ccipher_factory 0.1.0 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.release_history.yml +6 -0
- data/lib/ccipher_factory/encoding/bin_struct.rb +12 -1
- data/lib/ccipher_factory/encoding/binenc_constant.rb +4 -0
- data/lib/ccipher_factory/kdf/hkdf.rb +20 -0
- data/lib/ccipher_factory/kdf/kdf.rb +3 -0
- data/lib/ccipher_factory/kdf/pbkdf2.rb +21 -0
- data/lib/ccipher_factory/kdf/scrypt.rb +20 -0
- data/lib/ccipher_factory/symkey_keystore/symkey_keystore.rb +74 -0
- data/lib/ccipher_factory/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bb2ce71c27c1cf55de4c778e9acd14c66eb67776886877ba62fc07dfa9e7d291
|
|
4
|
+
data.tar.gz: ab03a998acdad1131b9fe94d969f1854105767a2a81ac80c003e17967da2b5db
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4ae234edf1e0ca9c126600c8f5813950645912dbd400171bea2b2e911b7c5db18f76252636d4a699cbccc10b8ee281cc7f76236bbbf48831c1d2a4ab8f679f58
|
|
7
|
+
data.tar.gz: 85e8d6d06350ce23c78d649f94662c8a8bf2dbaa815c7f566742bed79037746c7f766d599022543459a94415f1ff5930443a0c1ed523543b8d53ba3bd5293d25
|
|
@@ -103,6 +103,7 @@ module CcipherFactory
|
|
|
103
103
|
int :digest
|
|
104
104
|
int :outByteLength
|
|
105
105
|
bin :salt
|
|
106
|
+
bin :value
|
|
106
107
|
end,
|
|
107
108
|
|
|
108
109
|
kdf_scrypt: Binenc::EngineFactory.instance(:bin_struct).define do
|
|
@@ -114,9 +115,9 @@ module CcipherFactory
|
|
|
114
115
|
int :blocksize
|
|
115
116
|
int :parallel
|
|
116
117
|
int :outByteLength
|
|
118
|
+
bin :value
|
|
117
119
|
end,
|
|
118
120
|
|
|
119
|
-
|
|
120
121
|
kdf_pbkdf2: Binenc::EngineFactory.instance(:bin_struct).define do
|
|
121
122
|
oid :oid, BTag.constant_value(:kdf_pbkdf2)
|
|
122
123
|
int :version, 0x0100
|
|
@@ -124,6 +125,7 @@ module CcipherFactory
|
|
|
124
125
|
bin :salt
|
|
125
126
|
int :iterations
|
|
126
127
|
int :outByteLength
|
|
128
|
+
bin :value
|
|
127
129
|
end,
|
|
128
130
|
|
|
129
131
|
|
|
@@ -150,6 +152,15 @@ module CcipherFactory
|
|
|
150
152
|
int :keysize
|
|
151
153
|
bin :key
|
|
152
154
|
end,
|
|
155
|
+
|
|
156
|
+
symkey_keystore: Binenc::EngineFactory.instance(:bin_struct).define do
|
|
157
|
+
oid :oid, BTag.constant_value(:symkey_keystore)
|
|
158
|
+
int :version, 0x0100
|
|
159
|
+
bin :symkey_derived
|
|
160
|
+
bin :symkey_cipher
|
|
161
|
+
bin :symkey
|
|
162
|
+
end,
|
|
163
|
+
|
|
153
164
|
|
|
154
165
|
symkey_att_sign: Binenc::EngineFactory.instance(:bin_struct).define do
|
|
155
166
|
oid :oid, BTag.constant_value(:symkey_att_sign)
|
|
@@ -27,6 +27,8 @@ if not defined?(BTag)
|
|
|
27
27
|
define_constant(:symkey_att_sign, "#.22")
|
|
28
28
|
|
|
29
29
|
define_constant(:kcv, "#.30")
|
|
30
|
+
|
|
31
|
+
define_constant(:symkey_keystore, "#.50")
|
|
30
32
|
end
|
|
31
33
|
|
|
32
34
|
define_constant(:compression, "#.40") do
|
|
@@ -44,6 +46,8 @@ if not defined?(BTag)
|
|
|
44
46
|
|
|
45
47
|
define_constant(:ecc_att_sign, "#.12")
|
|
46
48
|
end
|
|
49
|
+
|
|
50
|
+
define_constant(:asymkey_keystore, "#.50")
|
|
47
51
|
end
|
|
48
52
|
|
|
49
53
|
define_constant(:composite, "#.60") do
|
|
@@ -13,6 +13,7 @@ module CcipherFactory
|
|
|
13
13
|
|
|
14
14
|
attr_accessor :outByteLength, :salt
|
|
15
15
|
attr_accessor :digestAlgo
|
|
16
|
+
attr_accessor :attachedDigest, :attachedValue
|
|
16
17
|
attr_reader :derivedVal
|
|
17
18
|
def derive_init(*args, &block)
|
|
18
19
|
|
|
@@ -21,6 +22,12 @@ module CcipherFactory
|
|
|
21
22
|
|
|
22
23
|
@salt = SecureRandom.random_bytes(@outByteLength) if is_empty?(@salt)
|
|
23
24
|
|
|
25
|
+
if is_empty?(@attachedValue)
|
|
26
|
+
@attachedDigest = false if is_empty?(@attachedDigest)
|
|
27
|
+
else
|
|
28
|
+
@attachedDigest = true
|
|
29
|
+
end
|
|
30
|
+
|
|
24
31
|
if block
|
|
25
32
|
instance_eval(&block)
|
|
26
33
|
derive_final
|
|
@@ -96,10 +103,23 @@ module CcipherFactory
|
|
|
96
103
|
ts.digest = BTag.constant_value(digestId)
|
|
97
104
|
ts.salt = @salt
|
|
98
105
|
ts.outByteLength = @outByteLength
|
|
106
|
+
if is_bool?(@attachedDigest) and @attachedDigest
|
|
107
|
+
ts.value = @derivedVal
|
|
108
|
+
else
|
|
109
|
+
ts.value = ""
|
|
110
|
+
end
|
|
99
111
|
ts.encoded
|
|
100
112
|
|
|
101
113
|
end
|
|
102
114
|
|
|
115
|
+
def is_attached_mode?
|
|
116
|
+
if is_empty?(@attachedValue)
|
|
117
|
+
@attachedDigest
|
|
118
|
+
else
|
|
119
|
+
true
|
|
120
|
+
end
|
|
121
|
+
end
|
|
122
|
+
|
|
103
123
|
private
|
|
104
124
|
def logger
|
|
105
125
|
if @logger.nil?
|
|
@@ -47,6 +47,7 @@ module CcipherFactory
|
|
|
47
47
|
kdf.salt = ts.salt
|
|
48
48
|
kdf.outByteLength = ts.outByteLength
|
|
49
49
|
kdf.digest = Digest.from_encoded(ts.digest)
|
|
50
|
+
kdf.attachedValue = ts.value
|
|
50
51
|
kdf.derive_init
|
|
51
52
|
kdf
|
|
52
53
|
when :kdf_hkdf
|
|
@@ -55,6 +56,7 @@ module CcipherFactory
|
|
|
55
56
|
kdf.digestAlgo = BTag.value_constant(ts.digest)
|
|
56
57
|
kdf.salt = ts.salt
|
|
57
58
|
kdf.outByteLength = ts.outByteLength
|
|
59
|
+
kdf.attachedValue = ts.value
|
|
58
60
|
kdf.derive_init
|
|
59
61
|
when :kdf_pbkdf2
|
|
60
62
|
kdf = KDFEngine.new
|
|
@@ -63,6 +65,7 @@ module CcipherFactory
|
|
|
63
65
|
kdf.salt = ts.salt
|
|
64
66
|
kdf.iter = ts.iterations
|
|
65
67
|
kdf.outByteLength = ts.outByteLength
|
|
68
|
+
kdf.attachedValue = ts.value
|
|
66
69
|
kdf.derive_init
|
|
67
70
|
else
|
|
68
71
|
raise KDFError, "Unknown KDF envelope ID '#{ts.oid}'"
|
|
@@ -7,6 +7,8 @@ module CcipherFactory
|
|
|
7
7
|
include Common
|
|
8
8
|
|
|
9
9
|
attr_accessor :salt, :iter, :outByteLength, :digestAlgo
|
|
10
|
+
attr_accessor :attachedDigest, :attachedValue
|
|
11
|
+
attr_reader :derivedVal
|
|
10
12
|
|
|
11
13
|
def derive_init(*args, &block)
|
|
12
14
|
|
|
@@ -15,6 +17,12 @@ module CcipherFactory
|
|
|
15
17
|
|
|
16
18
|
@salt = SecureRandom.random_bytes(@outByteLength) if is_empty?(@salt)
|
|
17
19
|
|
|
20
|
+
if is_empty?(@attachedValue)
|
|
21
|
+
@attachedDigest = false if is_empty?(@attachedDigest)
|
|
22
|
+
else
|
|
23
|
+
@attachedDigest = true
|
|
24
|
+
end
|
|
25
|
+
|
|
18
26
|
if block
|
|
19
27
|
instance_eval(&block)
|
|
20
28
|
derive_final
|
|
@@ -65,10 +73,23 @@ module CcipherFactory
|
|
|
65
73
|
ts.salt = @salt
|
|
66
74
|
ts.outByteLength = @outByteLength
|
|
67
75
|
ts.iterations = hconf.iter
|
|
76
|
+
if is_bool?(@attachedDigest) and @attachedDigest
|
|
77
|
+
ts.value = @derivedVal
|
|
78
|
+
else
|
|
79
|
+
ts.value = ""
|
|
80
|
+
end
|
|
68
81
|
ts.encoded
|
|
69
82
|
|
|
70
83
|
end
|
|
71
84
|
|
|
85
|
+
def is_attached_mode?
|
|
86
|
+
if is_empty?(@attachedValue)
|
|
87
|
+
@attachedDigest
|
|
88
|
+
else
|
|
89
|
+
true
|
|
90
|
+
end
|
|
91
|
+
end
|
|
92
|
+
|
|
72
93
|
def logger
|
|
73
94
|
if @logger.nil?
|
|
74
95
|
@logger = TeLogger::Tlogger.new
|
|
@@ -14,6 +14,7 @@ module CcipherFactory
|
|
|
14
14
|
##
|
|
15
15
|
attr_accessor :cost, :parallel, :blocksize, :salt, :outByteLength
|
|
16
16
|
attr_accessor :digestAlgo, :digest
|
|
17
|
+
attr_accessor :attachedDigest, :attachedValue
|
|
17
18
|
attr_reader :derivedVal
|
|
18
19
|
def derive_init(*args, &block)
|
|
19
20
|
|
|
@@ -44,6 +45,12 @@ module CcipherFactory
|
|
|
44
45
|
|
|
45
46
|
@digest.output(intOutputBuf)
|
|
46
47
|
|
|
48
|
+
if is_empty?(@attachedValue)
|
|
49
|
+
@attachedDigest = false if is_empty?(@attachedDigest)
|
|
50
|
+
else
|
|
51
|
+
@attachedDigest = true
|
|
52
|
+
end
|
|
53
|
+
|
|
47
54
|
if block
|
|
48
55
|
instance_eval(&block)
|
|
49
56
|
derive_final
|
|
@@ -85,10 +92,23 @@ module CcipherFactory
|
|
|
85
92
|
ts.blocksize = @blocksize
|
|
86
93
|
ts.parallel = @parallel
|
|
87
94
|
ts.outByteLength = @outByteLength
|
|
95
|
+
if is_bool?(@attachedDigest) and @attachedDigest
|
|
96
|
+
ts.value = @derivedVal
|
|
97
|
+
else
|
|
98
|
+
ts.value = ""
|
|
99
|
+
end
|
|
88
100
|
ts.encoded
|
|
89
101
|
|
|
90
102
|
end
|
|
91
103
|
|
|
104
|
+
def is_attached_mode?
|
|
105
|
+
if is_empty?(@attachedValue)
|
|
106
|
+
@attachedDigest
|
|
107
|
+
else
|
|
108
|
+
true
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
|
|
92
112
|
private
|
|
93
113
|
def logger
|
|
94
114
|
if @logger.nil?
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
|
|
2
|
+
|
|
3
|
+
module CcipherFactory
|
|
4
|
+
class SymKeyKeystore
|
|
5
|
+
include TR::CondUtils
|
|
6
|
+
def self.from_encoded(bin, &block)
|
|
7
|
+
|
|
8
|
+
raise SymKeyCipherError, "Block is required" if not block
|
|
9
|
+
|
|
10
|
+
ts = BinStruct.instance.struct_from_bin(bin)
|
|
11
|
+
from_tspec(ts, &block)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def self.from_tspec(ts, &block)
|
|
15
|
+
|
|
16
|
+
sk = CcipherFactory::SymKey.from_encoded(ts.symkey_derived) do |ops|
|
|
17
|
+
case ops
|
|
18
|
+
when :password
|
|
19
|
+
block.call(:password)
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
dec = CcipherFactory::SymKeyCipher.att_decryptor
|
|
24
|
+
decOut = MemBuf.new
|
|
25
|
+
dec.output(decOut)
|
|
26
|
+
dec.key = sk
|
|
27
|
+
dec.att_decrypt_init
|
|
28
|
+
dec.att_decrypt_update(ts.symkey_cipher)
|
|
29
|
+
dec.att_decrypt_final
|
|
30
|
+
|
|
31
|
+
CcipherFactory::SymKey.from_encoded(decOut.bytes)
|
|
32
|
+
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def to_keystore(key, &block)
|
|
36
|
+
|
|
37
|
+
raise SymKeyCipherError, "Key is required" if is_empty?(key)
|
|
38
|
+
raise SymKeyCipherError, "Block is required" if not block
|
|
39
|
+
|
|
40
|
+
# 1. Derive session key from user password
|
|
41
|
+
sk = CcipherFactory::SymKeyGenerator.derive(:aes, 256) do |ops|
|
|
42
|
+
case ops
|
|
43
|
+
when :password
|
|
44
|
+
pass = block.call(:password)
|
|
45
|
+
if is_empty?(pass)
|
|
46
|
+
raise SymKeyCipherError, "Password is required"
|
|
47
|
+
end
|
|
48
|
+
pass
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
# 2. Encrypt the given key with session key
|
|
53
|
+
enc = CcipherFactory::SymKeyCipher.att_encryptor
|
|
54
|
+
enc.mode = :gcm
|
|
55
|
+
enc.key = sk
|
|
56
|
+
|
|
57
|
+
encOut = MemBuf.new
|
|
58
|
+
enc.output(encOut)
|
|
59
|
+
|
|
60
|
+
key.attach_mode
|
|
61
|
+
|
|
62
|
+
enc.att_encrypt_init
|
|
63
|
+
enc.att_encrypt_update(key.encoded)
|
|
64
|
+
enc.att_encrypt_final
|
|
65
|
+
|
|
66
|
+
ts = BinStruct.instance.struct(:symkey_keystore)
|
|
67
|
+
ts.symkey_derived = sk.encoded
|
|
68
|
+
ts.symkey_cipher = encOut.bytes
|
|
69
|
+
ts.symkey = "testing"
|
|
70
|
+
ts.encoded
|
|
71
|
+
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ccipher_factory
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ian
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-03-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: toolrack
|
|
@@ -87,6 +87,7 @@ executables: []
|
|
|
87
87
|
extensions: []
|
|
88
88
|
extra_rdoc_files: []
|
|
89
89
|
files:
|
|
90
|
+
- ".release_history.yml"
|
|
90
91
|
- ".rspec"
|
|
91
92
|
- Gemfile
|
|
92
93
|
- Gemfile.lock-java
|
|
@@ -145,6 +146,7 @@ files:
|
|
|
145
146
|
- lib/ccipher_factory/symkey_cipher/symkey_sign.rb
|
|
146
147
|
- lib/ccipher_factory/symkey_cipher/symkey_signer.rb
|
|
147
148
|
- lib/ccipher_factory/symkey_cipher/symkey_verify.rb
|
|
149
|
+
- lib/ccipher_factory/symkey_keystore/symkey_keystore.rb
|
|
148
150
|
- lib/ccipher_factory/version.rb
|
|
149
151
|
- run_test.rb
|
|
150
152
|
homepage: https://github.com/cameronian/ccipher_factory
|