Class: TTTLS13::SharedSecret
- Inherits:
-
Object
- Object
- TTTLS13::SharedSecret
- Defined in:
- lib/tttls1.3/shared_secret.rb
Class Method Summary collapse
Instance Method Summary collapse
-
#[](group) ⇒ OpenSSL::PKey::EC.$Object | OpenSSL::PKey::PKey.$Object
].
-
#build(group, key_exchange) ⇒ Object
rubocop: disable Metrics/MethodLength.
-
#initialize ⇒ SharedSecret
constructor
A new instance of SharedSecret.
- #key_share_entries ⇒ Array of TTTLS13::Message::Extensions::KeyShare
- #store!(group, priv_key) ⇒ Object
Constructor Details
#initialize ⇒ SharedSecret
Returns a new instance of SharedSecret.
6 7 8 |
# File 'lib/tttls1.3/shared_secret.rb', line 6 def initialize @priv_keys = {} end |
Class Method Details
.gen_from_named_groups(groups) ⇒ TTTLS13::SharedSecret
97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 |
# File 'lib/tttls1.3/shared_secret.rb', line 97 def self.gen_from_named_groups(groups) shared_secret = SharedSecret.new groups.each do |group| case group when NamedGroup::SECP256R1, NamedGroup::SECP384R1, NamedGroup::SECP521R1 curve = NamedGroup.curve_name(group) ec = OpenSSL::PKey::EC.generate(curve) shared_secret.store!(group, ec) when NamedGroup::X25519, NamedGroup::X448 pkey = OpenSSL::PKey.generate_key(NamedGroup.curve_name(group)) shared_secret.store!(group, pkey) else # not supported other NamedGroup raise Error::ErrorAlerts, :internal_error end end shared_secret end |
Instance Method Details
#[](group) ⇒ OpenSSL::PKey::EC.$Object | OpenSSL::PKey::PKey.$Object
Returns ].
90 91 92 |
# File 'lib/tttls1.3/shared_secret.rb', line 90 def [](group) @priv_keys[group] end |
#build(group, key_exchange) ⇒ Object
rubocop: disable Metrics/MethodLength
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 |
# File 'lib/tttls1.3/shared_secret.rb', line 21 def build(group, key_exchange) case group when NamedGroup::SECP256R1, NamedGroup::SECP384R1, NamedGroup::SECP521R1 curve = NamedGroup.curve_name(group) pub_key = OpenSSL::PKey::EC::Point.new( OpenSSL::PKey::EC::Group.new(curve), OpenSSL::BN.new(key_exchange, 2) ) @priv_keys[group].dh_compute_key(pub_key) when NamedGroup::X25519 asn1_seq = OpenSSL::ASN1.Sequence( [ OpenSSL::ASN1.Sequence( [ # https://datatracker.ietf.org/doc/html/rfc8410#section-3 OpenSSL::ASN1.ObjectId('1.3.101.110') ] ), OpenSSL::ASN1.BitString(key_exchange) ] ) @priv_keys[group].derive(OpenSSL::PKey.read(asn1_seq.to_der)) when NamedGroup::X448 asn1_seq = OpenSSL::ASN1.Sequence( [ OpenSSL::ASN1.Sequence( [ # https://datatracker.ietf.org/doc/html/rfc8410#section-3 OpenSSL::ASN1.ObjectId('1.3.101.111') ] ), OpenSSL::ASN1.BitString(key_exchange) ] ) @priv_keys[group].derive(OpenSSL::PKey.read(asn1_seq.to_der)) else # not supported other NamedGroup raise Error::ErrorAlerts, :internal_error end end |
#key_share_entries ⇒ Array of TTTLS13::Message::Extensions::KeyShare
66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# File 'lib/tttls1.3/shared_secret.rb', line 66 def key_share_entries @priv_keys.map do |group, priv_key| case group when NamedGroup::SECP256R1, NamedGroup::SECP384R1, NamedGroup::SECP521R1 Message::Extension::KeyShareEntry.new( group:, key_exchange: priv_key.public_key.to_octet_string(:uncompressed) ) when NamedGroup::X25519, NamedGroup::X448 n_pk = NamedGroup.key_exchange_len(group) Message::Extension::KeyShareEntry.new( group:, key_exchange: priv_key.public_to_der[-n_pk, n_pk] ) else # not supported other NamedGroup raise Error::ErrorAlerts, :internal_error end end end |
#store!(group, priv_key) ⇒ Object
12 13 14 |
# File 'lib/tttls1.3/shared_secret.rb', line 12 def store!(group, priv_key) @priv_keys[group] = priv_key end |