noise-ruby 0.10.0 → 0.10.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a5b0a36466f2dfcc8a03a1e3d70d3010d150e76dcca4c2669d70ab1d849d3cb5
-  data.tar.gz: 4e3cea23eb34312dbc98b0b4562d045e272047d29a842027242eb28c47b0a615
+  metadata.gz: cffe6f7ffc789455f6b27bf3246cce8870cf57600e551d8f8edf91437ccd7afd
+  data.tar.gz: f9c83042c8aa626a7a6e81ad62dd64ccf6c5515c33f1f64e12904b2ffcaa5fa9
 SHA512:
-  metadata.gz: ebcd5a9d334e4b7697fec40d1936d2918d71bc143aca44e5711584ce1c3b2c19fa6b64048d57c8d1b4780eced81e5f982279aeb562ba82bd4809fa6b2f38b238
-  data.tar.gz: 69fcabcd507ad92edab302bc5576e128df0777ce890095c7765f2dc461ef512084cdcb595b4ac451f77baf2a115575787e41d39692a51f8fb8dcad7555eb9b63
+  metadata.gz: a1c2fe0e62f0939b48052d348511a97cedcf222316491d43f1d6128d146108587eedeb972d1fbce732a15aa7b73684f76e013e7a57c2f27fe85a3f7331a140bd
+  data.tar.gz: fa9aea76917642726a8688fbc7b3d0f5fb9b32d1fe058ba7fbf81757d9754da92c1809633378b518753cf105e25e452f65975cfbef0f9b679ec12c68c5198d80

data/.github/workflows/ruby.yml

@@ -0,0 +1,30 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+
+name: Ruby
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  test:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: 2.6
+    - name: Install dependencies
+      run: bundle install
+    - name: Run tests
+      run: bundle exec rake

data/.rubocop.yml

@@ -7,6 +7,9 @@ Metrics/LineLength:
 Metrics/MethodLength:
   Max: 30
 
+Metrics/AbcSize:
+  Max: 20
+
 Style/Documentation:
   Enabled: false
 

data/.ruby-version

@@ -1 +1 @@
-2.5.1
+2.7.6

data/lib/noise/connection/base.rb

@@ -40,7 +40,6 @@ module Noise
       def initialise_handshake_state
         @handshake_state = Noise::State::HandshakeState.new(
           self,
-          protocol,
           initiator?,
           @prologue,
           @local_keypairs,
@@ -100,17 +99,13 @@ module Noise
       end
 
       def validate
-        validate_psk! if psk_handshake?
+        validate_psk! if @protocol.psk?
 
         raise Noise::Exceptions::NoiseValidationError if valid_keypairs?
 
         true
       end
 
-      def psk_handshake?
-        @protocol.is_psk_handshake
-      end
-
       def handshake_done(_c1, _c2)
         @handshake_hash = @symmetric_state.handshake_hash
         @s = @handshake_state.s

data/lib/noise/functions/cipher/aes_gcm.rb

@@ -13,7 +13,7 @@ module Noise
           cipher.auth_data = ad
           cipher.update(plaintext) + cipher.final + cipher.auth_tag
         rescue OpenSSL::Cipher::CipherError => e
-          raise Noise::Exceptions::EncryptError.new(e)
+          raise Noise::Exceptions::EncryptError, "Encrypt failed. #{e.message}", e.backtrace
         end
 
         def decrypt(k, n, ad, ciphertext)
@@ -24,7 +24,7 @@ module Noise
           cipher.auth_tag = ciphertext[-16..-1]
           cipher.update(ciphertext[0...-16]) + cipher.final
         rescue OpenSSL::Cipher::CipherError => e
-          raise Noise::Exceptions::DecryptError.new(e)
+          raise Noise::Exceptions::DecryptError, "Decrpyt failed. #{e.message}", e.backtrace
         end
 
         def nonce_to_bytes(n)

data/lib/noise/functions/cipher/cha_cha_poly.rb

@@ -10,14 +10,14 @@ module Noise
           cipher = RbNaCl::AEAD::ChaCha20Poly1305IETF.new(String.new(k).force_encoding('ASCII-8BIT'))
           cipher.encrypt(nonce_to_bytes(n), plaintext, ad)
         rescue ::RbNaCl::CryptoError => e
-          raise Noise::Exceptions::EncryptError.new(e)
+          raise Noise::Exceptions::EncryptError, "Encrypt failed. #{e.message}", e.backtrace
         end
 
         def decrypt(k, n, ad, ciphertext)
           cipher = RbNaCl::AEAD::ChaCha20Poly1305IETF.new(String.new(k).force_encoding('ASCII-8BIT'))
           cipher.decrypt(nonce_to_bytes(n), ciphertext, ad)
         rescue ::RbNaCl::CryptoError => e
-          raise Noise::Exceptions::DecryptError.new(e)
+          raise Noise::Exceptions::DecryptError, "Decrpyt failed. #{e.message}", e.backtrace
         end
 
         def nonce_to_bytes(n)

data/lib/noise/functions/dh/ed448.rb

@@ -1,10 +1,6 @@
 # frozen_string_literal: true
 
-begin
-  require 'ed448'
-  Ed448.init
-rescue LoadError
-end
+require_force('ed448') { Ed448.init }
 
 module Noise
   module Functions

data/lib/noise/functions/dh/secp256k1.rb

@@ -1,9 +1,6 @@
 # frozen_string_literal: true
 
-begin
-  require 'secp256k1'
-rescue LoadError
-end
+require_force 'secp256k1'
 
 module Noise
   module Functions

data/lib/noise/functions/hash/blake3.rb

@@ -1,9 +1,6 @@
 # frozen_string_literal: true
 
-begin
-  require 'blake3'
-rescue LoadError
-end
+require_force 'blake3'
 
 module Noise
   module Functions

data/lib/noise/pattern.rb

@@ -2,13 +2,99 @@
 
 module Noise
   module Token
-    E = 'e'
-    S = 's'
-    EE = 'ee'
-    ES = 'es'
-    SE = 'se'
-    SS = 'ss'
-    PSK = 'psk'
+    class TokenE
+      def to_s
+        'e'
+      end
+    end
+
+    class TokenS
+      def to_s
+        's'
+      end
+    end
+
+    class TokenDH
+      def mix(symmetric_state, dh_fn, initiator, keypair)
+        private_key, public_key = get_key(keypair, initiator)
+        symmetric_state.mix_key(dh_fn.dh(private_key, public_key))
+      end
+    end
+
+    class TokenEE < TokenDH
+      def get_key(keypair, _initiator)
+        [keypair.e.private_key, keypair.re]
+      end
+
+      def to_s
+        'ee'
+      end
+    end
+
+    class TokenES < TokenDH
+      def get_key(keypair, initiator)
+        initiator ? [keypair.e.private_key, keypair.rs] : [keypair.s.private_key, keypair.re]
+      end
+
+      def to_s
+        'es'
+      end
+    end
+
+    class TokenSE < TokenDH
+      def get_key(keypair, initiator)
+        initiator ? [keypair.s.private_key, keypair.re] : [keypair.e.private_key, keypair.rs]
+      end
+
+      def to_s
+        'se'
+      end
+    end
+    class TokenSS < TokenDH
+      def get_key(keypair, _initiator)
+        [keypair.s.private_key, keypair.rs]
+      end
+
+      def to_s
+        'ss'
+      end
+    end
+    class TokenPSK
+      def to_s
+        'psk'
+      end
+    end
+
+    E = TokenE.new
+    S = TokenS.new
+    EE = TokenEE.new
+    ES = TokenES.new
+    SE = TokenSE.new
+    SS = TokenSS.new
+    PSK = TokenPSK.new
+  end
+
+  module Modifier
+    class Psk
+      attr_reader :index
+      def initialize(index)
+        @index = index
+      end
+    end
+
+    class Fallback
+    end
+
+    def self.parse(s)
+      if s.start_with?('psk')
+        index = s.gsub(/psk/, '').to_i
+        Modifier::Psk.new(index)
+      elsif s == 'fallback'
+        Modifier::Fallback.new
+      else
+        raise Noise::Exceptions::UnsupportedModifierError
+      end
+    end
   end
 
   class Pattern
@@ -17,7 +103,7 @@ module Noise
     def self.create(name)
       pattern_set = name.scan(/([A-Z1]+)([^A-Z]*)/)&.first
       pattern = pattern_set&.first
-      modifiers = pattern_set[1].split('+')
+      modifiers = pattern_set[1].split('+').map { |s| Modifier.parse(s) }
       class_name = "Noise::Pattern#{pattern}"
       klass = Object.const_get(class_name)
       klass.new(modifiers)
@@ -31,10 +117,15 @@ module Noise
       @modifiers = modifiers
     end
 
+    def psk?
+      modifiers.any? { |m| m.is_a? Modifier::Psk }
+    end
+
     def apply_pattern_modifiers
       @modifiers.each do |modifier|
-        if modifier.start_with?('psk')
-          index = modifier.gsub(/psk/, '').to_i
+        case modifier
+        when Modifier::Psk
+          index = modifier.index
           raise Noise::Exceptions::PSKValueError if index / 2 > @tokens.size
 
           if index.zero?
@@ -43,10 +134,8 @@ module Noise
             @tokens[index - 1] << Token::PSK
           end
           @psk_count += 1
-        elsif modifier == 'fallback'
+        when Modifier::Fallback
           @fallback = true
-        else
-          raise Noise::Exceptions::UnsupportedModifierError
         end
       end
     end

data/lib/noise/protocol.rb

@@ -2,7 +2,6 @@
 
 module Noise
   class Protocol
-    attr_accessor :is_psk_handshake
     attr_accessor :cipher_fn, :hash_fn, :dh_fn, :hkdf_fn
     attr_reader :name, :pattern
 
@@ -22,7 +21,7 @@ module Noise
       'BLAKE2s': Noise::Functions::Hash::Blake2s,
       'SHA256': Noise::Functions::Hash::Sha256,
       'SHA512': Noise::Functions::Hash::Sha512,
-      'BLAKE3': Noise::Functions::Hash::Blake3,
+      'BLAKE3': Noise::Functions::Hash::Blake3
     }.stringify_keys.freeze
 
     def self.create(name)
@@ -35,8 +34,6 @@ module Noise
       @name = name
       @pattern = Noise::Pattern.create(pattern_name)
       @hkdf_fn = Noise::Functions::Hash.create_hkdf_fn(hash_name)
-      @is_psk_handshake = @pattern.modifiers.any? { |m| m.start_with?('psk') }
-
       @pattern.apply_pattern_modifiers
 
       initialize_fn!(cipher_name, hash_name, dh_name)
@@ -49,8 +46,8 @@ module Noise
       raise Noise::Exceptions::ProtocolNameError unless @cipher_fn && @hash_fn && @dh_fn
     end
 
-    def psk_handshake?
-      @is_psk_handshake
+    def psk?
+      @pattern.psk?
     end
   end
 end

data/lib/noise/state/handshake_state.rb

@@ -20,45 +20,60 @@ module Noise
       attr_reader :message_patterns, :symmetric_state
       attr_reader :s, :rs, :e, :re
 
-      def initialize(connection, protocol, initiator, prologue, local_keypairs, remote_keys)
+      def initialize(connection, initiator, prologue, local_keypairs, remote_keys)
         @connection = connection
-        @protocol = protocol
-        @symmetric_state = SymmetricState.new
-        @symmetric_state.initialize_symmetric(@protocol, connection)
-        @symmetric_state.mix_hash(prologue)
+        @protocol = connection.protocol
+        @symmetric_state = SymmetricState.initialize_symmetric(@protocol, connection, prologue: prologue)
         @initiator = initiator
         @s = local_keypairs[:s]
         @e = local_keypairs[:e]
         @rs = remote_keys[:rs]
         @re = remote_keys[:re]
 
-        get_local_keypair = ->(token) { instance_variable_get('@' + token).public_key }
-        get_remote_keypair = ->(token) { instance_variable_get('@r' + token) }
+        initiator_keypair_getter, responder_keypair_getter = get_keypair_getter(initiator)
 
+        # Sets message_patterns to the message patterns from handshake_pattern
+        @message_patterns = @protocol.pattern.tokens.dup
+
+        process_initiator_pre_messages(initiator_keypair_getter)
+        process_fallback(initiator_keypair_getter)
+        process_responder_pre_messages(responder_keypair_getter)
+      end
+
+      def get_keypair_getter(initiator)
         if initiator
-          initiator_keypair_getter = get_local_keypair
-          responder_keypair_getter = get_remote_keypair
+          [local_keypair_getter, remote_keypair_getter]
         else
-          initiator_keypair_getter = get_remote_keypair
-          responder_keypair_getter = get_local_keypair
+          [remote_keypair_getter, local_keypair_getter]
         end
+      end
 
-        # Sets message_patterns to the message patterns from handshake_pattern
-        @message_patterns = @protocol.pattern.tokens.dup
+      def local_keypair_getter
+        ->(token) { instance_variable_get('@' + token.to_s).public_key }
+      end
 
+      def remote_keypair_getter
+        ->(token) { instance_variable_get('@r' + token.to_s) }
+      end
+
+      def process_initiator_pre_messages(keypair_getter)
         @protocol.pattern.initiator_pre_messages&.map do |token|
-          keypair = initiator_keypair_getter.call(token)
+          keypair = keypair_getter.call(token)
           @symmetric_state.mix_hash(keypair)
         end
+      end
 
-        if @protocol.pattern.fallback
-          message = @message_patterns.delete_at(0).first
-          public_key = initiator_keypair_getter.call(message)
-          @symmetric_state.mix_hash(public_key)
-        end
+      def process_fallback(initiator_keypair_getter)
+        return unless @protocol.pattern.fallback
+
+        message = @message_patterns.delete_at(0).first
+        public_key = initiator_keypair_getter.call(message)
+        @symmetric_state.mix_hash(public_key)
+      end
 
+      def process_responder_pre_messages(keypair_getter)
         @protocol.pattern.responder_pre_messages&.map do |token|
-          keypair = responder_keypair_getter.call(token)
+          keypair = keypair_getter.call(token)
           @symmetric_state.mix_hash(keypair)
         end
       end
@@ -68,13 +83,13 @@ module Noise
         pattern = @message_patterns.first
         len = pattern.inject(0) do |l, token|
           case token
-          when 'e'
+          when Noise::Token::E
             l += @protocol.dh_fn.dhlen
-            has_key = true if @protocol.psk_handshake?
-          when 's'
+            has_key = true if @protocol.psk?
+          when Noise::Token::S
             l += @protocol.dh_fn.dhlen
             l += 16 if has_key
-          when 'ee', 'es', 'se', 'ss', 'psk'
+          else
             has_key = true
           end
           l
@@ -87,29 +102,19 @@ module Noise
       # Takes a payload byte sequence which may be zero-length, and a message_buffer to write the output into
       def write_message(payload, message_buffer)
         pattern = @message_patterns.shift
-        dh_fn = @protocol.dh_fn
 
         pattern.each do |token|
           case token
-          when 'e'
-            @e = dh_fn.generate_keypair if @e.nil?
+          when Noise::Token::E
+            @e ||= @protocol.dh_fn.generate_keypair
             message_buffer << @e.public_key
-            @symmetric_state.mix_hash(@e.public_key)
-            @symmetric_state.mix_key(@e.public_key) if @protocol.psk_handshake?
-          when 's'
+            mix_e(@e.public_key)
+          when Noise::Token::S
             message_buffer << @symmetric_state.encrypt_and_hash(@s.public_key)
-          when 'ee'
-            @symmetric_state.mix_key(dh_fn.dh(@e.private_key, @re))
-          when 'es'
-            private_key, public_key = @initiator ? [@e.private_key, @rs] : [@s.private_key, @re]
-            @symmetric_state.mix_key(dh_fn.dh(private_key, public_key))
-          when 'se'
-            private_key, public_key = @initiator ? [@s.private_key, @re] : [@e.private_key, @rs]
-            @symmetric_state.mix_key(dh_fn.dh(private_key, public_key))
-          when 'ss'
-            @symmetric_state.mix_key(dh_fn.dh(@s.private_key, @rs))
-          when 'psk'
-            @symmetric_state.mix_key_and_hash(@connection.psks.shift)
+          when Noise::Token::EE, Noise::Token::ES, Noise::Token::SE, Noise::Token::SS
+            token.mix(@symmetric_state, @protocol.dh_fn, @initiator, self)
+          when Noise::Token::PSK
+            mix_psk
           end
         end
         message_buffer << @symmetric_state.encrypt_and_hash(payload)
@@ -120,37 +125,48 @@ module Noise
       # and a payload_buffer to write the message's plaintext payload into
       def read_message(message, payload_buffer)
         pattern = @message_patterns.shift
-        dh_fn = @protocol.dh_fn
-        len = dh_fn.dhlen
         pattern.each do |token|
           case token
-          when 'e'
-            @re = message[0...len] if @re.nil?
-            message = message[len..-1]
-            @symmetric_state.mix_hash(@re)
-            @symmetric_state.mix_key(@re) if @protocol.psk_handshake?
-          when 's'
-            offset = @connection.cipher_state_handshake.key? ? 16 : 0
-            temp = message[0...len + offset]
-            message = message[(len + offset)..-1]
-            @rs = @symmetric_state.decrypt_and_hash(temp)
-          when 'ee'
-            @symmetric_state.mix_key(dh_fn.dh(@e.private_key, @re))
-          when 'es'
-            private_key, public_key = @initiator ? [@e.private_key, @rs] : [@s.private_key, @re]
-            @symmetric_state.mix_key(dh_fn.dh(private_key, public_key))
-          when 'se'
-            private_key, public_key = @initiator ? [@s.private_key, @re] : [@e.private_key, @rs]
-            @symmetric_state.mix_key(dh_fn.dh(private_key, public_key))
-          when 'ss'
-            @symmetric_state.mix_key(dh_fn.dh(@s.private_key, @rs))
-          when 'psk'
-            @symmetric_state.mix_key_and_hash(@connection.psks.shift)
+          when Noise::Token::E
+            message, re = extract_key(message, false)
+            @re ||= re
+            mix_e(@re)
+          when Noise::Token::S
+            message, @rs = extract_key(message, true)
+          when Noise::Token::EE, Noise::Token::ES, Noise::Token::SE, Noise::Token::SS
+            token.mix(@symmetric_state, @protocol.dh_fn, @initiator, self)
+          when Noise::Token::PSK
+            mix_psk
           end
         end
         payload_buffer << @symmetric_state.decrypt_and_hash(message)
         @symmetric_state.split if @message_patterns.empty?
       end
+
+      private
+
+      def extract_key(message, is_encrypted)
+        len = @protocol.dh_fn.dhlen
+        offset =
+          if is_encrypted && @connection.cipher_state_handshake.key?
+            16
+          else
+            0
+          end
+        key = message[0...len + offset]
+        message = message[(len + offset)..-1]
+        key = @symmetric_state.decrypt_and_hash(key) if is_encrypted
+        [message, key]
+      end
+
+      def mix_e(public_key)
+        @symmetric_state.mix_hash(public_key)
+        @symmetric_state.mix_key(public_key) if @protocol.psk?
+      end
+
+      def mix_psk
+        @symmetric_state.mix_key_and_hash(@connection.psks.shift)
+      end
     end
   end
 end

data/lib/noise/state/symmetric_state.rb

@@ -11,7 +11,7 @@ module Noise
       attr_reader :h, :ck
       attr_reader :cipher_state
 
-      def initialize_symmetric(protocol, connection)
+      def initialize(protocol, connection)
         @protocol = protocol
         @connection = connection
         @ck = @h = initialize_h(protocol)
@@ -20,6 +20,10 @@ module Noise
         @cipher_state.initialize_key(nil)
       end
 
+      def self.initialize_symmetric(protocol, connection, prologue: nil)
+        new(protocol, connection).tap { |s| s.mix_hash(prologue) if prologue }
+      end
+
       def mix_key(input_key_meterial)
         @ck, temp_k = @protocol.hkdf_fn.call(@ck, input_key_meterial, 2)
         temp_k = truncate(temp_k)

data/lib/noise/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Noise
-  VERSION = '0.10.0'
+  VERSION = '0.10.1'
 end

data/lib/noise.rb

@@ -3,6 +3,7 @@
 require 'noise/version'
 
 require 'ecdsa'
+require 'logger'
 require 'rbnacl'
 require 'ruby_hmac'
 require 'securerandom'
@@ -19,4 +20,15 @@ module Noise
   autoload :Exceptions, 'noise/exceptions'
   autoload :Functions, 'noise/functions'
   autoload :State, 'noise/state'
+
+  def self.logger
+    @logger ||= Logger.new(STDOUT)
+  end
+end
+
+def require_force(name)
+  require name
+  yield if block_given?
+rescue LoadError => e
+  Noise.logger.warn(e.message)
 end

data/noise.gemspec

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-lib = File.expand_path('../lib', __FILE__)
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'noise/version'
 
@@ -22,8 +22,8 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
 
   spec.add_development_dependency 'blake3'
-  spec.add_development_dependency 'bundler', '~> 1.15'
-  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'bundler', '~> 2.0'
+  spec.add_development_dependency 'rake', '>= 12.3.3'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'secp256k1-ruby'
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: noise-ruby
 version: !ruby/object:Gem::Version
-  version: 0.10.0
+  version: 0.10.1
 platform: ruby
 authors:
 - Hajime Yamaguchi
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-01-18 00:00:00.000000000 Z
+date: 2022-08-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: blake3
@@ -30,28 +30,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.15'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.15'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -143,11 +143,11 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ruby.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
 - ".ruby-version"
-- ".travis.yml"
 - CODE_OF_CONDUCT.md
 - Gemfile
 - README.md
@@ -214,8 +214,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: A Ruby implementation of the Noise Protocol framework

data/.travis.yml

@@ -1,5 +0,0 @@
-sudo: false
-language: ruby
-rvm:
-  - 2.4.1
-before_install: gem install bundler -v 1.15.3