Class: HrrRbSsh::Algorithm::Publickey::SshEd25519::PKey

Inherits:
Object
  • Object
show all
Includes:
Loggable
Defined in:
lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb

Defined Under Namespace

Classes: Error

Instance Method Summary collapse

Constructor Details

#initialize(arg = nil, logger: nil) ⇒ PKey

Returns a new instance of PKey.



19
20
21
22
23
24
25
26
27
28
29
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 19

def initialize arg=nil, logger: nil
  self.logger = logger
  case arg
  when ::Ed25519::SigningKey, ::Ed25519::VerifyKey
    @key = arg
  when ::String
    @key = load_key_str arg
  when nil
    # do nothing
  end
end

Instance Method Details

#key_strObject



140
141
142
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 140

def key_str
  @key.to_bytes
end

#load_key_str(key_str) ⇒ Object



31
32
33
34
35
36
37
38
39
40
41
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 31

def load_key_str key_str
  begin
    load_openssh_key key_str
  rescue
    begin
      load_openssl_key key_str
    rescue
      raise Error
    end
  end
end

#load_openssh_key(key_str) ⇒ Object

Raises:



43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 43

def load_openssh_key key_str
  begin_marker = "-----BEGIN OPENSSH PRIVATE KEY-----\n"
  end_marker   = "-----END OPENSSH PRIVATE KEY-----\n"
  magic        = "openssh-key-v1"

  raise Error unless key_str.start_with? begin_marker
  raise Error unless key_str.end_with? end_marker
  decoded_key_str = Base64.decode64(key_str[begin_marker.size...-end_marker.size])
  raise Error unless decoded_key_str[0,14] == magic

  private_key_h = OpenSSHPrivateKey.new(logger: logger).decode decoded_key_str[15..-1]
  private_key_content_h = OpenSSHPrivateKeyContent.new(logger: logger).decode private_key_h[:'content']
  key_pair = private_key_content_h[:'key pair']

  ::Ed25519::SigningKey.new(key_pair[0,32])
end

#load_openssl_key(key_str) ⇒ Object



60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 60

def load_openssl_key key_str
  private_key_begin_marker = "-----BEGIN PRIVATE KEY-----\n"
  public_key_begin_marker  = "-----BEGIN PUBLIC KEY-----\n"
  if key_str.start_with? private_key_begin_marker
    begin_marker = "-----BEGIN PRIVATE KEY-----\n"
    end_marker   = "-----END PRIVATE KEY-----\n"

    raise Error unless key_str.start_with? begin_marker
    raise Error unless key_str.end_with? end_marker

    decoded_key_str = Base64.decode64(key_str[begin_marker.size...-end_marker.size])
    key_der = OpenSSL::ASN1.decode decoded_key_str

    ::Ed25519::SigningKey.new(key_der.value[2].value[2..-1])
  elsif key_str.start_with? public_key_begin_marker
    begin_marker = "-----BEGIN PUBLIC KEY-----\n"
    end_marker   = "-----END PUBLIC KEY-----\n"

    raise Error unless key_str.start_with? begin_marker
    raise Error unless key_str.end_with? end_marker

    decoded_key_str = Base64.decode64(key_str[begin_marker.size...-end_marker.size])
    key_der = OpenSSL::ASN1.decode decoded_key_str

    ::Ed25519::VerifyKey.new(key_der.value[1].value)
  else
    raise Error
  end
end

#public_keyObject



131
132
133
134
135
136
137
138
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 131

def public_key
  case @key
  when ::Ed25519::SigningKey
    self.class.new @key.verify_key
  when ::Ed25519::VerifyKey
    self
  end
end

#set_public_key(key_str) ⇒ Object



90
91
92
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 90

def set_public_key key_str
  @key = ::Ed25519::VerifyKey.new(key_str)
end

#sign(data) ⇒ Object



144
145
146
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 144

def sign data
  @key.sign data
end

#to_pemObject



94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 94

def to_pem
  ed25519_object_id = '1.3.101.112'
  case @key
=begin
  when ::Ed25519::SigningKey
    begin_marker = "-----BEGIN PRIVATE KEY-----\n"
    end_marker   = "-----END PRIVATE KEY-----\n"
    key_asn1 = OpenSSL::ASN1::Sequence.new(
      [
        OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(0)),
        OpenSSL::ASN1::Sequence.new(
          [
            OpenSSL::ASN1::ObjectId.new(ed25519_object_id),
          ]
        ),
        OpenSSL::ASN1::OctetString.new(@key.to_bytes),
      ]
    )
=end
  when ::Ed25519::VerifyKey
    begin_marker = "-----BEGIN PUBLIC KEY-----\n"
    end_marker   = "-----END PUBLIC KEY-----\n"
    key_asn1 = OpenSSL::ASN1::Sequence.new(
      [
        OpenSSL::ASN1::Sequence.new(
          [
            OpenSSL::ASN1::ObjectId.new(ed25519_object_id),
          ]
        ),
        OpenSSL::ASN1::BitString.new(@key.to_bytes),
      ]
    )
  end
  pem_str = Base64.encode64(key_asn1.to_der)
  begin_marker + pem_str + end_marker
end

#verify(signature, data) ⇒ Object



148
149
150
151
152
153
154
# File 'lib/hrr_rb_ssh/algorithm/publickey/ssh_ed25519/pkey.rb', line 148

def verify signature, data
  begin
    @key.verify signature, data
  rescue ::Ed25519::VerifyError
    false
  end
end