class TTTLS13::KeySchedule

rubocop: disable Metrics/ClassLength

Public Class Methods

hkdf_expand(secret, info, length, digest) click to toggle source

@param secret [String] @param info [String] @param length [Integer] @param digest [String] name of digest algorithm

@raise [TTTLS13::Error::ErrorAlerts]

@param [String]

# File lib/tttls1.3/key_schedule.rb, line 219
def self.hkdf_expand(secret, info, length, digest)
  hash_len = OpenSSL::Digest.new(digest).digest_length
  raise Error::ErrorAlerts, :internal_error if length > 255 * hash_len

  n = (length.to_f / hash_len).ceil
  okm = ''
  t = ''
  (1..n).each do |i|
    t = OpenSSL::HMAC.digest(digest, secret, t + info + i.chr)
    okm += t
  end
  okm[0...length]
end
hkdf_expand_label(secret, label, context, length, digest) click to toggle source

@param secret [String] @param label [String] @param context [String] @param length [Integer] @param digest [String] name of digest algorithm

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 204
def self.hkdf_expand_label(secret, label, context, length, digest)
  binary = length.to_uint16
  binary += ('tls13 ' + label).prefix_uint8_length
  binary += context.prefix_uint8_length
  hkdf_expand(secret, binary, length, digest)
end
new(psk: nil, shared_secret:, cipher_suite:, transcript:) click to toggle source

@param psk [String] @param shared_secret [String] @param cipher_suite [TTTLS13::CipherSuite] @param transcript [TTTLS13::Transcript]

# File lib/tttls1.3/key_schedule.rb, line 12
def initialize(psk: nil, shared_secret:, cipher_suite:, transcript:)
  @digest = CipherSuite.digest(cipher_suite)
  @hash_len = CipherSuite.hash_len(cipher_suite)
  @key_len = CipherSuite.key_len(cipher_suite)
  @iv_len = CipherSuite.iv_len(cipher_suite)
  @psk = psk || "\x00" * @hash_len
  @shared_secret = shared_secret
  @transcript = transcript
end

Public Instance Methods

binder_key_ext() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 33
def binder_key_ext
  hash = OpenSSL::Digest.digest(@digest, '')
  base_key = derive_secret(early_secret, 'ext binder', hash)
  self.class.hkdf_expand_label(base_key, 'finished', '', @hash_len, @digest)
end
binder_key_res() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 40
def binder_key_res
  hash = OpenSSL::Digest.digest(@digest, '')
  base_key = derive_secret(early_secret, 'res binder', hash)
  self.class.hkdf_expand_label(base_key, 'finished', '', @hash_len, @digest)
end
client_application_traffic_secret() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 142
def client_application_traffic_secret
  hash = @transcript.hash(@digest, SF)
  derive_secret(master_secret, 'c ap traffic', hash)
end
client_application_write_iv() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 154
def client_application_write_iv
  secret = client_application_traffic_secret
  self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
end
client_application_write_key() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 148
def client_application_write_key
  secret = client_application_traffic_secret
  self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
end
client_early_traffic_secret() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 47
def client_early_traffic_secret
  hash = @transcript.hash(@digest, CH)
  derive_secret(early_secret, 'c e traffic', hash)
end
client_finished_key() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 88
def client_finished_key
  secret = client_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'finished', '', @hash_len, @digest)
end
client_handshake_traffic_secret() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 82
def client_handshake_traffic_secret
  hash = @transcript.hash(@digest, SH)
  derive_secret(handshake_secret, 'c hs traffic', hash)
end
client_handshake_write_iv() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 100
def client_handshake_write_iv
  secret = client_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
end
client_handshake_write_key() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 94
def client_handshake_write_key
  secret = client_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
end
derive_secret(secret, label, context) click to toggle source

@param secret [String] @param label [String] @param context [String]

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 238
def derive_secret(secret, label, context)
  self.class.hkdf_expand_label(secret, label, context, @hash_len, @digest)
end
early_data_write_iv() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 59
def early_data_write_iv
  secret = client_early_traffic_secret
  self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
end
early_data_write_key() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 53
def early_data_write_key
  secret = client_early_traffic_secret
  self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
end
early_exporter_master_secret() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 65
def early_exporter_master_secret
  hash = OpenSSL::Digest.digest(@digest, '')
  derive_secret(early_secret, 'e exp master', hash)
end
early_salt() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 23
def early_salt
  "\x00" * @hash_len
end
early_secret() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 28
def early_secret
  hkdf_extract(@psk, early_salt)
end
exporter_master_secret() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 178
def exporter_master_secret
  hash = @transcript.hash(@digest, SF)
  derive_secret(master_secret, 'exp master', hash)
end
handshake_salt() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 71
def handshake_salt
  hash = OpenSSL::Digest.digest(@digest, '')
  derive_secret(early_secret, 'derived', hash)
end
handshake_secret() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 77
def handshake_secret
  hkdf_extract(@shared_secret, handshake_salt)
end
hkdf_extract(ikm, salt) click to toggle source

@param ikm [String] @param salt [String]

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 193
def hkdf_extract(ikm, salt)
  OpenSSL::HMAC.digest(@digest, salt, ikm)
end
master_salt() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 130
def master_salt
  hash = OpenSSL::Digest.digest(@digest, '')
  derive_secret(handshake_secret, 'derived', hash)
end
master_secret() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 136
def master_secret
  ikm = "\x00" * @hash_len
  hkdf_extract(ikm, master_salt)
end
resumption_master_secret() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 184
def resumption_master_secret
  hash = @transcript.hash(@digest, CF)
  derive_secret(master_secret, 'res master', hash)
end
server_application_traffic_secret() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 160
def server_application_traffic_secret
  hash = @transcript.hash(@digest, SF)
  derive_secret(master_secret, 's ap traffic', hash)
end
server_application_write_iv() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 172
def server_application_write_iv
  secret = server_application_traffic_secret
  self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
end
server_application_write_key() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 166
def server_application_write_key
  secret = server_application_traffic_secret
  self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
end
server_finished_key() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 112
def server_finished_key
  secret = server_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'finished', '', @hash_len, @digest)
end
server_handshake_traffic_secret() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 106
def server_handshake_traffic_secret
  hash = @transcript.hash(@digest, SH)
  derive_secret(handshake_secret, 's hs traffic', hash)
end
server_handshake_write_iv() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 124
def server_handshake_write_iv
  secret = server_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'iv', '', @iv_len, @digest)
end
server_handshake_write_key() click to toggle source

@return [String]

# File lib/tttls1.3/key_schedule.rb, line 118
def server_handshake_write_key
  secret = server_handshake_traffic_secret
  self.class.hkdf_expand_label(secret, 'key', '', @key_len, @digest)
end