Add Sodium::CryptoBox::SecretKey#decrypt_string

Add Sodium::SecretBox#decrypt_string
Add Documentation.
This commit is contained in:
Didactic Drunk 2019-09-14 06:05:13 -07:00
parent 8572ba65c8
commit 8aea82b296
3 changed files with 46 additions and 19 deletions

View File

@ -32,11 +32,11 @@ describe Sodium::SecretBox do
message = "foobar" message = "foobar"
encrypted, nonce = box.encrypt message encrypted, nonce = box.encrypt message
decrypted = box.decrypt encrypted, nonce: nonce decrypted = box.decrypt_string encrypted, nonce: nonce
message.should eq String.new(decrypted) decrypted.should eq message
expect_raises(Sodium::Error::DecryptionFailed) do expect_raises(Sodium::Error::DecryptionFailed) do
box.decrypt "badmsgbadmsgbadmsgbadmsgbadmsg".to_slice, nonce box.decrypt "badmsgbadmsgbadmsgbadmsgbadmsg".to_slice, nonce: nonce
end end
end end
@ -59,7 +59,7 @@ describe Sodium::SecretBox do
encrypted.should eq ciphertext encrypted.should eq ciphertext
decrypted = box.decrypt encrypted, nonce: nonce decrypted = box.decrypt encrypted, nonce: nonce
plaintext.should eq decrypted decrypted.should eq plaintext
end end
end end
@ -67,11 +67,11 @@ describe Sodium::SecretBox do
detached_test_vectors.each do |vec| detached_test_vectors.each do |vec|
box, nonce, plaintext, ciphertext = box_from_test_vector vec box, nonce, plaintext, ciphertext = box_from_test_vector vec
encrypted = box.encrypt_detached plaintext, nonce encrypted = box.encrypt_detached plaintext, nonce: nonce
encrypted.should eq ciphertext encrypted.should eq ciphertext
decrypted = box.decrypt_detached encrypted, nonce decrypted = box.decrypt_detached encrypted, nonce: nonce
plaintext.should eq decrypted decrypted.should eq plaintext
end end
end end
end end

View File

@ -10,6 +10,8 @@ class Sodium::CryptoBox
# #
# # Authenticated encryption # # Authenticated encryption
# [https://libsodium.gitbook.io/doc/public-key_cryptography/authenticated_encryption](https://libsodium.gitbook.io/doc/public-key_cryptography/authenticated_encryption#purpose) # [https://libsodium.gitbook.io/doc/public-key_cryptography/authenticated_encryption](https://libsodium.gitbook.io/doc/public-key_cryptography/authenticated_encryption#purpose)
#
# Usage:
# ``` # ```
# bob = Sodium::CryptoBox::SecretKey.new # bob = Sodium::CryptoBox::SecretKey.new
# alice = Sodium::CryptoBox::SecretKey.new # alice = Sodium::CryptoBox::SecretKey.new
@ -23,6 +25,8 @@ class Sodium::CryptoBox
# #
# # Sealed Boxes # # Sealed Boxes
# [https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes#purpose) # [https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes#purpose)
#
# Usage:
# ``` # ```
# secret_key = Sodium::CryptoBox::SecretKey.new # secret_key = Sodium::CryptoBox::SecretKey.new
# public_key = secret_key.public_key # public_key = secret_key.public_key
@ -117,11 +121,28 @@ class Sodium::CryptoBox
# Anonymously receive messages without a signature. # Anonymously receive messages without a signature.
# #
# For authenticated messages use `secret_key.box(recipient_public_key).decrypt`. # For authenticated messages use `secret_key.box(recipient_public_key).decrypt`.
def decrypt(src) #
encrypt src.to_slice # Optionally supply a destination buffer.
def decrypt(src, dst : Bytes? = nil) : Bytes
decrypt src.to_slice, dst
end end
def decrypt(src : Bytes, dst : Bytes = Bytes.new(src.bytesize - SEAL_SIZE)) : Bytes # Anonymously receive messages without a signature.
#
# For authenticated messages use `secret_key.box(recipient_public_key).decrypt`.
#
# Optionally supply a destination buffer.
def decrypt_string(src, dst : Bytes? = nil) : String
msg = decrypt src.to_slice, dst
String.new msg
end
# :nodoc:
def decrypt(src : Bytes, dst : Bytes? = nil) : Bytes
dst_size = src.bytesize - SEAL_SIZE
dst ||= Bytes.new dst_size
raise ArgumentError.new("dst.bytesize must be src.bytesize - SEAL_SIZE, got #{dst.bytesize}") unless dst.bytesize == dst_size
if LibSodium.crypto_box_seal_open(dst, src, src.bytesize, @public_key.to_slice, self.to_slice) != 0 if LibSodium.crypto_box_seal_open(dst, src, src.bytesize, @public_key.to_slice, self.to_slice) != 0
raise Sodium::Error.new("crypto_box_seal_open") raise Sodium::Error.new("crypto_box_seal_open")
end end

View File

@ -66,20 +66,26 @@ module Sodium
end end
# Returns decrypted message. # Returns decrypted message.
def decrypt(src : Bytes, nonce : Nonce) : Bytes #
dst_size = src.bytesize - MAC_SIZE # Optionally supply a destination buffer.
raise Sodium::Error::DecryptionFailed.new("encrypted data too small #{src.bytesize}") if dst_size <= 0 def decrypt(src, dst : Bytes? = nil, *, nonce : Nonce) : Bytes
dst = Bytes.new dst_size decrypt src.to_slice, dst, nonce: nonce
decrypt(src, dst, nonce)
end end
# Returns decrypted message. # Returns decrypted message.
# #
# Optionally supply a destination buffer. # Optionally supply a destination buffer.
def decrypt(src : Bytes, dst : Bytes, nonce : Nonce) : Bytes def decrypt_string(src, dst : Bytes? = nil, *, nonce : Nonce) : String
if dst.bytesize != (src.bytesize - MAC_SIZE) msg = decrypt src.to_slice, dst, nonce: nonce
raise ArgumentError.new("dst.bytesize must be src.bytesize - MAC_SIZE, got #{dst.bytesize}") String.new msg
end end
# :nodoc:
def decrypt(src : Bytes, dst : Bytes? = nil, *, nonce : Nonce) : Bytes
dst_size = src.bytesize - MAC_SIZE
dst ||= Bytes.new dst_size
raise ArgumentError.new("dst.bytesize must be src.bytesize - MAC_SIZE, got #{dst.bytesize}") if dst.bytesize != (src.bytesize - MAC_SIZE)
r = @key.readonly do r = @key.readonly do
LibSodium.crypto_secretbox_open_easy(dst, src, src.bytesize, nonce.to_slice, @key) LibSodium.crypto_secretbox_open_easy(dst, src, src.bytesize, nonce.to_slice, @key)
end end