hmac-sha2 and diffie-hellman-group-exchange-sha256 support #30

Merged
merged 9 commits into from Jan 11, 2012

Conversation

Projects
None yet
2 participants
@nappa
Contributor

nappa commented Dec 16, 2011

Hello, I implemented sha-2 support, including hmac-sha2 support
(compliant with Internet-draft draft-dbider-sha2-mac-for-ssh-04)
and diffie-hellman-group-exchange-sha256 support (compliant with RFC4419).

I tested them on Mac OS X 10.7:

  • Ruby 1.8.7-p352
  • Ruby 1.8.7-p352 (with IDEA support)
  • Ruby 1.9.2-p290
  • JRuby 1.6.5

and confirmed compatiblity with OpenSSH-5.9p1 on Mac OS X.

Hope this helps.

@delano

This comment has been minimized.

Show comment Hide comment
@delano

delano Dec 17, 2011

Collaborator

Good stuff. I'll take a look and pull it in sometime this week.

Collaborator

delano commented Dec 17, 2011

Good stuff. I'll take a look and pull it in sometime this week.

@delano

This comment has been minimized.

Show comment Hide comment
@delano

delano Jan 4, 2012

Collaborator

Looks great. One question before I merge it in: is there a reason for passing parameters to HMAC.get in algorithms.rb?

 # OLD:
 mac_client = HMAC.get(hmac_client, mac_key_client)
 mac_server = HMAC.get(hmac_server, mac_key_server)
 # NEW:
 mac_client = HMAC.get(hmac_client, mac_key_client, parameters)
 mac_server = HMAC.get(hmac_server, mac_key_server, parameters)
Collaborator

delano commented Jan 4, 2012

Looks great. One question before I merge it in: is there a reason for passing parameters to HMAC.get in algorithms.rb?

 # OLD:
 mac_client = HMAC.get(hmac_client, mac_key_client)
 mac_server = HMAC.get(hmac_server, mac_key_server)
 # NEW:
 mac_client = HMAC.get(hmac_client, mac_key_client, parameters)
 mac_server = HMAC.get(hmac_server, mac_key_server, parameters)
@nappa

This comment has been minimized.

Show comment Hide comment
@nappa

nappa Jan 11, 2012

Contributor

hmac-sha2-256 and hmac-sha2-256-96 requires at least 256 bits of data as a key. hmac-sha2-512 and hmac-sha2-512-96 requires at least 512 bits of data as a key.

But diffie-hellman-group-exchange-sha1 key exchange algorithm generates only 160 bits of data as a HMAC and Cipher keys. This is too short for hmac-sha2-* hmac algorithms.

The same is said for cipher algorithms. aes256-cbc and arcfour256 require 256 bits, but output from diffie-hellman-group-exchange-sha1 is too short.

For this case, RFC 4253 Section 7.2. describes data stretching method. Net-SSH implements it for cipher algorithms but not for HMAC algorithms. I extracted it as a Module (Net::SSH::Transport::KeyExpander#make_key), and made HMAC.get to call Net::SSH::Transport::KeyExpander#make_key in the case described above. Since make_key requires parameters, I put parameters as a argument of HMAC.get.

Contributor

nappa commented Jan 11, 2012

hmac-sha2-256 and hmac-sha2-256-96 requires at least 256 bits of data as a key. hmac-sha2-512 and hmac-sha2-512-96 requires at least 512 bits of data as a key.

But diffie-hellman-group-exchange-sha1 key exchange algorithm generates only 160 bits of data as a HMAC and Cipher keys. This is too short for hmac-sha2-* hmac algorithms.

The same is said for cipher algorithms. aes256-cbc and arcfour256 require 256 bits, but output from diffie-hellman-group-exchange-sha1 is too short.

For this case, RFC 4253 Section 7.2. describes data stretching method. Net-SSH implements it for cipher algorithms but not for HMAC algorithms. I extracted it as a Module (Net::SSH::Transport::KeyExpander#make_key), and made HMAC.get to call Net::SSH::Transport::KeyExpander#make_key in the case described above. Since make_key requires parameters, I put parameters as a argument of HMAC.get.

delano added a commit that referenced this pull request Jan 11, 2012

Merge pull request #30 from nappa/sha2mac
hmac-sha2 and diffie-hellman-group-exchange-sha256 support

@delano delano merged commit 17cea01 into net-ssh:master Jan 11, 2012

@delano

This comment has been minimized.

Show comment Hide comment
@delano

delano Jan 11, 2012

Collaborator

Thanks for the detailed reply and for making net-ssh better.

The changes are available in the 2.3.0 release.

Collaborator

delano commented Jan 11, 2012

Thanks for the detailed reply and for making net-ssh better.

The changes are available in the 2.3.0 release.

@nappa

This comment has been minimized.

Show comment Hide comment
@nappa

nappa Jan 12, 2012

Contributor

Thank you, too!

Contributor

nappa commented Jan 12, 2012

Thank you, too!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment