class PKCS7::Cryptographer::Entity

Define an entity abel to decrypt or encrypt messages to send them to other entities. It uses a Cryptographer to do the dirty work and just provide a more human readable way to read an pass messages between trustable entities.

Attributes

certificate[R]

Public Class Methods

new( certificate:, key: nil, ca_store: OpenSSL::X509::Store.new ) click to toggle source

PUBLIC METHODS


# File lib/pkcs7/cryptographer/entity.rb, line 20
def initialize(
  certificate:,
  key: nil,
  ca_store: OpenSSL::X509::Store.new
)
  @key = key ? rsa_key(key) : nil
  @certificate = x509_certificate(certificate)
  @cryptographer = PKCS7::Cryptographer.new
  @ca_store = ca_store
end

Public Instance Methods

decrypt_data(data:, sender:) click to toggle source
# File lib/pkcs7/cryptographer/entity.rb, line 46
def decrypt_data(data:, sender:)
  perform_safely(sender) do
    @cryptographer.decrypt_and_verify(
      data: data,
      key: @key,
      certificate: @certificate,
      public_certificate: sender.certificate,
      ca_store: @ca_store
    )
  end
end
encrypt_data(data:, receiver:) click to toggle source
# File lib/pkcs7/cryptographer/entity.rb, line 35
def encrypt_data(data:, receiver:)
  perform_safely(receiver) do
    @cryptographer.sign_and_encrypt(
      data: data,
      key: @key,
      certificate: @certificate,
      public_certificate: receiver.certificate
    )
  end
end
trustable_entity?(entity) click to toggle source
# File lib/pkcs7/cryptographer/entity.rb, line 31
def trustable_entity?(entity)
  @ca_store.verify(entity.certificate)
end

Private Instance Methods

perform_safely(entity) { || ... } click to toggle source

PRIVATE METHODS


# File lib/pkcs7/cryptographer/entity.rb, line 62
def perform_safely(entity)
  return false unless trustable_entity?(entity)
  return false unless @key

  yield
end