Class: RSA_AES_CBC
- Inherits:
-
Object
- Object
- RSA_AES_CBC
- Defined in:
- lib/rsa_aes_cbc.rb
Overview
Simple hybrid crypto class using RSA for public key encryption and AES with CBC for bulk data encryption/decryption.
RSA is used to encrypt the AES primitives which are used to encrypt the plaintext.
@author: Tasos “Zapotek” Laskos
<tasos.laskos@gmail.com>
<zapotek@segfault.gr>
@version: 0.1
Instance Method Summary collapse
-
#decrypt(data) ⇒ String
Decrypts data.
-
#encrypt(data) ⇒ String
Encrypts data and returns a Base64 representation of the ciphertext and AES CBC primitives encrypted using the public key.
-
#initialize(public_pem, private_pem = nil) ⇒ RSA_AES_CBC
constructor
If only encryption is required the private key parameter can be omitted.
Constructor Details
#initialize(public_pem, private_pem = nil) ⇒ RSA_AES_CBC
If only encryption is required the private key parameter can be omitted.
47 48 49 50 |
# File 'lib/rsa_aes_cbc.rb', line 47 def initialize(public_pem, private_pem = nil) @public_pem = public_pem @private_pem = private_pem end |
Instance Method Details
#decrypt(data) ⇒ String
Decrypts data.
92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 |
# File 'lib/rsa_aes_cbc.rb', line 92 def decrypt(data) rsa = OpenSSL::PKey::RSA.new(@private_pem) # decrypt with 256 bit AES with CBC aes = OpenSSL::Cipher.new('aes-256-cbc') aes.decrypt # unencode and unserialize to get the primitives and ciphertext primitives = YAML.load(Base64.decode64(data)) aes.key = rsa.private_decrypt(primitives['key']) aes.iv = rsa.private_decrypt(primitives['iv']) plaintext = aes.update(primitives['ciphertext']) plaintext << aes.final plaintext end |
#encrypt(data) ⇒ String
Encrypts data and returns a Base64 representation of the ciphertext and AES CBC primitives encrypted using the public key.
61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 |
# File 'lib/rsa_aes_cbc.rb', line 61 def encrypt(data) rsa = OpenSSL::PKey::RSA.new(@public_pem) # encrypt with 256 bit AES with CBC aes = OpenSSL::Cipher.new('aes-256-cbc') aes.encrypt # use random key and IV aes.key = key = aes.random_key aes.iv = iv = aes.random_iv # this will hold all primitives and ciphertext primitives = {} primitives['ciphertext'] = aes.update(data) primitives['ciphertext'] << aes.final primitives['key'] = rsa.public_encrypt(key) primitives['iv'] = rsa.public_encrypt(iv) # serialize everything and base64 encode it Base64.strict_encode64(primitives.to_yaml) end |