aead 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,124 @@
1
+ require 'spec_helper'
2
+
3
+ require 'aead/nonce'
4
+ require 'tempfile'
5
+ require 'set'
6
+
7
+ describe AEAD::Nonce do
8
+ subject { AEAD::Nonce.new }
9
+
10
+ before do
11
+ subject.class.send(:stub_for_testing!, self.state_file)
12
+ end
13
+
14
+ after do
15
+ subject.send(:state_file).unlink
16
+ end
17
+
18
+ let(:temp_file) do
19
+ Tempfile.new('ruby-aead')
20
+ end
21
+
22
+ let(:state_file) do
23
+ Pathname.new(self.temp_file.path)
24
+ end
25
+
26
+ it 'must create nonexistent state files with restrictive permissions' do
27
+ _, err = capture_io do
28
+ self.state_file.unlink
29
+
30
+ subject.shift
31
+
32
+ self.state_file .must_be :exist?
33
+ self.state_file.stat.mode.must_equal 0100600
34
+ self.state_file.size .must_equal 12
35
+ end
36
+
37
+ err.must_match %{WARNING}
38
+ end
39
+
40
+ it 'must generate 12-byte nonces' do
41
+ subject.shift.bytesize.must_equal 12
42
+ end
43
+
44
+ it 'must generate sequential nonces' do
45
+ subject.shift.must_be :<, subject.shift
46
+ end
47
+
48
+ it 'must never generate duplicate nonces across multiple instances' do
49
+ subject.shift # ensure state is initialized
50
+
51
+ copy = subject.clone
52
+ count = subject.class::COUNTER_BATCH_SIZE * 10
53
+
54
+ t_1 = Thread.new { Set.new.tap {|s| count.times { s << subject.shift } } }
55
+ t_2 = Thread.new { Set.new.tap {|s| count.times { s << copy .shift } } }
56
+
57
+ (t_1.value + t_2.value).length.must_equal(count * 2)
58
+ end
59
+
60
+ it 'must be thread-safe' do
61
+ count = subject.class::COUNTER_BATCH_SIZE * 5
62
+ thread = -> { Set.new.tap {|s| count.times { s << subject.shift } } }
63
+ threads = 5.times.map { Thread.new(&thread) }
64
+
65
+ threads.map(&:value).inject(&:+).length.must_equal(count * 5)
66
+ end
67
+
68
+ it 'must not allow the counter to roll over' do
69
+ self.state_file.open('w') do |io|
70
+ io.write [
71
+ '1' * 12,
72
+ '0' * 4,
73
+ '%08x' % (subject.class::COUNTER_MAXIMUM_VALUE.hex - 5),
74
+ ].pack(subject.class::PACK_FORMAT)
75
+ end
76
+
77
+ subject.shift(5)
78
+
79
+ -> { subject.shift }.must_raise ArgumentError
80
+ end
81
+
82
+ it 'must reserve chunks of nonces in the state file' do
83
+ subject.shift # prime the state_file
84
+
85
+ self.state_file.open('rb') do |io|
86
+ io.read.must_equal subject.shift(subject.class::COUNTER_BATCH_SIZE).last
87
+ io.rewind
88
+
89
+ subject.shift
90
+
91
+ io.read.must_equal subject.shift(subject.class::COUNTER_BATCH_SIZE).last
92
+ end
93
+ end
94
+
95
+ it 'must abort when the nonce state file can be determined to be corrupt' do
96
+ [1, 11, 13, 500].each do |count|
97
+ self.state_file.open('w') do |io|
98
+ io.write SecureRandom.random_bytes(count)
99
+ end
100
+
101
+ -> { subject.shift }.must_raise ArgumentError
102
+ end
103
+ end
104
+
105
+ it 'must abort when the nonce contains the MAC for a different machine' do
106
+ self.state_file.open('w') do |io|
107
+ io.write [
108
+ # FIXME: use ~MAC_MULTICAST_MASK, but figure out how to do so
109
+ # reliably given Ruby's inability to do binary math correctly :(
110
+ (SecureRandom.hex(6).hex & 0xfeffffffffff).to_s(16),
111
+ SecureRandom.hex(2),
112
+ SecureRandom.hex(4),
113
+ ].pack(subject.class::PACK_FORMAT)
114
+ end
115
+
116
+ -> { subject.shift }.must_raise ArgumentError
117
+ end
118
+
119
+ it 'must not abort when the nonce contains a pseudo MAC address' do
120
+ subject.stub(:mac_address, subject.send(:mac_address_pseudo)) do
121
+ subject.shift.must_be_kind_of String
122
+ end
123
+ end
124
+ end
@@ -0,0 +1,26 @@
1
+ require 'simplecov'
2
+
3
+ unless defined?(RUBY_ENGINE) and RUBY_ENGINE == 'rbx'
4
+ SimpleCov.start do
5
+ command_name 'MiniTest'
6
+ add_filter '/spec/'
7
+ add_filter '/vendor/'
8
+ end
9
+
10
+ SimpleCov.at_exit do
11
+ SimpleCov.result.format!
12
+
13
+ path = Pathname.new('coverage/coverage.txt')
14
+ path.dirname.mkpath
15
+ path.open('w') do |io|
16
+ io << SimpleCov.result.source_files.covered_percent
17
+ end
18
+ end
19
+ end
20
+
21
+ require 'minitest/autorun'
22
+ require 'minitest/pride'
23
+ require 'minitest/spec'
24
+ require 'minitest/benchmark'
25
+
26
+ $LOAD_PATH << File.expand_path('../../lib', __FILE__)
metadata ADDED
@@ -0,0 +1,287 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: aead
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.3.0
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Stephen Touset
9
+ autorequire:
10
+ bindir: script
11
+ cert_chain: []
12
+ date: 2012-09-21 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: macaddr
16
+ requirement: !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - ~>
20
+ - !ruby/object:Gem::Version
21
+ version: '1'
22
+ type: :runtime
23
+ prerelease: false
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - ~>
28
+ - !ruby/object:Gem::Version
29
+ version: '1'
30
+ - !ruby/object:Gem::Dependency
31
+ name: bundler
32
+ requirement: !ruby/object:Gem::Requirement
33
+ none: false
34
+ requirements:
35
+ - - ! '>='
36
+ - !ruby/object:Gem::Version
37
+ version: '0'
38
+ type: :development
39
+ prerelease: false
40
+ version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
42
+ requirements:
43
+ - - ! '>='
44
+ - !ruby/object:Gem::Version
45
+ version: '0'
46
+ - !ruby/object:Gem::Dependency
47
+ name: cane
48
+ requirement: !ruby/object:Gem::Requirement
49
+ none: false
50
+ requirements:
51
+ - - ! '>='
52
+ - !ruby/object:Gem::Version
53
+ version: '0'
54
+ type: :development
55
+ prerelease: false
56
+ version_requirements: !ruby/object:Gem::Requirement
57
+ none: false
58
+ requirements:
59
+ - - ! '>='
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ - !ruby/object:Gem::Dependency
63
+ name: guard
64
+ requirement: !ruby/object:Gem::Requirement
65
+ none: false
66
+ requirements:
67
+ - - ! '>='
68
+ - !ruby/object:Gem::Version
69
+ version: '0'
70
+ type: :development
71
+ prerelease: false
72
+ version_requirements: !ruby/object:Gem::Requirement
73
+ none: false
74
+ requirements:
75
+ - - ! '>='
76
+ - !ruby/object:Gem::Version
77
+ version: '0'
78
+ - !ruby/object:Gem::Dependency
79
+ name: guard-minitest
80
+ requirement: !ruby/object:Gem::Requirement
81
+ none: false
82
+ requirements:
83
+ - - ! '>='
84
+ - !ruby/object:Gem::Version
85
+ version: '0'
86
+ type: :development
87
+ prerelease: false
88
+ version_requirements: !ruby/object:Gem::Requirement
89
+ none: false
90
+ requirements:
91
+ - - ! '>='
92
+ - !ruby/object:Gem::Version
93
+ version: '0'
94
+ - !ruby/object:Gem::Dependency
95
+ name: guard-yard
96
+ requirement: !ruby/object:Gem::Requirement
97
+ none: false
98
+ requirements:
99
+ - - ! '>='
100
+ - !ruby/object:Gem::Version
101
+ version: '0'
102
+ type: :development
103
+ prerelease: false
104
+ version_requirements: !ruby/object:Gem::Requirement
105
+ none: false
106
+ requirements:
107
+ - - ! '>='
108
+ - !ruby/object:Gem::Version
109
+ version: '0'
110
+ - !ruby/object:Gem::Dependency
111
+ name: markdown
112
+ requirement: !ruby/object:Gem::Requirement
113
+ none: false
114
+ requirements:
115
+ - - ! '>='
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ none: false
122
+ requirements:
123
+ - - ! '>='
124
+ - !ruby/object:Gem::Version
125
+ version: '0'
126
+ - !ruby/object:Gem::Dependency
127
+ name: minitest
128
+ requirement: !ruby/object:Gem::Requirement
129
+ none: false
130
+ requirements:
131
+ - - ! '>='
132
+ - !ruby/object:Gem::Version
133
+ version: '0'
134
+ type: :development
135
+ prerelease: false
136
+ version_requirements: !ruby/object:Gem::Requirement
137
+ none: false
138
+ requirements:
139
+ - - ! '>='
140
+ - !ruby/object:Gem::Version
141
+ version: '0'
142
+ - !ruby/object:Gem::Dependency
143
+ name: rake
144
+ requirement: !ruby/object:Gem::Requirement
145
+ none: false
146
+ requirements:
147
+ - - ! '>='
148
+ - !ruby/object:Gem::Version
149
+ version: '0'
150
+ type: :development
151
+ prerelease: false
152
+ version_requirements: !ruby/object:Gem::Requirement
153
+ none: false
154
+ requirements:
155
+ - - ! '>='
156
+ - !ruby/object:Gem::Version
157
+ version: '0'
158
+ - !ruby/object:Gem::Dependency
159
+ name: redcarpet
160
+ requirement: !ruby/object:Gem::Requirement
161
+ none: false
162
+ requirements:
163
+ - - ! '>='
164
+ - !ruby/object:Gem::Version
165
+ version: '0'
166
+ type: :development
167
+ prerelease: false
168
+ version_requirements: !ruby/object:Gem::Requirement
169
+ none: false
170
+ requirements:
171
+ - - ! '>='
172
+ - !ruby/object:Gem::Version
173
+ version: '0'
174
+ - !ruby/object:Gem::Dependency
175
+ name: simplecov
176
+ requirement: !ruby/object:Gem::Requirement
177
+ none: false
178
+ requirements:
179
+ - - ! '>='
180
+ - !ruby/object:Gem::Version
181
+ version: '0'
182
+ type: :development
183
+ prerelease: false
184
+ version_requirements: !ruby/object:Gem::Requirement
185
+ none: false
186
+ requirements:
187
+ - - ! '>='
188
+ - !ruby/object:Gem::Version
189
+ version: '0'
190
+ - !ruby/object:Gem::Dependency
191
+ name: yard
192
+ requirement: !ruby/object:Gem::Requirement
193
+ none: false
194
+ requirements:
195
+ - - ! '>='
196
+ - !ruby/object:Gem::Version
197
+ version: '0'
198
+ type: :development
199
+ prerelease: false
200
+ version_requirements: !ruby/object:Gem::Requirement
201
+ none: false
202
+ requirements:
203
+ - - ! '>='
204
+ - !ruby/object:Gem::Version
205
+ version: '0'
206
+ - !ruby/object:Gem::Dependency
207
+ name: version
208
+ requirement: !ruby/object:Gem::Requirement
209
+ none: false
210
+ requirements:
211
+ - - ! '>='
212
+ - !ruby/object:Gem::Version
213
+ version: '0'
214
+ type: :development
215
+ prerelease: false
216
+ version_requirements: !ruby/object:Gem::Requirement
217
+ none: false
218
+ requirements:
219
+ - - ! '>='
220
+ - !ruby/object:Gem::Version
221
+ version: '0'
222
+ description: Ruby library to generate AEADs
223
+ email: stephen@touset.org
224
+ executables: []
225
+ extensions:
226
+ - ext/openssl/cipher/aead/extconf.rb
227
+ extra_rdoc_files: []
228
+ files:
229
+ - .gitignore
230
+ - .travis.yml
231
+ - .yardopts
232
+ - Gemfile
233
+ - Guardfile
234
+ - LICENSE.md
235
+ - README.md
236
+ - Rakefile
237
+ - VERSION
238
+ - aead.gemspec
239
+ - ext/openssl/cipher/aead/.gitignore
240
+ - ext/openssl/cipher/aead/aead.c
241
+ - ext/openssl/cipher/aead/extconf.rb
242
+ - lib/aead.rb
243
+ - lib/aead/cipher.rb
244
+ - lib/aead/cipher/aes_256_cbc_hmac_sha_256.rb
245
+ - lib/aead/cipher/aes_256_ctr_hmac_sha_256.rb
246
+ - lib/aead/cipher/aes_256_gcm.rb
247
+ - lib/aead/cipher/aes_hmac.rb
248
+ - lib/aead/nonce.rb
249
+ - lib/openssl/cipher/.gitignore
250
+ - spec/aead/cipher/aes_256_cbc_hmac_sha_256_spec.rb
251
+ - spec/aead/cipher/aes_256_ctr_hmac_sha_256_spec.rb
252
+ - spec/aead/cipher/aes_256_gcm_spec.rb
253
+ - spec/aead/cipher_spec.rb
254
+ - spec/aead/nonce_spec.rb
255
+ - spec/spec_helper.rb
256
+ homepage: https://github.com/onelogin/aead
257
+ licenses: []
258
+ post_install_message:
259
+ rdoc_options: []
260
+ require_paths:
261
+ - lib
262
+ required_ruby_version: !ruby/object:Gem::Requirement
263
+ none: false
264
+ requirements:
265
+ - - ! '>='
266
+ - !ruby/object:Gem::Version
267
+ version: '0'
268
+ required_rubygems_version: !ruby/object:Gem::Requirement
269
+ none: false
270
+ requirements:
271
+ - - ! '>='
272
+ - !ruby/object:Gem::Version
273
+ version: '0'
274
+ requirements: []
275
+ rubyforge_project:
276
+ rubygems_version: 1.8.24
277
+ signing_key:
278
+ specification_version: 3
279
+ summary: Ruby library to generate AEADs
280
+ test_files:
281
+ - spec/aead/cipher/aes_256_cbc_hmac_sha_256_spec.rb
282
+ - spec/aead/cipher/aes_256_ctr_hmac_sha_256_spec.rb
283
+ - spec/aead/cipher/aes_256_gcm_spec.rb
284
+ - spec/aead/cipher_spec.rb
285
+ - spec/aead/nonce_spec.rb
286
+ - spec/spec_helper.rb
287
+ has_rdoc: