gcrypto_jce 0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 6ea980e568ff834fe048aec8765173363c7fef97
+  data.tar.gz: c0e4dd9410fd14407084f3cc1c36706dfc2a9e2e
+SHA512:
+  metadata.gz: dbbd80105e940387809faff363c7c03e02b506c3e89ee3371b94c3789c68ecddec4a59be991816ca22d72d59f96afded95cf20a68c08e118dca06bc310e3d998
+  data.tar.gz: e7bf81bd606ec25dfcfdd8b940f10cf742742763fee88d4c3d26aa9c1dc4f643a977ad13064f758ba4d9e068fdeb2028d506b53ac9bf3b6c17d0d34708c81f31

data/.gitignore

@@ -0,0 +1,12 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+tags
+/test/artifacts/*
+!/test/artifacts/.gitkeep

data/.ruby-version

@@ -0,0 +1 @@
+jruby-9.1.17.0

data/Gemfile

@@ -0,0 +1,9 @@
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in gcrypto_jce.gemspec
+gemspec
+
+gem 'pkernel', path: '../../pkernel/pkernel'
+gem 'pkernel_jce', path: '../../pkernel/pkernel_jce'
+
+gem 'gcrypto', path: '../gcrypto'

data/Gemfile.lock

@@ -0,0 +1,60 @@
+PATH
+  remote: ../../pkernel/pkernel_jce
+  specs:
+    pkernel_jce (0.1.0)
+      activesupport
+      tlogger
+
+PATH
+  remote: ../../pkernel/pkernel
+  specs:
+    pkernel (0.1.0)
+      tlogger
+
+PATH
+  remote: ../gcrypto
+  specs:
+    gcrypto (0.1.0)
+      pkernel
+      tlogger
+
+PATH
+  remote: .
+  specs:
+    gcrypto_jce (0.1.0)
+      activesupport
+      pkernel
+      pkernel_jce
+      tlogger
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (5.2.3)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    concurrent-ruby (1.1.5)
+    i18n (1.6.0)
+      concurrent-ruby (~> 1.0)
+    minitest (5.11.3)
+    rake (10.5.0)
+    thread_safe (0.3.6-java)
+    tlogger (0.8.0)
+    tzinfo (1.2.5)
+      thread_safe (~> 0.1)
+
+PLATFORMS
+  java
+
+DEPENDENCIES
+  bundler (~> 2.0)
+  gcrypto!
+  gcrypto_jce!
+  pkernel!
+  pkernel_jce!
+  rake (~> 10.0)
+
+BUNDLED WITH
+   2.0.2

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2019 Chris Liaw
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,39 @@
+# GcryptoJce
+
+Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/gcrypto_jce`. To experiment with that code, run `bin/console` for an interactive prompt.
+
+TODO: Delete this and the text above, and describe your gem
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'gcrypto_jce'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install gcrypto_jce
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/gcrypto_jce.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "gcrypto_jce"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/gcrypto_jce.gemspec

@@ -0,0 +1,47 @@
+
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "gcrypto_jce/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "gcrypto_jce"
+  spec.version       = GcryptoJce::VERSION
+  spec.authors       = ["Chris Liaw"]
+  spec.email         = ["chrisliaw@antrapol.com"]
+
+  spec.summary       = %q{}
+  spec.description   = %q{}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
+  # to allow pushing to a single host or delete this section to allow pushing to any host.
+  #if spec.respond_to?(:metadata)
+  #  spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
+
+  #  spec.metadata["homepage_uri"] = spec.homepage
+  #  spec.metadata["source_code_uri"] = "TODO: Put your gem's public repo URL here."
+  #  spec.metadata["changelog_uri"] = "TODO: Put your gem's CHANGELOG.md URL here."
+  #else
+  #  raise "RubyGems 2.0 or newer is required to protect against " \
+  #    "public gem pushes."
+  #end
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 2.0"
+  spec.add_development_dependency "rake", "~> 10.0"
+
+  spec.add_dependency "tlogger"
+  spec.add_dependency "pkernel"
+  spec.add_dependency "pkernel_jce"
+  spec.add_dependency 'activesupport'
+  
+end

data/lib/gcrypto_jce.rb

@@ -0,0 +1,49 @@
+
+require 'gcrypto'
+require "gcrypto_jce/version"
+
+require_relative 'gcrypto_jce/keypair_crypto'
+require_relative 'gcrypto_jce/secretkey'
+require_relative 'gcrypto_jce/secretkey_crypto'
+require_relative 'gcrypto_jce/secure_random'
+require_relative 'gcrypto_jce/digest'
+require_relative 'gcrypto_jce/hkdf'
+require_relative 'gcrypto_jce/pbkdf2'
+require_relative 'gcrypto_jce/converter'
+
+module GcryptoJce
+  class Error < StandardError; end
+  # Your code goes here...
+
+  class Gcrypto::KeyPairCrypto
+    extend GcryptoJce::KeyPairCrypto
+  end
+
+  class Gcrypto::SecretKey
+    extend GcryptoJce::SecretKey
+  end
+  
+  class Gcrypto::SecretKeyCrypto
+    extend GcryptoJce::SecretKeyCrypto
+  end
+
+  class Gcrypto::SecureRandom
+    extend GcryptoJce::SecureRandom
+  end
+
+  class Gcrypto::Digest
+    extend GcryptoJce::Digest
+  end
+
+  class Gcrypto::HKDF
+    extend GcryptoJce::KDF::HKDF
+  end
+
+  class Gcrypto::PBKDF2
+    extend GcryptoJce::KDF::PBKDF2
+  end
+
+  class Gcrypto::Converter
+    extend GcryptoJce::Converter
+  end
+end

data/lib/gcrypto_jce/converter.rb

@@ -0,0 +1,29 @@
+
+
+module GcryptoJce
+  module Converter
+    def to_hex(bin)
+      String.from_java_bytes(org.bouncycastle.util.encoders.Hex.encode(bin))
+    end
+    # end to_hex
+
+    def from_hex(str)
+      org.bouncycastle.util.encoders.Hex.decode(str)
+    end
+    # end from_hex
+  
+    def to_b64(bin)
+      String.from_java_bytes(java.util.Base64.encoder.encode(bin))
+    end
+    # end to_b64
+  
+    def from_b64(str)
+      java.util.Base64.decoder.decode(str)
+    end
+    # end from_b64
+  
+  end
+  # module Converter
+  #
+end
+# module PkernelJce

data/lib/gcrypto_jce/digest.rb

@@ -0,0 +1,56 @@
+
+require_relative 'error'
+require_relative 'io_utils'
+require_relative 'provider'
+require_relative 'global'
+#require_relative 'secretkey'
+
+
+module GcryptoJce
+  module Digest
+    
+    def generate(opts = { })
+      
+      digest = opts[:digest] || :sha256
+      digest = digest.to_s.upcase if not (digest.nil? or digest.empty?)
+      is = IoUtils.load_input(opts)
+      prov = GcryptoJce::Provider.handle_options(opts)
+      if prov.nil?
+        md = java.security.MessageDigest.getInstance(digest)
+      else
+        md = java.security.MessageDigest.getInstance(digest,prov)
+      end 
+
+      begin
+        bufConf = opts[:int_buf] || { }
+        total = 0
+        IoUtils.read_chunk(is, bufConf) do |buf, from, len|
+          md.update(buf, from, len)
+          total += len
+          GcryptoJce::GConf.instance.glog.debug "Processed #{NumberHelper.number_to_human_size(total)}"
+        end
+
+        val = md.digest
+        String.from_java_bytes(org.bouncycastle.util.encoders.Hex.encode(val))
+        
+      rescue Exception
+      ensure
+        begin
+          is.close
+        rescue Exception
+        end
+      end
+      
+    end
+    # end method generate()
+    #
+  
+  end
+  # end module Digest
+  #
+
+  class DigestEngine
+    extend Digest
+  end
+
+end

data/lib/gcrypto_jce/error.rb

@@ -0,0 +1,6 @@
+
+
+module GcryptoJce
+  class Error < StandardError; end
+  
+end

data/lib/gcrypto_jce/global.rb

@@ -0,0 +1,26 @@
+
+require 'singleton'
+require 'tlogger'
+
+module GcryptoJce
+  class GConf
+    include Singleton
+    attr_reader :logger_params, :glog
+    def initialize
+      @logger_params = STDOUT
+      @glog = Tlogger.new(STDOUT)
+      @glog.tag = :gcrypto_jce
+      @glog.show_source
+    end  
+
+    def java_version
+      if @java_ver.nil?
+        @java_ver = ENV_JAVA['java.version']
+      end
+      
+      @java_ver
+    end
+  end
+end
+
+

data/lib/gcrypto_jce/hkdf.rb

@@ -0,0 +1,143 @@
+
+
+
+require 'gcrypto'
+require_relative 'secretkey'
+require_relative 'error'
+require_relative 'io_utils'
+require_relative 'provider'
+require_relative 'global'
+
+module GcryptoJce
+  module KDF
+    module HKDF
+      
+      #def extract(opts = { })
+      #  
+      #  salt = opts[:salt]
+      #  if salt.nil?
+      #    salt = Java::byte[hmac.mac_length].new
+      #  end       
+      # 
+      #  secKey = javax.crypto.spec.SecretKeySpec.new(salt, "AES")
+      #  
+      #  hmacSpec = opts[:hmacEng] || 'HmacSHA256'
+      #  hmac = javax.crypto.Mac.getInstance(hmacSpec)
+      #  hmac.init(secKey)
+
+      #  ikm = opts[:ikm]
+      #  if ikm.nil?
+      #    raise GcryptoJce::Error, "Input Key Material (IKM) cannot be nil. It can be any random value or message itself"
+      #  end
+      #  is = IoUtils.load_input(ikm)
+      #  
+      #  os = java.io.ByteArrayOutputStream.new
+
+      #  begin
+      #    bufConf = opts[:int_buf] || { }
+      #    total = 0
+      #    IoUtils.read_chunk(is, bufConf) do |buf, from, len|
+      #      os.write(hmac.update(buf, from, len))
+      #      total += len
+      #      GcryptoJce::GConf.instance.glog.debug "Processed #{NumberHelper.number_to_human_size(total)}"
+      #    end
+
+      #    os.write(hmac.doFinal)
+      #  rescue Exception
+      #  ensure
+      #    begin
+      #      is.close
+      #      os.flush
+      #      os.close
+      #    rescue Exception
+      #    end
+      #  end
+
+      #  
+      #end
+      # end extract
+      #
+
+      # allow key to be expended to arbitary length according to RFC5869
+      def expand(opts = {})
+
+        key = opts[:key]
+        if key.nil?
+          raise GcryptoJce::Error, "Key is not given to HKDF for expansion operation"
+        else
+          key = IoUtils.ensure_java_bytes(key)
+        end
+        
+        kcType = opts[:key_type] || :aes
+        case kcType
+        when :aes, "AES", "aes"
+          secKey = javax.crypto.spec.SecretKeySpec.new(key, "AES")
+        else
+          raise GcryptoJce::Error, "Unknown key type '#{kcType}'"
+        end
+
+        hmacSpec = opts[:hmacEng] || 'HmacSHA256'
+        hmac = javax.crypto.Mac.getInstance(hmacSpec)
+        hmac.init(secKey)
+       
+        ctxInfo = opts[:contextInfo]
+        if ctxInfo.nil?
+          ctxInfoBytes = "".to_java.getBytes
+        else
+          ctxInfoBytes = IoUtils.ensure_java_bytes(ctxInfo)
+        end
+        
+        baseBuf = java.io.ByteArrayOutputStream.new
+        baseBuf.write(key)
+        baseBuf.write(ctxInfoBytes)
+        baseBufBin = baseBuf.toByteArray
+        baseBufLen = baseBufBin.length
+          
+        GcryptoJce::GConf.instance.glog.debug "baseBufBin : #{baseBufBin}"
+        
+        baseBlock = Java::byte[baseBufLen+1].new
+        java.lang.System.arraycopy(baseBufBin,0,baseBlock,0,baseBufLen)
+        GcryptoJce::GConf.instance.glog.debug "baseBlock : #{baseBlock}"
+
+        # always in bits
+        reqKeyLen = opts[:outKeyLen]
+        loopCnt = ((reqKeyLen*1.0) / (hmac.mac_length*8*1.0)).ceil
+        GcryptoJce::GConf.instance.glog.debug "loopCnt : #{loopCnt}"
+        
+        exOut = java.io.ByteArrayOutputStream.new
+        
+        cnt = 0
+        while (cnt < loopCnt)  do
+          baseBlock[baseBlock.length-1] = cnt
+          #GcryptoJce::GConf.instance.glog.debug "baseBlock (#{cnt}) : #{baseBlock[baseBlock.length-1]}"
+          hash = hmac.doFinal(baseBlock)
+          exOut.write(hash)
+          cnt += 1
+        end
+        
+        expanded = exOut.toByteArray
+        ret = Java::byte[reqKeyLen/8].new
+        java.lang.System.arraycopy(expanded,0,ret,0,ret.length)
+        
+        ret
+        
+      end
+      # end expand
+      #
+  
+    end
+    # end HKDF
+    #
+ 
+    class HKDFEngine
+      extend HKDF
+    end
+
+  end
+  # end KDF
+  #
+end
+# end GcryptoJce
+
+
+