net-ssh 2.4.0 → 2.5.0

data/lib/net/ssh/transport/hmac/ripemd160.rb

@@ -0,0 +1,13 @@
+require 'net/ssh/transport/hmac/abstract'
+
+module Net::SSH::Transport::HMAC
+
+  # The RIPEMD-160 HMAC algorithm. This has a mac and key length of 20, and
+  # uses the RIPEMD-160 digest algorithm.
+  class RIPEMD160 < Abstract
+    mac_length   20
+    key_length   20
+    digest_class OpenSSL::Digest::RIPEMD160
+  end
+
+end

data/lib/net/ssh/transport/kex.rb

@@ -1,4 +1,5 @@
 require 'net/ssh/transport/kex/diffie_hellman_group1_sha1'
+require 'net/ssh/transport/kex/diffie_hellman_group14_sha1'
 require 'net/ssh/transport/kex/diffie_hellman_group_exchange_sha1'
 require 'net/ssh/transport/kex/diffie_hellman_group_exchange_sha256'
 
@@ -9,9 +10,19 @@ module Net::SSH::Transport
     MAP = {
       'diffie-hellman-group-exchange-sha1' => DiffieHellmanGroupExchangeSHA1,
       'diffie-hellman-group1-sha1'         => DiffieHellmanGroup1SHA1,
+      'diffie-hellman-group14-sha1'        => DiffieHellmanGroup14SHA1,
     }
     if defined?(DiffieHellmanGroupExchangeSHA256)
       MAP['diffie-hellman-group-exchange-sha256'] = DiffieHellmanGroupExchangeSHA256
     end
+    if defined?(OpenSSL::PKey::EC)
+      require 'net/ssh/transport/kex/ecdh_sha2_nistp256'
+      require 'net/ssh/transport/kex/ecdh_sha2_nistp384'
+      require 'net/ssh/transport/kex/ecdh_sha2_nistp521'
+
+      MAP['ecdh-sha2-nistp256'] = EcdhSHA2NistP256
+      MAP['ecdh-sha2-nistp384'] = EcdhSHA2NistP384
+      MAP['ecdh-sha2-nistp521'] = EcdhSHA2NistP521
+    end
   end
 end

data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb

@@ -0,0 +1,44 @@
+require 'net/ssh/transport/kex/diffie_hellman_group1_sha1'
+
+module Net; module SSH; module Transport; module Kex
+
+  # A key-exchange service implementing the "diffie-hellman-group14-sha1"
+  # key-exchange algorithm. (defined in RFC 4253)
+  class DiffieHellmanGroup14SHA1 < DiffieHellmanGroup1SHA1
+    include Constants, Loggable
+
+    # The value of 'P', as a string, in hexadecimal
+    P_s = "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" +
+          "C4C6628B" "80DC1CD1" "29024E08" "8A67CC74" +
+          "020BBEA6" "3B139B22" "514A0879" "8E3404DD" +
+          "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" +
+          "4FE1356D" "6D51C245" "E485B576" "625E7EC6" +
+          "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" +
+          "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" +
+          "49286651" "ECE45B3D" "C2007CB8" "A163BF05" +
+          "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F" +
+          "83655D23" "DCA3AD96" "1C62F356" "208552BB" +
+          "9ED52907" "7096966D" "670C354E" "4ABC9804" +
+          "F1746C08" "CA18217C" "32905E46" "2E36CE3B" +
+          "E39E772C" "180E8603" "9B2783A2" "EC07A28F" +
+          "B5C55DF0" "6F4C52C9" "DE2BCBF6" "95581718" +
+          "3995497C" "EA956AE5" "15D22618" "98FA0510" +
+          "15728E5A" "8AACAA68" "FFFFFFFF" "FFFFFFFF"
+
+    # The radix in which P_s represents the value of P
+    P_r = 16
+
+    # The group constant
+    G = 2
+
+    private
+
+    def get_p
+      OpenSSL::BN.new(P_s, P_r)
+    end
+
+    def get_g
+      G
+    end
+  end
+end; end; end; end

data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb

@@ -40,8 +40,8 @@ module Net; module SSH; module Transport; module Kex
     # required by this algorithm, which was acquired during earlier
     # processing.
     def initialize(algorithms, connection, data)
-      @p = OpenSSL::BN.new(P_s, P_r)
-      @g = G
+      @p = get_p
+      @g = get_g
 
       @digester = OpenSSL::Digest::SHA1
       @algorithms = algorithms
@@ -76,7 +76,15 @@ module Net; module SSH; module Transport; module Kex
     end
 
     private
-    
+
+      def get_p
+        OpenSSL::BN.new(P_s, P_r)
+      end
+
+      def get_g
+        G
+      end
+
       # Returns the DH key parameters for the current connection.
       def get_parameters
         [p, g]

data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb

@@ -0,0 +1,93 @@
+require 'net/ssh/transport/constants'
+require 'net/ssh/transport/kex/diffie_hellman_group1_sha1'
+
+module Net; module SSH; module Transport; module Kex
+
+  # A key-exchange service implementing the "ecdh-sha2-nistp256"
+  # key-exchange algorithm. (defined in RFC 5656)
+  class EcdhSHA2NistP256 < DiffieHellmanGroup1SHA1
+    include Constants, Loggable
+
+    attr_reader :ecdh
+
+    def digester
+      OpenSSL::Digest::SHA256
+    end
+
+    def curve_name
+      OpenSSL::PKey::EC::CurveNameAlias['nistp256']
+    end
+
+    def initialize(algorithms, connection, data)
+      @algorithms = algorithms
+      @connection = connection
+
+      @digester = digester
+      @data = data.dup
+      @ecdh = generate_key
+      @logger = @data.delete(:logger)
+    end
+
+    private
+
+    def get_message_types
+      [KEXECDH_INIT, KEXECDH_REPLY]
+    end
+
+    def build_signature_buffer(result)
+      response = Net::SSH::Buffer.new
+      response.write_string data[:client_version_string],
+                            data[:server_version_string],
+                            data[:client_algorithm_packet],
+                            data[:server_algorithm_packet],
+                            result[:key_blob],
+                            ecdh.public_key.to_bn.to_s(2),
+                            result[:server_ecdh_pubkey]
+      response.write_bignum result[:shared_secret]
+      response
+    end
+
+    def generate_key #:nodoc:
+      OpenSSL::PKey::EC.new(curve_name).generate_key
+    end
+
+    def send_kexinit #:nodoc:
+      init, reply = get_message_types
+
+      # send the KEXECDH_INIT message
+      ## byte     SSH_MSG_KEX_ECDH_INIT
+      ## string   Q_C, client's ephemeral public key octet string
+      buffer = Net::SSH::Buffer.from(:byte, init, :string, ecdh.public_key.to_bn.to_s(2))
+      connection.send_message(buffer)
+
+      # expect the following KEXECDH_REPLY message
+      ## byte     SSH_MSG_KEX_ECDH_REPLY
+      ## string   K_S, server's public host key
+      ## string   Q_S, server's ephemeral public key octet string
+      ## string   the signature on the exchange hash
+      buffer = connection.next_message
+      raise Net::SSH::Exception, "expected REPLY" unless buffer.type == reply
+
+      result = Hash.new
+      result[:key_blob] = buffer.read_string
+      result[:server_key] = Net::SSH::Buffer.new(result[:key_blob]).read_key
+      result[:server_ecdh_pubkey] = buffer.read_string
+
+      # compute shared secret from server's public key and client's private key
+      pk = OpenSSL::PKey::EC::Point.new(OpenSSL::PKey::EC.new(curve_name).group,
+                                        OpenSSL::BN.new(result[:server_ecdh_pubkey], 2))
+      result[:shared_secret] = OpenSSL::BN.new(ecdh.dh_compute_key(pk), 2)
+
+      sig_buffer = Net::SSH::Buffer.new(buffer.read_string)
+      sig_type = sig_buffer.read_string
+      if sig_type != algorithms.host_key
+        raise Net::SSH::Exception,
+        "host key algorithm mismatch for signature " +
+          "'#{sig_type}' != '#{algorithms.host_key}'"
+      end
+      result[:server_sig] = sig_buffer.read_string
+
+      return result
+    end
+  end
+end; end; end; end

data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb

@@ -0,0 +1,13 @@
+module Net; module SSH; module Transport; module Kex
+
+  # A key-exchange service implementing the "ecdh-sha2-nistp256"
+  # key-exchange algorithm. (defined in RFC 5656)
+  class EcdhSHA2NistP384 < EcdhSHA2NistP256
+    def digester
+      OpenSSL::Digest::SHA384
+    end
+    def curve_name
+      OpenSSL::PKey::EC::CurveNameAlias['nistp384']
+    end
+  end
+end; end; end; end

data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb

@@ -0,0 +1,13 @@
+module Net; module SSH; module Transport; module Kex
+
+  # A key-exchange service implementing the "ecdh-sha2-nistp521"
+  # key-exchange algorithm. (defined in RFC 5656)
+  class EcdhSHA2NistP521 < EcdhSHA2NistP256
+    def digester
+      OpenSSL::Digest::SHA512
+    end
+    def curve_name
+      OpenSSL::PKey::EC::CurveNameAlias['nistp521']
+    end
+  end
+end; end; end; end

data/lib/net/ssh/transport/openssl.rb

@@ -1,3 +1,4 @@
+# -*- coding: utf-8 -*-
 require 'openssl'
 
 module OpenSSL
@@ -122,6 +123,115 @@ module OpenSSL
       end
     end
 
-  end
+    if defined?(OpenSSL::PKey::EC)
+      # This class is originally defined in the OpenSSL module. As needed, methods
+      # have been added to it by the Net::SSH module for convenience in dealing
+      # with SSH functionality.
+      class EC
+        CurveNameAlias = {
+          "nistp256" => "prime256v1",
+          "nistp384" => "secp384r1",
+          "nistp521" => "secp521r1",
+        }
+
+        CurveNameAliasInv = {
+          "prime256v1" => "nistp256",
+          "secp384r1" => "nistp384",
+          "secp521r1" => "nistp521",
+        }
+
+        def self.read_keyblob(curve_name_in_type, buffer)
+          curve_name_in_key = buffer.read_string
+          unless curve_name_in_type == curve_name_in_key
+            raise Net::SSH::Exception, "curve name mismatched (`#{curve_name_in_key}' with `#{curve_name_in_type}')"
+          end
+          public_key_oct = buffer.read_string
+          begin
+            key = OpenSSL::PKey::EC.new(OpenSSL::PKey::EC::CurveNameAlias[curve_name_in_key])
+            group = key.group
+            point = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(public_key_oct, 2))
+            key.public_key = point
+
+            return key
+          rescue OpenSSL::PKey::ECError => e
+            raise NotImplementedError, "unsupported key type `#{type}'"
+          end
+
+        end
+
+        # Returns the description of this key type used by the
+        # SSH2 protocol, like "ecdsa-sha2-nistp256"
+        def ssh_type
+          "ecdsa-sha2-#{CurveNameAliasInv[self.group.curve_name]}"
+        end
 
+        def digester
+          if self.group.curve_name =~ /^[a-z]+(\d+)\w*\z/
+            curve_size = $1.to_i
+            if curve_size <= 256
+              OpenSSL::Digest::SHA256.new
+            elsif curve_size <= 384
+              OpenSSL::Digest::SHA384.new
+            else
+              OpenSSL::Digest::SHA512.new
+            end
+          else
+            OpenSSL::Digest::SHA256.new
+          end
+        end
+        private :digester
+
+        # Converts the key to a blob, according to the SSH2 protocol.
+        def to_blob
+          @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
+                                          :string, CurveNameAliasInv[self.group.curve_name],
+                                          :string, self.public_key.to_bn.to_s(2)).to_s
+          @blob
+        end
+
+        # Verifies the given signature matches the given data.
+        def ssh_do_verify(sig, data)
+          digest = digester.digest(data)
+          a1sig = nil
+
+          begin
+            sig_r_len = sig[0,4].unpack("H*")[0].to_i(16)
+            sig_l_len = sig[4+sig_r_len,4].unpack("H*")[0].to_i(16)
+
+            sig_r = sig[4,sig_r_len].unpack("H*")[0]
+            sig_s = sig[4+sig_r_len+4,sig_l_len].unpack("H*")[0]
+
+            a1sig = OpenSSL::ASN1::Sequence([
+              OpenSSL::ASN1::Integer(sig_r.to_i(16)),
+              OpenSSL::ASN1::Integer(sig_s.to_i(16)),
+            ])
+          rescue
+          end
+
+          if a1sig == nil
+            return false
+          else
+            dsa_verify_asn1(digest, a1sig.to_der)
+          end
+        end
+
+        # Returns the signature for the given data.
+        def ssh_do_sign(data)
+          digest = digester.digest(data)
+          sig = dsa_sign_asn1(digest)
+          a1sig = OpenSSL::ASN1.decode( sig )
+
+          sig_r = a1sig.value[0].value
+          sig_s = a1sig.value[1].value
+
+          return Net::SSH::Buffer.from(:bignum, sig_r, :bignum, sig_s).to_s
+        end
+      end
+    else
+      class OpenSSL::PKey::ECError < RuntimeError
+        # for compatibility with interpreters
+        # without EC support (i.e. JRuby)
+      end
+    end
+  end
 end

data/lib/net/ssh/version.rb

@@ -48,7 +48,7 @@ module Net; module SSH
     MAJOR = 2
 
     # The minor component of this version of the Net::SSH library
-    MINOR = 4
+    MINOR = 5
 
     # The tiny component of this version of the Net::SSH library
     TINY  = 0

data/net-ssh.gemspec

@@ -1,7 +1,7 @@
 @spec = Gem::Specification.new do |s|
   s.name = "net-ssh"
   s.rubyforge_project = 'net-ssh'
-  s.version = "2.4.0"
+  s.version = "2.5.0"
   s.summary = "Net::SSH: a pure-Ruby implementation of the SSH2 client protocol."
   s.description = s.summary + " It allows you to write programs that invoke and interact with processes on remote servers, via SSH2."
   s.authors = ["Jamis Buck", "Delano Mandelbaum"]
@@ -31,8 +31,6 @@
   THANKS.rdoc
   lib/net/ssh.rb
   lib/net/ssh/authentication/agent.rb
-  lib/net/ssh/authentication/agent/java_pageant.rb
-  lib/net/ssh/authentication/agent/socket.rb
   lib/net/ssh/authentication/constants.rb
   lib/net/ssh/authentication/key_manager.rb
   lib/net/ssh/authentication/methods/abstract.rb
@@ -74,11 +72,13 @@
   lib/net/ssh/transport/algorithms.rb
   lib/net/ssh/transport/cipher_factory.rb
   lib/net/ssh/transport/constants.rb
+  lib/net/ssh/transport/ctr.rb
   lib/net/ssh/transport/hmac.rb
   lib/net/ssh/transport/hmac/abstract.rb
   lib/net/ssh/transport/hmac/md5.rb
   lib/net/ssh/transport/hmac/md5_96.rb
   lib/net/ssh/transport/hmac/none.rb
+  lib/net/ssh/transport/hmac/ripemd160.rb
   lib/net/ssh/transport/hmac/sha1.rb
   lib/net/ssh/transport/hmac/sha1_96.rb
   lib/net/ssh/transport/hmac/sha2_256.rb
@@ -89,8 +89,12 @@
   lib/net/ssh/transport/key_expander.rb
   lib/net/ssh/transport/kex.rb
   lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb
+  lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb
   lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb
   lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha256.rb
+  lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb
+  lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb
+  lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb
   lib/net/ssh/transport/openssl.rb
   lib/net/ssh/transport/packet_stream.rb
   lib/net/ssh/transport/server_version.rb
@@ -129,6 +133,7 @@
   test/transport/hmac/test_md5.rb
   test/transport/hmac/test_md5_96.rb
   test/transport/hmac/test_none.rb
+  test/transport/hmac/test_ripemd160.rb
   test/transport/hmac/test_sha1.rb
   test/transport/hmac/test_sha1_96.rb
   test/transport/hmac/test_sha2_256.rb
@@ -136,8 +141,12 @@
   test/transport/hmac/test_sha2_512.rb
   test/transport/hmac/test_sha2_512_96.rb
   test/transport/kex/test_diffie_hellman_group1_sha1.rb
+  test/transport/kex/test_diffie_hellman_group14_sha1.rb
   test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb
   test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb
+  test/transport/kex/test_ecdh_sha2_nistp256.rb
+  test/transport/kex/test_ecdh_sha2_nistp384.rb
+  test/transport/kex/test_ecdh_sha2_nistp521.rb
   test/transport/test_algorithms.rb
   test/transport/test_cipher_factory.rb
   test/transport/test_hmac.rb
@@ -148,5 +157,4 @@
   test/transport/test_state.rb
   )
 
-
 end

data/test/authentication/test_key_manager.rb

@@ -62,6 +62,28 @@ module Authentication
       assert_equal({:from => :agent}, manager.known_identities[dsa])
     end
 
+    if defined?(OpenSSL::PKey::EC)
+      def test_identities_with_ecdsa_should_load_from_agent
+        manager.stubs(:agent).returns(agent_with_ecdsa_keys)
+
+        identities = []
+        manager.each_identity { |identity| identities << identity }
+        assert_equal 5, identities.length
+
+        assert_equal rsa.to_blob, identities[0].to_blob
+        assert_equal dsa.to_blob, identities[1].to_blob
+        assert_equal ecdsa_sha2_nistp256.to_blob, identities[2].to_blob
+        assert_equal ecdsa_sha2_nistp384.to_blob, identities[3].to_blob
+        assert_equal ecdsa_sha2_nistp521.to_blob, identities[4].to_blob
+
+        assert_equal({:from => :agent}, manager.known_identities[rsa])
+        assert_equal({:from => :agent}, manager.known_identities[dsa])
+        assert_equal({:from => :agent}, manager.known_identities[ecdsa_sha2_nistp256])
+        assert_equal({:from => :agent}, manager.known_identities[ecdsa_sha2_nistp384])
+        assert_equal({:from => :agent}, manager.known_identities[ecdsa_sha2_nistp521])
+      end
+    end
+
     def test_only_identities_with_key_files_should_load_from_agent_of_keys_only_set
       manager(:keys_only => true).stubs(:agent).returns(agent)
 
@@ -139,7 +161,11 @@ module Authentication
           Net::SSH::KeyFactory.expects(:load_private_key).with(name, nil, any_of(true, false)).returns(key).at_least_once
         end
 
-        key.stubs(:public_key).returns(key)
+        # do not override OpenSSL::PKey::EC#public_key
+        # (it will be called in transport/openssl.rb.)
+        unless defined?(OpenSSL::PKey::EC) && key.public_key.kind_of?(OpenSSL::PKey::EC::Point)
+          key.stubs(:public_key).returns(key)
+        end
       end
 
       def stub_file_public_key(name, key)
@@ -158,10 +184,31 @@ module Authentication
         @dsa ||= OpenSSL::PKey::DSA.new(512)
       end
 
+      if defined?(OpenSSL::PKey::EC)
+        def ecdsa_sha2_nistp256
+          @ecdsa_sha2_nistp256 ||= OpenSSL::PKey::EC.new("prime256v1").generate_key
+        end
+
+        def ecdsa_sha2_nistp384
+          @ecdsa_sha2_nistp384 ||= OpenSSL::PKey::EC.new("secp384r1").generate_key
+        end
+
+        def ecdsa_sha2_nistp521
+          @ecdsa_sha2_nistp521 ||= OpenSSL::PKey::EC.new("secp521r1").generate_key
+        end
+      end
+
       def agent
         @agent ||= stub("agent", :identities => [rsa, dsa])
       end
 
+      def agent_with_ecdsa_keys
+        @agent ||= stub("agent", :identities => [rsa, dsa,
+                                                 ecdsa_sha2_nistp256,
+                                                 ecdsa_sha2_nistp384,
+                                                 ecdsa_sha2_nistp521])
+      end
+
       def manager(options = {})
         @manager ||= Net::SSH::Authentication::KeyManager.new(nil, options)
       end