Module: Aws::S3::Encryption::Utils Private
- Defined in:
- lib/aws-sdk-s3/encryption/utils.rb
This module is part of a private API. You should avoid using this module if possible, as it may be removed or be changed in the future.
Constant Summary collapse
- UNSAFE_MSG =
This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.
"unsafe encryption, data is longer than key length"
Class Method Summary collapse
- .aes_cipher(mode, block_mode, key, iv) ⇒ Object private
- .aes_decryption_cipher(block_mode, key = nil, iv = nil) ⇒ Object private
- .aes_encryption_cipher(block_mode, key = nil, iv = nil) ⇒ Object private
- .cipher_size(key) ⇒ Integer private
- .decrypt(key, data) ⇒ Object private
- .encrypt(key, data) ⇒ Object private
Class Method Details
.aes_cipher(mode, block_mode, key, iv) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
58 59 60 61 62 63 64 65 66 |
# File 'lib/aws-sdk-s3/encryption/utils.rb', line 58 def aes_cipher(mode, block_mode, key, iv) cipher = key ? OpenSSL::Cipher.new("aes-#{cipher_size(key)}-#{block_mode.downcase}") : OpenSSL::Cipher.new("aes-256-#{block_mode.downcase}") cipher.send(mode) # encrypt or decrypt cipher.key = key if key cipher.iv = iv if iv cipher end |
.aes_decryption_cipher(block_mode, key = nil, iv = nil) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
50 51 52 |
# File 'lib/aws-sdk-s3/encryption/utils.rb', line 50 def aes_decryption_cipher(block_mode, key = nil, iv = nil) aes_cipher(:decrypt, block_mode, key, iv) end |
.aes_encryption_cipher(block_mode, key = nil, iv = nil) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
43 44 45 |
# File 'lib/aws-sdk-s3/encryption/utils.rb', line 43 def aes_encryption_cipher(block_mode, key = nil, iv = nil) aes_cipher(:encrypt, block_mode, key, iv) end |
.cipher_size(key) ⇒ Integer
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
71 72 73 |
# File 'lib/aws-sdk-s3/encryption/utils.rb', line 71 def cipher_size(key) key.bytesize * 8 end |
.decrypt(key, data) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
# File 'lib/aws-sdk-s3/encryption/utils.rb', line 25 def decrypt(key, data) begin case key when OpenSSL::PKey::RSA # asymmetric decryption key.private_decrypt(data) when String # symmetric Decryption cipher = aes_cipher(:decrypt, :ECB, key, nil) cipher.update(data) + cipher.final end rescue OpenSSL::Cipher::CipherError msg = 'decryption failed, possible incorrect key' raise Errors::DecryptionError, msg end end |
.encrypt(key, data) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
13 14 15 16 17 18 19 20 21 22 23 |
# File 'lib/aws-sdk-s3/encryption/utils.rb', line 13 def encrypt(key, data) case key when OpenSSL::PKey::RSA # asymmetric encryption warn(UNSAFE_MSG) if key.public_key.n.num_bits < cipher_size(data) key.public_encrypt(data) when String # symmetric encryption warn(UNSAFE_MSG) if cipher_size(key) < cipher_size(data) cipher = aes_encryption_cipher(:ECB, key) cipher.update(data) + cipher.final end end |