Class: SafeDb::KeyIV

Inherits:

Object

• Object
• SafeDb::KeyIV

Defined in:

lib/utils/keys/random.iv.rb

Overview

Create and deliver representations of a random initialization vector suitable for the AES symmetric encryption algorithm which demands a 18 byte binary string.

The initialization vector is sourced from SecureRandom which provides a highly random (and secure) byte sequence usually sourced from udev-random.

+ ------------------ + -------- + ------------ + ------------------- +
| Random IV Format   | Bits     | Bytes        | Base64              |
| ------------------ | -------- | ------------ | ------------------- |
| Random IV Stored   | 192 Bits | 24 bytes     | 32 characters       |
| Random IV Binary   | 128 Bits | 16 bytes     | (not stored)        |
+ ------------------ + -------- + ------------ + ------------------- +

This table shows that the initialization vector can be represented by both a 32 character base64 string suitable for storage and a 18 byte binary for feeding the algorithm.

Constant Summary

NO_OF_BASE64_CHARS =

The 24 random bytes is equivalent to 192 bits which when sliced into 6 bit blocks (one for each base64 character) results in 32 base64 characters.

32

NO_OF_SOURCE_BYTES =

We ask for 24 secure random bytes that are individually created to ensure we get exactly the right number.

24

NO_OF_BINARY_BYTES =

We truncate the source random bytes so that 16 bytes are returned for the random initialization vector.

16

Class Method Summary

• .in_binary(iv_base64_chars) ⇒ String

  + —————- + ——– + ———— + ——————- + | Random IV Binary | 128 Bits | 16 bytes | (not stored) | + —————- + ——– + ———— + ——————- +.

Instance Method Summary

• #for_storage ⇒ String

  When the storage format is requested a 32 character base64 string is returned - created from the initialized 24 secure random bytes.

• #initialize ⇒ KeyIV constructor

  Initialize an initialization vector from a source of random bytes which can then be presented in both a (base64) storage format and a binary string format.

Constructor Details

#initialize ⇒ KeyIV

Initialize an initialization vector from a source of random bytes which can then be presented in both a (base64) storage format and a binary string format.

+ ------------------ + -------- + ------------ + ------------------- +
| Random IV Format   | Bits     | Bytes        | Base64              |
| ------------------ | -------- | ------------ | ------------------- |
| Random IV Stored   | 192 Bits | 24 bytes     | 32 characters       |
| Random IV Binary   | 128 Bits | 16 bytes     | (not stored)        |
+ ------------------ + -------- + ------------ + ------------------- +

We ask for 24 secure random bytes that are individually created to ensure we get exactly the right number.

If the storage format is requested a 32 character base64 string is returned but if the binary form is requested the first 16 bytes are issued.

# File 'lib/utils/keys/random.iv.rb', line 55

def initialize
  @bit_string = Key.to_random_bits( NO_OF_SOURCE_BYTES )
end

Class Method Details

.in_binary(iv_base64_chars) ⇒ String

+ —————- + ——– + ———— + ——————- +

| Random IV Binary | 128 Bits | 16 bytes     | (not stored)        |
+ ---------------- + -------- + ------------ + ------------------- +

Parameters:

• iv_base64_chars (String) —

  the 32 characters in base64 format that will be converted into a binary string (24 byte) representation and then truncated to 16 bytes and outputted in binary form.

Returns:

• (String) —

  a 16 byte binary string is returned.

Raises:

• (ArgumentError) —

  if a 32 base64 characters are not presented in the parameter.

# File 'lib/utils/keys/random.iv.rb', line 89

def self.in_binary iv_base64_chars

  b64_msg = "Expected #{NO_OF_BASE64_CHARS} base64 chars not #{iv_base64_chars.length}."
  raise ArgumentError, b64_msg unless iv_base64_chars.length == NO_OF_BASE64_CHARS

  binary_string = Key.to_binary_from_bit_string( Key64.to_bits( iv_base64_chars ) )

  bin_msg = "Expected #{NO_OF_SOURCE_BYTES} binary bytes not #{binary_string.length}."
  raise RuntimeError, bin_msg unless binary_string.length == NO_OF_SOURCE_BYTES

  return binary_string[ 0 .. ( NO_OF_BINARY_BYTES - 1 ) ]

end

Instance Method Details

#for_storage ⇒ String

When the storage format is requested a 32 character base64 string is returned - created from the initialized 24 secure random bytes.

+ ---------------- + -------- + ------------ + ------------------- +
| Random IV Stored | 192 Bits | 24 bytes     | 32 characters       |
+ ---------------- + -------- + ------------ + ------------------- +

Returns:

• (String) —

  a 32 character base64 formatted string is returned.

# File 'lib/utils/keys/random.iv.rb', line 69

def for_storage
  return Key64.from_bits( @bit_string )
end