Class: Sandal::Enc::Alg::RSA_OAEP

Inherits:

Object

Object
Sandal::Enc::Alg::RSA_OAEP

show all

Defined in:: lib/sandal/enc/alg/rsa_oaep.rb

Overview

The RSAES with OAEP key encryption mechanism.

Instance Attribute Summary collapse

#name ⇒ String readonly

The JWA name of the algorithm.

Instance Method Summary collapse

#decrypt_cmk(encrypted_cmk) ⇒ String

Decrypts the content master key.
#encrypt_cmk(cmk) ⇒ String

Encrypts the content master key.
#initialize(key) ⇒ RSA_OAEP constructor

Creates a new instance.

Constructor Details

#initialize(key) ⇒ `RSA_OAEP`

Creates a new instance.

encryption (public) or decryption (private). If the value is a String then it will be passed to the constructor of the RSA class. This must be at least 2048 bits to be compliant with the JWA specification.

# File 'lib/sandal/enc/alg/rsa_oaep.rb', line 19

def initialize(key)
  @name = 'RSA-OAEP'
  @key = key.is_a?(String) ? OpenSSL::PKey::RSA.new(key) : key
  @padding = OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING
end

Instance Attribute Details

#name ⇒ `String` (readonly)



11
12
13

# File 'lib/sandal/enc/alg/rsa_oaep.rb', line 11

def name
  @name
end

Instance Method Details

#decrypt_cmk(encrypted_cmk) ⇒ `String`

Decrypts the content master key.

Raises:

(Sandal::TokenError) —

The content master key can’t be decrypted.

# File 'lib/sandal/enc/alg/rsa_oaep.rb', line 38

def decrypt_cmk(encrypted_cmk)
  @key.private_decrypt(encrypted_cmk, @padding)
rescue
  raise Sandal::TokenError, 'Cannot decrypt content master key.'
end

#encrypt_cmk(cmk) ⇒ `String`

Encrypts the content master key.



29
30
31

# File 'lib/sandal/enc/alg/rsa_oaep.rb', line 29

def encrypt_cmk(cmk)
  @key.public_encrypt(cmk, @padding)
end