Class: Dropzone::Session

Inherits:
Object
  • Object
show all
Defined in:
lib/dropzone/session.rb

Defined Under Namespace

Classes: DerAlreadyExists, InvalidCommunication, InvalidWithReceiver, MissingReceiver, SessionInvalid, Unauthenticated

Constant Summary collapse

CIPHER_ALGORITHM = 
'AES-256-CBC'

Class Attribute Summary collapse

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(priv_key, session_secret, options = {}) ⇒ Session

Returns a new instance of Session.



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
# File 'lib/dropzone/session.rb', line 14

def initialize(priv_key, session_secret, options = {})
  @priv_key, @session_key = priv_key, OpenSSL::BN.new(session_secret, 16)
  @end_block = options[:end_block] if options.has_key? :end_block

  # Either you attach to an existing session, or create a new one
  case 
    when options.has_key?(:receiver_addr)
      # New Session:
      @receiver_addr = options[:receiver_addr]
    when options.has_key?(:with)
      # Existing Session:
      raise InvalidWithReceiver unless options[:with].receiver_addr == sender_addr
      @with = options[:with]
      @receiver_addr = @with.sender_addr
    else
      raise MissingReceiver
  end
end

Class Attribute Details

.blockchainObject 



151
152
153
 
# File 'lib/dropzone/session.rb', line 151

def blockchain
  @blockchain || Dropzone::RecordBase.blockchain
end

Instance Attribute Details

#end_blockObject

Returns the value of attribute end_block.



12
13
14
 
# File 'lib/dropzone/session.rb', line 12

def end_block
  @end_block
end

#priv_keyObject

Returns the value of attribute priv_key.



12
13
14
 
# File 'lib/dropzone/session.rb', line 12

def priv_key
  @priv_key
end

#receiver_addrObject

Returns the value of attribute receiver_addr.



12
13
14
 
# File 'lib/dropzone/session.rb', line 12

def receiver_addr
  @receiver_addr
end

#session_keyObject

Returns the value of attribute session_key.



12
13
14
 
# File 'lib/dropzone/session.rb', line 12

def session_key
  @session_key
end

#withObject

Returns the value of attribute with.



12
13
14
 
# File 'lib/dropzone/session.rb', line 12

def with
  @with
end

Class Method Details

.all(addr) ⇒ Object 



155
156
157
 
# File 'lib/dropzone/session.rb', line 155

def all(addr)
  blockchain.messages_by_addr(addr, type: 'COMMUN').find_all(&:is_init?)
end

Instance Method Details

#authenticate!(der = nil) ⇒ Object

Raises:



59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
# File 'lib/dropzone/session.rb', line 59

def authenticate!(der = nil)
  is_init = (communication_init.nil? || authenticated?)

  # If we're already authenticated, we'll try to re-initialize. Presumably
  # one would want to do this if they lost a secret key, or that key were
  # somehow compromised
  raise DerAlreadyExists unless der.nil? if !is_init

  der ||= (with) ? with.der : 1024

  dh = OpenSSL::PKey::DH.new der

  dh.priv_key = session_key
  dh.generate_key! 

  communicate! session_pkey: [dh.pub_key.to_s(16)].pack('H*'),
    der: (is_init) ? dh.public_key.to_der : nil
end

#authenticated?Boolean

Returns:

  • (Boolean) 


92
93
94
 
# File 'lib/dropzone/session.rb', line 92

def authenticated?
  communication_init && communication_auth
end

#blockchainObject 



33
 
# File 'lib/dropzone/session.rb', line 33

def blockchain; self.class.blockchain; end

#communication_authObject

This is the response to the init



102
103
104
105
106
107
 
# File 'lib/dropzone/session.rb', line 102

def communication_auth
  # NOTE that this returns the newest auth, or nil if we encounter an init
  commun_messages.find{|c| 
    break if c.is_init?
    c.is_auth? }
end

#communication_initObject 



96
97
98
99
 
# File 'lib/dropzone/session.rb', line 96

def communication_init
  # NOTE that this returns the newest initialization
  commun_messages.find(&:is_init?)
end

#communicationsObject 



114
115
116
117
118
119
120
121
122
123
 
# File 'lib/dropzone/session.rb', line 114

def communications
  if authenticated?
    communications = commun_messages(
      start_block: communication_init.block_height ).reject(&:is_auth?)
    communications.each{|c| c.symm_key = symm_key}    
    communications
  else
    []
  end
end

#send(contents, iv = nil) ⇒ Object Also known as: <<

Iv passing is supported only for the purpose of making tests completely deterministic

Raises:



38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/dropzone/session.rb', line 38

def send(contents, iv = nil)
  raise Unauthenticated unless authenticated?
 
  # Cipher Setup:
  aes = OpenSSL::Cipher::Cipher.new CIPHER_ALGORITHM
  aes.encrypt
  
  iv ||= aes.random_iv
  aes.iv = iv

  aes.key = symm_key

  # Encrypt Time:
  cipher = aes.update contents
  cipher << aes.final

  communicate! contents: cipher.to_s, iv: iv
end

#sender_addrObject 



34
 
# File 'lib/dropzone/session.rb', line 34

def sender_addr; blockchain.privkey_to_addr priv_key; end

#symm_keyObject 



78
79
80
81
82
83
84
85
86
87
88
89
90
 
# File 'lib/dropzone/session.rb', line 78

def symm_key
  return @symm_key if @symm_key

  # If we can't compute, then it's ok to merely indicate this:
  return nil unless communication_init && communication_auth

  dh = OpenSSL::PKey::DH.new communication_init.der
  dh.priv_key = session_key
  dh.generate_key!

  @symm_key = dh.compute_key OpenSSL::BN.new(
    their_pkey.session_pkey.unpack('H*').first, 16)
end

#their_pkeyObject 



109
110
111
112
 
# File 'lib/dropzone/session.rb', line 109

def their_pkey
  [communication_init, communication_auth].find{|c| 
    c.sender_addr == receiver_addr && c.receiver_addr == sender_addr }
end