Class: Trezor::Identity

Inherits:

Object

• Object
• Trezor::Identity

Extended by:

Forwardable

Includes:

Utils

Defined in:

lib/trezor/identity.rb

Constant Summary

CURVE_NIST256 =

Supported ECDSA curves for SSH (GPG not implemented)

'nist256p1'

CURVE_ED25519 =

'ed25519'

ECDH_NIST256 =

Supported ECDH curves for GPG (not implemented)

'nist256p1'

ECDH_CURVE25519 =

'curve25519'

SSH_NIST256_KEY_PREFIX =

'ecdsa-sha2-'

SSH_NIST256_CURVE_NAME =

'nistp256'

SSH_NIST256_KEY_TYPE =

SSH_NIST256_KEY_PREFIX + SSH_NIST256_CURVE_NAME

SSH_ED25519_KEY_TYPE =

'ssh-ed25519'

Instance Attribute Summary

• #curve_name ⇒ Object

  Returns the value of attribute curve_name.

Instance Method Summary

• #export_public_key ⇒ Object
• #initialize(identity_string, curve_name = CURVE_NIST256, key = nil) ⇒ Identity constructor

  A new instance of Identity.

• #key ⇒ Object
• #key_name ⇒ Object
• #sign(blob) ⇒ Object

Constructor Details

#initialize(identity_string, curve_name = CURVE_NIST256, key = nil) ⇒ Identity

Returns a new instance of Identity.

# File 'lib/trezor/identity.rb', line 30

def initialize(identity_string, curve_name = CURVE_NIST256, key = nil)
  @uri = URI.parse(identity_string)
  @uri = URI.parse('ssh://' + identity_string) unless @uri.scheme
  @curve_name = curve_name
  @key = key
end

Instance Attribute Details

#curve_name ⇒ Object

Returns the value of attribute curve_name.

# File 'lib/trezor/identity.rb', line 28

def curve_name
  @curve_name
end

Instance Method Details

#export_public_key ⇒ Object

# File 'lib/trezor/identity.rb', line 45

def export_public_key
  "#{key.ssh_type} #{Base64.strict_encode64(key.to_blob).strip} #{key_name}"
end

#key ⇒ Object

# File 'lib/trezor/identity.rb', line 37

def key
  @key ||= load_public_key
end

#key_name ⇒ Object

# File 'lib/trezor/identity.rb', line 41

def key_name
  "<#{@uri.to_s}|#{@curve_name}>"
end

#sign(blob) ⇒ Object

# File 'lib/trezor/identity.rb', line 49

def sign(blob)
  response = Device.with_session do |device|
    device.sign_identity(
      challenge_hidden: blob.to_s, ecdsa_curve_name: @curve_name,
      identity: { user: user, host: host, proto: proto }
    )
  end
  return if response.is_a?(Protobuf::Failure)
  signature = response.signature[1..-1]
  if key.ssh_type == SSH_NIST256_KEY_TYPE
    parts = [signature[0..31], signature[32..-1]]
    signature = Buffer.from(:string, parts.map { |p| "\x00" + p }).to_s
  end
  Buffer.from(:string, [key.ssh_type, signature]).to_s
end