ccipher_factory 0.1.0

data/lib/ccipher_factory/encoding/asn1.rb

@@ -0,0 +1,43 @@
+
+
+module CcipherFactory 
+  module Encoding
+    class EncoderError < StandardError; end
+
+    class InsufficientData < StandardError; end
+
+    def self.extract_meta(buf, &block)
+
+      cpos = buf.pos
+
+      begin
+
+        #len = find_asn1_length(buf.string)
+        len = Ccrypto::ASN1.engine.asn1_length(buf.bytes)
+        #logger.debug "Found meta length : #{len}" if not logger.nil?
+        raise InsufficientData if len == 0
+
+        buf.rewind
+        meta = buf.read(len)
+
+        if block
+          block.call(meta, buf.read(cpos-len))
+        else
+          meta
+        end
+
+        #rescue OpenSSL::ASN1::ASN1Error => ex
+      rescue Ccrypto::ASN1EngineException => ex
+        logger.error ex
+        buf.seek(cpos)
+        raise InsufficientData
+      end
+
+    end
+
+  end
+end
+
+#require_relative 'asn1_encoder'
+#require_relative 'asn1_decoder'
+

data/lib/ccipher_factory/encoding/bin_struct.rb

@@ -0,0 +1,207 @@
+
+require 'singleton'
+
+module CcipherFactory
+  class BinStruct
+    include Singleton
+
+    def struct(key, ver = "1.0")
+      st = structure(ver)[key] 
+      st.clone if not st.nil?
+    end
+
+    def struct_from_bin(bin)
+      bs = Binenc::EngineFactory.instance(:bin_struct)
+      type, ver = bs.value_from_bin_struct(bin, 0, 1)
+      c = BTag.value_constant(type) 
+      st = struct(c, translate_version(ver))
+      st.from_bin(bin) if not st.nil?
+    end
+
+    private
+    def logger
+      if @logger.nil?
+        @logger = TeLogger::Tlogger.new
+        @logger.tag = :binstruct
+      end
+      @logger
+    end
+
+    def structure(ver = "1.0")
+      
+      if @struct.nil?
+        @struct = {  }
+
+        @struct["1.0"] = {
+
+          compression_none: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:compression_none)
+            int :version, 0x0100
+          end,
+
+          compression_zlib: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:compression_zlib)
+            int :version, 0x0100
+          end,
+
+          digest: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:digest)
+            int :version, 0x0100
+            int :digest_algo
+            bin :salt
+          end,
+
+          digest_attached: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:digest_attached)
+            int :version, 0x0100
+            bin :digest_config
+            bin :digest_value
+          end,
+
+          ecc_att_sign: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:ecc_att_sign)
+            int :version, 0x0100
+            bin :ecc_signature
+            bin :compression
+          end,
+
+          ecc_cipher: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:ecc_cipher)
+            int :version, 0x0100
+            bin :sender_public
+            bin :cipher_config
+            bin :key_config
+          end,
+
+          ecc_signature: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:ecc_signature)
+            int :version, 0x0100
+            bin :digest_info
+            bin :signer_info
+            bin :signature
+          end,
+
+          ecc_signer_info: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:ecc_signer_info)
+            int :version, 0x0100
+            int :signer_info_type, BTag.constant_value(:public_key)
+            bin :signer_info_value
+          end,
+
+          kcv: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:kcv)
+            int :version, 0x0100
+            int :mode
+            bin :iv
+            bin :nonce
+            bin :check_value
+          end,
+
+          kdf_hkdf: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:kdf_hkdf)
+            int :version, 0x0100
+            int :digest
+            int :outByteLength
+            bin :salt
+          end,
+
+          kdf_scrypt: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:kdf_scrypt)
+            int :version, 0x0100
+            bin :digest
+            bin :salt
+            int :cost
+            int :blocksize
+            int :parallel
+            int :outByteLength
+          end,
+
+
+          kdf_pbkdf2: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:kdf_pbkdf2)
+            int :version, 0x0100
+            int :digest
+            bin :salt
+            int :iterations
+            int :outByteLength
+          end,
+
+
+          shared_secret: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:shared_secret)
+            int :version, 0x0100
+            int :req_share
+            int :share_id
+            bin :serial
+            bin :shared_value
+          end,
+
+          sign_encrypt_cipher: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:sign_encrypt_cipher)
+            int :version, 0x0100
+            bin :signer_config
+            bin :cipher_config
+          end,
+
+          symkey: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:symkey)
+            int :version, 0x0100
+            int :keytype
+            int :keysize
+            bin :key
+          end,
+          
+          symkey_att_sign: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:symkey_att_sign)
+            int :version, 0x0100
+            bin :symkey_signature
+            bin :compression
+          end,
+
+          symkey_cipher: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:symkey_cipher)
+            int :version, 0x0100
+
+            int :mode
+            bin :iv
+            bin :compression
+            bin :auth_tag
+          end,
+
+          symkey_derived: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:symkey_derived)
+            int :version, 0x0100
+
+            int :keytype
+            int :keysize
+            bin :kdf_config
+            bin :kcv
+          end,
+
+          symkey_signature: Binenc::EngineFactory.instance(:bin_struct).define do
+            oid :oid, BTag.constant_value(:symkey_signature)
+            int :version, 0x0100
+
+            int :digest_algo
+            bin :signature
+          end,
+
+        }
+      end
+
+      @struct[ver]
+
+    end
+
+    def translate_version(ver)
+      case ver.to_i
+      when 0x0100
+        "1.0"
+      else
+        raise Exception, "Version #{ver} is unknown"
+      end
+    end
+
+
+  end
+end

data/lib/ccipher_factory/encoding/binenc_constant.rb

@@ -0,0 +1,149 @@
+
+if not defined?(BTag)
+
+  BTag = Binenc::BinTag.new 
+
+  BTag.load do
+
+    # hierarchy
+    define_constant(:root, '2.8.8') do
+
+      define_constant(:kdf, "#.10") do
+        define_constant(:kdf_scrypt, "#.0")
+        define_constant(:kdf_hkdf, "#.1")
+        define_constant(:kdf_pbkdf2, "#.2")
+      end
+
+      define_constant(:digest, "#.20")
+      define_constant(:digest_attached, "#.21")
+
+      define_constant(:symkey, "#.30") do
+        define_constant(:symkey_derived, "#.0")
+        define_constant(:plain_symkey, "#.1")
+        define_constant(:symkey_vtype_kdf, "#.2")
+
+        define_constant(:symkey_cipher, "#.20")
+        define_constant(:symkey_signature, "#.21")
+        define_constant(:symkey_att_sign, "#.22")
+
+        define_constant(:kcv, "#.30")
+      end
+
+      define_constant(:compression, "#.40") do
+        define_constant(:compression_none, "#.0")
+        define_constant(:compression_zlib, "#.1")
+        define_constant(:compression_zlib_attached, "#.2")
+      end
+
+      define_constant(:asymkey, "#.50") do
+        define_constant(:ecc, "#.1") do
+          define_constant(:ecc_cipher, "#.10")
+          define_constant(:ecc_signature, "#.11") do
+            define_constant(:ecc_signer_info, "#.1")
+          end
+
+          define_constant(:ecc_att_sign, "#.12")
+        end
+      end
+
+      define_constant(:composite, "#.60") do
+        define_constant(:sign_encrypt_cipher, "#.1")
+      end
+
+      define_constant(:shared_secret, "#.70")
+
+    end
+
+
+
+    # constant
+    define_constant(:sha1,         0x0101)
+    define_constant(:sha256,       0x0102)
+    define_constant(:sha384,       0x0103)
+    define_constant(:sha224,       0x0104)
+    define_constant(:sha512,       0x0105)
+    define_constant(:sha512_224,   0x0106)
+    define_constant(:sha512_256,   0x0107)
+
+    define_constant(:sha3_256,     0x0110)
+    define_constant(:sha3_224,     0x0111)
+    define_constant(:sha3_384,     0x0112)
+    define_constant(:sha3_512,     0x0113)
+
+    define_constant(:shake128,     0x0120)
+    define_constant(:shake256,     0x0121)
+
+    define_constant(:blake2b160,   0x0130)
+    define_constant(:blake2b256,   0x0131)
+    define_constant(:blake2b384,   0x0132)
+    define_constant(:blake2b512,   0x0133)
+
+    define_constant(:blake2s128,   0x0134)
+    define_constant(:blake2s160,   0x0135)
+    define_constant(:blake2s224,   0x0136)
+    define_constant(:blake2s256,   0x0137)
+
+    define_constant(:haraka256,    0x0140)
+    define_constant(:haraka512,    0x0141)
+
+    define_constant(:shake128_256, 0x0142)
+    define_constant(:shake256_512, 0x0143)
+
+    define_constant(:sm3,          0x0144)
+    define_constant(:whirlpool,    0x0145)
+
+    define_constant(:keccak224,    0x0150)
+    define_constant(:keccak256,    0x0151)
+    define_constant(:keccak288,    0x0152)
+    define_constant(:keccak384,    0x0153)
+    define_constant(:keccak512,    0x0154)
+
+    define_constant(:ripemd128,    0x0160)
+    define_constant(:ripemd160,    0x0161)
+    define_constant(:ripemd256,    0x0162)
+    define_constant(:ripemd320,    0x0163)
+
+    define_constant(:skein1024_1024, 0x0170)
+    define_constant(:skein1024_384, 0x0171)
+    define_constant(:skein1024_512, 0x0172)
+
+    define_constant(:skein256_128, 0x0173)
+    define_constant(:skein256_160, 0x0174)
+    define_constant(:skein256_224, 0x0175)
+    define_constant(:skein256_256, 0x0176)
+
+    define_constant(:skein512_128, 0x0177)
+    define_constant(:skein512_160, 0x0178)
+    define_constant(:skein512_224, 0x0179)
+    define_constant(:skein512_256, 0x0180)
+    define_constant(:skein512_384, 0x0181)
+    define_constant(:skein512_512, 0x0182)
+
+
+    define_constant(:aes,          0x0201)
+    define_constant(:chacha20,     0x0202)
+    define_constant(:chacha20_poly1305, 0x0203)
+    define_constant(:blowfish,     0x0204)
+    define_constant(:camellia,     0x0205)
+    define_constant(:aria,         0x0206)
+
+    define_constant(:gcm, 0x0220)
+    define_constant(:cbc, 0x0221)
+    define_constant(:cfb, 0x0222)
+    define_constant(:ctr, 0x0223)
+    define_constant(:ccm, 0x0224)
+
+    define_constant(:ecb, 0x0225)
+
+    define_constant(:ofb, 0x0226)
+    define_constant(:ocb, 0x0227)
+
+    define_constant(:poly1305,   0x0228)
+
+    define_constant(:public_key, 0x0230)
+    define_constant(:x509_cert,  0x0231)
+    define_constant(:cf_cert,    0x0232)
+
+
+  end
+end

data/lib/ccipher_factory/helpers/common.rb

@@ -0,0 +1,124 @@
+
+require 'tempfile'
+
+module CcipherFactory
+  module Common
+    include TR::CondUtils
+
+    # 
+    # output section
+    #
+    def output(output)
+      raise CcipherFactory::Error, "Output requires to support write(). StringIO is a good example." if output.nil? or not output.respond_to?(:write)
+      @output = output
+    end
+
+    def output_obj
+      @output
+    end
+
+    def write_to_output(val)
+      @output.write(val) if not @output.nil? and not_empty?(val)
+    end
+
+    def is_output_given?
+      not @output.nil?
+    end
+
+    def intOutputBuf
+      if @intOutputBuf.nil?
+        @intOutputBuf = MemBuf.new
+      end
+      @intOutputBuf
+    end
+
+    def cleanup_intOutputBuf
+      if not @intOutputBuf.nil?
+        @intOutputBuf = nil
+      end
+    end
+
+    def intOutputFile
+      if @intOutputFile.nil?
+        @intOutputFile = Tempfile.new
+      end
+      @intOutputFile
+    end
+
+    def cleanup_intOutputFile
+      if not @intOutputFile.nil?
+        @intOutputFile.close!
+        @intOutputFile = nil
+      end
+    end
+
+    def disposeOutput(obj)
+      case obj
+      when intOutputBuf
+        cnt = 0
+        len = @intOutputBuf.length
+        loop do
+          @intOutputBuf.rewind
+          @intOutputBuf.write(SecureRandom.random_bytes(len))
+          cnt += 1
+          break if cnt >= 16
+        end
+        @intOutputBuf.rewind
+        @intOutputBuf = nil
+      when intOutputFile
+        @intOutputFile.close!
+      end
+    end
+    # 
+    # end output section
+    #
+
+    # 
+    # attached mode
+    # Flag to indicate if the result of the operation 
+    # should be part of the header/meta data directly
+    # return from the API
+    #
+    def attach_mode
+      @attachMode = true
+    end
+
+    def detach_mode
+      @attachMode = false
+    end
+
+    def is_attach_mode?
+      if @attachMode.nil? or not is_bool?(@attachMode)
+        # default detach
+        # The impact is mainly on huge data encrypt/decrypt
+        # Returning the huge data through the API returned might
+        # have undetermined behaviour
+        false
+      else
+        @attachMode
+      end
+    end
+    # 
+    # End attach mode section
+    #
+
+
+    def sanitize_symbol(sym, conv = :downcase)
+      if not_empty?(sym)
+        case conv
+        when :downcase
+          sym.to_s.downcase.to_sym
+        when :upcase
+          sym.to_s.upcase.to_sym
+        when :capitalize
+          sym.to_s.capitalize.to_sym
+        else
+          sym
+        end
+      else
+        sym
+      end
+    end
+
+  end
+end

data/lib/ccipher_factory/kcv/kcv.rb

@@ -0,0 +1,89 @@
+
+require_relative '../symkey_cipher/symkey_cipher'
+require_relative '../symkey_cipher/symkey_encrypt'
+
+module CcipherFactory
+  class KCV
+    include TR::CondUtils
+    include SymKeyCipher::SymKeyEncrypt
+
+    class KCVError < StandardError; end
+
+    attr_accessor :nonce, :check_value
+
+    def self.from_encoded(bin) 
+
+      ts = BinStruct.instance.struct_from_bin(bin)
+      kcv = KCV.new
+      kcv.mode = BTag.constant_value(ts.mode)
+      kcv.iv = ts.iv
+      kcv.nonce = ts.nonce
+      kcv.check_value = ts.check_value
+
+      kcv
+
+    end
+
+    def self.converter
+      if @conv.nil?
+        @conv = Ccrypto::UtilFactory.instance(:data_converter)
+      end
+      @conv
+    end
+
+    def is_matched?
+      logger.tdebug :kcv_match, "Check if KCV matched"
+      encoded
+      res = intOutputBuf.bytes
+      comp = Ccrypto::UtilFactory.instance(:comparator)
+      comp.is_equal?(@check_value, res)
+    end
+
+    def encoded(&block)
+
+      raise KCVError, "Key must be given" if is_empty?(@key)
+
+      logger.debug "Generating KCV"
+      compression_off
+      output(intOutputBuf)
+
+      if block
+        logger.debug "Block given"
+        @iv = block.call(:kcv_cipher_iv)
+      end
+
+      encrypt_init(@key)
+
+      if is_empty?(@nonce)
+        logger.debug "Random nounce"
+        @nonce = SecureRandom.random_bytes(@key.keysize)
+      else
+        logger.debug "Nounce is given"
+      end
+
+      encrypt_update(@nonce)
+      encrypt_final
+
+      ts = BinStruct.instance.struct(:kcv)
+      ts.mode = BTag.constant_value(@mode)
+      ts.iv = @iv
+      ts.nonce = @nonce
+      ts.check_value = intOutputBuf.bytes
+      
+      ts.encoded
+
+    end
+
+    def self.logger
+      if @logger.nil?
+        @logger = Tlogger.new
+        @logger.tag = :kcv
+      end
+      @logger
+    end
+    def logger
+      self.class.logger
+    end
+
+  end
+end