Class: Cryptor::SymmetricEncryption

Inherits:
Object
  • Object
show all
Defined in:
lib/cryptor/symmetric_encryption.rb,
lib/cryptor/symmetric_encryption/cipher.rb,
lib/cryptor/symmetric_encryption/keyring.rb,
lib/cryptor/symmetric_encryption/secret_key.rb,
lib/cryptor/symmetric_encryption/ciphers/xsalsa20poly1305.rb,
lib/cryptor/symmetric_encryption/ciphers/message_encryptor.rb

Overview

Easy-to-use authenticated symmetric encryption

Defined Under Namespace

Modules: Ciphers Classes: Cipher, Keyring, SecretKey

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(active_key, options = {}) ⇒ SymmetricEncryption

Returns a new instance of SymmetricEncryption.



15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'lib/cryptor/symmetric_encryption.rb', line 15

def initialize(active_key, options = {})
  @active_key = active_key.is_a?(SecretKey) ? active_key : SecretKey.new(active_key)
  @keyring    = nil

  options.each do |name, value|
    if name == :keyring
      @keyring = Keyring.new(@active_key, *value)
    else fail ArgumentError, "unknown option: #{name}"
    end
  end

  @keyring ||= Keyring.new(active_key)
end

Class Method Details

.random_key(cipher) ⇒ Object 



11
12
13
 
# File 'lib/cryptor/symmetric_encryption.rb', line 11

def self.random_key(cipher)
  Cipher[cipher].random_key
end

Instance Method Details

#decrypt(ciphertext) ⇒ Object 



42
43
44
45
46
47
48
49
 
# File 'lib/cryptor/symmetric_encryption.rb', line 42

def decrypt(ciphertext)
  message = parse(ciphertext)
  fingerprint = message['Key-Fingerprint']
  fail InvalidMessageError, 'no key fingerprint in message' unless fingerprint

  key = @keyring[fingerprint]
  key.decrypt message.body
end

#encrypt(plaintext) ⇒ Object 



29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'lib/cryptor/symmetric_encryption.rb', line 29

def encrypt(plaintext)
  ciphertext = @active_key.encrypt(plaintext)
  base64     = Base64.strict_encode64(ciphertext)

  ORDO::Message.new(
    base64,
    'Cipher'                    => @active_key.cipher.algorithm,
    'Content-Length'            => base64.bytesize,
    'Content-Transfer-Encoding' => 'base64',
    'Key-Fingerprint'           => @active_key.fingerprint
  ).to_string
end

#rotate(ciphertext) ⇒ Object 



60
61
62
63
64
 
# File 'lib/cryptor/symmetric_encryption.rb', line 60

def rotate(ciphertext)
  rotate!(ciphertext)
rescue AlreadyRotatedError
  ciphertext
end

#rotate!(ciphertext) ⇒ Object 



51
52
53
54
55
56
57
58
 
# File 'lib/cryptor/symmetric_encryption.rb', line 51

def rotate!(ciphertext)
  message = parse(ciphertext)
  fingerprint = message['Key-Fingerprint']
  fail AlreadyRotatedError, 'already current' if fingerprint == @active_key.fingerprint

  key = @keyring[fingerprint]
  encrypt(key.decrypt(message.body))
end