class OpenSSL::PKey::EC

  1. lib/net/ssh/transport/openssl.rb
Parent: PKey

This class is originally defined in the OpenSSL module. As needed, methods have been added to it by the Net::SSH module for convenience in dealing with SSH functionality.

Methods

Public Class

  1. read_keyblob

Public Instance

  1. ssh_do_sign
  2. ssh_do_verify
  3. ssh_type
  4. to_blob

Constants

CurveNameAlias = { "nistp256" => "prime256v1", "nistp384" => "secp384r1", "nistp521" => "secp521r1", }  
CurveNameAliasInv = { "prime256v1" => "nistp256", "secp384r1" => "nistp384", "secp521r1" => "nistp521", }  

Public Class methods

read_keyblob (curve_name_in_type, buffer)
[show source] 
# File lib/net/ssh/transport/openssl.rb, line 142
def self.read_keyblob(curve_name_in_type, buffer)
  curve_name_in_key = buffer.read_string
  unless curve_name_in_type == curve_name_in_key
    raise Net::SSH::Exception, "curve name mismatched (`#{curve_name_in_key}' with `#{curve_name_in_type}')"
  end
  public_key_oct = buffer.read_string
  begin
    key = OpenSSL::PKey::EC.new(OpenSSL::PKey::EC::CurveNameAlias[curve_name_in_key])
    group = key.group
    point = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(public_key_oct, 2))
    key.public_key = point

    return key
  rescue OpenSSL::PKey::ECError
    raise NotImplementedError, "unsupported key type `#{type}'"
  end

end

Public Instance methods

ssh_do_sign (data)

Returns the signature for the given data.

[show source] 
# File lib/net/ssh/transport/openssl.rb, line 218
def ssh_do_sign(data)
  digest = digester.digest(data)
  sig = dsa_sign_asn1(digest)
  a1sig = OpenSSL::ASN1.decode( sig )

  sig_r = a1sig.value[0].value
  sig_s = a1sig.value[1].value

  return Net::SSH::Buffer.from(:bignum, sig_r, :bignum, sig_s).to_s
end
ssh_do_verify (sig, data)

Verifies the given signature matches the given data.

[show source] 
# File lib/net/ssh/transport/openssl.rb, line 192
def ssh_do_verify(sig, data)
  digest = digester.digest(data)
  a1sig = nil

  begin
    sig_r_len = sig[0,4].unpack("H*")[0].to_i(16)
    sig_l_len = sig[4+sig_r_len,4].unpack("H*")[0].to_i(16)

    sig_r = sig[4,sig_r_len].unpack("H*")[0]
    sig_s = sig[4+sig_r_len+4,sig_l_len].unpack("H*")[0]

    a1sig = OpenSSL::ASN1::Sequence([
      OpenSSL::ASN1::Integer(sig_r.to_i(16)),
      OpenSSL::ASN1::Integer(sig_s.to_i(16)),
    ])
  rescue
  end

  if a1sig == nil
    return false
  else
    dsa_verify_asn1(digest, a1sig.to_der)
  end
end
ssh_type ()

Returns the description of this key type used by the SSH2 protocol, like "ecdsa-sha2-nistp256"

[show source] 
# File lib/net/ssh/transport/openssl.rb, line 163
def ssh_type
  "ecdsa-sha2-#{CurveNameAliasInv[self.group.curve_name]}"
end
to_blob ()

Converts the key to a blob, according to the SSH2 protocol.

[show source] 
# File lib/net/ssh/transport/openssl.rb, line 184
def to_blob
  @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
                                  :string, CurveNameAliasInv[self.group.curve_name],
                                  :string, self.public_key.to_bn.to_s(2)).to_s
  @blob
end