net-ssh 2.4.0 → 2.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG.rdoc +21 -0
- data/Manifest +11 -0
- data/lib/net/ssh/authentication/key_manager.rb +1 -1
- data/lib/net/ssh/authentication/session.rb +12 -4
- data/lib/net/ssh/buffer.rb +12 -2
- data/lib/net/ssh/key_factory.rb +7 -2
- data/lib/net/ssh/known_hosts.rb +12 -2
- data/lib/net/ssh/ruby_compat.rb +8 -0
- data/lib/net/ssh/transport/algorithms.rb +22 -1
- data/lib/net/ssh/transport/cipher_factory.rb +32 -5
- data/lib/net/ssh/transport/constants.rb +3 -1
- data/lib/net/ssh/transport/ctr.rb +95 -0
- data/lib/net/ssh/transport/hmac.rb +8 -5
- data/lib/net/ssh/transport/hmac/ripemd160.rb +13 -0
- data/lib/net/ssh/transport/kex.rb +11 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +44 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +11 -3
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +93 -0
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb +13 -0
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb +13 -0
- data/lib/net/ssh/transport/openssl.rb +111 -1
- data/lib/net/ssh/version.rb +1 -1
- data/net-ssh.gemspec +12 -4
- data/test/authentication/test_key_manager.rb +48 -1
- data/test/test_buffer.rb +92 -2
- data/test/test_key_factory.rb +42 -0
- data/test/transport/hmac/test_ripemd160.rb +34 -0
- data/test/transport/kex/test_diffie_hellman_group14_sha1.rb +13 -0
- data/test/transport/kex/test_ecdh_sha2_nistp256.rb +161 -0
- data/test/transport/kex/test_ecdh_sha2_nistp384.rb +37 -0
- data/test/transport/kex/test_ecdh_sha2_nistp521.rb +37 -0
- data/test/transport/test_algorithms.rb +41 -19
- data/test/transport/test_cipher_factory.rb +255 -27
- data/test/transport/test_packet_stream.rb +1009 -0
- metadata +13 -4
- data/lib/net/ssh/authentication/agent/java_pageant.rb +0 -85
- data/lib/net/ssh/authentication/agent/socket.rb +0 -170
@@ -17,13 +17,18 @@ module Transport
|
|
17
17
|
end
|
18
18
|
|
19
19
|
def test_constructor_should_build_default_list_of_preferred_algorithms
|
20
|
-
|
21
|
-
|
22
|
-
|
20
|
+
if defined?(OpenSSL::PKey::EC)
|
21
|
+
assert_equal %w(ssh-rsa ssh-dss ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521), algorithms[:host_key]
|
22
|
+
assert_equal %w(diffie-hellman-group-exchange-sha1 diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521), algorithms[:kex]
|
23
|
+
else
|
24
|
+
assert_equal %w(ssh-rsa ssh-dss), algorithms[:host_key]
|
25
|
+
assert_equal %w(diffie-hellman-group-exchange-sha1 diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256), algorithms[:kex]
|
26
|
+
end
|
27
|
+
assert_equal %w(aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se idea-cbc none arcfour128 arcfour256 arcfour aes128-ctr aes192-ctr aes256-ctr camellia128-cbc camellia192-cbc camellia256-cbc camellia128-cbc@openssh.org camellia192-cbc@openssh.org camellia256-cbc@openssh.org camellia128-ctr camellia192-ctr camellia256-ctr camellia128-ctr@openssh.org camellia192-ctr@openssh.org camellia256-ctr@openssh.org cast128-ctr blowfish-ctr 3des-ctr), algorithms[:encryption]
|
23
28
|
if defined?(OpenSSL::Digest::SHA256)
|
24
|
-
assert_equal %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms[:hmac]
|
29
|
+
assert_equal %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 hmac-ripemd160 hmac-ripemd160@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms[:hmac]
|
25
30
|
else
|
26
|
-
assert_equal %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 none), algorithms[:hmac]
|
31
|
+
assert_equal %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 hmac-ripemd160 hmac-ripemd160@openssh.com none), algorithms[:hmac]
|
27
32
|
end
|
28
33
|
assert_equal %w(none zlib@openssh.com zlib), algorithms[:compression]
|
29
34
|
assert_equal %w(), algorithms[:language]
|
@@ -37,12 +42,20 @@ module Transport
|
|
37
42
|
end
|
38
43
|
|
39
44
|
def test_constructor_with_preferred_host_key_type_should_put_preferred_host_key_type_first
|
40
|
-
|
45
|
+
if defined?(OpenSSL::PKey::EC)
|
46
|
+
assert_equal %w(ssh-dss ssh-rsa ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521), algorithms(:host_key => "ssh-dss")[:host_key]
|
47
|
+
else
|
48
|
+
assert_equal %w(ssh-dss ssh-rsa), algorithms(:host_key => "ssh-dss")[:host_key]
|
49
|
+
end
|
41
50
|
end
|
42
51
|
|
43
52
|
def test_constructor_with_known_hosts_reporting_known_host_key_should_use_that_host_key_type
|
44
53
|
Net::SSH::KnownHosts.expects(:search_for).with("net.ssh.test,127.0.0.1", {}).returns([stub("key", :ssh_type => "ssh-dss")])
|
45
|
-
|
54
|
+
if defined?(OpenSSL::PKey::EC)
|
55
|
+
assert_equal %w(ssh-dss ssh-rsa ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521), algorithms[:host_key]
|
56
|
+
else
|
57
|
+
assert_equal %w(ssh-dss ssh-rsa), algorithms[:host_key]
|
58
|
+
end
|
46
59
|
end
|
47
60
|
|
48
61
|
def test_constructor_with_unrecognized_host_key_type_should_raise_exception
|
@@ -50,7 +63,11 @@ module Transport
|
|
50
63
|
end
|
51
64
|
|
52
65
|
def test_constructor_with_preferred_kex_should_put_preferred_kex_first
|
53
|
-
|
66
|
+
if defined?(OpenSSL::PKey::EC)
|
67
|
+
assert_equal %w(diffie-hellman-group1-sha1 diffie-hellman-group-exchange-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521), algorithms(:kex => "diffie-hellman-group1-sha1")[:kex]
|
68
|
+
else
|
69
|
+
assert_equal %w(diffie-hellman-group1-sha1 diffie-hellman-group-exchange-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256), algorithms(:kex => "diffie-hellman-group1-sha1")[:kex]
|
70
|
+
end
|
54
71
|
end
|
55
72
|
|
56
73
|
def test_constructor_with_unrecognized_kex_should_raise_exception
|
@@ -58,11 +75,11 @@ module Transport
|
|
58
75
|
end
|
59
76
|
|
60
77
|
def test_constructor_with_preferred_encryption_should_put_preferred_encryption_first
|
61
|
-
assert_equal %w(aes256-cbc aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc rijndael-cbc@lysator.liu.se idea-cbc none arcfour128 arcfour256), algorithms(:encryption => "aes256-cbc")[:encryption]
|
78
|
+
assert_equal %w(aes256-cbc aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc rijndael-cbc@lysator.liu.se idea-cbc none arcfour128 arcfour256 arcfour aes128-ctr aes192-ctr aes256-ctr camellia128-cbc camellia192-cbc camellia256-cbc camellia128-cbc@openssh.org camellia192-cbc@openssh.org camellia256-cbc@openssh.org camellia128-ctr camellia192-ctr camellia256-ctr camellia128-ctr@openssh.org camellia192-ctr@openssh.org camellia256-ctr@openssh.org cast128-ctr blowfish-ctr 3des-ctr), algorithms(:encryption => "aes256-cbc")[:encryption]
|
62
79
|
end
|
63
80
|
|
64
81
|
def test_constructor_with_multiple_preferred_encryption_should_put_all_preferred_encryption_first
|
65
|
-
assert_equal %w(aes256-cbc 3des-cbc idea-cbc aes128-cbc blowfish-cbc cast128-cbc aes192-cbc rijndael-cbc@lysator.liu.se none arcfour128 arcfour256), algorithms(:encryption => %w(aes256-cbc 3des-cbc idea-cbc))[:encryption]
|
82
|
+
assert_equal %w(aes256-cbc 3des-cbc idea-cbc aes128-cbc blowfish-cbc cast128-cbc aes192-cbc rijndael-cbc@lysator.liu.se none arcfour128 arcfour256 arcfour aes128-ctr aes192-ctr aes256-ctr camellia128-cbc camellia192-cbc camellia256-cbc camellia128-cbc@openssh.org camellia192-cbc@openssh.org camellia256-cbc@openssh.org camellia128-ctr camellia192-ctr camellia256-ctr camellia128-ctr@openssh.org camellia192-ctr@openssh.org camellia256-ctr@openssh.org cast128-ctr blowfish-ctr 3des-ctr), algorithms(:encryption => %w(aes256-cbc 3des-cbc idea-cbc))[:encryption]
|
66
83
|
end
|
67
84
|
|
68
85
|
def test_constructor_with_unrecognized_encryption_should_raise_exception
|
@@ -70,11 +87,11 @@ module Transport
|
|
70
87
|
end
|
71
88
|
|
72
89
|
def test_constructor_with_preferred_hmac_should_put_preferred_hmac_first
|
73
|
-
assert_equal %w(hmac-md5-96 hmac-sha1 hmac-md5 hmac-sha1-96 hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms(:hmac => "hmac-md5-96")[:hmac]
|
90
|
+
assert_equal %w(hmac-md5-96 hmac-sha1 hmac-md5 hmac-sha1-96 hmac-ripemd160 hmac-ripemd160@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms(:hmac => "hmac-md5-96")[:hmac]
|
74
91
|
end
|
75
92
|
|
76
93
|
def test_constructor_with_multiple_preferred_hmac_should_put_all_preferred_hmac_first
|
77
|
-
assert_equal %w(hmac-md5-96 hmac-sha1-96 hmac-sha1 hmac-md5 hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms(:hmac => %w(hmac-md5-96 hmac-sha1-96))[:hmac]
|
94
|
+
assert_equal %w(hmac-md5-96 hmac-sha1-96 hmac-sha1 hmac-md5 hmac-ripemd160 hmac-ripemd160@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms(:hmac => %w(hmac-md5-96 hmac-sha1-96))[:hmac]
|
78
95
|
end
|
79
96
|
|
80
97
|
def test_constructor_with_unrecognized_hmac_should_raise_exception
|
@@ -256,7 +273,7 @@ module Transport
|
|
256
273
|
def kexinit(options={})
|
257
274
|
@kexinit ||= P(:byte, KEXINIT,
|
258
275
|
:long, rand(0xFFFFFFFF), :long, rand(0xFFFFFFFF), :long, rand(0xFFFFFFFF), :long, rand(0xFFFFFFFF),
|
259
|
-
:string, options[:kex] || "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha256",
|
276
|
+
:string, options[:kex] || "diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha256",
|
260
277
|
:string, options[:host_key] || "ssh-rsa,ssh-dss",
|
261
278
|
:string, options[:encryption_client] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc",
|
262
279
|
:string, options[:encryption_server] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc",
|
@@ -272,12 +289,17 @@ module Transport
|
|
272
289
|
def assert_kexinit(buffer, options={})
|
273
290
|
assert_equal KEXINIT, buffer.type
|
274
291
|
assert_equal 16, buffer.read(16).length
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
292
|
+
if defined?(OpenSSL::PKey::EC)
|
293
|
+
assert_equal options[:kex] || "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521", buffer.read_string
|
294
|
+
assert_equal options[:host_key] || "ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521", buffer.read_string
|
295
|
+
else
|
296
|
+
assert_equal options[:kex] || "diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256", buffer.read_string
|
297
|
+
assert_equal options[:host_key] || "ssh-rsa,ssh-dss", buffer.read_string
|
298
|
+
end
|
299
|
+
assert_equal options[:encryption_client] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc,none,arcfour128,arcfour256,arcfour,aes128-ctr,aes192-ctr,aes256-ctr,camellia128-cbc,camellia192-cbc,camellia256-cbc,camellia128-cbc@openssh.org,camellia192-cbc@openssh.org,camellia256-cbc@openssh.org,camellia128-ctr,camellia192-ctr,camellia256-ctr,camellia128-ctr@openssh.org,camellia192-ctr@openssh.org,camellia256-ctr@openssh.org,cast128-ctr,blowfish-ctr,3des-ctr", buffer.read_string
|
300
|
+
assert_equal options[:encryption_server] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc,none,arcfour128,arcfour256,arcfour,aes128-ctr,aes192-ctr,aes256-ctr,camellia128-cbc,camellia192-cbc,camellia256-cbc,camellia128-cbc@openssh.org,camellia192-cbc@openssh.org,camellia256-cbc@openssh.org,camellia128-ctr,camellia192-ctr,camellia256-ctr,camellia128-ctr@openssh.org,camellia192-ctr@openssh.org,camellia256-ctr@openssh.org,cast128-ctr,blowfish-ctr,3des-ctr", buffer.read_string
|
301
|
+
assert_equal options[:hmac_client] || "hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-96,hmac-sha2-512-96,none", buffer.read_string
|
302
|
+
assert_equal options[:hmac_server] || "hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-96,hmac-sha2-512-96,none", buffer.read_string
|
281
303
|
assert_equal options[:compression_client] || "none,zlib@openssh.com,zlib", buffer.read_string
|
282
304
|
assert_equal options[:compression_server] || "none,zlib@openssh.com,zlib", buffer.read_string
|
283
305
|
assert_equal options[:language_client] || "", buffer.read_string
|
@@ -35,18 +35,22 @@ module Transport
|
|
35
35
|
assert_equal [24,8], factory.get_lengths("3des-cbc")
|
36
36
|
end
|
37
37
|
|
38
|
-
def test_lengths_for_aes192_cbc
|
39
|
-
assert_equal [24,16], factory.get_lengths("aes192-cbc")
|
40
|
-
end
|
41
|
-
|
42
38
|
def test_lengths_for_aes128_cbc
|
43
39
|
assert_equal [16,16], factory.get_lengths("aes128-cbc")
|
44
40
|
end
|
45
41
|
|
42
|
+
def test_lengths_for_aes192_cbc
|
43
|
+
assert_equal [24,16], factory.get_lengths("aes192-cbc")
|
44
|
+
end
|
45
|
+
|
46
46
|
def test_lengths_for_aes256_cbc
|
47
47
|
assert_equal [32,16], factory.get_lengths("aes256-cbc")
|
48
48
|
end
|
49
49
|
|
50
|
+
def test_lengths_for_arcfour
|
51
|
+
assert_equal [16,8], factory.get_lengths("arcfour")
|
52
|
+
end
|
53
|
+
|
50
54
|
def test_lengths_for_arcfour128
|
51
55
|
assert_equal [16,8], factory.get_lengths("arcfour128")
|
52
56
|
end
|
@@ -58,26 +62,86 @@ module Transport
|
|
58
62
|
def test_lengths_for_arcfour512
|
59
63
|
assert_equal [64,8], factory.get_lengths("arcfour512")
|
60
64
|
end
|
61
|
-
|
62
|
-
|
65
|
+
|
66
|
+
if_supported?("camellia128-cbc@openssh.org") do
|
67
|
+
def test_lengths_for_camellia128_cbc_openssh_org
|
68
|
+
assert_equal [16,16], factory.get_lengths("camellia128-cbc@openssh.org")
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
if_supported?("camellia192-cbc@openssh.org") do
|
73
|
+
def test_lengths_for_camellia192_cbc_openssh_org
|
74
|
+
assert_equal [24,16], factory.get_lengths("camellia192-cbc@openssh.org")
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
if_supported?("camellia256-cbc@openssh.org") do
|
79
|
+
def test_lengths_for_camellia256_cbc_openssh_org
|
80
|
+
assert_equal [32,16], factory.get_lengths("camellia256-cbc@openssh.org")
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
def test_lengths_for_3des_ctr
|
85
|
+
assert_equal [24,8], factory.get_lengths("3des-ctr")
|
86
|
+
end
|
87
|
+
|
88
|
+
def test_lengths_for_aes128_ctr
|
89
|
+
assert_equal [16,16], factory.get_lengths("aes128-ctr")
|
90
|
+
end
|
91
|
+
|
92
|
+
def test_lengths_for_aes192_ctr
|
93
|
+
assert_equal [24,16], factory.get_lengths("aes192-ctr")
|
94
|
+
end
|
95
|
+
|
96
|
+
def test_lengths_for_aes256_ctr
|
97
|
+
assert_equal [32,16], factory.get_lengths("aes256-ctr")
|
98
|
+
end
|
99
|
+
|
100
|
+
def test_lengths_for_blowfish_ctr
|
101
|
+
assert_equal [16,8], factory.get_lengths("blowfish-ctr")
|
102
|
+
end
|
103
|
+
|
104
|
+
def test_lengths_for_cast128_ctr
|
105
|
+
assert_equal [16,8], factory.get_lengths("cast128-ctr")
|
106
|
+
end
|
107
|
+
|
108
|
+
if_supported?("camellia128-ctr@openssh.org") do
|
109
|
+
def test_lengths_for_camellia128_ctr_openssh_org
|
110
|
+
assert_equal [16,16], factory.get_lengths("camellia128-ctr@openssh.org")
|
111
|
+
end
|
112
|
+
end
|
113
|
+
|
114
|
+
if_supported?("camellia192-ctr@openssh.org") do
|
115
|
+
def test_lengths_for_camellia192_ctr_openssh_org
|
116
|
+
assert_equal [24,16], factory.get_lengths("camellia192-ctr@openssh.org")
|
117
|
+
end
|
118
|
+
end
|
119
|
+
|
120
|
+
if_supported?("camellia256-ctr@openssh.org") do
|
121
|
+
def test_lengths_for_camellia256_ctr_openssh_org
|
122
|
+
assert_equal [32,16], factory.get_lengths("camellia256-ctr@openssh.org")
|
123
|
+
end
|
124
|
+
end
|
125
|
+
|
126
|
+
BLOWFISH_CBC = "\210\021\200\315\240_\026$\352\204g\233\244\242x\332e\370\001\327\224Nv@9_\323\037\252kb\037\036\237\375]\343/y\037\237\312Q\f7]\347Y\005\275%\377\0010$G\272\250B\265Nd\375\342\372\025r6}+Y\213y\n\237\267\\\374^\346BdJ$\353\220Ik\023<\236&H\277=\225"
|
63
127
|
|
64
128
|
def test_blowfish_cbc_for_encryption
|
65
|
-
assert_equal
|
129
|
+
assert_equal BLOWFISH_CBC, encrypt("blowfish-cbc")
|
66
130
|
end
|
67
131
|
|
68
132
|
def test_blowfish_cbc_for_decryption
|
69
|
-
assert_equal TEXT, decrypt("blowfish-cbc",
|
133
|
+
assert_equal TEXT, decrypt("blowfish-cbc", BLOWFISH_CBC)
|
70
134
|
end
|
71
135
|
|
72
136
|
if_supported?("idea-cbc") do
|
73
|
-
|
137
|
+
IDEA_CBC = "W\234\017G\231\b\357\370H\b\256U]\343M\031k\233]~\023C\363\263\177\262-\261\341$\022\376mv\217\322\b\2763\270H\306\035\343z\313\312\3531\351\t\201\302U\022\360\300\354ul7$z\320O]\360g\024\305\005`V\005\335A\351\312\270c\320D\232\eQH1\340\265\2118\031g*\303v"
|
74
138
|
|
75
139
|
def test_idea_cbc_for_encryption
|
76
|
-
assert_equal
|
140
|
+
assert_equal IDEA_CBC, encrypt("idea-cbc")
|
77
141
|
end
|
78
142
|
|
79
143
|
def test_idea_cbc_for_decryption
|
80
|
-
assert_equal TEXT, decrypt("idea-cbc",
|
144
|
+
assert_equal TEXT, decrypt("idea-cbc", IDEA_CBC)
|
81
145
|
end
|
82
146
|
end
|
83
147
|
|
@@ -91,54 +155,64 @@ module Transport
|
|
91
155
|
assert_equal TEXT, decrypt("rijndael-cbc@lysator.liu.se", RIJNDAEL)
|
92
156
|
end
|
93
157
|
|
94
|
-
|
158
|
+
CAST128_CBC = "qW\302\331\333P\223t[9 ~(sg\322\271\227\272\022I\223\373p\255>k\326\314\260\2003\236C_W\211\227\373\205>\351\334\322\227\223\e\236\202Ii\032!P\214\035:\017\360h7D\371v\210\264\317\236a\262w1\2772\023\036\331\227\240:\f/X\351\324I\t[x\350\323E\2301\016m"
|
95
159
|
|
96
160
|
def test_cast128_cbc_for_encryption
|
97
|
-
assert_equal
|
161
|
+
assert_equal CAST128_CBC, encrypt("cast128-cbc")
|
98
162
|
end
|
99
163
|
|
100
164
|
def test_cast128_cbc_for_decryption
|
101
|
-
assert_equal TEXT, decrypt("cast128-cbc",
|
165
|
+
assert_equal TEXT, decrypt("cast128-cbc", CAST128_CBC)
|
102
166
|
end
|
103
167
|
|
104
|
-
|
168
|
+
TRIPLE_DES_CBC = "\322\252\216D\303Q\375gg\367A{\177\313\3436\272\353%\223K?\257\206|\r&\353/%\340\336 \203E8rY\206\234\004\274\267\031\233T/{\"\227/B!i?[qGaw\306T\206\223\213n \212\032\244%]@\355\250\334\312\265E\251\017\361\270\357\230\274KP&^\031r+r%\370"
|
105
169
|
|
106
170
|
def test_3des_cbc_for_encryption
|
107
|
-
assert_equal
|
171
|
+
assert_equal TRIPLE_DES_CBC, encrypt("3des-cbc")
|
108
172
|
end
|
109
173
|
|
110
174
|
def test_3des_cbc_for_decryption
|
111
|
-
assert_equal TEXT, decrypt("3des-cbc",
|
175
|
+
assert_equal TEXT, decrypt("3des-cbc", TRIPLE_DES_CBC)
|
112
176
|
end
|
113
177
|
|
114
|
-
|
178
|
+
AES128_CBC = "k\026\350B\366-k\224\313\3277}B\035\004\200\035\r\233\024$\205\261\231Q\2214r\245\250\360\315\237\266hg\262C&+\321\346Pf\267v\376I\215P\327\345-\232&HK\375\326_\030<\a\276\212\303g\342C\242O\233\260\006\001a&V\345`\\T\e\236.\207\223l\233ri^\v\252\363\245"
|
115
179
|
|
116
180
|
def test_aes128_cbc_for_encryption
|
117
|
-
assert_equal
|
181
|
+
assert_equal AES128_CBC, encrypt("aes128-cbc")
|
118
182
|
end
|
119
183
|
|
120
184
|
def test_aes128_cbc_for_decryption
|
121
|
-
assert_equal TEXT, decrypt("aes128-cbc",
|
185
|
+
assert_equal TEXT, decrypt("aes128-cbc", AES128_CBC)
|
122
186
|
end
|
123
187
|
|
124
|
-
|
188
|
+
AES192_CBC = "\256\017)x\270\213\336\303L\003f\235'jQ\3231k9\225\267\242\364C4\370\224\201\302~\217I\202\374\2167='\272\037\225\223\177Y\r\212\376(\275\n\3553\377\177\252C\254\236\016MA\274Z@H\331<\rL\317\205\323[\305X8\376\237=\374\352bH9\244\0231\353\204\352p\226\326~J\242"
|
125
189
|
|
126
190
|
def test_aes192_cbc_for_encryption
|
127
|
-
assert_equal
|
191
|
+
assert_equal AES192_CBC, encrypt("aes192-cbc")
|
128
192
|
end
|
129
193
|
|
130
194
|
def test_aes192_cbc_for_decryption
|
131
|
-
assert_equal TEXT, decrypt("aes192-cbc",
|
195
|
+
assert_equal TEXT, decrypt("aes192-cbc", AES192_CBC)
|
132
196
|
end
|
133
197
|
|
134
|
-
|
198
|
+
AES256_CBC = "$\253\271\255\005Z\354\336&\312\324\221\233\307Mj\315\360\310Fk\241EfN\037\231\213\361{'\310\204\347I\343\271\005\240`\325;\034\346uM>#\241\231C`\374\261\vo\226;Z\302:\b\250\366T\330\\#V\330\340\226\363\374!\bm\266\232\207!\232\347\340\t\307\370\356z\236\343=v\210\206y"
|
135
199
|
|
136
200
|
def test_aes256_cbc_for_encryption
|
137
|
-
assert_equal
|
201
|
+
assert_equal AES256_CBC, encrypt("aes256-cbc")
|
138
202
|
end
|
139
203
|
|
140
204
|
def test_aes256_cbc_for_decryption
|
141
|
-
assert_equal TEXT, decrypt("aes256-cbc",
|
205
|
+
assert_equal TEXT, decrypt("aes256-cbc", AES256_CBC)
|
206
|
+
end
|
207
|
+
|
208
|
+
ARCFOUR = "\xC1.\x1AdH\xD0+%\xF1CrG\x1C\xCC\xF6\xACho\xB0\x95\\\xBC\x02P\xF9\xAF\n\xBB<\x13\xF3\xCF\xEB\n\b(iO\xFB'\t^?\xA6\xE5a\xE2\x17\f\x97\xCAs\x9E\xFC\xF2\x88\xC93\v\x84\xCA\x82\x0E\x1D\x11\xEA\xE1\x82\x8E\xB3*\xC5\xFB\x8Cmgs\xB0\xFA\xF5\x9C\\\xE2\xB0\x95\x1F>LT"
|
209
|
+
|
210
|
+
def test_arcfour_for_encryption
|
211
|
+
assert_equal ARCFOUR, encrypt("arcfour")
|
212
|
+
end
|
213
|
+
|
214
|
+
def test_arcfour_for_decryption
|
215
|
+
assert_equal TEXT, decrypt("arcfour", ARCFOUR)
|
142
216
|
end
|
143
217
|
|
144
218
|
ARCFOUR128 = "\n\x90\xED*\xD4\xBE\xCBg5\xA5\a\xEC]\x97\xB7L\x06)6\x12FL\x90@\xF4Sqxqh\r\x11\x1Aq \xC8\xE6v\xC6\x12\xD9<A\xDAZ\xFE\x7F\x88\x19f.\x06\xA7\xFE:\xFF\x93\x9B\x8D\xA0\\\x9E\xCA\x03\x15\xE1\xE2\f\xC0\b\xA2C\xE1\xBD\xB6\x13D\xD1\xB4'g\x89\xDC\xEB\f\x19Z)U"
|
@@ -170,7 +244,161 @@ module Transport
|
|
170
244
|
def test_arcfour512_for_decryption
|
171
245
|
assert_equal TEXT, decrypt("arcfour512", ARCFOUR512)
|
172
246
|
end
|
173
|
-
|
247
|
+
|
248
|
+
if_supported?("camellia128-cbc@openssh.org") do
|
249
|
+
CAMELLIA128_CBC = "\a\b\x83+\xF1\xC5m\a\xE1\xD3\x06\xD2NA\xC3l@\\*M\xFD\x96\xAE\xA8\xB4\xA9\xACm\"8\x8E\xEE<\xC3O[\rK\xFAgu}\xCD\xAC\xF4\x04o\xDB\x94-\xB8\"\xDC\xE7{y\xA9 \x8F=y\x85\x82v\xC8\xCA\x8A\xE9\xE3:\xC4,u=a/\xC0\x05\xDA\xDAk8g\xCB\xD9\xA8\xE6\xFE\xCE_\x8E\x97\xF0\xAC\xB6\xCE"
|
250
|
+
def test_camellia128_cbc_for_encryption
|
251
|
+
assert_equal CAMELLIA128_CBC, encrypt("camellia128-cbc@openssh.org")
|
252
|
+
end
|
253
|
+
def test_camellia128_cbc_for_decryption
|
254
|
+
assert_equal TEXT, decrypt("camellia128-cbc@openssh.org", CAMELLIA128_CBC)
|
255
|
+
end
|
256
|
+
end
|
257
|
+
|
258
|
+
if_supported?("camellia192-cbc@openssh.org") do
|
259
|
+
CAMELLIA192_CBC = "\x82\xB2\x03\x90\xFA\f2\xA0\xE3\xFA\xF2B\xAB\xDBX\xD5\x04z\xD4G\x19\xB8\xAB\v\x85\x84\xCD:.\xBA\x9Dd\xD5(\xEB.\n\xAA]\xCB\xF3\x0F4\x8Bd\xF8m\xC9!\xE2\xA1=\xEBY\xA6\x83\x86\n\x13\e6\v\x06\xBBNJg\xF2-\x14',[\xC1\xB1.\x85\xF3\xC6\xBF\x1Ff\xCE\x87'\x9C\xB2\xC8!\xF3|\xE2\xD2\x9E\x96\xA1"
|
260
|
+
def test_camellia192_cbc_for_encryption
|
261
|
+
assert_equal CAMELLIA192_CBC, encrypt("camellia192-cbc@openssh.org")
|
262
|
+
end
|
263
|
+
def test_camellia192_cbc_for_decryption
|
264
|
+
assert_equal TEXT, decrypt("camellia192-cbc@openssh.org", CAMELLIA192_CBC)
|
265
|
+
end
|
266
|
+
end
|
267
|
+
|
268
|
+
if_supported?("camellia256-cbc@openssh.org") do
|
269
|
+
CAMELLIA256_CBC = ",\x80J/\xF5\x8F\xFE4\xF0@\n[2\xFF4\xB6\xA4\xD0\xF8\xF5*\x17I\xF3\xA2\x1F$L\xC6\xA1\x06\xDC\x84f\x1C\x10&\x1C\xC4/R\x859|i\x85ZP\xC8\x94\xED\xE8-\n@ w\x92\xF7\xD4\xAB\xF0\x85c\xC1\x0F\x1E#\xEB\xE5W\x87N!\xC7'/\xE3E8$\x1D\x9B:\xC9\xAF_\x05\xAC%\xD7\x945\xBBDK"
|
270
|
+
def test_camellia256_cbc_for_encryption
|
271
|
+
assert_equal CAMELLIA256_CBC, encrypt("camellia256-cbc@openssh.org")
|
272
|
+
end
|
273
|
+
def test_camellia256_cbc_for_decryption
|
274
|
+
assert_equal TEXT, decrypt("camellia256-cbc@openssh.org", CAMELLIA256_CBC)
|
275
|
+
end
|
276
|
+
end
|
277
|
+
|
278
|
+
BLOWFISH_CTR = "\xF5\xA6\x1E{\x8F(\x85G\xFAh\xDB\x19\xDC\xDF\xA2\x9A\x99\xDD5\xFF\xEE\x8BE\xE6\xB5\x92\x82\xE80\x91\x11`\xEF\x10\xED\xE9\xD3\vG\x0E\xAF\xB2K\t\xA4\xA6\x05\xD1\x17\x0Fl\r@E\x8DJ\e\xE63\x04\xB5\x05\x99Y\xCC\xFBb\x8FK+\x8C1v\xE4N\b?B\x06Rz\xA6\xB6N/b\xCE}\x83\x8DY\xD7\x92qU\x0F"
|
279
|
+
|
280
|
+
def test_blowfish_ctr_for_encryption
|
281
|
+
assert_equal BLOWFISH_CTR, encrypt("blowfish-ctr")
|
282
|
+
end
|
283
|
+
|
284
|
+
def test_blowfish_ctr_for_decryption
|
285
|
+
assert_equal TEXT, decrypt("blowfish-ctr", BLOWFISH_CTR)
|
286
|
+
end
|
287
|
+
|
288
|
+
CAST128_CTR = "\xB5\xBB\xC3h\x80\x90`{\xD7I\x03\xE9\x80\xC4\xC4U\xE3@\xF1\xE9\xEFX\xDB6\xEE,\x8E\xC2\xE8\x89\x17\xBArf\x81\r\x96\xDC\xB1_'\x83hs\t7\xB8@\x17\xAA\xD9;\xE8\x8E\x94\xBD\xFF\xA4K\xA4\xFA\x8F-\xCD\bO\xD9I`\xE5\xC9H\x99\x14\xC5K\xC8\xEF\xEA#\x1D\xE5\x13O\xE1^P\xDC\x1C^qm\v|c@"
|
289
|
+
|
290
|
+
def test_cast128_ctr_for_encryption
|
291
|
+
assert_equal CAST128_CTR, encrypt("cast128-ctr")
|
292
|
+
end
|
293
|
+
|
294
|
+
def test_cast128_ctr_for_decryption
|
295
|
+
assert_equal TEXT, decrypt("cast128-ctr", CAST128_CTR)
|
296
|
+
end
|
297
|
+
|
298
|
+
TRIPLE_DES_CTR = "\x90\xCD\b\xD2\xF1\x15:\x98\xF4sJ\xF0\xC9\xAA\xC5\xE3\xB4\xCFq\x93\xBAB\xF9v\xE1\xE7\x8B<\xBC\x97R\xDF?kK~Nw\xF3\x92`\x90]\xD9\xEF\x16\xC85V\x03C\xE9\x14\xF0\x86\xEB\x19\x85\x82\xF6\x16gz\x9B`\xB1\xCE\x80&?\xC8\xBD\xBC+\x91/)\xA5x\xBB\xCF\x06\x15#\e\xB3\xBD\x9B\x1F\xA7\xE2\xC7\xA3\xFC\x06\xC8"
|
299
|
+
|
300
|
+
def test_3des_ctr_for_encryption
|
301
|
+
if defined?(JRUBY_VERSION)
|
302
|
+
# on JRuby, this test fails due to JRUBY-6558
|
303
|
+
puts "Skipping 3des-ctr tests for JRuby"
|
304
|
+
else
|
305
|
+
assert_equal TRIPLE_DES_CTR, encrypt("3des-ctr")
|
306
|
+
end
|
307
|
+
end
|
308
|
+
|
309
|
+
def test_3des_ctr_for_decryption
|
310
|
+
if defined?(JRUBY_VERSION)
|
311
|
+
# on JRuby, this test fails due to JRUBY-6558
|
312
|
+
puts "Skipping 3des-ctr tests for JRuby"
|
313
|
+
else
|
314
|
+
assert_equal TEXT, decrypt("3des-ctr", TRIPLE_DES_CTR)
|
315
|
+
end
|
316
|
+
end
|
317
|
+
|
318
|
+
AES128_CTR = "\x9D\xC7]R\x89\x01\xC4\x14\x00\xE7\xCEc`\x80\v\xC7\xF7\xBD\xD5#d\f\xC9\xB0\xDE\xA6\x8Aq\x10p\x8F\xBC\xFF\x8B\xB4\xC5\xB3\xF7,\xF7eO\x06Q]\x0F\x05\x86\xEC\xA6\xC8\x12\xE9\xC4\x9D0\xD3\x9AL\x192\xAA\xDFu\x0E\xECz\x7F~g\xCA\xEA\xBA\x80,\x83V\x10\xF6/\x04\xD2\x8A\x94\x94\xA9T>~\xD2\r\xE6\x0E\xA0q\xEF"
|
319
|
+
|
320
|
+
def test_aes128_ctr_for_encryption
|
321
|
+
assert_equal AES128_CTR, encrypt("aes128-ctr")
|
322
|
+
end
|
323
|
+
|
324
|
+
def test_aes128_ctr_for_decryption
|
325
|
+
assert_equal TEXT, decrypt("aes128-ctr", AES128_CTR)
|
326
|
+
end
|
327
|
+
|
328
|
+
AES192_CTR = "\xE2\xE7\x1FJ\xE5\xB09\xE1\xB7/\xB3\x95\xF2S\xCE\x8C\x93\x14mFY\x88*\xCE\b\xA6\x87W\xD7\xEC/\xC9\xB6\x9Ba\a\x8E\x89-\xD7\xB2j\a\xB3\a\x92f\"\x96\x8D\xBF\x01\t\xB8Y\xF3\x92\x01\xCC7\xB6w\xF9\"=u:\xA1\xD5*\n\x9E\xC7p\xDC\x11\a\x1C\x88y\xE8\x87`\xA6[fF\x9B\xACv\xA6\xDA1|#F"
|
329
|
+
|
330
|
+
def test_aes192_ctr_for_encryption
|
331
|
+
assert_equal AES192_CTR, encrypt("aes192-ctr")
|
332
|
+
end
|
333
|
+
|
334
|
+
def test_aes192_ctr_for_decryption
|
335
|
+
assert_equal TEXT, decrypt("aes192-ctr", AES192_CTR)
|
336
|
+
end
|
337
|
+
|
338
|
+
AES256_CTR = "2\xB8\xE6\xC9\x95\xB4\x05\xD2\xC7+\x7F\x88\xEB\xD4\xA0\b\"\xBF\x9E\x85t\x19,\e\x90\x11\x04b\xC7\xEE$\xDE\xE6\xC5@G\xFEm\xE1u\x9B\au\xAF\xB5\xB8\x857\x87\x139u\xAC\x1A\xAB\fh\x8FiW~\xB8:\xA4\xA0#~\xC4\x89\xBA5#:\xFC\xC8\xE3\x9B\xF0A2\x87\x980\xD1\xE3\xBC'\xBE\x1E\n\x1A*B\x06\xF3\xCC"
|
339
|
+
|
340
|
+
def test_aes256_ctr_for_encryption
|
341
|
+
assert_equal AES256_CTR, encrypt("aes256-ctr")
|
342
|
+
end
|
343
|
+
|
344
|
+
def test_aes256_ctr_for_decryption
|
345
|
+
assert_equal TEXT, decrypt("aes256-ctr", AES256_CTR)
|
346
|
+
end
|
347
|
+
|
348
|
+
CAMELLIA128_CTR = "$\xCDQ\x86\xFD;Eq\x04\xFD\xEF\xC9\x18\xBA\\ZA\xD1\xA6Z\xC7V\xDE\xCDT\xBB\xC9\xB0BW\x9BOb}O\xCANy\xEA\xBB\xC5\x126\xE3\xDF\xB8]|j\x1D\xAE\"i\x8A\xCB\xE06\x01\xC4\xDA\xF6:\xA7\xB2v\xB0\xAE\xA5m\x16\xDB\xEBR\xCC\xB4\xA3\x93\x11;\xF1\x00\xDFS6\xF8\xD0_\b\nl\xA2\x95\x8E\xF2\xB0\xC1"
|
349
|
+
if_supported?("camellia128-ctr@openssh.org") do
|
350
|
+
def test_camellia128_ctr_openssh_org_for_encryption
|
351
|
+
assert_equal CAMELLIA128_CTR, encrypt("camellia128-ctr@openssh.org")
|
352
|
+
end
|
353
|
+
def test_camellia128_ctr_openssh_org_for_decryption
|
354
|
+
assert_equal TEXT, decrypt("camellia128-ctr@openssh.org", CAMELLIA128_CTR)
|
355
|
+
end
|
356
|
+
end
|
357
|
+
if_supported?("camellia128-ctr") do
|
358
|
+
def test_camellia128_ctr_for_encryption
|
359
|
+
assert_equal CAMELLIA128_CTR, encrypt("camellia128-ctr")
|
360
|
+
end
|
361
|
+
def test_camellia128_ctr_for_decryption
|
362
|
+
assert_equal TEXT, decrypt("camellia128-ctr", CAMELLIA128_CTR)
|
363
|
+
end
|
364
|
+
end
|
365
|
+
|
366
|
+
CAMELLIA192_CTR = "\xB1O;\xA5\xB9 \xD6\x7Fw\ajz\xAF12\x1C\xF0^\xB2\x13\xA7s\xCB\x1A(3Yw\x8B\"7\xD7}\xC4\xAA\xF7\xDB\xF2\xEEi\x02\xD0\x94BK\xD9l\xBC\xBEbrk\x87\x14h\xE1'\xD2\xE4\x8C\x8D\x87\xCE\xBF\x89\xA9\x9E\xC4\f\xB8\x87(\xFE?\xD9\xEF\xBA5\xD8\xA1\rI\xD6s9\x10\xA9l\xB8S\x93}*\x9A\xB0="
|
367
|
+
if_supported?("camellia192-ctr@openssh.org") do
|
368
|
+
def test_camellia192_ctr_openssh_org_for_encryption
|
369
|
+
assert_equal CAMELLIA192_CTR, encrypt("camellia192-ctr@openssh.org")
|
370
|
+
end
|
371
|
+
def test_camellia192_ctr_openssh_org_for_decryption
|
372
|
+
assert_equal TEXT, decrypt("camellia192-ctr@openssh.org", CAMELLIA192_CTR)
|
373
|
+
end
|
374
|
+
end
|
375
|
+
if_supported?("camellia192-ctr") do
|
376
|
+
def test_camellia192_ctr_for_encryption
|
377
|
+
assert_equal CAMELLIA192_CTR, encrypt("camellia192-ctr")
|
378
|
+
end
|
379
|
+
def test_camellia192_ctr_for_decryption
|
380
|
+
assert_equal TEXT, decrypt("camellia192-ctr", CAMELLIA192_CTR)
|
381
|
+
end
|
382
|
+
end
|
383
|
+
|
384
|
+
CAMELLIA256_CTR = "`\x8F#Nqr^m\xB2/i\xF9}\x1E\xD1\xE7X\x99\xAF\x1E\xBA\v\xF3\x8E\xCA\xECZ\xCB\x8A\xC96FW\xB3\x84 bwzRM,P\xC1r\xEFHNr%\xB9\a\xD6\xE6\xE7O\b\xC8?\x98d\x9F\xD3v\x10#\xA6\x87\xB2\x85\x059\xF0-\xF9\xBC\x00V\xB2?\xAE\x1E{\e\xF1\xA9zJ\xC9=1\xB3t73\xEB"
|
385
|
+
if_supported?("camellia256-ctr@openssh.org") do
|
386
|
+
def test_camellia256_ctr_openssh_org_for_encryption
|
387
|
+
assert_equal CAMELLIA256_CTR, encrypt("camellia256-ctr@openssh.org")
|
388
|
+
end
|
389
|
+
def test_camellia256_ctr_openssh_org_for_decryption
|
390
|
+
assert_equal TEXT, decrypt("camellia256-ctr@openssh.org", CAMELLIA256_CTR)
|
391
|
+
end
|
392
|
+
end
|
393
|
+
if_supported?("camellia256-ctr") do
|
394
|
+
def test_camellia256_ctr_for_encryption
|
395
|
+
assert_equal CAMELLIA256_CTR, encrypt("camellia256-ctr")
|
396
|
+
end
|
397
|
+
def test_camellia256_ctr_for_decryption
|
398
|
+
assert_equal TEXT, decrypt("camellia256-ctr", CAMELLIA256_CTR)
|
399
|
+
end
|
400
|
+
end
|
401
|
+
|
174
402
|
def test_none_for_encryption
|
175
403
|
assert_equal TEXT, encrypt("none").strip
|
176
404
|
end
|