xaes_256_gcm 0.3 → 0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/3RD_PARTY_LICENSE +20 -0
- data/lib/xaes_256_gcm/version.rb +1 -1
- data/lib/xaes_256_gcm/xaes_256_gcm_cipher.rb +20 -5
- metadata +2 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ac1cc1abd232a39d6e2a51c78f1eda1f5b3a90068580b00fe82f4ff018117a24
|
|
4
|
+
data.tar.gz: d5f0bdc7d7dff95d7ce44731ed6db968f1d426890987ede195d776b29dcf7ccf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bf56e9eeec474c19e8f54d0d725f134b3c77276a465451b37f9eaccb75ebe8ab3b035ac1483612ea285766adc46ed3224fd9297924994dba9e3ecc60fb207a4f
|
|
7
|
+
data.tar.gz: c3286d8510040cfe971f94d69d672768ee4874e53609ed2be4b4c4f74f2515eedbc9cc42dc2929a0b56c2ccc466896847921e52325c55881625fcd2dcd54a63a
|
data/3RD_PARTY_LICENSE
ADDED
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
Copyright (c) 2020
|
|
2
|
+
The C2SP Authors. All rights reserved.
|
|
3
|
+
|
|
4
|
+
Redistribution and use in source and binary forms, with or without
|
|
5
|
+
modification, are permitted provided that the following conditions
|
|
6
|
+
are met:
|
|
7
|
+
1. Redistributions of source code must retain the above copyright
|
|
8
|
+
notice, this list of conditions and the following disclaimer.
|
|
9
|
+
|
|
10
|
+
THIS SOFTWARE IS PROVIDED BY The C2SP Authors ``AS IS'' AND
|
|
11
|
+
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
12
|
+
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
13
|
+
ARE DISCLAIMED. IN NO EVENT SHALL The C2SP Authors BE LIABLE
|
|
14
|
+
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
15
|
+
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
16
|
+
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
17
|
+
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
18
|
+
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
19
|
+
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
20
|
+
SUCH DAMAGE.
|
data/lib/xaes_256_gcm/version.rb
CHANGED
|
@@ -47,8 +47,8 @@ module Xaes256Gcm
|
|
|
47
47
|
@k1 = NoInspectBox.new(k1)
|
|
48
48
|
end
|
|
49
49
|
|
|
50
|
-
#
|
|
51
|
-
def
|
|
50
|
+
# Encrypts a plaintext with a nonce. Optional additional authenticated data can be provided.
|
|
51
|
+
def encrypt(plaintext, nonce, additionalData = nil)
|
|
52
52
|
raise InvalidNonceError if nonce.bytesize != NONCE_SIZE
|
|
53
53
|
|
|
54
54
|
key = derive_key(nonce.byteslice(0, 12))
|
|
@@ -64,8 +64,14 @@ module Xaes256Gcm
|
|
|
64
64
|
ciphertext + gcm.auth_tag
|
|
65
65
|
end
|
|
66
66
|
|
|
67
|
-
#
|
|
68
|
-
def
|
|
67
|
+
# Seals a plaintext with a random nonce. Optional additional authenticated data can be provided.
|
|
68
|
+
def seal(plaintext, additionalData = nil)
|
|
69
|
+
nonce = OpenSSL::Random.random_bytes(NONCE_SIZE)
|
|
70
|
+
return nonce + encrypt(plaintext, nonce, additionalData)
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
# Decrypts a ciphertext with a nonce. Optional additional authenticated data can be provided.
|
|
74
|
+
def decrypt(ciphertext, nonce, additionalData = nil)
|
|
69
75
|
ct_bytes = ciphertext.bytesize
|
|
70
76
|
raise InvalidNonceError if nonce.bytesize != NONCE_SIZE
|
|
71
77
|
raise InvalidCiphertextError if ciphertext.bytesize < OVERHEAD
|
|
@@ -73,6 +79,8 @@ module Xaes256Gcm
|
|
|
73
79
|
tagless_ciphertext = ciphertext.byteslice(0, ct_bytes - OVERHEAD)
|
|
74
80
|
tag = ciphertext.byteslice(ct_bytes - OVERHEAD, OVERHEAD)
|
|
75
81
|
|
|
82
|
+
raise InvalidCiphertextError if tag.bytesize != OVERHEAD
|
|
83
|
+
|
|
76
84
|
key = derive_key(nonce.byteslice(0, 12))
|
|
77
85
|
gcm = OpenSSL::Cipher::AES256.new(:GCM)
|
|
78
86
|
gcm.decrypt
|
|
@@ -93,6 +101,13 @@ module Xaes256Gcm
|
|
|
93
101
|
return plaintext
|
|
94
102
|
end
|
|
95
103
|
|
|
104
|
+
def open(ciphertext, additionalData = nil)
|
|
105
|
+
raise InvalidCiphertextError if ciphertext.nil? || ciphertext.bytesize < OVERHEAD + NONCE_SIZE
|
|
106
|
+
nonce = ciphertext.byteslice(0, NONCE_SIZE)
|
|
107
|
+
ct = ciphertext.byteslice(NONCE_SIZE, ciphertext.bytesize - NONCE_SIZE)
|
|
108
|
+
return decrypt(ct, nonce, additionalData)
|
|
109
|
+
end
|
|
110
|
+
|
|
96
111
|
private
|
|
97
112
|
|
|
98
113
|
def derive_key(nonce)
|
|
@@ -114,7 +129,7 @@ module Xaes256Gcm
|
|
|
114
129
|
end
|
|
115
130
|
end
|
|
116
131
|
|
|
117
|
-
# This is just a
|
|
132
|
+
# This is just a small helper class that returns a redacted value for to_s and inspect.
|
|
118
133
|
# It exists to simply make sure any state on the instance is not accidentally logged or printed.
|
|
119
134
|
class NoInspectBox
|
|
120
135
|
def initialize(value)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: xaes_256_gcm
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: '0.
|
|
4
|
+
version: '0.4'
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- vcsjones
|
|
@@ -47,6 +47,7 @@ files:
|
|
|
47
47
|
- "./lib/xaes_256_gcm/errors.rb"
|
|
48
48
|
- "./lib/xaes_256_gcm/version.rb"
|
|
49
49
|
- "./lib/xaes_256_gcm/xaes_256_gcm_cipher.rb"
|
|
50
|
+
- 3RD_PARTY_LICENSE
|
|
50
51
|
homepage: https://github.com/vcsjones/xaes_256_gcm
|
|
51
52
|
licenses:
|
|
52
53
|
- MIT
|