Class: Sandal::Enc::Alg::RSA_OAEP

Inherits:

Object

• Object
• Sandal::Enc::Alg::RSA_OAEP

Defined in:

lib/sandal/enc/alg/rsa_oaep.rb

Overview

The RSAES with OAEP key encryption mechanism.

Instance Attribute Summary

• #name ⇒ String readonly

  The JWA name of the algorithm.

Instance Method Summary

• #decrypt_cmk(encrypted_cmk) ⇒ String

  Decrypts the content master key.

• #encrypt_cmk(cmk) ⇒ String

  Encrypts the content master key.

• #initialize(key) ⇒ RSA_OAEP constructor

  Creates a new instance.

Constructor Details

#initialize(key) ⇒ RSA_OAEP

Creates a new instance.

Parameters:

• key (OpenSSL::PKey::RSA) —

  The RSA public key used to protect the content master key.

# File 'lib/sandal/enc/alg/rsa_oaep.rb', line 16

def initialize(key)
  @name = 'RSA-OAEP'
  @key = key
  @padding = OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING
end

Instance Attribute Details

#name ⇒ String (readonly)

Returns The JWA name of the algorithm.

Returns:

• (String) —

  The JWA name of the algorithm.

# File 'lib/sandal/enc/alg/rsa_oaep.rb', line 11

def name
  @name
end

Instance Method Details

#decrypt_cmk(encrypted_cmk) ⇒ String

Decrypts the content master key.

Parameters:

• encrypted_cmk (String) —

  The encrypted content master key.

Returns:

• (String) —

  The pre-shared content master key.

Raises:

• (Sandal::TokenError) —

  The content master key cannot be decrypted.

# File 'lib/sandal/enc/alg/rsa_oaep.rb', line 35

def decrypt_cmk(encrypted_cmk)
  @key.private_decrypt(encrypted_cmk, @padding)
rescue
  raise Sandal::TokenError, 'Failed to decrypt the content master key.'
end

#encrypt_cmk(cmk) ⇒ String

Encrypts the content master key.

Parameters:

• cmk (String) —

  The content master key.

Returns:

• (String) —

  The encrypted content master key.

# File 'lib/sandal/enc/alg/rsa_oaep.rb', line 26

def encrypt_cmk(cmk)
  @key.public_encrypt(cmk, @padding)
end