Class: RbNaCl::Boxes::Sealed

Inherits:
Object
  • Object
show all
Extended by:
Sodium
Defined in:
lib/rbnacl/boxes/sealed.rb

Overview

Sealed boxes are designed to anonymously send messages to a recipient given its public key.

Only the recipient can decrypt these messages, using its private key. While the recipient can verify the integrity of the message, it cannot verify the identity of the sender.

A message is encrypted using an ephemeral key pair, whose secret part is destroyed right after the encryption process.

Without knowing the secret key used for a given message, the sender cannot decrypt its own message later. And without additional data, a message cannot be correlated with the identity of its sender.

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Sodium

sodium_constant, sodium_function, sodium_function_with_return_code, sodium_primitive, sodium_type

Constructor Details

#initialize(public_key, private_key = nil) ⇒ RbNaCl::SealedBox

WARNING: you should strongly prefer the from_private_key/from_public_key class methods.

Create a new Sealed Box

Sets up the Box for deriving the shared key and encrypting and decrypting messages.

Parameters:

Raises:



47
48
49
50
51
52
53
54
55
56
57
# File 'lib/rbnacl/boxes/sealed.rb', line 47

def initialize(public_key, private_key = nil)
  unless private_key.nil?
    @private_key = private_key.is_a?(PrivateKey) ? private_key : PrivateKey.new(private_key)
    raise IncorrectPrimitiveError unless @private_key.primitive == primitive

    public_key = @private_key.public_key if public_key.nil?
  end

  @public_key = public_key.is_a?(PublicKey) ? public_key : PublicKey.new(public_key)
  raise IncorrectPrimitiveError unless @public_key.primitive == primitive
end

Class Method Details

.from_private_key(private_key) ⇒ RbNaCl::SealedBox

Create a new Sealed Box for decrypting

Sets up the Box for decryption of new messages.

Parameters:

Returns:

Raises:



68
69
70
# File 'lib/rbnacl/boxes/sealed.rb', line 68

def self.from_private_key(private_key)
  new(nil, private_key)
end

.from_public_key(public_key) ⇒ RbNaCl::SealedBox

Create a new Sealed Box for encrypting

Sets up the Box for encryption of new messages.

Parameters:

Returns:

Raises:



81
82
83
# File 'lib/rbnacl/boxes/sealed.rb', line 81

def self.from_public_key(public_key)
  new(public_key, nil)
end

Instance Method Details

#box(message) ⇒ String Also known as: encrypt

Encrypts a message

Parameters:

  • message (String)

    The message to be encrypted.

Returns:

  • (String)

    The ciphertext (BINARY encoded)

Raises:



92
93
94
95
96
97
98
99
100
101
102
# File 'lib/rbnacl/boxes/sealed.rb', line 92

def box(message)
  # No padding needed.
  msg = message # variable name to match other RbNaCl code.
  # ensure enough space in result
  ct  = Util.zeros(msg.bytesize + SEALBYTES)

  success = self.class.box_seal(ct, msg, msg.bytesize, @public_key.to_s)
  raise CryptoError, "Encryption failed" unless success

  ct
end

#open(ciphertext) ⇒ String Also known as: decrypt

Decrypts a ciphertext

Parameters:

  • ciphertext (String)

    The message to be decrypted.

Returns:

  • (String)

    The decrypted message (BINARY encoded)

Raises:



113
114
115
116
117
118
119
120
121
122
123
124
125
# File 'lib/rbnacl/boxes/sealed.rb', line 113

def open(ciphertext)
  raise CryptoError, "Decryption failed. No private key." unless @private_key

  ct = ciphertext
  raise CryptoError, "Decryption failed. Ciphertext failed verification." if ct.bytesize < SEALBYTES

  message = Util.zeros(ct.bytesize - SEALBYTES)

  success = self.class.box_seal_open(message, ct, ct.bytesize, @public_key.to_s, @private_key.to_s)
  raise CryptoError, "Decryption failed. Ciphertext failed verification." unless success

  message
end

#primitiveSymbol

The crypto primitive for the box class

Returns:

  • (Symbol)

    The primitive used



131
132
133
# File 'lib/rbnacl/boxes/sealed.rb', line 131

def primitive
  self.class.primitive
end