Object
This class is originally defined in the OpenSSL module. As needed, methods have been added to it by the Net::SSH module for convenience in dealing with SSH functionality.
# File lib/net/ssh/transport/openssl.rb, line 143 143: def self.read_keyblob(curve_name_in_type, buffer) 144: curve_name_in_key = buffer.read_string 145: unless curve_name_in_type == curve_name_in_key 146: raise Net::SSH::Exception, "curve name mismatched (`#{curve_name_in_key}' with `#{curve_name_in_type}')" 147: end 148: public_key_oct = buffer.read_string 149: begin 150: key = OpenSSL::PKey::EC.new(OpenSSL::PKey::EC::CurveNameAlias[curve_name_in_key]) 151: group = key.group 152: point = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(public_key_oct, 2)) 153: key.public_key = point 154: 155: return key 156: rescue OpenSSL::PKey::ECError => e 157: raise NotImplementedError, "unsupported key type `#{type}'" 158: end 159: 160: end
Returns the signature for the given data.
# File lib/net/ssh/transport/openssl.rb, line 219 219: def ssh_do_sign(data) 220: digest = digester.digest(data) 221: sig = dsa_sign_asn1(digest) 222: a1sig = OpenSSL::ASN1.decode( sig ) 223: 224: sig_r = a1sig.value[0].value 225: sig_s = a1sig.value[1].value 226: 227: return Net::SSH::Buffer.from(:bignum, sig_r, :bignum, sig_s).to_s 228: end
Verifies the given signature matches the given data.
# File lib/net/ssh/transport/openssl.rb, line 193 193: def ssh_do_verify(sig, data) 194: digest = digester.digest(data) 195: a1sig = nil 196: 197: begin 198: sig_r_len = sig[0,4].unpack("H*")[0].to_i(16) 199: sig_l_len = sig[4+sig_r_len,4].unpack("H*")[0].to_i(16) 200: 201: sig_r = sig[4,sig_r_len].unpack("H*")[0] 202: sig_s = sig[4+sig_r_len+4,sig_l_len].unpack("H*")[0] 203: 204: a1sig = OpenSSL::ASN1::Sequence([ 205: OpenSSL::ASN1::Integer(sig_r.to_i(16)), 206: OpenSSL::ASN1::Integer(sig_s.to_i(16)), 207: ]) 208: rescue 209: end 210: 211: if a1sig == nil 212: return false 213: else 214: dsa_verify_asn1(digest, a1sig.to_der) 215: end 216: end
Returns the description of this key type used by the SSH2 protocol, like “ecdsa-sha2-nistp256“
# File lib/net/ssh/transport/openssl.rb, line 164 164: def ssh_type 165: "ecdsa-sha2-#{CurveNameAliasInv[self.group.curve_name]}" 166: end
Converts the key to a blob, according to the SSH2 protocol.
# File lib/net/ssh/transport/openssl.rb, line 185 185: def to_blob 186: @blob ||= Net::SSH::Buffer.from(:string, ssh_type, 187: :string, CurveNameAliasInv[self.group.curve_name], 188: :string, self.public_key.to_bn.to_s(2)).to_s 189: @blob 190: end
# File lib/net/ssh/transport/openssl.rb, line 168 168: def digester 169: if self.group.curve_name =~ /^[a-z]+(\d+)\w*\z/ 170: curve_size = $1.to_i 171: if curve_size <= 256 172: OpenSSL::Digest::SHA256.new 173: elsif curve_size <= 384 174: OpenSSL::Digest::SHA384.new 175: else 176: OpenSSL::Digest::SHA512.new 177: end 178: else 179: OpenSSL::Digest::SHA256.new 180: end 181: end
Disabled; run with --debug to generate this.
Generated with the Darkfish Rdoc Generator 1.1.6.