net-ssh 2.4.0 → 2.5.0

data/CHANGELOG.rdoc

@@ -1,4 +1,25 @@
 
+=== 2.5.0 / 24 May 2012
+
+* Implement many algorithms [Ryosuke Yamazaki]
+  * Key Exchange
+     * diffie-hellman-group14-sha1
+     * ecdh-sha2-nistp{256,384,521}
+   * Host Key
+     * ecdsa-sha2-nistp{256,384,521}
+   * Authentication
+     * ecdsa-sha2-nistp{256,384,521}
+   * HMAC
+     * hmac-ripemd160
+   * Cipher:
+     * aes{128,192,256}-ctr
+     * camellia{128,192,256}-ctr
+     * blowfish-ctr
+     * cast128-ctr
+     * 3des-ctr
+     * arcfour (has problems with weak keys, and should be used with caution)
+     * camellia{128,192,256}-cbc
+
 === 2.4.0 / 17 May 2012
 
 * Support for JRuby + Pageant + Windows [arturaz]

data/Manifest

@@ -47,11 +47,13 @@ lib/net/ssh/test/socket.rb
 lib/net/ssh/transport/algorithms.rb
 lib/net/ssh/transport/cipher_factory.rb
 lib/net/ssh/transport/constants.rb
+lib/net/ssh/transport/ctr.rb
 lib/net/ssh/transport/hmac.rb
 lib/net/ssh/transport/hmac/abstract.rb
 lib/net/ssh/transport/hmac/md5.rb
 lib/net/ssh/transport/hmac/md5_96.rb
 lib/net/ssh/transport/hmac/none.rb
+lib/net/ssh/transport/hmac/ripemd160.rb
 lib/net/ssh/transport/hmac/sha1.rb
 lib/net/ssh/transport/hmac/sha1_96.rb
 lib/net/ssh/transport/hmac/sha2_256.rb
@@ -62,8 +64,12 @@ lib/net/ssh/transport/identity_cipher.rb
 lib/net/ssh/transport/key_expander.rb
 lib/net/ssh/transport/kex.rb
 lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb
+lib/net/ssh/transport/kex/diffie_hellman_group14_sha1.rb
 lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha1.rb
 lib/net/ssh/transport/kex/diffie_hellman_group_exchange_sha256.rb
+lib/net/ssh/transport/kex/ecdh_sha2_nistp256.rb
+lib/net/ssh/transport/kex/ecdh_sha2_nistp384.rb
+lib/net/ssh/transport/kex/ecdh_sha2_nistp521.rb
 lib/net/ssh/transport/openssl.rb
 lib/net/ssh/transport/packet_stream.rb
 lib/net/ssh/transport/server_version.rb
@@ -102,6 +108,7 @@ test/test_key_factory.rb
 test/transport/hmac/test_md5.rb
 test/transport/hmac/test_md5_96.rb
 test/transport/hmac/test_none.rb
+test/transport/hmac/test_ripemd160.rb
 test/transport/hmac/test_sha1.rb
 test/transport/hmac/test_sha1_96.rb
 test/transport/hmac/test_sha2_256.rb
@@ -109,8 +116,12 @@ test/transport/hmac/test_sha2_256_96.rb
 test/transport/hmac/test_sha2_512.rb
 test/transport/hmac/test_sha2_512_96.rb
 test/transport/kex/test_diffie_hellman_group1_sha1.rb
+test/transport/kex/test_diffie_hellman_group14_sha1.rb
 test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb
 test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb
+test/transport/kex/test_ecdh_sha2_nistp256.rb
+test/transport/kex/test_ecdh_sha2_nistp384.rb
+test/transport/kex/test_ecdh_sha2_nistp521.rb
 test/transport/test_algorithms.rb
 test/transport/test_cipher_factory.rb
 test/transport/test_hmac.rb

data/lib/net/ssh/authentication/key_manager.rb

@@ -222,7 +222,7 @@ module Net
                 identity
               end
 
-            rescue OpenSSL::PKey::RSAError, OpenSSL::PKey::DSAError => e
+            rescue OpenSSL::PKey::RSAError, OpenSSL::PKey::DSAError, OpenSSL::PKey::ECError => e
               if ask_passphrase
                 process_identity_loading_error(identity, e)
                 nil

data/lib/net/ssh/authentication/session.rb

@@ -128,13 +128,21 @@ module Net; module SSH; module Authentication
 
     private
 
+      # Returns an array of paths to the key files usually defined
+      # by system default.
+      def default_keys
+        if defined?(OpenSSL::PKey::EC)
+          %w(~/.ssh/id_dsa ~/.ssh/id_rsa ~/.ssh/id_ecdsa
+	     ~/.ssh2/id_dsa ~/.ssh2/id_rsa ~/.ssh2/id_ecdsa)
+        else
+          %w(~/.ssh/id_dsa ~/.ssh/id_rsa ~/.ssh2/id_dsa ~/.ssh2/id_rsa)
+        end
+      end
+
       # Returns an array of paths to the key files that should be used when
       # attempting any key-based authentication mechanism.
       def keys
-        Array(
-          options[:keys] ||
-          %w(~/.ssh/id_dsa ~/.ssh/id_rsa ~/.ssh2/id_dsa ~/.ssh2/id_rsa)
-        )
+        Array(options[:keys] || default_keys)
       end
 
       # Returns an array of the key data that should be used when

data/lib/net/ssh/buffer.rb

@@ -240,7 +240,7 @@ module Net; module SSH
     end
 
     # Read a keyblob of the given type from the buffer, and return it as
-    # a key. Only RSA and DSA keys are supported.
+    # a key. Only RSA, DSA, and ECDSA keys are supported.
     def read_keyblob(type)
       case type
         when "ssh-dss"
@@ -255,6 +255,16 @@ module Net; module SSH
           key.e = read_bignum
           key.n = read_bignum
 
+        when /^ecdsa\-sha2\-(\w*)$/
+          unless defined?(OpenSSL::PKey::EC)
+            raise NotImplementedError, "unsupported key type `#{type}'"
+          else
+            begin
+              key = OpenSSL::PKey::EC.read_keyblob($1, self)
+            rescue OpenSSL::PKey::ECError => e
+              raise NotImplementedError, "unsupported key type `#{type}'"
+            end
+          end
         else
           raise NotImplementedError, "unsupported key type `#{type}'"
       end
@@ -337,4 +347,4 @@ module Net; module SSH
       self
     end
   end
-end; end;
+end; end;

data/lib/net/ssh/key_factory.rb

@@ -17,8 +17,11 @@ module Net; module SSH
     MAP = {
       "dh"  => OpenSSL::PKey::DH,
       "rsa" => OpenSSL::PKey::RSA,
-      "dsa" => OpenSSL::PKey::DSA
+      "dsa" => OpenSSL::PKey::DSA,
     }
+    if defined?(OpenSSL::PKey::EC)
+      MAP["ecdsa"] = OpenSSL::PKey::EC
+    end
 
     class <<self
       include Prompt
@@ -49,6 +52,8 @@ module Net; module SSH
           key_type = OpenSSL::PKey::DSA
         elsif data.match(/-----BEGIN RSA PRIVATE KEY-----/)
           key_type = OpenSSL::PKey::RSA
+	elsif data.match(/-----BEGIN EC PRIVATE KEY-----/) && defined?(OpenSSL::PKey::EC)
+          key_type = OpenSSL::PKey::EC
         elsif data.match(/-----BEGIN (.*) PRIVATE KEY-----/)
           raise OpenSSL::PKey::PKeyError, "not a supported key type '#{$1}'"
         else
@@ -60,7 +65,7 @@ module Net; module SSH
 
         begin
           return key_type.new(data, passphrase || 'invalid')
-        rescue OpenSSL::PKey::RSAError, OpenSSL::PKey::DSAError => e
+        rescue OpenSSL::PKey::RSAError, OpenSSL::PKey::DSAError, OpenSSL::PKey::ECError => e
           if encrypted_key && ask_passphrase
             tries += 1
             if tries <= 3

data/lib/net/ssh/known_hosts.rb

@@ -11,6 +11,16 @@ module Net; module SSH
   # by consumers of the library.
   class KnownHosts
     class <<self
+
+      if defined?(OpenSSL::PKey::EC)
+        SUPPORTED_TYPE = %w(ssh-rsa ssh-dss
+                            ecdsa-sha2-nistp256
+                            ecdsa-sha2-nistp384
+                            ecdsa-sha2-nistp521)
+      else
+        SUPPORTED_TYPE = %w(ssh-rsa ssh-dss)
+      end
+
       # Searches all known host files (see KnownHosts.hostfiles) for all keys
       # of the given host. Returns an array of keys found.
       def search_for(host, options={})
@@ -104,7 +114,7 @@ module Net; module SSH
           scanner.skip(/\s*/)
           type = scanner.scan(/\S+/)
 
-          next unless %w(ssh-rsa ssh-dss).include?(type)
+          next unless SUPPORTED_TYPE.include?(type)
 
           scanner.skip(/\s*/)
           blob = scanner.rest.unpack("m*").first
@@ -126,4 +136,4 @@ module Net; module SSH
     end
 
   end
-end; end
+end; end

data/lib/net/ssh/ruby_compat.rb

@@ -5,6 +5,14 @@ class String
     def getbyte(index)
       self[index]
     end
+    def setbyte(index, c)
+      self[index] = c
+    end
+  end
+  if RUBY_VERSION < "1.8.7"
+    def bytesize
+      self.size
+    end
   end
 end
 

data/lib/net/ssh/transport/algorithms.rb

@@ -25,16 +25,37 @@ module Net; module SSH; module Transport
       :host_key    => %w(ssh-rsa ssh-dss),
       :kex         => %w(diffie-hellman-group-exchange-sha1
                          diffie-hellman-group1-sha1
+                         diffie-hellman-group14-sha1
                          diffie-hellman-group-exchange-sha256),
       :encryption  => %w(aes128-cbc 3des-cbc blowfish-cbc cast128-cbc
                          aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se
-                         idea-cbc none arcfour128 arcfour256),
+                         idea-cbc none arcfour128 arcfour256 arcfour
+                         aes128-ctr aes192-ctr aes256-ctr
+                         camellia128-cbc camellia192-cbc camellia256-cbc
+                         camellia128-cbc@openssh.org
+                         camellia192-cbc@openssh.org
+                         camellia256-cbc@openssh.org
+                         camellia128-ctr camellia192-ctr camellia256-ctr
+                         camellia128-ctr@openssh.org
+                         camellia192-ctr@openssh.org
+                         camellia256-ctr@openssh.org
+                         cast128-ctr blowfish-ctr 3des-ctr
+                        ),
       :hmac        => %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96
+                         hmac-ripemd160 hmac-ripemd160@openssh.com
                          hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96
                          hmac-sha2-512-96 none),
       :compression => %w(none zlib@openssh.com zlib),
       :language    => %w() 
     }
+    if defined?(OpenSSL::PKey::EC)
+      ALGORITHMS[:host_key] += %w(ecdsa-sha2-nistp256
+                                  ecdsa-sha2-nistp384
+                                  ecdsa-sha2-nistp521)
+      ALGORITHMS[:kex] += %w(ecdh-sha2-nistp256
+                             ecdh-sha2-nistp384
+                             ecdh-sha2-nistp521)
+    end
 
     # The underlying transport layer session that supports this object
     attr_reader :session

data/lib/net/ssh/transport/cipher_factory.rb

@@ -1,4 +1,5 @@
 require 'openssl'
+require 'net/ssh/transport/ctr.rb'
 require 'net/ssh/transport/key_expander'
 require 'net/ssh/transport/identity_cipher'
 
@@ -19,9 +20,30 @@ module Net; module SSH; module Transport
       "arcfour128"                  => "rc4",
       "arcfour256"                  => "rc4",
       "arcfour512"                  => "rc4",
-      "none"                        => "none"
+      "arcfour"                     => "rc4",
+      "camellia128-cbc"             => "camellia-128-cbc",
+      "camellia192-cbc"             => "camellia-192-cbc",
+      "camellia256-cbc"             => "camellia-256-cbc",
+      "camellia128-cbc@openssh.org" => "camellia-128-cbc",
+      "camellia192-cbc@openssh.org" => "camellia-192-cbc",
+      "camellia256-cbc@openssh.org" => "camellia-256-cbc",
+
+      "3des-ctr"                    => "des-ede3",
+      "blowfish-ctr"                => "bf-ecb",
+      "aes256-ctr"                  => "aes-256-ecb",
+      "aes192-ctr"                  => "aes-192-ecb",
+      "aes128-ctr"                  => "aes-128-ecb",
+      "cast128-ctr"                 => "cast5-ecb",
+      "camellia128-ctr"             => "camellia-128-ecb",
+      "camellia192-ctr"             => "camellia-192-ecb",
+      "camellia256-ctr"             => "camellia-256-ecb",
+      "camellia128-ctr@openssh.org" => "camellia-128-ecb",
+      "camellia192-ctr@openssh.org" => "camellia-192-ecb",
+      "camellia256-ctr@openssh.org" => "camellia-256-ecb",
+
+      "none"                        => "none",
     }
-    
+
     # Ruby's OpenSSL bindings always return a key length of 16 for RC4 ciphers
     # resulting in the error: OpenSSL::CipherError: key length too short. 
     # The following ciphers will override this key length. 
@@ -29,7 +51,8 @@ module Net; module SSH; module Transport
       "arcfour256"                  => 32,
       "arcfour512"                  => 64
     }
-    
+
+
     # Returns true if the underlying OpenSSL library supports the given cipher,
     # and false otherwise.
     def self.supported?(name)
@@ -46,16 +69,20 @@ module Net; module SSH; module Transport
     def self.get(name, options={})
       ossl_name = SSH_TO_OSSL[name] or raise NotImplementedError, "unimplemented cipher `#{name}'"
       return IdentityCipher if ossl_name == "none"
-
       cipher = OpenSSL::Cipher::Cipher.new(ossl_name)
+
       cipher.send(options[:encrypt] ? :encrypt : :decrypt)
 
       cipher.padding = 0
+
+      cipher.extend(Net::SSH::Transport::CTR) if (name =~ /-ctr(@openssh.org)?$/)
+
       cipher.iv      = Net::SSH::Transport::KeyExpander.expand_key(cipher.iv_len, options[:iv], options) if ossl_name != "rc4"
+
       key_len = KEY_LEN_OVERRIDE[name] || cipher.key_len
       cipher.key_len = key_len
       cipher.key     = Net::SSH::Transport::KeyExpander.expand_key(key_len, options[:key], options)
-      cipher.update(" " * 1536) if ossl_name == "rc4"
+      cipher.update(" " * 1536) if (ossl_name == "rc4" && name != "arcfour")
 
       return cipher
     end

data/lib/net/ssh/transport/constants.rb

@@ -26,5 +26,7 @@ module Net; module SSH; module Transport
     KEXDH_INIT                = 30
     KEXDH_REPLY               = 31
 
+    KEXECDH_INIT              = 30
+    KEXECDH_REPLY             = 31
   end
-end; end; end
+end; end; end

data/lib/net/ssh/transport/ctr.rb

@@ -0,0 +1,95 @@
+require 'openssl'
+
+module Net::SSH::Transport
+
+  # Pure-Ruby implementation of Stateful Decryption Counter(SDCTR) Mode
+  # for Block Ciphers. See RFC4344 for detail.
+  module CTR
+    def self.extended(orig)
+      orig.instance_eval {
+        @remaining = ""
+        @counter = nil
+        @counter_len = orig.block_size
+        orig.encrypt
+        orig.padding = 0
+      }
+
+      class <<orig
+        alias :_update :update
+        private :_update
+        undef :update
+
+        def iv
+          @counter
+        end
+
+        def iv_len
+          block_size
+        end
+
+        def iv=(iv_s)
+          @counter = iv_s if @counter.nil?
+        end
+
+        def encrypt
+          # DO NOTHING (always set to "encrypt")
+        end
+
+        def decrypt
+          # DO NOTHING (always set to "encrypt")
+        end
+
+        def padding=(pad)
+          # DO NOTHING (always 0)
+        end
+
+        def reset
+          @remaining = ""
+        end
+
+        def update(data)
+          @remaining += data
+
+          encrypted = ""
+
+          while @remaining.bytesize >= block_size
+            encrypted += xor!(@remaining.slice!(0, block_size),
+                              _update(@counter))
+            increment_counter!
+          end
+
+          encrypted
+        end
+
+        def final
+          unless @remaining.empty?
+            s = xor!(@remaining, _update(@counter))
+          else
+            s = ""
+          end
+
+          @remaining = ""
+
+          s
+        end
+
+        private
+
+        def xor!(s1, s2)
+          s = []
+          s1.unpack('Q*').zip(s2.unpack('Q*')) {|a,b| s.push(a^b) }
+          s.pack('Q*')
+        end
+
+        def increment_counter!
+          c = @counter_len
+          while ((c -= 1) > 0)
+            if @counter.setbyte(c, (@counter.getbyte(c) + 1) & 0xff) != 0
+              break
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/net/ssh/transport/hmac.rb

@@ -7,6 +7,7 @@ require 'net/ssh/transport/hmac/sha2_256'
 require 'net/ssh/transport/hmac/sha2_256_96'
 require 'net/ssh/transport/hmac/sha2_512'
 require 'net/ssh/transport/hmac/sha2_512_96'
+require 'net/ssh/transport/hmac/ripemd160'
 require 'net/ssh/transport/hmac/none'
 
 # Implements a simple factory interface for fetching hmac implementations, or
@@ -14,11 +15,13 @@ require 'net/ssh/transport/hmac/none'
 module Net::SSH::Transport::HMAC
   # The mapping of SSH hmac algorithms to their implementations
   MAP = {
-    'hmac-md5'     => MD5,
-    'hmac-md5-96'  => MD5_96,
-    'hmac-sha1'    => SHA1,
-    'hmac-sha1-96' => SHA1_96,
-    'none'         => None
+    'hmac-md5'       => MD5,
+    'hmac-md5-96'    => MD5_96,
+    'hmac-sha1'      => SHA1,
+    'hmac-sha1-96'   => SHA1_96,
+    'hmac-ripemd160' => RIPEMD160,
+    'hmac-ripemd160@openssh.com' => RIPEMD160,
+    'none'           => None
   }
 
   # add mapping to sha2 hmac algorithms if they're available