Class: TTTLS13::Cryptograph::Aead

Inherits:

Object

• Object
• TTTLS13::Cryptograph::Aead

Defined in:

lib/tttls1.3/cryptograph/aead.rb

Instance Attribute Summary

• #auth_tag_len ⇒ Object readonly

  Returns the value of attribute auth_tag_len.

Instance Method Summary

• #decrypt(encrypted_record, auth_data) ⇒ String, TTTLS13::Message::ContentType

  NOTE: AEAD-Decrypt(peer_write_key, nonce, additional_data, AEADEncrypted).

• #encrypt(content, type) ⇒ String

  NOTE: AEAD-Encrypt(write_key, nonce, additional_data, plaintext).

• #initialize(cipher_suite:, write_key:, write_iv:, sequence_number:, length_of_padding: 0) ⇒ Aead constructor

  A new instance of Aead.

• #tlsplaintext_length_limit(record_size_limit) ⇒ Integer

  NOTE: struct { opaque content; ContentType type; uint8 zeros; } TLSInnerPlaintext;.

Constructor Details

#initialize(cipher_suite:, write_key:, write_iv:, sequence_number:, length_of_padding: 0) ⇒ Aead

Returns a new instance of Aead.

Parameters:

• cipher_suite (TTTLS13::CipherSuite)
• write_key (String)
• write_iv (String)
• sequence_number (String) —

  uint64

• length_of_padding (Integer) (defaults to: 0)

# File 'lib/tttls1.3/cryptograph/aead.rb', line 15

def initialize(cipher_suite:, write_key:, write_iv:,
               sequence_number:, length_of_padding: 0)
  @cipher_suite = cipher_suite
  case cipher_suite
  when CipherSuite::TLS_AES_128_GCM_SHA256
    @cipher = OpenSSL::Cipher::AES128.new(:GCM)
  when CipherSuite::TLS_AES_256_GCM_SHA384
    @cipher = OpenSSL::Cipher::AES256.new(:GCM)
  when CipherSuite::TLS_CHACHA20_POLY1305_SHA256
    @cipher = OpenSSL::Cipher.new('chacha20-poly1305')
  else
    # Note:
    # not supported
    # CipherSuite::TLS_AES_128_CCM_SHA256
    # CipherSuite::TLS_AES_128_CCM_8_SHA256
    raise Error::ErrorAlerts, :internal_error
  end
  @write_key = write_key
  @write_iv = write_iv
  @sequence_number = sequence_number
  @length_of_padding = length_of_padding
  @auth_tag_len = CipherSuite.auth_tag_len(@cipher_suite)
end

Instance Attribute Details

#auth_tag_len ⇒ Object (readonly)

Returns the value of attribute auth_tag_len.

# File 'lib/tttls1.3/cryptograph/aead.rb', line 8

def auth_tag_len
  @auth_tag_len
end

Instance Method Details

#decrypt(encrypted_record, auth_data) ⇒ String, TTTLS13::Message::ContentType

NOTE:

AEAD-Decrypt(peer_write_key, nonce,
             additional_data, AEADEncrypted)

Parameters:

• encrypted_record (String)
• auth_data (String)

Returns:

• (String)
• (TTTLS13::Message::ContentType)

Raises:

• (OpenSSL::Cipher::CipherError)

# File 'lib/tttls1.3/cryptograph/aead.rb', line 67

def decrypt(encrypted_record, auth_data)
  decipher = reset_decipher
  auth_tag = encrypted_record[-@auth_tag_len..-1]
  decipher.auth_tag = auth_tag
  decipher.auth_data = auth_data # record header of TLSCiphertext
  clear = decipher.update(encrypted_record[0...-@auth_tag_len])
  decipher.final
  zeros_len = scan_zeros(clear)
  postfix_len = 1 + zeros_len # type || zeros
  @sequence_number.succ

  [clear[0...-postfix_len], clear[-postfix_len]]
end

#encrypt(content, type) ⇒ String

NOTE:

AEAD-Encrypt(write_key, nonce, additional_data, plaintext)

Parameters:

• content (String)
• type (TTTLS13::Message::ContentType)

Returns:

• (String)

# File 'lib/tttls1.3/cryptograph/aead.rb', line 46

def encrypt(content, type)
  cipher = reset_cipher
  plaintext = content + type + "\x00" * @length_of_padding
  cipher.auth_data = additional_data(plaintext.length)
  encrypted_data = cipher.update(plaintext) + cipher.final
  @sequence_number.succ

  encrypted_data + cipher.auth_tag
end

#tlsplaintext_length_limit(record_size_limit) ⇒ Integer

NOTE:

struct {
    opaque content[TLSPlaintext.length];
    ContentType type;
    uint8 zeros[length_of_padding];
} TLSInnerPlaintext;

Parameters:

• record_size_limit (Integer)

Returns:

• (Integer)

# File 'lib/tttls1.3/cryptograph/aead.rb', line 91

def tlsplaintext_length_limit(record_size_limit)
  record_size_limit - 1 - @length_of_padding
end