Module: RCS::Crypt

Included in:
Evidence, Evidence
Defined in:
lib/rcs-common/crypt.rb

Constant Summary collapse

PAD_NOPAD = 
0
PAD_PKCS5 = 
1
SHA1_DIGEST_LENGTH = 
20

Instance Method Summary collapse

Instance Method Details

#aes_decrypt(enc_text, key, padding = PAD_PKCS5) ⇒ Object 



28
29
30
31
32
33
34
35
36
37
 
# File 'lib/rcs-common/crypt.rb', line 28

def aes_decrypt(enc_text, key, padding=PAD_PKCS5)
  decipher = OpenSSL::Cipher::Cipher.new('aes-128-cbc')
  decipher.decrypt
  decipher.padding = padding
  decipher.key = key
  decipher.iv = "\x00" * decipher.iv_len
  data = decipher.update(enc_text)
  data << decipher.final
  return data
end

#aes_decrypt_integrity(enc_text, key, padding = PAD_PKCS5) ⇒ Object 



45
46
47
48
49
50
51
 
# File 'lib/rcs-common/crypt.rb', line 45

def aes_decrypt_integrity(enc_text, key, padding=PAD_PKCS5)
  text = aes_decrypt(enc_text, key, padding)
  # check the integrity at the end of the message
  check = text.slice!(text.length - SHA1_DIGEST_LENGTH, text.length)
  raise "Invalid sha1 check" unless check == Digest::SHA1.digest(text)
  return text
end

#aes_encrypt(clear_text, key, padding = PAD_PKCS5) ⇒ Object 



17
18
19
20
21
22
23
24
25
26
 
# File 'lib/rcs-common/crypt.rb', line 17

def aes_encrypt(clear_text, key, padding=PAD_PKCS5)
  cipher = OpenSSL::Cipher::Cipher.new('aes-128-cbc')
  cipher.encrypt
  cipher.padding = padding
  cipher.key = key
  cipher.iv = "\x00" * cipher.iv_len
  edata = cipher.update(clear_text)
  edata << cipher.final
  return edata
end

#aes_encrypt_integrity(clear_text, key, padding = PAD_PKCS5) ⇒ Object 



39
40
41
42
43
 
# File 'lib/rcs-common/crypt.rb', line 39

def aes_encrypt_integrity(clear_text, key, padding=PAD_PKCS5)
  # add the integrity check at the end of the message
  clear_text += Digest::SHA1.digest(clear_text)
  return aes_encrypt(clear_text, key, padding)
end