Class: LightJWT::JWA::JWE

Inherits:
Object
  • Object
show all
Defined in:
lib/light_jwt/jwa/jwe.rb

Constant Summary collapse

RSA_KEY_MANAGEMENT_ALGORITHMS = 
%w[RSA1_5 RSA-OAEP].freeze
CONTENT_ENCRYPTION_ALGORITHMS = 
{
  'A128GCM' => { key_length: 16, cipher: 'aes-128-gcm', iv_length: 12 },
  'A256GCM' => { key_length: 32, cipher: 'aes-256-gcm', iv_length: 12 }
}.freeze
SUPPORTED_ALGORITHMS = 
RSA_KEY_MANAGEMENT_ALGORITHMS.product(CONTENT_ENCRYPTION_ALGORITHMS.keys)

Class Method Summary collapse

Class Method Details

.decrypt(alg, enc, encrypted_key, iv, ciphertext, auth_tag, private_key) ⇒ Object 



27
28
29
30
31
32
 
# File 'lib/light_jwt/jwa/jwe.rb', line 27

def decrypt(alg, enc, encrypted_key, iv, ciphertext, auth_tag, private_key)
  validate_algorithms(alg, enc)

  cek = rsa_decrypt_key(alg, encrypted_key, private_key)
  aes_gcm_decrypt(enc, cek, iv, ciphertext, auth_tag)
end

.encrypt(alg, enc, plaintext, public_key) ⇒ Object 



17
18
19
20
21
22
23
24
25
 
# File 'lib/light_jwt/jwa/jwe.rb', line 17

def encrypt(alg, enc, plaintext, public_key)
  validate_algorithms(alg, enc)

  cek = generate_cek(enc)
  encrypted_key = rsa_encrypt_key(alg, cek, public_key)
  iv, ciphertext, auth_tag = aes_gcm_encrypt(enc, cek, plaintext)

  { encrypted_key:, iv:, ciphertext:, auth_tag: }
end

.supported_algorithmsObject 



34
35
36
 
# File 'lib/light_jwt/jwa/jwe.rb', line 34

def supported_algorithms
  SUPPORTED_ALGORITHMS.map { |alg, enc| { alg: alg, enc: enc } }
end