Class: JOSE::JWE::ALG_C20P_KW

Inherits:
Struct
  • Object
show all
Defined in:
lib/jose/jwe/alg_c20p_kw.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#bitsObject

Returns the value of attribute bits

Returns:

  • (Object)

    the current value of bits



1
2
3
 
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 1

def bits
  @bits
end

#cipher_nameObject

Returns the value of attribute cipher_name

Returns:

  • (Object)

    the current value of cipher_name



1
2
3
 
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 1

def cipher_name
  @cipher_name
end

#ivObject

Returns the value of attribute iv

Returns:

  • (Object)

    the current value of iv



1
2
3
 
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 1

def iv
  @iv
end

#tagObject

Returns the value of attribute tag

Returns:

  • (Object)

    the current value of tag



1
2
3
 
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 1

def tag
  @tag
end

Class Method Details

.from_map(fields) ⇒ Object

JOSE::JWE callbacks



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 5

def self.from_map(fields)
  bits = nil
  cipher_name = nil
  case fields['alg']
  when 'C20PKW'
    bits = 256
    cipher_name = 'chacha20-poly1305'
  else
    raise ArgumentError, "invalid 'alg' for JWE: #{fields['alg'].inspect}"
  end
  iv = nil
  if fields.has_key?('iv')
    iv = JOSE.urlsafe_decode64(fields['iv'])
  end
  tag = nil
  if fields.has_key?('tag')
    tag = JOSE.urlsafe_decode64(fields['tag'])
  end
  return new(cipher_name, bits, iv, tag), fields.except('alg', 'iv', 'tag')
end

Instance Method Details

#algorithmObject

API functions



91
92
93
94
95
96
97
98
 
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 91

def algorithm
  case bits
  when 256
    'C20PKW'
  else
    raise ArgumentError, "unhandled JOSE::JWE::ALG_C20P_KW bits: #{bits.inspect}"
  end
end

#generate_key(fields, enc) ⇒ Object

JOSE::JWE::ALG callbacks



40
41
42
 
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 40

def generate_key(fields, enc)
  return JOSE::JWE::ALG.generate_key([:oct, bits.div(8)], algorithm, enc.algorithm)
end

#key_decrypt(key, enc, encrypted_key) ⇒ Object 



44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
 
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 44

def key_decrypt(key, enc, encrypted_key)
  if iv.nil? or tag.nil?
    raise ArgumentError, "missing required fields for decryption: 'iv' and 'tag'"
  end
  if key.is_a?(JOSE::JWK)
    key = key.kty.derive_key
  end
  derived_key = key
  aad = ''
  cipher_text = encrypted_key
  cipher_tag = tag
  cipher = OpenSSL::Cipher.new(cipher_name)
  cipher.decrypt
  cipher.key = derived_key
  cipher.iv = iv
  cipher.padding = 0
  cipher.auth_data = aad
  cipher.auth_tag = cipher_tag
  plain_text = cipher.update(cipher_text) + cipher.final
  return plain_text
end

#key_encrypt(key, enc, decrypted_key) ⇒ Object 



66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
 
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 66

def key_encrypt(key, enc, decrypted_key)
  if key.is_a?(JOSE::JWK)
    key = key.kty.derive_key
  end
  new_alg = JOSE::JWE::ALG_C20P_KW.new(cipher_name, bits, iv || SecureRandom.random_bytes(12))
  derived_key = key
  aad = ''
  plain_text = decrypted_key
  cipher = OpenSSL::Cipher.new(new_alg.cipher_name)
  cipher.encrypt
  cipher.key = derived_key
  cipher.iv = new_alg.iv
  cipher.padding = 0
  cipher.auth_data = aad
  cipher_text = cipher.update(plain_text) + cipher.final
  new_alg.tag = cipher.auth_tag
  return cipher_text, new_alg
end

#next_cek(key, enc) ⇒ Object 



85
86
87
 
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 85

def next_cek(key, enc)
  return enc.next_cek, self
end

#to_map(fields) ⇒ Object 



26
27
28
29
30
31
32
33
34
35
36
 
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 26

def to_map(fields)
  alg = algorithm
  fields = fields.put('alg', alg)
  if iv
    fields = fields.put('iv', JOSE.urlsafe_encode64(iv))
  end
  if tag
    fields = fields.put('tag', JOSE.urlsafe_encode64(tag))
  end
  return fields
end