module PuTTY::Key::OpenSSL::PKeyBuilding

Methods to build OpenSSL private keys from a {PPK}.

@private

Public Class Methods

ppk_to_dsa(ppk) click to toggle source

Creates a new OpenSSL DSA private key for the given DSA {PPK}.

@param ppk [PPK] A DSA {PPK}. @return [::OpenSSL::PKey::DSA] The OpenSSL DSA private key.

# File lib/putty/key/openssl.rb, line 64
def ppk_to_dsa(ppk)
  _, p, q, g, pub_key = Util.ssh_unpack(ppk.public_blob, :string, :mpint, :mpint, :mpint, :mpint)
  priv_key = Util.ssh_unpack(ppk.private_blob, :mpint).first
  dsa_from_params(p, q, g, pub_key, priv_key)
end
ppk_to_ec(ppk, ppk_curve) click to toggle source

Creates a new OpenSSL EC private key for the given EC {PPK}.

@param ppk [PPK] An EC {PPK}. @param ppk_curve [String] The PPK curve name extracted from the PPK algorithm name. @return [::OpenSSL::PKey::EC] The OpenSSL EC private key.

# File lib/putty/key/openssl.rb, line 88
def ppk_to_ec(ppk, ppk_curve)
  curve = OPENSSL_CURVES[ppk_curve]
  _, _, pub_key = Util.ssh_unpack(ppk.public_blob, :string, :string, :mpint)
  priv_key = Util.ssh_unpack(ppk.private_blob, :mpint).first
  ec_from_params(curve, pub_key, priv_key)
end
ppk_to_rsa(ppk) click to toggle source

Creates a new OpenSSL RSA private key for the given RSA {PPK}.

@param ppk [PPK] An RSA {PPK}. @return [::OpenSSL::PKey::RSA] The OpenSSL RSA private key.

# File lib/putty/key/openssl.rb, line 74
def ppk_to_rsa(ppk)
  _, e, n = Util.ssh_unpack(ppk.public_blob, :string, :mpint, :mpint)
  d, p, q, iqmp = Util.ssh_unpack(ppk.private_blob, :mpint, :mpint, :mpint, :mpint)
  dmp1 = d % (p - 1)
  dmq1 = d % (q - 1)
  rsa_from_params(e, n, d, p, q, iqmp, dmp1, dmq1)
end

Private Class Methods

dsa_from_params(p, q, g, pub_key, priv_key) click to toggle source

Creates a new OpenSSL DSA private key with the given parameters.

@param p [::OpenSSL::BN] The p parameter (prime). @param q [::OpenSSL::BN] The q parameter (prime). @param g [::OpenSSL::BN] The g parameter. @param pub_key [::OpenSSL::BN] The public key. @param priv_key [::OpenSSL::BN] The private key. @return [::OpenSSL::PKey::DSA] The OpenSSL DSA private key.

# File lib/putty/key/openssl.rb, line 117
def dsa_from_params(p, q, g, pub_key, priv_key)
  # https://www.openssl.org/docs/man3.0/man1/openssl-dsa.html (outform parameter).
  sequence = [
    ::OpenSSL::ASN1::Integer.new(0),
    ::OpenSSL::ASN1::Integer.new(p),
    ::OpenSSL::ASN1::Integer.new(q),
    ::OpenSSL::ASN1::Integer.new(g),
    ::OpenSSL::ASN1::Integer.new(pub_key),
    ::OpenSSL::ASN1::Integer.new(priv_key)
  ]

  ::OpenSSL::PKey::DSA.new(::OpenSSL::ASN1::Sequence.new(sequence).to_der)
end
ec_from_params(curve, pub_key, priv_key) click to toggle source

Creates a new OpenSSL EC private key with the given parameters.

@param curve [String] The name of the OpenSSL EC curve. @param pub_key [::OpenSSL::BN] The public key. @param priv_key [::OpenSSL::BN] The private key. @return [::OpenSSL::PKey::EC] The OpenSSL EC private key.

# File lib/putty/key/openssl.rb, line 165
def ec_from_params(curve, pub_key, priv_key)
  group = ::OpenSSL::PKey::EC::Group.new(curve)
  point = ::OpenSSL::PKey::EC::Point.new(group, pub_key)
  point_string = point.to_octet_string(:uncompressed)

  # RFC 5915 Section 3
  sequence = [
    ::OpenSSL::ASN1::Integer.new(1),
    ::OpenSSL::ASN1::OctetString.new(priv_key.to_s(2)),
    ::OpenSSL::ASN1::ObjectId.new(curve, 0, :EXPLICIT),
    ::OpenSSL::ASN1::BitString.new(point_string, 1, :EXPLICIT)
  ]

  ::OpenSSL::PKey::EC.new(::OpenSSL::ASN1::Sequence.new(sequence).to_der)
end
rsa_from_params(e, n, d, p, q, iqmp, dmp1, dmq1) click to toggle source

Creates a new OpenSSL RSA private key with the given parameters.

@param e [::OpenSSL::BN] The public key exponent. @param n [::OpenSSL::BN] The modulus. @param d [::OpenSSL::BN] The private key exponent. @param p [::OpenSSL::BN] The p prime. @param q [::OpenSSL::BN] The q prime. @param iqmp [::OpenSSL::BN] The inverse of q, mod p. @param dmp1 [::OpenSSL::BN] d mod (p - 1). @param dmq1 [::OpenSSL::BN] d mod (q - 1). @return [::OpenSSL::PKey::RSA] The OpenSSL RSA private key.

# File lib/putty/key/openssl.rb, line 142
def rsa_from_params(e, n, d, p, q, iqmp, dmp1, dmq1)
  # RFC 3447 Appendix A.1.2
  sequence = [
    ::OpenSSL::ASN1::Integer.new(0),
    ::OpenSSL::ASN1::Integer.new(n),
    ::OpenSSL::ASN1::Integer.new(e),
    ::OpenSSL::ASN1::Integer.new(d),
    ::OpenSSL::ASN1::Integer.new(p),
    ::OpenSSL::ASN1::Integer.new(q),
    ::OpenSSL::ASN1::Integer.new(dmp1),
    ::OpenSSL::ASN1::Integer.new(dmq1),
    ::OpenSSL::ASN1::Integer.new(iqmp)
  ]

  ::OpenSSL::PKey::RSA.new(::OpenSSL::ASN1::Sequence.new(sequence).to_der)
end