ccrypto-ruby 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 19d85394d769795021b692546a1b3373f207245170fdb3643fe0cae3f61de767
+  data.tar.gz: 8801b56e4104f29d75c149b4cde284e9a472f84457a71adf362fa2d8cefe3549
+SHA512:
+  metadata.gz: 4c638760828f593ae2821d2c7d2043c0edd7e3774a1e1ef65c5d8f9b050deb451e4a73548d89549568ddc41c160d3de1256e0bb4ff22ca8d6989999c50d986e2
+  data.tar.gz: 91ac3b9c37c7f4fc39ba7eb1e727017e30eec7a2f809b74390a22634f35c5f4f813fe0d072a0099ae4073721586abbde9e01fac6fbf54965c077c6722aa97af8

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/Gemfile

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in ccrypto-ruby.gemspec
+gemspec
+
+gem "rake", "~> 13.0"
+
+gem "rspec", "~> 3.0"
+
+#gem "ccrypto", git: "ccrypto", branch: 'main'

data/Gemfile.lock

@@ -0,0 +1,64 @@
+GIT
+  remote: ccrypto
+  revision: 0d1c446d77fb781857f5ac087de9326bc3dafca9
+  branch: main
+  specs:
+    ccrypto (0.1.0)
+      activesupport
+      teLogger
+      toolrack
+
+PATH
+  remote: .
+  specs:
+    ccrypto-ruby (0.1.0)
+      teLogger
+      toolrack
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (7.0.3.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+    base58 (0.2.3)
+    concurrent-ruby (1.1.10)
+    diff-lcs (1.5.0)
+    i18n (1.12.0)
+      concurrent-ruby (~> 1.0)
+    minitest (5.16.2)
+    rake (13.0.6)
+    rspec (3.11.0)
+      rspec-core (~> 3.11.0)
+      rspec-expectations (~> 3.11.0)
+      rspec-mocks (~> 3.11.0)
+    rspec-core (3.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-expectations (3.11.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.11.0)
+    rspec-mocks (3.11.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.11.0)
+    rspec-support (3.11.0)
+    teLogger (0.1.0)
+    tlogger (0.26.3)
+    toolrack (0.18.5)
+      base58
+      tlogger
+    tzinfo (2.0.5)
+      concurrent-ruby (~> 1.0)
+
+PLATFORMS
+  x86_64-linux
+
+DEPENDENCIES
+  ccrypto!
+  ccrypto-ruby!
+  rake (~> 13.0)
+  rspec (~> 3.0)
+
+BUNDLED WITH
+   2.2.28

data/README.md

@@ -0,0 +1,149 @@
+# Ccrypto::Ruby
+
+This project is the Ruby implementation for the [Ccrypto](https://github.com/cameronian/ccrypto) Common Crypto API.
+
+This collection of API is meant to normalize the differences between runtimes. 
+
+Another notable implementation is [Java](https://github.com/cameronian/ccrypto-java).
+
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'ccrypto'
+gem 'ccrypto-ruby'
+```
+
+Note that gem 'ccrypto' need to precede 'ccrypto-ruby'
+
+And then execute:
+
+    $ bundle install
+
+Or install it yourself as:
+
+    $ gem install ccrypto
+    $ gem install ccrypto-ruby
+
+## Usage
+
+All operations is driven by the config object in [Ccrypto](https://github.com/cameronian/ccrypto).
+
+The following are some common operations that can easily be initiated via the respective config object.
+
+The value of [Ccrypto](https://github.com/cameronian/ccrypto) is the following codes should have same result when run with Java runtime using [ccrypto-java](https://github.com/cameronian/ccrypto-java) gem.
+
+
+### Generate Secret Key
+
+```ruby
+# Ccrypto::KeyConfig is the object for secret key generation
+keyConfig = Ccrypto::KeyConfig.new
+keyConfig.algo = :aes
+keyConfig.keysize = 256
+
+# instantiate the key generator by giving the class of Ccrypto::KeyConfig
+# There are two ways to instantiate: with class and with instance.
+# There are some engine which provides class methods which can be call when passing in the class.
+# Engine that provides instance method requires to pass in the instance to instantiate.
+
+keyGen = Ccrypto::AlgoFactory.engine(Ccrypto::KeyConfig)
+key = keyGen.generate(keyConfig)
+# key is now the AES key in 256 bits
+
+```
+
+### Encrypt & Decrypt with Secret Key
+
+```ruby
+
+# generate key
+keyConfig = Ccrypto::KeyConfig.new
+keyConfig.algo = :aes
+keyConfig.keysize = 256
+
+keyGen = Ccrypto::AlgoFactory.engine(Ccrypto::KeyConfig)
+key = keyGen.generate(keyConfig)
+
+cipherConfig = Ccrypto::DirectCipherConfig.new({ algo: :aes, keysize: 256, mode: :gcm, padding: :pkcs5, key: key })
+
+cipherConfig.cipherOps = :encrypt
+
+# library shall generate missing component such as IV if required
+# and store it back into the passed in config object
+cipher = Ccrypto::AlgoFactory.engine(cipherConfig)
+
+output = []
+output << cipher.update(data)
+output << cipher.update(data)
+
+output << cipher.final
+
+res = output.join
+
+# Encryption done!
+# res now is the encrypted data
+
+```
+
+
+### Decrypt with Secret Key
+
+```ruby
+
+decConfig = Ccrypto::DirectCipherConfig.new({ algo: :aes, keysize: 256, mode: :gcm, padding: :pkcs5, key: key, iv: cipherConfig.iv })
+
+# GCM mode has this additional tag
+decConfig.auth_tag = cipherConfig.auth_tag
+
+deCipher = Ccrypto::AlgoFactory.engine(decConfig)
+
+dres = []
+dres << deCipher.update(res)
+dres << deCipher.final
+
+# decryption done!
+# dres is the decrypted output
+
+```
+
+
+### Digest / Hashing
+
+```ruby
+
+digest = Ccrypto::AlgoFactory.engine(Ccrypto::DigestConfig)
+
+digest.digest_update("data to be digested")
+res = digest.digest_final
+
+# res is the digest output in String
+
+hres = digest.digest_final(:hex)
+# hres is the digest output converted to hex
+
+b64res = digest.digest_final(:b64)
+# b64res is the digest output converted to Base64
+
+```
+
+
+### ECC key generation
+
+```ruby
+# set the required curve name
+eccConfig = CCrypto::ECCConfig.new("secp256k1")
+ecc = Ccrypto::AlgoFactory.engine(Ccrypto::ECCConfig)
+eccKey = ecc.generate_keypair
+
+# eccKey shall be a ECC keypair
+
+```
+
+
+Refers to spec inside spec/ccrypto/xxx\_spec.rb
+
+
+

data/Rakefile

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+require 'devops_assist'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/bin/console

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "ccrypto/ruby"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/ccrypto-ruby.gemspec

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+require_relative "lib/ccrypto/ruby/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "ccrypto-ruby"
+  spec.version       = Ccrypto::Ruby::VERSION
+  spec.authors       = ["Ian"]
+  spec.email         = ["cameronian0@protonmail.com"]
+
+  spec.summary       = "Ccrypto API provider for Ruby runtime"
+  spec.description   = "Refers Ccrypto library for further info. This is the Ruby implementation of the core cryptographic API"
+  spec.homepage      = "https://github.com/cameronian/ccrypto-ruby"
+  spec.required_ruby_version = ">= 2.4.0"
+
+  #spec.metadata["allowed_push_host"] = "TODO: Set to your gem server 'https://example.com'"
+
+  #spec.metadata["homepage_uri"] = spec.homepage
+  #spec.metadata["source_code_uri"] = "TODO: Put your gem's public repo URL here."
+  #spec.metadata["changelog_uri"] = "TODO: Put your gem's CHANGELOG.md URL here."
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject do |f|
+      (f == __FILE__) || f.match(%r{\A(?:(?:test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
+    end
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'teLogger'
+  spec.add_dependency 'toolrack'
+
+  spec.add_dependency 'ccrypto'
+
+  spec.add_development_dependency 'devops_assist'
+
+  # Uncomment to register a new dependency of your gem
+  # spec.add_dependency "example-gem", "~> 1.0"
+
+  # For more information and examples about making a new gem, checkout our
+  # guide at: https://bundler.io/guides/creating_gem.html
+end

data/lib/ccrypto/provider.rb

@@ -0,0 +1,175 @@
+
+require_relative 'ruby/engines/ecc_engine'
+require_relative 'ruby/engines/digest_engine'
+require_relative 'ruby/engines/x509_engine'
+
+require_relative 'ruby/engines/scrypt_engine'
+require_relative 'ruby/engines/hkdf_engine'
+require_relative 'ruby/engines/pbkdf2_engine'
+
+require_relative 'ruby/engines/secure_random_engine'
+require_relative 'ruby/engines/cipher_engine'
+
+require_relative 'ruby/utils/comparator'
+require_relative 'ruby/utils/memory_buffer'
+require_relative 'ruby/utils/native_helper'
+
+require_relative 'ruby/engines/asn1_engine'
+require_relative 'ruby/engines/compression_engine'
+require_relative 'ruby/engines/decompression_engine'
+
+require_relative 'ruby/engines/secret_key_engine'
+require_relative 'ruby/engines/hmac_engine'
+
+require_relative 'ruby/engines/data_conversion_engine'
+
+require_relative 'ruby/engines/secret_sharing_engine'
+
+require_relative 'ruby/engines/pkcs7_engine'
+
+require_relative 'ruby/engines/rsa_engine'
+
+module Ccrypto
+  module Ruby
+    class Provider
+
+      def self.provider_name
+        "ruby"
+      end
+
+      def self.algo_instance(*args, &block)
+        config = args.first
+
+        if config.is_a?(Class) or config.is_a?(Module)
+          if config == Ccrypto::ECCConfig
+            ECCEngine
+          elsif config == Ccrypto::RSAConfig
+            RSAEngine
+          elsif config == Ccrypto::ECCKeyBundle
+            ECCKeyBundle
+          elsif config == Ccrypto::RSAKeyBundle
+            RSAKeyBundle
+          elsif config == Ccrypto::DigestConfig
+            DigestEngine
+          elsif config == Ccrypto::SecureRandomConfig
+            SecureRandomEngine
+          elsif config == Ccrypto::CipherConfig
+            CipherEngine
+          elsif config == Ccrypto::ECCPublicKey
+            Ccrypto::Ruby::ECCPublicKey
+          elsif config == Ccrypto::KeyConfig
+            Ccrypto::Ruby::SecretKeyEngine
+          elsif config == Ccrypto::SecretSharingConfig
+            SecretSharingEngine
+          else
+            raise CcryptoProviderException, "Config class '#{config}' is not supported for provider '#{self.provider_name}'"
+          end
+        else
+          case config
+          when Ccrypto::ECCConfig
+            ECCEngine.new(*args, &block)
+          when Ccrypto::RSAConfig
+            RSAEngine.new(*args, &block)
+          when Ccrypto::DigestConfig
+            DigestEngine.instance(*args, &block)
+          when Ccrypto::X509::CertProfile
+            X509Engine.new(*args,&block)
+          when Ccrypto::ScryptConfig
+            ScryptEngine.new(*args,&block)
+          when Ccrypto::HKDFConfig
+            HKDFEngine.new(*args, &block)
+          when Ccrypto::PBKDF2Config
+            PBKDF2Engine.new(*args, &block)
+          when Ccrypto::CipherConfig
+            CipherEngine.new(*args, &block)
+          when Ccrypto::HMACConfig
+            HMACEngine.new(*args, &block)
+          when Ccrypto::SecretSharingConfig
+            SecretSharingEngine.new(*args,&block)
+          when Ccrypto::PKCS7Config
+            PKCS7Engine.new(*args, &block)
+          else
+            raise CcryptoProviderException, "Config instance '#{config}' is not supported for provider '#{self.provider_name}'"
+          end
+        end
+
+        #case config
+        #when Ccrypto::ECCConfig.class
+        #  puts "ecc config class"
+        #  ECCEngine
+        #when Ccrypto::ECCConfig
+        #  puts "ecc config"
+        #  ECCEngine.new(*args, &block)
+        #when Ccrypto::DigestConfig.class
+        #  puts "digest config class"
+        #  DigestEngine
+        #when Ccrypto::DigestConfig
+        #  puts "digest config"
+        #  DigestEngine.instance(*args,&block)
+        #else
+        #  raise CcryptoProviderException, "Config '#{config}' is not supported for provider '#{self.provider_name}'"
+        #end
+
+        #case algo
+        #when :ecc
+        #  ECCEngine
+        #when :x509
+        #  if args.length > 1
+        #    X509Engine.new(*args[1..-1])
+        #  else
+        #    X509Engine
+        #  end
+        #when :scrypt
+        #  ScryptEngine.new
+        #when :secure_random
+        #  SecureRandomEngine
+        #else
+        #  if DigestEngine.is_supported?(algo)
+        #    DigestEngine.instance(algo)
+        #  elsif CipherEngine.is_supported_cipher?(algo.to_s)
+        #    if args.length > 1 or args[0].is_a?(String)
+        #      CipherEngine.new(*args)
+        #    else
+        #      CipherEngine
+        #    end
+        #  else
+        #    raise CcryptoProviderException, "Algo '#{algo}' is not supported for provider '#{self.provider_name}'"
+        #  end
+        #end
+
+      end
+
+      def self.asn1_engine(*args, &block)
+        ASN1Engine
+      end
+
+      def self.util_instance(*args, &block)
+        type = args.first
+        case type
+        when :comparator, :compare
+          ComparatorUtil
+        when :data_conversion, :converter, :data_converter
+          DataConversionEngine
+
+        when :memory_buffer, :membuf, :buffer, :mem
+          MemoryBuffer
+
+        when :compression, :compressor
+          Compression.new(*(args[1..-1]), &block)
+
+        when :decompression
+          Decompression.new(*(args[1..-1]), &block)
+
+        when :native_helper
+          NativeHelper
+
+        else
+          raise CcryptoProviderException, "Util type #{type} is not supported by provider #{self.provider_name}"
+        end
+      end
+
+    end
+  end
+end
+
+

data/lib/ccrypto/ruby/data_conversion.rb

@@ -0,0 +1,68 @@
+require 'base64'
+
+module Ccrypto
+  module Ruby
+    module DataConversion
+
+      def to_hex(bin, opts = { })
+        if not bin.nil?  
+          bin.each_byte.map { |b| b.to_s(16).rjust(2,'0') }.join
+        else
+          bin
+        end
+      end
+
+      def from_hex(str, opts = { })
+        if not str.nil?
+          str.scan(/../).map { |x| x.hex.chr }.join
+        else
+          str
+        end
+      end
+
+      def to_b64(bin, opts = { })
+        if not bin.nil?
+          if not (opts[:strict].nil? and opts[:strict] == true)
+            Base64.encode64(bin)
+          else
+            Base64.strict_encode64(bin)
+          end
+        else
+          bin
+        end
+      end
+
+      def from_b64(str, opts = { })
+        if not str.nil?
+          if not (opts[:strict].nil? and opts[:strict] == true)
+            Base64.decode64(str)
+          else
+            Base64.strict_decode64(str)
+          end
+        else
+          str
+        end
+      end
+
+      def to_int_array(str, opts = { })
+        if not str.nil?
+          str.each_char.map { |c| c.ord }
+        else
+          str
+        end
+      end
+
+      # 
+      # Add the methods to class level
+      #
+      def self.included(klass)
+        klass.class_eval <<-END
+        extend Ccrypto::Ruby::DataConversion
+        END
+      end
+
+    end
+    # end module Converter
+    #
+  end
+end 

data/lib/ccrypto/ruby/engines/asn1_engine.rb

@@ -0,0 +1,110 @@
+
+require_relative 'asn1_object'
+
+module Ccrypto
+  module Ruby
+
+    class ASN1Engine
+      include TR::CondUtils
+
+      def self.build(*args, &block)
+        type = args.first
+        val = args[1]
+        case type
+        when :oid
+          ASN1Object.new(type, OpenSSL::ASN1::ObjectId.new(val))
+        when :seq
+          ASN1Object.new(type, OpenSSL::ASN1::Sequence.new(val))
+        when :str, :utf8_str
+          ASN1Object.new(type, OpenSSL::ASN1::UTF8String.new(val))
+        when :octet_str
+          ASN1Object.new(type, OpenSSL::ASN1::OctetString.new(val))
+        when :int
+          ASN1Object.new(type, OpenSSL::ASN1::Integer.new(val))
+        when :bin
+          ASN1Object.new(type, OpenSSL::ASN1::BitString.new(val))
+        when :date, :time, :generalize_time
+          ASN1Object.new(type, OpenSSL::ASN1::GeneralizedTime.new(val))
+        else
+          raise ASN1EngineException, "Unknown ASN1 object type '#{type.class}'"
+        end
+      end
+
+      def self.to_value(*args, &block)
+        val = args.first
+        expectedType = args[1]
+        v = OpenSSL::ASN1.decode(val).value
+        if not_empty?(expectedType)
+          case expectedType
+          when :int
+            if v.is_a?(OpenSSL::BN)
+              v.to_i
+            else
+              v
+            end
+          else
+            v
+          end
+        else
+          if v.is_a?(OpenSSL::BN)
+            v.to_i
+          else
+            v
+          end
+        end
+      end
+
+      def self.asn1_length(*args, &block)
+        
+        val = args.first
+        if not_empty?(val)
+          
+          v = val
+          if v.is_a?(ASN1Object)
+            v = v.native_asn1
+          end
+
+          totalLen = 0
+          begin
+            OpenSSL::ASN1.traverse(v) do |depth,offset,headerLen,length,constructed,tagClass,tag|
+              totalLen = headerLen+length
+              break
+            end
+          rescue StandardError => ex
+          rescue OpenSSL::ASN1::ASN1Error => ex
+            raise ASN1EngineException, ex
+          end
+
+          totalLen
+
+        else
+          0
+        end
+
+
+      end
+
+      def self.openssl_to_asn1object(oasn1)
+        case oasn1
+        when OpenSSL::ASN1::ObjectId
+          type = :oid
+        when OpenSSL::ASN1::Sequence
+          type = :seq
+        when OpenSSL::ASN1::UTF8String
+          type = :str
+        when OpenSSL::ASN1::OctetString
+          type = :octet_str
+        when OpenSSL::ASN1::Integer
+          type = :int
+        when OpenSSL::ASN1::BitString
+          type = :bin
+        when OpenSSL::ASN1::GeneralizedTime
+          type = :time
+        end
+
+        ASN1Object.new(:oid, oasn1)
+      end
+
+    end
+  end
+end

data/lib/ccrypto/ruby/engines/asn1_object.rb

@@ -0,0 +1,19 @@
+
+
+module Ccrypto
+  module Ruby
+    class ASN1Object < Ccrypto::ASN1Object
+
+      def to_bin
+        case @asn1
+        when OpenSSL::ASN1::Sequence
+          seq = OpenSSL::ASN1::Sequence.new(@asn1.map { |e| e.to_der })
+          seq.to_der
+        else
+          @asn1.to_der
+        end
+      end
+
+    end
+  end
+end