Class: DiasporaFederation::Salmon::EncryptedSlap Deprecated
- Defined in:
- lib/diaspora_federation/salmon/encrypted_slap.rb
Overview
EncryptedSlap
provides class methods for generating and parsing encrypted Slaps. (In principle the same as Slap, but with encryption.)
The basic encryption mechanism used here is based on the knowledge that asymmetrical encryption is slow and symmetrical encryption is fast. Keeping in mind that a message we want to de-/encrypt may greatly vary in length, performance considerations must play a part of this scheme.
A diaspora*-flavored encrypted magic-enveloped XML message looks like the following:
<?xml version="1.0" encoding="UTF-8"?>
<diaspora xmlns="https://joindiaspora.com/protocol" xmlns:me="http://salmon-protocol.org/ns/magic-env">
<encrypted_header>{encrypted_header}</encrypted_header>
{magic_envelope with encrypted data}
</diaspora>
The encrypted header is encoded in JSON like this (when in plain text):
{
"aes_key" => "...",
"ciphertext" => "..."
}
aes_key
is encrypted using the recipients public key, and contains the AES key
and iv
used to encrypt the ciphertext
also encoded as JSON.
{
"key" => "...",
"iv" => "..."
}
ciphertext
, once decrypted, contains the author_id
, aes_key
and iv
relevant to the decryption of the data in the magic_envelope and the verification of its signature.
The decrypted cyphertext has this XML structure:
<decrypted_header>
<iv>{iv}</iv>
<aes_key>{aes_key}</aes_key>
<author_id>{author_id}</author_id>
</decrypted_header>
Finally, before decrypting the magic envelope payload, the signature should first be verified.
Constant Summary
Constants inherited from Slap
Class Method Summary collapse
-
.from_xml(slap_xml, privkey) ⇒ MagicEnvelope
Creates a MagicEnvelope instance from the data within the given XML string containing an encrypted payload.
Class Method Details
.from_xml(slap_xml, privkey) ⇒ MagicEnvelope
Creates a MagicEnvelope instance from the data within the given XML string containing an encrypted payload.
68 69 70 71 72 73 74 75 76 77 78 79 |
# File 'lib/diaspora_federation/salmon/encrypted_slap.rb', line 68 def self.from_xml(slap_xml, privkey) raise ArgumentError unless slap_xml.instance_of?(String) && privkey.instance_of?(OpenSSL::PKey::RSA) doc = Nokogiri::XML(slap_xml) header_elem = doc.at_xpath("d:diaspora/d:encrypted_header", Slap::NS) raise MissingHeader if header_elem.nil? header = header_data(header_elem.content, privkey) sender = header[:author_id] cipher_params = {key: Base64.decode64(header[:aes_key]), iv: Base64.decode64(header[:iv])} MagicEnvelope.unenvelop(magic_env_from_doc(doc), sender, cipher_params) end |