crypto_laser 0.0.1

data/.gitignore

@@ -0,0 +1,7 @@
+.DS_Store
+*~
+/.rake_test_cache
+/.idea/workspace.xml
+/tmp
+/log/*.log
+/.scratch_dir

data/.idea/.name

@@ -0,0 +1 @@
+crypto_laser

data/.idea/.rakeTasks

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Settings><!--This file was automatically generated by Ruby plugin.
+You are allowed to: 
+1. Remove rake task
+2. Add existing rake tasks
+To add existing rake tasks automatically delete this file and reload the project.
+--><RakeGroup description="" fullCmd="" taksId="rake"><RakeTask description="Run specs and features (default)" fullCmd="default" taksId="default" /><RakeTask description="Run specs" fullCmd="spec" taksId="spec" /></RakeGroup></Settings>

data/.idea/crypto_laser.iml

@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="RUBY_MODULE" version="4">
+  <component name="NewModuleRootManager">
+    <content url="file://$MODULE_DIR$" />
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" scope="PROVIDED" name="aead (v1.6.1, RVM: ruby-1.9.3-p194 [crypto_laser]) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="bundler (v1.2.1, RVM: ruby-1.9.3-p194 [crypto_laser]) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="diff-lcs (v1.1.3, RVM: ruby-1.9.3-p194 [crypto_laser]) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="macaddr (v1.6.1, RVM: ruby-1.9.3-p194 [crypto_laser]) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rake (v10.0.3, RVM: ruby-1.9.3-p194 [crypto_laser]) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec (v2.12.0, RVM: ruby-1.9.3-p194 [crypto_laser]) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-core (v2.12.1, RVM: ruby-1.9.3-p194 [crypto_laser]) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-expectations (v2.12.0, RVM: ruby-1.9.3-p194 [crypto_laser]) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rspec-mocks (v2.12.0, RVM: ruby-1.9.3-p194 [crypto_laser]) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="systemu (v2.5.2, RVM: ruby-1.9.3-p194 [crypto_laser]) [gem]" level="application" />
+  </component>
+</module>
+

data/.idea/encodings.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="Encoding" useUTFGuessing="true" native2AsciiForPropertiesFiles="false" />
+</project>
+

data/.idea/misc.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectRootManager" version="2" project-jdk-name="RVM: ruby-1.9.3-p194 [crypto_laser]" project-jdk-type="RUBY_SDK" />
+</project>
+

data/.idea/modules.xml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/crypto_laser.iml" filepath="$PROJECT_DIR$/.idea/crypto_laser.iml" />
+    </modules>
+  </component>
+</project>
+

data/.idea/scopes/scope_settings.xml

@@ -0,0 +1,5 @@
+<component name="DependencyValidationManager">
+  <state>
+    <option name="SKIP_IMPORT_STATEMENTS" value="false" />
+  </state>
+</component>

data/.idea/vcs.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="$PROJECT_DIR$" vcs="Git" />
+  </component>
+</project>
+

data/.rvmrc

@@ -0,0 +1 @@
+rvm use 1.9.3-p194@crypto_laser --create

data/Gemfile

@@ -0,0 +1,5 @@
+source "http://rubygems.org"
+
+gem 'pivotal_git_scripts'
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,34 @@
+PATH
+  remote: .
+  specs:
+    crypto_laser (0.0.1)
+      aead
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    aead (1.6.1)
+      macaddr (~> 1)
+    diff-lcs (1.1.3)
+    macaddr (1.6.1)
+      systemu (~> 2.5.0)
+    pivotal_git_scripts (1.1.4)
+    rake (10.0.2)
+    rspec (2.12.0)
+      rspec-core (~> 2.12.0)
+      rspec-expectations (~> 2.12.0)
+      rspec-mocks (~> 2.12.0)
+    rspec-core (2.12.1)
+    rspec-expectations (2.12.0)
+      diff-lcs (~> 1.1.3)
+    rspec-mocks (2.12.0)
+    systemu (2.5.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  crypto_laser!
+  pivotal_git_scripts
+  rake
+  rspec

data/README.md

@@ -0,0 +1,23 @@
+Crypto Laser
+============
+
+Simple library for symmetric authenticated encryption.  
+
+    key = SecureRandom.random_bytes(64)
+    cipher_text = CryptoLaser.encrypt(key, "my secret message")
+    plain_text = CryptoLaser.decrypt(key, cipher_text)
+
+Most of the work is done by the aead gem, which itself relies 
+on OpenSSL.  Since many users, ourselves included, are on 
+OS X, this library uses AES-256-CBC-HMAC-SHA-256 as the cipher
+and MAC.
+
+Additional features provided by this library are:
+
+- Nonce management.  No one knows what a nonce is, so this
+   library just takes care of that for you.
+- Base64 encoding of ciphertexts for easy portability.
+- The value returned by encrypt includes the nonce and
+   the algorithm used to create the ciphertext.  The
+   algorithm is authenticated, allowing for later cipher
+   suite negotiation should AES-256-CBC prove unreliable.

data/Rakefile

@@ -0,0 +1,14 @@
+$:.unshift(File.dirname(__FILE__))
+load 'lib/tasks/encrypt.rake'
+load 'lib/tasks/decrypt.rake'
+load 'lib/tasks/generate_key.rake'
+
+require 'rspec/core/rake_task'
+desc 'Run specs and features (default)'
+task :default => [:spec]
+
+desc "Run specs"
+RSpec::Core::RakeTask.new do |t|
+  t.pattern = "./spec/**/*_spec.rb" # don't need this, it's default.
+                                    # Put spec opts in a file named .rspec in root
+end

data/crypto_laser.gemspec

@@ -0,0 +1,22 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+
+Gem::Specification.new do |s|
+  s.name        = "crypto_laser"
+  s.version     = "0.0.1"
+  s.authors     = %w(Goodsearch)
+  s.email       = %w(dev@goodsearch.com)
+  s.homepage    = ""
+  s.summary     = %q{crypto library}
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {spec}/*`.split("\n")
+  s.require_paths = %w(lib)
+  s.required_ruby_version = '>= 1.9.3'
+
+  s.add_dependency 'aead'
+
+  s.add_development_dependency "rspec"
+  s.add_development_dependency "rake"
+
+end

data/lib/crypto_laser.rb

@@ -0,0 +1,52 @@
+require 'aead'
+require 'base64'
+
+# Simple library for authenticated encryption.  Most of the work
+# is done by the aead gem, which itself punts to OpenSSL.
+#
+# Additional features provided by this library are:
+#
+# - Nonce management.  No one knows what a nonce is, so this
+#    library just takes of that for you.
+# - Base64 encoding of ciphertexts (since we want to use the
+#    encrypted values in config files)
+# - The value returned by encrypt includes the nonce and
+#    the algorithm used to create the ciphertext (so we can
+#    upgrade to a stronger algorithm later if need be)
+
+class CryptoLaser
+
+  def self.encrypt(key, plain_text)
+    code = CryptoLaser.default_algorithm_code
+    mode   = AEAD::Cipher.new(CryptoLaser.algorithms[code])
+    cipher = mode.new(key)
+    nonce = CryptoLaser.generate_nonce
+    cipher_text = cipher.encrypt(nonce, code, plain_text)
+    Base64.strict_encode64(code + nonce + cipher_text).chomp
+  end
+
+  def self.decrypt(key, base64_cipher_text)
+    cipher_text = Base64.decode64(base64_cipher_text)
+    code = cipher_text[0,2]
+    algorithm = CryptoLaser.algorithms[code]
+    raise "Invalid algorithm code." unless algorithm
+    mode = AEAD::Cipher.new(algorithm)
+    cipher = mode.new(key)
+    nonce = cipher_text[2...18] # TODO: Base on code
+    ctext = cipher_text[18..-1]
+    cipher.decrypt(nonce, code, ctext)
+  end
+
+  def self.algorithms
+    { "V1" => 'AES-256-CBC-HMAC-SHA-256' }
+  end
+
+  def self.default_algorithm_code
+    "V1"
+  end
+
+  def self.generate_nonce
+    SecureRandom.random_bytes(16)
+  end
+
+end

data/lib/tasks/decrypt.rake

@@ -0,0 +1,8 @@
+require 'crypto_laser'
+
+desc "Decrypts standard in to standard out."
+task :decrypt, :keyfile do |t, args|
+  key = Base64.decode64(File.read(args[:keyfile]))
+  cipher_text = $stdin.read
+  puts CryptoLaser.decrypt(key, cipher_text)
+end

data/lib/tasks/encrypt.rake

@@ -0,0 +1,8 @@
+require 'crypto_laser'
+
+desc "Encrypts standard in to standard out."
+task :encrypt, :keyfile do |t, args|
+  key = Base64.decode64(File.read(args[:keyfile]))
+  plain_text = $stdin.read
+  puts CryptoLaser.encrypt(key, plain_text)
+end

data/lib/tasks/generate_key.rake

@@ -0,0 +1,8 @@
+require 'securerandom'
+require 'base64'
+
+desc "Generates a new random key and stores it in a file."
+task :generate_key, :keyfile do |t, args|
+  key = SecureRandom.random_bytes(64)
+  File.write(args[:keyfile], Base64.strict_encode64(key))
+end

data/spec/lib/crypto_laser_spec.rb

@@ -0,0 +1,59 @@
+require 'spec_helper'
+
+require 'crypto_laser'
+
+describe CryptoLaser do
+
+  let(:key) { "\"/\\xE0x5\\x9A\\xE9\\x82\\xB8p \\xED^\\xFFX\\xF6\\xB3}\\xB9bR\\xCF\\xDAdH\\xE4\\x9D\\xB5\\xC2r\\x98\\xD3\\xFC\"" }
+  let(:nonce) { "\x97\x88\xF3\x0Ei\x84\x99\xC7 OZ2\xCA\v\x873" }
+  let(:cipher_text) { "VjGXiPMOaYSZxyBPWjLKC4czENVqZt2Eyj9+h+58kte4cpck4HhanqaFCaSEZL0K2E1WVVn1gPl+at0XAiYj3jd0" }
+  let(:plain_text) { "ZOMG PONIES" }
+
+  describe "#encrypt" do
+
+    before { described_class.stub(:generate_nonce).and_return nonce }
+
+    subject { described_class.encrypt(key, plain_text) }
+
+    it "encrypts plaintext" do
+      puts "#{__FILE__}:#{__LINE__} #{key.bytesize}"
+      subject.should == cipher_text
+    end
+  end
+
+  describe "#decrypt" do
+
+    subject { described_class.decrypt(key, cipher_text) }
+
+    it "decrypts cipher text" do
+      subject.should == plain_text
+    end
+
+    shared_examples_for "raises because the code is invalid" do
+      specify do
+        expect { subject }.to raise_error /invalid algorithm code/i
+      end
+    end
+
+    context "when the algorithm code is invalid" do
+      let(:cipher_text) { Base64.encode64("V2").chomp }
+      it_should_behave_like "raises because the code is invalid"
+    end
+
+    context "when the cipher text is too small" do
+      let(:cipher_text) { "" }
+      it_should_behave_like "raises because the code is invalid"
+    end
+
+  end
+
+  describe ".generate_nonce" do
+
+    subject { described_class.generate_nonce }
+
+    it "should return 16 bytes" do
+      subject.bytesize.should == 16
+    end
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,3 @@
+require 'logger'
+
+

metadata

@@ -0,0 +1,114 @@
+--- !ruby/object:Gem::Specification
+name: crypto_laser
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Goodsearch
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-12-19 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: aead
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- dev@goodsearch.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .idea/.name
+- .idea/.rakeTasks
+- .idea/crypto_laser.iml
+- .idea/encodings.xml
+- .idea/misc.xml
+- .idea/modules.xml
+- .idea/scopes/scope_settings.xml
+- .idea/vcs.xml
+- .rvmrc
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- crypto_laser.gemspec
+- lib/crypto_laser.rb
+- lib/tasks/decrypt.rake
+- lib/tasks/encrypt.rake
+- lib/tasks/generate_key.rake
+- spec/lib/crypto_laser_spec.rb
+- spec/spec_helper.rb
+homepage: ''
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: 1.9.3
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: crypto library
+test_files: []