diff --git a/lib/ssh_data/certificate.rb b/lib/ssh_data/certificate.rb index aafd8c9..a2979db 100644 --- a/lib/ssh_data/certificate.rb +++ b/lib/ssh_data/certificate.rb @@ -12,18 +12,18 @@ module SSHData TYPE_HOST = 2 # Certificate algorithm identifiers - ALGO_RSA = "ssh-rsa-cert-v01@openssh.com" - ALGO_DSA = "ssh-dss-cert-v01@openssh.com" - ALGO_ECDSA256 = "ecdsa-sha2-nistp256-cert-v01@openssh.com" - ALGO_ECDSA384 = "ecdsa-sha2-nistp384-cert-v01@openssh.com" - ALGO_ECDSA521 = "ecdsa-sha2-nistp521-cert-v01@openssh.com" - ALGO_ED25519 = "ssh-ed25519-cert-v01@openssh.com" - ALGO_SK_ECDSA256 = "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com" - ALGO_SK_ED25519 = "sk-ssh-ed25519-cert-v01@openssh.com" + ALGO_RSA = "ssh-rsa-cert-v01@openssh.com" + ALGO_DSA = "ssh-dss-cert-v01@openssh.com" + ALGO_ECDSA256 = "ecdsa-sha2-nistp256-cert-v01@openssh.com" + ALGO_ECDSA384 = "ecdsa-sha2-nistp384-cert-v01@openssh.com" + ALGO_ECDSA521 = "ecdsa-sha2-nistp521-cert-v01@openssh.com" + ALGO_ED25519 = "ssh-ed25519-cert-v01@openssh.com" + ALGO_SKECDSA256 = "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com" + ALGO_SKED25519 = "sk-ssh-ed25519-cert-v01@openssh.com" ALGOS = [ ALGO_RSA, ALGO_DSA, ALGO_ECDSA256, ALGO_ECDSA384, ALGO_ECDSA521, - ALGO_ED25519, ALGO_SK_ECDSA256, ALGO_SK_ED25519 + ALGO_ED25519, ALGO_SKECDSA256, ALGO_SKED25519 ] CRITICAL_OPTION_FORCE_COMMAND = "force-command" diff --git a/lib/ssh_data/encoding.rb b/lib/ssh_data/encoding.rb index 42bcdd5..ec44e08 100644 --- a/lib/ssh_data/encoding.rb +++ b/lib/ssh_data/encoding.rb @@ -81,25 +81,25 @@ module SSHData ] PUBLIC_KEY_ALGO_BY_CERT_ALGO = { - Certificate::ALGO_RSA => PublicKey::ALGO_RSA, - Certificate::ALGO_DSA => PublicKey::ALGO_DSA, - Certificate::ALGO_ECDSA256 => PublicKey::ALGO_ECDSA256, - Certificate::ALGO_ECDSA384 => PublicKey::ALGO_ECDSA384, - Certificate::ALGO_ECDSA521 => PublicKey::ALGO_ECDSA521, - Certificate::ALGO_ED25519 => PublicKey::ALGO_ED25519, - Certificate::ALGO_SK_ECDSA256 => PublicKey::ALGO_SK_ECDSA256, - Certificate::ALGO_SK_ED25519 => PublicKey::ALGO_SK_ED25519, + Certificate::ALGO_RSA => PublicKey::ALGO_RSA, + Certificate::ALGO_DSA => PublicKey::ALGO_DSA, + Certificate::ALGO_ECDSA256 => PublicKey::ALGO_ECDSA256, + Certificate::ALGO_ECDSA384 => PublicKey::ALGO_ECDSA384, + Certificate::ALGO_ECDSA521 => PublicKey::ALGO_ECDSA521, + Certificate::ALGO_ED25519 => PublicKey::ALGO_ED25519, + Certificate::ALGO_SKECDSA256 => PublicKey::ALGO_SKECDSA256, + Certificate::ALGO_SKED25519 => PublicKey::ALGO_SKED25519, } CERT_ALGO_BY_PUBLIC_KEY_ALGO = { - PublicKey::ALGO_RSA => Certificate::ALGO_RSA, - PublicKey::ALGO_DSA => Certificate::ALGO_DSA, - PublicKey::ALGO_ECDSA256 => Certificate::ALGO_ECDSA256, - PublicKey::ALGO_ECDSA384 => Certificate::ALGO_ECDSA384, - PublicKey::ALGO_ECDSA521 => Certificate::ALGO_ECDSA521, - PublicKey::ALGO_ED25519 => Certificate::ALGO_ED25519, - PublicKey::ALGO_SK_ECDSA256 => Certificate::ALGO_SK_ECDSA256, - PublicKey::ALGO_SK_ED25519 => Certificate::ALGO_SK_ED25519, + PublicKey::ALGO_RSA => Certificate::ALGO_RSA, + PublicKey::ALGO_DSA => Certificate::ALGO_DSA, + PublicKey::ALGO_ECDSA256 => Certificate::ALGO_ECDSA256, + PublicKey::ALGO_ECDSA384 => Certificate::ALGO_ECDSA384, + PublicKey::ALGO_ECDSA521 => Certificate::ALGO_ECDSA521, + PublicKey::ALGO_ED25519 => Certificate::ALGO_ED25519, + PublicKey::ALGO_SKECDSA256 => Certificate::ALGO_SKECDSA256, + PublicKey::ALGO_SKED25519 => Certificate::ALGO_SKED25519, } KEY_FIELDS_BY_PUBLIC_KEY_ALGO = { @@ -109,8 +109,8 @@ module SSHData PublicKey::ALGO_ECDSA384 => ECDSA_KEY_FIELDS, PublicKey::ALGO_ECDSA521 => ECDSA_KEY_FIELDS, PublicKey::ALGO_ED25519 => ED25519_KEY_FIELDS, - PublicKey::ALGO_SK_ED25519 => SKED25519_KEY_FIELDS, - PublicKey::ALGO_SK_ECDSA256 => SKECDSA_KEY_FIELDS, + PublicKey::ALGO_SKED25519 => SKED25519_KEY_FIELDS, + PublicKey::ALGO_SKECDSA256 => SKECDSA_KEY_FIELDS, } KEY_FIELDS_BY_PRIVATE_KEY_ALGO = { diff --git a/lib/ssh_data/error.rb b/lib/ssh_data/error.rb index cfb9a0e..086dc80 100644 --- a/lib/ssh_data/error.rb +++ b/lib/ssh_data/error.rb @@ -1,8 +1,8 @@ module SSHData - Error = Class.new(StandardError) - DecodeError = Class.new(Error) - VerifyError = Class.new(Error) - AlgorithmError = Class.new(Error) - DecryptError = Class.new(Error) + Error = Class.new(StandardError) + DecodeError = Class.new(Error) + VerifyError = Class.new(Error) + AlgorithmError = Class.new(Error) + DecryptError = Class.new(Error) UnsupportedError = Class.new(Error) end diff --git a/lib/ssh_data/public_key.rb b/lib/ssh_data/public_key.rb index b1eeb50..ea5dcdb 100644 --- a/lib/ssh_data/public_key.rb +++ b/lib/ssh_data/public_key.rb @@ -1,14 +1,14 @@ module SSHData module PublicKey # Public key algorithm identifiers - ALGO_RSA = "ssh-rsa" - ALGO_DSA = "ssh-dss" - ALGO_ECDSA256 = "ecdsa-sha2-nistp256" - ALGO_ECDSA384 = "ecdsa-sha2-nistp384" - ALGO_ECDSA521 = "ecdsa-sha2-nistp521" - ALGO_ED25519 = "ssh-ed25519" - ALGO_SK_ED25519 = "sk-ssh-ed25519@openssh.com" - ALGO_SK_ECDSA256 = "sk-ecdsa-sha2-nistp256@openssh.com" + ALGO_RSA = "ssh-rsa" + ALGO_DSA = "ssh-dss" + ALGO_ECDSA256 = "ecdsa-sha2-nistp256" + ALGO_ECDSA384 = "ecdsa-sha2-nistp384" + ALGO_ECDSA521 = "ecdsa-sha2-nistp521" + ALGO_ED25519 = "ssh-ed25519" + ALGO_SKED25519 = "sk-ssh-ed25519@openssh.com" + ALGO_SKECDSA256 = "sk-ecdsa-sha2-nistp256@openssh.com" # RSA SHA2 *signature* algorithms used with ALGO_RSA keys. # https://tools.ietf.org/html/draft-rsa-dsa-sha2-256-02 @@ -17,7 +17,7 @@ module SSHData ALGOS = [ ALGO_RSA, ALGO_DSA, ALGO_ECDSA256, ALGO_ECDSA384, ALGO_ECDSA521, - ALGO_ED25519, ALGO_SK_ECDSA256, ALGO_SK_ED25519 + ALGO_ED25519, ALGO_SKECDSA256, ALGO_SKED25519 ] # Parse an OpenSSH public key in authorized_keys format (see sshd(8) manual @@ -66,9 +66,9 @@ module SSHData ECDSA.new(**data) when ALGO_ED25519 ED25519.new(**data) - when ALGO_SK_ED25519 + when ALGO_SKED25519 SKED25519.new(**data) - when ALGO_SK_ECDSA256 + when ALGO_SKECDSA256 SKECDSA.new(**data) else raise DecodeError, "unkown algo: #{data[:algo].inspect}" diff --git a/lib/ssh_data/public_key/skecdsa.rb b/lib/ssh_data/public_key/skecdsa.rb index e920096..c534733 100644 --- a/lib/ssh_data/public_key/skecdsa.rb +++ b/lib/ssh_data/public_key/skecdsa.rb @@ -8,7 +8,7 @@ module SSHData } def self.check_algorithm!(algo, curve) - unless algo == ALGO_SK_ECDSA256 + unless algo == ALGO_SKECDSA256 raise DecodeError, "bad algorithm: #{algo.inspect}" end diff --git a/lib/ssh_data/public_key/sked25519.rb b/lib/ssh_data/public_key/sked25519.rb index ab1c2e9..e254b70 100644 --- a/lib/ssh_data/public_key/sked25519.rb +++ b/lib/ssh_data/public_key/sked25519.rb @@ -9,7 +9,7 @@ module SSHData end def self.algorithm_identifier - ALGO_SK_ED25519 + ALGO_SKED25519 end def rfc4253 diff --git a/spec/certificate_spec.rb b/spec/certificate_spec.rb index 9c3dfa2..c6bdb49 100644 --- a/spec/certificate_spec.rb +++ b/spec/certificate_spec.rb @@ -268,7 +268,7 @@ describe SSHData::Certificate do test_cases << [ :skecdsa_leaf_for_rsa_ca, # name "skecdsa_leaf_for_rsa_ca-cert.pub", # fixture - SSHData::Certificate::ALGO_SK_ECDSA256, # algo + SSHData::Certificate::ALGO_SKECDSA256, # algo SSHData::PublicKey::SKECDSA, # public key type SSHData::PublicKey::RSA # ca key type ] @@ -276,7 +276,7 @@ describe SSHData::Certificate do test_cases << [ :sked25519_leaf_for_rsa_ca, # name "sked25519_leaf_for_rsa_ca-cert.pub", # fixture - SSHData::Certificate::ALGO_SK_ED25519, # algo + SSHData::Certificate::ALGO_SKED25519, # algo SSHData::PublicKey::SKED25519, # public key type SSHData::PublicKey::RSA # ca key type ] diff --git a/spec/public_key/sked25519_spec.rb b/spec/public_key/sked25519_spec.rb index 2407426..502b9e7 100644 --- a/spec/public_key/sked25519_spec.rb +++ b/spec/public_key/sked25519_spec.rb @@ -6,14 +6,14 @@ describe SSHData::PublicKey::SKED25519 do let(:msg) { "hello, world!" } let(:raw_sig) { signing_key.sign(msg) } - let(:sig) { SSHData::Encoding.encode_signature(SSHData::PublicKey::ALGO_SK_ED25519, raw_sig) } + let(:sig) { SSHData::Encoding.encode_signature(SSHData::PublicKey::ALGO_SKED25519, raw_sig) } let(:application) { "ssh:" } let(:openssh_key) { SSHData::PublicKey.parse_openssh(fixture("sked25519_leaf_for_rsa_ca.pub")) } subject do described_class.new( - algo: SSHData::PublicKey::ALGO_SK_ED25519, + algo: SSHData::PublicKey::ALGO_SKED25519, pk: verify_key.to_bytes, application: application ) @@ -21,7 +21,7 @@ describe SSHData::PublicKey::SKED25519 do it "is equal to keys with the same params" do expect(subject).to eq(described_class.new( - algo: SSHData::PublicKey::ALGO_SK_ED25519, + algo: SSHData::PublicKey::ALGO_SKED25519, pk: verify_key.to_bytes, application: application )) @@ -29,19 +29,19 @@ describe SSHData::PublicKey::SKED25519 do it "isnt equal to keys with different params" do expect(subject).not_to eq(described_class.new( - algo: SSHData::PublicKey::ALGO_SK_ED25519, + algo: SSHData::PublicKey::ALGO_SKED25519, pk: verify_key.to_bytes.reverse, application: application )) expect(subject).not_to eq(described_class.new( - algo: SSHData::PublicKey::ALGO_SK_ED25519, + algo: SSHData::PublicKey::ALGO_SKED25519, pk: verify_key.to_bytes, application: "something else" )) end it "has an algo" do - expect(subject.algo).to eq(SSHData::PublicKey::ALGO_SK_ED25519) + expect(subject.algo).to eq(SSHData::PublicKey::ALGO_SKED25519) end it "has parameters" do