Module: DiasporaFederation::Salmon::EncryptedMagicEnvelope

Defined in:: lib/diaspora_federation/salmon/encrypted_magic_envelope.rb

Overview

This is a simple crypt-wrapper for MagicEnvelope.

The wrapper is JSON with the following structure:

{
  "aes_key": "...",
  "encrypted_magic_envelope": "..."
}

aes_key is encrypted using the recipients public key, and contains the AES key and iv as JSON:

{
  "key": "...",
  "iv": "..."
}

encrypted_magic_envelope is encrypted using the key and iv from aes_key. Once decrypted it contains the MagicEnvelope xml:

<me:env>
  ...
</me:env>

All JSON-values (aes_key, encrypted_magic_envelope, key and iv) are base64 encoded.

Class Method Summary collapse

.decrypt(encrypted_env, privkey) ⇒ Nokogiri::XML::Element

Decrypts the AES key with the private key of the receiver and decrypts the encrypted MagicEnvelope with it.
.encrypt(magic_env, pubkey) ⇒ String

Generates a new random AES key and encrypts the MagicEnvelope with it.

Class Method Details

.decrypt(encrypted_env, privkey) ⇒ `Nokogiri::XML::Element`

Decrypts the AES key with the private key of the receiver and decrypts the encrypted MagicEnvelope with it.

Parameters:

encrypted_env (String) —

json string with aes_key and encrypted_magic_envelope
privkey (OpenSSL::PKey::RSA) —

private key for decryption

Returns:

(Nokogiri::XML::Element) —

decrypted magic envelope xml

# File 'lib/diaspora_federation/salmon/encrypted_magic_envelope.rb', line 52

def self.decrypt(encrypted_env, privkey)
  encrypted_json = JSON.parse(encrypted_env)

  encoded_key = JSON.parse(privkey.private_decrypt(Base64.decode64(encrypted_json["aes_key"])))
  key = encoded_key.transform_values {|v| Base64.decode64(v) }

  xml = AES.decrypt(encrypted_json["encrypted_magic_envelope"], key["key"], key["iv"])
  Nokogiri::XML(xml).root
end

.encrypt(magic_env, pubkey) ⇒ `String`

Generates a new random AES key and encrypts the MagicEnvelope with it. Then encrypts the AES key with the receivers public key.