Module: HrrRbSsh::Authentication::Method::Publickey::Algorithm::Functionable

Includes:

Loggable

Included in:

EcdsaSha2Nistp256, EcdsaSha2Nistp384, EcdsaSha2Nistp521, SshDss, SshRsa

Defined in:

lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb

Instance Attribute Summary

Attributes included from Loggable

#log_key, #logger

Instance Method Summary

• #generate_public_key_blob(secret_key) ⇒ Object
• #generate_signature(session_id, username, service_name, method_name, secret_key) ⇒ Object
• #initialize(logger: nil) ⇒ Object
• #verify_public_key(public_key_algorithm_name, public_key, public_key_blob) ⇒ Object
• #verify_signature(session_id, message) ⇒ Object

Methods included from Loggable

#log_debug, #log_error, #log_fatal, #log_info, #log_warn

Instance Method Details

#generate_public_key_blob(secret_key) ⇒ Object

# File 'lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb', line 50

def generate_public_key_blob secret_key
  publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new secret_key, logger: logger
  publickey.to_public_key_blob
end

#generate_signature(session_id, username, service_name, method_name, secret_key) ⇒ Object

# File 'lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb', line 55

def generate_signature session_id, username, service_name, method_name, secret_key
  publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new secret_key, logger: logger
  publickey_blob = publickey.to_public_key_blob
  signature_blob_h = {
    :'session identifier'        => session_id,
    :'message number'            => Message::SSH_MSG_USERAUTH_REQUEST::VALUE,
    :'user name'                 => username,
    :'service name'              => service_name,
    :'method name'               => method_name,
    :'with signature'            => true,
    :'public key algorithm name' => self.class::NAME,
    :'public key blob'           => publickey_blob
  }
  signature_blob = SignatureBlob.new(logger: logger).encode signature_blob_h
  publickey.sign signature_blob
end

#initialize(logger: nil) ⇒ Object

# File 'lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb', line 15

def initialize logger: nil
  self.logger = logger
end

#verify_public_key(public_key_algorithm_name, public_key, public_key_blob) ⇒ Object

# File 'lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb', line 19

def verify_public_key public_key_algorithm_name, public_key, public_key_blob
  begin
    publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new public_key, logger: logger
    public_key_algorithm_name == self.class::NAME && public_key_blob == publickey.to_public_key_blob
  rescue => e
    log_error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
    false
  end
end

#verify_signature(session_id, message) ⇒ Object

# File 'lib/hrr_rb_ssh/authentication/method/publickey/algorithm/functionable.rb', line 29

def verify_signature session_id, message
  begin
    signature_blob_h = {
      :'session identifier'        => session_id,
      :'message number'            => message[:'message number'],
      :'user name'                 => message[:'user name'],
      :'service name'              => message[:'service name'],
      :'method name'               => message[:'method name'],
      :'with signature'            => message[:'with signature'],
      :'public key algorithm name' => message[:'public key algorithm name'],
      :'public key blob'           => message[:'public key blob'],
    }
    signature_blob = SignatureBlob.new(logger: logger).encode signature_blob_h
    publickey = HrrRbSsh::Algorithm::Publickey[self.class::NAME].new message[:'public key blob'], logger: logger
    publickey.verify message[:'signature'], signature_blob
  rescue => e
    log_error { [e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join }
    false
  end
end