class TTTLS13::Cryptograph::Aead

Attributes

auth_tag_len[R]

Public Class Methods

new(cipher_suite:, write_key:, write_iv:, sequence_number:, length_of_padding: 0) click to toggle source

@param cipher_suite [TTTLS13::CipherSuite] @param write_key [String] @param write_iv [String] @param sequence_number [String] uint64 @param length_of_padding [Integer]

# File lib/tttls1.3/cryptograph/aead.rb, line 15
def initialize(cipher_suite:, write_key:, write_iv:,
               sequence_number:, length_of_padding: 0)
  @cipher_suite = cipher_suite
  case cipher_suite
  when CipherSuite::TLS_AES_128_GCM_SHA256
    @cipher = OpenSSL::Cipher::AES128.new(:GCM)
  when CipherSuite::TLS_AES_256_GCM_SHA384
    @cipher = OpenSSL::Cipher::AES256.new(:GCM)
  when CipherSuite::TLS_CHACHA20_POLY1305_SHA256
    @cipher = OpenSSL::Cipher.new('chacha20-poly1305')
  else
    # Note:
    # not supported
    # CipherSuite::TLS_AES_128_CCM_SHA256
    # CipherSuite::TLS_AES_128_CCM_8_SHA256
    raise Error::ErrorAlerts, :internal_error
  end
  @write_key = write_key
  @write_iv = write_iv
  @sequence_number = sequence_number
  @length_of_padding = length_of_padding
  @auth_tag_len = CipherSuite.auth_tag_len(@cipher_suite)
end

Public Instance Methods

decrypt(encrypted_record, auth_data) click to toggle source

NOTE:

AEAD-Decrypt(peer_write_key, nonce,
             additional_data, AEADEncrypted)

@param encrypted_record [String] @param auth_data [String]

@raise [OpenSSL::Cipher::CipherError]

@return [String] @return [TTTLS13::Message::ContentType]

# File lib/tttls1.3/cryptograph/aead.rb, line 67
def decrypt(encrypted_record, auth_data)
  decipher = reset_decipher
  auth_tag = encrypted_record[-@auth_tag_len..-1]
  decipher.auth_tag = auth_tag
  decipher.auth_data = auth_data # record header of TLSCiphertext
  clear = decipher.update(encrypted_record[0...-@auth_tag_len])
  decipher.final
  zeros_len = scan_zeros(clear)
  postfix_len = 1 + zeros_len # type || zeros
  @sequence_number.succ

  [clear[0...-postfix_len], clear[-postfix_len]]
end
encrypt(content, type) click to toggle source

NOTE:

AEAD-Encrypt(write_key, nonce, additional_data, plaintext)

@param content [String] @param type [TTTLS13::Message::ContentType]

@return [String]

# File lib/tttls1.3/cryptograph/aead.rb, line 46
def encrypt(content, type)
  cipher = reset_cipher
  plaintext = content + type + "\x00" * @length_of_padding
  cipher.auth_data = additional_data(plaintext.length)
  encrypted_data = cipher.update(plaintext) + cipher.final
  @sequence_number.succ

  encrypted_data + cipher.auth_tag
end
tlsplaintext_length_limit(record_size_limit) click to toggle source

NOTE:

struct {
    opaque content[TLSPlaintext.length];
    ContentType type;
    uint8 zeros[length_of_padding];
} TLSInnerPlaintext;

@param record_size_limit [Integer]

@return [Integer]

# File lib/tttls1.3/cryptograph/aead.rb, line 91
def tlsplaintext_length_limit(record_size_limit)
  record_size_limit - 1 - @length_of_padding
end

Private Instance Methods

additional_data(plaintext_len) click to toggle source

@return [String]

# File lib/tttls1.3/cryptograph/aead.rb, line 98
def additional_data(plaintext_len)
  ciphertext_len = plaintext_len + @auth_tag_len

  Message::ContentType::APPLICATION_DATA \
  + Message::ProtocolVersion::TLS_1_2 \
  + ciphertext_len.to_uint16
end
reset_cipher() click to toggle source

@return [OpenSSL::Cipher]

# File lib/tttls1.3/cryptograph/aead.rb, line 107
def reset_cipher
  cipher = @cipher.encrypt
  cipher.reset
  cipher.key = @write_key
  iv_len = CipherSuite.iv_len(@cipher_suite)
  cipher.iv = @sequence_number.xor(@write_iv, iv_len)

  cipher
end
reset_decipher() click to toggle source

@return [OpenSSL::Cipher]

# File lib/tttls1.3/cryptograph/aead.rb, line 118
def reset_decipher
  decipher = @cipher.decrypt
  decipher.reset
  decipher.key = @write_key
  iv_len = CipherSuite.iv_len(@cipher_suite)
  decipher.iv = @sequence_number.xor(@write_iv, iv_len)

  decipher
end
scan_zeros(clear) click to toggle source

@param clear [String]

@return [Integer]

# File lib/tttls1.3/cryptograph/aead.rb, line 131
def scan_zeros(clear)
  i = 1
  i += 1 while clear[-i] == "\x00"
  i - 1
end