Module: DoorMat::Crypto::AsymmetricStore

Defined in:

lib/door_mat/crypto/asymmetric_store.rb

Class Method Summary

• .cipher ⇒ Object
• .decode_key(key) ⇒ Object
• .decrypt(ciphertext, private_key) ⇒ Object
• .encrypt(plaintext, public_key) ⇒ Object
• .generate_pem_encrypted_pkey_pair_and_key ⇒ Object
• .pem_public_key_from_pem_encrypted_pkey_pair(pem_encrypted_pkey, key) ⇒ Object
• .private_key_from_pem_encrypted_pkey_pair(pem_encrypted_pkey, key) ⇒ Object
• .public_key_from_pem_encrypted_pkey_pair(pem_encrypted_pkey, key) ⇒ Object
• .public_key_from_pem_public_key(pem_public_key) ⇒ Object

Class Method Details

.cipher ⇒ Object

# File 'lib/door_mat/crypto/asymmetric_store.rb', line 63

def cipher
  OpenSSL::Cipher.new('DES-EDE3-CBC')
end

.decode_key(key) ⇒ Object

# File 'lib/door_mat/crypto/asymmetric_store.rb', line 68

def decode_key(key)
  Base64.strict_decode64(key.to_str).tap do |decoded_key|
    raise ArgumentError, "Key must be exactly 24 bytes in length" if decoded_key.bytesize != 24
  end
end

.decrypt(ciphertext, private_key) ⇒ Object

# File 'lib/door_mat/crypto/asymmetric_store.rb', line 13

def decrypt(ciphertext, private_key)
  private_key.private_decrypt(Base64.strict_decode64(ciphertext.to_str))
end

.encrypt(plaintext, public_key) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/door_mat/crypto/asymmetric_store.rb', line 7

def encrypt(plaintext, public_key)
  raise ArgumentError, 'Plaintext exceeds maximum length of 245 bytes' if plaintext.to_str.bytesize > 245
  Base64.strict_encode64(public_key.public_encrypt(plaintext.to_str))
end

.generate_pem_encrypted_pkey_pair_and_key ⇒ Object

# File 'lib/door_mat/crypto/asymmetric_store.rb', line 18

def generate_pem_encrypted_pkey_pair_and_key
  pkey = OpenSSL::PKey::RSA.generate(2048)
  c = cipher()
  c.encrypt
  c.random_iv
  key = c.random_key
  pem_encrypted_pkey = ''

  begin

    pem_encrypted_pkey = pkey.to_pem(c, key)

  rescue OpenSSL::PKey::RSAError => e
    DoorMat.configuration.logger.error "ERROR: spurious error - #{e} for key _#{key}_"
    key = c.random_key
    retry
  end

  {
      key: Base64.strict_encode64(key),
      pem_encrypted_pkey: pem_encrypted_pkey
  }
end

.pem_public_key_from_pem_encrypted_pkey_pair(pem_encrypted_pkey, key) ⇒ Object

# File 'lib/door_mat/crypto/asymmetric_store.rb', line 53

def pem_public_key_from_pem_encrypted_pkey_pair(pem_encrypted_pkey, key)
  public_key_from_pem_encrypted_pkey_pair(pem_encrypted_pkey.to_str, key.to_str).to_pem
end

.private_key_from_pem_encrypted_pkey_pair(pem_encrypted_pkey, key) ⇒ Object

# File 'lib/door_mat/crypto/asymmetric_store.rb', line 43

def private_key_from_pem_encrypted_pkey_pair(pem_encrypted_pkey, key)
  OpenSSL::PKey::RSA.new(pem_encrypted_pkey.to_str, decode_key(key.to_str))
end

.public_key_from_pem_encrypted_pkey_pair(pem_encrypted_pkey, key) ⇒ Object

# File 'lib/door_mat/crypto/asymmetric_store.rb', line 48

def public_key_from_pem_encrypted_pkey_pair(pem_encrypted_pkey, key)
  OpenSSL::PKey::RSA.new(pem_encrypted_pkey.to_str, decode_key(key.to_str)).public_key
end

.public_key_from_pem_public_key(pem_public_key) ⇒ Object

# File 'lib/door_mat/crypto/asymmetric_store.rb', line 58

def public_key_from_pem_public_key(pem_public_key)
  OpenSSL::PKey::RSA.new(pem_public_key.to_str).public_key
end