Module: JWE::Enc::AesGcm

Included in:

A128gcm, A192gcm, A256gcm

Defined in:

lib/jwe/enc/aes_gcm.rb

Defined Under Namespace

Modules: ClassMethods

Instance Attribute Summary

• #cek ⇒ Object

  Returns the value of attribute cek.

• #iv ⇒ Object

  Returns the value of attribute iv.

• #tag ⇒ Object

  Returns the value of attribute tag.

Class Method Summary

• .included(base) ⇒ Object

Instance Method Summary

• #cipher ⇒ Object
• #decrypt(ciphertext, authenticated_data) ⇒ Object
• #encrypt(cleartext, authenticated_data) ⇒ Object
• #initialize(cek = nil, iv = nil) ⇒ Object

Instance Attribute Details

#cek ⇒ Object

Returns the value of attribute cek.

# File 'lib/jwe/enc/aes_gcm.rb', line 4

def cek
  @cek
end

#iv ⇒ Object

Returns the value of attribute iv.

# File 'lib/jwe/enc/aes_gcm.rb', line 5

def iv
  @iv
end

#tag ⇒ Object

Returns the value of attribute tag.

# File 'lib/jwe/enc/aes_gcm.rb', line 6

def tag
  @tag
end

Class Method Details

.included(base) ⇒ Object

# File 'lib/jwe/enc/aes_gcm.rb', line 59

def self.included(base)
  base.extend(ClassMethods)
end

Instance Method Details

#cipher ⇒ Object

# File 'lib/jwe/enc/aes_gcm.rb', line 49

def cipher
  @cipher ||= OpenSSL::Cipher.new(cipher_name)
rescue RuntimeError
  raise JWE::NotImplementedError.new("The version of OpenSSL linked to your Ruby does not support the cipher #{cipher_name}.")
end

#decrypt(ciphertext, authenticated_data) ⇒ Object

# File 'lib/jwe/enc/aes_gcm.rb', line 27

def decrypt(ciphertext, authenticated_data)
  raise JWE::BadCEK.new("The supplied key is too short. Required length: #{key_length}") if cek.length < key_length

  cipher.decrypt
  cipher.key = cek
  cipher.iv = iv
  cipher.auth_tag = tag
  cipher.auth_data = authenticated_data

  cipher.update(ciphertext) + cipher.final
rescue OpenSSL::Cipher::CipherError
  raise JWE::InvalidData.new("Invalid ciphertext or authentication tag")
end

#encrypt(cleartext, authenticated_data) ⇒ Object

Raises:

• (JWE::BadCEK)

# File 'lib/jwe/enc/aes_gcm.rb', line 13

def encrypt(cleartext, authenticated_data)
  raise JWE::BadCEK.new("The supplied key is too short. Required length: #{key_length}") if cek.length < key_length

  cipher.encrypt
  cipher.key = cek
  cipher.iv = iv
  cipher.auth_data = authenticated_data

  ciphertext = cipher.update(cleartext) + cipher.final
  self.tag = cipher.auth_tag

  ciphertext
end

#initialize(cek = nil, iv = nil) ⇒ Object

# File 'lib/jwe/enc/aes_gcm.rb', line 8

def initialize(cek = nil, iv = nil)
  self.iv = iv
  self.cek = cek
end