Class: OpenID::Server::DiffieHellmanSHA1ServerSession

Inherits:

Object
BaseServerSession
OpenID::Server::DiffieHellmanSHA1ServerSession

show all

Defined in:: lib/openid/server.rb

Overview

An object that knows how to handle association requests with the Diffie-Hellman session type.

See OpenID Specs, Section 8: Establishing Associations <openid.net/specs/openid-authentication-2_0-12.html#associations>

Direct Known Subclasses

DiffieHellmanSHA256ServerSession

Instance Attribute Summary collapse

#consumer_pubkey ⇒ Object

The public key sent by the consumer in the associate request.
#dh ⇒ Object

The Diffie-Hellman algorithm values for this request.
#session_type ⇒ Object readonly

The session_type for this association session.

Class Method Summary collapse

.from_message(message) ⇒ Object

Construct me from OpenID Message.

Instance Method Summary collapse

#answer(secret) ⇒ Object
#initialize(dh, consumer_pubkey) ⇒ DiffieHellmanSHA1ServerSession constructor

A new instance of DiffieHellmanSHA1ServerSession.

Methods inherited from BaseServerSession

#allowed_assoc_type?

Constructor Details

#initialize(dh, consumer_pubkey) ⇒ `DiffieHellmanSHA1ServerSession`

# File 'lib/openid/server.rb', line 209

def initialize(dh, consumer_pubkey)
  super("DH-SHA1", ["HMAC-SHA1"])

  @hash_func = CryptUtil.method(:sha1)
  @dh = dh
  @consumer_pubkey = consumer_pubkey
end

Instance Attribute Details

#consumer_pubkey ⇒ `Object`

The public key sent by the consumer in the associate request



204
205
206

# File 'lib/openid/server.rb', line 204

def consumer_pubkey
  @consumer_pubkey
end

#dh ⇒ `Object`

The Diffie-Hellman algorithm values for this request



201
202
203

# File 'lib/openid/server.rb', line 201

def dh
  @dh
end

#session_type ⇒ `Object` (readonly)

The session_type for this association session.



207
208
209

# File 'lib/openid/server.rb', line 207

def session_type
  @session_type
end

Class Method Details

.from_message(message) ⇒ `Object`

Construct me from OpenID Message

Raises ProtocolError when parameters required to establish the session are missing.

# File 'lib/openid/server.rb', line 221

def self.from_message(message)
  dh_modulus = message.get_arg(OPENID_NS, "dh_modulus")
  dh_gen = message.get_arg(OPENID_NS, "dh_gen")
  if (!dh_modulus and dh_gen) or
      (!dh_gen and dh_modulus)

    missing = if !dh_modulus
      "modulus"
    else
      "generator"
    end

    raise ProtocolError.new(
      message,
      format(
        "If non-default modulus or generator is " +
                            "supplied, both must be supplied. Missing %s",
        missing,
      ),
    )
  end

  if dh_modulus or dh_gen
    dh_modulus = CryptUtil.base64_to_num(dh_modulus)
    dh_gen = CryptUtil.base64_to_num(dh_gen)
    dh = DiffieHellman.new(dh_modulus, dh_gen)
  else
    dh = DiffieHellman.from_defaults
  end

  consumer_pubkey = message.get_arg(OPENID_NS, "dh_consumer_public")
  unless consumer_pubkey
    raise ProtocolError.new(
      message,
      format(
        "Public key for DH-SHA1 session " +
                            "not found in message %s",
        message,
      ),
    )
  end

  consumer_pubkey = CryptUtil.base64_to_num(consumer_pubkey)

  new(dh, consumer_pubkey)
end

Instance Method Details

#answer(secret) ⇒ `Object`

# File 'lib/openid/server.rb', line 268

def answer(secret)
  mac_key = @dh.xor_secret(
    @hash_func,
    @consumer_pubkey,
    secret,
  )
  {
    "dh_server_public" => CryptUtil.num_to_base64(@dh.public),
    "enc_mac_key" => Util.to_base64(mac_key),
  }
end