Class: TTTLS13::KeySchedule

Inherits:
Object
  • Object
show all
Defined in:
lib/tttls1.3/key_schedule.rb

Overview

rubocop: disable Metrics/ClassLength

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(psk: nil, shared_secret:, cipher_suite:, transcript:) ⇒ KeySchedule

Returns a new instance of KeySchedule.

Parameters:



12
13
14
15
16
17
18
19
20
 
# File 'lib/tttls1.3/key_schedule.rb', line 12

def initialize(psk: nil, shared_secret:, cipher_suite:, transcript:)
  @digest = CipherSuite.digest(cipher_suite)
  @hash_len = CipherSuite.hash_len(cipher_suite)
  @key_len = CipherSuite.key_len(cipher_suite)
  @iv_len = CipherSuite.iv_len(cipher_suite)
  @psk = psk || "\x00" * @hash_len
  @shared_secret = shared_secret
  @transcript = transcript
end

Class Method Details

.hkdf_expand(secret, info, length, digest) ⇒ Object

Parameters:

  • secret (String)
  • info (String)
  • length (Integer)
  • digest (String)

    name of digest algorithm

  • (String)

Raises:



219
220
221
222
223
224
225
226
227
228
229
230
231
 
# File 'lib/tttls1.3/key_schedule.rb', line 219

def self.hkdf_expand(secret, info, length, digest)
  hash_len = OpenSSL::Digest.new(digest).digest_length
  raise Error::ErrorAlerts, :internal_error if length > 255 * hash_len

  n = (length.to_f / hash_len).ceil
  okm = ''
  t = ''
  (1..n).each do |i|
    t = OpenSSL::HMAC.digest(digest, secret, t + info + i.chr)
    okm += t
  end
  okm[0...length]
end

.hkdf_expand_label(secret, label, context, length, digest) ⇒ String

Parameters:

  • secret (String)
  • label (String)
  • context (String)
  • length (Integer)
  • digest (String)

    name of digest algorithm

Returns:

  • (String) 


204
205
206
207
208
209
 
# File 'lib/tttls1.3/key_schedule.rb', line 204

def self.hkdf_expand_label(secret, label, context, length, digest)
  binary = length.to_uint16
  binary += ('tls13 ' + label).prefix_uint8_length
  binary += context.prefix_uint8_length
  hkdf_expand(secret, binary, length, digest)
end

Instance Method Details

#binder_key_extString

Returns:

  • (String) 


33
34
35
36
37
 
# File 'lib/tttls1.3/key_schedule.rb', line 33

def binder_key_ext
  hash = OpenSSL::Digest.digest(@digest, '')
  base_key = derive_secret(early_secret, 'ext binder', hash)
  self.class.hkdf_expand_label(base_key, 'finished', '', @hash_len, @digest)
end

#binder_key_resString

Returns:

  • (String) 


40
41
42
43
44
 
# File 'lib/tttls1.3/key_schedule.rb', line 40

def binder_key_res
  hash = OpenSSL::Digest.digest(@digest, '')
  base_key = derive_secret(early_secret, 'res binder', hash)
  self.class.hkdf_expand_label(base_key, 'finished', '', @hash_len, @digest)
end

#client_application_traffic_secretString

Returns:

  • (String) 


142
143
144
145
 
# File 'lib/tttls1.3/key_schedule.rb', line 142

def client_application_traffic_secret
  hash = @transcript.hash(@digest, SF)
  derive_secret(master_secret, 'c ap traffic', hash)
end

#client_application_write_ivString

Returns:

  • (String) 


154
155
156
157
 
# File 'lib/tttls1.3/key_schedule.rb', line 154

def client_application_write_iv
  secret = client_application_traffic_secret
  self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
end

#client_application_write_keyString

Returns:

  • (String) 


148
149
150
151
 
# File 'lib/tttls1.3/key_schedule.rb', line 148

def client_application_write_key
  secret = client_application_traffic_secret
  self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
end

#client_early_traffic_secretString

Returns:

  • (String) 


47
48
49
50
 
# File 'lib/tttls1.3/key_schedule.rb', line 47

def client_early_traffic_secret
  hash = @transcript.hash(@digest, CH)
  derive_secret(early_secret, 'c e traffic', hash)
end

#client_finished_keyString

Returns:

  • (String) 


88
89
90
91
 
# File 'lib/tttls1.3/key_schedule.rb', line 88

def client_finished_key
  secret = client_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'finished', '', @hash_len, @digest)
end

#client_handshake_traffic_secretString

Returns:

  • (String) 


82
83
84
85
 
# File 'lib/tttls1.3/key_schedule.rb', line 82

def client_handshake_traffic_secret
  hash = @transcript.hash(@digest, SH)
  derive_secret(handshake_secret, 'c hs traffic', hash)
end

#client_handshake_write_ivString

Returns:

  • (String) 


100
101
102
103
 
# File 'lib/tttls1.3/key_schedule.rb', line 100

def client_handshake_write_iv
  secret = client_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
end

#client_handshake_write_keyString

Returns:

  • (String) 


94
95
96
97
 
# File 'lib/tttls1.3/key_schedule.rb', line 94

def client_handshake_write_key
  secret = client_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
end

#derive_secret(secret, label, context) ⇒ String

Parameters:

  • secret (String)
  • label (String)
  • context (String)

Returns:

  • (String) 


238
239
240
 
# File 'lib/tttls1.3/key_schedule.rb', line 238

def derive_secret(secret, label, context)
  self.class.hkdf_expand_label(secret, label, context, @hash_len, @digest)
end

#early_data_write_ivString

Returns:

  • (String) 


59
60
61
62
 
# File 'lib/tttls1.3/key_schedule.rb', line 59

def early_data_write_iv
  secret = client_early_traffic_secret
  self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
end

#early_data_write_keyString

Returns:

  • (String) 


53
54
55
56
 
# File 'lib/tttls1.3/key_schedule.rb', line 53

def early_data_write_key
  secret = client_early_traffic_secret
  self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
end

#early_exporter_master_secretString

Returns:

  • (String) 


65
66
67
68
 
# File 'lib/tttls1.3/key_schedule.rb', line 65

def early_exporter_master_secret
  hash = OpenSSL::Digest.digest(@digest, '')
  derive_secret(early_secret, 'e exp master', hash)
end

#early_saltString

Returns:

  • (String) 


23
24
25
 
# File 'lib/tttls1.3/key_schedule.rb', line 23

def early_salt
  "\x00" * @hash_len
end

#early_secretString

Returns:

  • (String) 


28
29
30
 
# File 'lib/tttls1.3/key_schedule.rb', line 28

def early_secret
  hkdf_extract(@psk, early_salt)
end

#exporter_master_secretString

Returns:

  • (String) 


178
179
180
181
 
# File 'lib/tttls1.3/key_schedule.rb', line 178

def exporter_master_secret
  hash = @transcript.hash(@digest, SF)
  derive_secret(master_secret, 'exp master', hash)
end

#handshake_saltString

Returns:

  • (String) 


71
72
73
74
 
# File 'lib/tttls1.3/key_schedule.rb', line 71

def handshake_salt
  hash = OpenSSL::Digest.digest(@digest, '')
  derive_secret(early_secret, 'derived', hash)
end

#handshake_secretString

Returns:

  • (String) 


77
78
79
 
# File 'lib/tttls1.3/key_schedule.rb', line 77

def handshake_secret
  hkdf_extract(@shared_secret, handshake_salt)
end

#hkdf_extract(ikm, salt) ⇒ String

Parameters:

  • ikm (String)
  • salt (String)

Returns:

  • (String) 


193
194
195
 
# File 'lib/tttls1.3/key_schedule.rb', line 193

def hkdf_extract(ikm, salt)
  OpenSSL::HMAC.digest(@digest, salt, ikm)
end

#master_saltString

Returns:

  • (String) 


130
131
132
133
 
# File 'lib/tttls1.3/key_schedule.rb', line 130

def master_salt
  hash = OpenSSL::Digest.digest(@digest, '')
  derive_secret(handshake_secret, 'derived', hash)
end

#master_secretString

Returns:

  • (String) 


136
137
138
139
 
# File 'lib/tttls1.3/key_schedule.rb', line 136

def master_secret
  ikm = "\x00" * @hash_len
  hkdf_extract(ikm, master_salt)
end

#resumption_master_secretString

Returns:

  • (String) 


184
185
186
187
 
# File 'lib/tttls1.3/key_schedule.rb', line 184

def resumption_master_secret
  hash = @transcript.hash(@digest, CF)
  derive_secret(master_secret, 'res master', hash)
end

#server_application_traffic_secretString

Returns:

  • (String) 


160
161
162
163
 
# File 'lib/tttls1.3/key_schedule.rb', line 160

def server_application_traffic_secret
  hash = @transcript.hash(@digest, SF)
  derive_secret(master_secret, 's ap traffic', hash)
end

#server_application_write_ivString

Returns:

  • (String) 


172
173
174
175
 
# File 'lib/tttls1.3/key_schedule.rb', line 172

def server_application_write_iv
  secret = server_application_traffic_secret
  self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
end

#server_application_write_keyString

Returns:

  • (String) 


166
167
168
169
 
# File 'lib/tttls1.3/key_schedule.rb', line 166

def server_application_write_key
  secret = server_application_traffic_secret
  self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
end

#server_finished_keyString

Returns:

  • (String) 


112
113
114
115
 
# File 'lib/tttls1.3/key_schedule.rb', line 112

def server_finished_key
  secret = server_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'finished', '', @hash_len, @digest)
end

#server_handshake_traffic_secretString

Returns:

  • (String) 


106
107
108
109
 
# File 'lib/tttls1.3/key_schedule.rb', line 106

def server_handshake_traffic_secret
  hash = @transcript.hash(@digest, SH)
  derive_secret(handshake_secret, 's hs traffic', hash)
end

#server_handshake_write_ivString

Returns:

  • (String) 


124
125
126
127
 
# File 'lib/tttls1.3/key_schedule.rb', line 124

def server_handshake_write_iv
  secret = server_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
end

#server_handshake_write_keyString

Returns:

  • (String) 


118
119
120
121
 
# File 'lib/tttls1.3/key_schedule.rb', line 118

def server_handshake_write_key
  secret = server_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
end