tttls1.3 0.2.6 → 0.2.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/tttls1.3/client.rb +7 -8
- data/lib/tttls1.3/connection.rb +38 -0
- data/lib/tttls1.3/key_schedule.rb +18 -17
- data/lib/tttls1.3/server.rb +1 -0
- data/lib/tttls1.3/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c4d612bec845851394778f851e83cd26a402c28b28282eadf1630684781dbfad
|
4
|
+
data.tar.gz: 2b2ac159212b899dfd2f0281b756469033ab58ac57276a2c834166e9e1c1a659
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 902358ead54f4e37bcb6921f8ac26cb0d365ff90c96f8b1d148286a08a057af719989ed0b24d34e99e646965ca7dbfbcdf2b07d9f28b84d3e00e62d904d8ff3f
|
7
|
+
data.tar.gz: 33781ec8908342d9aa0670c1ce82516bd7a0fafbed7f49f470765b0d053883cee66b913fc14c060c83abe82dca863653ec7632efcbbcbc4b84dce577eef21764
|
data/lib/tttls1.3/client.rb
CHANGED
@@ -294,7 +294,7 @@ module TTTLS13
|
|
294
294
|
@state = ClientState::WAIT_CERT_CR
|
295
295
|
@state = ClientState::WAIT_FINISHED unless psk.nil?
|
296
296
|
when ClientState::WAIT_CERT_CR
|
297
|
-
logger.debug('ClientState::
|
297
|
+
logger.debug('ClientState::WAIT_CERT_CR')
|
298
298
|
|
299
299
|
message = recv_message(receivable_ccs: true, cipher: hs_rcipher)
|
300
300
|
if message.msg_type == Message::HandshakeType::CERTIFICATE
|
@@ -310,14 +310,14 @@ module TTTLS13
|
|
310
310
|
terminate(:unexpected_message)
|
311
311
|
end
|
312
312
|
when ClientState::WAIT_CERT
|
313
|
-
logger.debug('ClientState::
|
313
|
+
logger.debug('ClientState::WAIT_CERT')
|
314
314
|
|
315
315
|
ct = transcript[CT] = recv_certificate(hs_rcipher)
|
316
316
|
terminate_invalid_certificate(ct, transcript[CH])
|
317
317
|
|
318
318
|
@state = ClientState::WAIT_CV
|
319
319
|
when ClientState::WAIT_CV
|
320
|
-
logger.debug('ClientState::
|
320
|
+
logger.debug('ClientState::WAIT_CV')
|
321
321
|
|
322
322
|
cv = transcript[CV] = recv_certificate_verify(hs_rcipher)
|
323
323
|
digest = CipherSuite.digest(@cipher_suite)
|
@@ -329,7 +329,7 @@ module TTTLS13
|
|
329
329
|
|
330
330
|
@state = ClientState::WAIT_FINISHED
|
331
331
|
when ClientState::WAIT_FINISHED
|
332
|
-
logger.debug('ClientState::
|
332
|
+
logger.debug('ClientState::WAIT_FINISHED')
|
333
333
|
|
334
334
|
sf = transcript[SF] = recv_finished(hs_rcipher)
|
335
335
|
digest = CipherSuite.digest(@cipher_suite)
|
@@ -361,6 +361,7 @@ module TTTLS13
|
|
361
361
|
key_schedule.server_application_write_key,
|
362
362
|
key_schedule.server_application_write_iv
|
363
363
|
)
|
364
|
+
@exporter_master_secret = key_schedule.exporter_master_secret
|
364
365
|
@resumption_master_secret = key_schedule.resumption_master_secret
|
365
366
|
@state = ClientState::CONNECTED
|
366
367
|
when ClientState::CONNECTED
|
@@ -456,10 +457,8 @@ module TTTLS13
|
|
456
457
|
# @return [String]
|
457
458
|
def gen_psk_from_nst(resumption_master_secret, ticket_nonce, digest)
|
458
459
|
hash_len = OpenSSL::Digest.new(digest).digest_length
|
459
|
-
|
460
|
-
|
461
|
-
info += ticket_nonce.prefix_uint8_length
|
462
|
-
KeySchedule.hkdf_expand(resumption_master_secret, info, hash_len, digest)
|
460
|
+
KeySchedule.hkdf_expand_label(resumption_master_secret, 'resumption',
|
461
|
+
ticket_nonce, hash_len, digest)
|
463
462
|
end
|
464
463
|
|
465
464
|
# @return [TTTLS13::Message::Extensions]
|
data/lib/tttls1.3/connection.rb
CHANGED
@@ -24,6 +24,7 @@ module TTTLS13
|
|
24
24
|
@state = 0 # ClientState or ServerState
|
25
25
|
@send_record_size = Message::DEFAULT_RECORD_SIZE_LIMIT
|
26
26
|
@alpn = nil # String
|
27
|
+
@exporter_master_secret = nil # String
|
27
28
|
end
|
28
29
|
|
29
30
|
# @raise [TTTLS13::Error::ConfigError]
|
@@ -101,8 +102,45 @@ module TTTLS13
|
|
101
102
|
@alpn
|
102
103
|
end
|
103
104
|
|
105
|
+
# @param label [String]
|
106
|
+
# @param context [String]
|
107
|
+
# @param key_length [Integer]
|
108
|
+
#
|
109
|
+
# @return [String, nil]
|
110
|
+
def exporter(label, context, key_length)
|
111
|
+
return nil if @exporter_master_secret.nil? || @cipher_suite.nil?
|
112
|
+
|
113
|
+
digest = CipherSuite.digest(@cipher_suite)
|
114
|
+
do_exporter(@exporter_master_secret, digest, label, context, key_length)
|
115
|
+
end
|
116
|
+
|
104
117
|
private
|
105
118
|
|
119
|
+
# @param secret [String] (early_)exporter_master_secret
|
120
|
+
# @param digest [String] name of digest algorithm
|
121
|
+
# @param label [String]
|
122
|
+
# @param context [String]
|
123
|
+
# @param key_length [Integer]
|
124
|
+
#
|
125
|
+
# @return [String]
|
126
|
+
def do_exporter(secret, digest, label, context, key_length)
|
127
|
+
derived_secret = KeySchedule.hkdf_expand_label(
|
128
|
+
secret,
|
129
|
+
label,
|
130
|
+
OpenSSL::Digest.digest(digest, ''),
|
131
|
+
OpenSSL::Digest.new(digest).digest_length,
|
132
|
+
digest
|
133
|
+
)
|
134
|
+
|
135
|
+
KeySchedule.hkdf_expand_label(
|
136
|
+
derived_secret,
|
137
|
+
'exporter',
|
138
|
+
OpenSSL::Digest.digest(digest, context),
|
139
|
+
key_length,
|
140
|
+
digest
|
141
|
+
)
|
142
|
+
end
|
143
|
+
|
106
144
|
# @param cipher_suite [TTTLS13::CipherSuite]
|
107
145
|
# @param write_key [String]
|
108
146
|
# @param write_iv [String]
|
@@ -33,14 +33,14 @@ module TTTLS13
|
|
33
33
|
def binder_key_ext
|
34
34
|
hash = OpenSSL::Digest.digest(@digest, '')
|
35
35
|
base_key = derive_secret(early_secret, 'ext binder', hash)
|
36
|
-
hkdf_expand_label(base_key, 'finished', '', @hash_len)
|
36
|
+
self.class.hkdf_expand_label(base_key, 'finished', '', @hash_len, @digest)
|
37
37
|
end
|
38
38
|
|
39
39
|
# @return [String]
|
40
40
|
def binder_key_res
|
41
41
|
hash = OpenSSL::Digest.digest(@digest, '')
|
42
42
|
base_key = derive_secret(early_secret, 'res binder', hash)
|
43
|
-
hkdf_expand_label(base_key, 'finished', '', @hash_len)
|
43
|
+
self.class.hkdf_expand_label(base_key, 'finished', '', @hash_len, @digest)
|
44
44
|
end
|
45
45
|
|
46
46
|
# @return [String]
|
@@ -52,13 +52,13 @@ module TTTLS13
|
|
52
52
|
# @return [String]
|
53
53
|
def early_data_write_key
|
54
54
|
secret = client_early_traffic_secret
|
55
|
-
hkdf_expand_label(secret, 'key', '', @key_len)
|
55
|
+
self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
|
56
56
|
end
|
57
57
|
|
58
58
|
# @return [String]
|
59
59
|
def early_data_write_iv
|
60
60
|
secret = client_early_traffic_secret
|
61
|
-
hkdf_expand_label(secret, 'iv', '', @iv_len)
|
61
|
+
self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
|
62
62
|
end
|
63
63
|
|
64
64
|
# @return [String]
|
@@ -87,19 +87,19 @@ module TTTLS13
|
|
87
87
|
# @return [String]
|
88
88
|
def client_finished_key
|
89
89
|
secret = client_handshake_traffic_secret
|
90
|
-
hkdf_expand_label(secret, 'finished', '', @hash_len)
|
90
|
+
self.class.hkdf_expand_label(secret, 'finished', '', @hash_len, @digest)
|
91
91
|
end
|
92
92
|
|
93
93
|
# @return [String]
|
94
94
|
def client_handshake_write_key
|
95
95
|
secret = client_handshake_traffic_secret
|
96
|
-
hkdf_expand_label(secret, 'key', '', @key_len)
|
96
|
+
self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
|
97
97
|
end
|
98
98
|
|
99
99
|
# @return [String]
|
100
100
|
def client_handshake_write_iv
|
101
101
|
secret = client_handshake_traffic_secret
|
102
|
-
hkdf_expand_label(secret, 'iv', '', @iv_len)
|
102
|
+
self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
|
103
103
|
end
|
104
104
|
|
105
105
|
# @return [String]
|
@@ -111,19 +111,19 @@ module TTTLS13
|
|
111
111
|
# @return [String]
|
112
112
|
def server_finished_key
|
113
113
|
secret = server_handshake_traffic_secret
|
114
|
-
hkdf_expand_label(secret, 'finished', '', @hash_len)
|
114
|
+
self.class.hkdf_expand_label(secret, 'finished', '', @hash_len, @digest)
|
115
115
|
end
|
116
116
|
|
117
117
|
# @return [String]
|
118
118
|
def server_handshake_write_key
|
119
119
|
secret = server_handshake_traffic_secret
|
120
|
-
hkdf_expand_label(secret, 'key', '', @key_len)
|
120
|
+
self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
|
121
121
|
end
|
122
122
|
|
123
123
|
# @return [String]
|
124
124
|
def server_handshake_write_iv
|
125
125
|
secret = server_handshake_traffic_secret
|
126
|
-
hkdf_expand_label(secret, 'iv', '', @iv_len)
|
126
|
+
self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
|
127
127
|
end
|
128
128
|
|
129
129
|
# @return [String]
|
@@ -147,13 +147,13 @@ module TTTLS13
|
|
147
147
|
# @return [String]
|
148
148
|
def client_application_write_key
|
149
149
|
secret = client_application_traffic_secret
|
150
|
-
hkdf_expand_label(secret, 'key', '', @key_len)
|
150
|
+
self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
|
151
151
|
end
|
152
152
|
|
153
153
|
# @return [String]
|
154
154
|
def client_application_write_iv
|
155
155
|
secret = client_application_traffic_secret
|
156
|
-
hkdf_expand_label(secret, 'iv', '', @iv_len)
|
156
|
+
self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
|
157
157
|
end
|
158
158
|
|
159
159
|
# @return [String]
|
@@ -165,13 +165,13 @@ module TTTLS13
|
|
165
165
|
# @return [String]
|
166
166
|
def server_application_write_key
|
167
167
|
secret = server_application_traffic_secret
|
168
|
-
hkdf_expand_label(secret, 'key', '', @key_len)
|
168
|
+
self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
|
169
169
|
end
|
170
170
|
|
171
171
|
# @return [String]
|
172
172
|
def server_application_write_iv
|
173
173
|
secret = server_application_traffic_secret
|
174
|
-
hkdf_expand_label(secret, 'iv', '', @iv_len)
|
174
|
+
self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
|
175
175
|
end
|
176
176
|
|
177
177
|
# @return [String]
|
@@ -198,13 +198,14 @@ module TTTLS13
|
|
198
198
|
# @param label [String]
|
199
199
|
# @param context [String]
|
200
200
|
# @param length [Integer]
|
201
|
+
# @param digest [String] name of digest algorithm
|
201
202
|
#
|
202
203
|
# @return [String]
|
203
|
-
def hkdf_expand_label(secret, label, context, length)
|
204
|
+
def self.hkdf_expand_label(secret, label, context, length, digest)
|
204
205
|
binary = length.to_uint16
|
205
206
|
binary += ('tls13 ' + label).prefix_uint8_length
|
206
207
|
binary += context.prefix_uint8_length
|
207
|
-
|
208
|
+
hkdf_expand(secret, binary, length, digest)
|
208
209
|
end
|
209
210
|
|
210
211
|
# @param secret [String]
|
@@ -235,7 +236,7 @@ module TTTLS13
|
|
235
236
|
#
|
236
237
|
# @return [String]
|
237
238
|
def derive_secret(secret, label, context)
|
238
|
-
hkdf_expand_label(secret, label, context, @hash_len)
|
239
|
+
self.class.hkdf_expand_label(secret, label, context, @hash_len, @digest)
|
239
240
|
end
|
240
241
|
end
|
241
242
|
# rubocop: enable Metrics/ClassLength
|
data/lib/tttls1.3/server.rb
CHANGED
@@ -266,6 +266,7 @@ module TTTLS13
|
|
266
266
|
key_schedule.client_application_write_key,
|
267
267
|
key_schedule.client_application_write_iv
|
268
268
|
)
|
269
|
+
@exporter_master_secret = key_schedule.exporter_master_secret
|
269
270
|
@state = ServerState::CONNECTED
|
270
271
|
when ServerState::CONNECTED
|
271
272
|
logger.debug('ServerState::CONNECTED')
|
data/lib/tttls1.3/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tttls1.3
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- thekuwayama
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-07-
|
11
|
+
date: 2019-07-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|