Class: JOSE::JWE::ALG_C20P_KW
- Inherits:
-
Struct
- Object
- Struct
- JOSE::JWE::ALG_C20P_KW
- Defined in:
- lib/jose/jwe/alg_c20p_kw.rb
Instance Attribute Summary collapse
-
#bits ⇒ Object
Returns the value of attribute bits.
-
#cipher_name ⇒ Object
Returns the value of attribute cipher_name.
-
#iv ⇒ Object
Returns the value of attribute iv.
-
#tag ⇒ Object
Returns the value of attribute tag.
Class Method Summary collapse
-
.from_map(fields) ⇒ Object
JOSE::JWE callbacks.
Instance Method Summary collapse
-
#algorithm ⇒ Object
API functions.
-
#generate_key(fields, enc) ⇒ Object
JOSE::JWE::ALG callbacks.
- #key_decrypt(key, enc, encrypted_key) ⇒ Object
- #key_encrypt(key, enc, decrypted_key) ⇒ Object
- #next_cek(key, enc) ⇒ Object
- #to_map(fields) ⇒ Object
Instance Attribute Details
#bits ⇒ Object
Returns the value of attribute bits
1 2 3 |
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 1 def bits @bits end |
#cipher_name ⇒ Object
Returns the value of attribute cipher_name
1 2 3 |
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 1 def cipher_name @cipher_name end |
#iv ⇒ Object
Returns the value of attribute iv
1 2 3 |
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 1 def iv @iv end |
#tag ⇒ Object
Returns the value of attribute tag
1 2 3 |
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 1 def tag @tag end |
Class Method Details
.from_map(fields) ⇒ Object
JOSE::JWE callbacks
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 5 def self.from_map(fields) bits = nil cipher_name = nil case fields['alg'] when 'C20PKW' bits = 256 cipher_name = 'chacha20-poly1305' else raise ArgumentError, "invalid 'alg' for JWE: #{fields['alg'].inspect}" end iv = nil if fields.has_key?('iv') iv = JOSE.urlsafe_decode64(fields['iv']) end tag = nil if fields.has_key?('tag') tag = JOSE.urlsafe_decode64(fields['tag']) end return new(cipher_name, bits, iv, tag), fields.except('alg', 'iv', 'tag') end |
Instance Method Details
#algorithm ⇒ Object
API functions
91 92 93 94 95 96 97 98 |
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 91 def algorithm case bits when 256 'C20PKW' else raise ArgumentError, "unhandled JOSE::JWE::ALG_C20P_KW bits: #{bits.inspect}" end end |
#generate_key(fields, enc) ⇒ Object
JOSE::JWE::ALG callbacks
40 41 42 |
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 40 def generate_key(fields, enc) return JOSE::JWE::ALG.generate_key([:oct, bits.div(8)], algorithm, enc.algorithm) end |
#key_decrypt(key, enc, encrypted_key) ⇒ Object
44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 44 def key_decrypt(key, enc, encrypted_key) if iv.nil? or tag.nil? raise ArgumentError, "missing required fields for decryption: 'iv' and 'tag'" end if key.is_a?(JOSE::JWK) key = key.kty.derive_key end derived_key = key aad = '' cipher_text = encrypted_key cipher_tag = tag cipher = OpenSSL::Cipher.new(cipher_name) cipher.decrypt cipher.key = derived_key cipher.iv = iv cipher.padding = 0 cipher.auth_data = aad cipher.auth_tag = cipher_tag plain_text = cipher.update(cipher_text) + cipher.final return plain_text end |
#key_encrypt(key, enc, decrypted_key) ⇒ Object
66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 |
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 66 def key_encrypt(key, enc, decrypted_key) if key.is_a?(JOSE::JWK) key = key.kty.derive_key end new_alg = JOSE::JWE::ALG_C20P_KW.new(cipher_name, bits, iv || SecureRandom.random_bytes(12)) derived_key = key aad = '' plain_text = decrypted_key cipher = OpenSSL::Cipher.new(new_alg.cipher_name) cipher.encrypt cipher.key = derived_key cipher.iv = new_alg.iv cipher.padding = 0 cipher.auth_data = aad cipher_text = cipher.update(plain_text) + cipher.final new_alg.tag = cipher.auth_tag return cipher_text, new_alg end |
#next_cek(key, enc) ⇒ Object
85 86 87 |
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 85 def next_cek(key, enc) return enc.next_cek, self end |
#to_map(fields) ⇒ Object
26 27 28 29 30 31 32 33 34 35 36 |
# File 'lib/jose/jwe/alg_c20p_kw.rb', line 26 def to_map(fields) alg = algorithm fields = fields.put('alg', alg) if iv fields = fields.put('iv', JOSE.urlsafe_encode64(iv)) end if tag fields = fields.put('tag', JOSE.urlsafe_encode64(tag)) end return fields end |