ffi-libsodium 0.0.1

data/lib/crypto/short_hash.rb

@@ -0,0 +1,41 @@
+require_relative '../sodium'
+require_relative '../sodium/utils'
+require_relative '../sodium/buffer'
+require_relative '../sodium/secret_buffer'
+
+module Crypto
+  module ShortHash
+    extend FFI::Library
+    extend Sodium::Utils
+
+    ffi_lib :libsodium
+
+    attach_function :primitive, :crypto_shorthash_primitive,  [], :string
+    attach_function :bytes,     :crypto_shorthash_bytes,      [], :size_t
+    attach_function :keybytes,  :crypto_shorthash_keybytes,   [], :size_t
+
+    PRIMITIVE = primitive.freeze
+    BYTES     = bytes.freeze
+    KEYBYTES  = keybytes.freeze
+
+    attach_function :crypto_shorthash,  [:buffer_out, :buffer_in, :ulong_long, :buffer_in], :int
+
+    module_function
+
+    def shorthash(short_data, key)
+      short_data_len = get_size(short_data)
+      check_length(key, KEYBYTES, :SecretKey)
+
+      siphash = Sodium::Buffer.new(:uchar, BYTES)
+      key.readonly if key.is_a?(Sodium::SecretBuffer)
+      crypto_shorthash(siphash, short_data, short_data_len, key)
+      key.noaccess if key.is_a?(Sodium::SecretBuffer)
+
+      siphash
+    end
+  end
+
+  def self.shorthash(*args)
+    ShortHash.shorthash(*args)
+  end
+end

data/lib/crypto/sign.rb

@@ -0,0 +1,102 @@
+require_relative '../sodium'
+require_relative '../sodium/utils'
+require_relative '../sodium/buffer'
+require_relative '../sodium/secret_buffer'
+require_relative '../random_bytes'
+
+module Crypto
+  module Sign
+    extend FFI::Library
+    extend Sodium::Utils
+
+    ffi_lib :libsodium
+
+    attach_function :primitive,       :crypto_sign_primitive,       [], :string
+    attach_function :bytes,           :crypto_sign_bytes,           [], :size_t
+    attach_function :seedbytes,       :crypto_sign_seedbytes,       [], :size_t
+    attach_function :publickeybytes,  :crypto_sign_publickeybytes,  [], :size_t
+    attach_function :secretkeybytes,  :crypto_sign_secretkeybytes,  [], :size_t
+
+    PRIMITIVE       = primitive.freeze
+    BYTES           = bytes.freeze
+    SEEDBYTES       = seedbytes.freeze
+    PUBLICKEYBYTES  = publickeybytes.freeze
+    SECRETKEYBYTES  = secretkeybytes.freeze
+
+    attach_function :crypto_sign_keypair,       [:buffer_out, :buffer_out],             :int
+    attach_function :crypto_sign_seed_keypair,  [:buffer_out, :buffer_out, :buffer_in], :int
+
+    attach_function :crypto_sign,       [:buffer_out, :buffer_out, :buffer_in, :ulong_long, :buffer_in],  :int
+    attach_function :crypto_sign_open,  [:buffer_out, :buffer_out, :buffer_in, :ulong_long, :buffer_in],  :int
+
+    module_function
+
+    def keypair
+      public_key = Sodium::Buffer.new(:uchar, PUBLICKEYBYTES)
+      secret_key = Sodium::Buffer.new(:uchar, SECRETKEYBYTES)
+
+      crypto_sign_keypair(public_key, secret_key)
+
+      [public_key, secret_key]
+    end
+
+    def seed_keypair(seed)
+      check_length(seed, SEEDBYTES, :Seed)
+
+      public_key = Sodium::Buffer.new(:uchar, PUBLICKEYBYTES)
+      secret_key = Sodium::Buffer.new(:uchar, SECRETKEYBYTES)
+
+      crypto_sign_seed_keypair(public_key, secret_key, seed)
+
+      [public_key, secret_key]
+    end
+
+    def memory_locked_keypair
+      public_key = Sodium::Buffer.new(:uchar, PUBLICKEYBYTES)
+      secret_key = Sodium::SecretBuffer.new(SECRETKEYBYTES)
+      crypto_sign_keypair(public_key, secret_key)
+      secret_key.noaccess
+
+      [public_key, secret_key]
+    end
+
+    def memory_locked_seed_keypair(seed)
+      check_length(seed, SEEDBYTES, :Seed)
+
+      public_key = Sodium::Buffer.new(:uchar, PUBLICKEYBYTES)
+      secret_key = Sodium::SecretBuffer.new(:uchar, SECRETKEYBYTES)
+      crypto_sign_seed_keypair(public_key, secret_key, seed)
+      secret_key.noaccess
+
+      [public_key, secret_key]
+    end
+
+    def sign(message, secret_key)
+      message_len = get_size(message)
+      check_length(secret_key, SECRETKEYBYTES, :SecretKey)
+
+      sealed_message = FFI::MemoryPointer.new(:uchar, BYTES + message_len)
+      sealed_message_len = FFI::MemoryPointer.new(:ulong_long)
+      secret_key.readonly if secret_key.is_a?(Sodium::SecretBuffer)
+      crypto_sign(sealed_message, sealed_message_len, message, message_len, secret_key)
+      secret_key.noaccess if secret_key.is_a?(Sodium::SecretBuffer)
+
+      [sealed_message, sealed_message_len.read_ulong_long]
+    end
+
+    def open(sealed_message, smlen, public_key)
+      sealed_message_len = get_int(smlen)
+      check_length(public_key, PUBLICKEYBYTES, :PublicKey)
+
+      unsealed_message = FFI::MemoryPointer.new(:uchar, sealed_message_len)
+      unsealed_message_len = FFI::MemoryPointer.new(:ulong_long)
+      crypto_sign_open(unsealed_message, unsealed_message_len, sealed_message, sealed_message_len, public_key)
+
+      [unsealed_message, unsealed_message_len.read_ulong_long]
+    end
+  end
+
+  def self.sign(*args)
+    Sign.sign(*args)
+  end
+end

data/lib/libsodium.rb

@@ -0,0 +1,21 @@
+require_relative 'sodium'
+require_relative 'sodium/utils'
+require_relative 'sodium/buffer'
+require_relative 'sodium/secret_buffer'
+require_relative 'random_bytes'
+require_relative 'crypto/secret_box'
+require_relative 'crypto/auth'
+require_relative 'crypto/aead/chacha20_poly1305'
+require_relative 'crypto/box'
+require_relative 'crypto/sign'
+require_relative 'crypto/generic_hash'
+require_relative 'crypto/short_hash'
+require_relative 'crypto/pw_hash/scrypt_salsa208_sha256'
+require_relative 'crypto/one_time_auth'
+require_relative 'crypto/scalar_mult'
+
+Thread.exclusive do
+  if Sodium.init == -1
+    fail LoadError, 'Could not initialize sodium'
+  end
+end

data/lib/random_bytes.rb

@@ -0,0 +1,21 @@
+require_relative 'sodium/buffer'
+
+module RandomBytes
+  extend FFI::Library
+  ffi_lib :libsodium
+
+  attach_function :randombytes_buf, [:buffer_out, :size_t], :void,  blocking: true
+
+  attach_function :random,  :randombytes_random,  [],         :uint32,  blocking: true
+  attach_function :uniform, :randombytes_uniform, [:uint32],  :uint32,  blocking: true
+  attach_function :close,   :randombytes_close,   [],         :int,     blocking: true
+  attach_function :stir,    :randombytes_stir,    [],         :void,    blocking: true
+
+  module_function
+
+  def buf(size)
+    buf = Sodium::Buffer.new(:uchar, size)
+    randombytes_buf(buf, size)
+    buf
+  end
+end

data/lib/sodium.rb

@@ -0,0 +1,69 @@
+require 'ffi'
+
+module Sodium
+  class CryptoError < StandardError; end
+  class LengthError < ArgumentError; end
+  class MemoryError < StandardError; end
+
+  extend FFI::Library
+  ffi_lib :libsodium
+
+  attach_function :init,  :sodium_init, [], :int,  blocking: true
+
+  attach_function :memcmp,  :sodium_memcmp,   [:buffer_in, :buffer_in, :size_t],  :int
+  attach_function :memzero, :sodium_memzero,  [:pointer, :size_t],  :void,    blocking: true
+  attach_function :free,    :sodium_free,     [:pointer],           :void,    blocking: true
+  attach_function :sodium_mlock,              [:pointer, :size_t],  :int,     blocking: true
+  attach_function :sodium_munlock,            [:pointer, :size_t],  :int,     blocking: true
+  attach_function :sodium_malloc,             [:size_t],            :pointer, blocking: true
+  attach_function :sodium_allocarray,         [:size_t, :size_t],   :pointer, blocking: true
+  attach_function :sodium_mprotect_noaccess,  [:pointer],           :int,     blocking: true
+  attach_function :sodium_mprotect_readonly,  [:pointer],           :int,     blocking: true
+  attach_function :sodium_mprotect_readwrite, [:pointer],           :int,     blocking: true
+
+  module_function
+
+  def mlock(addr, len)
+    if sodium_mlock(addr, len) == -1
+      raise MemoryError, "Could not lock length=#{len.to_int} bytes memory at address=#{addr.address}", caller
+    end
+  end
+
+  def munlock(addr, len)
+    if sodium_munlock(addr, len) == -1
+      raise MemoryError, "Could not unlock length=#{len.to_int} bytes memory at address=#{addr.address}", caller
+    end
+  end
+
+  def malloc(size)
+    unless (mem = sodium_malloc(size))
+      raise NoMemoryError, "Failed to allocate memory size=#{size.to_int} bytes", caller
+    end
+    mem
+  end
+
+  def allocarray(count, size)
+    unless (mem = sodium_allocarray(count, size))
+      raise NoMemoryError, "Failed to allocate memory size=#{count.to_int * size.to_int} bytes", caller
+    end
+    mem
+  end
+
+  def noaccess(ptr)
+    if sodium_mprotect_noaccess(ptr) == -1
+      raise MemoryError, "Memory at address=#{ptr.address} is not secured with #{self}.malloc", caller
+    end
+  end
+
+  def readonly(ptr)
+    if sodium_mprotect_readonly(ptr) == -1
+      raise MemoryError, "Memory at address=#{ptr.address} is not secured with #{self}.malloc", caller
+    end
+  end
+
+  def readwrite(ptr)
+    if sodium_mprotect_readwrite(ptr) == -1
+      raise MemoryError, "Memory at address=#{ptr.address} is not secured with #{self}.malloc", caller
+    end
+  end
+end

data/lib/sodium/buffer.rb

@@ -0,0 +1,11 @@
+require 'ffi'
+
+module Sodium
+  class Buffer < FFI::MemoryPointer
+    def to_bytes
+      read_bytes(size)
+    end
+
+    alias_method :to_str, :to_bytes
+  end
+end

data/lib/sodium/secret_buffer.rb

@@ -0,0 +1,58 @@
+require_relative '../sodium'
+
+module Sodium
+  class SecretBuffer
+    extend Forwardable
+
+    def_delegators :@buffer, :address, :to_i
+
+    attr_reader :size
+
+    def initialize(size)
+      @size = Utils.get_int(size)
+      @buffer = Sodium.malloc(@size)
+      setup_finalizer
+    end
+
+    def to_ptr
+      @buffer
+    end
+
+    def free
+      remove_finalizer
+      readwrite
+      Sodium.free(@buffer)
+      @size = @buffer = nil
+    end
+
+    def noaccess
+      Sodium.noaccess(@buffer)
+    end
+
+    def readonly
+      Sodium.readonly(@buffer)
+    end
+
+    def readwrite
+      Sodium.readwrite(@buffer)
+    end
+
+    private
+
+    def setup_finalizer
+      ObjectSpace.define_finalizer(@buffer, self.class.free(address))
+    end
+
+    def remove_finalizer
+      ObjectSpace.undefine_finalizer @buffer
+    end
+
+    def self.free(address)
+      ->(obj_id) do
+        Sodium.readwrite(FFI::Pointer.new(address))
+        Sodium.free(FFI::Pointer.new(address))
+        true
+      end
+    end
+  end
+end

data/lib/sodium/utils.rb

@@ -0,0 +1,71 @@
+require_relative '../sodium'
+
+module Sodium
+  module Utils
+
+    module_function
+
+    def check_length(data, length, description)
+      if data.is_a?(String) ||data.respond_to?(:bytesize)
+        unless data.bytesize == length.to_int
+          fail Sodium::LengthError, "Expected a length=#{length.to_int} bytes #{description}, got size=#{data.bytesize} bytes", caller
+        end
+      elsif data.is_a?(FFI::Pointer) ||data.respond_to?(:size)
+        unless data.size == length.to_int
+          fail Sodium::LengthError, "Expected a length=#{length.to_int} bytes #{description}, got size=#{data.size} bytes", caller
+        end
+      else
+        fail ArgumentError, "#{description} must be of type String or FFI::Pointer and be length=#{length.to_int} bytes long", caller
+      end
+      true
+    end
+
+    def get_pointer(ptr)
+      if ptr.is_a?(FFI::Pointer)
+        ptr
+      elsif ptr.respond_to?(:to_ptr)
+        ptr.to_ptr
+      else
+        fail ArgumentError, "#{ptr.class} is not a FFI::Pointer", caller
+      end
+    end
+
+    def get_string(string)
+      if string.is_a?(String)
+        string
+      elsif string.respond_to?(:to_str)
+        string.to_str
+      elsif string.respond_to?(:read_string)
+        string.read_string
+      else
+        fail ArgumentError, "#{string.class} is not a String", caller
+      end
+    end
+
+    def get_int(int)
+      if int.is_a?(Integer)
+        int
+      elsif int.respond_to?(:to_int)
+        int.to_int
+      else
+        fail ArgumentError, "#{int.class} is not a Integer", caller
+      end
+    end
+
+    def get_size(data)
+      if data.is_a?(String) ||data.respond_to?(:bytesize)
+        data.bytesize
+      elsif data.is_a?(FFI::Pointer) ||data.respond_to?(:size)
+        data.size
+      else
+        fail ArgumentError, "#{data.class} doesn't respond to :bytesize or :size", caller
+      end
+    end
+
+    ZERO = "\0".force_encoding(Encoding::ASCII_8BIT).freeze
+
+    def zeros(n)
+      ZERO * n
+    end
+  end
+end

data/lib/sodium/version.rb

@@ -0,0 +1,3 @@
+module Sodium
+  VERSION = '0.0.1'.freeze
+end

metadata

@@ -0,0 +1,90 @@
+--- !ruby/object:Gem::Specification
+name: ffi-libsodium
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Hendrik Beskow
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-10-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: ffi
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.9.5
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.9.5
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.7'
+description: libsodium ffi wrapper
+email: 
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- README.md
+- lib/crypto/aead/chacha20_poly1305.rb
+- lib/crypto/auth.rb
+- lib/crypto/box.rb
+- lib/crypto/generic_hash.rb
+- lib/crypto/one_time_auth.rb
+- lib/crypto/pw_hash/scrypt_salsa208_sha256.rb
+- lib/crypto/scalar_mult.rb
+- lib/crypto/secret_box.rb
+- lib/crypto/short_hash.rb
+- lib/crypto/sign.rb
+- lib/libsodium.rb
+- lib/random_bytes.rb
+- lib/sodium.rb
+- lib/sodium/buffer.rb
+- lib/sodium/secret_buffer.rb
+- lib/sodium/utils.rb
+- lib/sodium/version.rb
+homepage: https://github.com/Asmod4n/ruby-ffi-libsodium
+licenses:
+- Apache-2.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.9.3
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.1
+signing_key: 
+specification_version: 4
+summary: libsodium ffi wrapper
+test_files: []