Class: Familia::Encryption::Provider

Inherits:

Object

• Object
• Familia::Encryption::Provider

Defined in:

lib/familia/encryption/provider.rb

Overview

Base provider class - similar to FieldType pattern

Direct Known Subclasses

Familia::Encryption::Providers::AESGCMProvider, Familia::Encryption::Providers::SecureXChaCha20Poly1305Provider, Familia::Encryption::Providers::XChaCha20Poly1305Provider

Instance Attribute Summary

• #algorithm ⇒ Object readonly

  Returns the value of attribute algorithm.

• #auth_tag_size ⇒ Object readonly

  Returns the value of attribute auth_tag_size.

• #nonce_size ⇒ Object readonly

  Returns the value of attribute nonce_size.

Class Method Summary

• .available? ⇒ Boolean

  Check if this provider is available.

• .priority ⇒ Object

  Priority for automatic selection (higher = preferred).

Instance Method Summary

• #decrypt(ciphertext, key, nonce, auth_tag, additional_data = nil) ⇒ Object
• #derive_key(master_key, context) ⇒ Object
• #encrypt(plaintext, key, additional_data = nil) ⇒ Object

  Public interface methods that subclasses must implement.

• #generate_nonce ⇒ Object
• #initialize ⇒ Provider constructor

  A new instance of Provider.

• #secure_wipe(key) ⇒ Object

  Clear key from memory (best effort, no security guarantees) Ruby provides no reliable way to securely wipe memory.

Constructor Details

#initialize ⇒ Provider

Returns a new instance of Provider.

# File 'lib/familia/encryption/provider.rb', line 9

def initialize
  @algorithm = self.class::ALGORITHM
  @nonce_size = self.class::NONCE_SIZE
  @auth_tag_size = self.class::AUTH_TAG_SIZE
end

Instance Attribute Details

#algorithm ⇒ Object (readonly)

Returns the value of attribute algorithm.

# File 'lib/familia/encryption/provider.rb', line 7

def algorithm
  @algorithm
end

#auth_tag_size ⇒ Object (readonly)

Returns the value of attribute auth_tag_size.

# File 'lib/familia/encryption/provider.rb', line 7

def auth_tag_size
  @auth_tag_size
end

#nonce_size ⇒ Object (readonly)

Returns the value of attribute nonce_size.

# File 'lib/familia/encryption/provider.rb', line 7

def nonce_size
  @nonce_size
end

Class Method Details

.available? ⇒ Boolean

Check if this provider is available

Returns:

• (Boolean)

Raises:

• (NotImplementedError)

# File 'lib/familia/encryption/provider.rb', line 39

def self.available?
  raise NotImplementedError
end

.priority ⇒ Object

Priority for automatic selection (higher = preferred)

# File 'lib/familia/encryption/provider.rb', line 44

def self.priority
  0
end

Instance Method Details

#decrypt(ciphertext, key, nonce, auth_tag, additional_data = nil) ⇒ Object

Raises:

• (NotImplementedError)

# File 'lib/familia/encryption/provider.rb', line 20

def decrypt(ciphertext, key, nonce, auth_tag, additional_data = nil)
  raise NotImplementedError
end

#derive_key(master_key, context) ⇒ Object

Raises:

• (NotImplementedError)

# File 'lib/familia/encryption/provider.rb', line 28

def derive_key(master_key, context)
  raise NotImplementedError
end

#encrypt(plaintext, key, additional_data = nil) ⇒ Object

Public interface methods that subclasses must implement

Raises:

• (NotImplementedError)

# File 'lib/familia/encryption/provider.rb', line 16

def encrypt(plaintext, key, additional_data = nil)
  raise NotImplementedError
end

#generate_nonce ⇒ Object

Raises:

• (NotImplementedError)

# File 'lib/familia/encryption/provider.rb', line 24

def generate_nonce
  raise NotImplementedError
end

#secure_wipe(key) ⇒ Object

Clear key from memory (best effort, no security guarantees) Ruby provides no reliable way to securely wipe memory

# File 'lib/familia/encryption/provider.rb', line 34

def secure_wipe(key)
  key&.clear if key.respond_to?(:clear)
end