RubyGems - sshkey - Versions diffs - 1.1.3 → 1.2.0 - Mend

sshkey 1.1.3 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

data/README.md ADDED

@@ -0,0 +1,67 @@
+sshkey
+======
+Generate private/public SSH keys using Ruby without the `ssh-keygen` system command.
+	gem install sshkey
+Tested on the following Rubies: MRI 1.8.7 and 1.9.2, Rubinius, JRuby.  Ruby must be compiled with OpenSSL support.
+Usage
+-----
+Generate an SSH RSA Keypair with foo@bar.com as the comment - providing a comment is optional
+``` ruby
+k = SSHKey.generate(:comment => "foo@bar.com")
+```
+Generate an SSH DSA Keypair with foo@bar.com as the comment - providing a comment is optional
+``` ruby
+k = SSHKey.generate(:type => "dsa", :comment => "foo@bar.com")
+```
+Return an SSHKey object from an existing RSA Private Key (provided as a string)
+``` ruby
+k = SSHKey.new(File.read("~/.ssh/id_rsa"), :comment => "foo@bar.com")
+```
+Both of these will return an SSHKey object with the following methods:
+``` ruby
+# Returns an OpenSSL::PKey::RSA or OpenSSL::PKey::DSA key object
+# See http://www.ruby-doc.org/stdlib/libdoc/openssl/rdoc/classes/OpenSSL/PKey/RSA.html
+k.key_object
+# => -----BEGIN RSA PRIVATE KEY-----\nMIIEowI...
+# Returns the Private Key as a string
+k.private_key
+# => "-----BEGIN RSA PRIVATE KEY-----\nMIIEowI..."
+# Returns the Public Key as a string
+k.public_key
+# => "-----BEGIN RSA PUBLIC KEY-----\nMIIBCg..."
+# Returns the SSH Public Key as a string
+k.ssh_public_key
+# => "ssh-rsa AAAAB3NzaC1yc2EA...."
+# Returns the comment as a string
+k.comment
+# => "foo@bar.com"
+# Returns the fingerprint as a string
+k.fingerprint
+# => "2a:89:84:c9:29:05:d1:f8:49:79:1c:ba:73:99:eb:af"
+# Validates SSH Public Key
+SSHKey.valid? "ssh-rsa AAAAB3NzaC1yc2EA...."
+# => true
+```
+Copyright
+---------
+Copyright (c) 2011 James Miller

data/lib/sshkey.rb CHANGED

@@ -3,28 +3,97 @@ require 'base64'
 require 'digest/md5'
 class SSHKey
+  SSH_TYPES      = {"rsa" => "ssh-rsa", "dsa" => "ssh-dss"}
+  SSH_CONVERSION = {"rsa" => ["e", "n"], "dsa" => ["p", "q", "g", "pub_key"]}
+  attr_reader :key_object, :comment, :type
   def self.generate(options = {})
-    SSHKey.new(OpenSSL::PKey::RSA.generate(2048).to_pem, options)
+    type = options[:type] || "rsa"
+    case type
+    when "rsa" then SSHKey.new(OpenSSL::PKey::RSA.generate(2048).to_pem, options)
+    when "dsa" then SSHKey.new(OpenSSL::PKey::DSA.generate(2048).to_pem, options)
+    else
+      raise "Unknown key type #{type}"
+    end
   end
-  attr_reader :key_object, :comment
+  def self.valid?(ssh_key)
+    ssh_type, encoded_key = ssh_key.split(" ")
+    type = SSH_TYPES.invert[ssh_type]
+    prefix = [0,0,0,7].pack("C*")
+    decoded = Base64.decode64(encoded_key)
+    # Base64 decoding is too permissive, so we should validate if encoding is correct
+    return false unless Base64.encode64(decoded).gsub("\n", "") == encoded_key
+    return false unless decoded.sub!(/^#{prefix}#{ssh_type}/, "")
+    unpacked = decoded.unpack("C*")
+    data = []
+    index = 0
+    until unpacked[index].nil?
+      datum_size = from_byte_array unpacked[index..index+4-1], 4
+      index = index + 4
+      datum = from_byte_array unpacked[index..index+datum_size-1], datum_size
+      data << datum
+      index = index + datum_size
+    end
+    SSH_CONVERSION[type].size == data.size
+  rescue
+    false
+  end
+  def self.from_byte_array(byte_array, expected_size = nil)
+    num = 0
+    raise "Byte array too short" if !expected_size.nil? && expected_size != byte_array.size
+    byte_array.reverse.each_with_index do |item, index|
+      num += item * 256**(index)
+    end
+    num
+  end
   def initialize(private_key, options = {})
-    @key_object = OpenSSL::PKey::RSA.new(private_key)
-    @comment    = options[:comment] || ""
+    begin
+      @key_object = OpenSSL::PKey::RSA.new(private_key)
+      @type = "rsa"
+    rescue
+      @key_object = OpenSSL::PKey::DSA.new(private_key)
+      @type = "dsa"
+    end
+    @comment = options[:comment] || ""
   end
-  def rsa_private_key
+  def private_key
     key_object.to_pem
   end
-  def rsa_public_key
+  def public_key
     key_object.public_key.to_pem
   end
+  ########################
+  # Backward compatibility
+  def rsa_private_key
+    private_key if type == "rsa"
+  end
+  def rsa_public_key
+    public_key if type == "rsa"
+  end
+  def dsa_private_key
+    private_key if type == "dsa"
+  end
+  def dsa_public_key
+    public_key if type == "dsa"
+  end
+  ########################
   def ssh_public_key
-    ["ssh-rsa", Base64.encode64(ssh_public_key_conversion).gsub("\n", ""), @comment].join(" ").strip
+    [SSH_TYPES[type], Base64.encode64(ssh_public_key_conversion).gsub("\n", ""), comment].join(" ").strip
   end
   def fingerprint
@@ -41,15 +110,14 @@ class SSHKey
   # For instance, the "ssh-rsa" string is encoded as the following byte array
   # [0, 0, 0, 7, 's', 's', 'h', '-', 'r', 's', 'a']
   def ssh_public_key_conversion
-    e = @key_object.public_key.e.to_i
-    n = @key_object.public_key.n.to_i
+    out = [0,0,0,7].pack("C*")
+    out += SSH_TYPES[type]
-    out = [0,0,0,7].pack("c*")
-    out += "ssh-rsa"
-    out += encode_unsigned_int_32(to_byte_array(e).length).pack("c*")
-    out += to_byte_array(e).pack("c*")
-    out += encode_unsigned_int_32(to_byte_array(n).length).pack("c*")
-    out += to_byte_array(n).pack("c*")
+    SSH_CONVERSION[type].each do |method|
+      byte_array = to_byte_array(key_object.public_key.send(method).to_i)
+      out += encode_unsigned_int_32(byte_array.length).pack("c*")
+      out += byte_array.pack("C*")
+    end
     return out
   end
@@ -71,4 +139,5 @@ class SSHKey
     end until (num == 0 || num == -1) && (result.last[7] == num[7])
     result.reverse
   end
 end

data/lib/sshkey/version.rb CHANGED

@@ -1,3 +1,3 @@
 class SSHKey
-  VERSION = "1.1.3"
+  VERSION = "1.2.0"
 end

data/test/sshkey_test.rb CHANGED

@@ -59,28 +59,52 @@ NOAVAoGACIdfR5oZ4tvNIeqjtLF83HmUJARv86eMmjqgiQTFcZS3A8vk5y05STxX
 HU3kTCfT6sypRi9zDQafIIyqYFgaOezr2eRRFRojQZqzHjtuFUeKLrKf7R9bzwwx
 DPlNgYq8p4FOY5ZOL/ZOxUHW4vKRewURJttnxzw+LEy0T1FyAE0=
 -----END RSA PRIVATE KEY-----
+EOF
+  SSH_PRIVATE_KEY3 = <<-EOF
+-----BEGIN DSA PRIVATE KEY-----
+MIIBvAIBAAKBgQC8lcuXcFcIC9wsV87L6PAwYefKgK0CwTSD1v3/aabZsu4w+UF8
+zsPtdsNP8+JWfOp3KFbrUTH+ODgAXF/aL4UZfpbsQe446ZFV8v6dmWqj23sk0FLX
+U5l2tsuJ9OdyXetVXjBvoiz+/r4k/iG/esvWlVGEHwq5eYXgQ1GfXABY3QIVAMVe
+c7skmkUrCR6iivgZYYe3PQPZAoGBAKnpdEVATtDGOW9w2evSf5kc1InzdTurcJOH
+q9qYdCaa8rlMGaIS6XFWcKqBlpj0Mv2R5ldW90bU/RllGvh1KinTIRVTsf4qtZIV
+Xy4vN8IYzDL1493nKndMsxsRh50rI1Snn2tssAix64eJ5VFSGlyOYEKYDMlWzHK6
+Jg3tVmc6AoGBAIwTRPAEcroqOzaebiVspFcmsXxDQ4wXQZQdho1ExW6FKS8s7/6p
+ItmZYXTvJDwLXgq2/iK1fRRcKk2PJEaSuJR7WeNGsJKfWmQ2UbOhqA3wWLDazIZt
+cMKjFzD0hM4E8qgjHjMvKDE6WgT6SFP+tqx3nnh7pJWwsbGjSMQexpyRAhQLhz0l
+GzM8qwTcXd06uIZAJdTHIQ==
+-----END DSA PRIVATE KEY-----
 EOF
   SSH_PUBLIC_KEY1 = 'AAAAB3NzaC1yc2EAAAABIwAAAQEArfTA/lKVR84IMc9ZzXOCHr8DVtR8hzWuEVHF6KElavRHlk14g0SZu3m908Ejm/XF3EfNHjX9wN+62IMA0QBxkBMFCuLF+U/oeUs0NoDdAEKxjj4n6lq6Ss8aLct+anMy7D1jwvOLbcwV54w1d5JDdlZVdZ6AvHm9otwJq6rNpDgdmXY4HgC2nM9csFpuy0cDpL6fdJx9lcNL2RnkRC4+RMsIB+PxDw0j3vDi04dYLBXMGYjyeGH+mIFpL3PTPXGXwL2XDYXZ2H4SQX6bOoKmazTXq6QXuEB665njh1GxXldoIMcSshoJL0hrk3WrTOG22N2CQA+IfHgrXJ+A+QUzKQ=='
   SSH_PUBLIC_KEY2 = 'AAAAB3NzaC1yc2EAAAABIwAAAQEAxl6TpN7uFiY/JZ8qDnD7UrxDP+ABeh2PVg8Du1LEgXNk0+YWCeP5S6oHklqaWeDlbmAs1oHsBwCMAVpMa5tgONOLvz4JgwgkiqQEbKR8ofWJ+LADUElvqRVGmGiNEMLI6GJWeneL4sjmbb8d6U+M53c6iWG0si9XE5m7teBQSsCl0Tk3qMIkQGw5zpJeCXjZ8KpJhIJRYgexFkGgPlYRV+UYIhxpUW90t0Ra5i6JOFYwq98k5S/6SJIZQ/A9F4JNzwLw3eVxZj0yVHWxkGz1+TyELNY1kOyMxnZaqSfGzSQJTrnIXpdweVHuYh1LtOgedRQhCyiELeSMGwio1vRPKw=='
+  SSH_PUBLIC_KEY3 = 'AAAAB3NzaC1kc3MAAACBALyVy5dwVwgL3CxXzsvo8DBh58qArQLBNIPW/f9pptmy7jD5QXzOw+12w0/z4lZ86ncoVutRMf44OABcX9ovhRl+luxB7jjpkVXy/p2ZaqPbeyTQUtdTmXa2y4n053Jd61VeMG+iLP7+viT+Ib96y9aVUYQfCrl5heBDUZ9cAFjdAAAAFQDFXnO7JJpFKwkeoor4GWGHtz0D2QAAAIEAqel0RUBO0MY5b3DZ69J/mRzUifN1O6twk4er2ph0JpryuUwZohLpcVZwqoGWmPQy/ZHmV1b3RtT9GWUa+HUqKdMhFVOx/iq1khVfLi83whjMMvXj3ecqd0yzGxGHnSsjVKefa2ywCLHrh4nlUVIaXI5gQpgMyVbMcromDe1WZzoAAACBAIwTRPAEcroqOzaebiVspFcmsXxDQ4wXQZQdho1ExW6FKS8s7/6pItmZYXTvJDwLXgq2/iK1fRRcKk2PJEaSuJR7WeNGsJKfWmQ2UbOhqA3wWLDazIZtcMKjFzD0hM4E8qgjHjMvKDE6WgT6SFP+tqx3nnh7pJWwsbGjSMQexpyR'
   KEY1_FINGERPRINT = "2a:89:84:c9:29:05:d1:f8:49:79:1c:ba:73:99:eb:af"
   KEY2_FINGERPRINT = "3c:af:74:87:cc:cc:a1:12:05:1a:09:b7:7b:ce:ed:ce"
+  KEY3_FINGERPRINT = "14:f6:6a:12:96:be:44:32:e6:3c:77:43:94:52:f5:7a"
   def setup
     @key1 = SSHKey.new(SSH_PRIVATE_KEY1, :comment => "me@example.com")
     @key2 = SSHKey.new(SSH_PRIVATE_KEY2, :comment => "me@example.com")
+    @key3 = SSHKey.new(SSH_PRIVATE_KEY3, :comment => "me@example.com")
     @key_without_comment = SSHKey.new(SSH_PRIVATE_KEY1)
   end
   def test_private_key1
+    assert_equal SSH_PRIVATE_KEY1, @key1.private_key
     assert_equal SSH_PRIVATE_KEY1, @key1.rsa_private_key
   end
   def test_private_key2
+    assert_equal SSH_PRIVATE_KEY2, @key2.private_key
     assert_equal SSH_PRIVATE_KEY2, @key2.rsa_private_key
   end
+  def test_private_key3
+    assert_equal SSH_PRIVATE_KEY3, @key3.private_key
+    assert_equal SSH_PRIVATE_KEY3, @key3.dsa_private_key
+  end
   def test_ssh_public_key_decoded1
     assert_equal Base64.decode64(SSH_PUBLIC_KEY1), @key1.send(:ssh_public_key_conversion)
   end
@@ -89,6 +113,10 @@ EOF
     assert_equal Base64.decode64(SSH_PUBLIC_KEY2), @key2.send(:ssh_public_key_conversion)
   end
+  def test_ssh_public_key_decoded3
+    assert_equal Base64.decode64(SSH_PUBLIC_KEY3), @key3.send(:ssh_public_key_conversion)
+  end
   def test_ssh_public_key_encoded1
     assert_equal SSH_PUBLIC_KEY1, Base64.encode64(@key1.send(:ssh_public_key_conversion)).gsub("\n", "")
   end
@@ -97,13 +125,42 @@ EOF
     assert_equal SSH_PUBLIC_KEY2, Base64.encode64(@key2.send(:ssh_public_key_conversion)).gsub("\n", "")
   end
+  def test_ssh_public_key_encoded3
+    assert_equal SSH_PUBLIC_KEY3, Base64.encode64(@key3.send(:ssh_public_key_conversion)).gsub("\n", "")
+  end
   def test_ssh_public_key_output
     expected1 = "ssh-rsa #{SSH_PUBLIC_KEY1} me@example.com"
     expected2 = "ssh-rsa #{SSH_PUBLIC_KEY2} me@example.com"
-    expected3 = "ssh-rsa #{SSH_PUBLIC_KEY1}"
+    expected3 = "ssh-dss #{SSH_PUBLIC_KEY3} me@example.com"
+    expected4 = "ssh-rsa #{SSH_PUBLIC_KEY1}"
     assert_equal expected1, @key1.ssh_public_key
     assert_equal expected2, @key2.ssh_public_key
-    assert_equal expected3, @key_without_comment.ssh_public_key
+    assert_equal expected3, @key3.ssh_public_key
+    assert_equal expected4, @key_without_comment.ssh_public_key
+  end
+  def test_ssh_public_key_validation
+    expected1 = "ssh-rsa #{SSH_PUBLIC_KEY1} me@example.com"
+    expected2 = "ssh-rsa #{SSH_PUBLIC_KEY2} me@example.com"
+    expected3 = "ssh-dss #{SSH_PUBLIC_KEY3} me@example.com"
+    expected4 = "ssh-rsa #{SSH_PUBLIC_KEY1}"
+    invalid1  = "ssh-rsa #{SSH_PUBLIC_KEY1}= me@example.com"
+    invalid2  = "ssh-rsa #{SSH_PUBLIC_KEY2}= me@example.com"
+    invalid3  = "ssh-dss #{SSH_PUBLIC_KEY3}= me@example.com"
+    invalid4  = "ssh-rsa A#{SSH_PUBLIC_KEY1}"
+    invalid5  = "ssh-rsa #{SSH_PUBLIC_KEY3} me@example.com"
+    assert SSHKey.valid?(expected1)
+    assert SSHKey.valid?(expected2)
+    assert SSHKey.valid?(expected3)
+    assert SSHKey.valid?(expected4)
+    assert !SSHKey.valid?(invalid1)
+    assert !SSHKey.valid?(invalid2)
+    assert !SSHKey.valid?(invalid3)
+    assert !SSHKey.valid?(invalid4)
+    assert !SSHKey.valid?(invalid5)
   end
   def test_exponent
@@ -119,6 +176,7 @@ EOF
   def test_fingerprint
     assert_equal KEY1_FINGERPRINT, @key1.fingerprint
     assert_equal KEY2_FINGERPRINT, @key2.fingerprint
+    assert_equal KEY3_FINGERPRINT, @key3.fingerprint
   end
   def test_to_byte_array

metadata CHANGED

@@ -2,7 +2,7 @@
 name: sshkey
 version: !ruby/object:Gem::Version
   prerelease:
-  version: 1.1.3
+  version: 1.2.0
 platform: ruby
 authors:
 - James Miller
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-05-12 00:00:00 -07:00
+date: 2011-06-02 00:00:00 -07:00
 default_executable:
 dependencies: []
@@ -27,7 +27,7 @@ files:
 - .gitignore
 - Gemfile
 - LICENSE
-- README.rdoc
+- README.md
 - Rakefile
 - lib/sshkey.rb
 - lib/sshkey/version.rb

data/README.rdoc DELETED

@@ -1,48 +0,0 @@
-= sshkey
-Generate private/public SSH keys using Ruby without the `ssh-keygen` system command.
-  gem install sshkey
-Tested on Ruby 1.8.7 and 1.9.2 (MRI).  Ruby must be compiled with OpenSSL support.
-== Usage
-Generate an SSH Keypair with foo@bar.com as the comment - providing a comment is optional
-  k = SSHKey.generate(:comment => "foo@bar.com")
-Return an SSHKey object from an existing RSA Private Key (provided as a string)
-  k = SSHKey.new(File.read("~/.ssh/id_rsa"), :comment => "foo@bar.com")
-Both of these will return an SSHKey object with the following methods:
-  # Returns an OpenSSL::PKey::RSA key object
-  # See http://www.ruby-doc.org/stdlib/libdoc/openssl/rdoc/classes/OpenSSL/PKey/RSA.html
-  k.key_object
-  # => -----BEGIN RSA PRIVATE KEY-----\nMIIEowI...
-  # Returns the RSA Private Key as a string
-  k.rsa_private_key
-  # => "-----BEGIN RSA PRIVATE KEY-----\nMIIEowI..."
-  # Returns the RSA Public Key as a string
-  k.rsa_public_key
-  # => "-----BEGIN RSA PUBLIC KEY-----\nMIIBCg..."
-  # Returns the SSH Public Key as a string
-  k.ssh_public_key
-  # => "ssh-rsa AAAAB3NzaC1yc2EA...."
-  # Returns the comment as a string
-  k.comment
-  # => "foo@bar.com"
-  # Returns the fingerprint as a string
-  k.fingerprint
-  # => "2a:89:84:c9:29:05:d1:f8:49:79:1c:ba:73:99:eb:af"
-== Copyright
-Copyright (c) 2011 James Miller