Class: Naoki::DataSecure

Inherits:
Object
  • Object
show all
Extended by:
FFI::Library
Defined in:
lib/naoki/data_secure.rb

Constant Summary collapse

LIB_ICAPI_FILE = 
`uname -m`.match(/x86_64/) ? 'libICAPI_64.so' : 'libICAPI_32.so'
I_T_Init_File = 
0
I_E_OK = 
0
I_T_Auth_Password = 
0
I_T_Operation_Encrypt = 
0
I_T_Operation_Decrypt = 
1
DEFAULTS = 
{
  'algorithm' => 'AES/CBC/PKCS5Padding',
}
MAX_SAFENET_BLOCK_SIZE = 
31000
MAX_OUTPUT_BLOCK_SIZE = 
32000

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(credential_to_use, data_secure_yml) ⇒ DataSecure

Returns a new instance of DataSecure.



50
51
52
53
54
55
56
57
58
59
60
61
62
63
 
# File 'lib/naoki/data_secure.rb', line 50

def initialize(credential_to_use, data_secure_yml)
  options = data_secure_yml
  credential_to_use = credential_to_use.to_s
  @live = self.class.init(options['data_secure_enabled'], options['properties_file'])

  if live?
    @options = DEFAULTS.merge(data_secure_yml['credentials'][credential_to_use])

    @session_pointer = FFI::MemoryPointer.new :pointer
    check { I_C_OpenSession(@session_pointer, I_T_Auth_Password, @options['username'], @options['password']) }
    @cipherspec_pointer = FFI::MemoryPointer.new :pointer
    check { I_C_CreateCipherSpec(@options['algorithm'], @options['key_name'], @cipherspec_pointer) }
  end
end

Class Method Details

.init(enabled, file) ⇒ Object 



65
66
67
68
69
70
71
 
# File 'lib/naoki/data_secure.rb', line 65

def self.init(enabled, file)
  return false unless file && enabled && @Linux
  return true if @initialized
  check { I_C_Initialize(I_T_Init_File, file) }
  @initialized = true
  true
end

Instance Method Details

#closeObject 



73
74
75
76
77
78
79
 
# File 'lib/naoki/data_secure.rb', line 73

def close
  return unless live?
  check { I_C_DeleteCipherSpec(@cipherspec_pointer.get_pointer(0)) } if @cipherspec_pointer
  @cipherspec_pointer = nil
  I_C_CloseSession(@session_pointer.get_pointer(0)) if @session_pointer
  @session_pointer = nil
end

#decrypt(text) ⇒ Object 



105
106
107
108
109
110
111
112
113
114
115
116
117
118
 
# File 'lib/naoki/data_secure.rb', line 105

def decrypt(text)
  return dummy_decrypt(text) unless live?
  decrypted_text = transform(I_T_Operation_Decrypt, text) do |transform_data_length_pointer|
    check do
      I_C_CalculateOutputSizeForKey(
        @session_pointer.get_pointer(0),
        @cipherspec_pointer.get_pointer(0),
        I_T_Operation_Decrypt,
        text.bytesize,
        transform_data_length_pointer)
    end
  end
  decrypted_text.ascii_only? ? decrypted_text : decrypted_text.force_encoding("UTF-8")
end

#decrypt_stream(input_io, output_io) ⇒ Object 



86
87
88
89
 
# File 'lib/naoki/data_secure.rb', line 86

def decrypt_stream(input_io, output_io)
  return dummy_decrypt_stream(input_io, output_io) unless live?
  transform_stream(I_T_Operation_Decrypt, input_io, output_io)
end

#encrypt(plain_text) ⇒ Object 



91
92
93
94
95
96
97
98
99
100
101
102
103
 
# File 'lib/naoki/data_secure.rb', line 91

def encrypt(plain_text)
  return dummy_encrypt(plain_text) unless live?
  transform(I_T_Operation_Encrypt, plain_text) do |transform_data_length_pointer|
    check do
      I_C_CalculateEncipheredSizeForKey(
        @session_pointer.get_pointer(0),
        @cipherspec_pointer.get_pointer(0),
        I_T_Operation_Encrypt,
        plain_text.bytesize,
        transform_data_length_pointer)
    end
  end
end

#encrypt_stream(input_io, output_io) ⇒ Object 



81
82
83
84
 
# File 'lib/naoki/data_secure.rb', line 81

def encrypt_stream(input_io, output_io)
  return dummy_encrypt_stream(input_io, output_io) unless live?
  transform_stream(I_T_Operation_Encrypt, input_io, output_io)
end