Module: HrrRbSsh::Algorithm::Publickey::EcdsaSha2
- Includes:
- Loggable
- Included in:
- EcdsaSha2Nistp256, EcdsaSha2Nistp384, EcdsaSha2Nistp521
- Defined in:
- lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2.rb,
lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2/signature.rb,
lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2/public_key_blob.rb,
lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2/ecdsa_signature_blob.rb
Defined Under Namespace
Classes: EcdsaSignatureBlob, PublicKeyBlob, Signature
Instance Attribute Summary
Attributes included from Loggable
#log_key, #logger
Instance Method Summary
collapse
Methods included from Loggable
#log_debug, #log_error, #log_fatal, #log_info, #log_warn
Instance Method Details
#ecdsa_signature_blob(signature_blob) ⇒ Object
45
46
47
48
49
50
51
52
53
54
55
56
|
# File 'lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2.rb', line 45
def ecdsa_signature_blob signature_blob
hash = OpenSSL::Digest.digest(self.class::DIGEST, signature_blob)
sign_der = @publickey.dsa_sign_asn1(hash)
sign_asn1 = OpenSSL::ASN1.decode sign_der
r = sign_asn1.value[0].value.to_i
s = sign_asn1.value[1].value.to_i
ecdsa_signature_blob_h = {
:'r' => r,
:'s' => s,
}
EcdsaSignatureBlob.new(logger: logger).encode ecdsa_signature_blob_h
end
|
#initialize(arg, logger: nil) ⇒ Object
13
14
15
16
17
18
19
20
|
# File 'lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2.rb', line 13
def initialize arg, logger: nil
self.logger = logger
begin
new_by_key_str arg
rescue OpenSSL::PKey::ECError
new_by_public_key_blob arg
end
end
|
#new_by_key_str(key_str) ⇒ Object
22
23
24
|
# File 'lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2.rb', line 22
def new_by_key_str key_str
@publickey = OpenSSL::PKey::EC.new(key_str.delete(0.chr))
end
|
#new_by_public_key_blob(public_key_blob) ⇒ Object
26
27
28
29
30
|
# File 'lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2.rb', line 26
def new_by_public_key_blob public_key_blob
public_key_blob_h = PublicKeyBlob.new(logger: logger).decode public_key_blob
@publickey = OpenSSL::PKey::EC.new(self.class::CURVE_NAME)
@publickey.public_key = OpenSSL::PKey::EC::Point.new(@publickey.group, OpenSSL::BN.new(public_key_blob_h[:'Q'], 2))
end
|
#sign(signature_blob) ⇒ Object
58
59
60
61
62
63
64
|
# File 'lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2.rb', line 58
def sign signature_blob
signature_h = {
:'public key algorithm name' => self.class::NAME,
:'ecdsa signature blob' => ecdsa_signature_blob(signature_blob),
}
Signature.new(logger: logger).encode signature_h
end
|
#to_pem ⇒ Object
32
33
34
|
# File 'lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2.rb', line 32
def to_pem
@publickey.to_pem
end
|
#to_public_key_blob ⇒ Object
36
37
38
39
40
41
42
43
|
# File 'lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2.rb', line 36
def to_public_key_blob
public_key_blob_h = {
:'public key algorithm name' => self.class::NAME,
:'identifier' => self.class::IDENTIFIER,
:'Q' => @publickey.public_key.to_bn.to_s(2)
}
PublicKeyBlob.new(logger: logger).encode public_key_blob_h
end
|
#verify(signature, signature_blob) ⇒ Object
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
# File 'lib/hrr_rb_ssh/algorithm/publickey/ecdsa_sha2.rb', line 66
def verify signature, signature_blob
signature_h = Signature.new(logger: logger).decode signature
ecdsa_signature_blob_h = EcdsaSignatureBlob.new(logger: logger).decode signature_h[:'ecdsa signature blob']
r = ecdsa_signature_blob_h[:'r']
s = ecdsa_signature_blob_h[:'s']
sign_asn1 = OpenSSL::ASN1::Sequence.new(
[
OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(r)),
OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(s)),
]
)
sign_der = sign_asn1.to_der
hash = OpenSSL::Digest.digest(self.class::DIGEST, signature_blob)
signature_h[:'public key algorithm name'] == self.class::NAME && @publickey.dsa_verify_asn1(hash, sign_der)
end
|