Commit f2172f8

mo <mo.khan@gmail.com>
2017-12-30 20:38:27
simple -> symmetric.
main
1 parent fd928f7
Changed files (6)
lib
xml
kit
crypto
symmetric_cipher.rb
crypto.rb
encryption.rb
key_pair.rb
spec
xml
crypto
symmetric_cipher_spec.rb
encryption_spec.rb
lib/xml/kit/crypto/simple_cipher.rb → lib/xml/kit/crypto/symmetric_cipher.rb
@@ -1,15 +1,18 @@
 module Xml
   module Kit
     module Crypto
-      class SimpleCipher
+      class SymmetricCipher
+        DEFAULT_ALGORITHM="#{::Xml::Kit::Namespaces::XMLENC}aes256-cbc"
         ALGORITHMS = {
-          "#{Namespaces::XMLENC}tripledes-cbc" => "DES-EDE3-CBC",
-          "#{Namespaces::XMLENC}aes128-cbc" => "AES-128-CBC",
-          "#{Namespaces::XMLENC}aes192-cbc" => "AES-192-CBC",
-          "#{Namespaces::XMLENC}aes256-cbc" => "AES-256-CBC",
+          "#{::Xml::Kit::Namespaces::XMLENC}tripledes-cbc" => "DES-EDE3-CBC",
+          "#{::Xml::Kit::Namespaces::XMLENC}aes128-cbc" => "AES-128-CBC",
+          "#{::Xml::Kit::Namespaces::XMLENC}aes192-cbc" => "AES-192-CBC",
+          "#{::Xml::Kit::Namespaces::XMLENC}aes256-cbc" => "AES-256-CBC",
         }
 
-        def initialize(algorithm, key)
+        attr_reader :key
+
+        def initialize(algorithm, key = nil)
           @algorithm = algorithm
           @key = key || cipher.random_key
         end
lib/xml/kit/crypto.rb
@@ -1,12 +1,12 @@
 require 'xml/kit/crypto/oaep_cipher'
 require 'xml/kit/crypto/rsa_cipher'
-require 'xml/kit/crypto/simple_cipher'
+require 'xml/kit/crypto/symmetric_cipher'
 require 'xml/kit/crypto/unknown_cipher'
 
 module Xml
   module Kit
     module Crypto
-      DECRYPTORS = [ SimpleCipher, RsaCipher, OaepCipher, UnknownCipher ]
+      DECRYPTORS = [ SymmetricCipher, RsaCipher, OaepCipher, UnknownCipher ]
 
       # @!visibility private
       def self.decryptor_for(algorithm, key)
lib/xml/kit/encryption.rb
@@ -1,26 +1,35 @@
 module Xml
   module Kit
     class Encryption
-      DEFAULT_ALGORITHM="AES-256-CBC"
       attr_reader :asymmetric_algorithm
       attr_reader :asymmetric_cipher_value
       attr_reader :symmetric_algorithm
       attr_reader :symmetric_cipher_value
 
-      def initialize(raw_xml, public_key, symmetric_algorithm = DEFAULT_ALGORITHM)
-        @symmetric_algorithm = ::Xml::Kit::Crypto::SimpleCipher::ALGORITHMS.key(symmetric_algorithm)
-        cipher = OpenSSL::Cipher.new(symmetric_algorithm)
-        cipher.encrypt
-        key = cipher.random_key
-        @symmetric_cipher_value = Base64.encode64(cipher.random_iv + cipher.update(raw_xml) + cipher.final)
+      def initialize(
+        raw_xml,
+        public_key,
+        symmetric_algorithm: ::Xml::Kit::Crypto::SymmetricCipher::DEFAULT_ALGORITHM,
+        asymmetric_algorithm: "#{::Xml::Kit::Namespaces::XMLENC}rsa-1_5"
+      )
+        @symmetric_algorithm = symmetric_algorithm
+        @symmetric_cipher_value = Base64.encode64(symmetric_cipher.encrypt(raw_xml))
 
-        @asymmetric_algorithm = "#{::Xml::Kit::Namespaces::XMLENC}rsa-1_5"
-        @asymmetric_cipher_value = Base64.encode64(public_key.public_encrypt(key))
+        @asymmetric_algorithm = asymmetric_algorithm
+        @asymmetric_cipher_value = Base64.encode64(public_key.public_encrypt(symmetric_cipher.key))
       end
 
       def to_xml(xml: ::Builder::XmlMarkup.new)
         ::Xml::Kit::Template.new(self).to_xml(xml: xml)
       end
+
+      private
+
+      def symmetric_cipher
+        @symmetric_cipher ||= ::Xml::Kit::Crypto::SymmetricCipher.new(
+          symmetric_algorithm
+        )
+      end
     end
   end
 end
lib/xml/kit/key_pair.rb
@@ -24,7 +24,9 @@ module Xml
       #
       # @param use [Symbol] Can be either `:signing` or `:encryption`.
       # @param passphrase [String] the passphrase to use to encrypt the private key.
-      def self.generate(use:, passphrase: SecureRandom.uuid, algorithm: 'AES-256-CBC')
+      # @param algorithm [String] the symmetric algorithm to use for encrypting the private key.
+      def self.generate(use:, passphrase: SecureRandom.uuid, algorithm: ::Xml::Kit::Crypto::SymmetricCipher::DEFAULT_ALGORITHM)
+        algorithm = ::Xml::Kit::Crypto::SymmetricCipher::ALGORITHMS[algorithm]
         certificate, private_key = ::Xml::Kit::SelfSignedCertificate.new(passphrase).create(algorithm)
         new(certificate, private_key, passphrase, use)
       end
spec/xml/crypto/simple_cipher_spec.rb → spec/xml/crypto/symmetric_cipher_spec.rb
@@ -1,4 +1,4 @@
-RSpec.describe ::Xml::Kit::Crypto::SimpleCipher do
+RSpec.describe ::Xml::Kit::Crypto::SymmetricCipher do
   [
     "tripledes-cbc",
     "aes128-cbc",
spec/xml/encryption_spec.rb
@@ -1,13 +1,16 @@
 RSpec.describe Xml::Kit::Encryption do
   describe "#to_xml" do
     [
-      'AES-128-CBC',
-      'AES-192-CBC',
-      'AES-256-CBC',
-    ].each do |algorithm|
-      describe algorithm do
-        subject { described_class.new(xml, public_key, algorithm) }
-        let(:key_pair) { Xml::Kit::KeyPair.generate(use: :encryption, algorithm: algorithm) }
+      "#{::Xml::Kit::Namespaces::XMLENC}tripledes-cbc",
+      "#{::Xml::Kit::Namespaces::XMLENC}aes128-cbc",
+      "#{::Xml::Kit::Namespaces::XMLENC}aes192-cbc",
+      "#{::Xml::Kit::Namespaces::XMLENC}aes256-cbc",
+    ].each do |symmetric_algorithm|
+      describe symmetric_algorithm do
+        subject do 
+          described_class.new(xml, public_key, symmetric_algorithm: symmetric_algorithm)
+        end
+        let(:key_pair) { Xml::Kit::KeyPair.generate(use: :encryption, algorithm: symmetric_algorithm) }
         let(:decryptor) { Xml::Kit::Decryption.new(private_keys: [key_pair.private_key]) }
         let(:public_key) { key_pair.public_key }
         let(:xml) do