Parent

Class Index [+]

Quicksearch

OpenSSL::PKey::EC

This class is originally defined in the OpenSSL module. As needed, methods have been added to it by the Net::SSH module for convenience in dealing with SSH functionality.

Constants

CurveNameAlias
CurveNameAliasInv

Public Class Methods

read_keyblob(curve_name_in_type, buffer) click to toggle source
     # File lib/net/ssh/transport/openssl.rb, line 143
143:         def self.read_keyblob(curve_name_in_type, buffer)
144:           curve_name_in_key = buffer.read_string
145:           unless curve_name_in_type == curve_name_in_key
146:             raise Net::SSH::Exception, "curve name mismatched (`#{curve_name_in_key}' with `#{curve_name_in_type}')"
147:           end
148:           public_key_oct = buffer.read_string
149:           begin
150:             key = OpenSSL::PKey::EC.new(OpenSSL::PKey::EC::CurveNameAlias[curve_name_in_key])
151:             group = key.group
152:             point = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(public_key_oct, 2))
153:             key.public_key = point
154: 
155:             return key
156:           rescue OpenSSL::PKey::ECError => e
157:             raise NotImplementedError, "unsupported key type `#{type}'"
158:           end
159: 
160:         end

Public Instance Methods

ssh_do_sign(data) click to toggle source

Returns the signature for the given data.

     # File lib/net/ssh/transport/openssl.rb, line 219
219:         def ssh_do_sign(data)
220:           digest = digester.digest(data)
221:           sig = dsa_sign_asn1(digest)
222:           a1sig = OpenSSL::ASN1.decode( sig )
223: 
224:           sig_r = a1sig.value[0].value
225:           sig_s = a1sig.value[1].value
226: 
227:           return Net::SSH::Buffer.from(:bignum, sig_r, :bignum, sig_s).to_s
228:         end
ssh_do_verify(sig, data) click to toggle source

Verifies the given signature matches the given data.

     # File lib/net/ssh/transport/openssl.rb, line 193
193:         def ssh_do_verify(sig, data)
194:           digest = digester.digest(data)
195:           a1sig = nil
196: 
197:           begin
198:             sig_r_len = sig[0,4].unpack("H*")[0].to_i(16)
199:             sig_l_len = sig[4+sig_r_len,4].unpack("H*")[0].to_i(16)
200: 
201:             sig_r = sig[4,sig_r_len].unpack("H*")[0]
202:             sig_s = sig[4+sig_r_len+4,sig_l_len].unpack("H*")[0]
203: 
204:             a1sig = OpenSSL::ASN1::Sequence([
205:               OpenSSL::ASN1::Integer(sig_r.to_i(16)),
206:               OpenSSL::ASN1::Integer(sig_s.to_i(16)),
207:             ])
208:           rescue
209:           end
210: 
211:           if a1sig == nil
212:             return false
213:           else
214:             dsa_verify_asn1(digest, a1sig.to_der)
215:           end
216:         end
ssh_type() click to toggle source

Returns the description of this key type used by the SSH2 protocol, like “ecdsa-sha2-nistp256“

     # File lib/net/ssh/transport/openssl.rb, line 164
164:         def ssh_type
165:           "ecdsa-sha2-#{CurveNameAliasInv[self.group.curve_name]}"
166:         end
to_blob() click to toggle source

Converts the key to a blob, according to the SSH2 protocol.

     # File lib/net/ssh/transport/openssl.rb, line 185
185:         def to_blob
186:           @blob ||= Net::SSH::Buffer.from(:string, ssh_type,
187:                                           :string, CurveNameAliasInv[self.group.curve_name],
188:                                           :string, self.public_key.to_bn.to_s(2)).to_s
189:           @blob
190:         end

Private Instance Methods

digester() click to toggle source
     # File lib/net/ssh/transport/openssl.rb, line 168
168:         def digester
169:           if self.group.curve_name =~ /^[a-z]+(\d+)\w*\z/
170:             curve_size = $1.to_i
171:             if curve_size <= 256
172:               OpenSSL::Digest::SHA256.new
173:             elsif curve_size <= 384
174:               OpenSSL::Digest::SHA384.new
175:             else
176:               OpenSSL::Digest::SHA512.new
177:             end
178:           else
179:             OpenSSL::Digest::SHA256.new
180:           end
181:         end

Disabled; run with --debug to generate this.

[Validate]

Generated with the Darkfish Rdoc Generator 1.1.6.