Class: OpenSSL::PKey::EC

Inherits:
Object
  • Object
show all
Defined in:
lib/net/ssh/transport/openssl.rb

Overview

This class is originally defined in the OpenSSL module. As needed, methods have been added to it by the Net::SSH module for convenience in dealing with SSH functionality.

Constant Summary collapse

CurveNameAlias = 
{
  "nistp256" => "prime256v1",
  "nistp384" => "secp384r1",
  "nistp521" => "secp521r1"
}
CurveNameAliasInv = 
{
  "prime256v1" => "nistp256",
  "secp384r1" => "nistp384",
  "secp521r1" => "nistp521"
}

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.read_keyblob(curve_name_in_type, buffer) ⇒ Object

Raises:



141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
 
# File 'lib/net/ssh/transport/openssl.rb', line 141

def self.read_keyblob(curve_name_in_type, buffer)
  curve_name_in_key = buffer.read_string
  raise Net::SSH::Exception, "curve name mismatched (`#{curve_name_in_key}' with `#{curve_name_in_type}')" unless curve_name_in_type == curve_name_in_key
  public_key_oct = buffer.read_string
  begin
    key = OpenSSL::PKey::EC.new(OpenSSL::PKey::EC::CurveNameAlias[curve_name_in_key])
    group = key.group
    point = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(public_key_oct, 2))
    key.public_key = point

    return key
  rescue OpenSSL::PKey::ECError
    raise NotImplementedError, "unsupported key type `#{type}'"
  end
end

Instance Method Details

#ssh_do_sign(data) ⇒ Object

Returns the signature for the given data.



218
219
220
221
222
223
224
225
226
227
 
# File 'lib/net/ssh/transport/openssl.rb', line 218

def ssh_do_sign(data)
  digest = digester.digest(data)
  sig = dsa_sign_asn1(digest)
  a1sig = OpenSSL::ASN1.decode(sig)

  sig_r = a1sig.value[0].value
  sig_s = a1sig.value[1].value

  return Net::SSH::Buffer.from(:bignum, sig_r, :bignum, sig_s).to_s
end

#ssh_do_verify(sig, data) ⇒ Object

Verifies the given signature matches the given data.



192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
 
# File 'lib/net/ssh/transport/openssl.rb', line 192

def ssh_do_verify(sig, data)
  digest = digester.digest(data)
  a1sig = nil

  begin
    sig_r_len = sig[0,4].unpack("H*")[0].to_i(16)
    sig_l_len = sig[4 + sig_r_len,4].unpack("H*")[0].to_i(16)

    sig_r = sig[4,sig_r_len].unpack("H*")[0]
    sig_s = sig[4 + sig_r_len + 4,sig_l_len].unpack("H*")[0]

    a1sig = OpenSSL::ASN1::Sequence([
      OpenSSL::ASN1::Integer(sig_r.to_i(16)),
      OpenSSL::ASN1::Integer(sig_s.to_i(16))
    ])
  rescue StandardError
  end

  if a1sig == nil
    return false
  else
    dsa_verify_asn1(digest, a1sig.to_der)
  end
end

#ssh_signature_typeObject 



163
164
165
 
# File 'lib/net/ssh/transport/openssl.rb', line 163

def ssh_signature_type
  ssh_type
end

#ssh_typeObject

Returns the description of this key type used by the SSH2 protocol, like “ecdsa-sha2-nistp256”



159
160
161
 
# File 'lib/net/ssh/transport/openssl.rb', line 159

def ssh_type
  "ecdsa-sha2-#{CurveNameAliasInv[self.group.curve_name]}"
end

#to_blobObject

Converts the key to a blob, according to the SSH2 protocol.



184
185
186
187
188
189
 
# File 'lib/net/ssh/transport/openssl.rb', line 184

def to_blob
  @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
                                  :string, CurveNameAliasInv[self.group.curve_name],
                                  :mstring, self.public_key.to_bn.to_s(2)).to_s
  @blob
end