Class: Fling::Box

Inherits:

Object

• Object
• Fling::Box

Defined in:

lib/fling/box.rb

Overview

Simple encryption with password-derived keys

Constant Summary

SALT_SIZE =

32

FINGERPRINT_SIZE =

32

SCRYPT_OPSLIMIT =

2**25

SCRYPT_MEMLIMIT =

2**30

Instance Attribute Summary

• #fingerprint ⇒ Object readonly

  Returns the value of attribute fingerprint.

• #key ⇒ Object readonly

  Returns the value of attribute key.

Class Method Summary

• .decrypt(password, ciphertext, options = {}) ⇒ Object
• .encrypt(password, plaintext, options = {}) ⇒ Object

Instance Method Summary

• #decrypt(ciphertext) ⇒ Object
• #encrypt(data = {}) ⇒ Object
• #initialize(password, salt, options = {}) ⇒ Box constructor

  A new instance of Box.

Constructor Details

#initialize(password, salt, options = {}) ⇒ Box

Returns a new instance of Box.

# File 'lib/fling/box.rb', line 28

def initialize(password, salt, options = {})
  opts = {
    scrypt_opslimit: SCRYPT_OPSLIMIT,
    scrypt_memlimit: SCRYPT_MEMLIMIT
  }.merge(options)

  @key = RbNaCl::PasswordHash.scrypt(
    password.force_encoding("BINARY"),
    salt.force_encoding("BINARY"),
    opts[:scrypt_opslimit],
    opts[:scrypt_memlimit],
    RbNaCl::SecretBox::KEYBYTES
  )

  @fingerprint = Encoding.encode(RbNaCl::Hash.blake2b(@key, digest_size: FINGERPRINT_SIZE))
end

Instance Attribute Details

#fingerprint ⇒ Object (readonly)

Returns the value of attribute fingerprint.

# File 'lib/fling/box.rb', line 7

def fingerprint
  @fingerprint
end

#key ⇒ Object (readonly)

Returns the value of attribute key.

# File 'lib/fling/box.rb', line 7

def key
  @key
end

Class Method Details

.decrypt(password, ciphertext, options = {}) ⇒ Object

# File 'lib/fling/box.rb', line 21

def self.decrypt(password, ciphertext, options = {})
  salt = ciphertext[0, SALT_SIZE]
  ciphertext = ciphertext[SALT_SIZE, ciphertext.length - SALT_SIZE]
  box = new(password, salt, options)
  box.decrypt(ciphertext)
end

.encrypt(password, plaintext, options = {}) ⇒ Object

# File 'lib/fling/box.rb', line 15

def self.encrypt(password, plaintext, options = {})
  salt = RbNaCl::Random.random_bytes(SALT_SIZE)
  box = new(password, salt, options)
  salt + box.encrypt(plaintext)
end

Instance Method Details

#decrypt(ciphertext) ⇒ Object

# File 'lib/fling/box.rb', line 57

def decrypt(ciphertext)
  json = encryption_box.decrypt(ciphertext.force_encoding("BINARY"))
  JSON.parse(json)
end

#encrypt(data = {}) ⇒ Object

# File 'lib/fling/box.rb', line 45

def encrypt(data = {})
  # Ensure data is a simple flat hash of strings
  data = data.map do |key, value|
    fail TypeError, "bad key: #{key.inspect}" unless key.is_a?(String) || key.is_a?(Symbol)
    fail TypeError, "bad value: #{value.inspect}" unless value.is_a?(String)
    [key.to_s, value]
  end.flatten

  json = JSON.generate(Hash[*data])
  encryption_box.encrypt(json.force_encoding("BINARY"))
end