Class: HrrRbSsh::Algorithm::Publickey::SshEd25519::PKey

Inherits:
Object
  • Object
show all
Defined in:
lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb

Defined Under Namespace

Classes: Error

Instance Method Summary collapse

Constructor Details

#initialize(arg = nil) ⇒ PKey

Returns a new instance of PKey.



16
17
18
19
20
21
22
23
24
25
 
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 16

def initialize arg=nil
  case arg
  when ::Ed25519::SigningKey, ::Ed25519::VerifyKey
    @key = arg
  when ::String
    @key = load_key_str arg
  when nil
    # do nothing
  end
end

Instance Method Details

#key_strObject 



136
137
138
 
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 136

def key_str
  @key.to_bytes
end

#load_key_str(key_str) ⇒ Object 



27
28
29
30
31
32
33
34
35
36
37
 
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 27

def load_key_str key_str
  begin
    load_openssh_key key_str
  rescue
    begin
      load_openssl_key key_str
    rescue
      raise Error
    end
  end
end

#load_openssh_key(key_str) ⇒ Object

Raises:



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 39

def load_openssh_key key_str
  begin_marker = "-----BEGIN OPENSSH PRIVATE KEY-----\n"
  end_marker   = "-----END OPENSSH PRIVATE KEY-----\n"
  magic        = "openssh-key-v1"

  raise Error unless key_str.start_with? begin_marker
  raise Error unless key_str.end_with? end_marker
  decoded_key_str = Base64.decode64(key_str[begin_marker.size...-end_marker.size])
  raise Error unless decoded_key_str[0,14] == magic

  private_key_h = OpenSSHPrivateKey.decode decoded_key_str[15..-1]
  private_key_content_h = OpenSSHPrivateKeyContent.decode private_key_h[:'content']
  key_pair = private_key_content_h[:'key pair']

  ::Ed25519::SigningKey.new(key_pair[0,32])
end

#load_openssl_key(key_str) ⇒ Object 



56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 56

def load_openssl_key key_str
  private_key_begin_marker = "-----BEGIN PRIVATE KEY-----\n"
  public_key_begin_marker  = "-----BEGIN PUBLIC KEY-----\n"
  if key_str.start_with? private_key_begin_marker
    begin_marker = "-----BEGIN PRIVATE KEY-----\n"
    end_marker   = "-----END PRIVATE KEY-----\n"

    raise Error unless key_str.start_with? begin_marker
    raise Error unless key_str.end_with? end_marker

    decoded_key_str = Base64.decode64(key_str[begin_marker.size...-end_marker.size])
    key_der = OpenSSL::ASN1.decode decoded_key_str

    ::Ed25519::SigningKey.new(key_der.value[2].value[2..-1])
  elsif key_str.start_with? public_key_begin_marker
    begin_marker = "-----BEGIN PUBLIC KEY-----\n"
    end_marker   = "-----END PUBLIC KEY-----\n"

    raise Error unless key_str.start_with? begin_marker
    raise Error unless key_str.end_with? end_marker

    decoded_key_str = Base64.decode64(key_str[begin_marker.size...-end_marker.size])
    key_der = OpenSSL::ASN1.decode decoded_key_str

    ::Ed25519::VerifyKey.new(key_der.value[1].value)
  else
    raise Error
  end
end

#public_keyObject 



127
128
129
130
131
132
133
134
 
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 127

def public_key
  case @key
  when ::Ed25519::SigningKey
    self.class.new @key.verify_key
  when ::Ed25519::VerifyKey
    self
  end
end

#set_public_key(key_str) ⇒ Object 



86
87
88
 
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 86

def set_public_key key_str
  @key = ::Ed25519::VerifyKey.new(key_str)
end

#sign(data) ⇒ Object 



140
141
142
 
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 140

def sign data
  @key.sign data
end

#to_pemObject 



90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
 
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 90

def to_pem
  ed25519_object_id = '1.3.101.112'
  case @key
=begin
  when ::Ed25519::SigningKey
    begin_marker = "-----BEGIN PRIVATE KEY-----\n"
    end_marker   = "-----END PRIVATE KEY-----\n"
    key_asn1 = OpenSSL::ASN1::Sequence.new(
      [
        OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(0)),
        OpenSSL::ASN1::Sequence.new(
          [
            OpenSSL::ASN1::ObjectId.new(ed25519_object_id),
          ]
        ),
        OpenSSL::ASN1::OctetString.new(@key.to_bytes),
      ]
    )
=end
  when ::Ed25519::VerifyKey
    begin_marker = "-----BEGIN PUBLIC KEY-----\n"
    end_marker   = "-----END PUBLIC KEY-----\n"
    key_asn1 = OpenSSL::ASN1::Sequence.new(
      [
        OpenSSL::ASN1::Sequence.new(
          [
            OpenSSL::ASN1::ObjectId.new(ed25519_object_id),
          ]
        ),
        OpenSSL::ASN1::BitString.new(@key.to_bytes),
      ]
    )
  end
  pem_str = Base64.encode64(key_asn1.to_der)
  begin_marker + pem_str + end_marker
end

#verify(signature, data) ⇒ Object 



144
145
146
147
148
149
150
 
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 144

def verify signature, data
  begin
    @key.verify signature, data
  rescue ::Ed25519::VerifyError
    false
  end
end