Class: Ruar::Cipher

Inherits:

Object

• Object
• Ruar::Cipher

Defined in:

lib/ruar/cipher.rb

Instance Method Summary

• #aead ⇒ Object
• #decrypt(data, auth_data: @auth_data, key: @key, iv: @iv, tag: @tag) ⇒ Object
• #enable ⇒ Object
• #enable? ⇒ Boolean
• #encrypt(data, auth_data: @auth_data, key: @key, iv: @iv) ⇒ Object
• #initialize ⇒ Cipher constructor

  A new instance of Cipher.

• #setup(key: nil, iv: nil, auth_data: nil, tag: nil) ⇒ Object

Constructor Details

#initialize ⇒ Cipher

Returns a new instance of Cipher.

# File 'lib/ruar/cipher.rb', line 5

def initialize
  @enable = false
end

Instance Method Details

#aead ⇒ Object

# File 'lib/ruar/cipher.rb', line 9

def aead
  @aead ||= OpenSSL::Cipher.new('aes-256-gcm')
end

#decrypt(data, auth_data: @auth_data, key: @key, iv: @iv, tag: @tag) ⇒ Object

# File 'lib/ruar/cipher.rb', line 49

def decrypt(data, auth_data: @auth_data, key: @key, iv: @iv, tag: @tag)
  raise 'tag is truncated!' unless tag.bytesize == 16

  cipher = aead.decrypt
  cipher.key = key
  cipher.iv = iv
  cipher.auth_tag = tag
  cipher.auth_data = auth_data

  decrypted = cipher.update(Base64.decode64(data))
  decompressed = Ruar::Compression.decompress(decrypted)

  { decrypted: decompressed }
end

#enable ⇒ Object

# File 'lib/ruar/cipher.rb', line 17

def enable
  @enable = true
end

#enable? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruar/cipher.rb', line 13

def enable?
  @enable
end

#encrypt(data, auth_data: @auth_data, key: @key, iv: @iv) ⇒ Object

# File 'lib/ruar/cipher.rb', line 30

def encrypt(data, auth_data: @auth_data, key: @key, iv: @iv)
  cipher = aead.encrypt
  cipher.key = key
  cipher.iv = iv
  cipher.auth_data = auth_data

  compressed = Ruar::Compression.compress(data)
  encrypted = Base64.encode64(cipher.update(compressed) + cipher.final)
  tag = cipher.auth_tag

  {
    encrypted: encrypted,
    iv: iv,
    key: key,
    tag: tag,
    auth_data: auth_data
  }
end

#setup(key: nil, iv: nil, auth_data: nil, tag: nil) ⇒ Object

# File 'lib/ruar/cipher.rb', line 21

def setup(key: nil, iv: nil, auth_data: nil, tag: nil)
  @key = key.nil? ? aead.random_key : Base64.decode64(key)
  @iv = iv.nil? ? aead.random_iv : Base64.decode64(iv)
  @auth_data = auth_data.nil? ? 'ruar_default_auth_data' : Base64.decode64(auth_data)
  @tag = tag.nil? ? 'ruar_invalid_auth_tag' : Base64.decode64(tag)

  self
end