Class: Itamae::Secrets::Decryptor

Inherits:

Object

• Object
• Itamae::Secrets::Decryptor

Defined in:

lib/itamae/secrets/decryptor.rb

Constant Summary

ALGORITHM =

'aes-256-gcm'

Instance Attribute Summary

• #auth_tag ⇒ Object readonly

  Returns the value of attribute auth_tag.

• #ciphertext ⇒ Object readonly

  Returns the value of attribute ciphertext.

• #iv ⇒ Object readonly

  Returns the value of attribute iv.

• #key ⇒ Object

  Returns the value of attribute key.

• #key_name ⇒ Object readonly

  Returns the value of attribute key_name.

Class Method Summary

• .load_json(json, key = nil) ⇒ Object

Instance Method Summary

• #algorithm ⇒ Object
• #cipher ⇒ Object
• #initialize(ciphertext, auth_tag, iv, key_name, key = nil) ⇒ Decryptor constructor

  A new instance of Decryptor.

• #plaintext ⇒ Object
• #version ⇒ Object

Constructor Details

#initialize(ciphertext, auth_tag, iv, key_name, key = nil) ⇒ Decryptor

Returns a new instance of Decryptor.

# File 'lib/itamae/secrets/decryptor.rb', line 23

def initialize(ciphertext, auth_tag, iv, key_name, key = nil)
  ensure_algorithm_key_compatiblity!(key) if key
  @ciphertext = ciphertext
  @auth_tag = auth_tag
  @iv = iv
  @key_name = key_name
  @key = key
end

Instance Attribute Details

#auth_tag ⇒ Object (readonly)

Returns the value of attribute auth_tag.

# File 'lib/itamae/secrets/decryptor.rb', line 32

def auth_tag
  @auth_tag
end

#ciphertext ⇒ Object (readonly)

Returns the value of attribute ciphertext.

# File 'lib/itamae/secrets/decryptor.rb', line 32

def ciphertext
  @ciphertext
end

#iv ⇒ Object (readonly)

Returns the value of attribute iv.

# File 'lib/itamae/secrets/decryptor.rb', line 32

def iv
  @iv
end

#key ⇒ Object

Returns the value of attribute key.

# File 'lib/itamae/secrets/decryptor.rb', line 33

def key
  @key
end

#key_name ⇒ Object (readonly)

Returns the value of attribute key_name.

# File 'lib/itamae/secrets/decryptor.rb', line 32

def key_name
  @key_name
end

Class Method Details

.load_json(json, key = nil) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/itamae/secrets/decryptor.rb', line 8

def self.load_json(json, key = nil)
  data = JSON.parse(json)

  raise ArgumentError, "unknown version #{data['version'].inspect}" if data['version'] != 1
  raise ArgumentError, "unknown version #{data['algorithm'].inspect}" if data['algorithm'] != ALGORITHM

  new(
    data['ciphertext'],
    data['auth_tag'],
    data['iv'],
    data['key_name'],
    key
  )
end

Instance Method Details

#algorithm ⇒ Object

# File 'lib/itamae/secrets/decryptor.rb', line 52

def algorithm
  ALGORITHM
end

#cipher ⇒ Object

# File 'lib/itamae/secrets/decryptor.rb', line 56

def cipher
  @cipher ||= OpenSSL::Cipher.new(algorithm).tap do |c|
    raise 'key is required to proceed' unless key
    c.decrypt
    c.key = key.to_s
    c.iv = iv.unpack('m*')[0]
    c.auth_data = ''
    c.auth_tag = auth_tag.unpack('m*')[0]
  end
end

#plaintext ⇒ Object

# File 'lib/itamae/secrets/decryptor.rb', line 41

def plaintext
  @plaintext ||= begin
    txt = cipher.update(ciphertext.unpack('m*')[0])
    txt << cipher.final
  end
end

#version ⇒ Object

# File 'lib/itamae/secrets/decryptor.rb', line 48

def version
  1
end