net-ssh 2.4.0 → 2.5.0
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.rdoc +21 -0
- data/Manifest +11 -0
- data/lib/net/ssh/authentication/key_manager.rb +1 -1
- data/lib/net/ssh/authentication/session.rb +12 -4
- data/lib/net/ssh/buffer.rb +12 -2
- data/lib/net/ssh/key_factory.rb +7 -2
- data/lib/net/ssh/known_hosts.rb +12 -2
- data/lib/net/ssh/ruby_compat.rb +8 -0
- data/lib/net/ssh/transport/algorithms.rb +22 -1
- data/lib/net/ssh/transport/cipher_factory.rb +32 -5
- data/lib/net/ssh/transport/constants.rb +3 -1
- data/lib/net/ssh/transport/ctr.rb +95 -0
- data/lib/net/ssh/transport/hmac.rb +8 -5
- data/lib/net/ssh/transport/hmac/ripemd160.rb +13 -0
- data/lib/net/ssh/transport/kex.rb +11 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +44 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +11 -3
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +93 -0
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb +13 -0
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb +13 -0
- data/lib/net/ssh/transport/openssl.rb +111 -1
- data/lib/net/ssh/version.rb +1 -1
- data/net-ssh.gemspec +12 -4
- data/test/authentication/test_key_manager.rb +48 -1
- data/test/test_buffer.rb +92 -2
- data/test/test_key_factory.rb +42 -0
- data/test/transport/hmac/test_ripemd160.rb +34 -0
- data/test/transport/kex/test_diffie_hellman_group14_sha1.rb +13 -0
- data/test/transport/kex/test_ecdh_sha2_nistp256.rb +161 -0
- data/test/transport/kex/test_ecdh_sha2_nistp384.rb +37 -0
- data/test/transport/kex/test_ecdh_sha2_nistp521.rb +37 -0
- data/test/transport/test_algorithms.rb +41 -19
- data/test/transport/test_cipher_factory.rb +255 -27
- data/test/transport/test_packet_stream.rb +1009 -0
- metadata +13 -4
- data/lib/net/ssh/authentication/agent/java_pageant.rb +0 -85
- data/lib/net/ssh/authentication/agent/socket.rb +0 -170
@@ -17,13 +17,18 @@ module Transport
|
|
17
17
|
end
|
18
18
|
|
19
19
|
def test_constructor_should_build_default_list_of_preferred_algorithms
|
20
|
-
|
21
|
-
|
22
|
-
|
20
|
+
if defined?(OpenSSL::PKey::EC)
|
21
|
+
assert_equal %w(ssh-rsa ssh-dss ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521), algorithms[:host_key]
|
22
|
+
assert_equal %w(diffie-hellman-group-exchange-sha1 diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521), algorithms[:kex]
|
23
|
+
else
|
24
|
+
assert_equal %w(ssh-rsa ssh-dss), algorithms[:host_key]
|
25
|
+
assert_equal %w(diffie-hellman-group-exchange-sha1 diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256), algorithms[:kex]
|
26
|
+
end
|
27
|
+
assert_equal %w(aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se idea-cbc none arcfour128 arcfour256 arcfour aes128-ctr aes192-ctr aes256-ctr camellia128-cbc camellia192-cbc camellia256-cbc camellia128-cbc@openssh.org camellia192-cbc@openssh.org camellia256-cbc@openssh.org camellia128-ctr camellia192-ctr camellia256-ctr camellia128-ctr@openssh.org camellia192-ctr@openssh.org camellia256-ctr@openssh.org cast128-ctr blowfish-ctr 3des-ctr), algorithms[:encryption]
|
23
28
|
if defined?(OpenSSL::Digest::SHA256)
|
24
|
-
assert_equal %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms[:hmac]
|
29
|
+
assert_equal %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 hmac-ripemd160 hmac-ripemd160@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms[:hmac]
|
25
30
|
else
|
26
|
-
assert_equal %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 none), algorithms[:hmac]
|
31
|
+
assert_equal %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 hmac-ripemd160 hmac-ripemd160@openssh.com none), algorithms[:hmac]
|
27
32
|
end
|
28
33
|
assert_equal %w(none zlib@openssh.com zlib), algorithms[:compression]
|
29
34
|
assert_equal %w(), algorithms[:language]
|
@@ -37,12 +42,20 @@ module Transport
|
|
37
42
|
end
|
38
43
|
|
39
44
|
def test_constructor_with_preferred_host_key_type_should_put_preferred_host_key_type_first
|
40
|
-
|
45
|
+
if defined?(OpenSSL::PKey::EC)
|
46
|
+
assert_equal %w(ssh-dss ssh-rsa ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521), algorithms(:host_key => "ssh-dss")[:host_key]
|
47
|
+
else
|
48
|
+
assert_equal %w(ssh-dss ssh-rsa), algorithms(:host_key => "ssh-dss")[:host_key]
|
49
|
+
end
|
41
50
|
end
|
42
51
|
|
43
52
|
def test_constructor_with_known_hosts_reporting_known_host_key_should_use_that_host_key_type
|
44
53
|
Net::SSH::KnownHosts.expects(:search_for).with("net.ssh.test,127.0.0.1", {}).returns([stub("key", :ssh_type => "ssh-dss")])
|
45
|
-
|
54
|
+
if defined?(OpenSSL::PKey::EC)
|
55
|
+
assert_equal %w(ssh-dss ssh-rsa ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521), algorithms[:host_key]
|
56
|
+
else
|
57
|
+
assert_equal %w(ssh-dss ssh-rsa), algorithms[:host_key]
|
58
|
+
end
|
46
59
|
end
|
47
60
|
|
48
61
|
def test_constructor_with_unrecognized_host_key_type_should_raise_exception
|
@@ -50,7 +63,11 @@ module Transport
|
|
50
63
|
end
|
51
64
|
|
52
65
|
def test_constructor_with_preferred_kex_should_put_preferred_kex_first
|
53
|
-
|
66
|
+
if defined?(OpenSSL::PKey::EC)
|
67
|
+
assert_equal %w(diffie-hellman-group1-sha1 diffie-hellman-group-exchange-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521), algorithms(:kex => "diffie-hellman-group1-sha1")[:kex]
|
68
|
+
else
|
69
|
+
assert_equal %w(diffie-hellman-group1-sha1 diffie-hellman-group-exchange-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256), algorithms(:kex => "diffie-hellman-group1-sha1")[:kex]
|
70
|
+
end
|
54
71
|
end
|
55
72
|
|
56
73
|
def test_constructor_with_unrecognized_kex_should_raise_exception
|
@@ -58,11 +75,11 @@ module Transport
|
|
58
75
|
end
|
59
76
|
|
60
77
|
def test_constructor_with_preferred_encryption_should_put_preferred_encryption_first
|
61
|
-
assert_equal %w(aes256-cbc aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc rijndael-cbc@lysator.liu.se idea-cbc none arcfour128 arcfour256), algorithms(:encryption => "aes256-cbc")[:encryption]
|
78
|
+
assert_equal %w(aes256-cbc aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc rijndael-cbc@lysator.liu.se idea-cbc none arcfour128 arcfour256 arcfour aes128-ctr aes192-ctr aes256-ctr camellia128-cbc camellia192-cbc camellia256-cbc camellia128-cbc@openssh.org camellia192-cbc@openssh.org camellia256-cbc@openssh.org camellia128-ctr camellia192-ctr camellia256-ctr camellia128-ctr@openssh.org camellia192-ctr@openssh.org camellia256-ctr@openssh.org cast128-ctr blowfish-ctr 3des-ctr), algorithms(:encryption => "aes256-cbc")[:encryption]
|
62
79
|
end
|
63
80
|
|
64
81
|
def test_constructor_with_multiple_preferred_encryption_should_put_all_preferred_encryption_first
|
65
|
-
assert_equal %w(aes256-cbc 3des-cbc idea-cbc aes128-cbc blowfish-cbc cast128-cbc aes192-cbc rijndael-cbc@lysator.liu.se none arcfour128 arcfour256), algorithms(:encryption => %w(aes256-cbc 3des-cbc idea-cbc))[:encryption]
|
82
|
+
assert_equal %w(aes256-cbc 3des-cbc idea-cbc aes128-cbc blowfish-cbc cast128-cbc aes192-cbc rijndael-cbc@lysator.liu.se none arcfour128 arcfour256 arcfour aes128-ctr aes192-ctr aes256-ctr camellia128-cbc camellia192-cbc camellia256-cbc camellia128-cbc@openssh.org camellia192-cbc@openssh.org camellia256-cbc@openssh.org camellia128-ctr camellia192-ctr camellia256-ctr camellia128-ctr@openssh.org camellia192-ctr@openssh.org camellia256-ctr@openssh.org cast128-ctr blowfish-ctr 3des-ctr), algorithms(:encryption => %w(aes256-cbc 3des-cbc idea-cbc))[:encryption]
|
66
83
|
end
|
67
84
|
|
68
85
|
def test_constructor_with_unrecognized_encryption_should_raise_exception
|
@@ -70,11 +87,11 @@ module Transport
|
|
70
87
|
end
|
71
88
|
|
72
89
|
def test_constructor_with_preferred_hmac_should_put_preferred_hmac_first
|
73
|
-
assert_equal %w(hmac-md5-96 hmac-sha1 hmac-md5 hmac-sha1-96 hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms(:hmac => "hmac-md5-96")[:hmac]
|
90
|
+
assert_equal %w(hmac-md5-96 hmac-sha1 hmac-md5 hmac-sha1-96 hmac-ripemd160 hmac-ripemd160@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms(:hmac => "hmac-md5-96")[:hmac]
|
74
91
|
end
|
75
92
|
|
76
93
|
def test_constructor_with_multiple_preferred_hmac_should_put_all_preferred_hmac_first
|
77
|
-
assert_equal %w(hmac-md5-96 hmac-sha1-96 hmac-sha1 hmac-md5 hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms(:hmac => %w(hmac-md5-96 hmac-sha1-96))[:hmac]
|
94
|
+
assert_equal %w(hmac-md5-96 hmac-sha1-96 hmac-sha1 hmac-md5 hmac-ripemd160 hmac-ripemd160@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms(:hmac => %w(hmac-md5-96 hmac-sha1-96))[:hmac]
|
78
95
|
end
|
79
96
|
|
80
97
|
def test_constructor_with_unrecognized_hmac_should_raise_exception
|
@@ -256,7 +273,7 @@ module Transport
|
|
256
273
|
def kexinit(options={})
|
257
274
|
@kexinit ||= P(:byte, KEXINIT,
|
258
275
|
:long, rand(0xFFFFFFFF), :long, rand(0xFFFFFFFF), :long, rand(0xFFFFFFFF), :long, rand(0xFFFFFFFF),
|
259
|
-
:string, options[:kex] || "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha256",
|
276
|
+
:string, options[:kex] || "diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha256",
|
260
277
|
:string, options[:host_key] || "ssh-rsa,ssh-dss",
|
261
278
|
:string, options[:encryption_client] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc",
|
262
279
|
:string, options[:encryption_server] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc",
|
@@ -272,12 +289,17 @@ module Transport
|
|
272
289
|
def assert_kexinit(buffer, options={})
|
273
290
|
assert_equal KEXINIT, buffer.type
|
274
291
|
assert_equal 16, buffer.read(16).length
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
292
|
+
if defined?(OpenSSL::PKey::EC)
|
293
|
+
assert_equal options[:kex] || "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521", buffer.read_string
|
294
|
+
assert_equal options[:host_key] || "ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521", buffer.read_string
|
295
|
+
else
|
296
|
+
assert_equal options[:kex] || "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256", buffer.read_string
|
297
|
+
assert_equal options[:host_key] || "ssh-rsa,ssh-dss", buffer.read_string
|
298
|
+
end
|
299
|
+
assert_equal options[:encryption_client] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc,none,arcfour128,arcfour256,arcfour,aes128-ctr,aes192-ctr,aes256-ctr,camellia128-cbc,camellia192-cbc,camellia256-cbc,camellia128-cbc@openssh.org,camellia192-cbc@openssh.org,camellia256-cbc@openssh.org,camellia128-ctr,camellia192-ctr,camellia256-ctr,camellia128-ctr@openssh.org,camellia192-ctr@openssh.org,camellia256-ctr@openssh.org,cast128-ctr,blowfish-ctr,3des-ctr", buffer.read_string
|
300
|
+
assert_equal options[:encryption_server] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc,none,arcfour128,arcfour256,arcfour,aes128-ctr,aes192-ctr,aes256-ctr,camellia128-cbc,camellia192-cbc,camellia256-cbc,camellia128-cbc@openssh.org,camellia192-cbc@openssh.org,camellia256-cbc@openssh.org,camellia128-ctr,camellia192-ctr,camellia256-ctr,camellia128-ctr@openssh.org,camellia192-ctr@openssh.org,camellia256-ctr@openssh.org,cast128-ctr,blowfish-ctr,3des-ctr", buffer.read_string
|
301
|
+
assert_equal options[:hmac_client] || "hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-96,hmac-sha2-512-96,none", buffer.read_string
|
302
|
+
assert_equal options[:hmac_server] || "hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-96,hmac-sha2-512-96,none", buffer.read_string
|
281
303
|
assert_equal options[:compression_client] || "none,zlib@openssh.com,zlib", buffer.read_string
|
282
304
|
assert_equal options[:compression_server] || "none,zlib@openssh.com,zlib", buffer.read_string
|
283
305
|
assert_equal options[:language_client] || "", buffer.read_string
|
@@ -35,18 +35,22 @@ module Transport
|
|
35
35
|
assert_equal [24,8], factory.get_lengths("3des-cbc")
|
36
36
|
end
|
37
37
|
|
38
|
-
def test_lengths_for_aes192_cbc
|
39
|
-
assert_equal [24,16], factory.get_lengths("aes192-cbc")
|
40
|
-
end
|
41
|
-
|
42
38
|
def test_lengths_for_aes128_cbc
|
43
39
|
assert_equal [16,16], factory.get_lengths("aes128-cbc")
|
44
40
|
end
|
45
41
|
|
42
|
+
def test_lengths_for_aes192_cbc
|
43
|
+
assert_equal [24,16], factory.get_lengths("aes192-cbc")
|
44
|
+
end
|
45
|
+
|
46
46
|
def test_lengths_for_aes256_cbc
|
47
47
|
assert_equal [32,16], factory.get_lengths("aes256-cbc")
|
48
48
|
end
|
49
49
|
|
50
|
+
def test_lengths_for_arcfour
|
51
|
+
assert_equal [16,8], factory.get_lengths("arcfour")
|
52
|
+
end
|
53
|
+
|
50
54
|
def test_lengths_for_arcfour128
|
51
55
|
assert_equal [16,8], factory.get_lengths("arcfour128")
|
52
56
|
end
|
@@ -58,26 +62,86 @@ module Transport
|
|
58
62
|
def test_lengths_for_arcfour512
|
59
63
|
assert_equal [64,8], factory.get_lengths("arcfour512")
|
60
64
|
end
|
61
|
-
|
62
|
-
|
65
|
+
|
66
|
+
if_supported?("camellia128-cbc@openssh.org") do
|
67
|
+
def test_lengths_for_camellia128_cbc_openssh_org
|
68
|
+
assert_equal [16,16], factory.get_lengths("camellia128-cbc@openssh.org")
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
if_supported?("camellia192-cbc@openssh.org") do
|
73
|
+
def test_lengths_for_camellia192_cbc_openssh_org
|
74
|
+
assert_equal [24,16], factory.get_lengths("camellia192-cbc@openssh.org")
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
if_supported?("camellia256-cbc@openssh.org") do
|
79
|
+
def test_lengths_for_camellia256_cbc_openssh_org
|
80
|
+
assert_equal [32,16], factory.get_lengths("camellia256-cbc@openssh.org")
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
def test_lengths_for_3des_ctr
|
85
|
+
assert_equal [24,8], factory.get_lengths("3des-ctr")
|
86
|
+
end
|
87
|
+
|
88
|
+
def test_lengths_for_aes128_ctr
|
89
|
+
assert_equal [16,16], factory.get_lengths("aes128-ctr")
|
90
|
+
end
|
91
|
+
|
92
|
+
def test_lengths_for_aes192_ctr
|
93
|
+
assert_equal [24,16], factory.get_lengths("aes192-ctr")
|
94
|
+
end
|
95
|
+
|
96
|
+
def test_lengths_for_aes256_ctr
|
97
|
+
assert_equal [32,16], factory.get_lengths("aes256-ctr")
|
98
|
+
end
|
99
|
+
|
100
|
+
def test_lengths_for_blowfish_ctr
|
101
|
+
assert_equal [16,8], factory.get_lengths("blowfish-ctr")
|
102
|
+
end
|
103
|
+
|
104
|
+
def test_lengths_for_cast128_ctr
|
105
|
+
assert_equal [16,8], factory.get_lengths("cast128-ctr")
|
106
|
+
end
|
107
|
+
|
108
|
+
if_supported?("camellia128-ctr@openssh.org") do
|
109
|
+
def test_lengths_for_camellia128_ctr_openssh_org
|
110
|
+
assert_equal [16,16], factory.get_lengths("camellia128-ctr@openssh.org")
|
111
|
+
end
|
112
|
+
end
|
113
|
+
|
114
|
+
if_supported?("camellia192-ctr@openssh.org") do
|
115
|
+
def test_lengths_for_camellia192_ctr_openssh_org
|
116
|
+
assert_equal [24,16], factory.get_lengths("camellia192-ctr@openssh.org")
|
117
|
+
end
|
118
|
+
end
|
119
|
+
|
120
|
+
if_supported?("camellia256-ctr@openssh.org") do
|
121
|
+
def test_lengths_for_camellia256_ctr_openssh_org
|
122
|
+
assert_equal [32,16], factory.get_lengths("camellia256-ctr@openssh.org")
|
123
|
+
end
|
124
|
+
end
|
125
|
+
|
126
|
+
BLOWFISH_CBC = "\210\021\200\315\240_\026$\352\204g\233\244\242x\332e\370\001\327\224Nv@9_\323\037\252kb\037\036\237\375]\343/y\037\237\312Q\f7]\347Y\005\275%\377\0010$G\272\250B\265Nd\375\342\372\025r6}+Y\213y\n\237\267\\\374^\346BdJ$\353\220Ik\023<\236&H\277=\225"
|
63
127
|
|
64
128
|
def test_blowfish_cbc_for_encryption
|
65
|
-
assert_equal
|
129
|
+
assert_equal BLOWFISH_CBC, encrypt("blowfish-cbc")
|
66
130
|
end
|
67
131
|
|
68
132
|
def test_blowfish_cbc_for_decryption
|
69
|
-
assert_equal TEXT, decrypt("blowfish-cbc",
|
133
|
+
assert_equal TEXT, decrypt("blowfish-cbc", BLOWFISH_CBC)
|
70
134
|
end
|
71
135
|
|
72
136
|
if_supported?("idea-cbc") do
|
73
|
-
|
137
|
+
IDEA_CBC = "W\234\017G\231\b\357\370H\b\256U]\343M\031k\233]~\023C\363\263\177\262-\261\341$\022\376mv\217\322\b\2763\270H\306\035\343z\313\312\3531\351\t\201\302U\022\360\300\354ul7$z\320O]\360g\024\305\005`V\005\335A\351\312\270c\320D\232\eQH1\340\265\2118\031g*\303v"
|
74
138
|
|
75
139
|
def test_idea_cbc_for_encryption
|
76
|
-
assert_equal
|
140
|
+
assert_equal IDEA_CBC, encrypt("idea-cbc")
|
77
141
|
end
|
78
142
|
|
79
143
|
def test_idea_cbc_for_decryption
|
80
|
-
assert_equal TEXT, decrypt("idea-cbc",
|
144
|
+
assert_equal TEXT, decrypt("idea-cbc", IDEA_CBC)
|
81
145
|
end
|
82
146
|
end
|
83
147
|
|
@@ -91,54 +155,64 @@ module Transport
|
|
91
155
|
assert_equal TEXT, decrypt("rijndael-cbc@lysator.liu.se", RIJNDAEL)
|
92
156
|
end
|
93
157
|
|
94
|
-
|
158
|
+
CAST128_CBC = "qW\302\331\333P\223t[9 ~(sg\322\271\227\272\022I\223\373p\255>k\326\314\260\2003\236C_W\211\227\373\205>\351\334\322\227\223\e\236\202Ii\032!P\214\035:\017\360h7D\371v\210\264\317\236a\262w1\2772\023\036\331\227\240:\f/X\351\324I\t[x\350\323E\2301\016m"
|
95
159
|
|
96
160
|
def test_cast128_cbc_for_encryption
|
97
|
-
assert_equal
|
161
|
+
assert_equal CAST128_CBC, encrypt("cast128-cbc")
|
98
162
|
end
|
99
163
|
|
100
164
|
def test_cast128_cbc_for_decryption
|
101
|
-
assert_equal TEXT, decrypt("cast128-cbc",
|
165
|
+
assert_equal TEXT, decrypt("cast128-cbc", CAST128_CBC)
|
102
166
|
end
|
103
167
|
|
104
|
-
|
168
|
+
TRIPLE_DES_CBC = "\322\252\216D\303Q\375gg\367A{\177\313\3436\272\353%\223K?\257\206|\r&\353/%\340\336 \203E8rY\206\234\004\274\267\031\233T/{\"\227/B!i?[qGaw\306T\206\223\213n \212\032\244%]@\355\250\334\312\265E\251\017\361\270\357\230\274KP&^\031r+r%\370"
|
105
169
|
|
106
170
|
def test_3des_cbc_for_encryption
|
107
|
-
assert_equal
|
171
|
+
assert_equal TRIPLE_DES_CBC, encrypt("3des-cbc")
|
108
172
|
end
|
109
173
|
|
110
174
|
def test_3des_cbc_for_decryption
|
111
|
-
assert_equal TEXT, decrypt("3des-cbc",
|
175
|
+
assert_equal TEXT, decrypt("3des-cbc", TRIPLE_DES_CBC)
|
112
176
|
end
|
113
177
|
|
114
|
-
|
178
|
+
AES128_CBC = "k\026\350B\366-k\224\313\3277}B\035\004\200\035\r\233\024$\205\261\231Q\2214r\245\250\360\315\237\266hg\262C&+\321\346Pf\267v\376I\215P\327\345-\232&HK\375\326_\030<\a\276\212\303g\342C\242O\233\260\006\001a&V\345`\\T\e\236.\207\223l\233ri^\v\252\363\245"
|
115
179
|
|
116
180
|
def test_aes128_cbc_for_encryption
|
117
|
-
assert_equal
|
181
|
+
assert_equal AES128_CBC, encrypt("aes128-cbc")
|
118
182
|
end
|
119
183
|
|
120
184
|
def test_aes128_cbc_for_decryption
|
121
|
-
assert_equal TEXT, decrypt("aes128-cbc",
|
185
|
+
assert_equal TEXT, decrypt("aes128-cbc", AES128_CBC)
|
122
186
|
end
|
123
187
|
|
124
|
-
|
188
|
+
AES192_CBC = "\256\017)x\270\213\336\303L\003f\235'jQ\3231k9\225\267\242\364C4\370\224\201\302~\217I\202\374\2167='\272\037\225\223\177Y\r\212\376(\275\n\3553\377\177\252C\254\236\016MA\274Z@H\331<\rL\317\205\323[\305X8\376\237=\374\352bH9\244\0231\353\204\352p\226\326~J\242"
|
125
189
|
|
126
190
|
def test_aes192_cbc_for_encryption
|
127
|
-
assert_equal
|
191
|
+
assert_equal AES192_CBC, encrypt("aes192-cbc")
|
128
192
|
end
|
129
193
|
|
130
194
|
def test_aes192_cbc_for_decryption
|
131
|
-
assert_equal TEXT, decrypt("aes192-cbc",
|
195
|
+
assert_equal TEXT, decrypt("aes192-cbc", AES192_CBC)
|
132
196
|
end
|
133
197
|
|
134
|
-
|
198
|
+
AES256_CBC = "$\253\271\255\005Z\354\336&\312\324\221\233\307Mj\315\360\310Fk\241EfN\037\231\213\361{'\310\204\347I\343\271\005\240`\325;\034\346uM>#\241\231C`\374\261\vo\226;Z\302:\b\250\366T\330\\#V\330\340\226\363\374!\bm\266\232\207!\232\347\340\t\307\370\356z\236\343=v\210\206y"
|
135
199
|
|
136
200
|
def test_aes256_cbc_for_encryption
|
137
|
-
assert_equal
|
201
|
+
assert_equal AES256_CBC, encrypt("aes256-cbc")
|
138
202
|
end
|
139
203
|
|
140
204
|
def test_aes256_cbc_for_decryption
|
141
|
-
assert_equal TEXT, decrypt("aes256-cbc",
|
205
|
+
assert_equal TEXT, decrypt("aes256-cbc", AES256_CBC)
|
206
|
+
end
|
207
|
+
|
208
|
+
ARCFOUR = "\xC1.\x1AdH\xD0+%\xF1CrG\x1C\xCC\xF6\xACho\xB0\x95\\\xBC\x02P\xF9\xAF\n\xBB<\x13\xF3\xCF\xEB\n\b(iO\xFB'\t^?\xA6\xE5a\xE2\x17\f\x97\xCAs\x9E\xFC\xF2\x88\xC93\v\x84\xCA\x82\x0E\x1D\x11\xEA\xE1\x82\x8E\xB3*\xC5\xFB\x8Cmgs\xB0\xFA\xF5\x9C\\\xE2\xB0\x95\x1F>LT"
|
209
|
+
|
210
|
+
def test_arcfour_for_encryption
|
211
|
+
assert_equal ARCFOUR, encrypt("arcfour")
|
212
|
+
end
|
213
|
+
|
214
|
+
def test_arcfour_for_decryption
|
215
|
+
assert_equal TEXT, decrypt("arcfour", ARCFOUR)
|
142
216
|
end
|
143
217
|
|
144
218
|
ARCFOUR128 = "\n\x90\xED*\xD4\xBE\xCBg5\xA5\a\xEC]\x97\xB7L\x06)6\x12FL\x90@\xF4Sqxqh\r\x11\x1Aq \xC8\xE6v\xC6\x12\xD9<A\xDAZ\xFE\x7F\x88\x19f.\x06\xA7\xFE:\xFF\x93\x9B\x8D\xA0\\\x9E\xCA\x03\x15\xE1\xE2\f\xC0\b\xA2C\xE1\xBD\xB6\x13D\xD1\xB4'g\x89\xDC\xEB\f\x19Z)U"
|
@@ -170,7 +244,161 @@ module Transport
|
|
170
244
|
def test_arcfour512_for_decryption
|
171
245
|
assert_equal TEXT, decrypt("arcfour512", ARCFOUR512)
|
172
246
|
end
|
173
|
-
|
247
|
+
|
248
|
+
if_supported?("camellia128-cbc@openssh.org") do
|
249
|
+
CAMELLIA128_CBC = "\a\b\x83+\xF1\xC5m\a\xE1\xD3\x06\xD2NA\xC3l@\\*M\xFD\x96\xAE\xA8\xB4\xA9\xACm\"8\x8E\xEE<\xC3O[\rK\xFAgu}\xCD\xAC\xF4\x04o\xDB\x94-\xB8\"\xDC\xE7{y\xA9 \x8F=y\x85\x82v\xC8\xCA\x8A\xE9\xE3:\xC4,u=a/\xC0\x05\xDA\xDAk8g\xCB\xD9\xA8\xE6\xFE\xCE_\x8E\x97\xF0\xAC\xB6\xCE"
|
250
|
+
def test_camellia128_cbc_for_encryption
|
251
|
+
assert_equal CAMELLIA128_CBC, encrypt("camellia128-cbc@openssh.org")
|
252
|
+
end
|
253
|
+
def test_camellia128_cbc_for_decryption
|
254
|
+
assert_equal TEXT, decrypt("camellia128-cbc@openssh.org", CAMELLIA128_CBC)
|
255
|
+
end
|
256
|
+
end
|
257
|
+
|
258
|
+
if_supported?("camellia192-cbc@openssh.org") do
|
259
|
+
CAMELLIA192_CBC = "\x82\xB2\x03\x90\xFA\f2\xA0\xE3\xFA\xF2B\xAB\xDBX\xD5\x04z\xD4G\x19\xB8\xAB\v\x85\x84\xCD:.\xBA\x9Dd\xD5(\xEB.\n\xAA]\xCB\xF3\x0F4\x8Bd\xF8m\xC9!\xE2\xA1=\xEBY\xA6\x83\x86\n\x13\e6\v\x06\xBBNJg\xF2-\x14',[\xC1\xB1.\x85\xF3\xC6\xBF\x1Ff\xCE\x87'\x9C\xB2\xC8!\xF3|\xE2\xD2\x9E\x96\xA1"
|
260
|
+
def test_camellia192_cbc_for_encryption
|
261
|
+
assert_equal CAMELLIA192_CBC, encrypt("camellia192-cbc@openssh.org")
|
262
|
+
end
|
263
|
+
def test_camellia192_cbc_for_decryption
|
264
|
+
assert_equal TEXT, decrypt("camellia192-cbc@openssh.org", CAMELLIA192_CBC)
|
265
|
+
end
|
266
|
+
end
|
267
|
+
|
268
|
+
if_supported?("camellia256-cbc@openssh.org") do
|
269
|
+
CAMELLIA256_CBC = ",\x80J/\xF5\x8F\xFE4\xF0@\n[2\xFF4\xB6\xA4\xD0\xF8\xF5*\x17I\xF3\xA2\x1F$L\xC6\xA1\x06\xDC\x84f\x1C\x10&\x1C\xC4/R\x859|i\x85ZP\xC8\x94\xED\xE8-\n@ w\x92\xF7\xD4\xAB\xF0\x85c\xC1\x0F\x1E#\xEB\xE5W\x87N!\xC7'/\xE3E8$\x1D\x9B:\xC9\xAF_\x05\xAC%\xD7\x945\xBBDK"
|
270
|
+
def test_camellia256_cbc_for_encryption
|
271
|
+
assert_equal CAMELLIA256_CBC, encrypt("camellia256-cbc@openssh.org")
|
272
|
+
end
|
273
|
+
def test_camellia256_cbc_for_decryption
|
274
|
+
assert_equal TEXT, decrypt("camellia256-cbc@openssh.org", CAMELLIA256_CBC)
|
275
|
+
end
|
276
|
+
end
|
277
|
+
|
278
|
+
BLOWFISH_CTR = "\xF5\xA6\x1E{\x8F(\x85G\xFAh\xDB\x19\xDC\xDF\xA2\x9A\x99\xDD5\xFF\xEE\x8BE\xE6\xB5\x92\x82\xE80\x91\x11`\xEF\x10\xED\xE9\xD3\vG\x0E\xAF\xB2K\t\xA4\xA6\x05\xD1\x17\x0Fl\r@E\x8DJ\e\xE63\x04\xB5\x05\x99Y\xCC\xFBb\x8FK+\x8C1v\xE4N\b?B\x06Rz\xA6\xB6N/b\xCE}\x83\x8DY\xD7\x92qU\x0F"
|
279
|
+
|
280
|
+
def test_blowfish_ctr_for_encryption
|
281
|
+
assert_equal BLOWFISH_CTR, encrypt("blowfish-ctr")
|
282
|
+
end
|
283
|
+
|
284
|
+
def test_blowfish_ctr_for_decryption
|
285
|
+
assert_equal TEXT, decrypt("blowfish-ctr", BLOWFISH_CTR)
|
286
|
+
end
|
287
|
+
|
288
|
+
CAST128_CTR = "\xB5\xBB\xC3h\x80\x90`{\xD7I\x03\xE9\x80\xC4\xC4U\xE3@\xF1\xE9\xEFX\xDB6\xEE,\x8E\xC2\xE8\x89\x17\xBArf\x81\r\x96\xDC\xB1_'\x83hs\t7\xB8@\x17\xAA\xD9;\xE8\x8E\x94\xBD\xFF\xA4K\xA4\xFA\x8F-\xCD\bO\xD9I`\xE5\xC9H\x99\x14\xC5K\xC8\xEF\xEA#\x1D\xE5\x13O\xE1^P\xDC\x1C^qm\v|c@"
|
289
|
+
|
290
|
+
def test_cast128_ctr_for_encryption
|
291
|
+
assert_equal CAST128_CTR, encrypt("cast128-ctr")
|
292
|
+
end
|
293
|
+
|
294
|
+
def test_cast128_ctr_for_decryption
|
295
|
+
assert_equal TEXT, decrypt("cast128-ctr", CAST128_CTR)
|
296
|
+
end
|
297
|
+
|
298
|
+
TRIPLE_DES_CTR = "\x90\xCD\b\xD2\xF1\x15:\x98\xF4sJ\xF0\xC9\xAA\xC5\xE3\xB4\xCFq\x93\xBAB\xF9v\xE1\xE7\x8B<\xBC\x97R\xDF?kK~Nw\xF3\x92`\x90]\xD9\xEF\x16\xC85V\x03C\xE9\x14\xF0\x86\xEB\x19\x85\x82\xF6\x16gz\x9B`\xB1\xCE\x80&?\xC8\xBD\xBC+\x91/)\xA5x\xBB\xCF\x06\x15#\e\xB3\xBD\x9B\x1F\xA7\xE2\xC7\xA3\xFC\x06\xC8"
|
299
|
+
|
300
|
+
def test_3des_ctr_for_encryption
|
301
|
+
if defined?(JRUBY_VERSION)
|
302
|
+
# on JRuby, this test fails due to JRUBY-6558
|
303
|
+
puts "Skipping 3des-ctr tests for JRuby"
|
304
|
+
else
|
305
|
+
assert_equal TRIPLE_DES_CTR, encrypt("3des-ctr")
|
306
|
+
end
|
307
|
+
end
|
308
|
+
|
309
|
+
def test_3des_ctr_for_decryption
|
310
|
+
if defined?(JRUBY_VERSION)
|
311
|
+
# on JRuby, this test fails due to JRUBY-6558
|
312
|
+
puts "Skipping 3des-ctr tests for JRuby"
|
313
|
+
else
|
314
|
+
assert_equal TEXT, decrypt("3des-ctr", TRIPLE_DES_CTR)
|
315
|
+
end
|
316
|
+
end
|
317
|
+
|
318
|
+
AES128_CTR = "\x9D\xC7]R\x89\x01\xC4\x14\x00\xE7\xCEc`\x80\v\xC7\xF7\xBD\xD5#d\f\xC9\xB0\xDE\xA6\x8Aq\x10p\x8F\xBC\xFF\x8B\xB4\xC5\xB3\xF7,\xF7eO\x06Q]\x0F\x05\x86\xEC\xA6\xC8\x12\xE9\xC4\x9D0\xD3\x9AL\x192\xAA\xDFu\x0E\xECz\x7F~g\xCA\xEA\xBA\x80,\x83V\x10\xF6/\x04\xD2\x8A\x94\x94\xA9T>~\xD2\r\xE6\x0E\xA0q\xEF"
|
319
|
+
|
320
|
+
def test_aes128_ctr_for_encryption
|
321
|
+
assert_equal AES128_CTR, encrypt("aes128-ctr")
|
322
|
+
end
|
323
|
+
|
324
|
+
def test_aes128_ctr_for_decryption
|
325
|
+
assert_equal TEXT, decrypt("aes128-ctr", AES128_CTR)
|
326
|
+
end
|
327
|
+
|
328
|
+
AES192_CTR = "\xE2\xE7\x1FJ\xE5\xB09\xE1\xB7/\xB3\x95\xF2S\xCE\x8C\x93\x14mFY\x88*\xCE\b\xA6\x87W\xD7\xEC/\xC9\xB6\x9Ba\a\x8E\x89-\xD7\xB2j\a\xB3\a\x92f\"\x96\x8D\xBF\x01\t\xB8Y\xF3\x92\x01\xCC7\xB6w\xF9\"=u:\xA1\xD5*\n\x9E\xC7p\xDC\x11\a\x1C\x88y\xE8\x87`\xA6[fF\x9B\xACv\xA6\xDA1|#F"
|
329
|
+
|
330
|
+
def test_aes192_ctr_for_encryption
|
331
|
+
assert_equal AES192_CTR, encrypt("aes192-ctr")
|
332
|
+
end
|
333
|
+
|
334
|
+
def test_aes192_ctr_for_decryption
|
335
|
+
assert_equal TEXT, decrypt("aes192-ctr", AES192_CTR)
|
336
|
+
end
|
337
|
+
|
338
|
+
AES256_CTR = "2\xB8\xE6\xC9\x95\xB4\x05\xD2\xC7+\x7F\x88\xEB\xD4\xA0\b\"\xBF\x9E\x85t\x19,\e\x90\x11\x04b\xC7\xEE$\xDE\xE6\xC5@G\xFEm\xE1u\x9B\au\xAF\xB5\xB8\x857\x87\x139u\xAC\x1A\xAB\fh\x8FiW~\xB8:\xA4\xA0#~\xC4\x89\xBA5#:\xFC\xC8\xE3\x9B\xF0A2\x87\x980\xD1\xE3\xBC'\xBE\x1E\n\x1A*B\x06\xF3\xCC"
|
339
|
+
|
340
|
+
def test_aes256_ctr_for_encryption
|
341
|
+
assert_equal AES256_CTR, encrypt("aes256-ctr")
|
342
|
+
end
|
343
|
+
|
344
|
+
def test_aes256_ctr_for_decryption
|
345
|
+
assert_equal TEXT, decrypt("aes256-ctr", AES256_CTR)
|
346
|
+
end
|
347
|
+
|
348
|
+
CAMELLIA128_CTR = "$\xCDQ\x86\xFD;Eq\x04\xFD\xEF\xC9\x18\xBA\\ZA\xD1\xA6Z\xC7V\xDE\xCDT\xBB\xC9\xB0BW\x9BOb}O\xCANy\xEA\xBB\xC5\x126\xE3\xDF\xB8]|j\x1D\xAE\"i\x8A\xCB\xE06\x01\xC4\xDA\xF6:\xA7\xB2v\xB0\xAE\xA5m\x16\xDB\xEBR\xCC\xB4\xA3\x93\x11;\xF1\x00\xDFS6\xF8\xD0_\b\nl\xA2\x95\x8E\xF2\xB0\xC1"
|
349
|
+
if_supported?("camellia128-ctr@openssh.org") do
|
350
|
+
def test_camellia128_ctr_openssh_org_for_encryption
|
351
|
+
assert_equal CAMELLIA128_CTR, encrypt("camellia128-ctr@openssh.org")
|
352
|
+
end
|
353
|
+
def test_camellia128_ctr_openssh_org_for_decryption
|
354
|
+
assert_equal TEXT, decrypt("camellia128-ctr@openssh.org", CAMELLIA128_CTR)
|
355
|
+
end
|
356
|
+
end
|
357
|
+
if_supported?("camellia128-ctr") do
|
358
|
+
def test_camellia128_ctr_for_encryption
|
359
|
+
assert_equal CAMELLIA128_CTR, encrypt("camellia128-ctr")
|
360
|
+
end
|
361
|
+
def test_camellia128_ctr_for_decryption
|
362
|
+
assert_equal TEXT, decrypt("camellia128-ctr", CAMELLIA128_CTR)
|
363
|
+
end
|
364
|
+
end
|
365
|
+
|
366
|
+
CAMELLIA192_CTR = "\xB1O;\xA5\xB9 \xD6\x7Fw\ajz\xAF12\x1C\xF0^\xB2\x13\xA7s\xCB\x1A(3Yw\x8B\"7\xD7}\xC4\xAA\xF7\xDB\xF2\xEEi\x02\xD0\x94BK\xD9l\xBC\xBEbrk\x87\x14h\xE1'\xD2\xE4\x8C\x8D\x87\xCE\xBF\x89\xA9\x9E\xC4\f\xB8\x87(\xFE?\xD9\xEF\xBA5\xD8\xA1\rI\xD6s9\x10\xA9l\xB8S\x93}*\x9A\xB0="
|
367
|
+
if_supported?("camellia192-ctr@openssh.org") do
|
368
|
+
def test_camellia192_ctr_openssh_org_for_encryption
|
369
|
+
assert_equal CAMELLIA192_CTR, encrypt("camellia192-ctr@openssh.org")
|
370
|
+
end
|
371
|
+
def test_camellia192_ctr_openssh_org_for_decryption
|
372
|
+
assert_equal TEXT, decrypt("camellia192-ctr@openssh.org", CAMELLIA192_CTR)
|
373
|
+
end
|
374
|
+
end
|
375
|
+
if_supported?("camellia192-ctr") do
|
376
|
+
def test_camellia192_ctr_for_encryption
|
377
|
+
assert_equal CAMELLIA192_CTR, encrypt("camellia192-ctr")
|
378
|
+
end
|
379
|
+
def test_camellia192_ctr_for_decryption
|
380
|
+
assert_equal TEXT, decrypt("camellia192-ctr", CAMELLIA192_CTR)
|
381
|
+
end
|
382
|
+
end
|
383
|
+
|
384
|
+
CAMELLIA256_CTR = "`\x8F#Nqr^m\xB2/i\xF9}\x1E\xD1\xE7X\x99\xAF\x1E\xBA\v\xF3\x8E\xCA\xECZ\xCB\x8A\xC96FW\xB3\x84 bwzRM,P\xC1r\xEFHNr%\xB9\a\xD6\xE6\xE7O\b\xC8?\x98d\x9F\xD3v\x10#\xA6\x87\xB2\x85\x059\xF0-\xF9\xBC\x00V\xB2?\xAE\x1E{\e\xF1\xA9zJ\xC9=1\xB3t73\xEB"
|
385
|
+
if_supported?("camellia256-ctr@openssh.org") do
|
386
|
+
def test_camellia256_ctr_openssh_org_for_encryption
|
387
|
+
assert_equal CAMELLIA256_CTR, encrypt("camellia256-ctr@openssh.org")
|
388
|
+
end
|
389
|
+
def test_camellia256_ctr_openssh_org_for_decryption
|
390
|
+
assert_equal TEXT, decrypt("camellia256-ctr@openssh.org", CAMELLIA256_CTR)
|
391
|
+
end
|
392
|
+
end
|
393
|
+
if_supported?("camellia256-ctr") do
|
394
|
+
def test_camellia256_ctr_for_encryption
|
395
|
+
assert_equal CAMELLIA256_CTR, encrypt("camellia256-ctr")
|
396
|
+
end
|
397
|
+
def test_camellia256_ctr_for_decryption
|
398
|
+
assert_equal TEXT, decrypt("camellia256-ctr", CAMELLIA256_CTR)
|
399
|
+
end
|
400
|
+
end
|
401
|
+
|
174
402
|
def test_none_for_encryption
|
175
403
|
assert_equal TEXT, encrypt("none").strip
|
176
404
|
end
|