Class: Cryptosphere::Head

Inherits:
Object
  • Object
show all
Defined in:
lib/cryptosphere/head.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(access_key, read_key = nil) ⇒ Head

Returns a new instance of Head.



12
13
14
15
16
17
18
19
# File 'lib/cryptosphere/head.rb', line 12

def initialize(access_key, read_key = nil)
  @signing_cipher = AsymmetricCipher.new(access_key)
  @read_key      = read_key

  @id        = @signing_cipher.public_key_fingerprint
  @location  = nil
  @timestamp = nil
end

Instance Attribute Details

#read_keyObject (readonly)

Returns the value of attribute read_key.



3
4
5
# File 'lib/cryptosphere/head.rb', line 3

def read_key
  @read_key
end

#signing_keyObject (readonly)

Returns the value of attribute signing_key.



3
4
5
# File 'lib/cryptosphere/head.rb', line 3

def signing_key
  @signing_key
end

#timestampObject (readonly)

Returns the value of attribute timestamp.



3
4
5
# File 'lib/cryptosphere/head.rb', line 3

def timestamp
  @timestamp
end

#verify_keyObject (readonly)

Returns the value of attribute verify_key.



3
4
5
# File 'lib/cryptosphere/head.rb', line 3

def verify_key
  @verify_key
end

Class Method Details

.generateObject



5
6
7
8
9
10
# File 'lib/cryptosphere/head.rb', line 5

def self.generate
  access_key = AsymmetricCipher.generate_key
  read_key   = Cryptosphere.random_bytes(32)

  new(verify_key.to_der, read_key, signing_key.to_der)
end

Instance Method Details

#locationObject

Raises:



21
22
23
24
# File 'lib/cryptosphere/head.rb', line 21

def location
  raise CapabilityError, "can't read location" unless @read_key
  @location
end

#move(location, timestamp = Time.now) ⇒ Object Also known as: location=

Raises:



26
27
28
29
# File 'lib/cryptosphere/head.rb', line 26

def move(location, timestamp = Time.now)
  raise CapabilityError, "don't have write capability" unless @signing_cipher.private_key?
  @location, @timestamp = location, timestamp
end

#to_signed_messageObject



32
33
34
35
36
37
38
39
40
41
42
43
44
45
# File 'lib/cryptosphere/head.rb', line 32

def to_signed_message
  cipher = Cryptosphere.block_cipher
  cipher.encrypt
  cipher.key = @read_key
  cipher.iv  = iv = cipher.random_iv

  ciphertext = cipher.update(location)
  ciphertext << cipher.final

  message   = [@timestamp.to_i, iv, ciphertext].pack("QA16A*")
  signature = @signing_cipher.private_encrypt Cryptosphere.kdf(message)

  [signature.size, signature, message].pack("nA*A*")
end

#update(signed_message) ⇒ Object



47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
# File 'lib/cryptosphere/head.rb', line 47

def update(signed_message)
  signature_size, rest = signed_message.unpack("nA*")
  signature, message = rest.unpack("A#{signature_size}A*")

  if @signing_cipher.public_decrypt(signature) != Cryptosphere.kdf(message)
    raise InvalidSignatureError, "signature does not match message"
  end

  timestamp, iv, ciphertext = message.unpack("QA16A*")
  timestamp = Time.at(timestamp)

  if timestamp > Time.now
    raise InvalidTimestampError, "timestamp is in the future"
  elsif @timestamp && timestamp < @timestamp
    return false # we have a newer version
  end

  if @read_key
    cipher = Cryptosphere.block_cipher
    cipher.decrypt
    cipher.key = @read_key
    cipher.iv = iv

    location = cipher.update(ciphertext)
    location << cipher.final

    @location = location
  end
end