enzoic 1.0.3

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: f384606d64ea5eac9f13b2467ab4e494d7043312
+  data.tar.gz: 7f3d428ada763102e27d26aba7ee5172169e5bee
+SHA512:
+  metadata.gz: 7a6da77a5e86c97d835e50378c67423c6197f771d5647216d9c7613d7cf402ff6705dbf9e20fce28796bf8957741a3d7459c6dbec0aead19f0ff9e3a7bc4b09e
+  data.tar.gz: 20356c44bacd22fa24ea58ee85515acecb44326b4fc5b46ee233ad0b132727b8b61594053e2c91df1a4c5300277f0bcda1c7691acf14ed5b126e59bc265e55b1

data/.gitignore

@@ -0,0 +1,19 @@
+.DS_store
+/.atomenv.json
+/.idea/
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+/ext/argon2-wrapper/libargon2-wrapper.so
+/ext/argon2-wrapper/tests
+/ext/argon2-wrapper/libargon2-wrapper.bundle*
+passwordping-1.0.0.gem
+enzoic-1.0.0.gem
+enzoic-*.gem
+*.bundle

data/.gitmodules

@@ -0,0 +1,3 @@
+[submodule "ext/phc-winner-argon2"]
+	path = ext/phc-winner-argon2
+	url = https://github.com/P-H-C/phc-winner-argon2.git

data/.travis.yml

@@ -0,0 +1,3 @@
+language: ruby
+rvm:
+ - 2.4

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in enzoic.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,5 @@
+Enzoic Ruby Library
+https://www.enzoic.com/
+
+Copyright 2019, Enzoic
+Released under the MIT license.

data/README.md

@@ -0,0 +1,90 @@
+# Enzoic Ruby Client Library
+
+
+## TOC
+
+This README covers the following topics:
+
+- [Installation](#installation)
+- [Source](#source)
+- [API Overview](#api-overview)
+- [The Enzoic constructor](#the-enzoic-constructor)
+- [Platform Requirements](#platform-requirements)
+- [RubyDocs](#rubydocs)
+
+## Installation
+
+The compiled library is available as a Ruby Gem:
+
+```shell
+gem install enzoic
+```
+
+### Source
+
+You can build the project from the source in this repository.
+
+## API Overview
+
+Here's the API in a nutshell.
+
+```ruby
+require 'enzoic'
+
+# Create a new Enzoic instance - this is our primary interface for making API calls
+enzoic = Enzoic::Enzoic.new(apiKey: YOUR_API_KEY, secret: YOUR_API_SECRET)
+
+# Check whether a password has been compromised
+if enzoic.check_password("password-to-test")
+    puts("Password is compromised")
+else
+    puts("Password is not compromised")
+end
+
+# Check whether a specific set of credentials are compromised
+if enzoic.check_credentials("test@enzoic.com", "password-to-test")
+    puts("Credentials are compromised")
+else
+    puts("Credentials are not compromised")
+end
+
+# get all exposures for a given user
+exposures = enzoic.get_exposures_for_user("test@enzoic.com")
+puts(exposures.count.to_s + " exposures found for test@enzoic.com")
+
+# now get the full details for the first exposure found
+details = enzoic.get_exposure_details(exposures.exposures[0])
+puts("First exposure for test@enzoic.com was " + details.title)
+```
+
+More information in reference format can be found below.
+
+## The Enzoic constructor
+
+The standard constructor takes the API key and secret you were issued on Enzoic signup.
+
+```ruby
+enzoic = Enzoic::Enzoic.new(apiKey: YOUR_API_KEY, secret: YOUR_API_SECRET)
+```
+
+If you were instructed to use an alternate API endpoint, you may call the overloaded constructor and pass the base URL you were provided.
+
+```ruby
+enzoic = Enzoic::Enzoic.new(apiKey: YOUR_API_KEY, secret: YOUR_API_SECRET, baseURL: "https://api-alt.enzoic.com/v1")
+```
+
+## Platform Requirements
+
+OSX and Linux platforms are fully supported.  Windows is not, since FFI support is needed for some of the cryptography libraries, which is problematic on Windows.
+
+Ruby 2.0.0 and up are supported.
+
+## RubyDocs
+
+The RubyDocs contain more complete references for the API functions.  
+
+They can be found here: <http://www.rubydoc.info/gems/enzoic>
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,28 @@
+require "bundler/gem_tasks"
+require "rake/testtask"
+require "rake/clean"
+require 'rake/extensiontask'
+
+gemspec = Bundler::GemHelper.gemspec
+
+CLEAN.include [ 'lib/digest/whirlpool.*', 'ext/argon2-wrapper/libargon2-wrapper.*' ]
+CLOBBER.include [ 'ext/digest/whirlpool/mkmf.log', 'ext/digest/whirlpool/Makefile' ]
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test"
+  t.libs << "lib"
+  t.warning = true
+  t.test_files = FileList['test/**/*_test.rb']
+end
+
+Rake::ExtensionTask.new('whirlpool', gemspec) do |ext|
+  ext.ext_dir = 'ext/digest/whirlpool'
+  ext.lib_dir = 'lib/digest'
+end
+
+Rake::ExtensionTask.new('argon2-wrapper', gemspec) do |ext|
+  ext.ext_dir = 'ext/argon2-wrapper'
+  ext.lib_dir = 'lib/enzoic'
+end
+
+task :default => :test

data/enzoic.gemspec

@@ -0,0 +1,36 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'enzoic/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "enzoic"
+  spec.version       = Enzoic::VERSION
+  spec.authors       = ["Enzoic"]
+  spec.email         = ["support@enzoic.com"]
+
+  spec.summary       = 'Ruby library for Enzoic API'
+  spec.description   = 'Ruby library for Enzoic API'
+  spec.homepage      = 'https://github.com/enzoic/enzoic-ruby-client'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.files << `find ext`.split
+
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+  spec.add_dependency 'ffi', '~> 1.11.1'
+  spec.add_dependency 'ffi-compiler', '~> 1.0.1'
+  spec.add_dependency 'rest-client', '~> 2.0', '>= 2.0.2'
+  spec.add_dependency 'bcrypt', '~> 3.1', '>= 3.1.11'
+  spec.add_dependency 'unix-crypt', '~> 1.3'
+  spec.add_dependency 'base64url', '~> 1.0', '>= 1.0.1'
+
+  spec.add_development_dependency "bundler", '~> 2.0.2', '>= 2.0.2'
+  spec.add_development_dependency "rake", '~> 10.4', '>= 10.4.2'
+  spec.add_development_dependency "test-unit", '~> 3.2', '>= 3.2.4'
+  spec.add_development_dependency "rake-compiler", '~> 1.0', '>= 1.0.4'
+  spec.add_development_dependency "io-console", '~> 0.4', '>= 0.4.6'
+  spec.extensions = ['ext/argon2-wrapper/extconf.rb', "ext/digest/whirlpool/extconf.rb" ]
+end

data/ext/argon2-wrapper/Makefile

@@ -0,0 +1,74 @@
+# Argon Wrapper Makefile
+# This file is based on the original Argon2 reference
+# Argon2 source code package
+#
+# This work is licensed under a Creative Commons CC0 1.0 License/Waiver.
+#
+# You should have received a copy of the CC0 Public Domain Dedication along with
+# this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
+#
+
+DIST_SRC = ../phc-winner-argon2/src
+SRC = $(DIST_SRC)/argon2.c $(DIST_SRC)/core.c $(DIST_SRC)/blake2/blake2b.c $(DIST_SRC)/thread.c $(DIST_SRC)/encoding.c argon2-wrapper.c
+OBJ = $(SRC:.c=.o)
+
+CFLAGS = -pthread -O3 -Wall -I../phc-winner-argon2/include -I../phc-winner-argon2/src
+
+OPTTEST := $(shell $(CC) -Iinclude -Isrc -march=native src/opt.c -c 2>/dev/null; echo $$?)
+# Detect compatible platform
+ifneq ($(OPTTEST), 0)
+	SRC += $(DIST_SRC)/ref.c
+else
+	CFLAGS += -march=native
+	SRC += $(DIST_SRC)/opt.c
+endif
+
+
+BUILD_PATH := $(shell pwd)
+KERNEL_NAME := $(shell uname -s)
+
+LIB_NAME=argon2-wrapper
+ifeq ($(KERNEL_NAME), Linux)
+	LIB_EXT := so
+	LIB_CFLAGS := -shared -fPIC
+endif
+ifeq ($(KERNEL_NAME), NetBSD)
+	LIB_EXT := so
+	LIB_CFLAGS := -shared -fPIC
+endif
+ifeq ($(KERNEL_NAME), Darwin)
+	LIB_EXT := bundle
+	LIB_CFLAGS := -bundle
+endif
+ifeq ($(findstring MINGW, $(KERNEL_NAME)), MINGW)
+	LIB_EXT := dll
+	LIB_CFLAGS := -shared -Wl,--out-implib,lib$(LIB_NAME).$(LIB_EXT).a
+endif
+ifeq ($(KERNEL_NAME), $(filter $(KERNEL_NAME),OpenBSD FreeBSD))
+	LIB_EXT := so
+	LIB_CFLAGS := -shared -fPIC
+endif
+ifeq ($(KERNEL_NAME), SunOS)
+    CC := gcc
+    CFLAGS += -D_REENTRANT
+    LIB_EXT := so
+    LIB_CFLAGS := -shared -fPIC
+endif
+
+LIB_SH := lib$(LIB_NAME).$(LIB_EXT)
+
+all: libs
+libs: $(SRC)
+		$(CC) $(CFLAGS) $(LIB_CFLAGS) $^ -o libargon2-wrapper.$(LIB_EXT)
+
+#Deliberately avoiding the CFLAGS for our test cases - disable optimise and
+#C89
+test: $(SRC) test.c
+	clang -pthread -O3 -fsanitize=address -fsanitize=undefined -Wall -g $^ -o tests $(CFLAGS)
+	./tests
+
+clean:
+	rm -f tests libargon2-wrapper.$(LIB_EXT)
+
+install:
+	echo none

data/ext/argon2-wrapper/argon2-wrapper.c

@@ -0,0 +1,165 @@
+/* Wrapper for argon Ruby bindings
+ * lolware.net
+ * Much of this code is based on run.c from the reference implementation
+ */
+
+#include <stdio.h>
+#include <stdint.h>
+#include <inttypes.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+
+#include "argon2.h"
+#include "core.h"
+#include "encoding.h"
+
+#define T_COST_DEF 3
+#define LOG_M_COST_DEF 12 /* 2^12 = 4 MiB */
+#define LANES_DEF 1
+#define THREADS_DEF 1
+#define OUT_LEN 32
+#define SALT_LEN 16
+#define ENCODE_LEN 96 /* Does not include SALT LEN */
+
+/* Workaround for https://github.com/technion/ruby-argon2/issues/8. Hopefully temporary */
+static int wrap_compare(const uint8_t *b1, const uint8_t *b2, size_t len) {
+    size_t i;
+    uint8_t d = 0U;
+
+    for (i = 0U; i < len; i++) {
+        d |= b1[i] ^ b2[i];
+    }
+    return (int)((1 & ((d - 1) >> 8)) - 1);
+}
+
+int argon2_wrap_version(char *out, const char *pwd, size_t pwd_length,
+        uint8_t *salt,  uint32_t saltlen, uint32_t t_cost, uint32_t m_cost,
+        uint32_t lanes, uint8_t *secret, size_t secretlen, uint32_t version,
+        argon2_type type)
+{
+    uint8_t hash[OUT_LEN];
+    argon2_context context;
+
+    if (!pwd) {
+        return ARGON2_PWD_PTR_MISMATCH;
+    }
+
+    if (!salt) {
+        return ARGON2_PWD_PTR_MISMATCH;
+    }
+
+    context.out = hash;
+    context.outlen = OUT_LEN;
+    context.pwd = (uint8_t *)pwd;
+    context.pwdlen = pwd_length;
+    context.salt = salt;
+    context.saltlen = saltlen;
+    context.secret = secret;
+    context.secretlen = secretlen;
+    context.ad = NULL;
+    context.adlen = 0;
+    context.t_cost = t_cost;
+    context.m_cost = m_cost;
+    context.lanes = lanes;
+    context.threads = lanes;
+    context.allocate_cbk = NULL;
+    context.free_cbk = NULL;
+    context.flags = 0;
+    context.version = version;
+
+    int result;
+    if (type == Argon2_i) {
+        result = argon2i_ctx(&context);
+    }  else if (type == Argon2_id) {
+        result = argon2id_ctx(&context);
+    } else if (type == Argon2_d) {
+        result = argon2d_ctx(&context);
+    } else {
+        // Unsupported type
+        return ARGON2_ENCODING_FAIL;
+    }
+
+    if (result != ARGON2_OK)
+        return result;
+
+    encode_string(out, ENCODE_LEN + saltlen, &context, type);
+    return ARGON2_OK;
+}
+
+/* Since all new hashes will use latest version, this wraps the
+   * function including the version
+   */
+int argon2_wrap(char *out, const char *pwd, size_t pwd_length,
+        uint8_t *salt,  uint32_t saltlen, uint32_t t_cost, uint32_t m_cost,
+        uint32_t lanes, uint8_t *secret, size_t secretlen)
+{
+    return argon2_wrap_version(out, pwd, pwd_length, salt, saltlen,
+            t_cost, m_cost, lanes, secret, secretlen, ARGON2_VERSION_13, Argon2_id);
+}
+
+int wrap_argon2_verify(const char *encoded, const char *pwd,
+    const size_t pwdlen,
+    uint8_t *secret, size_t secretlen)
+{
+    argon2_context ctx;
+    int ret;
+    char *out;
+    memset(&ctx, 0, sizeof(argon2_context));
+    size_t encoded_len;
+    argon2_type type;
+
+    encoded_len = strlen(encoded);
+    /* larger than max possible values */
+    ctx.saltlen = encoded_len;
+    ctx.outlen = encoded_len;
+
+    ctx.salt = malloc(ctx.saltlen);
+    ctx.out = malloc(ctx.outlen);
+    if (!ctx.out || !ctx.salt) {
+        free(ctx.salt);
+        free(ctx.out);
+        return ARGON2_MEMORY_ALLOCATION_ERROR;
+    }
+
+    if (memcmp(encoded, "$argon2id", strlen("$argon2id")) == 0) {
+        type = Argon2_id;
+    } else if (memcmp(encoded, "$argon2i", strlen("$argon2i")) == 0) {
+        type = Argon2_i;
+    } else if (memcmp(encoded, "$argon2d", strlen("$argon2d")) == 0) {
+        type = Argon2_d;
+    } else {
+        // Other types not yet supported
+        return ARGON2_DECODING_FAIL;
+    }
+
+    if (decode_string(&ctx, encoded, type) != ARGON2_OK) {
+        free(ctx.salt);
+        free(ctx.out);
+        return ARGON2_DECODING_FAIL;
+    }
+
+    out = malloc(ENCODE_LEN + ctx.saltlen);
+    if(!out) {
+        free(ctx.salt);
+        free(ctx.out);
+        return ARGON2_DECODING_FAIL;
+    }
+
+    ret = argon2_wrap_version(out, pwd, pwdlen, ctx.salt, ctx.saltlen,
+            ctx.t_cost, ctx.m_cost, ctx.lanes, secret, secretlen,
+            ctx.version, type);
+
+    free(ctx.salt);
+
+    if (ret != ARGON2_OK || wrap_compare((uint8_t*)out, (uint8_t*)encoded,
+                strlen(encoded))) {
+        free(ctx.out);
+        free(out);
+        return ARGON2_DECODING_FAIL;
+    }
+    free(ctx.out);
+    free(out);
+
+    return ARGON2_OK;
+}