RubyGems - ssh_data - Versions diffs - 1.1.0 → 1.2.0 - Mend

ssh_data 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +4 -4
data/lib/ssh_data/certificate.rb +9 -7
data/lib/ssh_data/encoding.rb +31 -12
data/lib/ssh_data/error.rb +6 -5
data/lib/ssh_data/public_key/ecdsa.rb +5 -1
data/lib/ssh_data/public_key/ed25519.rb +6 -2
data/lib/ssh_data/public_key/skecdsa.rb +46 -0
data/lib/ssh_data/public_key/sked25519.rb +35 -0
data/lib/ssh_data/public_key.rb +15 -7
data/lib/ssh_data/version.rb +1 -1
metadata +16 -14

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: aaa29fd598724a11d13c32aa423fdb26944b5ed7d027b852de0fb3b6c8808f54
-  data.tar.gz: 6737375c449655f42d8f6a629065ad1e493f301e6ed118ca23a2d6b939b2516c
+  metadata.gz: e2a37d746413f208ac72e4dca430d8e9ad71646cdab1a86a4beb1939d538ca00
+  data.tar.gz: 37c066043665eb883f68f1a0bbff2c7b814a6c11a32dcef02d19cb24a7fd9b17
 SHA512:
-  metadata.gz: 43afd3056dd763d3bfbeb44e98936a6a35a97172000772bb91107a516642c384b3398127e211a792193102351fe3ab6bafcf2d4e7674c7233f7610f743f80341
-  data.tar.gz: e0cc819489d6ac78f0cdf2e3fb9d22ded46dda75e11e6275d9e47a354d951ed753434a1cacc82377b4c1ef4c3469e8df73cc82e981062c2d0476513f7e9a287d
+  metadata.gz: 2e32a7671a4bebef2e1a9035a9be8692af5f8274e9b6e8ca8043421ed8adf620eb88878a8a55deca82d9b1c1fad725d6018230c5bd7a75a8bec727a39e8823f8
+  data.tar.gz: e0b84d38f45eb30d9ac0a1940e26b70a83677f68bb399c206f6a599194ffddd77a9a77f18e27b2cad94de5004c67e7bf63f009f621ab9b9dabc2637fba85f1ad

data/lib/ssh_data/certificate.rb CHANGED Viewed

@@ -12,16 +12,18 @@ module SSHData
     TYPE_HOST = 2
     # Certificate algorithm identifiers
-    ALGO_RSA      = "ssh-rsa-cert-v01@openssh.com"
-    ALGO_DSA      = "ssh-dss-cert-v01@openssh.com"
-    ALGO_ECDSA256 = "ecdsa-sha2-nistp256-cert-v01@openssh.com"
-    ALGO_ECDSA384 = "ecdsa-sha2-nistp384-cert-v01@openssh.com"
-    ALGO_ECDSA521 = "ecdsa-sha2-nistp521-cert-v01@openssh.com"
-    ALGO_ED25519  = "ssh-ed25519-cert-v01@openssh.com"
+    ALGO_RSA        = "ssh-rsa-cert-v01@openssh.com"
+    ALGO_DSA        = "ssh-dss-cert-v01@openssh.com"
+    ALGO_ECDSA256   = "ecdsa-sha2-nistp256-cert-v01@openssh.com"
+    ALGO_ECDSA384   = "ecdsa-sha2-nistp384-cert-v01@openssh.com"
+    ALGO_ECDSA521   = "ecdsa-sha2-nistp521-cert-v01@openssh.com"
+    ALGO_ED25519    = "ssh-ed25519-cert-v01@openssh.com"
+    ALGO_SKECDSA256 = "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com"
+    ALGO_SKED25519  = "sk-ssh-ed25519-cert-v01@openssh.com"
     ALGOS = [
       ALGO_RSA, ALGO_DSA, ALGO_ECDSA256, ALGO_ECDSA384, ALGO_ECDSA521,
-      ALGO_ED25519
+      ALGO_ED25519, ALGO_SKECDSA256, ALGO_SKED25519
     ]
     CRITICAL_OPTION_FORCE_COMMAND  = "force-command"

data/lib/ssh_data/encoding.rb CHANGED Viewed

@@ -62,27 +62,44 @@ module SSHData
       [:public_key, :string]
     ]
+    # Fields in an SK-ECDSA public key
+    SKECDSA_KEY_FIELDS = [
+      [:curve,      :string],
+      [:public_key, :string],
+      [:application, :string]
+    ]
     # Fields in a ED25519 public key
     ED25519_KEY_FIELDS = [
       [:pk, :string]
     ]
+    # Fields in a SK-ED25519 public key
+    SKED25519_KEY_FIELDS = [
+      [:pk, :string],
+      [:application, :string]
+    ]
     PUBLIC_KEY_ALGO_BY_CERT_ALGO = {
-      Certificate::ALGO_RSA      => PublicKey::ALGO_RSA,
-      Certificate::ALGO_DSA      => PublicKey::ALGO_DSA,
-      Certificate::ALGO_ECDSA256 => PublicKey::ALGO_ECDSA256,
-      Certificate::ALGO_ECDSA384 => PublicKey::ALGO_ECDSA384,
-      Certificate::ALGO_ECDSA521 => PublicKey::ALGO_ECDSA521,
-      Certificate::ALGO_ED25519  => PublicKey::ALGO_ED25519,
+      Certificate::ALGO_RSA        => PublicKey::ALGO_RSA,
+      Certificate::ALGO_DSA        => PublicKey::ALGO_DSA,
+      Certificate::ALGO_ECDSA256   => PublicKey::ALGO_ECDSA256,
+      Certificate::ALGO_ECDSA384   => PublicKey::ALGO_ECDSA384,
+      Certificate::ALGO_ECDSA521   => PublicKey::ALGO_ECDSA521,
+      Certificate::ALGO_ED25519    => PublicKey::ALGO_ED25519,
+      Certificate::ALGO_SKECDSA256 => PublicKey::ALGO_SKECDSA256,
+      Certificate::ALGO_SKED25519  => PublicKey::ALGO_SKED25519,
     }
     CERT_ALGO_BY_PUBLIC_KEY_ALGO = {
-      PublicKey::ALGO_RSA      => Certificate::ALGO_RSA,
-      PublicKey::ALGO_DSA      => Certificate::ALGO_DSA,
-      PublicKey::ALGO_ECDSA256 => Certificate::ALGO_ECDSA256,
-      PublicKey::ALGO_ECDSA384 => Certificate::ALGO_ECDSA384,
-      PublicKey::ALGO_ECDSA521 => Certificate::ALGO_ECDSA521,
-      PublicKey::ALGO_ED25519  => Certificate::ALGO_ED25519,
+      PublicKey::ALGO_RSA        => Certificate::ALGO_RSA,
+      PublicKey::ALGO_DSA        => Certificate::ALGO_DSA,
+      PublicKey::ALGO_ECDSA256   => Certificate::ALGO_ECDSA256,
+      PublicKey::ALGO_ECDSA384   => Certificate::ALGO_ECDSA384,
+      PublicKey::ALGO_ECDSA521   => Certificate::ALGO_ECDSA521,
+      PublicKey::ALGO_ED25519    => Certificate::ALGO_ED25519,
+      PublicKey::ALGO_SKECDSA256 => Certificate::ALGO_SKECDSA256,
+      PublicKey::ALGO_SKED25519  => Certificate::ALGO_SKED25519,
     }
     KEY_FIELDS_BY_PUBLIC_KEY_ALGO = {
@@ -92,6 +109,8 @@ module SSHData
       PublicKey::ALGO_ECDSA384 => ECDSA_KEY_FIELDS,
       PublicKey::ALGO_ECDSA521 => ECDSA_KEY_FIELDS,
       PublicKey::ALGO_ED25519  => ED25519_KEY_FIELDS,
+      PublicKey::ALGO_SKED25519 => SKED25519_KEY_FIELDS,
+      PublicKey::ALGO_SKECDSA256 => SKECDSA_KEY_FIELDS,
     }
     KEY_FIELDS_BY_PRIVATE_KEY_ALGO = {

data/lib/ssh_data/error.rb CHANGED Viewed

@@ -1,7 +1,8 @@
 module SSHData
-  Error          = Class.new(StandardError)
-  DecodeError    = Class.new(Error)
-  VerifyError    = Class.new(Error)
-  AlgorithmError = Class.new(Error)
-  DecryptError   = Class.new(Error)
+  Error            = Class.new(StandardError)
+  DecodeError      = Class.new(Error)
+  VerifyError      = Class.new(Error)
+  AlgorithmError   = Class.new(Error)
+  DecryptError     = Class.new(Error)
+  UnsupportedError = Class.new(Error)
 end

data/lib/ssh_data/public_key/ecdsa.rb CHANGED Viewed

@@ -65,7 +65,7 @@ module SSHData
         [Encoding.encode_mpint(r.value), Encoding.encode_mpint(s.value)].join
       end
-      def initialize(algo:, curve:, public_key:)
+      def self.check_algorithm!(algo, curve)
         unless [ALGO_ECDSA256, ALGO_ECDSA384, ALGO_ECDSA521].include?(algo)
           raise DecodeError, "bad algorithm: #{algo.inspect}"
         end
@@ -73,6 +73,10 @@ module SSHData
         unless algo == "ecdsa-sha2-#{curve}"
           raise DecodeError, "bad curve: #{curve.inspect}"
         end
+      end
+      def initialize(algo:, curve:, public_key:)
+        self.class.check_algorithm!(algo, curve)
         @curve = curve
         @public_key_bytes = public_key

data/lib/ssh_data/public_key/ed25519.rb CHANGED Viewed

@@ -16,8 +16,12 @@ module SSHData
         raise AlgorithmError, "the ed25519 gem is not loaded" unless enabled?
       end
+      def self.algorithm_identifier
+        ALGO_ED25519
+      end
       def initialize(algo:, pk:)
-        unless algo == ALGO_ED25519
+        unless algo == self.class.algorithm_identifier
           raise DecodeError, "bad algorithm: #{algo.inspect}"
         end
@@ -40,7 +44,7 @@ module SSHData
         self.class.ed25519_gem_required!
         sig_algo, raw_sig, _ = Encoding.decode_signature(signature)
-        if sig_algo != ALGO_ED25519
+        if sig_algo != self.class.algorithm_identifier
           raise DecodeError, "bad signature algorithm: #{sig_algo.inspect}"
         end

data/lib/ssh_data/public_key/skecdsa.rb ADDED Viewed

@@ -0,0 +1,46 @@
+module SSHData
+  module PublicKey
+    class SKECDSA < ECDSA
+      attr_reader :application
+      OPENSSL_CURVE_NAME_FOR_CURVE = {
+        NISTP256 => "prime256v1",
+      }
+      def self.check_algorithm!(algo, curve)
+        unless algo == ALGO_SKECDSA256
+          raise DecodeError, "bad algorithm: #{algo.inspect}"
+        end
+        unless algo == "sk-ecdsa-sha2-#{curve}@openssh.com"
+          raise DecodeError, "bad curve: #{curve.inspect}"
+        end
+      end
+      def initialize(algo:, curve:, public_key:, application:)
+        @application = application
+        super(algo: algo, curve: curve, public_key: public_key)
+      end
+      # RFC4253 binary encoding of the public key.
+      #
+      # Returns a binary String.
+      def rfc4253
+        Encoding.encode_fields(
+          [:string, algo],
+          [:string, curve],
+          [:string, public_key_bytes],
+          [:string, application],
+        )
+      end
+      def verify(signed_data, signature)
+        raise UnsupportedError, "SK-ECDSA verification is not supported."
+      end
+      def ==(other)
+        super && other.application == application
+      end
+    end
+  end
+end

data/lib/ssh_data/public_key/sked25519.rb ADDED Viewed

@@ -0,0 +1,35 @@
+module SSHData
+  module PublicKey
+    class SKED25519 < ED25519
+      attr_reader :application
+      def initialize(algo:, pk:, application:)
+        @application = application
+        super(algo: algo, pk: pk)
+      end
+      def self.algorithm_identifier
+        ALGO_SKED25519
+      end
+      # RFC4253 binary encoding of the public key.
+      #
+      # Returns a binary String.
+      def rfc4253
+        Encoding.encode_fields(
+          [:string, algo],
+          [:string, pk],
+          [:string, application],
+        )
+      end
+      def verify(signed_data, signature)
+        raise UnsupportedError, "SK-Ed25519 verification is not supported."
+      end
+      def ==(other)
+        super && other.application == application
+      end
+    end
+  end
+end

data/lib/ssh_data/public_key.rb CHANGED Viewed

@@ -1,12 +1,14 @@
 module SSHData
   module PublicKey
     # Public key algorithm identifiers
-    ALGO_RSA      = "ssh-rsa"
-    ALGO_DSA      = "ssh-dss"
-    ALGO_ECDSA256 = "ecdsa-sha2-nistp256"
-    ALGO_ECDSA384 = "ecdsa-sha2-nistp384"
-    ALGO_ECDSA521 = "ecdsa-sha2-nistp521"
-    ALGO_ED25519  = "ssh-ed25519"
+    ALGO_RSA        = "ssh-rsa"
+    ALGO_DSA        = "ssh-dss"
+    ALGO_ECDSA256   = "ecdsa-sha2-nistp256"
+    ALGO_ECDSA384   = "ecdsa-sha2-nistp384"
+    ALGO_ECDSA521   = "ecdsa-sha2-nistp521"
+    ALGO_ED25519    = "ssh-ed25519"
+    ALGO_SKED25519  = "sk-ssh-ed25519@openssh.com"
+    ALGO_SKECDSA256 = "sk-ecdsa-sha2-nistp256@openssh.com"
     # RSA SHA2 *signature* algorithms used with ALGO_RSA keys.
     # https://tools.ietf.org/html/draft-rsa-dsa-sha2-256-02
@@ -15,7 +17,7 @@ module SSHData
     ALGOS = [
       ALGO_RSA, ALGO_DSA, ALGO_ECDSA256, ALGO_ECDSA384, ALGO_ECDSA521,
-      ALGO_ED25519
+      ALGO_ED25519, ALGO_SKECDSA256, ALGO_SKED25519
     ]
     # Parse an OpenSSH public key in authorized_keys format (see sshd(8) manual
@@ -64,6 +66,10 @@ module SSHData
         ECDSA.new(**data)
       when ALGO_ED25519
         ED25519.new(**data)
+      when ALGO_SKED25519
+        SKED25519.new(**data)
+      when ALGO_SKECDSA256
+        SKECDSA.new(**data)
       else
         raise DecodeError, "unkown algo: #{data[:algo].inspect}"
       end
@@ -76,3 +82,5 @@ require "ssh_data/public_key/rsa"
 require "ssh_data/public_key/dsa"
 require "ssh_data/public_key/ecdsa"
 require "ssh_data/public_key/ed25519"
+require "ssh_data/public_key/sked25519"
+require "ssh_data/public_key/skecdsa"

data/lib/ssh_data/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module SSHData
-  VERSION = "1.1.0"
+  VERSION = "1.2.0"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ssh_data
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - mastahyeti
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-11-20 00:00:00.000000000 Z
+date: 2021-12-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ed25519
@@ -30,43 +30,43 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.10'
+        version: '0.14'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.10'
+        version: '0.14'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '3.10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '3.10'
 - !ruby/object:Gem::Dependency
   name: rspec-mocks
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '3.10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
-description:
+        version: '3.10'
+description:
 email: opensource+ssh_data@github.com
 executables: []
 extensions: []
@@ -89,18 +89,20 @@ files:
 - "./lib/ssh_data/public_key/ecdsa.rb"
 - "./lib/ssh_data/public_key/ed25519.rb"
 - "./lib/ssh_data/public_key/rsa.rb"
+- "./lib/ssh_data/public_key/skecdsa.rb"
+- "./lib/ssh_data/public_key/sked25519.rb"
 - "./lib/ssh_data/version.rb"
 homepage: https://github.com/github/ssh_data
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - "~>"
+  - - ">="
     - !ruby/object:Gem::Version
       version: '2.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
@@ -109,8 +111,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.4
-signing_key:
+rubygems_version: 3.1.2
+signing_key:
 specification_version: 4
 summary: Library for parsing SSH certificates
 test_files: []