class Virgil::SDK::Cryptography::VirgilCrypto

Wrapper for cryptographic operations.

Class provides a cryptographic operations in applications, such as hashing, signature generation and verification, and encryption and decryption

Constants

CUSTOM_PARAM_KEY_SIGNATURE

Attributes

key_pair_type[RW]

Private Class Methods

new(key_pair_type=Keys::KeyPairType::Default) click to toggle source
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 47
def initialize(key_pair_type=Keys::KeyPairType::Default)
  @key_pair_type = key_pair_type
end

Private Instance Methods

calculate_fingerprint(bytes) click to toggle source

Calculates the fingerprint.

Args:

bytes: data bytes for fingerprint calculation.

Returns:

Fingerprint of the source data.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 377
def calculate_fingerprint(bytes)
  hash_bytes = self.compute_hash(bytes, Hashes::HashAlgorithm::SHA256)
  Hashes::Fingerprint.new(hash_bytes)
end
compute_hash(bytes, algorithm) click to toggle source

Computes the hash of specified data.

Args:

bytes: data bytes for fingerprint calculation.
algorithm: hashing algorithm.
  The possible values can be found in HashAlgorithm enum.

Returns:

Hash bytes.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 391
def compute_hash(bytes, algorithm)
  native_algorithm = Hashes::HashAlgorithm.convert_to_native(algorithm)
  native_hasher = Crypto::Native::VirgilHash.new(native_algorithm)
  wrap_bytes(native_hasher.hash(bytes))
end
compute_public_key_hash(public_key) click to toggle source

Computes the hash of specified public key using SHA256 algorithm.

Args:

public_key: public key for hashing.

Returns:

Hash bytes.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 404
def compute_public_key_hash(public_key)
  public_key_der = Crypto::Native::VirgilKeyPair.public_key_to_der(public_key)
  self.compute_hash(public_key_der, Hashes::HashAlgorithm::SHA256)
end
decrypt(cipher_bytes, private_key) click to toggle source

Decrypts the specified bytes using Private key.

Args:

bytes: encrypted bytes bytes for decryption.
private_key: private key for decryption.

Returns:

Decrypted bytes bytes.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 218
def decrypt(cipher_bytes, private_key)
  cipher = Crypto::Native::VirgilCipher.new
  decrypted_bytes = cipher.decrypt_with_key(
    cipher_bytes,
    private_key.receiver_id,
    private_key.value
  )
  wrap_bytes(decrypted_bytes)
end
decrypt_stream(input_stream, output_stream, private_key) click to toggle source

Decrypts the specified stream using Private key.

Args:

input_stream: readable stream containing input data.
output_stream: writable stream for output.
private_key: private key for decryption.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 329
def decrypt_stream(input_stream, output_stream, private_key)
  cipher = Crypto::Native::VirgilChunkCipher.new
  source = Crypto::VirgilStreamDataSource.new(input_stream)
  sink = Crypto::VirgilStreamDataSink.new(output_stream)
  cipher.decrypt_with_key(
    source,
    sink,
    private_key.receiver_id,
    private_key.value
  )
end
decrypt_then_verify(bytes, private_key, public_key) click to toggle source

Decrypts and verifies the data.

Args:

bytes: encrypted data bytes.
private_key: private key for decryption.
public_key: public key for verification.

Returns:

Decrypted data bytes.

Raises:

SignatureIsNotValid: if signature is not verified.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 265
def decrypt_then_verify(bytes, private_key, public_key)
  cipher = Crypto::Native::VirgilCipher.new
  decrypted_bytes = cipher.decrypt_with_key(
    bytes,
    private_key.receiver_id,
    private_key.value
  )
  signature = cipher.custom_params.get_data(CUSTOM_PARAM_KEY_SIGNATURE)
  is_valid = self.verify(decrypted_bytes, signature, public_key)
  unless is_valid
    raise SignatureIsNotValid.new
  end
  wrap_bytes(decrypted_bytes)
end
encrypt(bytes, *recipients) click to toggle source

Encrypts the specified bytes using recipients Public keys.

Args:

bytes: raw data bytes for encryption.
recipients: list of recipients' public keys.

Returns:

Encrypted bytes bytes.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 202
def encrypt(bytes, *recipients)
  cipher = Crypto::Native::VirgilCipher.new
  recipients.each do |public_key|
    cipher.add_key_recipient(public_key.receiver_id, public_key.value)
  end
  wrap_bytes(cipher.encrypt(bytes))
end
encrypt_stream(input_stream, output_stream, *recipients) click to toggle source

Encrypts the specified stream using recipients Public keys.

Args:

input_stream: readable stream containing input bytes.
output_stream: writable stream for output.
recipients: list of recipients' public keys.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 313
def encrypt_stream(input_stream, output_stream, *recipients)
  cipher = Crypto::Native::VirgilChunkCipher.new
  recipients.each do |public_key|
    cipher.add_key_recipient(public_key.receiver_id, public_key.value)
  end
  source = Crypto::VirgilStreamDataSource.new(input_stream)
  sink = Crypto::VirgilStreamDataSink.new(output_stream)
  wrap_bytes(cipher.encrypt(source, sink))
end
export_private_key(private_key, password=nil) click to toggle source

Exports the Private key into material representation.

Args:

private_key: private key for export.
password: private key password, nil by default.

Returns:

Key material representation bytes.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 141
def export_private_key(private_key, password=nil)
  unless password
    return Crypto::Native::VirgilKeyPair.private_key_to_der(
      private_key.value
    )
  end

  password_bytes = Crypto::Bytes.from_string(password)
  private_key_bytes = Crypto::Native::VirgilKeyPair.encrypt_private_key(
    private_key.value,
    password_bytes
  )
  wrap_bytes(
    Crypto::Native::VirgilKeyPair.private_key_to_der(
      private_key_bytes,
      password_bytes
    )
  )
end
export_public_key(public_key) click to toggle source

Exports the Public key into material representation.

Args:

public_key: public key for export.

Returns:

Key material representation bytes.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 168
def export_public_key(public_key)
  wrap_bytes(
    Crypto::Native::VirgilKeyPair.public_key_to_der(public_key.value)
  )
end
extract_public_key(private_key) click to toggle source

Extracts the Public key from Private key.

Args:

private_key: source private key for extraction.

Returns:

Exported public key.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 181
def extract_public_key(private_key)
  public_key_bytes = Crypto::Native::VirgilKeyPair.extract_public_key(
    private_key.value,
    []
  )
  Keys::PublicKey.new(
    private_key.receiver_id,
    wrap_bytes(
      Crypto::Native::VirgilKeyPair.public_key_to_der(public_key_bytes)
    )
  )
end
generate_keys(keys_type=@key_pair_type) click to toggle source

Generates asymmetric key pair that is comprised of both public and private keys by specified type. Args:

key_pair_type: type of the generated keys.
  The possible values can be found in KeyPairType enum.

Returns:

Generated key pair.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 68
def generate_keys(keys_type=@key_pair_type)
  native_type = Keys::KeyPairType.convert_to_native(keys_type)
  native_key_pair = Crypto::Native::VirgilKeyPair.generate(native_type)
  key_pair_id = self.compute_public_key_hash(native_key_pair.public_key)
  private_key = Keys::PrivateKey.new(
    key_pair_id,
    wrap_bytes(
      Crypto::Native::VirgilKeyPair.private_key_to_der(
        native_key_pair.private_key
      )
    )
  )
  public_key = Keys::PublicKey.new(
    key_pair_id,
    wrap_bytes(
      Crypto::Native::VirgilKeyPair.public_key_to_der(
        native_key_pair.public_key
      )
    )
  )
  return Keys::KeyPair.new(private_key, public_key)
end
import_private_key(key_bytes, password=nil) click to toggle source

Imports the Private key from material representation.

Args:

key_bytes: key material representation bytes.
password: private key password, nil by default.

Returns:

Imported private key.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 99
def import_private_key(key_bytes, password=nil)
  decrypted_private_key = if !password
    Crypto::Native::VirgilKeyPair.private_key_to_der(key_bytes)
  else
    Crypto::Native::VirgilKeyPair.decrypt_private_key(
      key_bytes,
      Crypto::Bytes.from_string(password)
    )
  end

  public_key_bytes = Crypto::Native::VirgilKeyPair.extract_public_key(
    decrypted_private_key, []
  )
  key_pair_id = self.compute_public_key_hash(public_key_bytes)
  private_key_bytes = Crypto::Native::VirgilKeyPair.private_key_to_der(
    decrypted_private_key
  )
  return Keys::PrivateKey.new(key_pair_id, wrap_bytes(private_key_bytes))
end
import_public_key(key_bytes) click to toggle source

Imports the Public key from material representation.

Args:

key_bytes: key material representation bytes.

Returns:

Imported public key.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 126
def import_public_key(key_bytes)
  key_pair_id = self.compute_public_key_hash(key_bytes)
  public_key_bytes =
    Crypto::Native::VirgilKeyPair.public_key_to_der(key_bytes)
  Keys::PublicKey.new(key_pair_id, wrap_bytes(public_key_bytes))
end
sign(bytes, private_key) click to toggle source

Signs the specified data using Private key.

Args:

bytes: raw data bytes for signing.
private_key: private key for signing.

Returns:

Signature data.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 288
def sign(bytes, private_key)
  signer = Crypto::Native::VirgilSigner.new
  wrap_bytes(signer.sign(bytes, private_key.value))
end
sign_stream(input_stream, private_key) click to toggle source

Signs the specified stream using Private key.

Args:

input_stream: readable stream containing input data.
private_key: private key for signing.

Returns:

Signature bytes.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 349
def sign_stream(input_stream, private_key)
  signer = Crypto::Native::VirgilStreamSigner.new
  source = Crypto::VirgilStreamDataSource.new(input_stream)
  wrap_bytes(signer.sign(source, private_key.value))
end
sign_then_encrypt(bytes, private_key, *recipients) click to toggle source

Signs and encrypts the data.

Args:

bytes: data bytes for signing and encryption.
private_key: private key to sign the data.
recipients: list of recipients' public keys.
  Used for data encryption.

Returns:

Signed and encrypted data bytes.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 238
def sign_then_encrypt(bytes, private_key, *recipients)
  signer = Crypto::Native::VirgilSigner.new
  signature = signer.sign(bytes, private_key.value)
  cipher = Crypto::Native::VirgilCipher.new
  custom_bytes = cipher.custom_params
  custom_bytes.set_data(
    CUSTOM_PARAM_KEY_SIGNATURE,
    signature
  )
  recipients.each do |public_key|
    cipher.add_key_recipient(public_key.receiver_id, public_key.value)
  end
  wrap_bytes(cipher.encrypt(bytes))
end
verify(bytes, signature, signer_public_key) click to toggle source

Verifies the specified signature using original data and signer's public key.

Args:

bytes: original data bytes for verification.
signature: signature bytes for verification.
signer_public_key: signer public key for verification.

Returns:

True if signature is valid, False otherwise.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 302
def verify(bytes, signature, signer_public_key)
  signer = Crypto::Native::VirgilSigner.new
  signer.verify(bytes, signature, signer_public_key.value)
end
verify_stream(input_stream, signature, signer_public_key) click to toggle source

Verifies the specified signature using original stream and signer's Public key.

Args:

input_stream: readable stream containing input data.
signature: signature bytes for verification.
signer_public_key: signer public key for verification.

Returns:

True if signature is valid, False otherwise.
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 364
def verify_stream(input_stream, signature, signer_public_key)
  signer = Crypto::Native::VirgilStreamSigner.new
  source = Crypto::VirgilStreamDataSource.new(input_stream)
  signer.verify(source, signature, signer_public_key.value)
end
wrap_bytes(raw_bytes) click to toggle source
# File lib/virgil/sdk/cryptography/virgil_crypto.rb, line 411
def wrap_bytes(raw_bytes)
  Crypto::Bytes.new(raw_bytes)
end