cryptor 0.0.2 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7e231e81835f4ec4b64c603b597b38266d505cd8
-  data.tar.gz: 0843bf2d906c77f5824d75c187d30d2d28bf246c
+  metadata.gz: f5fd951f1826bc584bac34d75f61ed7a75af3875
+  data.tar.gz: e89c7a58275dac153b47b2201fecee4194f0ad72
 SHA512:
-  metadata.gz: 46ecd69eebc0ab266b699f978bc934f03fd7211414eb55a8147e9cdc14a1a999424fd266c66d2db211b4ce9a0734cb6799d7e45beba2927167cd40579d835c36
-  data.tar.gz: 3da93938f00f68a5e7b3d968e7628a09d788b3838142a48945ae14437150c5849bae15da751002ba205b70c5c90bf399ca6f80793315ce6e4a90a4f02ed48e21
+  metadata.gz: fde5ba8749bc1c6fa79ff27a5e8e3fcc733abfd8d164afbdd7cca3984371ce18f1a6e6d372f7c4080dd1e9945366d0d69f960fd835e8e87f1d03f34f6a85f69d
+  data.tar.gz: 26c0c7f57afb309c8d993121e7d2d680f0edfd5b7c4485daed7024d7445186741637e85d7958334bfa97ddab2b5e70c7982049899f10ae8107bcd2e4e88459d8

data/CHANGES.md

@@ -1,3 +1,8 @@
+1.0.0 (2014-06-14)
+------------------
+* Key rotation support
+* Factor all classes under Cryptor::SymmetricEncryption
+
 0.0.2 (2014-06-07)
 ------------------
 * Raise Cryptor::CorruptedMessageError on MAC verification failure

data/README.md

@@ -20,7 +20,8 @@ Cryptor supports two backends:
   encryption scheme provided by Rails, based on AES-CBC and HMAC.
 
 Cryptor uses the experimental [ORDO v0 message format][ordo] for serializing
-encrypted messages.
+encrypted messages. Future versions may support additional message formats
+like OpenPGP or JWE.
 
 [authenticated encryption]: https://en.wikipedia.org/wiki/Authenticated_encryption
 [RbNaCl::SimpleBox]: https://github.com/cryptosphere/rbnacl/wiki/SimpleBox
@@ -48,7 +49,7 @@ To begin with, you must select a backend:
 
 ### RbNaCl (recommended)
 
-RbNaCl is a Ruby FFI binding to libsodium, a portable state-of-the-art
+[RbNaCl] is a Ruby FFI binding to libsodium, a portable state-of-the-art
 cryptography library.
 
 To use Cryptor with RbNaCl, add the following to your Gemfile:
@@ -61,8 +62,9 @@ And in your Ruby program, require the following:
 
 ```ruby
 require 'cryptor'
-require 'cryptor/ciphers/xsalsa20poly1305'
+require 'cryptor/symmetric_encryption/ciphers/xsalsa20poly1305'
 ```
+[RbNaCl]: https://github.com/cryptosphere/rbnacl/
 
 ### Rails (ActiveSupport::MessageEncryptor)
 
@@ -79,7 +81,7 @@ from a Rails 4.0+ app or other app with ActiveSupport 4.0+ bundled:
 
 ```ruby
 require 'cryptor'
-require 'cryptor/ciphers/message_encryptor'
+require 'cryptor/symmetric_encryption/ciphers/message_encryptor'
 ```
 
 ### Authenticated Symmetric Encryption
@@ -113,7 +115,8 @@ key's [ORDO secret URI].
 To obtain the secret URI, use the `#to_secret_uri` method, which returns a string:
 
 ```ruby
-"secret.key:///xsalsa20poly1305;0saB1tfgKWDh_bX0oAquLWgAq-6yjG1u04mP-CtQG-4"
+>> secret_key.to_secret_uri
+=> "secret.key:///xsalsa20poly1305;0saB1tfgKWDh_bX0oAquLWgAq-6yjG1u04mP-CtQG-4"
 ```
 
 This string can be saved somewhere secret and safe then later loaded and passed into
@@ -138,6 +141,39 @@ decrypted = cryptor.decrypt(ciphertext)
 [RFC 6920]: http://tools.ietf.org/html/rfc6920
 [ORDO secret URI]: https://github.com/cryptosphere/ordo/wiki/URI-Registry
 
+## Key Rotation
+
+Cryptor is designed to support key rotation, allowing new ciphertexts to be
+produced under an "active" key, but with old keys configured so older
+ciphertexts can still be decrypted (and also rotated to the new key).
+
+To rotate keys, first make a new key, but configure Cryptor with the old key
+too using the "keyring" option:
+
+```ruby
+old_key = ...
+new_key = Cryptor::SymmetricEncryption.random_key(:xsalsa20poly1305)
+cryptor = Cryptor::SymmetricEncryption.new(new_key, keyring: [old_key])
+```
+
+Cryptor can support arbitrarily many old keys on its keyring. Any messages
+which have been encrypted under the old keys can still be decrypted, but
+newly encrypted messages will always use the new "active" key.
+
+To rotate messages from one key to another, use the `#rotate` method:
+
+```ruby
+old_message = ...
+new_message = cryptor.rotate(old_message)
+```
+
+This is useful if a key is ever compromised, and also good security hygene
+in general.
+
+Cryptor also supports the `#rotate!` method, which works just like `#rotate`,
+but raises `Cryptor::AlreadyRotatedError` if asked to rotate a message that's
+already up-to-date.
+
 ## Contributing
 
 * Fork this repository on Github

data/lib/cryptor.rb

@@ -1,8 +1,6 @@
 require 'cryptor/version'
 
-require 'cryptor/cipher'
 require 'cryptor/encoding'
-require 'cryptor/secret_key'
 require 'cryptor/symmetric_encryption'
 
 # Multi-backend high-level encryption library
@@ -11,4 +9,6 @@ module Cryptor
 
   InvalidMessageError   = Class.new(CryptoError)
   CorruptedMessageError = Class.new(CryptoError)
+  KeyNotFoundError      = Class.new(CryptoError)
+  AlreadyRotatedError   = Class.new(CryptoError)
 end

data/lib/cryptor/symmetric_encryption.rb

@@ -1,7 +1,9 @@
 require 'ordo'
 
 require 'cryptor/version'
-require 'cryptor/cipher'
+require 'cryptor/symmetric_encryption/cipher'
+require 'cryptor/symmetric_encryption/keyring'
+require 'cryptor/symmetric_encryption/secret_key'
 
 module Cryptor
   # Easy-to-use authenticated symmetric encryption
@@ -10,34 +12,63 @@ module Cryptor
       Cipher[cipher].random_key
     end
 
-    def initialize(key)
-      @key = key
+    def initialize(active_key, options = {})
+      @active_key = active_key.is_a?(SecretKey) ? active_key : SecretKey.new(active_key)
+      @keyring    = nil
+
+      options.each do |name, value|
+        if name == :keyring
+          @keyring = Keyring.new(@active_key, *value)
+        else fail ArgumentError, "unknown option: #{name}"
+        end
+      end
+
+      @keyring ||= Keyring.new(active_key)
     end
 
     def encrypt(plaintext)
-      ciphertext = @key.encrypt(plaintext)
+      ciphertext = @active_key.encrypt(plaintext)
       base64     = Base64.strict_encode64(ciphertext)
 
       ORDO::Message.new(
         base64,
-        'Cipher'                    => @key.cipher.algorithm,
+        'Cipher'                    => @active_key.cipher.algorithm,
         'Content-Length'            => base64.bytesize,
         'Content-Transfer-Encoding' => 'base64',
-        'Key-Fingerprint'           => @key.fingerprint
+        'Key-Fingerprint'           => @active_key.fingerprint
       ).to_string
     end
 
     def decrypt(ciphertext)
-      begin
-        message = ORDO::Message.parse(ciphertext)
-      rescue ORDO::ParseError => ex
-        raise InvalidMessageError, ex.to_s
-      end
+      message = parse(ciphertext)
+      fingerprint = message['Key-Fingerprint']
+      fail InvalidMessageError, 'no key fingerprint in message' unless fingerprint
+
+      key = @keyring[fingerprint]
+      key.decrypt message.body
+    end
 
+    def rotate!(ciphertext)
+      message = parse(ciphertext)
       fingerprint = message['Key-Fingerprint']
-      fail ArgumentError, "no key configured for: #{fingerprint}" if @key.fingerprint != fingerprint
+      fail AlreadyRotatedError, 'already current' if fingerprint == @active_key.fingerprint
+
+      key = @keyring[fingerprint]
+      encrypt(key.decrypt(message.body))
+    end
+
+    def rotate(ciphertext)
+      rotate!(ciphertext)
+    rescue AlreadyRotatedError
+      ciphertext
+    end
+
+    private
 
-      @key.decrypt message.body
+    def parse(message)
+      ORDO::Message.parse(message)
+    rescue ORDO::ParseError => ex
+      raise InvalidMessageError, ex.to_s
     end
   end
 end

data/lib/cryptor/symmetric_encryption/cipher.rb

@@ -0,0 +1,39 @@
+module Cryptor
+  class SymmetricEncryption
+    # Base class of all Cryptor::SymmetricEncryption ciphers
+    class Cipher
+      REGISTRY = {}
+
+      attr_reader :algorithm, :key_bytes
+
+      def self.register(algorithm, options = {})
+        REGISTRY[algorithm.to_s] ||= new(algorithm, options)
+      end
+
+      def self.[](algorithm)
+        REGISTRY[algorithm.to_s] || fail(ArgumentError, "no such cipher: #{algorithm}")
+      end
+
+      def initialize(algorithm, options = {})
+        @algorithm = algorithm
+        @key_bytes = options[:key_bytes] || fail(ArgumentError, 'key_bytes not specified')
+      end
+
+      def random_key
+        SecretKey.random_key(self)
+      end
+
+      def encrypt(_key, _plaintext)
+        #:nocov:
+        fail NotImplementedError, "'encrypt' method has not been implemented"
+        #:nocov:
+      end
+
+      def decrypt(_key, _ciphertext)
+        #:nocov:
+        fail NotImplementedError, "'decrypt' method has not been implemented"
+        #:nocov:
+      end
+    end
+  end
+end

data/lib/cryptor/symmetric_encryption/ciphers/message_encryptor.rb

@@ -0,0 +1,50 @@
+require 'active_support/message_encryptor'
+require 'active_support/message_verifier'
+
+require 'cryptor/symmetric_encryption/cipher'
+
+module Cryptor
+  class SymmetricEncryption
+    module Ciphers
+      # MessageEncryptor is a bespoke authenticated encryption scheme invented
+      # by rails-core. It uses AES-256-CBC and HMAC-SHA1 in an encrypt-then-MAC
+      # scheme with a wacky and wild semiconstant-time MAC comparison.
+
+      # Cryptor enforces the usage of independent keys for AES encryption and HMAC
+      # by mandating a 64-byte key (using 32-bytes for AES and 32-bytes for HMAC).
+      #
+      # This scheme is probably safe to use, but less interoperable and more
+      # poorly designed than xsalsa20poly1305 from RbNaCl. It does, however,
+      # work using only ActiveSupport and the Ruby OpenSSL extension as
+      # dependencies, and should be available anywhere.
+      #
+      # For the time being, this scheme is only supported for ActiveSupport 4.0+
+      # although support for earlier versions of ActiveSupport should be
+      # possible.
+      class MessageEncryptor < Cipher
+        SERIALIZER = ActiveSupport::MessageEncryptor::NullSerializer
+        KEY_BYTES  = 64
+
+        register :message_encryptor, key_bytes: KEY_BYTES
+
+        def encrypt(key, plaintext)
+          encryptor(key).encrypt_and_sign(plaintext)
+        end
+
+        def decrypt(key, ciphertext)
+          encryptor(key).decrypt_and_verify(ciphertext)
+        rescue ActiveSupport::MessageVerifier::InvalidSignature => ex
+          raise CorruptedMessageError, ex.to_s
+        end
+
+        private
+
+        def encryptor(key)
+          fail ArgumentError, "wrong key size: #{key.bytesize}" unless key.bytesize == KEY_BYTES
+          encryption_key, hmac_key = key[0, 32], key[32, 32]
+          ActiveSupport::MessageEncryptor.new(encryption_key, hmac_key, serializer: SERIALIZER)
+        end
+      end
+    end
+  end
+end

data/lib/cryptor/symmetric_encryption/ciphers/xsalsa20poly1305.rb

@@ -0,0 +1,30 @@
+require 'rbnacl/libsodium'
+
+require 'cryptor/symmetric_encryption/cipher'
+
+module Cryptor
+  class SymmetricEncryption
+    module Ciphers
+      # XSalsa20+Poly1305 authenticated stream cipher
+      class XSalsa20Poly1305 < Cipher
+        register :xsalsa20poly1305, key_bytes: RbNaCl::SecretBoxes::XSalsa20Poly1305.key_bytes
+
+        def encrypt(key, plaintext)
+          box(key).encrypt(plaintext)
+        end
+
+        def decrypt(key, ciphertext)
+          box(key).decrypt(ciphertext)
+        rescue RbNaCl::CryptoError => ex
+          raise CorruptedMessageError, ex.to_s
+        end
+
+        private
+
+        def box(key)
+          RbNaCl::SimpleBox.new(RbNaCl::SecretBoxes::XSalsa20Poly1305.new(key))
+        end
+      end
+    end
+  end
+end

data/lib/cryptor/symmetric_encryption/keyring.rb

@@ -0,0 +1,22 @@
+require 'cryptor/symmetric_encryption/secret_key'
+
+module Cryptor
+  class SymmetricEncryption
+    # Stores multiple keys for the purposes of key rotation
+    class Keyring
+      def initialize(*keys)
+        @keys = {}
+        keys.each do |key|
+          key = SecretKey.new(key) if key.is_a? String
+          fail TypeError, "not a valid secret key: #{key.inspect}" unless key.is_a? SecretKey
+          @keys[key.fingerprint] = key
+        end
+      end
+
+      def find(fingerprint)
+        @keys[fingerprint] || fail(KeyNotFoundError, "no key for fingerprint: #{fingerprint}")
+      end
+      alias_method :[], :find
+    end
+  end
+end

data/lib/cryptor/symmetric_encryption/secret_key.rb

@@ -0,0 +1,91 @@
+require 'base64'
+require 'digest/sha2'
+
+module Cryptor
+  class SymmetricEncryption
+    # Secret key used to encrypt plaintexts
+    class SecretKey
+      attr_reader :cipher
+
+      # Generate a random secret key
+      #
+      # @param [Cryptor::Cipher, Symbol] Cryptor::Cipher or algorithm name as a symbol
+      #
+      # @return [Cryptor::SecretKey] new secret key object
+      def self.random_key(cipher)
+        case cipher
+        when Cryptor::SymmetricEncryption::Cipher
+          # we're good
+        when Symbol
+          cipher = Cryptor::SymmetricEncryption::Cipher[cipher]
+        else fail ArgumentError, "invalid cipher: #{cipher}"
+        end
+
+        bytes  = RbNaCl::Random.random_bytes(cipher.key_bytes)
+        base64 = Cryptor::Encoding.encode(bytes)
+
+        new "secret.key:///#{cipher.algorithm};#{base64}"
+      end
+
+      # Create a new SecretKey object from a URI
+      #
+      # @param [#to_s] uri representing a secret key
+      #
+      # @raise [ArgumentError] on invalid URIs
+      #
+      # @return [Cryptor::SecretKey] new secret key object
+      def initialize(uri_string)
+        uri = URI.parse(uri_string.to_s)
+        fail ArgumentError, "invalid scheme: #{uri.scheme}" unless uri.scheme == 'secret.key'
+
+        components = uri.path.match(/^\/([^;]+);(.+)$/)
+        fail ArgumentError, "couldn't parse cipher name from secret URI" unless components
+
+        @cipher     = Cryptor::SymmetricEncryption::Cipher[components[1]]
+        @secret_key = Cryptor::Encoding.decode(components[2])
+      end
+
+      # Serialize SecretKey object to a URI
+      #
+      # @return [String] serialized URI representing the key
+      def to_secret_uri
+        "secret.key:///#{@cipher.algorithm};#{Cryptor::Encoding.encode(@secret_key)}"
+      end
+
+      # Fingerprint of this key's secret URI
+      #
+      # @return [String] fingerprint as a ni:// URL
+      def fingerprint
+        digest = Digest::SHA256.digest(to_secret_uri)
+        "ni:///sha-256;#{Cryptor::Encoding.encode(digest)}"
+      end
+
+      # Encrypt a plaintext under this key
+      #
+      # @param [String] plaintext string to be encrypted
+      #
+      # @return [String] ciphertext encrypted under this key
+      def encrypt(plaintext)
+        @cipher.encrypt(@secret_key, plaintext)
+      end
+
+      # Decrypt ciphertext using this key
+      #
+      # @param [String] ciphertext string to be decrypted
+      #
+      # @return [String] plaintext decrypted from the given ciphertext
+      def decrypt(ciphertext)
+        @cipher.decrypt(@secret_key, ciphertext)
+      end
+
+      # Inspect this key
+      #
+      # @return [String] a string representing this key
+      def inspect
+        "#<#{self.class}:0x#{object_id.to_s(16)} " \
+        "cipher=#{cipher.algorithm} " \
+        "fingerprint=#{fingerprint}>"
+      end
+    end
+  end
+end

data/lib/cryptor/version.rb

@@ -1,4 +1,4 @@
 # An easy-to-use library for real-world Ruby cryptography
 module Cryptor
-  VERSION = '0.0.2'
+  VERSION = '1.0.0'
 end

data/spec/cryptor/{secret_key_spec.rb → symmetric_encryption/secret_key_spec.rb}

@@ -1,14 +1,14 @@
 require 'spec_helper'
 
-describe Cryptor::SecretKey do
+describe Cryptor::SymmetricEncryption::SecretKey do
   let(:algorithm)  { :BassOmatic }
   let(:key_bytes)  { 42 }
-  let(:cipher)     { Cryptor::Cipher.new(algorithm, key_bytes: key_bytes) }
+  let(:cipher)     { Cryptor::SymmetricEncryption::Cipher.new(algorithm, key_bytes: key_bytes) }
   let(:secret_key) { "\xBA\x55" }
   let(:secret_uri) { "secret.key:///#{algorithm};#{Cryptor::Encoding.encode(secret_key)}" }
 
   before do
-    allow(Cryptor::Cipher).to receive(:[]).and_return(cipher)
+    allow(Cryptor::SymmetricEncryption::Cipher).to receive(:[]).and_return(cipher)
   end
 
   subject { described_class.new(secret_uri) }

data/spec/symmetric_encryption_spec.rb

@@ -1,5 +1,8 @@
 require 'spec_helper'
 
+# "Default" cipher used in non-backend specific tests
+require 'cryptor/symmetric_encryption/ciphers/xsalsa20poly1305'
+
 describe Cryptor::SymmetricEncryption do
   let(:plaintext) { 'THE MAGIC WORDS ARE SQUEAMISH OSSIFRAGE' }
 
@@ -13,7 +16,7 @@ describe Cryptor::SymmetricEncryption do
   subject { described_class.new(secret_key) }
 
   context 'xsalsa20poly1305' do
-    require 'cryptor/ciphers/xsalsa20poly1305'
+    require 'cryptor/symmetric_encryption/ciphers/xsalsa20poly1305'
 
     let(:secret_key) { described_class.random_key(:xsalsa20poly1305) }
 
@@ -38,7 +41,7 @@ describe Cryptor::SymmetricEncryption do
   end
 
   context 'message_encryptor' do
-    require 'cryptor/ciphers/message_encryptor'
+    require 'cryptor/symmetric_encryption/ciphers/message_encryptor'
 
     let(:secret_key) { described_class.random_key(:message_encryptor) }
 
@@ -61,4 +64,36 @@ describe Cryptor::SymmetricEncryption do
       end.to raise_exception(Cryptor::CorruptedMessageError)
     end
   end
+
+  context 'key rotation' do
+    let(:old_key)     { described_class.random_key(:xsalsa20poly1305) }
+    let(:new_key)     { described_class.random_key(:xsalsa20poly1305) }
+    let(:another_key) { described_class.random_key(:xsalsa20poly1305) }
+
+    it 'decrypts messages under old keys' do
+      old_cryptor = described_class.new(old_key, keyring: [old_key, another_key])
+      message = old_cryptor.encrypt(plaintext)
+
+      new_cryptor = described_class.new(new_key, keyring: [new_key, old_key])
+      expect(new_cryptor.decrypt(message)).to eq plaintext
+    end
+
+    it 'rotates messages encrypted under old keys to the active key' do
+      old_cryptor = described_class.new(old_key, keyring: [old_key, another_key])
+      old_message = old_cryptor.encrypt(plaintext)
+
+      hybrid_cryptor = described_class.new(new_key, keyring: [new_key, old_key])
+      new_message = hybrid_cryptor.rotate(old_message)
+
+      new_cryptor = described_class.new(new_key)
+      expect(new_cryptor.decrypt(new_message)).to eq plaintext
+    end
+
+    it 'raises AlreadyRotatedError on up-to-date messages if called with a bang' do
+      cryptor = described_class.new(new_key)
+      message = cryptor.encrypt(plaintext)
+
+      expect { cryptor.rotate!(message) }.to raise_exception(Cryptor::AlreadyRotatedError)
+    end
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cryptor
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 1.0.0
 platform: ruby
 authors:
 - Tony Arcieri
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-06-07 00:00:00.000000000 Z
+date: 2014-06-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ordo
@@ -115,14 +115,15 @@ files:
 - cryptor.gemspec
 - cryptosaur.png
 - lib/cryptor.rb
-- lib/cryptor/cipher.rb
-- lib/cryptor/ciphers/message_encryptor.rb
-- lib/cryptor/ciphers/xsalsa20poly1305.rb
 - lib/cryptor/encoding.rb
-- lib/cryptor/secret_key.rb
 - lib/cryptor/symmetric_encryption.rb
+- lib/cryptor/symmetric_encryption/cipher.rb
+- lib/cryptor/symmetric_encryption/ciphers/message_encryptor.rb
+- lib/cryptor/symmetric_encryption/ciphers/xsalsa20poly1305.rb
+- lib/cryptor/symmetric_encryption/keyring.rb
+- lib/cryptor/symmetric_encryption/secret_key.rb
 - lib/cryptor/version.rb
-- spec/cryptor/secret_key_spec.rb
+- spec/cryptor/symmetric_encryption/secret_key_spec.rb
 - spec/spec_helper.rb
 - spec/symmetric_encryption_spec.rb
 - tasks/rspec.rake
@@ -152,6 +153,6 @@ signing_key:
 specification_version: 4
 summary: An easy-to-use library for real-world Ruby cryptography
 test_files:
-- spec/cryptor/secret_key_spec.rb
+- spec/cryptor/symmetric_encryption/secret_key_spec.rb
 - spec/spec_helper.rb
 - spec/symmetric_encryption_spec.rb

data/lib/cryptor/cipher.rb

@@ -1,37 +0,0 @@
-module Cryptor
-  # Base class of all Cryptor ciphers
-  class Cipher
-    REGISTRY = {}
-
-    attr_reader :algorithm, :key_bytes
-
-    def self.register(algorithm, options = {})
-      REGISTRY[algorithm.to_s] ||= new(algorithm, options)
-    end
-
-    def self.[](algorithm)
-      REGISTRY[algorithm.to_s] || fail(ArgumentError, "no such cipher: #{algorithm}")
-    end
-
-    def initialize(algorithm, options = {})
-      @algorithm = algorithm
-      @key_bytes = options[:key_bytes] || fail(ArgumentError, 'key_bytes not specified')
-    end
-
-    def random_key
-      SecretKey.random_key(self)
-    end
-
-    def encrypt(_key, _plaintext)
-      #:nocov:
-      fail NotImplementedError, "'encrypt' method has not been implemented"
-      #:nocov:
-    end
-
-    def decrypt(_key, _ciphertext)
-      #:nocov:
-      fail NotImplementedError, "'decrypt' method has not been implemented"
-      #:nocov:
-    end
-  end
-end

data/lib/cryptor/ciphers/message_encryptor.rb

@@ -1,48 +0,0 @@
-require 'active_support/message_encryptor'
-require 'active_support/message_verifier'
-
-require 'cryptor/cipher'
-
-module Cryptor
-  module Ciphers
-    # MessageEncryptor is a bespoke authenticated encryption scheme invented
-    # by rails-core. It uses AES-256-CBC and HMAC-SHA1 in an encrypt-then-MAC
-    # scheme with a wacky and wild semiconstant-time MAC comparison.
-
-    # Cryptor enforces the usage of independent keys for AES encryption and HMAC
-    # by mandating a 64-byte key (using 32-bytes for AES and 32-bytes for HMAC).
-    #
-    # This scheme is probably safe to use, but less interoperable and more
-    # poorly designed than xsalsa20poly1305 from RbNaCl. It does, however,
-    # work using only ActiveSupport and the Ruby OpenSSL extension as
-    # dependencies, and should be available anywhere.
-    #
-    # For the time being, this scheme is only supported for ActiveSupport 4.0+
-    # although support for earlier versions of ActiveSupport should be
-    # possible.
-    class MessageEncryptor < Cipher
-      SERIALIZER = ActiveSupport::MessageEncryptor::NullSerializer
-      KEY_BYTES  = 64
-
-      register :message_encryptor, key_bytes: KEY_BYTES
-
-      def encrypt(key, plaintext)
-        encryptor(key).encrypt_and_sign(plaintext)
-      end
-
-      def decrypt(key, ciphertext)
-        encryptor(key).decrypt_and_verify(ciphertext)
-      rescue ActiveSupport::MessageVerifier::InvalidSignature => ex
-        raise CorruptedMessageError, ex.to_s
-      end
-
-      private
-
-      def encryptor(key)
-        fail ArgumentError, "wrong key size: #{key.bytesize}" unless key.bytesize == KEY_BYTES
-        encryption_key, hmac_key = key[0, 32], key[32, 32]
-        ActiveSupport::MessageEncryptor.new(encryption_key, hmac_key, serializer: SERIALIZER)
-      end
-    end
-  end
-end

data/lib/cryptor/ciphers/xsalsa20poly1305.rb

@@ -1,28 +0,0 @@
-require 'rbnacl/libsodium'
-
-require 'cryptor/cipher'
-
-module Cryptor
-  module Ciphers
-    # XSalsa20+Poly1305 authenticated stream cipher
-    class XSalsa20Poly1305 < Cipher
-      register :xsalsa20poly1305, key_bytes: RbNaCl::SecretBoxes::XSalsa20Poly1305.key_bytes
-
-      def encrypt(key, plaintext)
-        box(key).encrypt(plaintext)
-      end
-
-      def decrypt(key, ciphertext)
-        box(key).decrypt(ciphertext)
-      rescue RbNaCl::CryptoError => ex
-        raise CorruptedMessageError, ex.to_s
-      end
-
-      private
-
-      def box(key)
-        RbNaCl::SimpleBox.new(RbNaCl::SecretBoxes::XSalsa20Poly1305.new(key))
-      end
-    end
-  end
-end

data/lib/cryptor/secret_key.rb

@@ -1,83 +0,0 @@
-require 'base64'
-require 'digest/sha2'
-
-module Cryptor
-  # Secret key used to encrypt plaintexts
-  class SecretKey
-    attr_reader :cipher
-
-    # Generate a random secret key
-    #
-    # @param [Cryptor::Cipher, Symbol] Cryptor::Cipher or algorithm name as a symbol
-    #
-    # @return [Cryptor::SecretKey] new secret key object
-    def self.random_key(cipher)
-      cipher = Cryptor::Cipher[cipher] if cipher.is_a? Symbol
-      fail ArgumentError, "invalid cipher: #{cipher.inspect}" unless cipher.is_a? Cryptor::Cipher
-      bytes  = RbNaCl::Random.random_bytes(cipher.key_bytes)
-      base64 = Cryptor::Encoding.encode(bytes)
-
-      new "secret.key:///#{cipher.algorithm};#{base64}"
-    end
-
-    # Create a new SecretKey object from a URI
-    #
-    # @param [#to_s] uri representing a secret key
-    #
-    # @raise [ArgumentError] on invalid URIs
-    #
-    # @return [Cryptor::SecretKey] new secret key object
-    def initialize(uri_string)
-      uri = URI.parse(uri_string.to_s)
-      fail ArgumentError, "invalid scheme: #{uri.scheme}" unless uri.scheme == 'secret.key'
-
-      components = uri.path.match(/^\/([^;]+);(.+)$/)
-      fail ArgumentError, "couldn't parse cipher name from secret URI" unless components
-
-      @cipher     = Cryptor::Cipher[components[1]]
-      @secret_key = Cryptor::Encoding.decode(components[2])
-    end
-
-    # Serialize SecretKey object to a URI
-    #
-    # @return [String] serialized URI representing the key
-    def to_secret_uri
-      "secret.key:///#{@cipher.algorithm};#{Cryptor::Encoding.encode(@secret_key)}"
-    end
-
-    # Fingerprint of this key's secret URI
-    #
-    # @return [String] fingerprint as a ni:// URL
-    def fingerprint
-      digest = Digest::SHA256.digest(to_secret_uri)
-      "ni:///sha-256;#{Cryptor::Encoding.encode(digest)}"
-    end
-
-    # Encrypt a plaintext under this key
-    #
-    # @param [String] plaintext string to be encrypted
-    #
-    # @return [String] ciphertext encrypted under this key
-    def encrypt(plaintext)
-      @cipher.encrypt(@secret_key, plaintext)
-    end
-
-    # Decrypt ciphertext using this key
-    #
-    # @param [String] ciphertext string to be decrypted
-    #
-    # @return [String] plaintext decrypted from the given ciphertext
-    def decrypt(ciphertext)
-      @cipher.decrypt(@secret_key, ciphertext)
-    end
-
-    # Inspect this key
-    #
-    # @return [String] a string representing this key
-    def inspect
-      "#<#{self.class}:0x#{object_id.to_s(16)} " \
-      "cipher=#{cipher.algorithm} " \
-      "fingerprint=#{fingerprint}>"
-    end
-  end
-end