ssh_data 1.2.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e2a37d746413f208ac72e4dca430d8e9ad71646cdab1a86a4beb1939d538ca00
-  data.tar.gz: 37c066043665eb883f68f1a0bbff2c7b814a6c11a32dcef02d19cb24a7fd9b17
+  metadata.gz: a33f8e3096dba56186df0bf3288d36c0fda79f75d7a02e6a58c585b468d4cd76
+  data.tar.gz: 3f5f652b61e4fbbb06bc24154c51683e97be194a70565d993ee27ff87ec8eb2f
 SHA512:
-  metadata.gz: 2e32a7671a4bebef2e1a9035a9be8692af5f8274e9b6e8ca8043421ed8adf620eb88878a8a55deca82d9b1c1fad725d6018230c5bd7a75a8bec727a39e8823f8
-  data.tar.gz: e0b84d38f45eb30d9ac0a1940e26b70a83677f68bb399c206f6a599194ffddd77a9a77f18e27b2cad94de5004c67e7bf63f009f621ab9b9dabc2637fba85f1ad
+  metadata.gz: b6b1324539e847dd7e7d858cd0f64a8c369de781bdb8f5fcde7667ad9a61748e347209f7d6f06f7e5400d9147e67a9289f6f99aa187ec368bfc4a38ddccc22b9
+  data.tar.gz: 7c1a063701138b853aebff7adb7f7a9d8bccabdf04d58d81dffb16ab2a499706401355ac01f2f4e8e91789140fd051569ecf8056eae27a76d0ae1425128e62c7

data/lib/ssh_data/encoding.rb

@@ -3,6 +3,19 @@ module SSHData
     # Fields in an OpenSSL private key
     # https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key
     OPENSSH_PRIVATE_KEY_MAGIC = "openssh-key-v1\x00"
+
+    OPENSSH_SIGNATURE_MAGIC = "SSHSIG"
+    OPENSSH_SIGNATURE_VERSION = 0x01
+
+    OPENSSH_SIGNATURE_FIELDS = [
+      [:sigversion,     :uint32],
+      [:publickey,      :string],
+      [:namespace,      :string],
+      [:reserved,       :string],
+      [:hash_algorithm, :string],
+      [:signature,      :string],
+    ]
+
     OPENSSH_PRIVATE_KEY_FIELDS = [
       [:ciphername, :string],
       [:kdfname,    :string],
@@ -313,6 +326,21 @@ module SSHData
       [key, str_read]
     end
 
+    def decode_openssh_signature(raw, offset=0)
+      total_read = 0
+
+      magic = raw.byteslice(offset, OPENSSH_SIGNATURE_MAGIC.bytesize)
+      unless magic == OPENSSH_SIGNATURE_MAGIC
+        raise DecodeError, "bad OpenSSH signature"
+      end
+
+      total_read += OPENSSH_SIGNATURE_MAGIC.bytesize
+      offset += total_read
+      data, read = decode_fields(raw, OPENSSH_SIGNATURE_FIELDS, offset)
+      total_read += read
+      [data, total_read]
+    end
+
     # Decode the fields in a certificate.
     #
     # raw    - Binary String certificate as described by RFC4253 section 6.6.
@@ -396,7 +424,7 @@ module SSHData
       [hash, total_read]
     end
 
-    # Encode the series of fiends into a binary string.
+    # Encode the series of fields into a binary string.
     #
     # fields - A series of Arrays, each containing a Symbol type and a value to
     #          encode.
@@ -680,6 +708,32 @@ module SSHData
       [value].pack("L>")
     end
 
+    # Read a uint8 from the provided raw data.
+    #
+    # raw    - A binary String.
+    # offset - The offset into raw at which to read (default 0).
+    #
+    # Returns an Array including the decoded uint8 as an Integer and the
+    # Integer number of bytes read.
+    def decode_uint8(raw, offset=0)
+      if raw.bytesize < offset + 1
+        raise DecodeError, "data too short"
+      end
+
+      uint8 = raw.byteslice(offset, 1).unpack("C").first
+
+      [uint8, 1]
+    end
+
+    # Encoding an integer as a uint8.
+    #
+    # value - The Integer value to encode.
+    #
+    # Returns an encoded representation of the value.
+    def encode_uint8(value)
+      [value].pack("C")
+    end
+
     extend self
   end
 end

data/lib/ssh_data/private_key/dsa.rb

@@ -7,7 +7,19 @@
       #
       # Returns a PublicKey::Base subclass instance.
       def self.generate
-        from_openssl(OpenSSL::PKey::DSA.generate(1024))
+        openssl_key =
+          if defined?(OpenSSL::PKey.generate_parameters)
+            dsa_parameters = OpenSSL::PKey.generate_parameters("DSA", {
+              dsa_paramgen_bits: 1024,
+              dsa_paramgen_q_bits: 160
+            })
+
+            OpenSSL::PKey.generate_key(dsa_parameters)
+          else
+            OpenSSL::PKey::DSA.generate(1024)
+          end
+
+        from_openssl(openssl_key)
       end
 
       # Import an openssl private key.

data/lib/ssh_data/private_key/ecdsa.rb

@@ -13,7 +13,7 @@ module SSHData
         openssl_curve = PublicKey::ECDSA::OPENSSL_CURVE_NAME_FOR_CURVE[curve]
         raise AlgorithmError, "unknown curve: #{curve}" if openssl_curve.nil?
 
-        openssl_key = OpenSSL::PKey::EC.new(openssl_curve).tap(&:generate_key)
+        openssl_key = OpenSSL::PKey::EC.generate(openssl_curve)
         from_openssl(openssl_key)
       end
 

data/lib/ssh_data/private_key/rsa.rb

@@ -21,9 +21,9 @@ module SSHData
 
       # Import an openssl private key.
       #
-      # key - An OpenSSL::PKey::DSA instance.
+      # key - An OpenSSL::PKey::RSA instance.
       #
-      # Returns a DSA instance.
+      # Returns a RSA instance.
       def self.from_openssl(key)
         new(
           algo: PublicKey::ALGO_RSA,

data/lib/ssh_data/public_key/dsa.rb

@@ -67,7 +67,7 @@ module SSHData
       # Verify an SSH signature.
       #
       # signed_data - The String message that the signature was calculated over.
-      # signature   - The binarty String signature with SSH encoding.
+      # signature   - The binary String signature with SSH encoding.
       #
       # Returns boolean.
       def verify(signed_data, signature)

data/lib/ssh_data/public_key/ecdsa.rb

@@ -93,7 +93,7 @@ module SSHData
       # Verify an SSH signature.
       #
       # signed_data - The String message that the signature was calculated over.
-      # signature   - The binarty String signature with SSH encoding.
+      # signature   - The binary String signature with SSH encoding.
       #
       # Returns boolean.
       def verify(signed_data, signature)

data/lib/ssh_data/public_key/ed25519.rb

@@ -37,7 +37,7 @@ module SSHData
       # Verify an SSH signature.
       #
       # signed_data - The String message that the signature was calculated over.
-      # signature   - The binarty String signature with SSH encoding.
+      # signature   - The binary String signature with SSH encoding.
       #
       # Returns boolean.
       def verify(signed_data, signature)

data/lib/ssh_data/public_key/rsa.rb

@@ -26,7 +26,7 @@ module SSHData
       # Verify an SSH signature.
       #
       # signed_data - The String message that the signature was calculated over.
-      # signature   - The binarty String signature with SSH encoding.
+      # signature   - The binary String signature with SSH encoding.
       #
       # Returns boolean.
       def verify(signed_data, signature)
@@ -37,6 +37,12 @@ module SSHData
           raise DecodeError, "bad signature algorithm: #{sig_algo.inspect}"
         end
 
+        # OpenSSH compatibility: if a the number of bytes in the signature is less than the number of bytes of the RSA
+        # modulus, prepend the signature with zeros.
+        # See https://github.com/openssh/openssh-portable/blob/ac383f3a5c6f529a2e8a5bc44af79a08c7da294e/ssh-rsa.c#L531
+        difference = n.num_bytes - raw_sig.bytesize
+        raw_sig = "\0" * difference + raw_sig if difference.positive?
+
         openssl.verify(digest.new, raw_sig, signed_data)
       end
 

data/lib/ssh_data/public_key/security_key.rb

@@ -0,0 +1,40 @@
+module SSHData
+  module PublicKey
+    module SecurityKey
+
+      # Defaults to match OpenSSH, user presence is required by verification is not.
+      DEFAULT_SK_VERIFY_OPTS = {
+        user_presence_required: true,
+        user_verification_required: false
+      }
+
+      SK_FLAG_USER_PRESENCE     = 0b001
+      SK_FLAG_USER_VERIFICATION = 0b100
+
+      def build_signing_blob(application, signed_data, signature)
+        read = 0
+        sig_algo, raw_sig, signature_read = Encoding.decode_signature(signature)
+        read += signature_read
+        sk_flags, sk_flags_read = Encoding.decode_uint8(signature, read)
+        read += sk_flags_read
+        counter, counter_read = Encoding.decode_uint32(signature, read)
+        read += counter_read
+
+        if read != signature.bytesize
+          raise DecodeError, "unexpected trailing data"
+        end
+
+        application_hash = OpenSSL::Digest::SHA256.digest(application)
+        message_hash = OpenSSL::Digest::SHA256.digest(signed_data)
+
+        blob =
+          application_hash +
+          Encoding.encode_uint8(sk_flags) +
+          Encoding.encode_uint32(counter) +
+          message_hash
+
+        [sig_algo, raw_sig, sk_flags, blob]
+      end
+    end
+  end
+end

data/lib/ssh_data/public_key/skecdsa.rb

@@ -1,6 +1,7 @@
 module SSHData
   module PublicKey
     class SKECDSA < ECDSA
+      include SecurityKey
       attr_reader :application
 
       OPENSSL_CURVE_NAME_FOR_CURVE = {
@@ -34,8 +35,25 @@ module SSHData
         )
       end
 
-      def verify(signed_data, signature)
-        raise UnsupportedError, "SK-ECDSA verification is not supported."
+      def verify(signed_data, signature, **opts)
+        opts = DEFAULT_SK_VERIFY_OPTS.merge(opts)
+        unknown_opts = opts.keys - DEFAULT_SK_VERIFY_OPTS.keys
+        raise UnsupportedError, "Verification options #{unknown_opts.inspect} are not supported." unless unknown_opts.empty?
+
+        sig_algo, raw_sig, sk_flags, blob = build_signing_blob(application, signed_data, signature)
+        self.class.check_algorithm!(sig_algo, curve)
+
+        openssl_sig = self.class.openssl_signature(raw_sig)
+        digest = DIGEST_FOR_CURVE[curve]
+
+        result = openssl.verify(digest.new, openssl_sig, blob)
+
+        # We don't know that the flags are correct until after we've validated the signature
+        # which embeds the flags, so always verify the signature first.
+        return false if opts[:user_presence_required] && (sk_flags & SK_FLAG_USER_PRESENCE != SK_FLAG_USER_PRESENCE)
+        return false if opts[:user_verification_required] && (sk_flags & SK_FLAG_USER_VERIFICATION != SK_FLAG_USER_VERIFICATION)
+
+        result
       end
 
       def ==(other)

data/lib/ssh_data/public_key/sked25519.rb

@@ -1,13 +1,14 @@
 module SSHData
   module PublicKey
     class SKED25519 < ED25519
+      include SecurityKey
       attr_reader :application
 
       def initialize(algo:, pk:, application:)
         @application = application
         super(algo: algo, pk: pk)
       end
-      
+
       def self.algorithm_identifier
         ALGO_SKED25519
       end
@@ -23,8 +24,30 @@ module SSHData
         )
       end
 
-      def verify(signed_data, signature)
-        raise UnsupportedError, "SK-Ed25519 verification is not supported."
+      def verify(signed_data, signature, **opts)
+        self.class.ed25519_gem_required!
+        opts = DEFAULT_SK_VERIFY_OPTS.merge(opts)
+        unknown_opts = opts.keys - DEFAULT_SK_VERIFY_OPTS.keys
+        raise UnsupportedError, "Verification options #{unknown_opts.inspect} are not supported." unless unknown_opts.empty?
+
+        sig_algo, raw_sig, sk_flags, blob = build_signing_blob(application, signed_data, signature)
+
+        if sig_algo != self.class.algorithm_identifier
+          raise DecodeError, "bad signature algorithm: #{sig_algo.inspect}"
+        end
+
+        result = begin
+            ed25519_key.verify(raw_sig, blob)
+          rescue Ed25519::VerifyError
+            false
+          end
+
+        # We don't know that the flags are correct until after we've validated the signature
+        # which embeds the flags, so always verify the signature first.
+        return false if opts[:user_presence_required] && (sk_flags & SK_FLAG_USER_PRESENCE != SK_FLAG_USER_PRESENCE)
+        return false if opts[:user_verification_required] && (sk_flags & SK_FLAG_USER_VERIFICATION != SK_FLAG_USER_VERIFICATION)
+
+        result
       end
 
       def ==(other)

data/lib/ssh_data/public_key.rb

@@ -78,6 +78,7 @@ module SSHData
 end
 
 require "ssh_data/public_key/base"
+require "ssh_data/public_key/security_key"
 require "ssh_data/public_key/rsa"
 require "ssh_data/public_key/dsa"
 require "ssh_data/public_key/ecdsa"

data/lib/ssh_data/signature.rb

@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+
+module SSHData
+  class Signature
+    PEM_TYPE = "SSH SIGNATURE"
+    SIGNATURE_PREAMBLE = "SSHSIG"
+    MIN_SUPPORTED_VERSION = 1
+    MAX_SUPPORTED_VERSION = 1
+
+    # Spec: no SHA1 or SHA384. In practice, OpenSSH is always going to use SHA512.
+    # Note the actual signing / verify primitive may use a different hash algorithm.
+    # https://github.com/openssh/openssh-portable/blob/b7ffbb17e37f59249c31f1ff59d6c5d80888f689/PROTOCOL.sshsig#L67
+    SUPPORTED_HASH_ALGORITHMS = {
+      "sha256" => OpenSSL::Digest::SHA256,
+      "sha512" => OpenSSL::Digest::SHA512,
+    }
+
+    PERMITTED_RSA_SIGNATURE_ALGORITHMS = [
+      PublicKey::ALGO_RSA_SHA2_256,
+      PublicKey::ALGO_RSA_SHA2_512,
+    ]
+
+    attr_reader :sigversion, :namespace, :signature, :reserved, :hash_algorithm
+
+    # Parses a PEM armored SSH signature.
+    # pem - A PEM encoded SSH signature.
+    #
+    # Returns a Signature instance.
+    def self.parse_pem(pem)
+      pem_type = Encoding.pem_type(pem)
+
+      if pem_type != PEM_TYPE
+        raise DecodeError, "Mismatched PEM type. Expecting '#{PEM_TYPE}', actually '#{pem_type}'."
+      end
+
+      blob = Encoding.decode_pem(pem, pem_type)
+      self.parse_blob(blob)
+    end
+
+    def self.parse_blob(blob)
+      data, read = Encoding.decode_openssh_signature(blob)
+
+      if read != blob.bytesize
+        raise DecodeError, "unexpected trailing data"
+      end
+
+      new(**data)
+    end
+
+    def initialize(sigversion:, publickey:, namespace:, reserved:, hash_algorithm:, signature:)
+      if sigversion > MAX_SUPPORTED_VERSION || sigversion < MIN_SUPPORTED_VERSION
+        raise UnsupportedError, "Signature version is not supported"
+      end
+
+      unless SUPPORTED_HASH_ALGORITHMS.has_key?(hash_algorithm)
+        raise UnsupportedError, "Hash algorithm #{hash_algorithm} is not supported."
+      end
+
+      # Spec: empty namespaces are not permitted.
+      # https://github.com/openssh/openssh-portable/blob/b7ffbb17e37f59249c31f1ff59d6c5d80888f689/PROTOCOL.sshsig#L57
+      raise UnsupportedError, "A namespace is required." if namespace.empty?
+
+      # Spec: ignore 'reserved', don't need to validate that it is empty.
+
+      @sigversion = sigversion
+      @publickey = publickey
+      @namespace = namespace
+      @reserved = reserved
+      @hash_algorithm = hash_algorithm
+      @signature = signature
+    end
+
+    def verify(signed_data, **opts)
+      signing_key = public_key
+
+      # Unwrap the signing key if this signature was created from a certificate.
+      key = signing_key.is_a?(Certificate) ? signing_key.public_key : signing_key
+
+      digest_algorithm = SUPPORTED_HASH_ALGORITHMS[@hash_algorithm]
+
+      if key.is_a?(PublicKey::RSA)
+        sig_algo, * = Encoding.decode_signature(@signature)
+
+        # Spec: If the signature is an RSA signature, the legacy 'ssh-rsa'
+        # identifer is not permitted.
+        # https://github.com/openssh/openssh-portable/blob/b7ffbb17e37f59249c31f1ff59d6c5d80888f689/PROTOCOL.sshsig#L72
+        unless PERMITTED_RSA_SIGNATURE_ALGORITHMS.include?(sig_algo)
+          raise UnsupportedError, "RSA signature #{sig_algo} is not supported."
+        end
+      end
+
+      message_digest = digest_algorithm.digest(signed_data)
+      blob =
+        SIGNATURE_PREAMBLE +
+        Encoding.encode_string(@namespace) +
+        Encoding.encode_string(@reserved || "") +
+        Encoding.encode_string(@hash_algorithm) +
+        Encoding.encode_string(message_digest)
+
+      if key.class.include?(::SSHData::PublicKey::SecurityKey)
+        key.verify(blob, @signature, **opts)
+      else
+        key.verify(blob, @signature)
+      end
+    end
+
+    # Gets the public key from the signature.
+    # If the signature was created from a certificate, this will be an
+    # SSHData::Certificate. Otherwise, this will be a PublicKey algorithm.
+    def public_key
+      @data_public_key ||= load_public_key
+    end
+
+    private def load_public_key
+      public_key_algorithm, _ = Encoding.decode_string(@publickey)
+
+      if PublicKey::ALGOS.include?(public_key_algorithm)
+        PublicKey.parse_rfc4253(@publickey)
+      elsif Certificate::ALGOS.include?(public_key_algorithm)
+        Certificate.parse_rfc4253(@publickey)
+      else
+        raise UnsupportedError, "Public key algorithm #{public_key_algorithm} is not supported."
+      end
+    end
+  end
+end

data/lib/ssh_data/version.rb

@@ -1,3 +1,3 @@
 module SSHData
-  VERSION = "1.2.0"
+  VERSION = "2.0.0"
 end

data/lib/ssh_data.rb

@@ -34,3 +34,4 @@ require "ssh_data/certificate"
 require "ssh_data/public_key"
 require "ssh_data/private_key"
 require "ssh_data/encoding"
+require "ssh_data/signature"

metadata

@@ -1,15 +1,28 @@
 --- !ruby/object:Gem::Specification
 name: ssh_data
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 2.0.0
 platform: ruby
 authors:
 - mastahyeti
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-12-02 00:00:00.000000000 Z
+date: 2025-01-06 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: base64
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
 - !ruby/object:Gem::Dependency
   name: ed25519
   requirement: !ruby/object:Gem::Requirement
@@ -52,6 +65,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.10'
+- !ruby/object:Gem::Dependency
+  name: rspec-parameterized
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: rspec-mocks
   requirement: !ruby/object:Gem::Requirement
@@ -66,7 +93,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.10'
-description:
 email: opensource+ssh_data@github.com
 executables: []
 extensions: []
@@ -89,14 +115,15 @@ files:
 - "./lib/ssh_data/public_key/ecdsa.rb"
 - "./lib/ssh_data/public_key/ed25519.rb"
 - "./lib/ssh_data/public_key/rsa.rb"
+- "./lib/ssh_data/public_key/security_key.rb"
 - "./lib/ssh_data/public_key/skecdsa.rb"
 - "./lib/ssh_data/public_key/sked25519.rb"
+- "./lib/ssh_data/signature.rb"
 - "./lib/ssh_data/version.rb"
 homepage: https://github.com/github/ssh_data
 licenses:
 - MIT
 metadata: {}
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -104,15 +131,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.3'
+      version: '3.1'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
-signing_key:
+rubygems_version: 3.6.2
 specification_version: 4
 summary: Library for parsing SSH certificates
 test_files: []