Class: Sandal::Enc::Alg::RSA1_5

Inherits:

Object

• Object
• Sandal::Enc::Alg::RSA1_5

Defined in:

lib/sandal/enc/alg/rsa1_5.rb

Overview

The RSAES-PKCS1-V1_5 key encryption mechanism.

Instance Attribute Summary

• #name ⇒ String readonly

  The JWA name of the algorithm.

Instance Method Summary

• #decrypt_cmk(encrypted_cmk) ⇒ String

  Decrypts the content master key.

• #encrypt_cmk(cmk) ⇒ String

  Encrypts the content master key.

• #initialize(key) ⇒ RSA1_5 constructor

  Creates a new instance.

Constructor Details

#initialize(key) ⇒ RSA1_5

Creates a new instance.

encryption (public) or decryption (private). If the value is a String then it will be passed to the constructor of the RSA class. This must be at least 2048 bits to be compliant with the JWA specification.

Parameters:

• key (OpenSSL::PKey::RSA or String) —

  The key to use for CMK

# File 'lib/sandal/enc/alg/rsa1_5.rb', line 19

def initialize(key)
  @name = 'RSA1_5'
  @key = key.is_a?(String) ? OpenSSL::PKey::RSA.new(key) : key
end

Instance Attribute Details

#name ⇒ String (readonly)

Returns The JWA name of the algorithm.

Returns:

• (String) —

  The JWA name of the algorithm.

# File 'lib/sandal/enc/alg/rsa1_5.rb', line 11

def name
  @name
end

Instance Method Details

#decrypt_cmk(encrypted_cmk) ⇒ String

Decrypts the content master key.

Parameters:

• encrypted_cmk (String) —

  The encrypted content master key.

Returns:

• (String) —

  The pre-shared content master key.

Raises:

• (Sandal::TokenError) —

  The content master key can’t be decrypted.

# File 'lib/sandal/enc/alg/rsa1_5.rb', line 37

def decrypt_cmk(encrypted_cmk)
  @key.private_decrypt(encrypted_cmk)
rescue
  raise Sandal::TokenError, 'Cannot decrypt content master key.'
end

#encrypt_cmk(cmk) ⇒ String

Encrypts the content master key.

Parameters:

• cmk (String) —

  The content master key.

Returns:

• (String) —

  The encrypted content master key.

# File 'lib/sandal/enc/alg/rsa1_5.rb', line 28

def encrypt_cmk(cmk)
  @key.public_encrypt(cmk)
end