Class: Noise::Functions::Cipher::AesGcm

Inherits:

Object

• Object
• Noise::Functions::Cipher::AesGcm

Defined in:

lib/noise/functions/cipher/aes_gcm.rb

Constant Summary

MAX_NONCE =

2**64 - 1

Instance Method Summary

• #decrypt(k, n, ad, ciphertext) ⇒ Object
• #encrypt(k, n, ad, plaintext) ⇒ Object
• #nonce_to_bytes(n) ⇒ Object
• #rekey(k) ⇒ Object

  Returns a new 32-byte cipher key as a pseudorandom function of k.

Instance Method Details

#decrypt(k, n, ad, ciphertext) ⇒ Object

# File 'lib/noise/functions/cipher/aes_gcm.rb', line 19

def decrypt(k, n, ad, ciphertext)
  cipher = OpenSSL::Cipher::AES.new(256, :GCM).decrypt
  cipher.key = k
  cipher.iv = nonce_to_bytes(n)
  cipher.auth_data = ad
  cipher.auth_tag = ciphertext[-16..-1]
  cipher.update(ciphertext[0...-16]) + cipher.final
rescue OpenSSL::Cipher::CipherError => e
  raise Noise::Exceptions::DecryptError.new(e)
end

#encrypt(k, n, ad, plaintext) ⇒ Object

# File 'lib/noise/functions/cipher/aes_gcm.rb', line 9

def encrypt(k, n, ad, plaintext)
  cipher = OpenSSL::Cipher::AES.new(256, :GCM).encrypt
  cipher.key = k
  cipher.iv = nonce_to_bytes(n)
  cipher.auth_data = ad
  cipher.update(plaintext) + cipher.final + cipher.auth_tag
rescue OpenSSL::Cipher::CipherError => e
  raise Noise::Exceptions::EncryptError.new(e)
end

#nonce_to_bytes(n) ⇒ Object

# File 'lib/noise/functions/cipher/aes_gcm.rb', line 30

def nonce_to_bytes(n)
  "\x00" * 4 + format('%16x', n).htb
end

#rekey(k) ⇒ Object

Returns a new 32-byte cipher key as a pseudorandom function of k. If this function is not specifically defined for some set of cipher functions, then it defaults to returning the first 32 bytes from ENCRYPT(k,maxnonce, zerolen, zeros), where maxnonce equals 264-1, zerolen is a zero-length byte sequence, and zeros is a sequence of 32 bytes filled with zeros.

# File 'lib/noise/functions/cipher/aes_gcm.rb', line 40

def rekey(k)
  encrypt(k, MAX_NONCE, '', "\x00" * 32)[0...32]
end