tttls1.3 0.2.18 → 0.2.19

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1a07aded25aecad8bd61ff9fd49a70df15c8abf356d4747891486dd81386b68d
-  data.tar.gz: 4637b3288dab22caae951cc43c283057fd3ed215fc5fa86e318becc3369ac7b2
+  metadata.gz: 60aaa0dddc8e01d6ee1c89a81de02e7cd9e05e0169e11381ebb68aa919644f11
+  data.tar.gz: 974b5c89009c2a63a6d99a608b32463cb0b6dc4bb0ed9e915cd03cca45ce2ea9
 SHA512:
-  metadata.gz: 621a8f82c99e21e964cfb6defe14e2f8864f1c42cc94c9af725de2ff73929226d99a694c893ada3fc44c5224be70ec87bfcb291eceab271b33e4759c6c900cd8
-  data.tar.gz: 9088db06f998013577eb647d064e97035047a2cef7799010bc91f18384787bdf158357fd33c296b92ec1bc07a2ad1b307c98d0217735dfef5c6acf565f3c9433
+  metadata.gz: b9ab939f9010481de463c2fbf81dc230cdd653dac47286e1fd61f8820da796a09b0675837dc119ebd8f1ddd137383ccc87aec18edd4945312cb0923ebbe77e52
+  data.tar.gz: 74d0635bba0274cfaf9ed980d2f0cef3351ab1f820a17720424dececaeb86c6ea36d6f9c3d7b69c8e81b52c4790b1796ba59d02a95a30d4afe90bad35767d442

data/.github/workflows/ci.yml

@@ -27,8 +27,11 @@ jobs:
           gem install bundler
           bundle --version
           bundle install
-      - name: Run test
-        run: |
-          bundle exec rake
-          bundle exec rake interop:client
-          bundle exec rake interop:server
+      - name: Run rubocop
+        run: bundle exec rake rubocop
+      - name: Run rspec
+        run: bundle exec rake spec
+      - name: Run interop client
+        run: bundle exec rake interop:client
+      - name: Run interop server
+        run: bundle exec rake interop:server

data/README.md

@@ -92,9 +92,9 @@ tttls1.3 client is configurable using keyword arguments.
 | `:supported_groups` | Array of TTTLS13::NamedGroup constant | `SECP256R1`, `SECP384R1`, `SECP521R1` | List of named groups offered in ClientHello extensions. |
 | `:key_share_groups` | Array of TTTLS13::NamedGroup constant | nil | List of named groups offered in KeyShareClientHello. In default, KeyShareClientHello has only a KeyShareEntry of most preferred named group in `:supported_groups`. You can set this to send KeyShareClientHello that has multiple KeyShareEntry. |
 | `:alpn` | Array of String | nil | List of application protocols offered in ClientHello extensions. If not needed to be present, set nil. |
-| `:process_new_session_ticket` | Proc | nil | Proc that processes received NewSessionTicket. Its 3 arguments are TTTLS13::Message::NewSessionTicket, resumption master secret and cipher suite. If not needed to process NewSessionTicket, set nil. |
+| `:process_new_session_ticket` | Proc | nil | Proc that processes received NewSessionTicket. Its 3 arguments are TTTLS13::Message::NewSessionTicket, resumption main secret and cipher suite. If not needed to process NewSessionTicket, set nil. |
 | `:ticket` | String | nil | The ticket for PSK. |
-| `:resumption_master_secret` | String | nil | The resumption master secret. |
+| `:resumption_secret` | String | nil | The resumption main secret. |
 | `:psk_cipher_suite` | TTTLS13::CipherSuite constant | nil | The cipher suite for PSK. |
 | `:ticket_nonce` | String | nil | The ticket\_nonce for PSK. |
 | `:ticket_age_add` | String | nil | The ticket\_age\_add for PSK. |

data/example/https_client_using_0rtt.rb

@@ -15,7 +15,7 @@ process_new_session_ticket = lambda do |nst, rms, cs|
   return if Time.now.to_i - nst.timestamp > nst.ticket_lifetime
 
   settings_2nd[:ticket] = nst.ticket
-  settings_2nd[:resumption_master_secret] = rms
+  settings_2nd[:resumption_main_secret] = rms
   settings_2nd[:psk_cipher_suite] = cs
   settings_2nd[:ticket_nonce] = nst.ticket_nonce
   settings_2nd[:ticket_age_add] = nst.ticket_age_add

data/example/https_client_using_hrr_and_ticket.rb

@@ -16,7 +16,7 @@ process_new_session_ticket = lambda do |nst, rms, cs|
 
   settings_2nd[:key_share_groups] = [] # empty KeyShareClientHello.client_shares
   settings_2nd[:ticket] = nst.ticket
-  settings_2nd[:resumption_master_secret] = rms
+  settings_2nd[:resumption_main_secret] = rms
   settings_2nd[:psk_cipher_suite] = cs
   settings_2nd[:ticket_nonce] = nst.ticket_nonce
   settings_2nd[:ticket_age_add] = nst.ticket_age_add

data/example/https_client_using_ticket.rb

@@ -15,7 +15,7 @@ process_new_session_ticket = lambda do |nst, rms, cs|
   return if Time.now.to_i - nst.timestamp > nst.ticket_lifetime
 
   settings_2nd[:ticket] = nst.ticket
-  settings_2nd[:resumption_master_secret] = rms
+  settings_2nd[:resumption_main_secret] = rms
   settings_2nd[:psk_cipher_suite] = cs
   settings_2nd[:ticket_nonce] = nst.ticket_nonce
   settings_2nd[:ticket_age_add] = nst.ticket_age_add

data/interop/client_spec.rb

@@ -1,10 +1,10 @@
 # encoding: ascii-8bit
 # frozen_string_literal: true
 
-require_relative 'helper'
+require_relative 'spec_helper'
 
 FIXTURES_DIR = __dir__ + '/../spec/fixtures'
-PORT = 4433
+PORT = 14433
 
 RSpec.describe Client do
   # normal [Boolean] Is this nominal scenarios?
@@ -173,6 +173,7 @@ RSpec.describe Client do
               + '-tls1_3 ' \
               + '-www ' \
               + '-quiet ' \
+              + "-accept #{PORT} " \
               + opt
         pid = spawn('docker run ' \
                     + "--volume #{FIXTURES_DIR}:/tmp " \

data/interop/server_spec.rb

@@ -1,7 +1,7 @@
 # encoding: ascii-8bit
 # frozen_string_literal: true
 
-require_relative 'helper'
+require_relative 'spec_helper'
 
 FIXTURES_DIR = __dir__ + '/../spec/fixtures'
 PORT = 4433
@@ -187,8 +187,6 @@ RSpec.describe Server do
 
       let(:client) do
         ip = Socket.ip_address_list.find(&:ipv4_private?).ip_address
-        wait_to_listen(ip, PORT)
-
         cmd = 'echo -n ping | openssl s_client ' \
               + "-connect local:#{PORT} " \
               + '-tls1_3 ' \

data/interop/{helper.rb → spec_helper.rb}

@@ -13,13 +13,20 @@ include TTTLS13::Error
 # rubocop: enable Style/MixinUsage
 
 def wait_to_listen(host, port)
-  loop do
-    s = TCPSocket.open(host, port) # check by TCP handshake
-  rescue # rubocop: disable Style/RescueStandardError
-    sleep(0.2)
+  10.times do
+    soc = TCPSocket.open(host, port)
+    ctx = OpenSSL::SSL::SSLContext.new
+    ctx.max_version = OpenSSL::SSL::TLS1_3_VERSION
+    ssl = OpenSSL::SSL::SSLSocket.new(soc, ctx)
+    ssl.sync_close = true
+    ssl.connect
+  rescue => e # rubocop: disable Style/RescueStandardError
+    p e
+    soc&.close
+    sleep(0.5)
     next
   else
-    s.close
+    ssl.close
     break
   end
 end

data/lib/tttls1.3/client.rb

@@ -58,7 +58,9 @@ module TTTLS13
     alpn: nil,
     process_new_session_ticket: nil,
     ticket: nil,
+    # @deprecated Please use `resumption_secret` instead
     resumption_master_secret: nil,
+    resumption_secret: nil,
     psk_cipher_suite: nil,
     ticket_nonce: nil,
     ticket_age_add: nil,
@@ -84,6 +86,15 @@ module TTTLS13
       @endpoint = :client
       @hostname = hostname
       @settings = DEFAULT_CLIENT_SETTINGS.merge(settings)
+      # NOTE: backward compatibility
+      if @settings[:resumption_secret].nil? &&
+         !@settings[:resumption_master_secret].nil?
+        @settings[:resumption_secret] =
+          @settings.delete(:resumption_master_secret) \
+      end
+      raise Error::ConfigError if @settings[:resumption_secret] !=
+                                  @settings[:resumption_master_secret]
+
       logger.level = @settings[:loglevel]
 
       @early_data = ''
@@ -137,7 +148,7 @@ module TTTLS13
       priv_keys = {} # Hash of NamedGroup => OpenSSL::PKey::$Object
       if use_psk?
         psk = gen_psk_from_nst(
-          @settings[:resumption_master_secret],
+          @settings[:resumption_secret],
           @settings[:ticket_nonce],
           CipherSuite.digest(@settings[:psk_cipher_suite])
         )
@@ -423,8 +434,8 @@ module TTTLS13
             transcript[CH].first.random,
             key_schedule.server_application_traffic_secret
           )
-          @exporter_master_secret = key_schedule.exporter_master_secret
-          @resumption_master_secret = key_schedule.resumption_master_secret
+          @exporter_secret = key_schedule.exporter_secret
+          @resumption_secret = key_schedule.resumption_secret
           @state = ClientState::CONNECTED
         when ClientState::CONNECTED
           logger.debug('ClientState::CONNECTED')
@@ -544,7 +555,7 @@ module TTTLS13
     # @return [Boolean]
     def use_psk?
       !@settings[:ticket].nil? &&
-        !@settings[:resumption_master_secret].nil? &&
+        !@settings[:resumption_secret].nil? &&
         !@settings[:psk_cipher_suite].nil? &&
         !@settings[:ticket_nonce].nil? &&
         !@settings[:ticket_age_add].nil? &&
@@ -568,14 +579,14 @@ module TTTLS13
       send_record(ap_record)
     end
 
-    # @param resumption_master_secret [String]
+    # @param resumption_secret [String]
     # @param ticket_nonce [String]
     # @param digest [String] name of digest algorithm
     #
     # @return [String]
-    def gen_psk_from_nst(resumption_master_secret, ticket_nonce, digest)
+    def gen_psk_from_nst(resumption_secret, ticket_nonce, digest)
       hash_len = OpenSSL::Digest.new(digest).digest_length
-      KeySchedule.hkdf_expand_label(resumption_master_secret, 'resumption',
+      KeySchedule.hkdf_expand_label(resumption_secret, 'resumption',
                                     ticket_nonce, hash_len, digest)
     end
 
@@ -949,7 +960,7 @@ module TTTLS13
     def process_new_session_ticket(nst)
       super(nst)
 
-      rms = @resumption_master_secret
+      rms = @resumption_secret
       cs = @cipher_suite
       @settings[:process_new_session_ticket]&.call(nst, rms, cs)
     end

data/lib/tttls1.3/connection.rb

@@ -25,7 +25,7 @@ module TTTLS13
       @send_record_size = Message::DEFAULT_RECORD_SIZE_LIMIT
       @recv_record_size = Message::DEFAULT_RECORD_SIZE_LIMIT
       @alpn = nil # String
-      @exporter_master_secret = nil # String
+      @exporter_secret = nil # String
     end
 
     # @raise [TTTLS13::Error::ConfigError]
@@ -109,15 +109,15 @@ module TTTLS13
     #
     # @return [String, nil]
     def exporter(label, context, key_length)
-      return nil if @exporter_master_secret.nil? || @cipher_suite.nil?
+      return nil if @exporter_secret.nil? || @cipher_suite.nil?
 
       digest = CipherSuite.digest(@cipher_suite)
-      do_exporter(@exporter_master_secret, digest, label, context, key_length)
+      do_exporter(@exporter_secret, digest, label, context, key_length)
     end
 
     private
 
-    # @param secret [String] (early_)exporter_master_secret
+    # @param secret [String] (early_)exporter_secret
     # @param digest [String] name of digest algorithm
     # @param label [String]
     # @param context [String]
@@ -517,10 +517,8 @@ module TTTLS13
     #
     # @return [Array of TTTLS13::Message::Extension::SignatureAlgorithms]
     def do_select_signature_algorithms(signature_algorithms, crt)
-      spki = OpenSSL::Netscape::SPKI.new
-      spki.public_key = crt.public_key
-      pka = OpenSSL::ASN1.decode(spki.to_der)
-                         .value.first.value.first.value.first.value.first.value
+      pka = OpenSSL::ASN1.decode(crt.public_key.to_der)
+                         .value.first.value.first.value
       signature_algorithms.select do |sa|
         case sa
         when SignatureScheme::ECDSA_SECP256R1_SHA256,

data/lib/tttls1.3/key_schedule.rb

@@ -61,8 +61,15 @@ module TTTLS13
       self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
     end
 
+    # @deprecated Please use `early_exporter_secret` instead
+    #
     # @return [String]
     def early_exporter_master_secret
+      early_exporter_secret
+    end
+
+    # @return [String]
+    def early_exporter_secret
       hash = OpenSSL::Digest.digest(@digest, '')
       derive_secret(early_secret, 'e exp master', hash)
     end
@@ -126,22 +133,36 @@ module TTTLS13
       self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
     end
 
+    # @deprecated Please use `main_salt` instead
+    #
     # @return [String]
     def master_salt
+      main_salt
+    end
+
+    # @return [String]
+    def main_salt
       hash = OpenSSL::Digest.digest(@digest, '')
       derive_secret(handshake_secret, 'derived', hash)
     end
 
+    # @deprecated Please use `main_secret` instead
+    #
     # @return [String]
     def master_secret
+      main_secret
+    end
+
+    # @return [String]
+    def main_secret
       ikm = "\x00" * @hash_len
-      hkdf_extract(ikm, master_salt)
+      hkdf_extract(ikm, main_salt)
     end
 
     # @return [String]
     def client_application_traffic_secret
       hash = @transcript.hash(@digest, SF)
-      derive_secret(master_secret, 'c ap traffic', hash)
+      derive_secret(main_secret, 'c ap traffic', hash)
     end
 
     # @return [String]
@@ -159,7 +180,7 @@ module TTTLS13
     # @return [String]
     def server_application_traffic_secret
       hash = @transcript.hash(@digest, SF)
-      derive_secret(master_secret, 's ap traffic', hash)
+      derive_secret(main_secret, 's ap traffic', hash)
     end
 
     # @return [String]
@@ -174,16 +195,30 @@ module TTTLS13
       self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
     end
 
+    # @deprecated Please use `exporter_secret` instead
+    #
     # @return [String]
     def exporter_master_secret
+      exporter_secret
+    end
+
+    # @return [String]
+    def exporter_secret
       hash = @transcript.hash(@digest, SF)
-      derive_secret(master_secret, 'exp master', hash)
+      derive_secret(main_secret, 'exp master', hash)
     end
 
+    # @deprecated Please use `resumption_secret` instead
+    #
     # @return [String]
     def resumption_master_secret
+      resumption_secret
+    end
+
+    # @return [String]
+    def resumption_secret
       hash = @transcript.hash(@digest, CF)
-      derive_secret(master_secret, 'res master', hash)
+      derive_secret(main_secret, 'res master', hash)
     end
 
     # @param ikm [String]

data/lib/tttls1.3/message/extension/key_share.rb

@@ -91,8 +91,7 @@ module TTTLS13
           priv_keys = {}
           kse = groups.map do |group|
             curve = NamedGroup.curve_name(group)
-            ec = OpenSSL::PKey::EC.new(curve)
-            ec.generate_key!
+            ec = OpenSSL::PKey::EC.generate(curve)
             # store private key to do the key-exchange
             priv_keys.store(group, ec)
             KeyShareEntry.new(
@@ -115,8 +114,7 @@ module TTTLS13
         # @return [OpenSSL::PKey::EC.$Object]
         def self.gen_sh_key_share(group)
           curve = NamedGroup.curve_name(group)
-          ec = OpenSSL::PKey::EC.new(curve)
-          ec.generate_key!
+          ec = OpenSSL::PKey::EC.generate(curve)
 
           key_share = KeyShare.new(
             msg_type: HandshakeType::SERVER_HELLO,

data/lib/tttls1.3/server.rb

@@ -323,7 +323,7 @@ module TTTLS13
             transcript[CH].first.random,
             key_schedule.client_application_traffic_secret
           )
-          @exporter_master_secret = key_schedule.exporter_master_secret
+          @exporter_secret = key_schedule.exporter_secret
           @state = ServerState::CONNECTED
         when ServerState::CONNECTED
           logger.debug('ServerState::CONNECTED')

data/lib/tttls1.3/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TTTLS13
-  VERSION = '0.2.18'
+  VERSION = '0.2.19'
 end

data/spec/connection_spec.rb

@@ -6,13 +6,28 @@ require_relative 'spec_helper'
 RSpec.describe Connection do
   context 'connection, Simple 1-RTT Handshake,' do
     let(:key) do
-      rsa = OpenSSL::PKey::RSA.new
-      rsa.set_key(OpenSSL::BN.new(TESTBINARY_PKEY_MODULUS, 2),
-                  OpenSSL::BN.new(TESTBINARY_PKEY_PUBLIC_EXPONENT, 2),
-                  OpenSSL::BN.new(TESTBINARY_PKEY_PRIVATE_EXPONENT, 2))
-      rsa.set_factors(OpenSSL::BN.new(TESTBINARY_PKEY_PRIME1, 2),
-                      OpenSSL::BN.new(TESTBINARY_PKEY_PRIME2, 2))
-      rsa
+      n = OpenSSL::BN.new(TESTBINARY_PKEY_MODULUS, 2)
+      e = OpenSSL::BN.new(TESTBINARY_PKEY_PUBLIC_EXPONENT, 2)
+      d = OpenSSL::BN.new(TESTBINARY_PKEY_PRIVATE_EXPONENT, 2)
+      p = OpenSSL::BN.new(TESTBINARY_PKEY_PRIME1, 2)
+      q = OpenSSL::BN.new(TESTBINARY_PKEY_PRIME2, 2)
+      dmp1 = d % (p - 1.to_bn)
+      dmq1 = d % (q - 1.to_bn)
+      iqmp = q**-1.to_bn % p
+      asn1 = OpenSSL::ASN1::Sequence(
+        [
+          OpenSSL::ASN1::Integer(0),
+          OpenSSL::ASN1::Integer(n),
+          OpenSSL::ASN1::Integer(e),
+          OpenSSL::ASN1::Integer(d),
+          OpenSSL::ASN1::Integer(p),
+          OpenSSL::ASN1::Integer(q),
+          OpenSSL::ASN1::Integer(dmp1),
+          OpenSSL::ASN1::Integer(dmq1),
+          OpenSSL::ASN1::Integer(iqmp)
+        ]
+      )
+      OpenSSL::PKey::RSA.new(asn1)
     end
 
     let(:ct) do

data/spec/extensions_spec.rb

@@ -35,8 +35,7 @@ RSpec.describe Extensions do
   end
 
   let(:key_share) do
-    ec = OpenSSL::PKey::EC.new('prime256v1')
-    ec.generate_key!
+    ec = OpenSSL::PKey::EC.generate('prime256v1')
     KeyShare.new(
       msg_type: HandshakeType::CLIENT_HELLO,
       key_share_entry: [

data/spec/key_schedule_spec.rb

@@ -37,9 +37,9 @@ RSpec.describe KeySchedule do
         .to eq TESTBINARY_C_AP_TRAFFIC
       expect(key_schedule.server_application_traffic_secret)
         .to eq TESTBINARY_S_AP_TRAFFIC
-      expect(key_schedule.exporter_master_secret)
+      expect(key_schedule.exporter_secret)
         .to eq TESTBINARY_EXP_MASTER
-      expect(key_schedule.resumption_master_secret)
+      expect(key_schedule.resumption_secret)
         .to eq TESTBINARY_RES_MASTER
     end
 

data/spec/server_spec.rb

@@ -109,13 +109,28 @@ RSpec.describe Server do
 
   context 'server' do
     let(:key) do
-      rsa = OpenSSL::PKey::RSA.new
-      rsa.set_key(OpenSSL::BN.new(TESTBINARY_PKEY_MODULUS, 2),
-                  OpenSSL::BN.new(TESTBINARY_PKEY_PUBLIC_EXPONENT, 2),
-                  OpenSSL::BN.new(TESTBINARY_PKEY_PRIVATE_EXPONENT, 2))
-      rsa.set_factors(OpenSSL::BN.new(TESTBINARY_PKEY_PRIME1, 2),
-                      OpenSSL::BN.new(TESTBINARY_PKEY_PRIME2, 2))
-      rsa
+      n = OpenSSL::BN.new(TESTBINARY_PKEY_MODULUS, 2)
+      e = OpenSSL::BN.new(TESTBINARY_PKEY_PUBLIC_EXPONENT, 2)
+      d = OpenSSL::BN.new(TESTBINARY_PKEY_PRIVATE_EXPONENT, 2)
+      p = OpenSSL::BN.new(TESTBINARY_PKEY_PRIME1, 2)
+      q = OpenSSL::BN.new(TESTBINARY_PKEY_PRIME2, 2)
+      dmp1 = d % (p - 1.to_bn)
+      dmq1 = d % (q - 1.to_bn)
+      iqmp = q**-1.to_bn % p
+      asn1 = OpenSSL::ASN1::Sequence(
+        [
+          OpenSSL::ASN1::Integer(0),
+          OpenSSL::ASN1::Integer(n),
+          OpenSSL::ASN1::Integer(e),
+          OpenSSL::ASN1::Integer(d),
+          OpenSSL::ASN1::Integer(p),
+          OpenSSL::ASN1::Integer(q),
+          OpenSSL::ASN1::Integer(dmp1),
+          OpenSSL::ASN1::Integer(dmq1),
+          OpenSSL::ASN1::Integer(iqmp)
+        ]
+      )
+      OpenSSL::PKey::RSA.new(asn1)
     end
 
     let(:ct) do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tttls1.3
 version: !ruby/object:Gem::Version
-  version: 0.2.18
+  version: 0.2.19
 platform: ruby
 authors:
 - thekuwayama
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-18 00:00:00.000000000 Z
+date: 2023-01-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -78,8 +78,8 @@ files:
 - example/https_client_using_ticket.rb
 - example/https_server.rb
 - interop/client_spec.rb
-- interop/helper.rb
 - interop/server_spec.rb
+- interop/spec_helper.rb
 - lib/tttls1.3.rb
 - lib/tttls1.3/cipher_suites.rb
 - lib/tttls1.3/client.rb