class Ccs::Decrypter

Handles client-side decryption for documents.

The decrypter uses AES-256 in CBC mode internally. A salt is expected in bytes 8..15, with ciphertext occupying the further bytes.

Public Class Methods

new(passphrase, content) click to toggle source

Constructs a Decrypter instance with given passphrase and content.

@example

Ccs::Decrypter.new('the content passphrase', content)

@param passphrase [String] Passphrase for content decryption @param content [String] Encrypted document content

# File lib/ccs/decrypter.rb, line 17
def initialize(passphrase, content)
  @passphrase = passphrase
  @content = content
end

Public Instance Methods

call() click to toggle source

Performs decryption, returning plaintext if passphrase matched.

@return [String] Plaintext document content

# File lib/ccs/decrypter.rb, line 25
def call
  decryptor.pkcs5_keyivgen(@passphrase, ciphertext_salt, 1)
  result = decryptor.update(encrypted)
  result << decryptor.final
end

Private Instance Methods

ciphertext_salt() click to toggle source
# File lib/ccs/decrypter.rb, line 41
def ciphertext_salt
  openssl_salted_ciphertext[8..15]
end
decryptor() click to toggle source
# File lib/ccs/decrypter.rb, line 33
def decryptor
  @decryptor ||= OpenSSL::Cipher::AES.new(256, :CBC).decrypt
end
encrypted() click to toggle source
# File lib/ccs/decrypter.rb, line 45
def encrypted
  openssl_salted_ciphertext[16..-1]
end
openssl_salted_ciphertext() click to toggle source
# File lib/ccs/decrypter.rb, line 37
def openssl_salted_ciphertext
  @openssl_salted_ciphertext ||= Base64.strict_decode64 @content
end