Class: Sandal::Enc::AGCM

Inherits:

Object

Object
Sandal::Enc::AGCM

show all

Defined in:: lib/sandal/enc/agcm.rb

Overview

Base implementation of the AES/GCM family of encryption algorithms.

Direct Known Subclasses

A128GCM, A256GCM

Instance Attribute Summary collapse

#alg ⇒ Object readonly

The JWA algorithm used to encrypt the content master key.
#name ⇒ Object readonly

The JWA name of the encryption.

Instance Method Summary collapse

#decrypt(parts, decoded_parts) ⇒ Object
#encrypt(header, payload) ⇒ Object
#initialize(aes_size, alg) ⇒ AGCM constructor

A new instance of AGCM.

Constructor Details

#initialize(aes_size, alg) ⇒ `AGCM`

Returns a new instance of AGCM.

# File 'lib/sandal/enc/agcm.rb', line 17

def initialize(aes_size, alg)
  @aes_size = aes_size
  @name = "A#{aes_size}GCM"
  @cipher_name = "aes-#{aes_size}-gcm"
  @alg = alg
end

Instance Attribute Details

#alg ⇒ `Object` (readonly)

The JWA algorithm used to encrypt the content master key.



15
16
17

# File 'lib/sandal/enc/agcm.rb', line 15

def alg
  @alg
end

#name ⇒ `Object` (readonly)

The JWA name of the encryption.



12
13
14

# File 'lib/sandal/enc/agcm.rb', line 12

def name
  @name
end

Instance Method Details

#decrypt(parts, decoded_parts) ⇒ `Object`

# File 'lib/sandal/enc/agcm.rb', line 42

def decrypt(parts, decoded_parts)
  cipher = OpenSSL::Cipher.new(@cipher_name).decrypt
  begin
    cipher.key = @alg.decrypt_cmk(decoded_parts[1])
    cipher.iv = decoded_parts[2]
    cipher.auth_tag = decoded_parts[4]
    cipher.auth_data = parts.take(3).join('.')
    cipher.update(decoded_parts[3]) + cipher.final
  rescue OpenSSL::Cipher::CipherError
    raise Sandal::TokenError, 'Invalid token.'
  end
end

#encrypt(header, payload) ⇒ `Object`

# File 'lib/sandal/enc/agcm.rb', line 24

def encrypt(header, payload)
  cipher = OpenSSL::Cipher.new(@cipher_name).encrypt
  cmk = @alg.respond_to?(:cmk) ? @alg.cmk : cipher.random_key
  encrypted_key = @alg.encrypt_cmk(cmk)

  cipher.key = cmk
  iv = cipher.random_iv

  auth_parts = [MultiJson.dump(header), encrypted_key, iv]
  auth_data = auth_parts.map { |part| jwt_base64_encode(part) }.join('.')
  cipher.auth_data  = auth_data

  ciphertext = cipher.update(payload) + cipher.final
  remaining_parts = [ciphertext, cipher.auth_tag]
  remaining_parts.map! { |part| jwt_base64_encode(part) }
  [auth_data, *remaining_parts].join('.')
end