Class: Themis::ScellContextImprint
- Includes:
- ThemisCommon, ThemisImport
- Defined in:
- lib/rbthemis.rb
Overview
Secure Cell in Context Imprint mode.
Constant Summary
Constants included from ThemisImport
ThemisImport::THEMIS_KEY_EC_PRIVATE, ThemisImport::THEMIS_KEY_EC_PUBLIC, ThemisImport::THEMIS_KEY_INVALID, ThemisImport::THEMIS_KEY_RSA_PRIVATE, ThemisImport::THEMIS_KEY_RSA_PUBLIC
Constants inherited from Scell
Themis::Scell::CONTEXT_IMPRINT_MODE, Themis::Scell::SEAL_MODE, Themis::Scell::TOKEN_PROTECT_MODE
Instance Method Summary collapse
-
#decrypt(message, context) ⇒ Object
Decrypts message with given context.
-
#encrypt(message, context) ⇒ Object
Encrypts message with given context.
-
#initialize(key) ⇒ ScellContextImprint
constructor
Make a new Secure Cell with given key.
Methods included from ThemisCommon
empty?, string_to_pointer_size
Constructor Details
#initialize(key) ⇒ ScellContextImprint
Make a new Secure Cell with given key. The key must not be empty and is treated as binary data. You can use Themis::gen_sym_key to generate new keys.
834 835 836 837 838 839 |
# File 'lib/rbthemis.rb', line 834 def initialize(key) if empty? key raise ThemisError, "key cannot be empty" end @key, @key_length = string_to_pointer_size(key) end |
Instance Method Details
#decrypt(message, context) ⇒ Object
Decrypts message with given context. The context must be the same as the one used during encryption. Since Context Imprint mode does not include authentication data, integrity of the resulting message is not guaranteed. You need to verify it via some other means. Decrypted message is returned as binary data.
884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 |
# File 'lib/rbthemis.rb', line 884 def decrypt(, context) if empty? raise ThemisError, "message cannot be empty" end if empty? context raise ThemisError, "message cannot be empty" end , = string_to_pointer_size() context_, context_length_ = context.nil? ? [nil, 0] : string_to_pointer_size(context) decrypted_length = FFI::MemoryPointer.new(:uint) res = themis_secure_cell_decrypt_context_imprint( @key, @key_length, , , context_, context_length_, nil, decrypted_length) if res != BUFFER_TOO_SMALL raise ThemisError.new(res), "decrypt failed" end = FFI::MemoryPointer.new(:char, decrypted_length.read_uint) res = themis_secure_cell_decrypt_context_imprint( @key, @key_length, , , context_, context_length_, , decrypted_length) if res != SUCCESS raise ThemisError.new(res), "decrypt failed" end .get_bytes(0, decrypted_length.read_uint) end |
#encrypt(message, context) ⇒ Object
Encrypts message with given context. The context is cryptographically combined with message but is not included into encrypted data, you will need to provide the same context for decryption. Resulting encrypted message has the same length as input and does not include authentication data, so its integrity cannot be verified. Message and context must not be empty, both are treated as binary data.
847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 |
# File 'lib/rbthemis.rb', line 847 def encrypt(, context) if empty? raise ThemisError, "message cannot be empty" end if empty? context raise ThemisError, "context cannot be empty" end , = string_to_pointer_size() context_, context_length_ = context.nil? ? [nil, 0] : string_to_pointer_size(context) encrypted_length = FFI::MemoryPointer.new(:uint) res = themis_secure_cell_encrypt_context_imprint( @key, @key_length, , , context_, context_length_, nil, encrypted_length) if res != BUFFER_TOO_SMALL raise ThemisError.new(res), "encrypt failed" end = FFI::MemoryPointer.new(:char, encrypted_length.read_uint) res = themis_secure_cell_encrypt_context_imprint( @key, @key_length, , , context_, context_length_, , encrypted_length) if res != SUCCESS raise ThemisError.new(res), "encrypt failed" end .get_bytes(0, encrypted_length.read_uint) end |