Class: TTTLS13::Connection
- Inherits:
-
Object
- Object
- TTTLS13::Connection
- Includes:
- Logging
- Defined in:
- lib/tttls1.3/connection.rb
Overview
rubocop: disable Metrics/ClassLength
Class Method Summary collapse
- .gen_ocsp_request(cid) ⇒ OpenSSL::OCSP::Request
-
.send_ocsp_request(ocsp_request, uri_string) ⇒ OpenSSL::OCSP::Response, n
OpenSSL::OCSP::Response, n.
Instance Method Summary collapse
- #close ⇒ Object
- #eof? ⇒ Boolean
- #exporter(label, context, key_length) ⇒ String?
-
#initialize(socket) ⇒ Connection
constructor
A new instance of Connection.
- #negotiated_alpn ⇒ String
- #negotiated_cipher_suite ⇒ TTTLS13::CipherSuite?
- #negotiated_named_group ⇒ TTTLS13::NamedGroup?
- #negotiated_signature_scheme ⇒ TTTLS13::SignatureScheme?
-
#read ⇒ String
rubocop: disable Metrics/CyclomaticComplexity rubocop: disable Metrics/PerceivedComplexity.
- #write(binary) ⇒ Object
Methods included from Logging
Constructor Details
#initialize(socket) ⇒ Connection
Returns a new instance of Connection.
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
# File 'lib/tttls1.3/connection.rb', line 13 def initialize(socket) @socket = socket @endpoint = nil # Symbol or String, :client or :server @ap_wcipher = Cryptograph::Passer.new @ap_rcipher = Cryptograph::Passer.new @alert_wcipher = Cryptograph::Passer.new @message_queue = [] # Array of [TTTLS13::Message::$Object, String] @binary_buffer = '' # deposit Record.surplus_binary @cipher_suite = nil # TTTLS13::CipherSuite @named_group = nil # TTTLS13::NamedGroup @signature_scheme = nil # TTTLS13::SignatureScheme @state = 0 # ClientState or ServerState @send_record_size = Message::DEFAULT_RECORD_SIZE_LIMIT @recv_record_size = Message::DEFAULT_RECORD_SIZE_LIMIT @alpn = nil # String @exporter_secret = nil # String end |
Class Method Details
.gen_ocsp_request(cid) ⇒ OpenSSL::OCSP::Request
549 550 551 552 553 554 |
# File 'lib/tttls1.3/connection.rb', line 549 def gen_ocsp_request(cid) ocsp_request = OpenSSL::OCSP::Request.new ocsp_request.add_certid(cid) ocsp_request.add_nonce ocsp_request end |
.send_ocsp_request(ocsp_request, uri_string) ⇒ OpenSSL::OCSP::Response, n
Returns OpenSSL::OCSP::Response, n.
562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 |
# File 'lib/tttls1.3/connection.rb', line 562 def send_ocsp_request(ocsp_request, uri_string) # send HTTP POST uri = URI.parse(uri_string) path = uri.path path = '/' if path.nil? || path.empty? http_response = Net::HTTP.start(uri.host, uri.port) do |http| http.post( path, ocsp_request.to_der, 'content-type' => 'application/ocsp-request' ) end OpenSSL::OCSP::Response.new(http_response.body) end |
Instance Method Details
#close ⇒ Object
77 78 79 80 81 82 83 84 |
# File 'lib/tttls1.3/connection.rb', line 77 def close return if @state == EOF send_alert(:close_notify) @state = EOF nil end |
#exporter(label, context, key_length) ⇒ String?
111 112 113 114 115 116 |
# File 'lib/tttls1.3/connection.rb', line 111 def exporter(label, context, key_length) return nil if @exporter_secret.nil? || @cipher_suite.nil? digest = CipherSuite.digest(@cipher_suite) do_exporter(@exporter_secret, digest, label, context, key_length) end |
#negotiated_alpn ⇒ String
102 103 104 |
# File 'lib/tttls1.3/connection.rb', line 102 def negotiated_alpn @alpn end |
#negotiated_cipher_suite ⇒ TTTLS13::CipherSuite?
87 88 89 |
# File 'lib/tttls1.3/connection.rb', line 87 def negotiated_cipher_suite @cipher_suite end |
#negotiated_named_group ⇒ TTTLS13::NamedGroup?
92 93 94 |
# File 'lib/tttls1.3/connection.rb', line 92 def negotiated_named_group @named_group end |
#negotiated_signature_scheme ⇒ TTTLS13::SignatureScheme?
97 98 99 |
# File 'lib/tttls1.3/connection.rb', line 97 def negotiated_signature_scheme @signature_scheme end |
#read ⇒ String
rubocop: disable Metrics/CyclomaticComplexity rubocop: disable Metrics/PerceivedComplexity
36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/tttls1.3/connection.rb', line 36 def read # secure channel has not established yet raise Error::ConfigError \ unless (@endpoint == :client && @state == ClientState::CONNECTED) || (@endpoint == :server && @state == ServerState::CONNECTED) return '' if @state == EOF = nil loop do , = (receivable_ccs: false, cipher: @ap_rcipher) # At any time after the server has received the client Finished # message, it MAY send a NewSessionTicket message. break unless .is_a?(Message::NewSessionTicket) process_new_session_ticket() end return '' if .nil? .fragment end |
#write(binary) ⇒ Object
67 68 69 70 71 72 73 74 75 |
# File 'lib/tttls1.3/connection.rb', line 67 def write(binary) # secure channel has not established yet raise Error::ConfigError \ unless (@endpoint == :client && @state == ClientState::CONNECTED) || (@endpoint == :server && @state == ServerState::CONNECTED) ap = Message::ApplicationData.new(binary) send_application_data(ap, @ap_wcipher) end |