ssh_sig 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b3210fd902e6e37ef1e0d89964f2562daff95a412dae0ddf79d6a50c14704514
+  data.tar.gz: 5f209bdfad63784811c1f8de2eda27ee42df6e6cdffe4bd61a0aad8dfa7c5fd9
+SHA512:
+  metadata.gz: c2ceddd49854f0640b1aa0b7f46b0ffeb160f2c7244460dc6eae84d5849f89b4d6455091d2c2e96145ca3c1321eae92a92c8503f9c1e19c2334aad1d6312e13d
+  data.tar.gz: d4b46151147347bc5e817b5f7ae671cf746ba47b16d307da9ad12a42421e29c9a3f56837efbec95f6f64236c2d62b537c3db657879d395d648455f53699f62d4

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,31 @@
+---
+inherit_gem:
+  gitlab-styles:
+    - rubocop-default.yml
+
+AllCops:
+  NewCops: enable
+  TargetRubyVersion: 2.7
+  Exclude:
+    - 'vendor/**/*'
+    - 'tmp/**/*'
+    - 'bin/**/*'
+  CacheRootDirectory: tmp
+  MaxFilesInCache: 25000
+
+Rails:
+  Enabled: false
+
+CodeReuse/ActiveRecord:
+  Enabled: false
+
+RSpec/MultipleMemoizedHelpers:
+  Max: 10
+
+RSpec/NamedSubject:
+  Enabled: true
+
+# Our heredoc delimiters do in fact contain files,
+# so EOF is appropriate.
+Naming/HeredocDelimiterNaming:
+  Enabled: false

data/CHANGELOG.md

@@ -0,0 +1,9 @@
+## [Unreleased]
+
+## [0.1.1] - 2021-12-06
+
+- Fix gemspec
+
+## [0.1.0] - 2021-11-14
+
+- Initial release

data/Gemfile

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in ssh_sig.gemspec
+gemspec
+
+gem "rake", "~> 13.0"
+gem "rspec", "~> 3.0"
+gem "pry", "~> 0.14.1"

data/Gemfile.lock

@@ -0,0 +1,115 @@
+PATH
+  remote: .
+  specs:
+    ssh_sig (0.1.1)
+      bcrypt_pbkdf (~> 1.1)
+      ed25519 (~> 1.2)
+      net-ssh (>= 6.3.0.beta1)
+      zeitwerk (~> 2.4)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (6.1.4.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
+    ast (2.4.2)
+    bcrypt_pbkdf (1.1.0)
+    binding_ninja (0.2.3)
+    coderay (1.1.3)
+    concurrent-ruby (1.1.9)
+    diff-lcs (1.4.4)
+    ed25519 (1.2.4)
+    gitlab-styles (6.2.1)
+      rubocop (~> 0.91, >= 0.91.1)
+      rubocop-gitlab-security (~> 0.1.1)
+      rubocop-performance (~> 1.9.2)
+      rubocop-rails (~> 2.9)
+      rubocop-rspec (~> 1.44)
+    i18n (1.8.11)
+      concurrent-ruby (~> 1.0)
+    method_source (1.0.0)
+    minitest (5.14.4)
+    net-ssh (6.3.0.beta1)
+    parallel (1.21.0)
+    parser (3.0.2.0)
+      ast (~> 2.4.1)
+    proc_to_ast (0.1.0)
+      coderay
+      parser
+      unparser
+    pry (0.14.1)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    rack (2.2.3)
+    rainbow (3.0.0)
+    rake (13.0.6)
+    regexp_parser (2.1.1)
+    rexml (3.2.5)
+    rspec (3.10.0)
+      rspec-core (~> 3.10.0)
+      rspec-expectations (~> 3.10.0)
+      rspec-mocks (~> 3.10.0)
+    rspec-core (3.10.1)
+      rspec-support (~> 3.10.0)
+    rspec-expectations (3.10.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-mocks (3.10.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-parameterized (0.5.0)
+      binding_ninja (>= 0.2.3)
+      parser
+      proc_to_ast
+      rspec (>= 2.13, < 4)
+      unparser
+    rspec-support (3.10.3)
+    rubocop (0.93.1)
+      parallel (~> 1.10)
+      parser (>= 2.7.1.5)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8)
+      rexml
+      rubocop-ast (>= 0.6.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 2.0)
+    rubocop-ast (1.13.0)
+      parser (>= 3.0.1.1)
+    rubocop-gitlab-security (0.1.1)
+      rubocop (>= 0.51)
+    rubocop-performance (1.9.2)
+      rubocop (>= 0.90.0, < 2.0)
+      rubocop-ast (>= 0.4.0)
+    rubocop-rails (2.9.1)
+      activesupport (>= 4.2.0)
+      rack (>= 1.1)
+      rubocop (>= 0.90.0, < 2.0)
+    rubocop-rspec (1.44.1)
+      rubocop (~> 0.87)
+      rubocop-ast (>= 0.7.1)
+    ruby-progressbar (1.11.0)
+    tzinfo (2.0.4)
+      concurrent-ruby (~> 1.0)
+    unicode-display_width (1.8.0)
+    unparser (0.6.2)
+      diff-lcs (~> 1.3)
+      parser (>= 3.0.0)
+    zeitwerk (2.5.1)
+
+PLATFORMS
+  x86_64-darwin-20
+
+DEPENDENCIES
+  gitlab-styles (~> 6.2.0)
+  pry (~> 0.14.1)
+  rake (~> 13.0)
+  rspec (~> 3.0)
+  rspec-parameterized (~> 0.5.0)
+  ssh_sig!
+
+BUNDLED WITH
+   2.2.30

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2021 Brian Williams
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,124 @@
+# SshSig - SSH signature verification in pure ruby
+
+SshSig is a Ruby gem which can be used to verify signatures signed created by `ssh-keygen`.
+This capability was [first added](https://github.com/openssh/openssh-portable/commit/2a9c9f7272c1e8665155118fe6536bebdafb6166) in OpenSSH 8.0
+allows SSH keys to be used for GPG-like signing capabilities, [including signing git commits](https://github.com/git/git/pull/1041).
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'ssh_sig'
+```
+
+And then execute:
+
+    $ bundle install
+
+Or install it yourself as:
+
+    $ gem install ssh_sig
+
+## Usage
+
+Version 1 of [the SSH signature format](https://github.com/openssh/openssh-portable/blob/b7ffbb17e37f59249c31f1ff59d6c5d80888f689/PROTOCOL.sshsig)
+supports `ed25519` and `rsa` keys. It is recommended that you use `ed25519` over `rsa` where possible (`ssh-keygen -t ed25519`).
+
+In order to verify a signature you need:
+
+1. The public key of the sender
+1. The signature file
+1. The message to be verified.
+
+```ruby
+require 'ssh_sig'
+
+armored_pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILXPkJPI4TMFWZP4xRBQjNeizUG99KuZCt9G23rX48kz"
+
+blob = ::SshSig::Blob.from_armor(
+  <<~EOF
+  -----BEGIN SSH SIGNATURE-----
+  U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgtc+Qk8jhMwVZk/jFEFCM16LNQb
+  30q5kK30bbetfjyTMAAAAEZmlsZQAAAAAAAAAGc2hhNTEyAAAAUwAAAAtzc2gtZWQyNTUx
+  OQAAAECJITeYJIlEeydsCTh1DkfdhlDJFBa73ojfWe0MbrIzoJKd9THd9WeQrhygSRGsNG
+  cU/stk3/919nykg67yG2gN
+  -----END SSH SIGNATURE-----
+  EOF
+)
+
+message = "This message was definitely sent by Brian Williams"
+
+valid = ::SshSig::Verifier
+  .from_armored_pubkey(armored_pubkey)
+  .verify(blob, message)
+
+if valid
+  puts 'Signature is valid'
+else
+  puts 'Signature is not valid'
+end
+```
+
+Signatures can be created using `ssh-keygen -Y sign -n file -f ~/.ssh/ed_25519 message.txt`
+and will be outputted in `message.txt.sig`.
+
+Public keys can be found in a variety of places, including:
+
+- Your `~/.ssh/id_<alg>.pub` file
+- `authorized_keys` files on servers
+- `https://gitlab.com/<username>.keys`
+- `https://github.com/<username>.keys`
+
+The `SshSig::Verifier#from_gitlab` and `SshSig::Verifier#from_github` methods are provided
+to automatically load public keys from the respective `<username>.keys` urls.
+
+```ruby
+require 'ssh_sig'
+
+blob = ::SshSig::Blob.from_armor(
+  <<~EOF
+  -----BEGIN SSH SIGNATURE-----
+  U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgtc+Qk8jhMwVZk/jFEFCM16LNQb
+  30q5kK30bbetfjyTMAAAAEZmlsZQAAAAAAAAAGc2hhNTEyAAAAUwAAAAtzc2gtZWQyNTUx
+  OQAAAECJITeYJIlEeydsCTh1DkfdhlDJFBa73ojfWe0MbrIzoJKd9THd9WeQrhygSRGsNG
+  cU/stk3/919nykg67yG2gN
+  -----END SSH SIGNATURE-----
+  EOF
+)
+
+message = 'This message was definitely sent by Brian Williams'
+
+valid = ::SshSig::Verifier
+  .from_gitlab('bwill')
+  .verify(blob, message)
+
+if valid
+  puts 'Signature is valid'
+else
+  puts 'Signature is not valid'
+end
+```
+
+## Is it safe to re-purpose SSH keys for signing?
+
+Yes. The [SSH signature protocol](https://github.com/openssh/openssh-portable/blob/d575cf44895104e0fcb0629920fb645207218129/PROTOCOL.sshsig)
+is designed to be resistant to cross-protocol attacks, where signatures created for one purpose (i.e. signing a git commit),
+may be re-used for another purpose (i.e. authenticating to a server). It does this using the magic pre-amble (to differentiate
+between messages signed by `ssh-keygen` and messages used for SSH authentication) and namespaces (to differentiate between
+messages signed by `ssh-keygen` but used for different purposes). This causes identical messages to produce different signatures
+for each different protocol.
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/ssh_sig. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/[USERNAME]/ssh_sig/blob/main/CODE_OF_CONDUCT.md).
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+# Run both unit and integration tests
+RSpec::Core::RakeTask.new(:spec)
+
+# Run tests excluding integration tests
+RSpec::Core::RakeTask.new(:spec_unit) do |t|
+  t.rspec_opts = "--tag ~@integration"
+end
+
+# Run only integration tests
+RSpec::Core::RakeTask.new(:spec_integration) do |t|
+  t.rspec_opts = "--tag integration"
+end
+
+require "rubocop/rake_task"
+
+RuboCop::RakeTask.new
+
+task default: %i[spec rubocop]

data/bin/console

@@ -0,0 +1,21 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'bundler/setup'
+require 'ssh_sig'
+require 'net/ssh'
+
+# require 'pry'
+# Pry.start
+
+require_relative '../spec/support/helpers/byte_helpers'
+# rubocop:disable Syle/MixinUsage
+include ByteHelpers
+# rubocop:enable Syle/MixinUsage
+
+def hexdump(bytes)
+  puts bin_to_hex(bytes)
+end
+
+require 'irb'
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/bin/setup-integration

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+set -e
+
+echo "Installing OpenSSH version ${OPENSSH_VERSION?:OPENSSH_VERSION must be set}"
+
+curl -sSL -o /tmp/openssh.tar.gz "https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${OPENSSH_VERSION}.tar.gz"
+
+tar -xzvf /tmp/openssh.tar.gz -C /tmp/
+
+"/tmp/openssh-${OPENSSH_VERSION}/configure"

data/lib/ssh_sig/blob.rb

@@ -0,0 +1,154 @@
+# frozen_string_literal: true
+
+require 'net/ssh/buffer'
+require 'digest'
+
+module SshSig
+  class Blob
+    include Serializable
+    extend Serializable
+
+    attr_reader :namespace, :hash_algorithm, :signature
+
+    def initialize(
+      public_key:,
+      namespace:,
+      hash_algorithm:,
+      signature:
+    )
+      @public_key = public_key
+      @namespace = namespace
+      @hash_algorithm = hash_algorithm
+      @signature = signature
+    end
+
+    # public_key is parsed from the signature data and is untrusted
+    # We make this clear using accessor naming
+    def public_key_untrusted
+      @public_key
+    end
+
+    def self.from_armor(armor)
+      from_bytes(armor_to_blob(armor))
+    end
+
+    # decode_blob parses the binary signature data as described in
+    # https://github.com/openssh/openssh-portable/blob/e665ed2d0c24fe11d5470ce72fa1e187377d3fc4/PROTOCOL.sshsig
+    #
+    # byte[6]   MAGIC_PREAMBLE
+    # uint32    SIG_VERSION
+    # string    publickey
+    # string    namespace
+    # string    reserved
+    # string    hash_algorithm
+    # string    signature
+    def self.from_bytes(blob)
+      buf = ::Net::SSH::Buffer.new(blob)
+
+      preamble = buf.read!(6)
+
+      raise DecodeError, 'Invalid magic preamble' unless preamble == MAGIC_PREAMBLE
+
+      version = read_uint64(buf)
+
+      raise DecodeError, 'Unsupported signature version' unless version == SIG_VERSION
+
+      public_key = buf.read_key
+
+      raise DecodeError, 'Signature is missing public key' if public_key.nil?
+
+      namespace = buf.read_string
+
+      raise DecodeError, 'Signature is missing namespace' if namespace.nil?
+
+      # Read past the reserved value and ignore it.
+      buf.read_string
+
+      hash_algorithm = buf.read_string
+
+      raise DecodeError, 'Signature is missing hash algorithm' if hash_algorithm.nil?
+      raise DecodeError, 'Hash algorithm is not supported' unless hash_algorithm_allowed?(hash_algorithm)
+
+      signature_raw = buf.read_string
+
+      raise DecodeError, 'Signature is missing signed data' if signature_raw.nil?
+
+      signature = Signature.from_bytes(signature_raw)
+
+      raise DecodeError, 'Signature algorithm is not supported' \
+        unless signature_algorithm_allowed?(signature.algorithm)
+
+      Blob.new(
+        public_key: public_key,
+        namespace: namespace,
+        hash_algorithm: hash_algorithm,
+        signature: signature
+      )
+    end
+
+    # signature_data creates the "message" passed to the
+    # signing function as described in section 3 of
+    # https://github.com/openssh/openssh-portable/blob/b7ffbb17e37f59249c31f1ff59d6c5d80888f689/PROTOCOL.sshsig
+    #
+    # Despite the documentation's use of the word "concatenated",
+    # this data must use the same DER-like encoding as the signature blob.
+    #
+    # byte[6]   MAGIC_PREAMBLE
+    # string    namespace
+    # string    reserved
+    # string    hash_algorithm
+    # string    H(message)
+    def signature_data(message)
+      buf = ::Net::SSH::Buffer.new
+
+      buf.write(MAGIC_PREAMBLE)
+      buf.write_string(namespace)
+      buf.write_string('') # reserved
+      buf.write_string(hash_algorithm)
+      buf.write_string(hash(message))
+
+      buf.to_s
+    end
+
+    private
+
+    def self.read_uint64(buf)
+      b = buf.read(8)
+
+      return nil unless b
+
+      b.unpack1("N")
+    end
+
+    def self.armor_to_blob(armor)
+      # Remove starting and ending whitespace for header checks.
+      armor = armor.strip
+
+      raise DecodeError, "Couldn't parse signature: missing header"  unless armor.start_with?(BEGIN_SIGNATURE)
+
+      raise DecodeError, "Couldn't parse signature: missing footer"  unless armor.end_with?(END_SIGNATURE)
+
+      b64 = armor
+        .delete_prefix(BEGIN_SIGNATURE)
+        .delete_suffix(END_SIGNATURE)
+        .gsub(/\s+/, '') # Remove all remaining whitespace to ensure valid Base64
+
+      begin
+        Base64.strict_decode64(b64)
+      rescue ArgumentError => e
+        raise DecodeError, "Couldn't decode armor body: #{e.message}"
+      end
+    end
+
+    def hash(data)
+      case hash_algorithm
+      when "sha512"
+        ::Digest::SHA2.new(512).digest(data)
+      when "sha256"
+        ::Digest::SHA2.new(256).digest(data)
+      else
+        raise VerifyError, "Hash algorithm #{hash_algorithm} is not supported"
+      end
+    end
+  end
+end

data/lib/ssh_sig/error.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+module SshSig
+  Error = Class.new(::StandardError)
+  DecodeError = Class.new(Error)
+  LoadError = Class.new(Error)
+  VerifyError = Class.new(Error)
+end

data/lib/ssh_sig/key_loader/http.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require 'open-uri'
+
+module SshSig
+  module KeyLoader
+    class Http < PubKey
+      class << self
+        def load(url)
+          keys = get(url)
+
+          super(keys)
+        end
+
+        def load_dot_keys(username, base_addr = 'https://gitlab.com')
+          load("#{base_addr}/#{username}.keys")
+        end
+
+        private
+
+        def get(url)
+          URI(url).read
+        rescue StandardError => e
+          raise ::SshSig::LoadError, "Error received from remote: #{e.message}"
+        end
+      end
+    end
+  end
+end

data/lib/ssh_sig/key_loader/pub_key.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+require 'net/ssh'
+
+module SshSig
+  module KeyLoader
+    class PubKey
+      SUPPORTED_KEY_ALGORITHMS = %w[ssh-ed25519 ssh-rsa].freeze
+      class << self
+        def load(armored)
+          keys = armored.split("\n")
+
+          keys
+            .filter { |key| supported_key_algorithm?(key) }
+            .map { |key| load_data_public_key(key) }
+        rescue ::Net::SSH::Exception, ::ArgumentError
+          raise ::SshSig::LoadError, 'Public key is not valid'
+        end
+
+        private
+
+        def load_data_public_key(key)
+          ::Net::SSH::KeyFactory.load_data_public_key(key)
+        end
+
+        def supported_key_algorithm?(key)
+          alg = key.split(' ').first
+
+          SUPPORTED_KEY_ALGORITHMS.any?(alg)
+        end
+      end
+    end
+  end
+end

data/lib/ssh_sig/serializable.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+module SshSig
+  module Serializable
+    SIG_VERSION = 1
+    MAGIC_PREAMBLE = "SSHSIG"
+    BEGIN_SIGNATURE = "-----BEGIN SSH SIGNATURE-----"
+    END_SIGNATURE = "-----END SSH SIGNATURE-----"
+    SIGALG_ALLOWED = %w[ssh-ed25519 rsa-sha2-512 rsa-sha2-256].freeze
+    HASHALG_ALLOWED = %w[sha512 sha256].freeze
+
+    def signature_algorithm_allowed?(alg)
+      SIGALG_ALLOWED.any?(alg)
+    end
+
+    def hash_algorithm_allowed?(alg)
+      HASHALG_ALLOWED.any?(alg)
+    end
+  end
+end

data/lib/ssh_sig/signature.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+module SshSig
+  class Signature
+    attr_reader :algorithm, :bytes
+
+    def initialize(
+      algorithm:,
+      bytes:
+    )
+      @algorithm = algorithm
+      @bytes = bytes
+    end
+
+    # While not described well in the protocol documenation,
+    # the signature has two parts. There is a string describing the algorithm,
+    # which can be one of ssh-ed25519, rsa-sha2-512, or rsa-sha2-256,
+    # followed by the actual signature bytes.
+    #
+    # string   algorithm
+    # string   signature_bytes
+    def self.from_bytes(blob)
+      buf = ::Net::SSH::Buffer.new(blob)
+
+      algorithm = buf.read_string
+
+      raise DecodeError, 'Signature algorithm is missing' if algorithm.nil?
+
+      bytes = buf.read_string
+
+      raise DecodeError, 'Signature data is missing' if bytes.nil?
+
+      Signature.new(
+        algorithm: algorithm,
+        bytes: bytes
+      )
+    end
+  end
+end

data/lib/ssh_sig/verifier.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'ed25519'
+
+module SshSig
+  class Verifier
+    def initialize(public_keys)
+      @public_keys = public_keys
+    end
+
+    def self.from_armored_pubkey(armored_pubkey)
+      public_keys = ::SshSig::KeyLoader::PubKey.load(armored_pubkey)
+
+      new(public_keys)
+    end
+
+    def self.from_github(username, base_addr = 'https://github.com')
+      public_keys = ::SshSig::KeyLoader::Http.load_dot_keys(username, base_addr)
+
+      new(public_keys)
+    end
+
+    def self.from_gitlab(username, base_addr = 'https://gitlab.com')
+      public_keys = ::SshSig::KeyLoader::Http.load_dot_keys(username, base_addr)
+
+      new(public_keys)
+    end
+
+    def verify(blob, message)
+      return false unless blob&.signature
+
+      @public_keys.any? do |key|
+        key.ssh_do_verify(
+          blob.signature.bytes,
+          blob.signature_data(message),
+          # When using RSA, net-ssh uses this to determine the digest algorithm to use.
+          # Added in net-ssh 6.3.0.beta1
+          { host_key: blob.signature.algorithm }
+        )
+      end
+    rescue ::Ed25519::VerifyError
+      # Ed25519 public keys raise exceptions when they fail to verify,
+      # but RSA public keys don't
+      false
+    end
+  end
+end

data/lib/ssh_sig/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module SshSig
+  VERSION = "0.1.1"
+end

data/lib/ssh_sig.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require 'zeitwerk'
+
+loader = Zeitwerk::Loader.for_gem
+loader.setup
+
+module SshSig
+end
+
+loader.eager_load

metadata

@@ -0,0 +1,274 @@
+--- !ruby/object:Gem::Specification
+name: ssh_sig
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- Brian Williams
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2021-12-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bcrypt_pbkdf
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: ed25519
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.2'
+- !ruby/object:Gem::Dependency
+  name: net-ssh
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 6.3.0.beta1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 6.3.0.beta1
+- !ruby/object:Gem::Dependency
+  name: zeitwerk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.4'
+- !ruby/object:Gem::Dependency
+  name: gitlab-styles
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.2.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.2.0
+- !ruby/object:Gem::Dependency
+  name: rspec-parameterized
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.5.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.5.0
+description: |
+  # SshSig - SSH signature verification in pure ruby
+
+  SshSig is a Ruby gem which can be used to verify signatures signed created by `ssh-keygen`.
+  This capability was [first added](https://github.com/openssh/openssh-portable/commit/2a9c9f7272c1e8665155118fe6536bebdafb6166) in OpenSSH 8.0
+  allows SSH keys to be used for GPG-like signing capabilities, [including signing git commits](https://github.com/git/git/pull/1041).
+
+  ## Installation
+
+  Add this line to your application's Gemfile:
+
+  ```ruby
+  gem 'ssh_sig'
+  ```
+
+  And then execute:
+
+      $ bundle install
+
+  Or install it yourself as:
+
+      $ gem install ssh_sig
+
+  ## Usage
+
+  Version 1 of [the SSH signature format](https://github.com/openssh/openssh-portable/blob/b7ffbb17e37f59249c31f1ff59d6c5d80888f689/PROTOCOL.sshsig)
+  supports `ed25519` and `rsa` keys. It is recommended that you use `ed25519` over `rsa` where possible (`ssh-keygen -t ed25519`).
+
+  In order to verify a signature you need:
+
+  1. The public key of the sender
+  1. The signature file
+  1. The message to be verified.
+
+  ```ruby
+  require 'ssh_sig'
+
+  armored_pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILXPkJPI4TMFWZP4xRBQjNeizUG99KuZCt9G23rX48kz"
+
+  blob = ::SshSig::Blob.from_armor(
+    <<~EOF
+    -----BEGIN SSH SIGNATURE-----
+    U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgtc+Qk8jhMwVZk/jFEFCM16LNQb
+    30q5kK30bbetfjyTMAAAAEZmlsZQAAAAAAAAAGc2hhNTEyAAAAUwAAAAtzc2gtZWQyNTUx
+    OQAAAECJITeYJIlEeydsCTh1DkfdhlDJFBa73ojfWe0MbrIzoJKd9THd9WeQrhygSRGsNG
+    cU/stk3/919nykg67yG2gN
+    -----END SSH SIGNATURE-----
+    EOF
+  )
+
+  message = "This message was definitely sent by Brian Williams"
+
+  valid = ::SshSig::Verifier
+    .from_armored_pubkey(armored_pubkey)
+    .verify(blob, message)
+
+  if valid
+    puts 'Signature is valid'
+  else
+    puts 'Signature is not valid'
+  end
+  ```
+
+  Signatures can be created using `ssh-keygen -Y sign -n file -f ~/.ssh/ed_25519 message.txt`
+  and will be outputted in `message.txt.sig`.
+
+  Public keys can be found in a variety of places, including:
+
+  - Your `~/.ssh/id_<alg>.pub` file
+  - `authorized_keys` files on servers
+  - `https://gitlab.com/<username>.keys`
+  - `https://github.com/<username>.keys`
+
+  The `SshSig::Verifier#from_gitlab` and `SshSig::Verifier#from_github` methods are provided
+  to automatically load public keys from the respective `<username>.keys` urls.
+
+  ```ruby
+  require 'ssh_sig'
+
+  blob = ::SshSig::Blob.from_armor(
+    <<~EOF
+    -----BEGIN SSH SIGNATURE-----
+    U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgtc+Qk8jhMwVZk/jFEFCM16LNQb
+    30q5kK30bbetfjyTMAAAAEZmlsZQAAAAAAAAAGc2hhNTEyAAAAUwAAAAtzc2gtZWQyNTUx
+    OQAAAECJITeYJIlEeydsCTh1DkfdhlDJFBa73ojfWe0MbrIzoJKd9THd9WeQrhygSRGsNG
+    cU/stk3/919nykg67yG2gN
+    -----END SSH SIGNATURE-----
+    EOF
+  )
+
+  message = 'This message was definitely sent by Brian Williams'
+
+  valid = ::SshSig::Verifier
+    .from_gitlab('bwill')
+    .verify(blob, message)
+
+  if valid
+    puts 'Signature is valid'
+  else
+    puts 'Signature is not valid'
+  end
+  ```
+
+  ## Is it safe to re-purpose SSH keys for signing?
+
+  Yes. The [SSH signature protocol](https://github.com/openssh/openssh-portable/blob/d575cf44895104e0fcb0629920fb645207218129/PROTOCOL.sshsig)
+  is designed to be resistant to cross-protocol attacks, where signatures created for one purpose (i.e. signing a git commit),
+  may be re-used for another purpose (i.e. authenticating to a server). It does this using the magic pre-amble (to differentiate
+  between messages signed by `ssh-keygen` and messages used for SSH authentication) and namespaces (to differentiate between
+  messages signed by `ssh-keygen` but used for different purposes). This causes identical messages to produce different signatures
+  for each different protocol.
+
+  ## Development
+
+  After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+  To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+  ## Contributing
+
+  Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/ssh_sig. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/[USERNAME]/ssh_sig/blob/main/CODE_OF_CONDUCT.md).
+
+  ## License
+
+  The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+email:
+- bwilliams@gitlab.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".rspec"
+- ".rubocop.yml"
+- CHANGELOG.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- bin/setup-integration
+- lib/ssh_sig.rb
+- lib/ssh_sig/blob.rb
+- lib/ssh_sig/error.rb
+- lib/ssh_sig/key_loader/http.rb
+- lib/ssh_sig/key_loader/pub_key.rb
+- lib/ssh_sig/serializable.rb
+- lib/ssh_sig/signature.rb
+- lib/ssh_sig/verifier.rb
+- lib/ssh_sig/version.rb
+homepage: https://gitlab.com/bwill/ssh_sig
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://gitlab.com/bwill/ssh_sig
+  source_code_uri: https://gitlab.com/bwill/ssh_sig
+  changelog_uri: https://gitlab.com/bwill/ssh_sig/-/blob/main/CHANGELOG.md
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.7.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.6
+signing_key:
+specification_version: 4
+summary: SSH Signatures in Ruby
+test_files: []