Class: HrrRbSsh::Transport::ServerHostKeyAlgorithm::SshDss

Inherits:
HrrRbSsh::Transport::ServerHostKeyAlgorithm show all
Defined in:
lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb

Constant Summary collapse

NAME = 
'ssh-dss'
SECRET_KEY = 
"-----BEGIN DSA PRIVATE KEY-----\nMIIBuwIBAAKBgQD3fQ6cwTtOJpVI0iASOQZxkhwPRNy7UwovQkEK6bXW33HaCebO\nPnNiY/rR4uFhjvHRzF8KnC8xk3fNo4ZJQJlaEHv6qySiXHeX1fw/eo/uzM5WafLd\noaRtE2muky1i3FBCiboXDlNcwuA/efsOE5qsGBbk6svw+8pGolHmOZFSvQIVAN2G\nZxtE9Kqqh6z48/VulQZsrh5hAoGAH3191okH8kUwP3dinp5j5YtNzrJ20sBXNNZG\n0aWjtS2xjSjIXjnlkiwhhvcUcCEkUQ507exvSLgf4dyV/V4+nf5Q5zjLztiSMe9D\nqhTRIR23lsDu0OdITQihTu+Y4GEvNLUL9r2P1aoF/sde97xzzqmXPKx0UL1nNzcL\ndnAdjjMCgYAa1dRvXe65jufPk0kRwhewRSScfg+YK4DOLUYGalsjHZbXtXqHKNpB\nYkTlWKMg6QVREN0+5aNY1z1aJAbNboLz55YBnS9tOBYzvsXQF7ZP1ECMO6m4I8DI\nwxt35i8hEVOJc+8x/xtmogzbjepar+1UycJQTMjhvqCW7RF4LuepvwIVANELTvnl\nMRl/p42OrQzL/chRPvRf\n-----END DSA PRIVATE KEY-----\n"
KEY_FORMAT_DEFINITION = 
[
  ['string', 'ssh-dss'],
  ['mpint',  'p'],
  ['mpint',  'q'],
  ['mpint',  'g'],
  ['mpint',  'y'],
]
SIGN_DEFINITION = 
[
  ['string', 'ssh-dss'],
  ['string', 'dss_signature_blob'],
]

Instance Method Summary collapse

Methods inherited from HrrRbSsh::Transport::ServerHostKeyAlgorithm

[], list, name_list

Constructor Details

#initializeSshDss

Returns a new instance of SshDss.



41
42
43
44
45
 
# File 'lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb', line 41

def initialize
  super

  @dss = OpenSSL::PKey::DSA.new SECRET_KEY
end

Instance Method Details

#decode(definition, payload) ⇒ Object 



54
55
56
57
58
59
60
61
62
 
# File 'lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb', line 54

def decode definition, payload
  payload_io = StringIO.new payload, 'r'
  definition.map{ |data_type, field_name|
    [
      field_name,
      HrrRbSsh::Transport::DataType[data_type].decode( payload_io )
    ]
  }.to_h
end

#encode(definition, payload) ⇒ Object 



47
48
49
50
51
52
 
# File 'lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb', line 47

def encode definition, payload
  definition.map{ |data_type, field_name|
    field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
    HrrRbSsh::Transport::DataType[data_type].encode( field_value )
  }.join
end

#server_public_host_keyObject 



64
65
66
67
68
69
70
71
72
73
 
# File 'lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb', line 64

def server_public_host_key
  payload = {
    'ssh-dss' => 'ssh-dss',
    'p'       => @dss.p.to_i,
    'q'       => @dss.q.to_i,
    'g'       => @dss.g.to_i,
    'y'       => @dss.pub_key.to_i,
  }
  encode KEY_FORMAT_DEFINITION, payload
end

#sign(digest, data) ⇒ Object 



75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb', line 75

def sign digest, data
  hash = OpenSSL::Digest.digest(digest, data)
  sign_der = @dss.syssign(hash)
  sign_asn1 = OpenSSL::ASN1.decode(sign_der)
  sign_r = sign_asn1.value[0].value.to_s(2).rjust(20, ["00"].pack("H"))
  sign_s = sign_asn1.value[1].value.to_s(2).rjust(20, ["00"].pack("H"))
  payload = {
    'ssh-dss'            => 'ssh-dss',
    'dss_signature_blob' => (sign_r + sign_s),
  }
  encode SIGN_DEFINITION, payload
end

#verify(digest, sign, data) ⇒ Object 



88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
 
# File 'lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb', line 88

def verify digest, sign, data
  payload = decode SIGN_DEFINITION, sign
  dss_signature_blob = payload['dss_signature_blob']
  sign_r = dss_signature_blob[ 0, 20]
  sign_s = dss_signature_blob[20, 20]
  sign_asn1 = OpenSSL::ASN1::Sequence.new(
    [
      OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_r, 2)),
      OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sign_s, 2)),
    ]
  )
  sign_der = sign_asn1.to_der
  hash = OpenSSL::Digest.digest(digest, data)
  payload['ssh-dss'] == 'ssh-dss' && @dss.sysverify(hash, sign_der)
end