porky_lib 0.6.2 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +2 -2
- data/README.md +20 -0
- data/lib/porky_lib/symmetric.rb +34 -0
- data/lib/porky_lib/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c98aaa41950874c7b37f159230db8356e526dec8f35a2a7d9c5fbe9d1f484a21
|
|
4
|
+
data.tar.gz: 5997f378160b2b05cd176c44b25570374159cbaafa7d8f83e1eb8c52014d7ca6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2bbcd43825926a03d5382cefad9ff6053a83117aaf163a12bd6e5a0502d595ce4b2167be745e1417e4d019e88df9f1a8c6e0e2a9266c5273245534c34d83cac2
|
|
7
|
+
data.tar.gz: 93dbfb9406f2773017fac22946eba097405945181cc3bf26762f222dff1c1a27538c04eec9006aecb626a201357df11fe7073bd4a023a39fc97e458caec8d13d
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
porky_lib (0.
|
|
4
|
+
porky_lib (0.7.0)
|
|
5
5
|
aws-sdk-kms
|
|
6
6
|
aws-sdk-s3
|
|
7
7
|
msgpack
|
|
@@ -22,7 +22,7 @@ GEM
|
|
|
22
22
|
aws-sdk-kms (1.24.0)
|
|
23
23
|
aws-sdk-core (~> 3, >= 3.61.1)
|
|
24
24
|
aws-sigv4 (~> 1.1)
|
|
25
|
-
aws-sdk-s3 (1.
|
|
25
|
+
aws-sdk-s3 (1.48.0)
|
|
26
26
|
aws-sdk-core (~> 3, >= 3.61.1)
|
|
27
27
|
aws-sdk-kms (~> 1)
|
|
28
28
|
aws-sigv4 (~> 1.1)
|
data/README.md
CHANGED
|
@@ -76,6 +76,16 @@ To encrypt data:
|
|
|
76
76
|
[ciphertext_dek, ciphertext, nonce] = PorkyLib::Symmetric.instance.encrypt(data, cmk_key_id, ciphertext_dek, encryption_context)
|
|
77
77
|
```
|
|
78
78
|
|
|
79
|
+
To encrypt data with a known plaintext key:
|
|
80
|
+
```ruby
|
|
81
|
+
# Where plaintext is the data to encrypt
|
|
82
|
+
# plaintext_key is the encryption key to use
|
|
83
|
+
# encryption_info is the structure returned that contains:
|
|
84
|
+
# ciphertext: plaintext encrypted under plaintext_key
|
|
85
|
+
# nonce: The generated nonce
|
|
86
|
+
encryption_info = PorkyLib::Symmetric.instance.encrypt_with_key(plaintext, plaintext_key)
|
|
87
|
+
```
|
|
88
|
+
|
|
79
89
|
### Decrypting Data
|
|
80
90
|
To decrypt data:
|
|
81
91
|
```ruby
|
|
@@ -86,6 +96,16 @@ To decrypt data:
|
|
|
86
96
|
plaintext_data = PorkyLib::Symmetric.instance.decrypt(ciphertext_dek, ciphertext, nonce, encryption_context)
|
|
87
97
|
```
|
|
88
98
|
|
|
99
|
+
To decrypt data with a known plaintext key:
|
|
100
|
+
```ruby
|
|
101
|
+
# Where ciphertext is the encrypted data to be decrypted
|
|
102
|
+
# plaintext_key is the decryption key to use
|
|
103
|
+
# nonce is the nonce to use
|
|
104
|
+
# decryption_info is the structured returned that contains:
|
|
105
|
+
# plaintext: ciphertext decrypted under plaintext_key
|
|
106
|
+
decryption_info = PorkyLib::Symmetric.instance.decrypt_with_key(ciphertext, plaintext_key, nonce)
|
|
107
|
+
```
|
|
108
|
+
|
|
89
109
|
### Generating Data Encryption Keys
|
|
90
110
|
To generate a new data encryption key:
|
|
91
111
|
```ruby
|
data/lib/porky_lib/symmetric.rb
CHANGED
|
@@ -191,6 +191,40 @@ class PorkyLib::Symmetric
|
|
|
191
191
|
"\0" * length
|
|
192
192
|
end
|
|
193
193
|
|
|
194
|
+
def encrypt_with_key(plaintext, plaintext_key)
|
|
195
|
+
# Initialize the box
|
|
196
|
+
secret_box = RbNaCl::SecretBox.new(plaintext_key)
|
|
197
|
+
|
|
198
|
+
# First, make a nonce: A single-use value never repeated under the same key
|
|
199
|
+
# The nonce isn't secret, and can be sent with the ciphertext.
|
|
200
|
+
# The cipher instance has a nonce_bytes method for determining how many bytes should be in a nonce
|
|
201
|
+
nonce = RbNaCl::Random.random_bytes(secret_box.nonce_bytes)
|
|
202
|
+
|
|
203
|
+
# Encrypt a message with SecretBox
|
|
204
|
+
ciphertext = secret_box.encrypt(nonce, plaintext)
|
|
205
|
+
|
|
206
|
+
result = OpenStruct.new
|
|
207
|
+
|
|
208
|
+
result.ciphertext = ciphertext
|
|
209
|
+
result.nonce = nonce
|
|
210
|
+
|
|
211
|
+
result
|
|
212
|
+
end
|
|
213
|
+
|
|
214
|
+
def decrypt_with_key(ciphertext, plaintext_key, nonce)
|
|
215
|
+
# Initialize the box
|
|
216
|
+
secret_box = RbNaCl::SecretBox.new(plaintext_key)
|
|
217
|
+
|
|
218
|
+
# Decrypt the message
|
|
219
|
+
plaintext = secret_box.decrypt(nonce, ciphertext)
|
|
220
|
+
|
|
221
|
+
result = OpenStruct.new
|
|
222
|
+
|
|
223
|
+
result.plaintext = plaintext
|
|
224
|
+
|
|
225
|
+
result
|
|
226
|
+
end
|
|
227
|
+
|
|
194
228
|
def encrypt_with_key_with_benchmark(plaintext, plaintext_key)
|
|
195
229
|
encryption_statistics = {}
|
|
196
230
|
|
data/lib/porky_lib/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: porky_lib
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Greg Fletcher
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-09-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-kms
|