class Sandal::Enc::Alg::RSA

Base class for RSA key encryption algorithm.

Attributes

name[R]

The JWA name of the algorithm.

Public Class Methods

new(name, rsa_key, padding) click to toggle source

Initialises a new instance.

@param name [String] The JWA name of the algorithm. @param rsa_key [OpenSSL::PKey::RSA or String] The RSA key to use for key encryption (public) or decryption (private). If the value is a String then it will be passed to the constructor of the RSA class. This must be at least 2048 bits to be compliant with the JWA specification.

# File lib/sandal/enc/alg/rsa.rb, line 19
def initialize(name, rsa_key, padding)
  @name = name
  @rsa_key = rsa_key.is_a?(String) ? OpenSSL::PKey::RSA.new(rsa_key) : rsa_key
  @padding = padding
end

Public Instance Methods

decrypt_key(encrypted_key) click to toggle source

Decrypts the content key.

@param encrypted_key [String] The encrypted content key. @return [String] The pre-shared content key. @raise [Sandal::TokenError] The content key can’t be decrypted.

# File lib/sandal/enc/alg/rsa.rb, line 38
def decrypt_key(encrypted_key)
  @rsa_key.private_decrypt(encrypted_key, @padding)
rescue => e
  raise Sandal::InvalidTokenError, "Cannot decrypt content key: #{e.message}"
end
encrypt_key(key) click to toggle source

Encrypts the content key.

@param key [String] The content key. @return [String] The encrypted content key.

# File lib/sandal/enc/alg/rsa.rb, line 29
def encrypt_key(key)
  @rsa_key.public_encrypt(key, @padding)
end