hkdf 0.2.0 → 0.3.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 32e2c102c323f4510551f669261ce3fe39c11dc3
+  data.tar.gz: f2585bdce88e509b0d7acf699b0313029fb767ab
+SHA512:
+  metadata.gz: 303d49a8b562e90325cc90fe5bb1ce6294de07973d6f974f136c50bc9ae23e02cb09f36c725be7394e610bd4526beea9f61b9b5aee67fa7f370a0e553a4b1713
+  data.tar.gz: 1037d09b22dac87dea10a86a8ec1dea9f84390d43d5a9d5ace084e1d6c02a0e50ce57015a916dad6fe75f58683487cee911043168f63119c15da12ea17347685

data/LICENSE

@@ -0,0 +1,19 @@
+Copyright (c) 2013 John Downey
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -25,7 +25,3 @@ hkdf = HKDF.new(File.new('/tmp/filename'), :read_size => 512)
 hkdf.next_bytes(32)
  => "\f#\xF4b\x98\x9B\x7Fw>|/|k\xF4k\xB7\xB9\x11e\xC5\x92\xD1\fH\xFDG\x94vt\xB4\x14\xCE"
 ```
-
-## License
-
-The HKDF gem is released under the [MIT license](http://www.opensource.org/licenses/MIT).

data/lib/hkdf.rb

@@ -2,18 +2,19 @@ require 'openssl'
 require 'stringio'
 
 class HKDF
+  DefaultAlgorithm = 'SHA256'
   DefaultReadSize = 512 * 1024
 
   def initialize(source, options = {})
-    options = {:algorithm => 'SHA256', :info => '', :salt => nil, :read_size => nil}.merge(options)
     source = StringIO.new(source) if source.is_a?(String)
 
-    @digest = OpenSSL::Digest.new(options[:algorithm])
-    @info = options[:info]
+    algorithm = options.fetch(:algorithm, DefaultAlgorithm)
+    @digest = OpenSSL::Digest.new(algorithm)
+    @info = options.fetch(:info, '')
 
     salt = options[:salt]
     salt = 0.chr * @digest.digest_length if salt.nil? or salt.empty?
-    read_size = options[:read_size] || DefaultReadSize
+    read_size = options.fetch(:read_size, DefaultReadSize)
 
     @prk = _generate_prk(salt, source, read_size)
     @position = 0
@@ -26,7 +27,7 @@ class HKDF
   end
 
   def max_length
-    @digest.digest_length * 255
+    @max_length ||= @digest.digest_length * 255
   end
 
   def seek(position)
@@ -55,6 +56,10 @@ class HKDF
     next_bytes(length).unpack('H*').first
   end
 
+  def inspect
+    "#{to_s[0..-2]} algorithm=#{@digest.name.inspect} info=#{@info.inspect}>"
+  end
+
   def _generate_prk(salt, source, read_size)
     hmac = OpenSSL::HMAC.new(salt, @digest)
     while block = source.read(read_size)

data/spec/{test_vectors.txt → fixtures/test_vectors.txt}

@@ -51,3 +51,12 @@ info   =
 L      = 42
 PRK    = 0xda8c8a73c7fa77288ec6f5e7c297786aa0d32d01
 OKM    = 0x0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918
+
+Test with SHA-1, salt not provided (defaults to HashLen zero octets), zero-length info
+Hash   = SHA1
+IKM    = 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
+salt   =
+info   =
+L      = 42
+PRK    = 0x2adccada18779e7c2077ad2eb19d3f3e731385dd
+OKM    = 0x2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48

data/spec/hkdf_spec.rb

@@ -1,84 +1,88 @@
 require 'spec_helper'
 
 describe HKDF do
-  before(:each) do
-    @algorithm = 'SHA256'
-    @source = 'source'
-    @hkdf = HKDF.new(@source, :algorithm => @algorithm)
+  let(:source) { 'source' }
+  subject(:hkdf) do
+    HKDF.new(source)
   end
 
   describe 'initialize' do
     it 'accepts an IO or a string as a source' do
-      output1 = HKDF.new(@source).next_bytes(32)
-      output2 = HKDF.new(StringIO.new(@source)).next_bytes(32)
-      output1.should == output2
+      output1 = HKDF.new(source).next_bytes(32)
+      output2 = HKDF.new(StringIO.new(source)).next_bytes(32)
+      expect(output1).to eq(output2)
     end
 
     it 'reads in an IO at a given read size' do
-      io = StringIO.new(@source)
-      io.should_receive(:read).with(1)
+      io = StringIO.new(source)
+      expect(io).to receive(:read).with(1)
 
       HKDF.new(io, :read_size => 1)
     end
 
     it 'reads in the whole IO' do
-      hkdf1 = HKDF.new(@source, :read_size => 1)
-      hkdf2 = HKDF.new(@source)
+      hkdf1 = HKDF.new(source, :read_size => 1)
+      hkdf2 = HKDF.new(source)
 
-      hkdf1.next_bytes(32).should == hkdf2.next_bytes(32)
+      expect(hkdf1.next_bytes(32)).to eq(hkdf2.next_bytes(32))
     end
 
     it 'defaults the algorithm to SHA-256' do
-      HKDF.new(@source).algorithm.should == 'SHA256'
+      expect(HKDF.new(source).algorithm).to eq('SHA256')
     end
 
     it 'takes an optional digest algorithm' do
-      @hkdf = HKDF.new('source', :algorithm => 'SHA1')
-      @hkdf.algorithm.should == 'SHA1'
+      hkdf = HKDF.new('source', :algorithm => 'SHA1')
+      expect(hkdf.algorithm).to eq('SHA1')
     end
 
     it 'defaults salt to all zeros of digest length' do
       salt = 0.chr * 32
 
-      @hkdf_salt = HKDF.new(@source, :algorithm => @algorithm, :salt => salt)
-      @hkdf_nosalt = HKDF.new(@source, :algorithm => @algorithm)
-      @hkdf_salt.next_bytes(32) == @hkdf_nosalt.next_bytes(32)
+      hkdf_salt = HKDF.new(source, :salt => salt)
+      hkdf_nosalt = HKDF.new(source)
+      expect(hkdf_salt.next_bytes(32)).to eq(hkdf_nosalt.next_bytes(32))
     end
 
-    it 'sets salt to all zeros of digest 32 if empty' do
-      @hkdf_blanksalt = HKDF.new(@source, :algorithm => @algorithm, :salt => '')
-      @hkdf_nosalt = HKDF.new(@source, :algorithm => @algorithm)
-      @hkdf_blanksalt.next_bytes(32) == @hkdf_nosalt.next_bytes(32)
+    it 'sets salt to all zeros if empty' do
+      hkdf_blanksalt = HKDF.new(source, :salt => '')
+      hkdf_nosalt = HKDF.new(source)
+      expect(hkdf_blanksalt.next_bytes(32)).to eq(hkdf_nosalt.next_bytes(32))
     end
 
     it 'defaults info to an empty string' do
-      @hkdf_info = HKDF.new(@source, :algorithm => @algorithm, :info => '')
-      @hkdf_noinfo = HKDF.new(@source, :algorithm => @algorithm)
-      @hkdf_info.next_bytes(32) == @hkdf_noinfo.next_bytes(32)
+      hkdf_info = HKDF.new(source, :info => '')
+      hkdf_noinfo = HKDF.new(source)
+      expect(hkdf_info.next_bytes(32)).to eq(hkdf_noinfo.next_bytes(32))
     end
   end
 
   describe 'max_length' do
     it 'is 255 times the digest length' do
-      @hkdf.max_length.should == 255 * 32
+      expect(hkdf.max_length).to eq(255 * 32)
     end
   end
 
   describe 'next_bytes' do
     it 'raises an error if requested size is > max_length' do
-      expect { @hkdf.next_bytes(@hkdf.max_length + 1) }.to raise_error(RangeError, /requested \d+ bytes, only \d+ available/)
-      expect { @hkdf.next_bytes(@hkdf.max_length) }.to_not raise_error(RangeError)
+      expect do
+        hkdf.next_bytes(hkdf.max_length + 1)
+      end.to raise_error(RangeError, /requested \d+ bytes, only \d+ available/)
+
+      expect do
+        hkdf.next_bytes(hkdf.max_length)
+      end.to_not raise_error
     end
 
     it 'raises an error if requested size + current position is > max_length' do
       expect do
-        @hkdf.next_bytes(32)
-        @hkdf.next_bytes(@hkdf.max_length - 31)
+        hkdf.next_bytes(32)
+        hkdf.next_bytes(hkdf.max_length - 31)
       end.to raise_error(RangeError, /requested \d+ bytes, only \d+ available/)
     end
 
     it 'advances the stream position' do
-      @hkdf.next_bytes(32).should_not == @hkdf.next_bytes(32)
+      expect(hkdf.next_bytes(32)).not_to eq(hkdf.next_bytes(32))
     end
 
     test_vectors.each do |name, options|
@@ -86,36 +90,43 @@ describe HKDF do
         options[:algorithm] = options[:Hash]
 
         hkdf = HKDF.new(options[:IKM], options)
-        hkdf.next_bytes(options[:L].to_i).should == options[:OKM]
+        expect(hkdf.next_bytes(options[:L].to_i)).to eq(options[:OKM])
       end
     end
   end
 
   describe 'next_hex_bytes' do
     it 'returns the next bytes as hex' do
-      @hkdf.next_hex_bytes(20).should == 'fb496612b8cb82cd2297770f83c72b377af16d7b'
+      expect(hkdf.next_hex_bytes(20)).to eq('fb496612b8cb82cd2297770f83c72b377af16d7b')
     end
   end
 
   describe 'seek' do
     it 'sets the position anywhere in the stream' do
-      @hkdf.next_bytes(10)
-      output = @hkdf.next_bytes(32)
-      @hkdf.seek(10)
-      @hkdf.next_bytes(32).should == output
+      hkdf.next_bytes(10)
+      output = hkdf.next_bytes(32)
+      hkdf.seek(10)
+      expect(hkdf.next_bytes(32)).to eq(output)
     end
 
     it 'raises an error if requested to seek past end of stream' do
-      expect { @hkdf.seek(@hkdf.max_length + 1) }.to raise_error(RangeError, /cannot seek past \d+/)
-      expect { @hkdf.seek(@hkdf.max_length) }.to_not raise_error(RangeError)
+      expect { hkdf.seek(hkdf.max_length + 1) }.to raise_error(RangeError, /cannot seek past \d+/)
+      expect { hkdf.seek(hkdf.max_length) }.to_not raise_error
     end
   end
 
   describe 'rewind' do
     it 'resets the stream position to the beginning' do
-      output = @hkdf.next_bytes(32)
-      @hkdf.rewind
-      @hkdf.next_bytes(32).should == output
+      output = hkdf.next_bytes(32)
+      hkdf.rewind
+      expect(hkdf.next_bytes(32)).to eq(output)
+    end
+  end
+
+  describe 'inspect' do
+    it 'returns minimal information' do
+      hkdf = HKDF.new('secret', info: 'public')
+      expect(hkdf.inspect).to match(/^#<HKDF:0x[\h]+ algorithm="SHA256" info="public">$/)
     end
   end
 end

data/spec/spec_helper.rb

@@ -1,24 +1,23 @@
 require 'hkdf'
 
 RSpec.configure do |config|
-  config.treat_symbols_as_metadata_keys_with_true_values = true
   config.order = 'random'
 end
 
 def test_vectors
-  test_lines = File.readlines('spec/test_vectors.txt').map(&:strip).reject(&:empty?)
+  test_parts = File.readlines('spec/fixtures/test_vectors.txt').
+    map(&:strip).
+    reject(&:empty?).
+    each_slice(8)
 
-  vectors = {}
-  test_lines.each_slice(8) do |lines|
+  test_parts.reduce({}) do |vectors, lines|
     name = lines.shift
-    values = lines.inject({}) do |hash, line|
+    values = lines.reduce({}) do |hash, line|
       key, value = line.split('=').map(&:strip)
       value = '' unless value
       value = [value.slice(2..-1)].pack('H*') if value.start_with?('0x')
-      hash[key.to_sym] = value
-      hash
+      hash.merge(key.to_sym => value)
     end
-    vectors[name] = values
+    vectors.merge(name => values)
   end
-  vectors
 end

metadata

@@ -1,33 +1,58 @@
 --- !ruby/object:Gem::Specification
 name: hkdf
 version: !ruby/object:Gem::Version
-  version: 0.2.0
-  prerelease: 
+  version: 0.3.0
 platform: ruby
 authors:
 - John Downey
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-09-23 00:00:00.000000000 Z
+date: 2016-11-09 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 10.5.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 10.5.0
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 3.4.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
-description: ! 'A ruby implementation of RFC5869: HMAC-based Extract-and-Expand Key
+        version: 3.4.0
+description: 'A ruby implementation of RFC5869: HMAC-based Extract-and-Expand Key
   Derivation Function (HKDF). The goal of HKDF is to take some source key material
   and generate suitable cryptographic keys from it.'
 email:
@@ -36,36 +61,37 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- lib/hkdf.rb
+- LICENSE
 - README.md
+- lib/hkdf.rb
+- spec/fixtures/test_vectors.txt
 - spec/hkdf_spec.rb
 - spec/spec_helper.rb
-- spec/test_vectors.txt
 homepage: http://github.com/jtdowney/hkdf
-licenses: []
+licenses:
+- MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 2.5.1
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: HMAC-based Key Derivation Function
 test_files:
+- spec/fixtures/test_vectors.txt
 - spec/hkdf_spec.rb
 - spec/spec_helper.rb
-- spec/test_vectors.txt