Implements a factory of OpenSSL cipher algorithms.
Retrieves a new instance of the named algorithm. The new instance will be
initialized using an iv and key generated from the given iv, key, shared,
hash and digester values. Additionally, the cipher will be put into
encryption or decryption mode, based on the value of the
encrypt
parameter.
# File lib/net/ssh/transport/cipher_factory.rb, line 69 def self.get(name, options={}) ossl_name = SSH_TO_OSSL[name] or raise NotImplementedError, "unimplemented cipher `#{name}'" return IdentityCipher if ossl_name == "none" cipher = OpenSSL::Cipher::Cipher.new(ossl_name) cipher.send(options[:encrypt] ? :encrypt : :decrypt) cipher.padding = 0 cipher.extend(Net::SSH::Transport::CTR) if (name =~ %r-ctr(@openssh.org)?$/) cipher.iv = Net::SSH::Transport::KeyExpander.expand_key(cipher.iv_len, options[:iv], options) if ossl_name != "rc4" key_len = KEY_LEN_OVERRIDE[name] || cipher.key_len cipher.key_len = key_len cipher.key = Net::SSH::Transport::KeyExpander.expand_key(key_len, options[:key], options) cipher.update(" " * 1536) if (ossl_name == "rc4" && name != "arcfour") return cipher end
Returns a two-element array containing the [ key-length, block-size ] for the named cipher algorithm. If the cipher algorithm is unknown, or is "none", 0 is returned for both elements of the tuple.
# File lib/net/ssh/transport/cipher_factory.rb, line 94 def self.get_lengths(name) ossl_name = SSH_TO_OSSL[name] return [0, 0] if ossl_name.nil? || ossl_name == "none" cipher = OpenSSL::Cipher::Cipher.new(ossl_name) key_len = KEY_LEN_OVERRIDE[name] || cipher.key_len cipher.key_len = key_len return [key_len, ossl_name=="rc4" ? 8 : cipher.block_size] end
Returns true if the underlying OpenSSL library supports the given cipher, and false otherwise.
# File lib/net/ssh/transport/cipher_factory.rb, line 58 def self.supported?(name) ossl_name = SSH_TO_OSSL[name] or raise NotImplementedError, "unimplemented cipher `#{name}'" return true if ossl_name == "none" return OpenSSL::Cipher.ciphers.include?(ossl_name) end