class RbNaCl::AEAD::Base

Abstract base class for Authenticated Encryption with Additional Data

This construction encrypts a message, and computes an authentication tag for the encrypted message and some optional additional data

RbNaCl provides wrappers for both ChaCha20-Poly1305 AEAD implementations in libsodium: the original, and the IETF version.

Constants

KEYBYTES

Number of bytes in a valid key

NPUBBYTES

Number of bytes in a valid nonce

Attributes

key[R]

Public Class Methods

key_bytes() click to toggle source

The key bytes for the AEAD class

@return [Integer] The number of bytes in a valid key

# File lib/rbnacl/aead/base.rb, line 102
def self.key_bytes
  self::KEYBYTES
end
new(key) click to toggle source

Create a new AEAD using the IETF chacha20poly1305 construction

Sets up AEAD with a secret key for encrypting and decrypting messages.

@param key [String] The key to encrypt and decrypt with

@raise [RbNaCl::LengthError] on invalid keys

@return [RbNaCl::AEAD::Chacha20Poly1305IETF] The new AEAD construct, ready to use

# File lib/rbnacl/aead/base.rb, line 32
def initialize(key)
  @key = Util.check_string(key, key_bytes, "Secret key")
end
nonce_bytes() click to toggle source

The nonce bytes for the AEAD class

@return [Integer] The number of bytes in a valid nonce

# File lib/rbnacl/aead/base.rb, line 88
def self.nonce_bytes
  self::NPUBBYTES
end
tag_bytes() click to toggle source

The number bytes in the tag or authenticator from this AEAD class

@return [Integer] number of tag bytes

# File lib/rbnacl/aead/base.rb, line 116
def self.tag_bytes
  self::ABYTES
end

Public Instance Methods

decrypt(nonce, ciphertext, additional_data) click to toggle source

Decrypts and verifies an encrypted message with additional authenticated data

@param nonce [String] An 8-byte string containing the nonce. @param ciphertext [String] The message to be decrypted. @param additional_data [String] The additional authenticated data

@raise [RbNaCl::LengthError] If the nonce is not valid @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated.

@return [String] The decrypted message

# File lib/rbnacl/aead/base.rb, line 67
def decrypt(nonce, ciphertext, additional_data)
  Util.check_length(nonce, nonce_bytes, "Nonce")

  message_len = Util.zeros(1)
  message = Util.zeros(data_len(ciphertext) - tag_bytes)

  success = do_decrypt(message, message_len, nonce, ciphertext, additional_data)
  raise CryptoError, "Decryption failed. Ciphertext failed verification." unless success
  message
end
encrypt(nonce, message, additional_data) click to toggle source

Encrypts and authenticates a message with additional authenticated data

@param nonce [String] An 8-byte string containing the nonce. @param message [String] The message to be encrypted. @param additional_data [String] The additional authenticated data

@raise [RbNaCl::LengthError] If the nonce is not valid @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated.

@return [String] The encrypted message with the authenticator tag appended

# File lib/rbnacl/aead/base.rb, line 46
def encrypt(nonce, message, additional_data)
  Util.check_length(nonce, nonce_bytes, "Nonce")

  ciphertext_len = Util.zeros(1)
  ciphertext = Util.zeros(data_len(message) + tag_bytes)

  success = do_encrypt(ciphertext, ciphertext_len, nonce, message, additional_data)
  raise CryptoError, "Encryption failed" unless success
  ciphertext
end
key_bytes() click to toggle source

The key bytes for the AEAD instance

@return [Integer] The number of bytes in a valid key

# File lib/rbnacl/aead/base.rb, line 109
def key_bytes
  self.class.key_bytes
end
nonce_bytes() click to toggle source

The nonce bytes for the AEAD instance

@return [Integer] The number of bytes in a valid nonce

# File lib/rbnacl/aead/base.rb, line 95
def nonce_bytes
  self.class.nonce_bytes
end
primitive() click to toggle source

The crypto primitive for this aead instance

@return [Symbol] The primitive used

# File lib/rbnacl/aead/base.rb, line 81
def primitive
  self.class.primitive
end
tag_bytes() click to toggle source

The number of bytes in the tag or authenticator for this AEAD instance

@return [Integer] number of tag bytes

# File lib/rbnacl/aead/base.rb, line 123
def tag_bytes
  self.class.tag_bytes
end

Private Instance Methods

data_len(data) click to toggle source
# File lib/rbnacl/aead/base.rb, line 129
def data_len(data)
  return 0 if data.nil?
  data.bytesize
end
do_decrypt(_message, _message_len, _nonce, _ciphertext, _additional_data) click to toggle source
# File lib/rbnacl/aead/base.rb, line 138
def do_decrypt(_message, _message_len, _nonce, _ciphertext, _additional_data)
  raise NotImplementedError
end
do_encrypt(_ciphertext, _ciphertext_len, _nonce, _message, _additional_data) click to toggle source
# File lib/rbnacl/aead/base.rb, line 134
def do_encrypt(_ciphertext, _ciphertext_len, _nonce, _message, _additional_data)
  raise NotImplementedError
end