Module: JWE::Enc::AesGcm

Included in:
A128gcm, A192gcm, A256gcm
Defined in:
lib/jwe/enc/aes_gcm.rb

Overview

Abstract AES in Galois Counter mode for different key sizes.

Defined Under Namespace

Modules: ClassMethods

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#cekObject

Returns the value of attribute cek


7
8
9
# File 'lib/jwe/enc/aes_gcm.rb', line 7

def cek
  @cek
end

#ivObject

Returns the value of attribute iv


8
9
10
# File 'lib/jwe/enc/aes_gcm.rb', line 8

def iv
  @iv
end

#tagObject

Returns the value of attribute tag


9
10
11
# File 'lib/jwe/enc/aes_gcm.rb', line 9

def tag
  @tag
end

Class Method Details

.included(base) ⇒ Object


59
60
61
# File 'lib/jwe/enc/aes_gcm.rb', line 59

def self.included(base)
  base.extend(ClassMethods)
end

Instance Method Details

#cipherObject


51
52
53
# File 'lib/jwe/enc/aes_gcm.rb', line 51

def cipher
  @cipher ||= Cipher.for(cipher_name)
end

#decrypt(ciphertext, authenticated_data) ⇒ Object


26
27
28
29
30
31
32
33
# File 'lib/jwe/enc/aes_gcm.rb', line 26

def decrypt(ciphertext, authenticated_data)
  raise JWE::BadCEK, "The supplied key is too short. Required length: #{key_length}" if cek.length < key_length

  setup_cipher(:decrypt, authenticated_data)
  cipher.update(ciphertext) + cipher.final
rescue OpenSSL::Cipher::CipherError
  raise JWE::InvalidData, 'Invalid ciphertext or authentication tag'
end

#encrypt(cleartext, authenticated_data) ⇒ Object

Raises:


16
17
18
19
20
21
22
23
24
# File 'lib/jwe/enc/aes_gcm.rb', line 16

def encrypt(cleartext, authenticated_data)
  raise JWE::BadCEK, "The supplied key is too short. Required length: #{key_length}" if cek.length < key_length

  setup_cipher(:encrypt, authenticated_data)
  ciphertext = cipher.update(cleartext) + cipher.final
  self.tag = cipher.auth_tag

  ciphertext
end

#initialize(cek = nil, iv = nil) ⇒ Object


11
12
13
14
# File 'lib/jwe/enc/aes_gcm.rb', line 11

def initialize(cek = nil, iv = nil)
  self.iv = iv
  self.cek = cek
end

#setup_cipher(direction, auth_data) ⇒ Object


35
36
37
38
39
40
41
# File 'lib/jwe/enc/aes_gcm.rb', line 35

def setup_cipher(direction, auth_data)
  cipher.send(direction)
  cipher.key = cek
  cipher.iv = iv
  cipher.auth_tag = tag if direction == :decrypt
  cipher.auth_data = auth_data
end