Class: Sandal::Enc::ACBC_HS

Inherits:

Object

Object
Sandal::Enc::ACBC_HS

show all

Defined in:: lib/sandal/enc/acbc_hs.rb

Overview

Base implementation of the AES/CBC+HMAC-SHA family of encryption algorithms.

Direct Known Subclasses

A128CBC_HS256, A256CBC_HS512

Instance Attribute Summary collapse

#alg ⇒ Object readonly

The JWA algorithm used to encrypt the content master key.
#name ⇒ Object readonly

The JWA name of the encryption.

Instance Method Summary collapse

#decrypt(parts, decoded_parts) ⇒ Object
#encrypt(header, payload) ⇒ Object
#initialize(aes_size, sha_size, alg) ⇒ ACBC_HS constructor

Creates a new instance; it’s probably easier to use one of the subclass constructors.

Constructor Details

#initialize(aes_size, sha_size, alg) ⇒ `ACBC_HS`

Creates a new instance; it’s probably easier to use one of the subclass constructors.

Parameters:

aes_size (Integer) —

The size of the AES algorithm.
sha_size (Integer) —

The size of the SHA algorithm.
alg (#name, #encrypt_cmk, #decrypt_cmk) —

The algorithm to use to encrypt and/or decrypt the AES key.

# File 'lib/sandal/enc/acbc_hs.rb', line 25

def initialize(aes_size, sha_size, alg)
  @aes_size = aes_size
  @sha_size = sha_size
  @name = "A#{aes_size}CBC+HS#{@sha_size}"
  @cipher_name = "aes-#{aes_size}-cbc"
  @alg = alg
  @digest = OpenSSL::Digest.new("sha#{@sha_size}")
end

Instance Attribute Details

#alg ⇒ `Object` (readonly)

The JWA algorithm used to encrypt the content master key.



16
17
18

# File 'lib/sandal/enc/acbc_hs.rb', line 16

def alg
  @alg
end

#name ⇒ `Object` (readonly)

The JWA name of the encryption.



13
14
15

# File 'lib/sandal/enc/acbc_hs.rb', line 13

def name
  @name
end

Instance Method Details

#decrypt(parts, decoded_parts) ⇒ `Object`

# File 'lib/sandal/enc/acbc_hs.rb', line 51

def decrypt(parts, decoded_parts)
  cmk = @alg.decrypt_cmk(decoded_parts[1])
  
  cik = derive_integrity_key(cmk)
  integrity_value = compute_integrity_value(cik, parts.take(4).join('.'))
  unless jwt_strings_equal?(decoded_parts[4], integrity_value)
    raise Sandal::TokenError, 'Invalid integrity value.'
  end

  cipher = OpenSSL::Cipher.new(@cipher_name).decrypt
  begin
    cipher.key = derive_encryption_key(cmk)
    cipher.iv = decoded_parts[2]
    cipher.update(decoded_parts[3]) + cipher.final
  rescue OpenSSL::Cipher::CipherError
    raise Sandal::TokenError, 'Invalid token.'
  end
end

#encrypt(header, payload) ⇒ `Object`

# File 'lib/sandal/enc/acbc_hs.rb', line 34

def encrypt(header, payload)
  cipher = OpenSSL::Cipher.new(@cipher_name).encrypt
  cmk = @alg.respond_to?(:cmk) ? @alg.cmk : cipher.random_key
  encrypted_key = @alg.encrypt_cmk(cmk)

  cipher.key = derive_encryption_key(cmk) 
  iv = cipher.random_iv
  ciphertext = cipher.update(payload) + cipher.final

  sec_parts = [MultiJson.dump(header), encrypted_key, iv, ciphertext]
  sec_input = sec_parts.map { |part| jwt_base64_encode(part) }.join('.')
  cik = derive_integrity_key(cmk)
  integrity_value = compute_integrity_value(cik, sec_input)

  sec_input << '.' << jwt_base64_encode(integrity_value)
end