Class: Themis::ScellSealPassphrase
- Includes:
- ThemisCommon, ThemisImport
- Defined in:
- lib/rbthemis.rb
Overview
Secure Cell in Seal mode.
Constant Summary
Constants included from ThemisImport
ThemisImport::THEMIS_KEY_EC_PRIVATE, ThemisImport::THEMIS_KEY_EC_PUBLIC, ThemisImport::THEMIS_KEY_INVALID, ThemisImport::THEMIS_KEY_RSA_PRIVATE, ThemisImport::THEMIS_KEY_RSA_PUBLIC
Constants inherited from Scell
Themis::Scell::CONTEXT_IMPRINT_MODE, Themis::Scell::SEAL_MODE, Themis::Scell::TOKEN_PROTECT_MODE
Instance Method Summary collapse
-
#decrypt(message, context = nil) ⇒ Object
Decrypts message with given context.
-
#encrypt(message, context = nil) ⇒ Object
Encrypts message with given optional context.
-
#initialize(passphrase, encoding: Encoding::UTF_8) ⇒ ScellSealPassphrase
constructor
Make a new Secure Cell with given passphrase.
Methods included from ThemisCommon
empty?, string_to_pointer_size
Constructor Details
#initialize(passphrase, encoding: Encoding::UTF_8) ⇒ ScellSealPassphrase
Make a new Secure Cell with given passphrase. The passphrase must not be empty. If the passphrase is not binary it will be encoded in UTF-8 by default, you can use optional “encoding:” argument to use a different encoding.
648 649 650 651 652 653 654 655 656 |
# File 'lib/rbthemis.rb', line 648 def initialize(passphrase, encoding: Encoding::UTF_8) if empty? passphrase raise ThemisError, "passphrase cannot be empty" end if passphrase.encoding != Encoding::BINARY passphrase = passphrase.encode(encoding) end @passphrase, @passphrase_length = string_to_pointer_size(passphrase) end |
Instance Method Details
#decrypt(message, context = nil) ⇒ Object
Decrypts message with given context. The context must be the same as the one used during encryption, or be omitted or set to nil if no context were used. Decrypted message is returned as binary data.
696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 |
# File 'lib/rbthemis.rb', line 696 def decrypt(, context = nil) if empty? raise ThemisError, "message cannot be empty" end , = string_to_pointer_size() context_, context_length_ = context.nil? ? [nil, 0] : string_to_pointer_size(context) decrypted_length = FFI::MemoryPointer.new(:uint) res = themis_secure_cell_decrypt_seal_with_passphrase( @passphrase, @passphrase_length, context_, context_length_, , , nil, decrypted_length) if res != BUFFER_TOO_SMALL raise ThemisError.new(res), "decrypt failed" end = FFI::MemoryPointer.new(:char, decrypted_length.read_uint) res = themis_secure_cell_decrypt_seal_with_passphrase( @passphrase, @passphrase_length, context_, context_length_, , , , decrypted_length) if res != SUCCESS raise ThemisError.new(res), "decrypt failed" end .get_bytes(0, decrypted_length.read_uint) end |
#encrypt(message, context = nil) ⇒ Object
Encrypts message with given optional context. The context is cryptographically combined with message but is not included into encrypted data, you will need to provide the same context for decryption. Resulting encrypted message includes authentication token. Message must not be empty, but context may be omitted. Both message and context are treated as binary data.
664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 |
# File 'lib/rbthemis.rb', line 664 def encrypt(, context = nil) if empty? raise ThemisError, "message cannot be empty" end , = string_to_pointer_size() context_, context_length_ = context.nil? ? [nil, 0] : string_to_pointer_size(context) encrypted_length = FFI::MemoryPointer.new(:uint) res = themis_secure_cell_encrypt_seal_with_passphrase( @passphrase, @passphrase_length, context_, context_length_, , , nil, encrypted_length) if res != BUFFER_TOO_SMALL raise ThemisError.new(res), "encrypt failed" end = FFI::MemoryPointer.new(:char, encrypted_length.read_uint) res = themis_secure_cell_encrypt_seal_with_passphrase( @passphrase, @passphrase_length, context_, context_length_, , , , encrypted_length) if res != SUCCESS raise ThemisError.new(res), "encrypt failed" end .get_bytes(0, encrypted_length.read_uint) end |