Class: Cryptorecord::Sshfp
- Inherits:
-
Object
- Object
- Cryptorecord::Sshfp
- Defined in:
- lib/cryptorecord/sshfp.rb
Overview
Cryptorecord::Sshfp-class generates sshfp-dns-records. The ssh-host-keys are read from files
Instance Attribute Summary collapse
-
#cipher ⇒ Integer
The cipher.
-
#digest ⇒ Integer
Sha1 = 1, sha256 = 2.
-
#host ⇒ String
The fqdn-host.
-
#key ⇒ String
readonly
The ssh-host-key, without the type and comment.
Instance Method Summary collapse
-
#fingerprint ⇒ String
this function creates a Hash-String.
-
#initialize(args = {}) ⇒ Sshfp
constructor
This constructor initializes cipher, key, digest, host and keyfile If keyfile was provided, the key will automatically read from file.
-
#read_file(keyfile) ⇒ Object
This function reads in the key from file and initializes the cipher- and key-variable.
-
#to_s ⇒ String
This method concats the sshfp-record.
Constructor Details
#initialize(args = {}) ⇒ Sshfp
This constructor initializes cipher, key, digest, host and keyfile If keyfile was provided, the key will automatically read from file
49 50 51 52 53 54 55 56 57 |
# File 'lib/cryptorecord/sshfp.rb', line 49 def initialize(args = {}) @cipher = nil @key = nil self.digest = args.fetch(:digest, 2) @host = args.fetch(:host, 'localhost') keyfile = args.fetch(:keyfile, nil) read_file(keyfile) unless keyfile.nil? end |
Instance Attribute Details
#cipher ⇒ Integer
Returns the cipher. ssh-rsa = 1, ssh-dss = 2, ecdsa = 3 and ed25519 = 4.
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 |
# File 'lib/cryptorecord/sshfp.rb', line 38 class Sshfp attr_reader :cipher, :digest, :key attr_accessor :host # This constructor initializes cipher, key, digest, host and keyfile # If keyfile was provided, the key will automatically read from file # # @param [Hash] args the options to initialize the object with # @option args [Integer] digest sha1 = 1, sha256 = 2 # @option args [String] host fqdn of the host # @option args [String] keyfile path to the keyfile def initialize(args = {}) @cipher = nil @key = nil self.digest = args.fetch(:digest, 2) @host = args.fetch(:host, 'localhost') keyfile = args.fetch(:keyfile, nil) read_file(keyfile) unless keyfile.nil? end # This setter initializes cipher # # @param [Integer] val the key-cipher. # ssh-rsa = 1, ssh-dss = 2, ecdsa = 3 and ed25519 = 4 # @raise Cryptorecord::ArgumentError def cipher=(val) if val.to_i < 1 || val.to_i > 4 raise ArgumentError, 'Invalid cipher. Has to be 0,1,2,3 or 4' end @cipher = val end # This setter initializes the hash-algo # # @param [Integer] val digest. sha1 = 1, sha256 = 2 # @raise Cryptorecord::ArgumentError def digest=(val) unless val.to_i == 1 || val.to_i == 2 raise ArgumentError, 'Invalid digest. Has to be 1 or 2' end @digest = val end # This function reads in the key from file and # initializes the cipher- and key-variable # @param [String] keyfile path to the ssh-hostkey-file # @raise Cryptorecord::ArgumentError def read_file(keyfile) raise ArgumentError, 'No hostkey-file defined' if keyfile.nil? data = File.read(keyfile) (type, @key) = data.split(' ') cipher_by_type(type) end # this function creates a Hash-String # # @return [String] Hash-string of the key # @raise Cryptorecord::KeyError def fingerprint raise Cryptorecord::KeyError, 'No certificate defined' if @key.nil? case @digest.to_i when 1 return OpenSSL::Digest::SHA1.new(Base64.strict_decode64(@key)).to_s when 2 return OpenSSL::Digest::SHA256.new(Base64.strict_decode64(@key)).to_s end end # This method concats the sshfp-record # # @return [String] sshfp dns-record as defined in rfc4255 # @raise Cryptorecord::KeyError def to_s raise Cryptorecord::KeyError, 'No certificate defined' if @key.nil? "#{@host}. IN SSHFP #{@cipher} #{@digest} #{fingerprint}" end private # This helper-function selects the cipher using the given # type # # @param [String] type ssh-rsa = 1, ssh-dss = 2, # ecdsa-sha2-nistp256 = 3, ssh-ed25519 = 4 # @raise Cryptorecord::CipherError # @return [Integer] integer value of the cipher def cipher_by_type(type) case type when 'ssh-rsa' self.cipher = 1 when 'ssh-dss' self.cipher = 2 when 'ecdsa-sha2-nistp256' self.cipher = 3 when 'ssh-ed25519' self.cipher = 4 else raise Cryptorecord::CipherError, 'Unsupported cipher' end end end |
#digest ⇒ Integer
Returns sha1 = 1, sha256 = 2.
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 |
# File 'lib/cryptorecord/sshfp.rb', line 38 class Sshfp attr_reader :cipher, :digest, :key attr_accessor :host # This constructor initializes cipher, key, digest, host and keyfile # If keyfile was provided, the key will automatically read from file # # @param [Hash] args the options to initialize the object with # @option args [Integer] digest sha1 = 1, sha256 = 2 # @option args [String] host fqdn of the host # @option args [String] keyfile path to the keyfile def initialize(args = {}) @cipher = nil @key = nil self.digest = args.fetch(:digest, 2) @host = args.fetch(:host, 'localhost') keyfile = args.fetch(:keyfile, nil) read_file(keyfile) unless keyfile.nil? end # This setter initializes cipher # # @param [Integer] val the key-cipher. # ssh-rsa = 1, ssh-dss = 2, ecdsa = 3 and ed25519 = 4 # @raise Cryptorecord::ArgumentError def cipher=(val) if val.to_i < 1 || val.to_i > 4 raise ArgumentError, 'Invalid cipher. Has to be 0,1,2,3 or 4' end @cipher = val end # This setter initializes the hash-algo # # @param [Integer] val digest. sha1 = 1, sha256 = 2 # @raise Cryptorecord::ArgumentError def digest=(val) unless val.to_i == 1 || val.to_i == 2 raise ArgumentError, 'Invalid digest. Has to be 1 or 2' end @digest = val end # This function reads in the key from file and # initializes the cipher- and key-variable # @param [String] keyfile path to the ssh-hostkey-file # @raise Cryptorecord::ArgumentError def read_file(keyfile) raise ArgumentError, 'No hostkey-file defined' if keyfile.nil? data = File.read(keyfile) (type, @key) = data.split(' ') cipher_by_type(type) end # this function creates a Hash-String # # @return [String] Hash-string of the key # @raise Cryptorecord::KeyError def fingerprint raise Cryptorecord::KeyError, 'No certificate defined' if @key.nil? case @digest.to_i when 1 return OpenSSL::Digest::SHA1.new(Base64.strict_decode64(@key)).to_s when 2 return OpenSSL::Digest::SHA256.new(Base64.strict_decode64(@key)).to_s end end # This method concats the sshfp-record # # @return [String] sshfp dns-record as defined in rfc4255 # @raise Cryptorecord::KeyError def to_s raise Cryptorecord::KeyError, 'No certificate defined' if @key.nil? "#{@host}. IN SSHFP #{@cipher} #{@digest} #{fingerprint}" end private # This helper-function selects the cipher using the given # type # # @param [String] type ssh-rsa = 1, ssh-dss = 2, # ecdsa-sha2-nistp256 = 3, ssh-ed25519 = 4 # @raise Cryptorecord::CipherError # @return [Integer] integer value of the cipher def cipher_by_type(type) case type when 'ssh-rsa' self.cipher = 1 when 'ssh-dss' self.cipher = 2 when 'ecdsa-sha2-nistp256' self.cipher = 3 when 'ssh-ed25519' self.cipher = 4 else raise Cryptorecord::CipherError, 'Unsupported cipher' end end end |
#host ⇒ String
Returns the fqdn-host.
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 |
# File 'lib/cryptorecord/sshfp.rb', line 38 class Sshfp attr_reader :cipher, :digest, :key attr_accessor :host # This constructor initializes cipher, key, digest, host and keyfile # If keyfile was provided, the key will automatically read from file # # @param [Hash] args the options to initialize the object with # @option args [Integer] digest sha1 = 1, sha256 = 2 # @option args [String] host fqdn of the host # @option args [String] keyfile path to the keyfile def initialize(args = {}) @cipher = nil @key = nil self.digest = args.fetch(:digest, 2) @host = args.fetch(:host, 'localhost') keyfile = args.fetch(:keyfile, nil) read_file(keyfile) unless keyfile.nil? end # This setter initializes cipher # # @param [Integer] val the key-cipher. # ssh-rsa = 1, ssh-dss = 2, ecdsa = 3 and ed25519 = 4 # @raise Cryptorecord::ArgumentError def cipher=(val) if val.to_i < 1 || val.to_i > 4 raise ArgumentError, 'Invalid cipher. Has to be 0,1,2,3 or 4' end @cipher = val end # This setter initializes the hash-algo # # @param [Integer] val digest. sha1 = 1, sha256 = 2 # @raise Cryptorecord::ArgumentError def digest=(val) unless val.to_i == 1 || val.to_i == 2 raise ArgumentError, 'Invalid digest. Has to be 1 or 2' end @digest = val end # This function reads in the key from file and # initializes the cipher- and key-variable # @param [String] keyfile path to the ssh-hostkey-file # @raise Cryptorecord::ArgumentError def read_file(keyfile) raise ArgumentError, 'No hostkey-file defined' if keyfile.nil? data = File.read(keyfile) (type, @key) = data.split(' ') cipher_by_type(type) end # this function creates a Hash-String # # @return [String] Hash-string of the key # @raise Cryptorecord::KeyError def fingerprint raise Cryptorecord::KeyError, 'No certificate defined' if @key.nil? case @digest.to_i when 1 return OpenSSL::Digest::SHA1.new(Base64.strict_decode64(@key)).to_s when 2 return OpenSSL::Digest::SHA256.new(Base64.strict_decode64(@key)).to_s end end # This method concats the sshfp-record # # @return [String] sshfp dns-record as defined in rfc4255 # @raise Cryptorecord::KeyError def to_s raise Cryptorecord::KeyError, 'No certificate defined' if @key.nil? "#{@host}. IN SSHFP #{@cipher} #{@digest} #{fingerprint}" end private # This helper-function selects the cipher using the given # type # # @param [String] type ssh-rsa = 1, ssh-dss = 2, # ecdsa-sha2-nistp256 = 3, ssh-ed25519 = 4 # @raise Cryptorecord::CipherError # @return [Integer] integer value of the cipher def cipher_by_type(type) case type when 'ssh-rsa' self.cipher = 1 when 'ssh-dss' self.cipher = 2 when 'ecdsa-sha2-nistp256' self.cipher = 3 when 'ssh-ed25519' self.cipher = 4 else raise Cryptorecord::CipherError, 'Unsupported cipher' end end end |
#key ⇒ String (readonly)
Returns the ssh-host-key, without the type and comment.
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 |
# File 'lib/cryptorecord/sshfp.rb', line 38 class Sshfp attr_reader :cipher, :digest, :key attr_accessor :host # This constructor initializes cipher, key, digest, host and keyfile # If keyfile was provided, the key will automatically read from file # # @param [Hash] args the options to initialize the object with # @option args [Integer] digest sha1 = 1, sha256 = 2 # @option args [String] host fqdn of the host # @option args [String] keyfile path to the keyfile def initialize(args = {}) @cipher = nil @key = nil self.digest = args.fetch(:digest, 2) @host = args.fetch(:host, 'localhost') keyfile = args.fetch(:keyfile, nil) read_file(keyfile) unless keyfile.nil? end # This setter initializes cipher # # @param [Integer] val the key-cipher. # ssh-rsa = 1, ssh-dss = 2, ecdsa = 3 and ed25519 = 4 # @raise Cryptorecord::ArgumentError def cipher=(val) if val.to_i < 1 || val.to_i > 4 raise ArgumentError, 'Invalid cipher. Has to be 0,1,2,3 or 4' end @cipher = val end # This setter initializes the hash-algo # # @param [Integer] val digest. sha1 = 1, sha256 = 2 # @raise Cryptorecord::ArgumentError def digest=(val) unless val.to_i == 1 || val.to_i == 2 raise ArgumentError, 'Invalid digest. Has to be 1 or 2' end @digest = val end # This function reads in the key from file and # initializes the cipher- and key-variable # @param [String] keyfile path to the ssh-hostkey-file # @raise Cryptorecord::ArgumentError def read_file(keyfile) raise ArgumentError, 'No hostkey-file defined' if keyfile.nil? data = File.read(keyfile) (type, @key) = data.split(' ') cipher_by_type(type) end # this function creates a Hash-String # # @return [String] Hash-string of the key # @raise Cryptorecord::KeyError def fingerprint raise Cryptorecord::KeyError, 'No certificate defined' if @key.nil? case @digest.to_i when 1 return OpenSSL::Digest::SHA1.new(Base64.strict_decode64(@key)).to_s when 2 return OpenSSL::Digest::SHA256.new(Base64.strict_decode64(@key)).to_s end end # This method concats the sshfp-record # # @return [String] sshfp dns-record as defined in rfc4255 # @raise Cryptorecord::KeyError def to_s raise Cryptorecord::KeyError, 'No certificate defined' if @key.nil? "#{@host}. IN SSHFP #{@cipher} #{@digest} #{fingerprint}" end private # This helper-function selects the cipher using the given # type # # @param [String] type ssh-rsa = 1, ssh-dss = 2, # ecdsa-sha2-nistp256 = 3, ssh-ed25519 = 4 # @raise Cryptorecord::CipherError # @return [Integer] integer value of the cipher def cipher_by_type(type) case type when 'ssh-rsa' self.cipher = 1 when 'ssh-dss' self.cipher = 2 when 'ecdsa-sha2-nistp256' self.cipher = 3 when 'ssh-ed25519' self.cipher = 4 else raise Cryptorecord::CipherError, 'Unsupported cipher' end end end |
Instance Method Details
#fingerprint ⇒ String
this function creates a Hash-String
99 100 101 102 103 104 105 106 107 108 |
# File 'lib/cryptorecord/sshfp.rb', line 99 def fingerprint raise Cryptorecord::KeyError, 'No certificate defined' if @key.nil? case @digest.to_i when 1 return OpenSSL::Digest::SHA1.new(Base64.strict_decode64(@key)).to_s when 2 return OpenSSL::Digest::SHA256.new(Base64.strict_decode64(@key)).to_s end end |
#read_file(keyfile) ⇒ Object
This function reads in the key from file and initializes the cipher- and key-variable
87 88 89 90 91 92 93 |
# File 'lib/cryptorecord/sshfp.rb', line 87 def read_file(keyfile) raise ArgumentError, 'No hostkey-file defined' if keyfile.nil? data = File.read(keyfile) (type, @key) = data.split(' ') cipher_by_type(type) end |
#to_s ⇒ String
This method concats the sshfp-record
114 115 116 117 |
# File 'lib/cryptorecord/sshfp.rb', line 114 def to_s raise Cryptorecord::KeyError, 'No certificate defined' if @key.nil? "#{@host}. IN SSHFP #{@cipher} #{@digest} #{fingerprint}" end |