Class: Dommy::SubtleCrypto

Inherits:

Object

• Object
• Dommy::SubtleCrypto

Includes:

Bridge::Methods

Defined in:

lib/dommy/crypto.rb

Overview

‘SubtleCrypto` — `window.crypto.subtle`. Currently covers `digest` (SHA-1 / SHA-256 / SHA-384 / SHA-512), which is by far the most commonly used operation in test contexts. Encrypt / decrypt / sign / verify / key generation are out of scope; tests that need them should mock `crypto.subtle` directly.

Returned values are byte arrays — real ‘SubtleCrypto.digest` resolves to an `ArrayBuffer`; we expose the equivalent Ruby byte array so callers can convert as needed.

Constant Summary

ALGORITHMS =

{
  "SHA-1" => -> (data) { Digest::SHA1.digest(data) },
  "SHA-256" => -> (data) { Digest::SHA256.digest(data) },
  "SHA-384" => -> (data) { Digest::SHA384.digest(data) },
  "SHA-512" => -> (data) { Digest::SHA512.digest(data) }
}.freeze

Instance Method Summary

• #__js_call__(method, args) ⇒ Object
• #decrypt(algorithm, key, data) ⇒ Object
• #digest(algorithm, data) ⇒ Object
• #encrypt(algorithm, key, data) ⇒ Object

  AES-GCM encrypt.

• #generate_key(algorithm, extractable = true, usages = nil) ⇒ Object (also: #generateKey)

  Generate a fresh symmetric key.

• #import_key(format, key_data, algorithm, extractable = true, usages = nil) ⇒ Object (also: #importKey)

  Import a raw key.

• #initialize(window = nil) ⇒ SubtleCrypto constructor

  A new instance of SubtleCrypto.

• #sign(_algorithm, key, data) ⇒ Object

  HMAC sign — returns the MAC as a byte array.

• #verify(_algorithm, key, signature, data) ⇒ Object

  HMAC verify — constant-time compare of the MAC.

Methods included from Bridge::Methods

included

Constructor Details

#initialize(window = nil) ⇒ SubtleCrypto

Returns a new instance of SubtleCrypto.

# File 'lib/dommy/crypto.rb', line 94

def initialize(window = nil)
  @window = window
end

Instance Method Details

#__js_call__(method, args) ⇒ Object

# File 'lib/dommy/crypto.rb', line 239

def __js_call__(method, args)
  case method
  when "digest"
    digest(args[0], args[1])
  when "generateKey"
    generate_key(args[0], args[1], args[2])
  when "importKey"
    import_key(args[0], args[1], args[2], args[3], args[4])
  when "sign"
    sign(args[0], args[1], args[2])
  when "verify"
    verify(args[0], args[1], args[2], args[3])
  when "encrypt"
    encrypt(args[0], args[1], args[2])
  when "decrypt"
    decrypt(args[0], args[1], args[2])
  end
end

#decrypt(algorithm, key, data) ⇒ Object

# File 'lib/dommy/crypto.rb', line 223

def decrypt(algorithm, key, data)
  promise do
    bytes = coerce_bytes(data)
    tag_len = aes_gcm_tag_length(algorithm)
    raise ArgumentError, "ciphertext shorter than auth tag" if bytes.bytesize < tag_len

    ct = bytes.byteslice(0, bytes.bytesize - tag_len)
    tag = bytes.byteslice(bytes.bytesize - tag_len, tag_len)
    cipher = build_gcm_cipher(:decrypt, algorithm, key)
    cipher.auth_tag = tag
    (cipher.update(ct) + cipher.final).bytes
  end
end

#digest(algorithm, data) ⇒ Object

# File 'lib/dommy/crypto.rb', line 98

def digest(algorithm, data)
  promise do
    name = algorithm_name(algorithm)
    hasher = ALGORITHMS[name]
    raise ArgumentError, "unsupported algorithm: #{name}" unless hasher

    # WHATWG: digest() resolves to an ArrayBuffer — wrap so it crosses the
    # JS boundary as a bare ArrayBuffer (not a plain Array).
    Bridge::ArrayBuffer.new(hasher.call(coerce_bytes(data)).bytes)
  end
end

#encrypt(algorithm, key, data) ⇒ Object

AES-GCM encrypt. ‘algorithm` must be `“AES-GCM”, iv: <bytes>, additionalData?: <bytes>, tagLength?: 128`. Output is `ciphertext || authTag`, matching WebCrypto.

# File 'lib/dommy/crypto.rb', line 212

def encrypt(algorithm, key, data)
  promise do
    cipher = build_gcm_cipher(:encrypt, algorithm, key)
    ct = cipher.update(coerce_bytes(data)) + cipher.final
    # OpenSSL always produces a 16-byte tag for GCM; truncate to
    # the requested `tagLength` to honour the spec.
    tag = cipher.auth_tag.byteslice(0, aes_gcm_tag_length(algorithm))
    (ct + tag).bytes
  end
end

#generate_key(algorithm, extractable = true, usages = nil) ⇒ Object Also known as: generateKey

Generate a fresh symmetric key. ‘algorithm` is `“HMAC”, hash: “SHA-256”` or `“AES-GCM”, length: 128|256`.

# File 'lib/dommy/crypto.rb', line 112

def generate_key(algorithm, extractable = true, usages = nil)
  promise do
    case primary_algorithm_name(algorithm)
    when "HMAC"
      hash = hmac_hash_from(algorithm)
      CryptoKey.new(
        :secret,
        "HMAC",
        hash,
        SecureRandom.bytes(openssl_digest_size(hash)),
        extractable: extractable,
        usages: usages || %w[sign verify]
      )
    when "AES-GCM", "AES-CBC", "AES-CTR"
      length = (algorithm.is_a?(Hash) && (algorithm["length"] || algorithm[:length])) || 256
      raise ArgumentError, "AES key length must be 128/192/256" unless [128, 192, 256].include?(length)

      CryptoKey.new(
        :secret,
        primary_algorithm_name(algorithm),
        nil,
        SecureRandom.bytes(length / 8),
        extractable: extractable,
        usages: usages || %w[encrypt decrypt]
      )
    else
      raise ArgumentError, "unsupported algorithm: #{primary_algorithm_name(algorithm)}"
    end
  end
end

#import_key(format, key_data, algorithm, extractable = true, usages = nil) ⇒ Object Also known as: importKey

Import a raw key. Supports HMAC and AES-GCM/CBC/CTR.

# File 'lib/dommy/crypto.rb', line 146

def import_key(format, key_data, algorithm, extractable = true, usages = nil)
  promise do
    raise ArgumentError, "only raw format supported" unless format.to_s == "raw"

    bytes = coerce_bytes(key_data)
    case primary_algorithm_name(algorithm)
    when "HMAC"
      hash = hmac_hash_from(algorithm)
      CryptoKey.new(
        :secret,
        "HMAC",
        hash,
        bytes,
        extractable: extractable,
        usages: usages || %w[sign verify]
      )
    when "AES-GCM", "AES-CBC", "AES-CTR"
      unless [16, 24, 32].include?(bytes.bytesize)
        raise ArgumentError, "AES key must be 16/24/32 bytes"
      end

      CryptoKey.new(
        :secret,
        primary_algorithm_name(algorithm),
        nil,
        bytes,
        extractable: extractable,
        usages: usages || %w[encrypt decrypt]
      )
    else
      raise ArgumentError, "unsupported algorithm: #{primary_algorithm_name(algorithm)}"
    end
  end
end

#sign(_algorithm, key, data) ⇒ Object

HMAC sign — returns the MAC as a byte array.

# File 'lib/dommy/crypto.rb', line 184

def sign(_algorithm, key, data)
  promise do
    raise ArgumentError, "HMAC key required" unless key.is_a?(CryptoKey) && key.algorithm_name == "HMAC"
    raise ArgumentError, "key.usages must include 'sign'" unless key.usages.include?("sign")

    OpenSSL::HMAC.digest(openssl_digest_name(key.hash_name), key.__dommy_bytes__, coerce_bytes(data)).bytes
  end
end

#verify(_algorithm, key, signature, data) ⇒ Object

HMAC verify — constant-time compare of the MAC.

# File 'lib/dommy/crypto.rb', line 194

def verify(_algorithm, key, signature, data)
  promise do
    raise ArgumentError, "HMAC key required" unless key.is_a?(CryptoKey) && key.algorithm_name == "HMAC"
    raise ArgumentError, "key.usages must include 'verify'" unless key.usages.include?("verify")

    expected = OpenSSL::HMAC.digest(openssl_digest_name(key.hash_name), key.__dommy_bytes__, coerce_bytes(data))
    sig_bytes = coerce_bytes(signature)
    if expected.bytesize == sig_bytes.bytesize
      OpenSSL.fixed_length_secure_compare(expected, sig_bytes)
    else
      false
    end
  end
end