Class: Trezor::Identity
- Inherits:
-
Object
- Object
- Trezor::Identity
- Extended by:
- Forwardable
- Includes:
- Utils
- Defined in:
- lib/trezor/identity.rb
Constant Summary collapse
- CURVE_NIST256 =
Supported ECDSA curves for SSH (GPG not implemented)
'nist256p1'
- CURVE_ED25519 =
'ed25519'
- ECDH_NIST256 =
Supported ECDH curves for GPG (not implemented)
'nist256p1'
- ECDH_CURVE25519 =
'curve25519'
- SSH_NIST256_KEY_PREFIX =
'ecdsa-sha2-'
- SSH_NIST256_CURVE_NAME =
'nistp256'
- SSH_NIST256_KEY_TYPE =
SSH_NIST256_KEY_PREFIX + SSH_NIST256_CURVE_NAME
- SSH_ED25519_KEY_TYPE =
'ssh-ed25519'
Instance Attribute Summary collapse
-
#curve_name ⇒ Object
Returns the value of attribute curve_name.
Instance Method Summary collapse
- #export_public_key ⇒ Object
-
#initialize(identity_string, curve_name = CURVE_NIST256, key = nil) ⇒ Identity
constructor
A new instance of Identity.
- #key ⇒ Object
- #key_name ⇒ Object
- #sign(blob) ⇒ Object
Constructor Details
#initialize(identity_string, curve_name = CURVE_NIST256, key = nil) ⇒ Identity
Returns a new instance of Identity.
30 31 32 33 34 35 |
# File 'lib/trezor/identity.rb', line 30 def initialize(identity_string, curve_name = CURVE_NIST256, key = nil) @uri = URI.parse(identity_string) @uri = URI.parse('ssh://' + identity_string) unless @uri.scheme @curve_name = curve_name @key = key end |
Instance Attribute Details
#curve_name ⇒ Object
Returns the value of attribute curve_name.
28 29 30 |
# File 'lib/trezor/identity.rb', line 28 def curve_name @curve_name end |
Instance Method Details
#export_public_key ⇒ Object
45 46 47 |
# File 'lib/trezor/identity.rb', line 45 def export_public_key "#{key.ssh_type} #{Base64.strict_encode64(key.to_blob).strip} #{key_name}" end |
#key ⇒ Object
37 38 39 |
# File 'lib/trezor/identity.rb', line 37 def key @key ||= load_public_key end |
#key_name ⇒ Object
41 42 43 |
# File 'lib/trezor/identity.rb', line 41 def key_name "<#{@uri.to_s}|#{@curve_name}>" end |
#sign(blob) ⇒ Object
49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
# File 'lib/trezor/identity.rb', line 49 def sign(blob) response = Device.with_session do |device| device.sign_identity( challenge_hidden: blob.to_s, ecdsa_curve_name: @curve_name, identity: { user: user, host: host, proto: proto } ) end return if response.is_a?(Protobuf::Failure) signature = response.signature[1..-1] if key.ssh_type == SSH_NIST256_KEY_TYPE parts = [signature[0..31], signature[32..-1]] signature = Buffer.from(:string, parts.map { |p| "\x00" + p }).to_s end Buffer.from(:string, [key.ssh_type, signature]).to_s end |