Class: OpenSSL::HPKE::Context::Receiver
| Relationships & Source Files | |
| Super Chains via Extension / Inclusion / Inheritance | |
|
Class Chain:
self,
::OpenSSL::HPKE::Context
|
|
|
Instance Chain:
self,
::OpenSSL::HPKE::Context
|
|
| Inherits: |
OpenSSL::HPKE::Context
|
| Defined in: | ext/openssl/ossl_hpke.c, ext/openssl/ossl_hpke.c |
Overview
The recipient's side of an ::OpenSSL::HPKE context. Decapsulates the sender's key with
#decap and recovers messages with #open.
Class Method Summary
-
.new(suite) ⇒ Receiver
constructor
Takes a
::OpenSSL::HPKE::Suiteto generate a::OpenSSL::HPKE::Contextfor the receiver.
Instance Method Summary
-
#decap(enc, priv, info) ⇒ true
Takes the encapsulated key
enc(a String produced by the sender's Sender#encap), the receiver's own private key (OpenSSL::PKey), andinfostring (application context information; value that separates the domain in which the key is used), and decapsulates the key to be used in subsequent operations. -
#open(aad, ciphertext) ⇒ plaintext
Opens (decrypts) the
ciphertextusing the::OpenSSL::HPKE::Context's AEAD and returns the recovered plaintext.
::OpenSSL::HPKE::Context - Inherited
| #export | Derives and returns a |
Constructor Details
.new(suite) ⇒ Receiver
Takes a ::OpenSSL::HPKE::Suite to generate a ::OpenSSL::HPKE::Context for the receiver.
Currently assumes Base mode as the ::OpenSSL::HPKE mode.
# File 'ext/openssl/ossl_hpke.c', line 152
static VALUE
ossl_hpke_ctx_new_receiver(VALUE self, VALUE suite)
{
ossl_hpke_ctx_t *data;
OSSL_HPKE_SUITE *suite_st;
if (RTYPEDDATA_DATA(self))
ossl_raise(eHPKEError, "HPKE context is already initialized");
if (!rb_obj_is_kind_of(suite, cSuite))
ossl_raise(eHPKEError, "invalid suite specified");
GetHpkeSuite(suite, suite_st);
data = ALLOC(ossl_hpke_ctx_t);
data->ctx = NULL;
data->suite = *suite_st;
data->ctx = OSSL_HPKE_CTX_new(OSSL_HPKE_MODE_BASE, data->suite,
OSSL_HPKE_ROLE_RECEIVER, NULL, NULL);
if (data->ctx == NULL) {
ruby_xfree(data);
ossl_raise(eHPKEError, "could not create ctx");
}
RTYPEDDATA_DATA(self) = data;
return self;
}
Instance Method Details
#decap(enc, priv, info) ⇒ true
Takes the encapsulated key enc (a String produced by the sender's
Sender#encap), the receiver's own private key (OpenSSL::PKey), and info
string (application context information; value that separates the domain in
which the key is used), and decapsulates the key to be used in subsequent
operations. The info must be identical to the one given to Sender#encap.
Returns true on success.
# File 'ext/openssl/ossl_hpke.c', line 263
static VALUE
ossl_hpke_decap(VALUE self, VALUE enc, VALUE priv, VALUE info)
{
ossl_hpke_ctx_t *data;
EVP_PKEY *pkey;
size_t enclen;
size_t infolen;
GetHpke(self, data);
GetPKey(priv, pkey);
StringValue(enc);
StringValue(info);
enclen = RSTRING_LEN(enc);
infolen = RSTRING_LEN(info);
if (OSSL_HPKE_decap(data->ctx, (unsigned char *)RSTRING_PTR(enc), enclen, pkey,
(unsigned char *)RSTRING_PTR(info), infolen) != 1) {
ossl_raise(eHPKEError, "could not decap");
}
return Qtrue;
}
#open(aad, ciphertext) ⇒ plaintext
Opens (decrypts) the ciphertext using the ::OpenSSL::HPKE::Context's AEAD and returns the
recovered plaintext. aad is extra data authenticated with, but not
encrypted into, the ciphertext, and must be identical to the aad supplied
to Sender#seal, otherwise opening fails.
# File 'ext/openssl/ossl_hpke.c', line 296
static VALUE
ossl_hpke_open(VALUE self, VALUE aad, VALUE ct)
{
VALUE pt_obj;
ossl_hpke_ctx_t *data;
size_t ptlen, aadlen, ctlen;
StringValue(aad);
StringValue(ct);
aadlen = RSTRING_LEN(aad);
ctlen = RSTRING_LEN(ct);
ptlen = ctlen;
pt_obj = rb_str_new(0, ptlen);
GetHpke(self, data);
if (OSSL_HPKE_open(data->ctx, (unsigned char *)RSTRING_PTR(pt_obj), &ptlen,
(unsigned char *)RSTRING_PTR(aad), aadlen,
(unsigned char *)RSTRING_PTR(ct), ctlen) != 1) {
ossl_raise(eHPKEError, "could not open");
}
rb_str_resize(pt_obj, ptlen);
return pt_obj;
}