ecies 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 33b1046a11dbb7f36abc039da9e124a16f3db9751cfedbc869bde97b01b08091
+  data.tar.gz: 2138b78219252211b76b8f63db73489c94ec7be3cef8c922c689d1cb5ca29a94
+SHA512:
+  metadata.gz: 233a031a01b0a1db77727ce486b9a419361b69b0a894c2e333c4769772abfc4850d2715db01bccffd8c714b5ae99266e45c9af880313d66c4eabeb24cc1aae99
+  data.tar.gz: 644a95d9c983e7c2b3711f0f89369867cacbd3aa4674237864c35bf312e37e98d58680854d73e118fbb72e21d9cbb1f8e4da60cb5bc5f7ea5b51959604f0e757

data/.gitignore

@@ -0,0 +1,7 @@
+.ruby-version
+.ruby-gemset
+Gemfile.lock
+*.gem
+coverage/
+doc/
+.yardoc/

data/.travis.yml

@@ -0,0 +1,10 @@
+script: "rspec"
+language: "ruby"
+sudo: false
+rvm:
+  - 2.0
+  - 2.1
+  - 2.2
+  - 2.3
+  - 2.4
+  - 2.5

data/.yardopts

@@ -0,0 +1,7 @@
+--readme README.md
+--markup markdown
+lib/*.rb
+lib/*/*.rb
+-
+CHANGELOG.md
+LICENSE

data/CHANGELOG.md

@@ -0,0 +1,19 @@
+Change log
+====
+
+This gem follows [Semantic Versioning 2.0.0](http://semver.org/spec/v2.0.0.html).
+All classes and public methods are part of the public API.
+
+0.1.0
+----
+Released on 2018-04-18
+
+All core functionality is implemented:
+
+- `ECIES::Crypt` class:
+  - `encrypt` method
+  - `decrypt` method
+  - `kdf` method
+  - `DIGESTS` constant
+  - `CIPHERS` constant
+  - `IV` constant

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2018 Stephen McCarthy
+
+Permission is hereby granted, free of charge, to any person
+obtaining a copy of this software and associated documentation
+files (the "Software"), to deal in the Software without
+restriction, including without limitation the rights to use,
+copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the
+Software is furnished to do so, subject to the following
+conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,105 @@
+# ECIES - Elliptical Curve Integrated Encryption System
+
+[![Build Status](https://travis-ci.org/jamoes/ecies.svg?branch=master)](https://travis-ci.org/jamoes/ecies)
+
+## Description
+
+This library implements Elliptical Curve Integrated Encryption System (ECIES), as specified by [SEC 1: Elliptic Curve Cryptography, Version 2.0](http://www.secg.org/sec1-v2.pdf).
+
+ECIES is a public-key encryption scheme based on ECC. It is designed to be semantically secure in the presence of an adversary capable of launching chosen-plaintext and chosen-ciphertext attacks.
+
+## Installation
+
+This library is distributed as a gem named [ecies](https://rubygems.org/gems/ecies) at RubyGems.org.  To install it, run:
+
+    gem install ecies
+
+## Usage
+
+First, require the gem:
+
+```ruby
+require 'ecies'
+```
+
+Intitlialize a key and a `Crypt` object.
+
+```ruby
+key = OpenSSL::PKey::EC.new('secp256k1').generate_key
+crypt = ECIES::Crypt.new
+```
+
+Next, we'll encrypt a message. Although in this example our key contains both the private and public components, you only need the key to contain the public component to encrypt a message.
+
+```ruby
+encrypted = crypt.encrypt(key, 'secret message')
+```
+
+Finally, decrypt the message. In order to decrypt, the key must contain the private component.
+
+```ruby
+crypt.decrypt(key, encrypted) # => 'secret message'
+```
+
+When constructing a `Crypt` object, the default hash digest function is 'SHA256', and the default cipher algorithm is 'AES-256-CTR'. You can also specify alternative cipher or digest algorithms. For example:
+
+```ruby
+crypt = ECIES::Crypt.new(cipher: 'AES-256-CBC', digest: 'SHA512')
+```
+
+The `Crypt` object must be initialized with the same parameters when encrypting and decrypting messages.
+
+## Compatibility
+
+The sec1-v2 document allows for a many combinations of various algorithms for ECIES. This library only supports a subset of the allowable algorithms.
+
+  - Key Derivation Functions
+    - Supported:
+      - ANSI-X9.63-KDF
+    - Not supported:
+      - IKEv2-KDF
+      - TLS-KDF
+      - NIST-800-56-Concatenation-KDF
+  - Hash Functions
+    - Supported:
+      - SHA-224
+      - SHA-256
+      - SHA-384
+      - SHA-512
+    - Not supported:
+      - SHA-1
+  - MAC Schemes
+    - Supported:
+      - HMAC-SHA-224-112
+      - HMAC-SHA-224-224
+      - HMAC-SHA-256-128
+      - HMAC-SHA-256-256
+      - HMAC-SHA-384-192
+      - HMAC-SHA-384-384 (I believe sec1-v2 has a typo here, they state "HMAC-SHA-384-284". 284 bits would be 35.5 bytes, which is non-sensical)
+      - HMAC-SHA-512-256
+      - HMAC-SHA-512-512
+    - Not supported:
+      - HMAC-SHA-1-160
+      - HMAC-SHA-1-80
+      - CMAC-AES-128
+      - CMAC-AES-192
+      - CMAC-AES-256
+  - Symmetric Encryption Schemes
+    - Supported:
+      - AES-128-CBC
+      - AES-192-CBC
+      - AES-256-CBC
+      - AES-128-CTR
+      - AES-192-CTR
+      - AES-256-CTR
+    - Not supported:
+      - 3-key TDES in CBC mode
+      - XOR encryption scheme
+
+## Supported platforms
+
+Ruby 2.0 and above.
+
+## Documentation
+
+For complete documentation, see the [ECIES page on RubyDoc.info](http://rubydoc.info/gems/ecies).

data/Rakefile

@@ -0,0 +1,25 @@
+task 'default' => 'spec'
+
+desc 'Run specs'
+task 'spec' do
+  sh 'rspec'
+end
+
+desc 'Run specs and generate coverage report'
+task 'coverage' do
+  ENV['COVERAGE'] = 'Y'
+  Rake::Task['spec'].invoke
+end
+
+desc 'Print out lines of code and related statistics.'
+task 'stats' do
+  puts 'Lines of code and comments (including blank lines):'
+  sh "find lib -type f | xargs wc -l"
+  puts "\nLines of code (excluding comments and blank lines):"
+  sh "find lib -type f | xargs cat | sed '/^\s*#/d;/^\s*$/d' | wc -l"
+end
+
+desc 'Generate documentation'
+task 'doc' do
+  sh 'yardoc'
+end

data/certs/jamoes.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBBMRMwEQYDVQQDDApzam1j
+Y2FydGh5MRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJk/IsZAEZFgNj
+b20wHhcNMTgwNDExMDAxMzI4WhcNMTkwNDExMDAxMzI4WjBBMRMwEQYDVQQDDApz
+am1jY2FydGh5MRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJk/IsZAEZ
+FgNjb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOk2n/6xgIgrG7
+avtiI8I9DtcdA326qWYpdQSDLhpSsLNiqiIpo8KF1Zfy3lnAj6JBBIbjiaUsbA/i
+Wcip0307dHNXZjr+AgYcL7OEp8EBkfAeZaYWMcVBbjiSxkzYesDxm7nvTOaD317h
+cThBfB9KW1vGEzazomTxSI9sgqCDtWrogMLGag7uTDJ7fKRK6YXz2xncI0uCsmGb
+7vekXpfn0xb6tr4ljSseCsPJHnXK7SKB4dzHsmQJ12A57aaV7C/bGqbQAC6odb6k
+V8dw0fnmHC9OSYjV1b2Xr0VmoiT3YA4XsR0/LbeZvGOyQj8S4eHxgFg7wTVhCkCZ
+D89+p8H5AgMBAAGjezB5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
+BBQffCJK6PE+9XaH56VJoFoCl3ECeDAfBgNVHREEGDAWgRRzam1jY2FydGh5QGdt
+YWlsLmNvbTAfBgNVHRIEGDAWgRRzam1jY2FydGh5QGdtYWlsLmNvbTANBgkqhkiG
+9w0BAQUFAAOCAQEApvFGCB9uyF1mh1UV77YICagARejAIOhzOcZXjlpulI9xXjQY
+0QK6P1GdwwE/pgT7YjfJR7VNFobare4WdfCzoWCFc34t2vJwrqkkOB3U7v3TjB+p
+z/o2pZKLpNEL4bYJBEbd+vAad/nP1v5e2sCmLm86vSoOwiyQnifmP6PSORObbJF4
+455zxYw1un6NfN0m+pnIKwvshKoOCgI05VJGtEolJoo42fnolmNxa2t6B30Mfmf+
+kts216EGG4oP6dVuZmf2Ii2F4lQTBDdZM/cisW8jCkO7KeEzJAPhIw1JJwHltHya
+0TpOI3t2Mz/FJ+rudtz9PJ/d8QvhrF7M7+qH4w==
+-----END CERTIFICATE-----

data/ecies.gemspec

@@ -0,0 +1,28 @@
+require File.expand_path('../lib/ecies/version', __FILE__)
+
+Gem::Specification.new do |s|
+  s.name        = 'ecies'
+  s.version     = ECIES::VERSION
+  s.authors     = ['Stephen McCarthy']
+  s.email       = 'sjmccarthy@gmail.com'
+  s.summary     = 'Elliptical Curve Integrated Encryption System (ECIES), as specified by SEC 1 - Ver. 2.0'
+  s.homepage    = 'https://github.com/jamoes/ecies'
+  s.license     = 'MIT'
+
+  s.cert_chain  = ['certs/jamoes.pem']
+  s.signing_key = File.expand_path("~/.ssh/gem-private_key.pem") if $0 =~ /gem\z/
+
+  s.files       = `git ls-files`.split("\n")
+  s.executables = s.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  s.test_files  = s.files.grep(%r{^(test|spec|features)/})
+
+  s.required_ruby_version = '>= 2.0'
+
+  s.add_development_dependency 'bundler', '~> 1'
+  s.add_development_dependency 'rake', '~> 12'
+  s.add_development_dependency 'rspec', '~> 3.7'
+  s.add_development_dependency 'simplecov', '~> 0'
+  s.add_development_dependency 'yard', '~> 0.9.12'
+  s.add_development_dependency 'markdown', '~> 1'
+  s.add_development_dependency 'redcarpet', '~> 3' unless RUBY_PLATFORM == 'java'
+end

data/lib/ecies.rb

@@ -0,0 +1,8 @@
+require 'openssl'
+
+require 'ecies/crypt.rb'
+require 'ecies/version.rb'
+
+# The top-level module for the ecies gem.
+module ECIES
+end

data/lib/ecies/crypt.rb

@@ -0,0 +1,149 @@
+module ECIES
+  # Provides functionality for encrypting and decrypting messages using ECIES.
+  # Encapsulates the configuration parameters chosen for ECIES.
+  class Crypt
+
+    # The allowed digest algorithms for ECIES.
+    DIGESTS = %w{SHA224 SHA256 SHA384 SHA512}
+
+    # The allowed cipher algorithms for ECIES.
+    CIPHERS = %w{AES-128-CBC AES-192-CBC AES-256-CBC AES-128-CTR AES-192-CTR AES-256-CTR}
+
+    # The initialization vector used in ECIES. Quoting from sec1-v2:
+    # "When using ECIES, some exception are made. For the CBC and CTR modes, the
+    # initial value or initial counter are set to be zero and are omitted from
+    # the ciphertext. In general this practice is not advisable, but in the case
+    # of ECIES it is acceptable because the definition of ECIES implies the
+    # symmetric block cipher key is only to be used once.
+    IV = ("\x00" * 16).force_encoding(Encoding::BINARY)
+
+    # Creates a new instance of {Crypt}.
+    #
+    # @param cipher [String] The cipher algorithm to use. Must be one of
+    #     {CIPHERS}.
+    # @param digest [String,OpenSSL::Digest] The digest algorithm to use for
+    #     HMAC and KDF. Must be one of {DIGESTS}.
+    # @param mac_length [:half,:full] The length of the mac. If :half, the mac
+    #     length will be equal to half the mac_digest's digest_legnth. If
+    #     :full, the mac length will be equal to the mac_digest's
+    #     digest_length.
+    # @param kdf_digest [String,OpenSSL::Digest,nil] The digest algorithm to
+    #     use for KDF. If not specified, the `digest` argument will be used.
+    # @param mac_digest [String,OpenSSL::Digest,nil] The digest algorithm to
+    #     use for HMAC. If not specified, the `digest` argument will be used.
+    # @param kdf_shared_info [String] Optional. A string containing the shared
+    #     info used for KDF, also known as SharedInfo1.
+    # @param mac_shared_info [String] Optional. A string containing the shared
+    #     info used for MAC, also known as SharedInfo2.
+    def initialize(cipher: 'AES-256-CTR', digest: 'SHA256', mac_length: :half, kdf_digest: nil, mac_digest: nil, kdf_shared_info: '', mac_shared_info: '')
+      @cipher = OpenSSL::Cipher.new(cipher)
+      @mac_digest = OpenSSL::Digest.new(mac_digest || digest)
+      @kdf_digest = OpenSSL::Digest.new(kdf_digest || digest)
+      @kdf_shared_info = kdf_shared_info
+      @mac_shared_info = mac_shared_info
+
+      CIPHERS.include?(@cipher.name) or raise "Cipher must be one of #{CIPHERS}"
+      DIGESTS.include?(@mac_digest.name) or raise "Digest must be one of #{DIGESTS}"
+      DIGESTS.include?(@kdf_digest.name) or raise "Digest must be one of #{DIGESTS}"
+      [:half, :full].include?(mac_length) or raise "mac_length must be :half or :full"
+
+      @mac_length = @mac_digest.digest_length
+      @mac_length /= 2 if mac_length == :half
+    end
+
+    # Encrypts a message to a public key using ECIES.
+    #
+    # # @param key [OpenSSL::EC:PKey] The public key.
+    # @param message [String] The plain-text message.
+    # @return [String] The octet string of the encrypted message.
+    def encrypt(key, message)
+      key.public_key? or raise "Must have public key to encrypt"
+      @cipher.reset
+
+      group_copy = OpenSSL::PKey::EC::Group.new(key.group)
+      group_copy.point_conversion_form = :compressed
+      ephemeral_key = OpenSSL::PKey::EC.new(group_copy).generate_key
+
+      shared_secret = ephemeral_key.dh_compute_key(key.public_key)
+
+      key_pair = kdf(shared_secret, @cipher.key_len + @mac_length)
+      cipher_key = key_pair.byteslice(0, @cipher.key_len)
+      hmac_key = key_pair.byteslice(-@mac_length, @mac_length)
+
+      @cipher.encrypt
+      @cipher.iv = IV
+      @cipher.key = cipher_key
+      ciphertext = @cipher.update(message) + @cipher.final
+
+      mac = OpenSSL::HMAC.digest(@mac_digest, hmac_key, ciphertext + @mac_shared_info).byteslice(0, @mac_length)
+
+      ephemeral_key.public_key.to_bn.to_s(2) + ciphertext + mac
+    end
+
+    # Decrypts a message with a private key using ECIES.
+    #
+    # @param key [OpenSSL::EC:PKey] The private key.
+    # @param encrypted_message [String] Octet string of the encrypted message.
+    # @return [String] The plain-text message.
+    def decrypt(key, encrypted_message)
+      key.private_key? or raise "Must have private key to decrypt"
+      @cipher.reset
+
+      group_copy = OpenSSL::PKey::EC::Group.new(key.group)
+      group_copy.point_conversion_form = :compressed
+
+      ephemeral_public_key_length = group_copy.generator.to_bn.to_s(2).bytesize
+      ciphertext_length = encrypted_message.bytesize - ephemeral_public_key_length - @mac_length
+      ciphertext_length > 0 or raise OpenSSL::PKey::ECError, "Encrypted message too short"
+
+      ephemeral_public_key_text = encrypted_message.byteslice(0, ephemeral_public_key_length)
+      ciphertext = encrypted_message.byteslice(ephemeral_public_key_length, ciphertext_length)
+      mac = encrypted_message.byteslice(-@mac_length, @mac_length)
+
+      ephemeral_public_key = OpenSSL::PKey::EC::Point.new(group_copy, OpenSSL::BN.new(ephemeral_public_key_text, 2))
+
+      shared_secret = key.dh_compute_key(ephemeral_public_key)
+
+      key_pair = kdf(shared_secret, @cipher.key_len + @mac_length)
+      cipher_key = key_pair.byteslice(0, @cipher.key_len)
+      hmac_key = key_pair.byteslice(-@mac_length, @mac_length)
+
+      computed_mac = OpenSSL::HMAC.digest(@mac_digest, hmac_key, ciphertext + @mac_shared_info).byteslice(0, @mac_length)
+      computed_mac == mac or raise OpenSSL::PKey::ECError, "Invalid Message Authenticaton Code"
+
+      @cipher.decrypt
+      @cipher.iv = IV
+      @cipher.key = cipher_key
+
+      @cipher.update(ciphertext) + @cipher.final
+    end
+
+    # Key-derivation function, compatible with ANSI-X9.63-KDF
+    #
+    # @param shared_secret [String] The shared secret from which the key will be
+    #     derived.
+    # @param length [Integer] The length of the key to generate.
+    # @return [String] Octet string of the derived key.
+    def kdf(shared_secret, length)
+      length >=0 or raise "length cannot be negative"
+      return "" if length == 0
+
+      if length / @kdf_digest.digest_length >= 0xFF_FF_FF_FF
+        raise "length too large"
+      end
+
+      io = StringIO.new(String.new)
+      counter = 0
+
+      loop do
+        counter += 1
+        counter_bytes = [counter].pack('N')
+
+        io << @kdf_digest.digest(shared_secret + counter_bytes + @kdf_shared_info)
+        if io.pos >= length
+          return io.string.byteslice(0, length)
+        end
+      end
+    end
+  end
+end

data/lib/ecies/version.rb

@@ -0,0 +1,4 @@
+module ECIES
+  # This gem's version.
+  VERSION = '0.1.0'
+end

data/spec/crypt_spec.rb

@@ -0,0 +1,106 @@
+require 'spec_helper'
+
+describe ECIES::Crypt do
+
+  describe 'Encryption and decryption' do
+
+    it 'Encrypts and decrypts' do
+      key = OpenSSL::PKey::EC.new('secp256k1').generate_key
+      crypt = ECIES::Crypt.new
+
+      encrypted = crypt.encrypt(key, 'secret')
+      expect(crypt.decrypt(key, encrypted)).to eq 'secret'
+    end
+
+    it 'Encrypts to known values' do
+      OpenSSL::PKey::EC.class_eval do
+        # Overwrites `generate_key` for both the test code below, and the
+        # ephemeral_key generated in the `encrypt` method.
+        def generate_key
+          self.private_key = 2
+          self.public_key = group.generator.mul(private_key)
+          self
+        end
+      end
+
+      key = OpenSSL::PKey::EC.new('secp256k1').generate_key
+
+      crypt = ECIES::Crypt.new
+      crypt_full = ECIES::Crypt.new(mac_length: :full)
+      crypt_sha512 = ECIES::Crypt.new(digest: 'sha512', mac_length: :full)
+      crypt_cbc = ECIES::Crypt.new(cipher: 'aes-256-cbc', mac_length: :full)
+      crypt_mixed = ECIES::Crypt.new(mac_digest: 'sha256', kdf_digest: 'sha512')
+
+      encrypted = crypt.encrypt(key, 'secret')
+      expect(encrypted).to eq "\x02\xC6\x04\x7F\x94A\xED}m0E@n\x95\xC0|\xD8\\w\x8EK\x8C\xEF<\xA7\xAB\xAC\t\xB9\\p\x9E\xE5B;\x12:\x17\xCE\x84\xAB\x9F\x0E%\xCD\x94~\x1E\xBC\x89$\x11\xEE6\xE4".force_encoding(Encoding::BINARY)
+      expect(crypt.decrypt(key, encrypted)).to eq 'secret'
+      expect{ crypt_full.decrypt(key, encrypted) }.to raise_error(OpenSSL::PKey::ECError)
+
+      encrypted = crypt_full.encrypt(key, 'secret')
+      expect(encrypted).to eq "\x02\xC6\x04\x7F\x94A\xED}m0E@n\x95\xC0|\xD8\\w\x8EK\x8C\xEF<\xA7\xAB\xAC\t\xB9\\p\x9E\xE5B;\x12:\x17\xCEo\x9B\xA7\x955\x89\x9FR\xDF\x1C\xED\x00\x86<\n\x04\v\xD6(\x9D\xF5\xF9\x13\xC8/\xD7os(ZsF".force_encoding(Encoding::BINARY)
+      expect(crypt_full.decrypt(key, encrypted)).to eq 'secret'
+      expect{ crypt_sha512.decrypt(key, encrypted) }.to raise_error(OpenSSL::PKey::ECError)
+
+      encrypted = crypt_sha512.encrypt(key, 'secret')
+      expect(encrypted).to eq "\x02\xC6\x04\x7F\x94A\xED}m0E@n\x95\xC0|\xD8\\w\x8EK\x8C\xEF<\xA7\xAB\xAC\t\xB9\\p\x9E\xE5%\r^\xA9\xD9\xDC\xFB\xD7\x14b\xB4\x00\x84\xABl\xEAh\x0Fc\x805\xAF\x1DT\x05\x87`\xA5\xC4\xB7\xB5r\xF6\x89\xB1U0\x0E \xD4\x1E\x16\x184\xE9:\xE7\x951\xF4\xB3\x93\"A\x85\x1F\x9A\x8E\xAD\xE1(\x1D\xB3\xC4\x15\xD3\xB1\xA8\xFB\x1D".force_encoding(Encoding::BINARY)
+      expect(crypt_sha512.decrypt(key, encrypted)).to eq 'secret'
+      expect{ crypt_full.decrypt(key, encrypted) }.to raise_error(OpenSSL::PKey::ECError)
+
+      encrypted = crypt_cbc.encrypt(key, 'secret')
+      expect(encrypted).to eq "\x02\xC6\x04\x7F\x94A\xED}m0E@n\x95\xC0|\xD8\\w\x8EK\x8C\xEF<\xA7\xAB\xAC\t\xB9\\p\x9E\xE5\x1Fj\x04N\eg($\xD4\xFBD\xFFd\xA1\xA3z\x90T#\x1D\x12{3IM\x93!|\xA5\xAF&\xD4+;\e\xA6i.wD\x1F\xCB\xE1\x90{\xB6\x8B\xAF".force_encoding(Encoding::BINARY)
+      expect(crypt_cbc.decrypt(key, encrypted)).to eq 'secret'
+      expect{ crypt_mixed.decrypt(key, encrypted) }.to raise_error(OpenSSL::PKey::ECError)
+
+      encrypted = crypt_mixed.encrypt(key, 'secret')
+      expect(encrypted).to eq "\x02\xC6\x04\x7F\x94A\xED}m0E@n\x95\xC0|\xD8\\w\x8EK\x8C\xEF<\xA7\xAB\xAC\t\xB9\\p\x9E\xE5%\r^\xA9\xD9\xDC\xF5\\\x9A\x04\xE0T\x91\xEA=\xA6W\x84X\xBB\xCA\xB4".force_encoding(Encoding::BINARY)
+      expect(crypt_mixed.decrypt(key, encrypted)).to eq 'secret'
+      expect{ crypt_full.decrypt(key, encrypted) }.to raise_error(OpenSSL::PKey::ECError)
+    end
+
+    it 'Raises on unknown cipher or digest' do
+      key = OpenSSL::PKey::EC.new('secp256k1').generate_key
+
+      expect{ ECIES::Crypt.new(digest: 'foo') }.to raise_error(RuntimeError)
+      expect{ ECIES::Crypt.new(digest: 'md5') }.to raise_error(RuntimeError)
+      expect{ ECIES::Crypt.new(cipher: 'foo') }.to raise_error(RuntimeError)
+      expect{ ECIES::Crypt.new(cipher: 'aes-256-gcm') }.to raise_error(RuntimeError)
+    end
+
+    it 'Raises when key is missing' do
+      key = OpenSSL::PKey::EC.new
+
+      expect{ ECIES::Crypt.new.encrypt(key, 'secret') }.to raise_error(RuntimeError)
+      expect{ ECIES::Crypt.new.decrypt(key, 'secret') }.to raise_error(RuntimeError)
+    end
+  end
+
+
+
+  describe '#kdf' do
+    it 'derivates keys correctly' do
+      sha256_test_vectors = [
+        # [shared_secret, shared_info, expected_key]
+        ['96c05619d56c328ab95fe84b18264b08725b85e33fd34f08', '', '443024c3dae66b95e6f5670601558f71'],
+        ['96f600b73ad6ac5629577eced51743dd2c24c21b1ac83ee4', '', 'b6295162a7804f5667ba9070f82fa522'],
+        ['22518b10e70f2a3f243810ae3254139efbee04aa57c7af7d', '75eef81aa3041e33b80971203d2c0c52', 'c498af77161cc59f2962b9a713e2b215152d139766ce34a776df11866a69bf2e52a13d9c7c6fc878c50c5ea0bc7b00e0da2447cfd874f6cf92f30d0097111485500c90c3af8b487872d04685d14c8d1dc8d7fa08beb0ce0ababc11f0bd496269142d43525a78e5bc79a17f59676a5706dc54d54d4d1f0bd7e386128ec26afc21'],
+        ['7e335afa4b31d772c0635c7b0e06f26fcd781df947d2990a', 'd65a4812733f8cdbcdfb4b2f4c191d87', 'c0bd9e38a8f9de14c2acd35b2f3410c6988cf02400543631e0d6a4c1d030365acbf398115e51aaddebdc9590664210f9aa9fed770d4c57edeafa0b8c14f93300865251218c262d63dadc47dfa0e0284826793985137e0a544ec80abf2fdf5ab90bdaea66204012efe34971dc431d625cd9a329b8217cc8fd0d9f02b13f2f6b0b'],
+      ]
+
+      sha256_test_vectors.each do |shared_secret, shared_info, expected_key|
+        shared_secret = [shared_secret].pack('H*')
+        shared_info = [shared_info].pack('H*')
+        expected_key = [expected_key].pack('H*')
+
+        computed_key = ECIES::Crypt.new(kdf_shared_info: shared_info).kdf(shared_secret, expected_key.size)
+
+        expect(computed_key).to eq expected_key
+      end
+    end
+
+    it 'raises when size is invalid' do
+      expect{ ECIES::Crypt.new.kdf('a', -1) }.to raise_error(RuntimeError)
+      expect{ ECIES::Crypt.new.kdf('a', 32 * 2**32) }.to raise_error(RuntimeError)
+    end
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,6 @@
+if ENV['COVERAGE']
+  require 'simplecov'
+  SimpleCov.start
+end
+
+require 'ecies'

metadata

@@ -0,0 +1,181 @@
+--- !ruby/object:Gem::Specification
+name: ecies
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Stephen McCarthy
+autorequire: 
+bindir: bin
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBBMRMwEQYDVQQDDApzam1j
+  Y2FydGh5MRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJk/IsZAEZFgNj
+  b20wHhcNMTgwNDExMDAxMzI4WhcNMTkwNDExMDAxMzI4WjBBMRMwEQYDVQQDDApz
+  am1jY2FydGh5MRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJk/IsZAEZ
+  FgNjb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOk2n/6xgIgrG7
+  avtiI8I9DtcdA326qWYpdQSDLhpSsLNiqiIpo8KF1Zfy3lnAj6JBBIbjiaUsbA/i
+  Wcip0307dHNXZjr+AgYcL7OEp8EBkfAeZaYWMcVBbjiSxkzYesDxm7nvTOaD317h
+  cThBfB9KW1vGEzazomTxSI9sgqCDtWrogMLGag7uTDJ7fKRK6YXz2xncI0uCsmGb
+  7vekXpfn0xb6tr4ljSseCsPJHnXK7SKB4dzHsmQJ12A57aaV7C/bGqbQAC6odb6k
+  V8dw0fnmHC9OSYjV1b2Xr0VmoiT3YA4XsR0/LbeZvGOyQj8S4eHxgFg7wTVhCkCZ
+  D89+p8H5AgMBAAGjezB5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
+  BBQffCJK6PE+9XaH56VJoFoCl3ECeDAfBgNVHREEGDAWgRRzam1jY2FydGh5QGdt
+  YWlsLmNvbTAfBgNVHRIEGDAWgRRzam1jY2FydGh5QGdtYWlsLmNvbTANBgkqhkiG
+  9w0BAQUFAAOCAQEApvFGCB9uyF1mh1UV77YICagARejAIOhzOcZXjlpulI9xXjQY
+  0QK6P1GdwwE/pgT7YjfJR7VNFobare4WdfCzoWCFc34t2vJwrqkkOB3U7v3TjB+p
+  z/o2pZKLpNEL4bYJBEbd+vAad/nP1v5e2sCmLm86vSoOwiyQnifmP6PSORObbJF4
+  455zxYw1un6NfN0m+pnIKwvshKoOCgI05VJGtEolJoo42fnolmNxa2t6B30Mfmf+
+  kts216EGG4oP6dVuZmf2Ii2F4lQTBDdZM/cisW8jCkO7KeEzJAPhIw1JJwHltHya
+  0TpOI3t2Mz/FJ+rudtz9PJ/d8QvhrF7M7+qH4w==
+  -----END CERTIFICATE-----
+date: 2018-04-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.12
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.12
+- !ruby/object:Gem::Dependency
+  name: markdown
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: redcarpet
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3'
+description: 
+email: sjmccarthy@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- ".yardopts"
+- CHANGELOG.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- certs/jamoes.pem
+- ecies.gemspec
+- lib/ecies.rb
+- lib/ecies/crypt.rb
+- lib/ecies/version.rb
+- spec/crypt_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/jamoes/ecies
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6
+signing_key: 
+specification_version: 4
+summary: Elliptical Curve Integrated Encryption System (ECIES), as specified by SEC
+  1 - Ver. 2.0
+test_files:
+- spec/crypt_spec.rb
+- spec/spec_helper.rb