Class: OpenSSL::HPKE::Context::Sender
| Relationships & Source Files | |
| Super Chains via Extension / Inclusion / Inheritance | |
|
Class Chain:
self,
::OpenSSL::HPKE::Context
|
|
|
Instance Chain:
self,
::OpenSSL::HPKE::Context
|
|
| Inherits: |
OpenSSL::HPKE::Context
|
| Defined in: | ext/openssl/ossl_hpke.c, ext/openssl/ossl_hpke.c |
Overview
The sender's side of an ::OpenSSL::HPKE context. Encapsulates a key to the recipient
with #encap and protects messages with #seal.
Class Method Summary
- .new(suite) constructor
Instance Method Summary
-
#encap(pub, info) ⇒ encapsulated_key
Takes a public key (OpenSSL::PKey) of the receiver and
infostring (application context information; value that separates the domain in which the key is used), and encapsulates a key to be used in subsequent operations. -
#seal(aad, plaintext) ⇒ sealed_message
Seals (encrypts) the
plaintextusing the::OpenSSL::HPKE::Context's AEAD.
::OpenSSL::HPKE::Context - Inherited
| #export | Derives and returns a |
Constructor Details
.new(suite)
[ GitHub ]# File 'ext/openssl/ossl_hpke.c', line 118
static VALUE
ossl_hpke_ctx_new_sender(VALUE self, VALUE suite)
{
ossl_hpke_ctx_t *data;
OSSL_HPKE_SUITE *suite_st;
if (RTYPEDDATA_DATA(self))
ossl_raise(eHPKEError, "HPKE context is already initialized");
if (!rb_obj_is_kind_of(suite, cSuite))
ossl_raise(eHPKEError, "invalid suite specified");
GetHpkeSuite(suite, suite_st);
data = ALLOC(ossl_hpke_ctx_t);
data->ctx = NULL;
data->suite = *suite_st;
data->ctx = OSSL_HPKE_CTX_new(OSSL_HPKE_MODE_BASE, data->suite,
OSSL_HPKE_ROLE_SENDER, NULL, NULL);
if (data->ctx == NULL) {
ruby_xfree(data);
ossl_raise(eHPKEError, "could not create ctx");
}
RTYPEDDATA_DATA(self) = data;
return self;
}
Instance Method Details
#encap(pub, info) ⇒ encapsulated_key
Takes a public key (OpenSSL::PKey) of the receiver and info string
(application context information; value that separates the domain in which
the key is used), and encapsulates a key to be used in subsequent operations.
Returns the encapsulated key as a String, which is to be passed to the
receiver of the following messages.
# File 'ext/openssl/ossl_hpke.c', line 189
static VALUE
ossl_hpke_encap(VALUE self, VALUE pub, VALUE info)
{
VALUE enc_obj;
size_t enclen;
ossl_hpke_ctx_t *data;
size_t publen;
size_t infolen;
GetHpke(self, data);
StringValue(pub);
StringValue(info);
publen = RSTRING_LEN(pub);
infolen = RSTRING_LEN(info);
enclen = OSSL_HPKE_get_public_encap_size(data->suite);
enc_obj = rb_str_new(0, enclen);
if (OSSL_HPKE_encap(data->ctx, (unsigned char *)RSTRING_PTR(enc_obj), &enclen,
(unsigned char *)RSTRING_PTR(pub), publen,
(unsigned char *)RSTRING_PTR(info), infolen) != 1) {
ossl_raise(eHPKEError, "could not encap");
}
rb_str_resize(enc_obj, enclen);
return enc_obj;
}
#seal(aad, plaintext) ⇒ sealed_message
Seals (encrypts) the plaintext using the ::OpenSSL::HPKE::Context's AEAD. aad is
extra data authenticated with, but not encrypted into, the ciphertext, and
must be supplied identically to Receiver#open.
# File 'ext/openssl/ossl_hpke.c', line 226
static VALUE
ossl_hpke_seal(VALUE self, VALUE aad, VALUE pt)
{
VALUE ct_obj;
ossl_hpke_ctx_t *data;
size_t ctlen, aadlen, ptlen;
GetHpke(self, data);
StringValue(aad);
StringValue(pt);
aadlen = RSTRING_LEN(aad);
ptlen = RSTRING_LEN(pt);
ctlen = OSSL_HPKE_get_ciphertext_size(data->suite, ptlen);
ct_obj = rb_str_new(0, ctlen);
if (OSSL_HPKE_seal(data->ctx, (unsigned char *)RSTRING_PTR(ct_obj), &ctlen,
(unsigned char *)RSTRING_PTR(aad), aadlen,
(unsigned char *)RSTRING_PTR(pt), ptlen) != 1) {
ossl_raise(eHPKEError, "could not seal");
}
return ct_obj;
}