tttls1.3 0.3.3 → 0.3.5

data/lib/tttls1.3/message/server_hello.rb

@@ -34,13 +34,8 @@ module TTTLS13
       "\xc2\xa2\x11\x16\x7a\xbb\x8c\x5e\x07\x9e\x09\xe2\xc8\xa8\x33\x9c"
 
     class ServerHello
-      attr_reader :msg_type
-      attr_reader :legacy_version
-      attr_reader :random
-      attr_reader :legacy_session_id_echo
-      attr_reader :cipher_suite
-      attr_reader :legacy_compression_method
-      attr_reader :extensions
+      attr_reader :msg_type, :legacy_version, :random, :legacy_session_id_echo, :cipher_suite,
+                  :legacy_compression_method, :extensions
 
       # @param legacy_version [String]
       # @param random [String]
@@ -49,10 +44,8 @@ module TTTLS13
       # @param legacy_compression_method [String]
       # @param extensions [TTTLS13::Message::Extensions]
       # rubocop: disable Metrics/ParameterLists
-      def initialize(legacy_version: ProtocolVersion::TLS_1_2,
+      def initialize(legacy_session_id_echo:, cipher_suite:, legacy_version: ProtocolVersion::TLS_1_2,
                      random: OpenSSL::Random.random_bytes(32),
-                     legacy_session_id_echo:,
-                     cipher_suite:,
                      legacy_compression_method: "\x00",
                      extensions: Extensions.new)
         @msg_type = HandshakeType::SERVER_HELLO
@@ -84,9 +77,7 @@ module TTTLS13
       #
       # @return [TTTLS13::Message::ServerHello]
       # rubocop: disable Metrics/AbcSize
-      # rubocop: disable Metrics/CyclomaticComplexity
       # rubocop: disable Metrics/MethodLength
-      # rubocop: disable Metrics/PerceivedComplexity
       def self.deserialize(binary)
         raise Error::ErrorAlerts, :internal_error if binary.nil?
         raise Error::ErrorAlerts, :decode_error if binary.length < 39
@@ -116,18 +107,16 @@ module TTTLS13
         raise Error::ErrorAlerts, :decode_error unless i == msg_len + 4 &&
                                                        i == binary.length
 
-        ServerHello.new(legacy_version: legacy_version,
-                        random: random,
-                        legacy_session_id_echo: legacy_session_id_echo,
-                        cipher_suite: cipher_suite,
-                        legacy_compression_method: legacy_compression_method,
-                        extensions: extensions)
+        ServerHello.new(legacy_version:,
+                        random:,
+                        legacy_session_id_echo:,
+                        cipher_suite:,
+                        legacy_compression_method:,
+                        extensions:)
       end
+
       # rubocop: enable Metrics/AbcSize
-      # rubocop: enable Metrics/CyclomaticComplexity
       # rubocop: enable Metrics/MethodLength
-      # rubocop: enable Metrics/PerceivedComplexity
-
       # @return [Boolean]
       def hrr?
         @random == HRR_RANDOM

data/lib/tttls1.3/named_group.rb

@@ -6,8 +6,8 @@ module TTTLS13
     SECP256R1 = "\x00\x17"
     SECP384R1 = "\x00\x18"
     SECP521R1 = "\x00\x19"
-    # X25519    = "\x00\x1d" # UNSUPPORTED
-    # X448      = "\x00\x1e" # UNSUPPORTED
+    X25519    = "\x00\x1d"
+    X448      = "\x00\x1e"
     # FFDHE2048 = "\x01\x00" # UNSUPPORTED
     # FFDHE3072 = "\x01\x01" # UNSUPPORTED
     # FFDHE4096 = "\x01\x02" # UNSUPPORTED
@@ -17,7 +17,6 @@ module TTTLS13
     # ecdhe_private_use "\xfe\x00" ~ "\xfe\xff"
 
     class << self
-      # NOTE:
       # For secp256r1, secp384r1, and secp521r1
       #
       #     struct {
@@ -26,6 +25,8 @@ module TTTLS13
       #         opaque Y[coordinate_length];
       #     } UncompressedPointRepresentation;
       #
+      # https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.8.2
+      #
       # @param group [TTTLS13::Message::Extension::NamedGroup]
       #
       # @raise [TTTLS13::Error::ErrorAlerts]
@@ -39,11 +40,11 @@ module TTTLS13
           97
         when SECP521R1
           133
+        when X25519
+          32
+        when X448
+          56
         # not supported other NamedGroup
-        # when X25519
-        #   32
-        # when X448
-        #   56
         # when FFDHE2048
         #   256
         # when FFDHE4096
@@ -57,7 +58,6 @@ module TTTLS13
         end
       end
 
-      # NOTE:
       # SECG        |  ANSI X9.62   |  NIST
       # ------------+---------------+-------------
       # secp256r1   |  prime256v1   |   NIST P-256
@@ -66,7 +66,7 @@ module TTTLS13
       #
       # https://datatracker.ietf.org/doc/html/rfc4492#appendix-A
       #
-      # @param groups [Array of TTTLS13::Message::Extension::NamedGroup]
+      # @param group [TTTLS13::Message::Extension::NamedGroup]
       #
       # @raise [TTTLS13::Error::ErrorAlerts]
       #
@@ -79,6 +79,10 @@ module TTTLS13
           'secp384r1'
         when SECP521R1
           'secp521r1'
+        when X25519
+          'X25519'
+        when X448
+          'X448'
         else
           # not supported other NamedGroup
           raise Error::ErrorAlerts, :internal_error

data/lib/tttls1.3/server.rb

@@ -38,6 +38,7 @@ module TTTLS13
   private_constant :DEFAULT_SP_SIGNATURE_ALGORITHMS
 
   DEFAULT_SP_NAMED_GROUP_LIST = [
+    NamedGroup::X25519,
     NamedGroup::SECP256R1,
     NamedGroup::SECP384R1,
     NamedGroup::SECP521R1
@@ -73,6 +74,7 @@ module TTTLS13
 
     # @param socket [Socket]
     # @param settings [Hash]
+    # rubocop: disable Metrics/AbcSize
     def initialize(socket, **settings)
       @connection = Connection.new(socket, :server)
       @settings = DEFAULT_SERVER_SETTINGS.merge(settings)
@@ -95,8 +97,8 @@ module TTTLS13
         raise Error::ConfigError unless cert.verify(sign.public_key)
       end
     end
+    # rubocop: enable Metrics/AbcSize
 
-    # NOTE:
     #                              START <-----+
     #               Recv ClientHello |         | Send HelloRetryRequest
     #                                v         |
@@ -148,7 +150,7 @@ module TTTLS13
     def accept
       @transcript = Transcript.new
       key_schedule = nil # TTTLS13::KeySchedule
-      priv_key = nil # OpenSSL::PKey::$Object
+      shared_secret = nil # TTTLS13::SharedSecret
       hs_wcipher = nil # TTTLS13::Cryptograph::$Object
       hs_rcipher = nil # TTTLS13::Cryptograph::$Object
       sslkeylogfile = nil # TTTLS13::SslKeyLogFile::Writer
@@ -187,7 +189,7 @@ module TTTLS13
           ch_alpn = ch.extensions[
             Message::ExtensionType::APPLICATION_LAYER_PROTOCOL_NEGOTIATION
           ]
-          if !@settings[:alpn].nil? && !@settings[:alpn].empty? && !ch_alpn.nil?
+          if use_alpn? && !ch_alpn.nil?
             @alpn = ch_alpn.protocol_name_list
                            .find { |p| @settings[:alpn].include?(p) }
 
@@ -223,7 +225,7 @@ module TTTLS13
           logger.debug('ServerState::NEGOTIATED')
 
           ch, = @transcript[CH]
-          extensions, priv_key = gen_sh_extensions(@named_group)
+          extensions, shared_secret = gen_sh_extensions(@named_group)
           sh = send_server_hello(
             extensions,
             @cipher_suite,
@@ -234,13 +236,12 @@ module TTTLS13
 
           # generate shared secret
           ke = ch.extensions[Message::ExtensionType::KEY_SHARE]
-                &.key_share_entry
-                &.find { |kse| kse.group == @named_group }
-                &.key_exchange
-          shared_secret = Endpoint.gen_shared_secret(ke, priv_key, @named_group)
+                 &.key_share_entry
+                 &.find { |kse| kse.group == @named_group }
+                 &.key_exchange
           key_schedule = KeySchedule.new(
             psk: @psk,
-            shared_secret: shared_secret,
+            shared_secret: shared_secret.build(@named_group, ke),
             cipher_suite: @cipher_suite,
             transcript: @transcript
           )
@@ -286,8 +287,8 @@ module TTTLS13
           @transcript[CV] = [cv, cv.serialize]
           finished_key = key_schedule.server_finished_key
           signature = Endpoint.sign_finished(
-            digest: digest,
-            finished_key: finished_key,
+            digest:,
+            finished_key:,
             hash: @transcript.hash(digest, CV)
           )
           sf = Message::Finished.new(signature)
@@ -305,7 +306,7 @@ module TTTLS13
           digest = CipherSuite.digest(@cipher_suite)
           verified = Endpoint.verified_finished?(
             finished: cf,
-            digest: digest,
+            digest:,
             finished_key: key_schedule.client_finished_key,
             hash: @transcript.hash(digest, EOED)
           )
@@ -417,6 +418,11 @@ module TTTLS13
       true
     end
 
+    # @return [Boolean]
+    def use_alpn?
+      !@settings[:alpn].nil? && !@settings[:alpn].empty?
+    end
+
     # @param receivable_ccs [Boolean]
     #
     # @raise [TTTLS13::Error::ErrorAlerts]
@@ -425,7 +431,7 @@ module TTTLS13
     # @return [String]
     def recv_client_hello(receivable_ccs)
       ch, orig_msg = @connection.recv_message(
-        receivable_ccs: receivable_ccs,
+        receivable_ccs:,
         cipher: Cryptograph::Passer.new
       )
       @connection.terminate(:unexpected_message) \
@@ -442,8 +448,8 @@ module TTTLS13
     def send_server_hello(extensions, cipher_suite, session_id)
       sh = Message::ServerHello.new(
         legacy_session_id_echo: session_id,
-        cipher_suite: cipher_suite,
-        extensions: extensions
+        cipher_suite:,
+        extensions:
       )
       @connection.send_handshakes(Message::ContentType::HANDSHAKE, [sh],
                                   Cryptograph::Passer.new)
@@ -464,9 +470,9 @@ module TTTLS13
 
       # key_share
       sp_groups = ch1.extensions[Message::ExtensionType::SUPPORTED_GROUPS]
-                    &.named_group_list || []
+                     &.named_group_list || []
       ks_groups = ch1.extensions[Message::ExtensionType::KEY_SHARE]
-                    &.key_share_entry&.map(&:group) || []
+                     &.key_share_entry&.map(&:group) || []
       ksg = sp_groups.find do |g|
         !ks_groups.include?(g) && @settings[:supported_groups].include?(g)
       end
@@ -477,7 +483,7 @@ module TTTLS13
       sh = Message::ServerHello.new(
         random: Message::HRR_RANDOM,
         legacy_session_id_echo: ch1.legacy_session_id,
-        cipher_suite: cipher_suite,
+        cipher_suite:,
         extensions: exs
       )
       @connection.send_handshakes(Message::ContentType::HANDSHAKE, [sh],
@@ -514,7 +520,6 @@ module TTTLS13
     # @param ocsp_response [OpenSSL::OCSP::Response]
     #
     # @return [TTTLS13::Message::Certificate, CompressedCertificate, nil]
-    # rubocop: disable Metrics/CyclomaticComplexity
     def gen_certificate(crt, ch, chain = [], ocsp_response = nil)
       exs = Message::Extensions.new
       # status_request
@@ -541,7 +546,6 @@ module TTTLS13
 
       ct
     end
-    # rubocop: enable Metrics/CyclomaticComplexity
 
     # @param key [OpenSSL::PKey::PKey]
     # @param signature_scheme [TTTLS13::SignatureScheme]
@@ -550,12 +554,12 @@ module TTTLS13
     # @return [TTTLS13::Message::CertificateVerify, nil]
     def gen_certificate_verify(key, signature_scheme, hash)
       signature = sign_certificate_verify(
-        key: key,
-        signature_scheme: signature_scheme,
-        hash: hash
+        key:,
+        signature_scheme:,
+        hash:
       )
-      Message::CertificateVerify.new(signature_scheme: signature_scheme,
-                                     signature: signature)
+      Message::CertificateVerify.new(signature_scheme:,
+                                     signature:)
     end
 
     # @param cipher [TTTLS13::Cryptograph::Aead]
@@ -566,7 +570,7 @@ module TTTLS13
     # @return [String]
     def recv_finished(cipher)
       cf, orig_msg \
-        = @connection.recv_message(receivable_ccs: true, cipher: cipher)
+        = @connection.recv_message(receivable_ccs: true, cipher:)
       @connection.terminate(:unexpected_message) \
         unless cf.is_a?(Message::Finished)
 
@@ -576,7 +580,7 @@ module TTTLS13
     # @param named_group [TTTLS13::NamedGroup]
     #
     # @return [TTTLS13::Message::Extensions]
-    # @return [OpenSSL::PKey::EC.$Object]
+    # @return [TTTLS13::SharedSecret]
     def gen_sh_extensions(named_group)
       exs = Message::Extensions.new
       # supported_versions: only TLS 1.3
@@ -585,11 +589,11 @@ module TTTLS13
       )
 
       # key_share
-      key_share, priv_key \
+      key_share, shared_secret \
                  = Message::Extension::KeyShare.gen_sh_key_share(named_group)
       exs << key_share
 
-      [exs, priv_key]
+      [exs, shared_secret]
     end
 
     # @param ch [TTTLS13::Message::ClientHello]
@@ -626,10 +630,10 @@ module TTTLS13
     # @return [String]
     def sign_certificate_verify(key:, signature_scheme:, hash:)
       Endpoint.sign_certificate_verify(
-        key: key,
-        signature_scheme: signature_scheme,
+        key:,
+        signature_scheme:,
         context: 'TLS 1.3, server CertificateVerify',
-        hash: hash
+        hash:
       )
     end
 
@@ -647,7 +651,7 @@ module TTTLS13
     # @return [TTTLS13::NamedGroup, nil]
     def select_named_group(ch)
       ks_groups = ch.extensions[Message::ExtensionType::KEY_SHARE]
-                   &.key_share_entry&.map(&:group) || []
+                    &.key_share_entry&.map(&:group) || []
 
       ks_groups.find do |g|
         @settings[:supported_groups].include?(g)
@@ -660,7 +664,7 @@ module TTTLS13
     # @return [TTTLS13::SignatureScheme, nil]
     def select_signature_scheme(ch, crt)
       algorithms = ch.extensions[Message::ExtensionType::SIGNATURE_ALGORITHMS]
-                    &.supported_signature_algorithms || []
+                     &.supported_signature_algorithms || []
 
       Endpoint.select_signature_algorithms(algorithms, crt).find do |ss|
         @settings[:signature_algorithms].include?(ss)
@@ -673,7 +677,7 @@ module TTTLS13
     # @return [Boolean]
     def recognized_server_name?(ch, crt)
       server_name = ch.extensions[Message::ExtensionType::SERVER_NAME]
-                     &.server_name
+                      &.server_name
       return true if server_name.nil?
 
       Endpoint.matching_san?(crt, server_name)

data/lib/tttls1.3/shared_secret.rb

@@ -0,0 +1,118 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+module TTTLS13
+  class SharedSecret
+    def initialize
+      @priv_keys = {}
+    end
+
+    # @param group [TTTLS13::NamedGroup]
+    # @param priv_key [OpenSSL::PKey::EC.$Object | OpenSSL::PKey::PKey.$Object]
+    def store!(group, priv_key)
+      @priv_keys[group] = priv_key
+    end
+
+    # @param group [TTTLS13::NamedGroup]
+    # @param key_exchange [String]
+    #
+    # @return String
+    # rubocop: disable Metrics/MethodLength
+    def build(group, key_exchange)
+      case group
+      when NamedGroup::SECP256R1, NamedGroup::SECP384R1, NamedGroup::SECP521R1
+        curve = NamedGroup.curve_name(group)
+        pub_key = OpenSSL::PKey::EC::Point.new(
+          OpenSSL::PKey::EC::Group.new(curve),
+          OpenSSL::BN.new(key_exchange, 2)
+        )
+        @priv_keys[group].dh_compute_key(pub_key)
+      when NamedGroup::X25519
+        asn1_seq = OpenSSL::ASN1.Sequence(
+          [
+            OpenSSL::ASN1.Sequence(
+              [
+                # https://datatracker.ietf.org/doc/html/rfc8410#section-3
+                OpenSSL::ASN1.ObjectId('1.3.101.110')
+              ]
+            ),
+            OpenSSL::ASN1.BitString(key_exchange)
+          ]
+        )
+
+        @priv_keys[group].derive(OpenSSL::PKey.read(asn1_seq.to_der))
+      when NamedGroup::X448
+        asn1_seq = OpenSSL::ASN1.Sequence(
+          [
+            OpenSSL::ASN1.Sequence(
+              [
+                # https://datatracker.ietf.org/doc/html/rfc8410#section-3
+                OpenSSL::ASN1.ObjectId('1.3.101.111')
+              ]
+            ),
+            OpenSSL::ASN1.BitString(key_exchange)
+          ]
+        )
+
+        @priv_keys[group].derive(OpenSSL::PKey.read(asn1_seq.to_der))
+      else
+        # not supported other NamedGroup
+        raise Error::ErrorAlerts, :internal_error
+      end
+    end
+    # rubocop: enable Metrics/MethodLength
+
+    # @return [Array of TTTLS13::Message::Extensions::KeyShare]
+    def key_share_entries
+      @priv_keys.map do |group, priv_key|
+        case group
+        when NamedGroup::SECP256R1, NamedGroup::SECP384R1, NamedGroup::SECP521R1
+          Message::Extension::KeyShareEntry.new(
+            group:,
+            key_exchange: priv_key.public_key.to_octet_string(:uncompressed)
+          )
+        when NamedGroup::X25519, NamedGroup::X448
+          n_pk = NamedGroup.key_exchange_len(group)
+          Message::Extension::KeyShareEntry.new(
+            group:,
+            key_exchange: priv_key.public_to_der[-n_pk, n_pk]
+          )
+        else
+          # not supported other NamedGroup
+          raise Error::ErrorAlerts, :internal_error
+        end
+      end
+    end
+
+    # @param group [TTTLS13::Message::Extension::NamedGroup]
+    #
+    # @return [OpenSSL::PKey::EC.$Object | OpenSSL::PKey::PKey.$Object]]
+    def [](group)
+      @priv_keys[group]
+    end
+
+    # @param groups [Array of TTTLS13::NamedGroup]
+    #
+    # @return [TTTLS13::SharedSecret]
+    def self.gen_from_named_groups(groups)
+      shared_secret = SharedSecret.new
+
+      groups.each do |group|
+        case group
+        when NamedGroup::SECP256R1, NamedGroup::SECP384R1, NamedGroup::SECP521R1
+          curve = NamedGroup.curve_name(group)
+          ec = OpenSSL::PKey::EC.generate(curve)
+          shared_secret.store!(group, ec)
+        when NamedGroup::X25519, NamedGroup::X448
+          pkey = OpenSSL::PKey.generate_key(NamedGroup.curve_name(group))
+          shared_secret.store!(group, pkey)
+        else
+          # not supported other NamedGroup
+          raise Error::ErrorAlerts, :internal_error
+        end
+      end
+
+      shared_secret
+    end
+  end
+end

data/lib/tttls1.3/utils.rb

@@ -69,21 +69,6 @@ module TTTLS13
         length.to_uint64 + self
       end
     end
-
-    refine OpenSSL::X509::Certificate do
-      unless method_defined?(:ocsp_uris)
-        define_method(:ocsp_uris) do
-          aia = extensions.find { |ex| ex.oid == 'authorityInfoAccess' }
-          return nil if aia.nil?
-
-          ostr = OpenSSL::ASN1.decode(aia.to_der).value.last
-          ocsp = OpenSSL::ASN1.decode(ostr.value)
-                              .map(&:value)
-                              .select { |des| des.first.value == 'OCSP' }
-          ocsp&.map { |o| o[1].value }
-        end
-      end
-    end
   end
 
   module Convert

data/lib/tttls1.3/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TTTLS13
-  VERSION = '0.3.3'
+  VERSION = '0.3.5'
 end

data/lib/tttls1.3.rb

@@ -2,7 +2,6 @@
 
 require 'openssl'
 require 'net/http'
-require 'pp'
 require 'logger'
 
 require 'ech_config'
@@ -18,6 +17,7 @@ require 'tttls1.3/named_group'
 require 'tttls1.3/cryptograph'
 require 'tttls1.3/transcript'
 require 'tttls1.3/key_schedule'
+require 'tttls1.3/shared_secret'
 require 'tttls1.3/message'
 require 'tttls1.3/sequence_number'
 require 'tttls1.3/sslkeylogfile'

data/spec/certificate_verify_spec.rb

@@ -13,7 +13,7 @@ RSpec.describe CertificateVerify do
     let(:message) do
       CertificateVerify.new(
         signature_scheme: SignatureScheme::RSA_PSS_RSAE_SHA256,
-        signature: signature
+        signature:
       )
     end
 

data/spec/client_hello_spec.rb

@@ -21,9 +21,9 @@ RSpec.describe ClientHello do
     end
 
     let(:message) do
-      ClientHello.new(random: random,
-                      legacy_session_id: legacy_session_id,
-                      cipher_suites: cipher_suites)
+      ClientHello.new(random:,
+                      legacy_session_id:,
+                      cipher_suites:)
     end
 
     it 'should be generated' do
@@ -37,6 +37,7 @@ RSpec.describe ClientHello do
       expect(message.legacy_compression_methods).to eq ["\x00"]
       expect(message.extensions).to be_empty
       expect(message.negotiated_tls_1_3?).to be false
+      expect(message.ch_inner?).to be false
     end
 
     it 'should be serialized' do
@@ -83,4 +84,22 @@ RSpec.describe ClientHello do
       expect(message.serialize).to eq TESTBINARY_0_RTT_CLIENT_HELLO
     end
   end
+
+  context 'valid inner client_hello' do
+    let(:message) do
+      cipher_suites = CipherSuites.new([TLS_AES_256_GCM_SHA384,
+                                        TLS_CHACHA20_POLY1305_SHA256,
+                                        TLS_AES_128_GCM_SHA256])
+      ch = ClientHello.new(random: OpenSSL::Random.random_bytes(32),
+                           legacy_session_id: Array.new(32, 0).map(&:chr).join,
+                           cipher_suites:)
+      ch.extensions[Message::ExtensionType::ENCRYPTED_CLIENT_HELLO] \
+        = Message::Extension::ECHClientHello.new_inner
+      ch
+    end
+
+    it 'should generate ClientHelloInner' do
+      expect(message.ch_inner?).to be true
+    end
+  end
 end

data/spec/client_spec.rb

@@ -118,8 +118,8 @@ RSpec.describe Client do
     let(:finished_key) do
       key_schedule = KeySchedule.new(
         shared_secret: TESTBINARY_SHARED_SECRET,
-        cipher_suite: cipher_suite,
-        transcript: transcript
+        cipher_suite:,
+        transcript:
       )
       key_schedule.client_finished_key
     end
@@ -130,19 +130,19 @@ RSpec.describe Client do
       digest = CipherSuite.digest(cipher_suite)
       hash = transcript.hash(digest, EOED)
       signature = Endpoint.sign_finished(
-        digest: digest,
-        finished_key: finished_key,
-        hash: hash
+        digest:,
+        finished_key:,
+        hash:
       )
       hs_wcipher = Cryptograph::Aead.new(
-        cipher_suite: cipher_suite,
+        cipher_suite:,
         write_key: TESTBINARY_CLIENT_FINISHED_WRITE_KEY,
         write_iv: TESTBINARY_CLIENT_FINISHED_WRITE_IV,
         sequence_number: SequenceNumber.new
       )
       client.send(:send_finished, signature, hs_wcipher)
       hs_rcipher = Cryptograph::Aead.new(
-        cipher_suite: cipher_suite,
+        cipher_suite:,
         write_key: TESTBINARY_CLIENT_FINISHED_WRITE_KEY,
         write_iv: TESTBINARY_CLIENT_FINISHED_WRITE_IV,
         sequence_number: SequenceNumber.new
@@ -194,8 +194,8 @@ RSpec.describe Client do
     let(:key_schedule) do
       KeySchedule.new(
         shared_secret: TESTBINARY_SHARED_SECRET,
-        cipher_suite: cipher_suite,
-        transcript: transcript
+        cipher_suite:,
+        transcript:
       )
     end
 
@@ -218,9 +218,9 @@ RSpec.describe Client do
       hash = transcript.hash(digest, CV)
       expect(Endpoint.verified_finished?(
                finished: sf,
-               digest: digest,
+               digest:,
                finished_key: key_schedule.server_finished_key,
-               hash: hash
+               hash:
              )).to be true
     end
 
@@ -228,9 +228,9 @@ RSpec.describe Client do
       digest = CipherSuite.digest(cipher_suite)
       hash = transcript.hash(digest, EOED)
       expect(Endpoint.sign_finished(
-               digest: digest,
+               digest:,
                finished_key: key_schedule.client_finished_key,
-               hash: hash
+               hash:
              )).to eq cf.verify_data
     end
   end