drbg-rb 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/drbg-rb/hmac.rb +110 -0
- data/lib/drbg-rb/version.rb +5 -0
- data/lib/drbg-rb.rb +8 -0
- metadata +81 -0
data/lib/drbg-rb/hmac.rb
ADDED
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
module DRBG::HMAC
|
|
2
|
+
|
|
3
|
+
def initialize(entropy, sec_level=256, personalization_string="")
|
|
4
|
+
|
|
5
|
+
if sec_level > 256
|
|
6
|
+
raise 'sec_level cannot exceed 256 bits'
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
if personalization_string.size * 8 > 256
|
|
10
|
+
raise 'personalization_string cannot exceed 256 bits'
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
if sec_level <= 112
|
|
14
|
+
@security_strength = 112
|
|
15
|
+
elsif sec_level <= 128
|
|
16
|
+
@sec_level = 128
|
|
17
|
+
elsif sec_level <= 192
|
|
18
|
+
@sec_level = 192
|
|
19
|
+
else
|
|
20
|
+
@sec_level = 256
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
if (entropy.size * 8 * 2) < (3 * @sec_level)
|
|
24
|
+
raise 'entropy must be at least ' + (1.5 * @sec_level).to_s + ' bits'
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
if entropy.size * 8 > 1000
|
|
28
|
+
raise 'entropy cannot exceed 1000 bits'
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
_instantiate(entropy, personalization_string)
|
|
32
|
+
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
|
|
36
|
+
def generate(num_bytes, sec_level=256)
|
|
37
|
+
|
|
38
|
+
if num_bytes * 8 > 7500
|
|
39
|
+
raise 'generate cannot generate more than 7500 bits in a single call'
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
if sec_level > @sec_level
|
|
43
|
+
raise 'sec_level exceeds this instance\'s security_strength'
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
return if @reseed_counter >= 10000
|
|
47
|
+
|
|
48
|
+
temp = ''
|
|
49
|
+
|
|
50
|
+
while temp.size < num_bytes
|
|
51
|
+
@V = hmac(@K, @V)
|
|
52
|
+
temp += @V
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
self._update(nil)
|
|
56
|
+
@reseed_counter += 1
|
|
57
|
+
|
|
58
|
+
temp
|
|
59
|
+
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
protected
|
|
63
|
+
|
|
64
|
+
def _instantiate(entropy, personalization_string)
|
|
65
|
+
|
|
66
|
+
seed_material = entropy + personalization_string
|
|
67
|
+
|
|
68
|
+
@K = "\x00" * 32
|
|
69
|
+
@V = "\x01" * 32
|
|
70
|
+
|
|
71
|
+
_update(seed_material)
|
|
72
|
+
@reseed_counter = 1
|
|
73
|
+
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
def _update(provided_data = nil)
|
|
77
|
+
|
|
78
|
+
@K = hmac(@K, @V + "\x00" + (provided_data || ''))
|
|
79
|
+
@V = hmac(@K, @V)
|
|
80
|
+
|
|
81
|
+
if provided_data
|
|
82
|
+
@K = hmac(@K, @V + "\x01" + provided_data)
|
|
83
|
+
@V = hmac(@K, @V)
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
def reseed(entropy)
|
|
89
|
+
|
|
90
|
+
if len(entropy) * 8 < @sec_level
|
|
91
|
+
raise "entropy must be at least #{@sec_level} bits"
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
if len(entropy) * 8 > 1000
|
|
95
|
+
raise 'entropy cannot exceed 1000 bits'
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
_update(entropy)
|
|
99
|
+
@reseed_counter = 1
|
|
100
|
+
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
def hmac(key, data)
|
|
104
|
+
|
|
105
|
+
@digest ||= OpenSSL::Digest::SHA256.new
|
|
106
|
+
OpenSSL::HMAC.digest(@digest, key, data)
|
|
107
|
+
|
|
108
|
+
end
|
|
109
|
+
|
|
110
|
+
end
|
data/lib/drbg-rb.rb
ADDED
metadata
ADDED
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: drbg-rb
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.1
|
|
5
|
+
prerelease:
|
|
6
|
+
platform: ruby
|
|
7
|
+
authors:
|
|
8
|
+
- Louis Mullie
|
|
9
|
+
autorequire:
|
|
10
|
+
bindir: bin
|
|
11
|
+
cert_chain: []
|
|
12
|
+
date: 2014-05-01 00:00:00.000000000 Z
|
|
13
|
+
dependencies:
|
|
14
|
+
- !ruby/object:Gem::Dependency
|
|
15
|
+
name: rspec
|
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
|
17
|
+
none: false
|
|
18
|
+
requirements:
|
|
19
|
+
- - ~>
|
|
20
|
+
- !ruby/object:Gem::Version
|
|
21
|
+
version: 2.12.0
|
|
22
|
+
type: :development
|
|
23
|
+
prerelease: false
|
|
24
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
25
|
+
none: false
|
|
26
|
+
requirements:
|
|
27
|
+
- - ~>
|
|
28
|
+
- !ruby/object:Gem::Version
|
|
29
|
+
version: 2.12.0
|
|
30
|
+
- !ruby/object:Gem::Dependency
|
|
31
|
+
name: rake
|
|
32
|
+
requirement: !ruby/object:Gem::Requirement
|
|
33
|
+
none: false
|
|
34
|
+
requirements:
|
|
35
|
+
- - ! '>='
|
|
36
|
+
- !ruby/object:Gem::Version
|
|
37
|
+
version: '0'
|
|
38
|
+
type: :development
|
|
39
|
+
prerelease: false
|
|
40
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
41
|
+
none: false
|
|
42
|
+
requirements:
|
|
43
|
+
- - ! '>='
|
|
44
|
+
- !ruby/object:Gem::Version
|
|
45
|
+
version: '0'
|
|
46
|
+
description: ! ' Cryptographically secure deterministic random bit generators for
|
|
47
|
+
Ruby '
|
|
48
|
+
email:
|
|
49
|
+
- louis.mullie@gmail.com
|
|
50
|
+
executables: []
|
|
51
|
+
extensions: []
|
|
52
|
+
extra_rdoc_files: []
|
|
53
|
+
files:
|
|
54
|
+
- lib/drbg-rb/hmac.rb
|
|
55
|
+
- lib/drbg-rb/version.rb
|
|
56
|
+
- lib/drbg-rb.rb
|
|
57
|
+
homepage: https://github.com/cryodex/drbg-rb
|
|
58
|
+
licenses: []
|
|
59
|
+
post_install_message:
|
|
60
|
+
rdoc_options: []
|
|
61
|
+
require_paths:
|
|
62
|
+
- lib
|
|
63
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
64
|
+
none: false
|
|
65
|
+
requirements:
|
|
66
|
+
- - ! '>='
|
|
67
|
+
- !ruby/object:Gem::Version
|
|
68
|
+
version: '0'
|
|
69
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
70
|
+
none: false
|
|
71
|
+
requirements:
|
|
72
|
+
- - ! '>='
|
|
73
|
+
- !ruby/object:Gem::Version
|
|
74
|
+
version: '0'
|
|
75
|
+
requirements: []
|
|
76
|
+
rubyforge_project:
|
|
77
|
+
rubygems_version: 1.8.25
|
|
78
|
+
signing_key:
|
|
79
|
+
specification_version: 3
|
|
80
|
+
summary: Cryptographically secure deterministic random bit generators for Ruby
|
|
81
|
+
test_files: []
|