openssl-additions 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cee035df22bf1142e50e33aae37f15ccebdaa7324641295983a36c5945c25766
-  data.tar.gz: 2728021c6285d895d92dcbc66f0b25ae4367f4ea932471e717cd16318af99aa9
+  metadata.gz: e579a780c0c156cf7e9921d632043963b784ba0fdf5c01ebd877e6ab4f49d4f4
+  data.tar.gz: b984f65aabc9d6715cb1e9a86b4f8cb18f670990b360bf1f80d7a2ec6b767a71
 SHA512:
-  metadata.gz: d68d3fe7843d3fde287d2e8337ab3e737b94389893418765c2a0b7c7b24a394b2c0c7ee58c1ff6b3ee788b63b91cadaa9ba1f97fe804a6bc4c3828f809ffa3ac
-  data.tar.gz: 21d4b75aedb2bb6eb5ca024857c3c75a1ab4b38c8ace6deb867f826e0798e2ffd4e905cb6632f150b7367b8aec4f7b59ce738672e9e2b38561be0754b4a1915a
+  metadata.gz: 8beaadc77e7a316a32d019c06653122f25c309eced92f2908e2c58a738bdc77d5b91d66659e2ff7e421bf50503cd7027afe35e10c0b48d9d002d5c20bc5c5d16
+  data.tar.gz: d0b27c304bd94da7c91a124c2dce1815f11354e30753f895872db19a12f73d02c2c572f63b0e250752521db482b803ea545dee4252395b612834c260fbf1cff9

data/lib/openssl/pkey.rb

@@ -3,31 +3,182 @@ require "openssl"
 # Enhancements to the core asymmetric key handling.
 module OpenSSL::PKey
   # A mapping of the "SSH" names for various curves, to their OpenSSL
-  # equivalent names.
+  # equivalents.
   SSH_CURVE_NAME_MAP = {
     "nistp256" => "prime256v1",
     "nistp384" => "secp384r1",
     "nistp521" => "secp521r1",
   }
 
-  # Create a new `OpenSSL::PKey` from an SSH public key.
+  # Create a new `OpenSSL::PKey` from an SSH public or private key.
   #
-  # Given an OpenSSL 2 public key (with or without the `ssh-rsa` / `ecdsa-etc`
-  # prefix), create an equivalent instance of an `OpenSSL::PKey::PKey` subclass
-  # which represents the same key parameters.
+  # Given an OpenSSH 2 public key (with or without the `ssh-rsa` / `ecdsa-etc`
+  # prefix), or an encrypted or unencrypted OpenSSH private key, create an
+  # equivalent instance of an `OpenSSL::PKey::PKey` subclass which represents
+  # the same key parameters.
   #
-  # If you've got an SSH *private* key, you don't need this method, as they're
-  # already PKCS#8 ("PEM") private keys, which OpenSSL is happy to read
-  # directly (using `OpenSSL::PKey.read`).
+  # @param s [String] the SSH public or private key to convert.  Public keys
+  #   should be in their usual all-on-one-line bas64-encoded form, with or
+  #   without the key type prefix.  Private keys must have the `-----BEGIN/END
+  #   OPENSSH PRIVATE KEY-----` delimiters.
   #
-  # @param s [String] the SSH public key to convert, in its usual
-  #   base64-encoded form, with or without key type prefix.
+  # @param passphrase [String] if an encrypted private key is provided, this
+  #   passphrase will be used to try and decrypt the key.  If the passphrase
+  #   is incorrect, an exception will be raised.
   #
-  # @return [OpenSSL::PKey::PKey] the OpenSSL-compatible key object.  Note
-  #   that this can only ever be a *public* key, never a private key, because
-  #   SSH public keys are, well, public.
+  # @yield if the key data passed is an encrypted private key and no passphrase
+  #   was given, the block (if provided) will be called, and whatever the value
+  #   of that block call is, it will be used to try and decrypt the private
+  #   key.
   #
-  def self.from_ssh_key(s)
+  # @return [OpenSSL::PKey::PKey] the OpenSSL-compatible key object.
+  #
+  # @raise [OpenSSL::PKey::PKeyError] if anything went wrong with the decoding
+  #   process.
+  #
+  def self.from_ssh_key(s, &blk)
+    if s =~ /\A-----BEGIN OPENSSH PRIVATE KEY-----/
+      decode_private_ssh_key(s, &blk)
+    else
+      decode_public_ssh_key(s)
+    end
+  end
+
+  private
+
+  def self.decode_private_ssh_key(s, &blk)
+    unless s =~ /-----BEGIN OPENSSH PRIVATE KEY-----\n([A-Za-z0-9\/+\n]*={0,2})\n-----END OPENSSH PRIVATE KEY-----/m
+      raise OpenSSL::PKey::PKeyError,
+            "invalid OpenSSH private key format"
+    end
+
+    keyblob = unpack_private_ssh_key($1, &blk)
+    keytype, rest = ssh_key_lv_decode(keyblob, 1)
+
+    case keytype
+    when "ssh-rsa"
+      parts = ssh_key_lv_decode(rest, 6)
+      OpenSSL::PKey::RSA.new.tap do |k|
+        k.n = ssh_key_mpi_decode(parts[0])
+        k.e = ssh_key_mpi_decode(parts[1])
+        k.d = ssh_key_mpi_decode(parts[2])
+        k.iqmp = ssh_key_mpi_decode(parts[3])
+        k.p = ssh_key_mpi_decode(parts[4])
+        k.q = ssh_key_mpi_decode(parts[5])
+      end
+    when "ssh-dss"
+      parts = ssh_key_lv_decode(rest, 5)
+      OpenSSL::PKey::DSA.new.tap do |k|
+        k.p = ssh_key_mpi_decode(parts[0])
+        k.q = ssh_key_mpi_decode(parts[1])
+        k.g = ssh_key_mpi_decode(parts[2])
+        k.pub_key = ssh_key_mpi_decode(parts[3])
+        k.priv_key = ssh_key_mpi_decode(parts[4])
+      end
+    when /ecdsa-sha2-/
+      parts = ssh_key_lv_decode(rest, 3)
+
+      begin
+        OpenSSL::PKey::EC.new(SSH_CURVE_NAME_MAP[parts[0]]).tap do |k|
+          k.public_key = OpenSSL::PKey::EC::Point.new(k.group, parts[1])
+          k.private_key = ssh_key_mpi_decode(parts[2])
+        end
+      rescue TypeError
+        raise OpenSSL::PKey::PKeyError.new,
+              "Unknown curve identifier #{parts[0]}"
+      end
+    else
+      raise OpenSSL::PKey::PKeyError,
+            "Unknown key type #{keytype}"
+    end
+  end
+
+  def self.unpack_private_ssh_key(s)
+    rest = s.unpack("m").first
+
+    # From https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.key?annotate=HEAD
+
+    #  8: #define AUTH_MAGIC      "openssh-key-v1"
+    #  9:
+    # 10:        byte[]  AUTH_MAGIC
+    unless rest[0, 15] == "openssh-key-v1\0"
+      raise OpenSSL::PKey::PKeyError,
+            "Invalid OpenSSH private key: incorrect magic found (#{rest[0, 15].inspect})"
+    end
+
+    # 11:        string  ciphername
+    # 12:        string  kdfname
+    # 13:        string  kdfoptions
+    cipher, kdf, kdfopts, rest = ssh_key_lv_decode(rest[15..], 3)
+
+    # 14:        int     number of keys N
+    key_count, rest = rest.unpack("Na*")
+    if key_count == 0
+      raise OpenSSL::PKey::PKeyError,
+            "invalid OpenSSH private key: no keys!"
+    elsif key_count > 1
+      raise OpenSSL::PKey::PKeyError,
+            "unsupported OpenSSH private key: multiple keys"
+    end
+
+    # 15:        string  publickey1
+    # We care not for your stinky public key
+    _, rest = ssh_key_lv_decode(rest, 1)
+
+    # 19:        string  encrypted, padded list of private keys
+    rest, x = ssh_key_lv_decode(rest, 1)
+    unless x.nil?
+      #:nocov:
+      raise OpenSSL::PKey::PKeyError,
+            "invalid OpenSSH private key: trailing garbage after private key blob: #{x.inspect}"
+      #:nocov:
+    end
+
+    if kdf == "none"
+      # This one is easy
+      # 36:        uint32  checkint
+      # 37:        uint32  checkint
+      # 38:        string  privatekey1
+      check1, check2, rest = rest.unpack("NNa*")
+      unless check1 == check2
+        raise OpenSSL::PKey::PKeyError,
+              "invalid OpenSSH private key: check values don't match"
+      end
+
+      # The format spec says that the keyblob is, itself, a string, but that's
+      # not what I'm seeing in real-world keys generated by OpenSSH -- the
+      # first element of the keyblob (the key type string) is just straight up
+      # there after the check digits.  That must make parsing out multiple
+      # private keys an absolute nightmare -- except, oh wait (from
+      # openssh-portable.git/sshkey.c):
+      #
+      #     if (nkeys != 1) {
+      #         /* XXX only one key supported */
+      #         r = SSH_ERR_INVALID_FORMAT;
+      #         goto out;
+      #     }
+      #
+      # Cheaters.
+      #
+      # At any rate, the fact that the spec isn't what's implemented means that
+      # the keyblob I do send back needs to be carefully parsed itself, rather
+      # than just being able to blat it through ssh_key_lv_decode to get all
+      # the bits.  Sigh.
+      return rest
+    elsif kdf == "bcrypt"
+      # This is cheating a little bit, but I'm not up for implementing
+      # decryption support today, and this at least allows us to reliably
+      # detect that the key *is* in fact encrypted rather than corrupted
+      yield if block_given?
+      raise OpenSSL::PKey::PKeyError,
+            "unsupported OpenSSH private key: decryption is not (yet) supported"
+    else
+      raise OpenSSL::PKey::PKeyError,
+            "unsupport OpenSSH private key KDF #{kdf.inspect}"
+    end
+  end
+
+  def self.decode_public_ssh_key(s)
     if s =~ /\Assh-[a-z0-9-]+ /
       # WHOOP WHOOP prefixed key detected.
       s = s.split(" ")[1]
@@ -41,7 +192,7 @@ module OpenSSL::PKey
             "Invalid key encoding (not valid base64)"
     end
 
-    parts = ssh_key_lv_decode(s)
+    parts = ssh_key_lv_decode(s.unpack("m").first)
 
     case parts.first
     when "ssh-rsa"
@@ -70,15 +221,13 @@ module OpenSSL::PKey
     end
   end
 
-  private
-
   # Take the base64 string and split it into its component parts.
   #
-  def self.ssh_key_lv_decode(s)
-    rest = s.unpack("m").first
+  def self.ssh_key_lv_decode(s, n = nil)
+    rest = s
 
     [].tap do |parts|
-      until rest == ""
+      until rest == "" || (n && n <= 0)
         len, rest = rest.unpack("Na*")
         if len > rest.length
           raise OpenSSL::PKey::PKeyError,
@@ -87,6 +236,11 @@ module OpenSSL::PKey
 
         elem, rest = rest.unpack("a#{len}a*")
         parts << elem
+        n -= 1 if n
+      end
+
+      if rest != ""
+        parts << rest
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: openssl-additions
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Matt Palmer
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-12-20 00:00:00.000000000 Z
+date: 2019-05-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -189,8 +189,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 3.0.1
 signing_key: 
 specification_version: 4
 summary: Quality-of-life improvements to the core openssl ruby library