net-ssh 4.2.0 → 7.0.1

data/lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb

@@ -1,13 +1,21 @@
-module Net; module SSH; module Transport; module Kex
+require 'net/ssh/transport/kex/ecdh_sha2_nistp256'
 
-  # A key-exchange service implementing the "ecdh-sha2-nistp521"
-  # key-exchange algorithm. (defined in RFC 5656)
-  class EcdhSHA2NistP521 < EcdhSHA2NistP256
-    def digester
-      OpenSSL::Digest::SHA512
-    end
-    def curve_name
-      OpenSSL::PKey::EC::CurveNameAlias['nistp521']
+module Net
+  module SSH
+    module Transport
+      module Kex
+        # A key-exchange service implementing the "ecdh-sha2-nistp521"
+        # key-exchange algorithm. (defined in RFC 5656)
+        class EcdhSHA2NistP521 < EcdhSHA2NistP256
+          def digester
+            OpenSSL::Digest::SHA512
+          end
+
+          def curve_name
+            OpenSSL::PKey::EC::CurveNameAlias['nistp521']
+          end
+        end
+      end
     end
   end
-end; end; end; end
+end

data/lib/net/ssh/transport/kex.rb

@@ -1,28 +1,31 @@
 require 'net/ssh/transport/kex/diffie_hellman_group1_sha1'
 require 'net/ssh/transport/kex/diffie_hellman_group14_sha1'
+require 'net/ssh/transport/kex/diffie_hellman_group14_sha256'
 require 'net/ssh/transport/kex/diffie_hellman_group_exchange_sha1'
 require 'net/ssh/transport/kex/diffie_hellman_group_exchange_sha256'
+require 'net/ssh/transport/kex/ecdh_sha2_nistp256'
+require 'net/ssh/transport/kex/ecdh_sha2_nistp384'
+require 'net/ssh/transport/kex/ecdh_sha2_nistp521'
+require 'net/ssh/transport/kex/curve25519_sha256_loader'
 
 module Net::SSH::Transport
   module Kex
     # Maps the supported key-exchange algorithms as named by the SSH protocol
     # to their corresponding implementors.
     MAP = {
+      'diffie-hellman-group1-sha1' => DiffieHellmanGroup1SHA1,
+      'diffie-hellman-group14-sha1' => DiffieHellmanGroup14SHA1,
+      'diffie-hellman-group14-sha256' => DiffieHellmanGroup14SHA256,
       'diffie-hellman-group-exchange-sha1' => DiffieHellmanGroupExchangeSHA1,
-      'diffie-hellman-group1-sha1'         => DiffieHellmanGroup1SHA1,
-      'diffie-hellman-group14-sha1'        => DiffieHellmanGroup14SHA1,
+      'diffie-hellman-group-exchange-sha256' => DiffieHellmanGroupExchangeSHA256,
+      'ecdh-sha2-nistp256' => EcdhSHA2NistP256,
+      'ecdh-sha2-nistp384' => EcdhSHA2NistP384,
+      'ecdh-sha2-nistp521' => EcdhSHA2NistP521
     }
-    if defined?(DiffieHellmanGroupExchangeSHA256)
-      MAP['diffie-hellman-group-exchange-sha256'] = DiffieHellmanGroupExchangeSHA256
-    end
-    if defined?(OpenSSL::PKey::EC)
-      require 'net/ssh/transport/kex/ecdh_sha2_nistp256'
-      require 'net/ssh/transport/kex/ecdh_sha2_nistp384'
-      require 'net/ssh/transport/kex/ecdh_sha2_nistp521'
 
-      MAP['ecdh-sha2-nistp256'] = EcdhSHA2NistP256
-      MAP['ecdh-sha2-nistp384'] = EcdhSHA2NistP384
-      MAP['ecdh-sha2-nistp521'] = EcdhSHA2NistP521
+    if Net::SSH::Transport::Kex::Curve25519Sha256Loader::LOADED
+      MAP['curve25519-sha256'] = Curve25519Sha256
+      MAP['curve25519-sha256@libssh.org'] = Curve25519Sha256
     end
   end
 end

data/lib/net/ssh/transport/key_expander.rb

@@ -1,27 +1,30 @@
-module Net; module SSH; module Transport
-  module KeyExpander
+module Net
+  module SSH
+    module Transport
+      module KeyExpander
+        # Generate a key value in accordance with the SSH2 specification.
+        # (RFC4253 7.2. "Output from Key Exchange")
+        def self.expand_key(bytes, start, options = {})
+          if bytes == 0
+            return ""
+          end
 
-  # Generate a key value in accordance with the SSH2 specification.
-  # (RFC4253 7.2. "Output from Key Exchange")
-  def self.expand_key(bytes, start, options={})
-    if bytes == 0
-      return ""
-    end
+          k = start[0, bytes]
+          return k if k.length >= bytes
 
-    k = start[0, bytes]
-    return k if k.length >= bytes
+          digester = options[:digester] or raise 'No digester supplied'
+          shared   = options[:shared] or raise 'No shared secret supplied'
+          hash     = options[:hash] or raise 'No hash supplied'
 
-    digester = options[:digester] or raise 'No digester supplied'
-    shared   = options[:shared] or raise 'No shared secret supplied'
-    hash     = options[:hash] or raise 'No hash supplied'
+          while k.length < bytes
+            step = digester.digest(shared + hash + k)
+            bytes_needed = bytes - k.length
+            k << step[0, bytes_needed]
+          end
 
-    while k.length < bytes
-      step = digester.digest(shared + hash + k)
-      bytes_needed = bytes - k.length
-      k << step[0, bytes_needed]
+          return k
+        end
+      end
     end
-
-    return k
-  end
   end
-end; end; end
+end

data/lib/net/ssh/transport/openssl.rb

@@ -1,13 +1,11 @@
-# -*- coding: utf-8 -*-
 require 'openssl'
+require 'net/ssh/authentication/pub_key_fingerprint'
 
 module OpenSSL
-
   # This class is originally defined in the OpenSSL module. As needed, methods
   # have been added to it by the Net::SSH module for convenience in dealing with
   # SSH functionality.
   class BN
-
     # Converts a BN object to a string. The format used is that which is
     # required by the SSH2 protocol.
     def to_ssh
@@ -16,53 +14,45 @@ module OpenSSL
       else
         buf = to_s(2)
         if buf.getbyte(0)[7] == 1
-          return [buf.length+1, 0, buf].pack("NCA*")
+          return [buf.length + 1, 0, buf].pack("NCA*")
         else
           return [buf.length, buf].pack("NA*")
         end
       end
     end
-
   end
 
   module PKey
-
     class PKey
-      def fingerprint
-        @fingerprint ||= OpenSSL::Digest::MD5.hexdigest(to_blob).scan(/../).join(":")
-      end
+      include Net::SSH::Authentication::PubKeyFingerprint
     end
 
     # This class is originally defined in the OpenSSL module. As needed, methods
     # have been added to it by the Net::SSH module for convenience in dealing
     # with SSH functionality.
     class DH
-
       # Determines whether the pub_key for this key is valid. (This algorithm
       # lifted more-or-less directly from OpenSSH, dh.c, dh_pub_is_valid.)
       def valid?
         return false if pub_key.nil? || pub_key < 0
+
         bits_set = 0
         pub_key.num_bits.times { |i| bits_set += 1 if pub_key.bit_set?(i) }
-        return ( bits_set > 1 && pub_key < p )
+        return (bits_set > 1 && pub_key < p)
       end
-
     end
 
     # This class is originally defined in the OpenSSL module. As needed, methods
     # have been added to it by the Net::SSH module for convenience in dealing
     # with SSH functionality.
     class RSA
-
       # Returns "ssh-rsa", which is the description of this key type used by the
       # SSH2 protocol.
       def ssh_type
         "ssh-rsa"
       end
 
-      def ssh_signature_type
-        ssh_type
-      end
+      alias ssh_signature_type ssh_type
 
       # Converts the key to a blob, according to the SSH2 protocol.
       def to_blob
@@ -70,13 +60,30 @@ module OpenSSL
       end
 
       # Verifies the given signature matches the given data.
-      def ssh_do_verify(sig, data)
-        verify(OpenSSL::Digest::SHA1.new, sig, data)
+      def ssh_do_verify(sig, data, options = {})
+        digester =
+          if options[:host_key] == "rsa-sha2-512"
+            OpenSSL::Digest::SHA512.new
+          elsif options[:host_key] == "rsa-sha2-256"
+            OpenSSL::Digest::SHA256.new
+          else
+            OpenSSL::Digest::SHA1.new
+          end
+
+        verify(digester, sig, data)
       end
 
       # Returns the signature for the given data.
-      def ssh_do_sign(data)
-        sign(OpenSSL::Digest::SHA1.new, data)
+      def ssh_do_sign(data, sig_alg = nil)
+        digester =
+          if sig_alg == "rsa-sha2-512"
+            OpenSSL::Digest::SHA512.new
+          elsif sig_alg == "rsa-sha2-256"
+            OpenSSL::Digest::SHA256.new
+          else
+            OpenSSL::Digest::SHA1.new
+          end
+        sign(digester, data)
       end
     end
 
@@ -84,166 +91,184 @@ module OpenSSL
     # have been added to it by the Net::SSH module for convenience in dealing
     # with SSH functionality.
     class DSA
-
       # Returns "ssh-dss", which is the description of this key type used by the
       # SSH2 protocol.
       def ssh_type
         "ssh-dss"
       end
 
-      def ssh_signature_type
-        ssh_type
-      end
+      alias ssh_signature_type ssh_type
 
       # Converts the key to a blob, according to the SSH2 protocol.
       def to_blob
         @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
-          :bignum, p, :bignum, q, :bignum, g, :bignum, pub_key).to_s
+                                        :bignum, p, :bignum, q, :bignum, g, :bignum, pub_key).to_s
       end
 
       # Verifies the given signature matches the given data.
-      def ssh_do_verify(sig, data)
-        sig_r = sig[0,20].unpack("H*")[0].to_i(16)
-        sig_s = sig[20,20].unpack("H*")[0].to_i(16)
+      def ssh_do_verify(sig, data, options = {})
+        sig_r = sig[0, 20].unpack("H*")[0].to_i(16)
+        sig_s = sig[20, 20].unpack("H*")[0].to_i(16)
         a1sig = OpenSSL::ASN1::Sequence([
-           OpenSSL::ASN1::Integer(sig_r),
-           OpenSSL::ASN1::Integer(sig_s)
-        ])
-        return verify(OpenSSL::Digest::DSS1.new, a1sig.to_der, data)
+                                          OpenSSL::ASN1::Integer(sig_r),
+                                          OpenSSL::ASN1::Integer(sig_s)
+                                        ])
+        return verify(OpenSSL::Digest::SHA1.new, a1sig.to_der, data)
       end
 
       # Signs the given data.
-      def ssh_do_sign(data)
-        sig = sign( OpenSSL::Digest::DSS1.new, data)
-        a1sig = OpenSSL::ASN1.decode( sig )
+      def ssh_do_sign(data, sig_alg = nil)
+        sig = sign(OpenSSL::Digest::SHA1.new, data)
+        a1sig = OpenSSL::ASN1.decode(sig)
 
         sig_r = a1sig.value[0].value.to_s(2)
         sig_s = a1sig.value[1].value.to_s(2)
 
-        if sig_r.length > 20 || sig_s.length > 20
-          raise OpenSSL::PKey::DSAError, "bad sig size"
-        end
+        sig_size = params["q"].num_bits / 8
+        raise OpenSSL::PKey::DSAError, "bad sig size" if sig_r.length > sig_size || sig_s.length > sig_size
 
-        sig_r = "\0" * ( 20 - sig_r.length ) + sig_r if sig_r.length < 20
-        sig_s = "\0" * ( 20 - sig_s.length ) + sig_s if sig_s.length < 20
+        sig_r = "\0" * (20 - sig_r.length) + sig_r if sig_r.length < 20
+        sig_s = "\0" * (20 - sig_s.length) + sig_s if sig_s.length < 20
 
         return sig_r + sig_s
       end
     end
 
-    if defined?(OpenSSL::PKey::EC)
-      # This class is originally defined in the OpenSSL module. As needed, methods
-      # have been added to it by the Net::SSH module for convenience in dealing
-      # with SSH functionality.
-      class EC
-        CurveNameAlias = {
-          "nistp256" => "prime256v1",
-          "nistp384" => "secp384r1",
-          "nistp521" => "secp521r1",
-        }
-
-        CurveNameAliasInv = {
-          "prime256v1" => "nistp256",
-          "secp384r1" => "nistp384",
-          "secp521r1" => "nistp521",
-        }
-
-        def self.read_keyblob(curve_name_in_type, buffer)
-          curve_name_in_key = buffer.read_string
-          unless curve_name_in_type == curve_name_in_key
-            raise Net::SSH::Exception, "curve name mismatched (`#{curve_name_in_key}' with `#{curve_name_in_type}')"
-          end
-          public_key_oct = buffer.read_string
-          begin
-            key = OpenSSL::PKey::EC.new(OpenSSL::PKey::EC::CurveNameAlias[curve_name_in_key])
-            group = key.group
-            point = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(public_key_oct, 2))
-            key.public_key = point
-
-            return key
-          rescue OpenSSL::PKey::ECError
-            raise NotImplementedError, "unsupported key type `#{type}'"
-          end
-
+    # This class is originally defined in the OpenSSL module. As needed, methods
+    # have been added to it by the Net::SSH module for convenience in dealing
+    # with SSH functionality.
+    class EC
+      CurveNameAlias = {
+        'nistp256' => 'prime256v1',
+        'nistp384' => 'secp384r1',
+        'nistp521' => 'secp521r1'
+      }.freeze
+
+      CurveNameAliasInv = {
+        'prime256v1' => 'nistp256',
+        'secp384r1' => 'nistp384',
+        'secp521r1' => 'nistp521'
+      }.freeze
+
+      def self.read_keyblob(curve_name_in_type, buffer)
+        curve_name_in_key = buffer.read_string
+
+        unless curve_name_in_type == curve_name_in_key
+          raise Net::SSH::Exception, "curve name mismatched (`#{curve_name_in_key}' with `#{curve_name_in_type}')"
         end
 
-        # Returns the description of this key type used by the
-        # SSH2 protocol, like "ecdsa-sha2-nistp256"
-        def ssh_type
-          "ecdsa-sha2-#{CurveNameAliasInv[self.group.curve_name]}"
+        public_key_oct = buffer.read_string
+        begin
+          curvename = OpenSSL::PKey::EC::CurveNameAlias[curve_name_in_key]
+          group = OpenSSL::PKey::EC::Group.new(curvename)
+          point = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(public_key_oct, 2))
+          asn1 = OpenSSL::ASN1::Sequence(
+            [
+              OpenSSL::ASN1::Sequence(
+                [
+                  OpenSSL::ASN1::ObjectId("id-ecPublicKey"),
+                  OpenSSL::ASN1::ObjectId(curvename)
+                ]
+              ),
+              OpenSSL::ASN1::BitString(point.to_octet_string(:uncompressed))
+            ]
+          )
+
+          key = OpenSSL::PKey::EC.new(asn1.to_der)
+
+          return key
+        rescue OpenSSL::PKey::ECError
+          raise NotImplementedError, "unsupported key type `#{type}'"
         end
+      end
 
-        def ssh_signature_type
-          ssh_type
-        end
+      # Returns the description of this key type used by the
+      # SSH2 protocol, like "ecdsa-sha2-nistp256"
+      def ssh_type
+        "ecdsa-sha2-#{CurveNameAliasInv[group.curve_name]}"
+      end
 
-        def digester
-          if self.group.curve_name =~ /^[a-z]+(\d+)\w*\z/
-            curve_size = $1.to_i
-            if curve_size <= 256
-              OpenSSL::Digest::SHA256.new
-            elsif curve_size <= 384
-              OpenSSL::Digest::SHA384.new
-            else
-              OpenSSL::Digest::SHA512.new
-            end
-          else
+      alias ssh_signature_type ssh_type
+
+      def digester
+        if group.curve_name =~ /^[a-z]+(\d+)\w*\z/
+          curve_size = Regexp.last_match(1).to_i
+          if curve_size <= 256
             OpenSSL::Digest::SHA256.new
+          elsif curve_size <= 384
+            OpenSSL::Digest::SHA384.new
+          else
+            OpenSSL::Digest::SHA512.new
           end
+        else
+          OpenSSL::Digest::SHA256.new
         end
-        private :digester
+      end
+      private :digester
 
-        # Converts the key to a blob, according to the SSH2 protocol.
-        def to_blob
-          @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
-                                          :string, CurveNameAliasInv[self.group.curve_name],
-                                          :mstring, self.public_key.to_bn.to_s(2)).to_s
-          @blob
+      # Converts the key to a blob, according to the SSH2 protocol.
+      def to_blob
+        @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
+                                        :string, CurveNameAliasInv[group.curve_name],
+                                        :mstring, public_key.to_bn.to_s(2)).to_s
+        @blob
+      end
+
+      # Verifies the given signature matches the given data.
+      def ssh_do_verify(sig, data, options = {})
+        digest = digester.digest(data)
+        a1sig = nil
+
+        begin
+          sig_r_len = sig[0, 4].unpack('H*')[0].to_i(16)
+          sig_l_len = sig[4 + sig_r_len, 4].unpack('H*')[0].to_i(16)
+
+          sig_r = sig[4, sig_r_len].unpack('H*')[0]
+          sig_s = sig[4 + sig_r_len + 4, sig_l_len].unpack('H*')[0]
+
+          a1sig = OpenSSL::ASN1::Sequence([
+                                            OpenSSL::ASN1::Integer(sig_r.to_i(16)),
+                                            OpenSSL::ASN1::Integer(sig_s.to_i(16))
+                                          ])
+        rescue StandardError
         end
 
-        # Verifies the given signature matches the given data.
-        def ssh_do_verify(sig, data)
-          digest = digester.digest(data)
-          a1sig = nil
+        if a1sig.nil?
+          return false
+        else
+          dsa_verify_asn1(digest, a1sig.to_der)
+        end
+      end
 
-          begin
-            sig_r_len = sig[0,4].unpack("H*")[0].to_i(16)
-            sig_l_len = sig[4+sig_r_len,4].unpack("H*")[0].to_i(16)
+      # Returns the signature for the given data.
+      def ssh_do_sign(data, sig_alg = nil)
+        digest = digester.digest(data)
+        sig = dsa_sign_asn1(digest)
+        a1sig = OpenSSL::ASN1.decode(sig)
 
-            sig_r = sig[4,sig_r_len].unpack("H*")[0]
-            sig_s = sig[4+sig_r_len+4,sig_l_len].unpack("H*")[0]
+        sig_r = a1sig.value[0].value
+        sig_s = a1sig.value[1].value
 
-            a1sig = OpenSSL::ASN1::Sequence([
-              OpenSSL::ASN1::Integer(sig_r.to_i(16)),
-              OpenSSL::ASN1::Integer(sig_s.to_i(16)),
-            ])
-          rescue
-          end
+        Net::SSH::Buffer.from(:bignum, sig_r, :bignum, sig_s).to_s
+      end
 
-          if a1sig == nil
-            return false
-          else
-            dsa_verify_asn1(digest, a1sig.to_der)
-          end
+      class Point
+        # Returns the description of this key type used by the
+        # SSH2 protocol, like "ecdsa-sha2-nistp256"
+        def ssh_type
+          "ecdsa-sha2-#{CurveNameAliasInv[group.curve_name]}"
         end
 
-        # Returns the signature for the given data.
-        def ssh_do_sign(data)
-          digest = digester.digest(data)
-          sig = dsa_sign_asn1(digest)
-          a1sig = OpenSSL::ASN1.decode( sig )
+        alias ssh_signature_type ssh_type
 
-          sig_r = a1sig.value[0].value
-          sig_s = a1sig.value[1].value
-
-          return Net::SSH::Buffer.from(:bignum, sig_r, :bignum, sig_s).to_s
+        # Converts the key to a blob, according to the SSH2 protocol.
+        def to_blob
+          @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
+                                          :string, CurveNameAliasInv[group.curve_name],
+                                          :mstring, to_bn.to_s(2)).to_s
+          @blob
         end
       end
-    else
-      class OpenSSL::PKey::ECError < RuntimeError
-        # for compatibility with interpreters
-        # without EC support (i.e. JRuby)
-      end
     end
   end
 end