Class: RbNaCl::Auth

Inherits:
Object
  • Object
show all
Defined in:
lib/rbnacl/auth.rb

Overview

Secret Key Authenticators

These provide a means of verifying the integrity of a message, but only with the knowledge of a shared key. This can be a preshared key, or one that is derived through some cryptographic protocol.

Constant Summary collapse

KEYBYTES =

Number of bytes in a valid key

0
BYTES =

Number of bytes in a valid authenticator

0

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(key) ⇒ Auth

A new authenticator, ready for auth and verification

Parameters:

  • key (#to_str)

    the key used for authenticators, 32 bytes.


23
24
25
# File 'lib/rbnacl/auth.rb', line 23

def initialize(key)
  @key = Util.check_string(key, key_bytes, "#{self.class} key")
end

Class Method Details

.auth(key, message) ⇒ String

Compute authenticator for message

Parameters:

  • key (#to_str)

    the key used for the authenticator

  • message (#to_str)

    message to construct an authenticator for

Returns:

  • (String)

    The authenticator, as raw bytes


33
34
35
# File 'lib/rbnacl/auth.rb', line 33

def self.auth(key, message)
  new(key).auth(message)
end

.key_bytesInteger

The number of key bytes for this Auth class

Returns:

  • (Integer)

    number of key bytes


88
89
90
# File 'lib/rbnacl/auth.rb', line 88

def self.key_bytes
  self::KEYBYTES
end

.tag_bytesInteger

The number bytes in the tag or authenticator from this Auth class

Returns:

  • (Integer)

    number of tag bytes


102
103
104
# File 'lib/rbnacl/auth.rb', line 102

def self.tag_bytes
  self::BYTES
end

.verify(key, authenticator, message) ⇒ Boolean

Verifies the given authenticator with the message.

Parameters:

  • key (#to_str)

    the key used for the authenticator

  • authenticator (#to_str)

    to be checked

  • message (#to_str)

    the message to be authenticated

Returns:

  • (Boolean)

    Was it valid?

Raises:


47
48
49
# File 'lib/rbnacl/auth.rb', line 47

def self.verify(key, authenticator, message)
  new(key).verify(authenticator, message)
end

Instance Method Details

#auth(message) ⇒ String

Compute authenticator for message

Parameters:

  • message (#to_str)

    the message to authenticate

Returns:

  • (String)

    the authenticator as raw bytes


56
57
58
59
60
61
# File 'lib/rbnacl/auth.rb', line 56

def auth(message)
  authenticator = Util.zeros(tag_bytes)
  message = message.to_str
  compute_authenticator(authenticator, message)
  authenticator
end

#key_bytesInteger

The number of key bytes for this Auth instance

Returns:

  • (Integer)

    number of key bytes


95
96
97
# File 'lib/rbnacl/auth.rb', line 95

def key_bytes
  self.class.key_bytes
end

#primitiveSymbol

The crypto primitive for this authenticator instance

Returns:

  • (Symbol)

    The primitive used


81
82
83
# File 'lib/rbnacl/auth.rb', line 81

def primitive
  self.class.primitive
end

#tag_bytesInteger

The number of bytes in the tag or authenticator for this Auth instance

Returns:

  • (Integer)

    number of tag bytes


109
110
111
# File 'lib/rbnacl/auth.rb', line 109

def tag_bytes
  self.class.tag_bytes
end

#verify(authenticator, message) ⇒ Boolean

Verifies the given authenticator with the message.

Parameters:

  • authenticator (#to_str)

    to be checked

  • message (#to_str)

    the message to be authenticated

Returns:

  • (Boolean)

    Was it valid?

Raises:


72
73
74
75
76
# File 'lib/rbnacl/auth.rb', line 72

def verify(authenticator, message)
  auth = authenticator.to_s
  Util.check_length(auth, tag_bytes, "Provided authenticator")
  verify_message(auth, message) || raise(BadAuthenticatorError, "Invalid authenticator provided, message is corrupt")
end