Class: JSON::JWE

Inherits:
Object
  • Object
show all
Includes:
JOSE
Defined in:
lib/json/jwe.rb

Defined Under Namespace

Classes: DecryptionFailed, InvalidFormat, UnexpectedAlgorithm

Constant Summary collapse

NUM_OF_SEGMENTS =
5

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(input = nil) ⇒ JWE

Returns a new instance of JWE.



23
24
25
# File 'lib/json/jwe.rb', line 23

def initialize(input = nil)
  self.plain_text = input.to_s
end

Instance Attribute Details

#auth_dataObject

Returns the value of attribute auth_data.



14
15
16
# File 'lib/json/jwe.rb', line 14

def auth_data
  @auth_data
end

#authentication_tag=(value) ⇒ Object

Sets the attribute authentication_tag

Parameters:

  • value

    the value to set the attribute authentication_tag to.



14
15
16
# File 'lib/json/jwe.rb', line 14

def authentication_tag=(value)
  @authentication_tag = value
end

#cipher_textObject

Returns the value of attribute cipher_text.



14
15
16
# File 'lib/json/jwe.rb', line 14

def cipher_text
  @cipher_text
end

#content_encryption_keyObject

Returns the value of attribute content_encryption_key.



14
15
16
# File 'lib/json/jwe.rb', line 14

def content_encryption_key
  @content_encryption_key
end

#encryption_keyObject

Returns the value of attribute encryption_key.



14
15
16
# File 'lib/json/jwe.rb', line 14

def encryption_key
  @encryption_key
end

#ivObject

Returns the value of attribute iv.



14
15
16
# File 'lib/json/jwe.rb', line 14

def iv
  @iv
end

#jwe_encrypted_key=(value) ⇒ Object

Sets the attribute jwe_encrypted_key

Parameters:

  • value

    the value to set the attribute jwe_encrypted_key to.



14
15
16
# File 'lib/json/jwe.rb', line 14

def jwe_encrypted_key=(value)
  @jwe_encrypted_key = value
end

#mac_keyObject

Returns the value of attribute mac_key.



14
15
16
# File 'lib/json/jwe.rb', line 14

def mac_key
  @mac_key
end

#plain_textObject

Returns the value of attribute plain_text.



14
15
16
# File 'lib/json/jwe.rb', line 14

def plain_text
  @plain_text
end

#private_key_or_secretObject

Returns the value of attribute private_key_or_secret.



14
15
16
# File 'lib/json/jwe.rb', line 14

def private_key_or_secret
  @private_key_or_secret
end

#public_key_or_secretObject

Returns the value of attribute public_key_or_secret.



14
15
16
# File 'lib/json/jwe.rb', line 14

def public_key_or_secret
  @public_key_or_secret
end

Class Method Details

.decode_compact_serialized(input, private_key_or_secret) ⇒ Object



283
284
285
286
287
288
289
290
291
292
293
294
295
# File 'lib/json/jwe.rb', line 283

def decode_compact_serialized(input, private_key_or_secret)
  unless input.count('.') + 1 == NUM_OF_SEGMENTS
    raise InvalidFormat.new("Invalid JWE Format. JWE should include #{NUM_OF_SEGMENTS} segments.")
  end
  jwe = new
  _header_json_, jwe.jwe_encrypted_key, jwe.iv, jwe.cipher_text, jwe.authentication_tag = input.split('.').collect do |segment|
    UrlSafeBase64.decode64 segment
  end
  jwe.auth_data = input.split('.').first
  jwe.header = MultiJson.load(_header_json_).with_indifferent_access
  jwe.decrypt! private_key_or_secret unless private_key_or_secret == :skip_decryption
  jwe
end

.decode_json_serialized(input, private_key_or_secret) ⇒ Object



297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
# File 'lib/json/jwe.rb', line 297

def decode_json_serialized(input, private_key_or_secret)
  input = input.with_indifferent_access
  jwe_encrypted_key = if input[:recipients].present?
    input[:recipients].first[:encrypted_key]
  else
    input[:encrypted_key]
  end
  compact_serialized = [
    input[:protected],
    jwe_encrypted_key,
    input[:iv],
    input[:ciphertext],
    input[:tag]
  ].join('.')
  decode_compact_serialized compact_serialized, private_key_or_secret
end

Instance Method Details

#as_json(options = {}) ⇒ Object



56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
# File 'lib/json/jwe.rb', line 56

def as_json(options = {})
  case options[:syntax]
  when :general
    {
      protected:  UrlSafeBase64.encode64(header.to_json),
      recipients: [{
        encrypted_key: UrlSafeBase64.encode64(jwe_encrypted_key)
      }],
      iv:         UrlSafeBase64.encode64(iv),
      ciphertext: UrlSafeBase64.encode64(cipher_text),
      tag:        UrlSafeBase64.encode64(authentication_tag)
    }
  else
    {
      protected:     UrlSafeBase64.encode64(header.to_json),
      encrypted_key: UrlSafeBase64.encode64(jwe_encrypted_key),
      iv:            UrlSafeBase64.encode64(iv),
      ciphertext:    UrlSafeBase64.encode64(cipher_text),
      tag:           UrlSafeBase64.encode64(authentication_tag)
    }
  end
end

#decrypt!(private_key_or_secret) ⇒ Object



35
36
37
38
39
40
41
42
# File 'lib/json/jwe.rb', line 35

def decrypt!(private_key_or_secret)
  self.private_key_or_secret = private_key_or_secret
  cipher.decrypt
  restore_cipher_keys!
  self.plain_text = cipher.update(cipher_text) + cipher.final
  verify_cbc_authentication_tag! if cbc?
  self
end

#encrypt!(public_key_or_secret) ⇒ Object



27
28
29
30
31
32
33
# File 'lib/json/jwe.rb', line 27

def encrypt!(public_key_or_secret)
  self.public_key_or_secret = public_key_or_secret
  cipher.encrypt
  generate_cipher_keys!
  self.cipher_text = cipher.update(plain_text) + cipher.final
  self
end

#to_sObject



44
45
46
47
48
49
50
51
52
53
54
# File 'lib/json/jwe.rb', line 44

def to_s
  [
    header.to_json,
    jwe_encrypted_key,
    iv,
    cipher_text,
    authentication_tag
  ].collect do |segment|
    UrlSafeBase64.encode64 segment.to_s
  end.join('.')
end