Module: JWE
- Defined in:
- lib/jwe.rb,
lib/jwe/alg.rb,
lib/jwe/enc.rb,
lib/jwe/zip.rb,
lib/jwe/base64.rb,
lib/jwe/alg/dir.rb,
lib/jwe/version.rb,
lib/jwe/zip/def.rb,
lib/jwe/alg/rsa15.rb,
lib/jwe/alg/aes_kw.rb,
lib/jwe/enc/cipher.rb,
lib/jwe/alg/a128_kw.rb,
lib/jwe/alg/a192_kw.rb,
lib/jwe/alg/a256_kw.rb,
lib/jwe/enc/a128gcm.rb,
lib/jwe/enc/a192gcm.rb,
lib/jwe/enc/a256gcm.rb,
lib/jwe/enc/aes_gcm.rb,
lib/jwe/alg/rsa_oaep.rb,
lib/jwe/enc/aes_cbc_hs.rb,
lib/jwe/enc/a128cbc_hs256.rb,
lib/jwe/enc/a192cbc_hs384.rb,
lib/jwe/enc/a256cbc_hs512.rb,
lib/jwe/serialization/compact.rb
Overview
A ruby implementation of the RFC 7516 JSON Web Encryption (JWE) standard.
Defined Under Namespace
Modules: Alg, Base64, Enc, Serialization, Zip
Classes: BadCEK, DecodeError, InvalidData, NotImplementedError
Constant Summary
collapse
- VALID_ALG =
['RSA1_5', 'RSA-OAEP', 'RSA-OAEP-256', 'A128KW', 'A192KW', 'A256KW', 'dir', 'ECDH-ES', 'ECDH-ES+A128KW', 'ECDH-ES+A192KW', 'ECDH-ES+A256KW', 'A128GCMKW', 'A192GCMKW', 'A256GCMKW', 'PBES2-HS256+A128KW', 'PBES2-HS384+A192KW', 'PBES2-HS512+A256KW'].freeze
- VALID_ENC =
['A128CBC-HS256', 'A192CBC-HS384', 'A256CBC-HS512', 'A128GCM', 'A192GCM', 'A256GCM'].freeze
- VALID_ZIP =
['DEF'].freeze
- VERSION =
'0.4.0'.freeze
Class Method Summary
collapse
-
.apply_zip(header, data, direction) ⇒ Object
-
.check_alg(alg) ⇒ Object
-
.check_enc(enc) ⇒ Object
-
.check_key(key) ⇒ Object
-
.check_params(header, key) ⇒ Object
-
.check_zip(zip) ⇒ Object
-
.decrypt(payload, key) ⇒ Object
-
.encrypt(payload, key, alg: 'RSA-OAEP', enc: 'A128GCM', **more_headers) ⇒ Object
-
.generate_header(alg, enc, more) ⇒ Object
-
.generate_serialization(hdr, cek, content, cipher) ⇒ Object
-
.param_to_class_name(param) ⇒ Object
Class Method Details
.apply_zip(header, data, direction) ⇒ Object
80
81
82
83
84
85
86
87
|
# File 'lib/jwe.rb', line 80
def apply_zip(, data, direction)
zip = [:zip] || ['zip']
if zip
Zip.for(zip).new.send(direction, data)
else
data
end
end
|
.check_alg(alg) ⇒ Object
59
60
61
|
# File 'lib/jwe.rb', line 59
def check_alg(alg)
raise ArgumentError.new("\"#{alg}\" is not a valid alg method") unless VALID_ALG.include?(alg)
end
|
.check_enc(enc) ⇒ Object
63
64
65
|
# File 'lib/jwe.rb', line 63
def check_enc(enc)
raise ArgumentError.new("\"#{enc}\" is not a valid enc method") unless VALID_ENC.include?(enc)
end
|
.check_key(key) ⇒ Object
71
72
73
|
# File 'lib/jwe.rb', line 71
def check_key(key)
raise ArgumentError.new('The key must not be nil or blank') if key.nil? || (key.is_a?(String) && key.strip == '')
end
|
.check_params(header, key) ⇒ Object
52
53
54
55
56
57
|
# File 'lib/jwe.rb', line 52
def check_params(, key)
check_alg([:alg] || ['alg'])
check_enc([:enc] || ['enc'])
check_zip([:zip] || ['zip'])
check_key(key)
end
|
.check_zip(zip) ⇒ Object
67
68
69
|
# File 'lib/jwe.rb', line 67
def check_zip(zip)
raise ArgumentError.new("\"#{zip}\" is not a valid zip method") unless zip.nil? || zip == '' || VALID_ZIP.include?(zip)
end
|
.decrypt(payload, key) ⇒ Object
39
40
41
42
43
44
45
46
47
48
49
50
|
# File 'lib/jwe.rb', line 39
def decrypt(payload, key)
, enc_key, iv, ciphertext, tag = Serialization::Compact.decode(payload)
= JSON.parse()
check_params(, key)
cek = Alg.decrypt_cek(['alg'], key, enc_key)
cipher = Enc.for(['enc'], cek, iv, tag)
plaintext = cipher.decrypt(ciphertext, payload.split('.').first)
apply_zip(, plaintext, :decompress)
end
|
.encrypt(payload, key, alg: 'RSA-OAEP', enc: 'A128GCM', **more_headers) ⇒ Object
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
# File 'lib/jwe.rb', line 24
def encrypt(payload, key, alg: 'RSA-OAEP', enc: 'A128GCM', **)
= (alg, enc, )
check_params(, key)
payload = apply_zip(, payload, :compress)
cipher = Enc.for(enc)
cipher.cek = key if alg == 'dir'
json_hdr = .to_json
ciphertext = cipher.encrypt(payload, Base64.jwe_encode(json_hdr))
generate_serialization(json_hdr, Alg.encrypt_cek(alg, key, cipher.cek), ciphertext, cipher)
end
|
89
90
91
92
93
|
# File 'lib/jwe.rb', line 89
def (alg, enc, more)
= { alg: alg, enc: enc }.merge(more)
.delete(:zip) if [:zip] == ''
end
|
.generate_serialization(hdr, cek, content, cipher) ⇒ Object
95
96
97
|
# File 'lib/jwe.rb', line 95
def generate_serialization(hdr, cek, content, cipher)
Serialization::Compact.encode(hdr, cek, cipher.iv, content, cipher.tag)
end
|
.param_to_class_name(param) ⇒ Object
75
76
77
78
|
# File 'lib/jwe.rb', line 75
def param_to_class_name(param)
klass = param.gsub(/[-\+]/, '_').downcase.sub(/^[a-z\d]*/) { $&.capitalize }
klass.gsub(/_([a-z\d]*)/i) { Regexp.last_match(1).capitalize }
end
|