sshkey 1.5.1 → 1.6.0

data/.travis.yml

@@ -11,3 +11,6 @@ rvm:
   - jruby-head
   - rbx-18mode
   - rbx-19mode
+matrix:
+  allow_failures:
+    - rvm: ruby-head

data/README.md

@@ -13,7 +13,7 @@ Tested on the following Rubies: MRI 1.8.7, 1.9.2, 1.9.3, 2.0.0, REE, JRuby (1.7.
 ### Generate a new key
 
 When generating a new keypair the default key type is 2048-bit RSA, but you can supply the `type` (RSA or DSA) and `bits` in the options.
-You can also (optionally) supply a `comment` or `passphrase`:
+You can also (optionally) supply a `comment` or `passphrase`.
 
 ```ruby
 k = SSHKey.generate
@@ -23,7 +23,7 @@ k = SSHKey.generate(:type => "DSA", :bits => 1024, :comment => "foo@bar.com", :p
 
 ### Use your existing key
 
-Return an SSHKey object from an existing RSA or DSA private key (provided as a string)
+Return an SSHKey object from an existing RSA or DSA private key (provided as a string).
 
 ```ruby
 k = SSHKey.new(File.read("~/.ssh/id_rsa"), :comment => "foo@bar.com")

data/lib/sshkey.rb

@@ -1,7 +1,10 @@
+$:.unshift File.dirname(__FILE__)
+
 require 'openssl'
 require 'base64'
 require 'digest/md5'
 require 'digest/sha1'
+require 'sshkey/exception'
 
 class SSHKey
   SSH_TYPES      = {"rsa" => "ssh-rsa", "dsa" => "ssh-dss"}
@@ -46,31 +49,22 @@ class SSHKey
     #
     def valid_ssh_public_key?(ssh_public_key)
       ssh_type, encoded_key = parse_ssh_public_key(ssh_public_key)
-
-      type = SSH_TYPES.invert[ssh_type]
-      prefix = [0,0,0,7].pack("C*")
-      decoded = Base64.decode64(encoded_key)
-
-      # Base64 decoding is too permissive, so we should validate if encoding is correct
-      return false unless Base64.encode64(decoded).gsub("\n", "") == encoded_key
-      return false unless decoded.sub!(/^#{prefix}#{ssh_type}/, "")
-
-      unpacked = decoded.unpack("C*")
-      data = []
-      index = 0
-      until unpacked[index].nil?
-        datum_size = from_byte_array unpacked[index..index+4-1], 4
-        index = index + 4
-        datum = from_byte_array unpacked[index..index+datum_size-1], datum_size
-        data << datum
-        index = index + datum_size
-      end
-
-      SSH_CONVERSION[type].size == data.size
+      SSH_CONVERSION[SSH_TYPES.invert[ssh_type]].size == unpacked_byte_array(ssh_type, encoded_key).size
     rescue
       false
     end
 
+    # Bits
+    #
+    # Returns ssh public key bits or false depending on the validity of the public key provided
+    #
+    # ==== Parameters
+    # * ssh_public_key<~String> - "ssh-rsa AAAAB3NzaC1yc2EA...."
+    #
+    def ssh_public_key_bits(ssh_public_key)
+      unpacked_byte_array( *parse_ssh_public_key(ssh_public_key) ).last.size * 8
+    end
+
     # Fingerprints
     #
     # Accepts either a public or private key
@@ -96,9 +90,31 @@ class SSHKey
 
     private
 
+    def unpacked_byte_array(ssh_type, encoded_key)
+      prefix = [0,0,0,7].pack("C*")
+      decoded = Base64.decode64(encoded_key)
+
+      # Base64 decoding is too permissive, so we should validate if encoding is correct
+      if Base64.encode64(decoded).gsub("\n", "") != encoded_key || decoded.sub!(/^#{prefix}#{ssh_type}/, "").nil?
+        raise PublicKeyError, "validation error"
+      end
+
+      unpacked = decoded.unpack("C*")
+      data = []
+      index = 0
+      until unpacked[index].nil?
+        datum_size = from_byte_array unpacked[index..index+4-1], 4
+        index = index + 4
+        datum = from_byte_array unpacked[index..index+datum_size-1], datum_size
+        data << datum
+        index = index + datum_size
+      end
+      return data
+    end
+
     def from_byte_array(byte_array, expected_size = nil)
+      raise PublicKeyError, "byte array too short" if !expected_size.nil? && expected_size != byte_array.size
       num = 0
-      raise "Byte array too short" if !expected_size.nil? && expected_size != byte_array.size
       byte_array.reverse.each_with_index do |item, index|
         num += item * 256**(index)
       end
@@ -116,8 +132,9 @@ class SSHKey
     def parse_ssh_public_key(public_key)
       parsed = public_key.split(" ")
       parsed.each_with_index do |el, index|
-        break parsed[index..(index+1)] if !SSH_TYPES.invert[el].nil?
+        return parsed[index..(index+1)] if SSH_TYPES.invert[el]
       end
+      raise PublicKeyError, "cannot determine key type"
     end
   end
 
@@ -192,7 +209,7 @@ class SSHKey
 
   # Determine the length (bits) of the key as an integer
   def bits
-    key_object.to_text.match(/Private-Key:\s\((\d*)\sbit\)/)[1].to_i
+    self.class.ssh_public_key_bits(ssh_public_key)
   end
 
   # Randomart

data/lib/sshkey/exception.rb

@@ -0,0 +1,3 @@
+class SSHKey
+  class PublicKeyError < StandardError; end
+end

data/lib/sshkey/version.rb

@@ -1,3 +1,3 @@
 class SSHKey
-  VERSION = "1.5.1"
+  VERSION = "1.6.0"
 end

data/test/sshkey_test.rb

@@ -253,6 +253,30 @@ EOF
     assert !SSHKey.valid_ssh_public_key?(invalid5)
   end
 
+  def test_ssh_public_key_bits
+    expected1 = "ssh-rsa #{SSH_PUBLIC_KEY1} me@example.com"
+    expected2 = "ssh-rsa #{SSH_PUBLIC_KEY2} me@example.com"
+    expected3 = "ssh-dss #{SSH_PUBLIC_KEY3} me@example.com"
+    expected4 = "ssh-rsa #{SSH_PUBLIC_KEY1}"
+    expected5 = %Q{from="trusted.eng.cam.ac.uk",no-port-forwarding,no-pty ssh-rsa #{SSH_PUBLIC_KEY1}}
+    invalid1  = "#{SSH_PUBLIC_KEY1} me@example.com"
+
+    assert_equal 2048, SSHKey.ssh_public_key_bits(expected1)
+    assert_equal 2048, SSHKey.ssh_public_key_bits(expected2)
+    assert_equal 1024, SSHKey.ssh_public_key_bits(expected3)
+    assert_equal 2048, SSHKey.ssh_public_key_bits(expected4)
+    assert_equal 2048, SSHKey.ssh_public_key_bits(expected5)
+    assert_equal 512,  SSHKey.ssh_public_key_bits(SSHKey.generate(:bits => 512).ssh_public_key)
+
+    exception1 = assert_raises(SSHKey::PublicKeyError) { SSHKey.ssh_public_key_bits( expected1.gsub('A','.') ) }
+    exception2 = assert_raises(SSHKey::PublicKeyError) { SSHKey.ssh_public_key_bits( expected1[0..-20] ) }
+    exception3 = assert_raises(SSHKey::PublicKeyError) { SSHKey.ssh_public_key_bits(invalid1) }
+
+    assert_equal( "validation error",          exception1.message )
+    assert_equal( "byte array too short",      exception2.message )
+    assert_equal( "cannot determine key type", exception3.message )
+  end
+
   def test_exponent
     assert_equal 35, @key1.key_object.e.to_i
     assert_equal 35, @key2.key_object.e.to_i

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sshkey
 version: !ruby/object:Gem::Version
-  version: 1.5.1
+  version: 1.6.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-04-03 00:00:00.000000000 Z
+date: 2013-09-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -41,6 +41,7 @@ files:
 - README.md
 - Rakefile
 - lib/sshkey.rb
+- lib/sshkey/exception.rb
 - lib/sshkey/version.rb
 - sshkey.gemspec
 - test/sshkey_test.rb
@@ -70,4 +71,3 @@ specification_version: 3
 summary: SSH private/public key generator in Ruby
 test_files:
 - test/sshkey_test.rb
-has_rdoc: