lib/net/ssh/transport/kex/curve25519_sha256.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

gem 'x25519' # raise if the gem x25519 is not installed

require 'x25519'

X25519.provider = X25519::Provider::Ref10 # https://github.com/RubyCrypto/x25519/issues/22
require 'net/ssh/transport/constants'
require 'net/ssh/transport/kex/abstract5656'

module Net
  module SSH
    module Transport
      module Kex
        # A key-exchange service implementing the "curve25519-sha256@libssh.org"
        # key-exchange algorithm. (defined in https://tools.ietf.org/html/draft-ietf-curdle-ssh-curves-06)
        class Curve25519Sha256 < Abstract5656
          def digester
            OpenSSL::Digest::SHA256
          end

          private

          def generate_key #:nodoc:
            ::X25519::Scalar.generate
          end

          ## string   Q_C, client's ephemeral public key octet string
          def ecdh_public_key_bytes
            ecdh.public_key.to_bytes
          end

          # compute shared secret from server's public key and client's private key
          def compute_shared_secret(server_ecdh_pubkey)
            pk = ::X25519::MontgomeryU.new(server_ecdh_pubkey)
            OpenSSL::BN.new(ecdh.diffie_hellman(pk).to_bytes, 2)
          end
        end
      end
    end
  end
end