Sha256: 79c5ba14376898521c319ebbd57ed2384d1acf57b7a78669e6081d2a1fa446f1
Contents?: true
Size: 1.53 KB
Versions: 2
Compression:
Stored size: 1.53 KB
Contents
# frozen_string_literal: true
module Noise
module Functions
module Cipher
class AesGcm
MAX_NONCE = 2**64 - 1
def encrypt(k, n, ad, plaintext)
cipher = OpenSSL::Cipher::AES.new(256, :GCM).encrypt
cipher.key = k
cipher.iv = nonce_to_bytes(n)
cipher.auth_data = ad
cipher.update(plaintext) + cipher.final + cipher.auth_tag
rescue OpenSSL::Cipher::CipherError => e
raise Noise::Exceptions::EncryptError.new(e)
end
def decrypt(k, n, ad, ciphertext)
cipher = OpenSSL::Cipher::AES.new(256, :GCM).decrypt
cipher.key = k
cipher.iv = nonce_to_bytes(n)
cipher.auth_data = ad
cipher.auth_tag = ciphertext[-16..-1]
cipher.update(ciphertext[0...-16]) + cipher.final
rescue OpenSSL::Cipher::CipherError => e
raise Noise::Exceptions::DecryptError.new(e)
end
def nonce_to_bytes(n)
"\x00" * 4 + format('%16x', n).htb
end
# Returns a new 32-byte cipher key as a pseudorandom function of k.
# If this function is not specifically defined for some set of cipher
# functions, then it defaults to returning the first 32 bytes from
# ENCRYPT(k,maxnonce, zerolen, zeros), where maxnonce equals 264-1,
# zerolen is a zero-length byte sequence, and zeros is a sequence of
# 32 bytes filled with zeros.
def rekey(k)
encrypt(k, MAX_NONCE, '', "\x00" * 32)[0...32]
end
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| noise-ruby-0.10.0 | lib/noise/functions/cipher/aes_gcm.rb |
| noise-ruby-0.9.4 | lib/noise/functions/cipher/aes_gcm.rb |