sshkeyproof 0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. data/CHANGELOG +2 -0
  2. data/Manifest +6 -0
  3. data/README.md +24 -0
  4. data/Rakefile +9 -0
  5. data/lib/sshkeyauth.rb +38 -0
  6. data/sshkeyproof.gemspec +33 -0
  7. data/test/test_all.rb +36 -0
  8. metadata +77 -0
data/CHANGELOG ADDED
@@ -0,0 +1,2 @@
1
+ v0.1. first version
2
+
data/Manifest ADDED
@@ -0,0 +1,6 @@
1
+ CHANGELOG
2
+ Manifest
3
+ README.md
4
+ Rakefile
5
+ lib/sshkeyauth.rb
6
+ test/test_all.rb
data/README.md ADDED
@@ -0,0 +1,24 @@
1
+
2
+ h3. gem install 'sshkeyproof'
3
+
4
+ If you have a user's public key, you can verify they are who they say they are (ie. they hold the correspending private key):
5
+
6
+
7
+ h3. Client
8
+
9
+ The client takes their private key (defaults to ~/.ssh/id_rsa) and encrypts a random string as proof of work.
10
+
11
+ request = Sshkeyproof::Client.new key_file: "./id_rsa"
12
+
13
+
14
+ h3. Server
15
+
16
+ The server takes the request string and verifies it
17
+
18
+ s = Sshkeyproof::Server.new request
19
+
20
+ s.fingerprint # => public key SHA1 fingerprint
21
+
22
+ s.correct?(public_key) # => true
23
+
24
+
data/Rakefile ADDED
@@ -0,0 +1,9 @@
1
+ require 'echoe'
2
+
3
+ Echoe.new('sshkeyproof') do |p|
4
+ p.author = "Andrew Snow"
5
+ p.email = 'andrew@modulus.org'
6
+ p.summary = 'Ruby gem to prove client has the other half of a keypair'
7
+ p.url = 'https://github.com/andys/sshkeyproof'
8
+ p.runtime_dependencies = ['sshkey']
9
+ end
data/lib/sshkeyauth.rb ADDED
@@ -0,0 +1,38 @@
1
+
2
+ require 'openssl'
3
+ require 'sshkey'
4
+
5
+ module Sshkeyproof
6
+ class Client
7
+ def initialize(params={})
8
+ key_file = params[:key_file] || '~/.ssh/id_rsa'
9
+ ssh_key = params[:ssh_key] || File.read(key_file)
10
+ openssl_key = params[:openssl_key] || OpenSSL::PKey::RSA.new(ssh_key)
11
+ @privkey = openssl_key if openssl_key.private?
12
+ @pubkey = @privkey && @privkey.public_key || openssl_key
13
+ end
14
+
15
+ def random
16
+ @random ||= OpenSSL::Random.random_bytes(10).unpack('H*').first
17
+ end
18
+
19
+ def request
20
+ ciphertext = @privkey.private_encrypt(random).unpack('H*').first
21
+ "#{SSHKey.sha1_fingerprint(@pubkey.to_s)}|#{random.unpack('H*').first}|#{ciphertext}"
22
+ end
23
+
24
+ end
25
+
26
+ class Server
27
+ attr_reader :fingerprint
28
+ def initialize(request_string)
29
+ (@fingerprint,@random,@ciphertext) = request_string.to_s.split("|")
30
+ end
31
+
32
+ def correct?(key)
33
+ openssl_key = String===key ? OpenSSL::PKey::RSA.new(key) : key
34
+ @fingerprint && @random && @ciphertext && openssl_key.public_key.public_decrypt([@ciphertext].pack('H*')) == [@random].pack('H*') rescue nil
35
+ end
36
+ end
37
+
38
+ end
data/sshkeyproof.gemspec ADDED
@@ -0,0 +1,33 @@
1
+ # -*- encoding: utf-8 -*-
2
+
3
+ Gem::Specification.new do |s|
4
+ s.name = "sshkeyproof"
5
+ s.version = "0.1"
6
+
7
+ s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
8
+ s.authors = ["Andrew Snow"]
9
+ s.date = "2013-01-24"
10
+ s.description = "Ruby gem to prove client has the other half of a keypair"
11
+ s.email = "andrew@modulus.org"
12
+ s.extra_rdoc_files = ["CHANGELOG", "README.md", "lib/sshkeyauth.rb"]
13
+ s.files = ["CHANGELOG", "Manifest", "README.md", "Rakefile", "lib/sshkeyauth.rb", "test/test_all.rb", "sshkeyproof.gemspec"]
14
+ s.homepage = "https://github.com/andys/sshkeyproof"
15
+ s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Sshkeyproof", "--main", "README.md"]
16
+ s.require_paths = ["lib"]
17
+ s.rubyforge_project = "sshkeyproof"
18
+ s.rubygems_version = "1.8.24"
19
+ s.summary = "Ruby gem to prove client has the other half of a keypair"
20
+ s.test_files = ["test/test_all.rb"]
21
+
22
+ if s.respond_to? :specification_version then
23
+ s.specification_version = 3
24
+
25
+ if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
26
+ s.add_runtime_dependency(%q<sshkey>, [">= 0"])
27
+ else
28
+ s.add_dependency(%q<sshkey>, [">= 0"])
29
+ end
30
+ else
31
+ s.add_dependency(%q<sshkey>, [">= 0"])
32
+ end
33
+ end
data/test/test_all.rb ADDED
@@ -0,0 +1,36 @@
1
+ require "#{File.dirname(__FILE__)}/../lib/sshkeyproof"
2
+ require 'test/unit'
3
+
4
+ class TestSshkeyproof < Test::Unit::TestCase
5
+ def setup
6
+ @ssh_key = SSHKey.generate(type:"RSA", bits:1024, comment:"foo@bar.com")
7
+ @client = Sshkeyproof::Client.new ssh_key: @ssh_key.private_key
8
+ @request = @client.request
9
+ end
10
+
11
+ def test_success
12
+ server = Sshkeyproof::Server.new @request
13
+ assert_equal true, server.correct?(@ssh_key.public_key)
14
+ end
15
+
16
+ def test_bad_ciphertext
17
+ badrequest = @request.dup
18
+
19
+ #fiddle the cipher text
20
+ badrequest[-3] = '0'
21
+ badrequest[-2] = '0'
22
+ badrequest[-1] = '0'
23
+
24
+ server = Sshkeyproof::Server.new badrequest
25
+ assert_equal nil, server.correct?(@ssh_key.public_key)
26
+ end
27
+
28
+ def test_wrong_key
29
+ ssh_key2 = SSHKey.generate(type:"RSA", bits:1024, comment:"foo@bar.com")
30
+ client2 = Sshkeyproof::Client.new ssh_key: ssh_key2.private_key
31
+ request2 = client2.request
32
+
33
+ server = Sshkeyproof::Server.new request2
34
+ assert_equal nil, server.correct?(@ssh_key.public_key)
35
+ end
36
+ end
metadata ADDED
@@ -0,0 +1,77 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: sshkeyproof
3
+ version: !ruby/object:Gem::Version
4
+ prerelease:
5
+ version: '0.1'
6
+ platform: ruby
7
+ authors:
8
+ - Andrew Snow
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2013-01-24 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ! '>='
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ none: false
21
+ version_requirements: !ruby/object:Gem::Requirement
22
+ requirements:
23
+ - - ! '>='
24
+ - !ruby/object:Gem::Version
25
+ version: '0'
26
+ none: false
27
+ name: sshkey
28
+ prerelease: false
29
+ type: :runtime
30
+ description: Ruby gem to prove client has the other half of a keypair
31
+ email: andrew@modulus.org
32
+ executables: []
33
+ extensions: []
34
+ extra_rdoc_files:
35
+ - CHANGELOG
36
+ - README.md
37
+ - lib/sshkeyauth.rb
38
+ files:
39
+ - CHANGELOG
40
+ - Manifest
41
+ - README.md
42
+ - Rakefile
43
+ - lib/sshkeyauth.rb
44
+ - test/test_all.rb
45
+ - sshkeyproof.gemspec
46
+ homepage: https://github.com/andys/sshkeyproof
47
+ licenses: []
48
+ post_install_message:
49
+ rdoc_options:
50
+ - --line-numbers
51
+ - --inline-source
52
+ - --title
53
+ - Sshkeyproof
54
+ - --main
55
+ - README.md
56
+ require_paths:
57
+ - lib
58
+ required_ruby_version: !ruby/object:Gem::Requirement
59
+ requirements:
60
+ - - ! '>='
61
+ - !ruby/object:Gem::Version
62
+ version: '0'
63
+ none: false
64
+ required_rubygems_version: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ! '>='
67
+ - !ruby/object:Gem::Version
68
+ version: '1.2'
69
+ none: false
70
+ requirements: []
71
+ rubyforge_project: sshkeyproof
72
+ rubygems_version: 1.8.24
73
+ signing_key:
74
+ specification_version: 3
75
+ summary: Ruby gem to prove client has the other half of a keypair
76
+ test_files:
77
+ - test/test_all.rb