net-ssh 4.1.0 → 6.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/.gitignore +5 -0
- data/.rubocop.yml +8 -2
- data/.rubocop_todo.yml +405 -552
- data/.travis.yml +23 -22
- data/CHANGES.txt +112 -1
- data/Gemfile +1 -7
- data/{Gemfile.norbnacl → Gemfile.noed25519} +1 -1
- data/Manifest +4 -5
- data/README.md +287 -0
- data/Rakefile +40 -29
- data/appveyor.yml +12 -6
- data/lib/net/ssh.rb +68 -32
- data/lib/net/ssh/authentication/agent.rb +234 -222
- data/lib/net/ssh/authentication/certificate.rb +175 -164
- data/lib/net/ssh/authentication/constants.rb +17 -14
- data/lib/net/ssh/authentication/ed25519.rb +162 -141
- data/lib/net/ssh/authentication/ed25519_loader.rb +32 -29
- data/lib/net/ssh/authentication/key_manager.rb +40 -9
- data/lib/net/ssh/authentication/methods/abstract.rb +53 -47
- data/lib/net/ssh/authentication/methods/hostbased.rb +32 -33
- data/lib/net/ssh/authentication/methods/keyboard_interactive.rb +1 -1
- data/lib/net/ssh/authentication/methods/none.rb +10 -10
- data/lib/net/ssh/authentication/methods/password.rb +13 -13
- data/lib/net/ssh/authentication/methods/publickey.rb +56 -55
- data/lib/net/ssh/authentication/pageant.rb +468 -465
- data/lib/net/ssh/authentication/pub_key_fingerprint.rb +43 -0
- data/lib/net/ssh/authentication/session.rb +130 -122
- data/lib/net/ssh/buffer.rb +345 -312
- data/lib/net/ssh/buffered_io.rb +163 -163
- data/lib/net/ssh/config.rb +316 -238
- data/lib/net/ssh/connection/channel.rb +670 -650
- data/lib/net/ssh/connection/constants.rb +30 -26
- data/lib/net/ssh/connection/event_loop.rb +108 -105
- data/lib/net/ssh/connection/keepalive.rb +54 -50
- data/lib/net/ssh/connection/session.rb +682 -671
- data/lib/net/ssh/connection/term.rb +180 -176
- data/lib/net/ssh/errors.rb +101 -99
- data/lib/net/ssh/key_factory.rb +195 -108
- data/lib/net/ssh/known_hosts.rb +161 -152
- data/lib/net/ssh/loggable.rb +57 -55
- data/lib/net/ssh/packet.rb +82 -78
- data/lib/net/ssh/prompt.rb +55 -53
- data/lib/net/ssh/proxy/command.rb +104 -89
- data/lib/net/ssh/proxy/errors.rb +12 -8
- data/lib/net/ssh/proxy/http.rb +93 -91
- data/lib/net/ssh/proxy/https.rb +42 -39
- data/lib/net/ssh/proxy/jump.rb +50 -47
- data/lib/net/ssh/proxy/socks4.rb +0 -2
- data/lib/net/ssh/proxy/socks5.rb +11 -12
- data/lib/net/ssh/service/forward.rb +370 -317
- data/lib/net/ssh/test.rb +83 -77
- data/lib/net/ssh/test/channel.rb +146 -142
- data/lib/net/ssh/test/extensions.rb +150 -146
- data/lib/net/ssh/test/kex.rb +35 -31
- data/lib/net/ssh/test/local_packet.rb +48 -44
- data/lib/net/ssh/test/packet.rb +87 -84
- data/lib/net/ssh/test/remote_packet.rb +35 -31
- data/lib/net/ssh/test/script.rb +173 -171
- data/lib/net/ssh/test/socket.rb +59 -55
- data/lib/net/ssh/transport/algorithms.rb +430 -364
- data/lib/net/ssh/transport/cipher_factory.rb +95 -91
- data/lib/net/ssh/transport/constants.rb +33 -25
- data/lib/net/ssh/transport/ctr.rb +33 -11
- data/lib/net/ssh/transport/hmac.rb +15 -13
- data/lib/net/ssh/transport/hmac/abstract.rb +82 -63
- data/lib/net/ssh/transport/hmac/sha2_256.rb +7 -11
- data/lib/net/ssh/transport/hmac/sha2_256_96.rb +4 -8
- data/lib/net/ssh/transport/hmac/sha2_256_etm.rb +12 -0
- data/lib/net/ssh/transport/hmac/sha2_512.rb +6 -9
- data/lib/net/ssh/transport/hmac/sha2_512_96.rb +4 -8
- data/lib/net/ssh/transport/hmac/sha2_512_etm.rb +12 -0
- data/lib/net/ssh/transport/identity_cipher.rb +55 -51
- data/lib/net/ssh/transport/kex.rb +14 -13
- data/lib/net/ssh/transport/kex/abstract.rb +123 -0
- data/lib/net/ssh/transport/kex/abstract5656.rb +72 -0
- data/lib/net/ssh/transport/kex/curve25519_sha256.rb +38 -0
- data/lib/net/ssh/transport/kex/curve25519_sha256_loader.rb +30 -0
- data/lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb +33 -40
- data/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb +112 -217
- data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb +53 -62
- data/lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha256.rb +5 -9
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb +36 -90
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb +18 -10
- data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb +18 -10
- data/lib/net/ssh/transport/key_expander.rb +29 -25
- data/lib/net/ssh/transport/openssl.rb +116 -116
- data/lib/net/ssh/transport/packet_stream.rb +223 -190
- data/lib/net/ssh/transport/server_version.rb +64 -66
- data/lib/net/ssh/transport/session.rb +306 -257
- data/lib/net/ssh/transport/state.rb +198 -196
- data/lib/net/ssh/verifiers/accept_new.rb +35 -0
- data/lib/net/ssh/verifiers/accept_new_or_local_tunnel.rb +34 -0
- data/lib/net/ssh/verifiers/always.rb +56 -0
- data/lib/net/ssh/verifiers/never.rb +21 -0
- data/lib/net/ssh/version.rb +55 -53
- data/net-ssh-public_cert.pem +18 -19
- data/net-ssh.gemspec +12 -11
- data/support/ssh_tunnel_bug.rb +2 -2
- metadata +86 -75
- metadata.gz.sig +0 -0
- data/Gemfile.norbnacl.lock +0 -41
- data/README.rdoc +0 -169
- data/lib/net/ssh/ruby_compat.rb +0 -24
- data/lib/net/ssh/verifiers/lenient.rb +0 -30
- data/lib/net/ssh/verifiers/null.rb +0 -12
- data/lib/net/ssh/verifiers/secure.rb +0 -52
- data/lib/net/ssh/verifiers/strict.rb +0 -24
- data/support/arcfour_check.rb +0 -20
@@ -3,97 +3,101 @@ require 'net/ssh/transport/ctr.rb'
|
|
3
3
|
require 'net/ssh/transport/key_expander'
|
4
4
|
require 'net/ssh/transport/identity_cipher'
|
5
5
|
|
6
|
-
module Net
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
6
|
+
module Net
|
7
|
+
module SSH
|
8
|
+
module Transport
|
9
|
+
|
10
|
+
# Implements a factory of OpenSSL cipher algorithms.
|
11
|
+
class CipherFactory
|
12
|
+
# Maps the SSH name of a cipher to it's corresponding OpenSSL name
|
13
|
+
SSH_TO_OSSL = {
|
14
|
+
"3des-cbc" => "des-ede3-cbc",
|
15
|
+
"blowfish-cbc" => "bf-cbc",
|
16
|
+
"aes256-cbc" => "aes-256-cbc",
|
17
|
+
"aes192-cbc" => "aes-192-cbc",
|
18
|
+
"aes128-cbc" => "aes-128-cbc",
|
19
|
+
"idea-cbc" => "idea-cbc",
|
20
|
+
"cast128-cbc" => "cast-cbc",
|
21
|
+
"rijndael-cbc@lysator.liu.se" => "aes-256-cbc",
|
22
|
+
"3des-ctr" => "des-ede3",
|
23
|
+
"blowfish-ctr" => "bf-ecb",
|
24
|
+
|
25
|
+
'aes256-ctr' => 'aes-256-ctr',
|
26
|
+
'aes192-ctr' => 'aes-192-ctr',
|
27
|
+
'aes128-ctr' => 'aes-128-ctr',
|
28
|
+
'cast128-ctr' => 'cast5-ecb',
|
29
|
+
|
30
|
+
'none' => 'none'
|
31
|
+
}
|
32
|
+
|
33
|
+
# Returns true if the underlying OpenSSL library supports the given cipher,
|
34
|
+
# and false otherwise.
|
35
|
+
def self.supported?(name)
|
36
|
+
ossl_name = SSH_TO_OSSL[name] or raise NotImplementedError, "unimplemented cipher `#{name}'"
|
37
|
+
return true if ossl_name == "none"
|
38
|
+
return OpenSSL::Cipher.ciphers.include?(ossl_name)
|
39
|
+
end
|
40
|
+
|
41
|
+
# Retrieves a new instance of the named algorithm. The new instance
|
42
|
+
# will be initialized using an iv and key generated from the given
|
43
|
+
# iv, key, shared, hash and digester values. Additionally, the
|
44
|
+
# cipher will be put into encryption or decryption mode, based on the
|
45
|
+
# value of the +encrypt+ parameter.
|
46
|
+
def self.get(name, options={})
|
47
|
+
ossl_name = SSH_TO_OSSL[name] or raise NotImplementedError, "unimplemented cipher `#{name}'"
|
48
|
+
return IdentityCipher if ossl_name == "none"
|
49
|
+
cipher = OpenSSL::Cipher.new(ossl_name)
|
50
|
+
|
51
|
+
cipher.send(options[:encrypt] ? :encrypt : :decrypt)
|
52
|
+
|
53
|
+
cipher.padding = 0
|
54
|
+
|
55
|
+
if name =~ /-ctr(@openssh.org)?$/
|
56
|
+
if ossl_name !~ /-ctr/
|
57
|
+
cipher.extend(Net::SSH::Transport::CTR)
|
58
|
+
else
|
59
|
+
cipher = Net::SSH::Transport::OpenSSLAESCTR.new(cipher)
|
60
|
+
end
|
61
|
+
end
|
62
|
+
cipher.iv = Net::SSH::Transport::KeyExpander.expand_key(cipher.iv_len, options[:iv], options)
|
63
|
+
|
64
|
+
key_len = cipher.key_len
|
65
|
+
cipher.key_len = key_len
|
66
|
+
cipher.key = Net::SSH::Transport::KeyExpander.expand_key(key_len, options[:key], options)
|
67
|
+
|
68
|
+
return cipher
|
69
|
+
end
|
70
|
+
|
71
|
+
# Returns a two-element array containing the [ key-length,
|
72
|
+
# block-size ] for the named cipher algorithm. If the cipher
|
73
|
+
# algorithm is unknown, or is "none", 0 is returned for both elements
|
74
|
+
# of the tuple.
|
75
|
+
# if :iv_len option is supplied the third return value will be ivlen
|
76
|
+
def self.get_lengths(name, options = {})
|
77
|
+
ossl_name = SSH_TO_OSSL[name]
|
78
|
+
if ossl_name.nil? || ossl_name == "none"
|
79
|
+
result = [0, 0]
|
80
|
+
result << 0 if options[:iv_len]
|
81
|
+
else
|
82
|
+
cipher = OpenSSL::Cipher.new(ossl_name)
|
83
|
+
key_len = cipher.key_len
|
84
|
+
cipher.key_len = key_len
|
85
|
+
|
86
|
+
block_size =
|
87
|
+
case ossl_name
|
88
|
+
when /\-ctr/
|
89
|
+
Net::SSH::Transport::OpenSSLAESCTR.block_size
|
90
|
+
else
|
91
|
+
cipher.block_size
|
92
|
+
end
|
93
|
+
|
94
|
+
result = [key_len, block_size]
|
95
|
+
result << cipher.iv_len if options[:iv_len]
|
96
|
+
end
|
97
|
+
result
|
98
|
+
end
|
94
99
|
end
|
95
|
-
|
100
|
+
|
96
101
|
end
|
97
102
|
end
|
98
|
-
|
99
|
-
end; end; end
|
103
|
+
end
|
@@ -1,32 +1,40 @@
|
|
1
|
-
module Net
|
2
|
-
module
|
1
|
+
module Net
|
2
|
+
module SSH
|
3
|
+
module Transport
|
4
|
+
module Constants
|
5
|
+
#--
|
6
|
+
# Transport layer generic messages
|
7
|
+
#++
|
3
8
|
|
4
|
-
|
5
|
-
|
6
|
-
|
9
|
+
DISCONNECT = 1
|
10
|
+
IGNORE = 2
|
11
|
+
UNIMPLEMENTED = 3
|
12
|
+
DEBUG = 4
|
13
|
+
SERVICE_REQUEST = 5
|
14
|
+
SERVICE_ACCEPT = 6
|
15
|
+
|
16
|
+
#--
|
17
|
+
# Algorithm negotiation messages
|
18
|
+
#++
|
7
19
|
|
8
|
-
|
9
|
-
|
10
|
-
UNIMPLEMENTED = 3
|
11
|
-
DEBUG = 4
|
12
|
-
SERVICE_REQUEST = 5
|
13
|
-
SERVICE_ACCEPT = 6
|
20
|
+
KEXINIT = 20
|
21
|
+
NEWKEYS = 21
|
14
22
|
|
15
|
-
|
16
|
-
|
17
|
-
|
23
|
+
#--
|
24
|
+
# Key exchange method specific messages
|
25
|
+
#++
|
18
26
|
|
19
|
-
|
20
|
-
|
27
|
+
KEXDH_INIT = 30
|
28
|
+
KEXDH_REPLY = 31
|
21
29
|
|
22
|
-
|
23
|
-
|
24
|
-
#++
|
30
|
+
KEXECDH_INIT = 30
|
31
|
+
KEXECDH_REPLY = 31
|
25
32
|
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
33
|
+
KEXDH_GEX_GROUP = 31
|
34
|
+
KEXDH_GEX_INIT = 32
|
35
|
+
KEXDH_GEX_REPLY = 33
|
36
|
+
KEXDH_GEX_REQUEST = 34
|
37
|
+
end
|
38
|
+
end
|
31
39
|
end
|
32
|
-
end
|
40
|
+
end
|
@@ -1,7 +1,32 @@
|
|
1
1
|
require 'openssl'
|
2
|
+
require 'delegate'
|
2
3
|
|
3
4
|
module Net::SSH::Transport
|
5
|
+
#:nodoc:
|
6
|
+
class OpenSSLAESCTR < SimpleDelegator
|
7
|
+
def initialize(original)
|
8
|
+
super
|
9
|
+
@was_reset = false
|
10
|
+
end
|
11
|
+
|
12
|
+
def block_size
|
13
|
+
16
|
14
|
+
end
|
15
|
+
|
16
|
+
def self.block_size
|
17
|
+
16
|
18
|
+
end
|
19
|
+
|
20
|
+
def reset
|
21
|
+
@was_reset = true
|
22
|
+
end
|
4
23
|
|
24
|
+
def iv=(iv_s)
|
25
|
+
super unless @was_reset
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
#:nodoc:
|
5
30
|
# Pure-Ruby implementation of Stateful Decryption Counter(SDCTR) Mode
|
6
31
|
# for Block Ciphers. See RFC4344 for detail.
|
7
32
|
module CTR
|
@@ -12,7 +37,7 @@ module Net::SSH::Transport
|
|
12
37
|
@counter_len = orig.block_size
|
13
38
|
orig.encrypt
|
14
39
|
orig.padding = 0
|
15
|
-
|
40
|
+
|
16
41
|
singleton_class.send(:alias_method, :_update, :update)
|
17
42
|
singleton_class.send(:private, :_update)
|
18
43
|
singleton_class.send(:undef_method, :update)
|
@@ -50,30 +75,27 @@ module Net::SSH::Transport
|
|
50
75
|
|
51
76
|
encrypted = ""
|
52
77
|
|
53
|
-
|
54
|
-
|
78
|
+
offset = 0
|
79
|
+
while (@remaining.bytesize - offset) >= block_size
|
80
|
+
encrypted += xor!(@remaining.slice(offset, block_size),
|
55
81
|
_update(@counter))
|
56
82
|
increment_counter!
|
83
|
+
offset += block_size
|
57
84
|
end
|
85
|
+
@remaining = @remaining.slice(offset..-1)
|
58
86
|
|
59
87
|
encrypted
|
60
88
|
end
|
61
89
|
|
62
90
|
def final
|
63
|
-
|
64
|
-
s = xor!(@remaining, _update(@counter))
|
65
|
-
else
|
66
|
-
s = ""
|
67
|
-
end
|
68
|
-
|
91
|
+
s = @remaining.empty? ? '' : xor!(@remaining, _update(@counter))
|
69
92
|
@remaining = ""
|
70
|
-
|
71
93
|
s
|
72
94
|
end
|
73
95
|
|
74
96
|
def xor!(s1, s2)
|
75
97
|
s = []
|
76
|
-
s1.unpack('Q*').zip(s2.unpack('Q*')) {|a,b| s.push(a^b) }
|
98
|
+
s1.unpack('Q*').zip(s2.unpack('Q*')) {|a,b| s.push(a ^ b) }
|
77
99
|
s.pack('Q*')
|
78
100
|
end
|
79
101
|
singleton_class.send(:private, :xor!)
|
@@ -7,6 +7,8 @@ require 'net/ssh/transport/hmac/sha2_256'
|
|
7
7
|
require 'net/ssh/transport/hmac/sha2_256_96'
|
8
8
|
require 'net/ssh/transport/hmac/sha2_512'
|
9
9
|
require 'net/ssh/transport/hmac/sha2_512_96'
|
10
|
+
require 'net/ssh/transport/hmac/sha2_256_etm'
|
11
|
+
require 'net/ssh/transport/hmac/sha2_512_etm'
|
10
12
|
require 'net/ssh/transport/hmac/ripemd160'
|
11
13
|
require 'net/ssh/transport/hmac/none'
|
12
14
|
|
@@ -15,21 +17,21 @@ require 'net/ssh/transport/hmac/none'
|
|
15
17
|
module Net::SSH::Transport::HMAC
|
16
18
|
# The mapping of SSH hmac algorithms to their implementations
|
17
19
|
MAP = {
|
18
|
-
'hmac-md5'
|
19
|
-
'hmac-md5-96'
|
20
|
-
'hmac-sha1'
|
21
|
-
'hmac-sha1-96'
|
22
|
-
'hmac-
|
23
|
-
'hmac-
|
24
|
-
'
|
20
|
+
'hmac-md5' => MD5,
|
21
|
+
'hmac-md5-96' => MD5_96,
|
22
|
+
'hmac-sha1' => SHA1,
|
23
|
+
'hmac-sha1-96' => SHA1_96,
|
24
|
+
'hmac-sha2-256' => SHA2_256,
|
25
|
+
'hmac-sha2-256-96' => SHA2_256_96,
|
26
|
+
'hmac-sha2-512' => SHA2_512,
|
27
|
+
'hmac-sha2-512-96' => SHA2_512_96,
|
28
|
+
'hmac-sha2-256-etm@openssh.com' => SHA2_256_Etm,
|
29
|
+
'hmac-sha2-512-etm@openssh.com' => SHA2_512_Etm,
|
30
|
+
'hmac-ripemd160' => RIPEMD160,
|
31
|
+
'hmac-ripemd160@openssh.com' => RIPEMD160,
|
32
|
+
'none' => None
|
25
33
|
}
|
26
34
|
|
27
|
-
# add mapping to sha2 hmac algorithms if they're available
|
28
|
-
MAP['hmac-sha2-256'] = SHA2_256 if defined?(::Net::SSH::Transport::HMAC::SHA2_256)
|
29
|
-
MAP['hmac-sha2-256-96'] = SHA2_256_96 if defined?(::Net::SSH::Transport::HMAC::SHA2_256_96)
|
30
|
-
MAP['hmac-sha2-512'] = SHA2_512 if defined?(::Net::SSH::Transport::HMAC::SHA2_512)
|
31
|
-
MAP['hmac-sha2-512-96'] = SHA2_512_96 if defined?(::Net::SSH::Transport::HMAC::SHA2_512_96)
|
32
|
-
|
33
35
|
# Retrieves a new hmac instance of the given SSH type (+name+). If +key+ is
|
34
36
|
# given, the new instance will be initialized with that key.
|
35
37
|
def self.get(name, key="", parameters = {})
|
@@ -1,79 +1,98 @@
|
|
1
1
|
require 'openssl'
|
2
2
|
require 'openssl/digest'
|
3
3
|
|
4
|
-
module Net
|
4
|
+
module Net
|
5
|
+
module SSH
|
6
|
+
module Transport
|
7
|
+
module HMAC
|
5
8
|
|
6
|
-
|
7
|
-
|
9
|
+
# The base class of all OpenSSL-based HMAC algorithm wrappers.
|
10
|
+
class Abstract
|
11
|
+
class <<self
|
12
|
+
def etm(*v)
|
13
|
+
@etm = false if !defined?(@etm)
|
14
|
+
if v.empty?
|
15
|
+
@etm = superclass.etm if @etm.nil? && superclass.respond_to?(:etm)
|
16
|
+
return @etm
|
17
|
+
elsif v.length == 1
|
18
|
+
@etm = v.first
|
19
|
+
else
|
20
|
+
raise ArgumentError, "wrong number of arguments (#{v.length} for 1)"
|
21
|
+
end
|
22
|
+
end
|
8
23
|
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
end
|
24
|
+
def key_length(*v)
|
25
|
+
@key_length = nil if !defined?(@key_length)
|
26
|
+
if v.empty?
|
27
|
+
@key_length = superclass.key_length if @key_length.nil? && superclass.respond_to?(:key_length)
|
28
|
+
return @key_length
|
29
|
+
elsif v.length == 1
|
30
|
+
@key_length = v.first
|
31
|
+
else
|
32
|
+
raise ArgumentError, "wrong number of arguments (#{v.length} for 1)"
|
33
|
+
end
|
34
|
+
end
|
21
35
|
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
36
|
+
def mac_length(*v)
|
37
|
+
@mac_length = nil if !defined?(@mac_length)
|
38
|
+
if v.empty?
|
39
|
+
@mac_length = superclass.mac_length if @mac_length.nil? && superclass.respond_to?(:mac_length)
|
40
|
+
return @mac_length
|
41
|
+
elsif v.length == 1
|
42
|
+
@mac_length = v.first
|
43
|
+
else
|
44
|
+
raise ArgumentError, "wrong number of arguments (#{v.length} for 1)"
|
45
|
+
end
|
46
|
+
end
|
33
47
|
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
48
|
+
def digest_class(*v)
|
49
|
+
@digest_class = nil if !defined?(@digest_class)
|
50
|
+
if v.empty?
|
51
|
+
@digest_class = superclass.digest_class if @digest_class.nil? && superclass.respond_to?(:digest_class)
|
52
|
+
return @digest_class
|
53
|
+
elsif v.length == 1
|
54
|
+
@digest_class = v.first
|
55
|
+
else
|
56
|
+
raise ArgumentError, "wrong number of arguments (#{v.length} for 1)"
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
46
60
|
|
47
|
-
|
48
|
-
|
49
|
-
|
61
|
+
def etm
|
62
|
+
self.class.etm
|
63
|
+
end
|
50
64
|
|
51
|
-
|
52
|
-
|
53
|
-
|
65
|
+
def key_length
|
66
|
+
self.class.key_length
|
67
|
+
end
|
54
68
|
|
55
|
-
|
56
|
-
|
57
|
-
|
69
|
+
def mac_length
|
70
|
+
self.class.mac_length
|
71
|
+
end
|
58
72
|
|
59
|
-
|
60
|
-
|
73
|
+
def digest_class
|
74
|
+
self.class.digest_class
|
75
|
+
end
|
61
76
|
|
62
|
-
|
63
|
-
|
64
|
-
end
|
77
|
+
# The key in use for this instance.
|
78
|
+
attr_reader :key
|
65
79
|
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
@key = value ? value.to_s[0,key_length] : nil
|
70
|
-
end
|
80
|
+
def initialize(key=nil)
|
81
|
+
self.key = key
|
82
|
+
end
|
71
83
|
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
84
|
+
# Sets the key to the given value, truncating it so that it is the correct
|
85
|
+
# length.
|
86
|
+
def key=(value)
|
87
|
+
@key = value ? value.to_s[0,key_length] : nil
|
88
|
+
end
|
76
89
|
|
90
|
+
# Compute the HMAC digest for the given data string.
|
91
|
+
def digest(data)
|
92
|
+
OpenSSL::HMAC.digest(digest_class.new, key, data)[0,mac_length]
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
77
97
|
end
|
78
|
-
|
79
|
-
end; end; end; end
|
98
|
+
end
|