Methods
+        # The base class of all user authentication methods. It provides a few
+        # bits of common functionality.
+        class Abstract
+          include Loggable
+          include Constants
+
+          # The authentication session object
+          attr_reader :session
+
+          # The key manager object. Not all authentication methods will require
+          # this.
+          attr_reader :key_manager
+
+          # Instantiates a new authentication method.
+          def initialize(session, options={})
+            @session = session
+            @key_manager = options[:key_manager]
+            @options = options
+            @prompt = options[:password_prompt]
+            self.logger = session.logger
+          end
+
+          # Returns the session-id, as generated during the first key exchange of
+          # an SSH connection.
+          def session_id
+            session.transport.algorithms.session_id
+          end
+
+          # Sends a message via the underlying transport layer abstraction. This
+          # will block until the message is completely sent.
+          def send_message(msg)
+            session.transport.send_message(msg)
+          end
+
+          # Creates a new USERAUTH_REQUEST packet. The extra arguments on the end
+          # must be either boolean values or strings, and are tacked onto the end
+          # of the packet. The new packet is returned, ready for sending.
+          def userauth_request(username, next_service, auth_method, *others)
+            buffer = Net::SSH::Buffer.from(:byte, USERAUTH_REQUEST,
+              :string, username, :string, next_service, :string, auth_method)
+
+            others.each do |value|
+              case value
+              when true, false then buffer.write_bool(value)
+              when String      then buffer.write_string(value)
+              else raise ArgumentError, "don't know how to write #{value.inspect}"
+              end
+            end
+
+            buffer
+          end
+
+          private
+
+          attr_reader :prompt
+        end
+      end
+    end
+  end
+end

data/lib/net/ssh/authentication/methods/hostbased.rb

@@ -0,0 +1,72 @@
+require 'net/ssh/authentication/methods/abstract'
+
+module Net
+  module SSH
+    module Authentication
+      module Methods
+        # Implements the host-based SSH authentication method.
+        class Hostbased < Abstract
+          include Constants
+
+          # Attempts to perform host-based authorization of the user by trying
+          # all known keys.
+          def authenticate(next_service, username, password=nil)
+            return false unless key_manager
+
+            key_manager.each_identity do |identity|
+              return true if authenticate_with(identity, next_service,
+                username, key_manager)
+            end
+
+            return false
+          end
+
+          private
+
+          # Returns the hostname as reported by the underlying socket.
+          def hostname
+            session.transport.socket.client_name
+          end
+
+          # Attempts to perform host-based authentication of the user, using
+          # the given host identity (key).
+          def authenticate_with(identity, next_service, username, key_manager)
+            debug { "trying hostbased (#{identity.fingerprint})" }
+            client_username = ENV['USER'] || username
+
+            req = build_request(identity, next_service, username, "#{hostname}.", client_username)
+            sig_data = Buffer.from(:string, session_id, :raw, req)
+
+            sig = key_manager.sign(identity, sig_data.to_s)
+
+            message = Buffer.from(:raw, req, :string, sig)
+
+            send_message(message)
+            message = session.next_message
+
+            case message.type
+            when USERAUTH_SUCCESS
+              info { "hostbased succeeded (#{identity.fingerprint})" }
+              return true
+            when USERAUTH_FAILURE
+              info { "hostbased failed (#{identity.fingerprint})" }
+
+              raise Net::SSH::Authentication::DisallowedMethod unless
+                message[:authentications].split(/,/).include? 'hostbased'
+
+              return false
+            else
+              raise Net::SSH::Exception, "unexpected server response to USERAUTH_REQUEST: #{message.type} (#{message.inspect})"
+            end
+          end
+
+          # Build the "core" hostbased request string.
+          def build_request(identity, next_service, username, hostname, client_username)
+            userauth_request(username, next_service, "hostbased", identity.ssh_type,
+              Buffer.from(:key, identity).to_s, hostname, client_username).to_s
+          end
+        end
+      end
+    end
+  end
+end