Class: Net::SSH::Transport::Algorithms

Inherits:

Object

Object
Net::SSH::Transport::Algorithms

show all

Defined in:: lib/audit/lib/ssh_fingerprint2.rb

Instance Attribute Summary collapse

#key_data ⇒ Object readonly

Returns the value of attribute key_data.
#server_data ⇒ Object readonly

Returns the value of attribute server_data.

Instance Method Summary collapse

#exchange_keys ⇒ Object

kex algorithm), and uses it to exchange keys.

Instance Attribute Details

#key_data ⇒ `Object` (readonly)

Returns the value of attribute key_data.



11
12
13

# File 'lib/audit/lib/ssh_fingerprint2.rb', line 11

def key_data
  @key_data
end

#server_data ⇒ `Object` (readonly)

Returns the value of attribute server_data.



10
11
12

# File 'lib/audit/lib/ssh_fingerprint2.rb', line 10

def server_data
  @server_data
end

Instance Method Details

#exchange_keys ⇒ `Object`

kex algorithm), and uses it to exchange keys. Then, the ciphers and HMACs are initialized and fed to the transport layer, to be used in further communication with the server.

# File 'lib/audit/lib/ssh_fingerprint2.rb', line 17

def exchange_keys
  debug { "exchanging keys" }

  algorithm = Kex::MAP[kex].new(self, session,
    :client_version_string => Net::SSH::Transport::ServerVersion::PROTO_VERSION,
    :server_version_string => session.server_version.version,
    :server_algorithm_packet => @server_packet,
    :client_algorithm_packet => @client_packet,
    :need_bytes => kex_byte_requirement,
    :logger => logger)
  result = algorithm.exchange_keys
		  
		  #added by jonas
		  result[:type] = host_key()
		  @key_data = result

  secret   = result[:shared_secret].to_ssh
  hash     = result[:session_id]
  digester = result[:hashing_algorithm]

  @session_id ||= hash

  key = Proc.new { |salt| digester.digest(secret + hash + salt + @session_id) }
  
  iv_client = key["A"]
  iv_server = key["B"]
  key_client = key["C"]
  key_server = key["D"]
  mac_key_client = key["E"]
  mac_key_server = key["F"]

  parameters = { :iv => iv_client, :key => key_client, :shared => secret,
    :hash => hash, :digester => digester }
  
  cipher_client = CipherFactory.get(encryption_client, parameters.merge(:encrypt => true))
  cipher_server = CipherFactory.get(encryption_server, parameters.merge(:iv => iv_server, :key => key_server, :decrypt => true))

  mac_client = HMAC.get(hmac_client, mac_key_client)
  mac_server = HMAC.get(hmac_server, mac_key_server)

  session.configure_client :cipher => cipher_client, :hmac => mac_client,
    :compression => normalize_compression_name(compression_client),
    :compression_level => options[:compression_level],
    :rekey_limit => options[:rekey_limit],
    :max_packets => options[:rekey_packet_limit],
    :max_blocks => options[:rekey_blocks_limit]

  session.configure_server :cipher => cipher_server, :hmac => mac_server,
    :compression => normalize_compression_name(compression_server),
    :rekey_limit => options[:rekey_limit],
    :max_packets => options[:rekey_packet_limit],
    :max_blocks  => options[:rekey_blocks_limit]

  @initialized = true
end