hpke 0.1.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -1
  3. data/hpke.gemspec +36 -0
  4. data/lib/hpke/version.rb +1 -1
  5. data/lib/hpke.rb +27 -31
  6. metadata +6 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c0ff20003913867f648466cb8136e73218c7dd917087c98f7d86ef8fd2049a11
4
- data.tar.gz: 47901efa463ad51eebe04bface377e9dda4c24497a4b12039c64bc966b98c2d9
3
+ metadata.gz: b2428f5f16865e10e78a4e67bcf58081715899957789e841454b066f4a86d955
4
+ data.tar.gz: 15b28f1c5bfdddb03a054fa65d6a0ccecc2d00af55bfdf49416f3db1459e51bf
5
5
  SHA512:
6
- metadata.gz: 1bbd503dd86c43bcb19fc188338cc9119b35a2bc5e6812a1404c19f8e198b7c71c0a18d3e1ff81d9ee3658575044995dba5ac092229b61298c7e79ed2e679faf
7
- data.tar.gz: ac0ac0b079d9a8b8c3d7e60d6d90e0109d31150ae44f433b815d1a62fce9b3bb70dc707112c7a7155f94f3e7df171a11fa3ef97ba4fccbf509a7d911866b170b
6
+ metadata.gz: b443a11d1fa8913b29bfb2b8fb26dc30d37162acbb5528e5ccdd361f59992d34bc4660cd581cbca4c009804b65d76dfdf9fbb0de2ed5f9b993a141256a34cfde
7
+ data.tar.gz: 0c40bccf4ba67f67f227ee4dab8b2adcc26ca1d08ef411e775684e0add0bc20395a635af80857378ea6854b26b59f819b077204df127772c496339f7f451504f
data/README.md CHANGED
@@ -1,5 +1,7 @@
1
1
  # hpke-rb
2
2
 
3
+ [![Gem Version](https://badge.fury.io/rb/hpke.svg)](https://badge.fury.io/rb/hpke)
4
+
3
5
  Hybrid Public Key Encryption (HPKE; [RFC 9180](https://datatracker.ietf.org/doc/html/rfc9180)) in Ruby
4
6
 
5
7
  ## Note
@@ -103,7 +105,7 @@ context_r.open('authentication_associated_data', ciphertext)
103
105
  - Hash names (parameter 2 and 3)
104
106
  - `:sha256`, `:sha384`, `:sha512`
105
107
  - AEAD function names (parameter 4)
106
- - `:aes_128_gcm`, `:aes_256_gcm`, `:chacha20_poly1305`, `:`
108
+ - `:aes_128_gcm`, `:aes_256_gcm`, `:chacha20_poly1305`, `:export_only`
107
109
 
108
110
  ## Development
109
111
 
data/hpke.gemspec ADDED
@@ -0,0 +1,36 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "lib/hpke/version"
4
+
5
+ Gem::Specification.new do |spec|
6
+ spec.name = "hpke"
7
+ spec.version = HPKE::VERSION
8
+ spec.authors = ["Ryo Kajiwara"]
9
+ spec.email = ["sylph01@s01.ninja"]
10
+
11
+ spec.summary = "Hybrid Public Key Encryption (HPKE; RFC 9180) on Ruby"
12
+ spec.description = "Hybrid Public Key Encryption (HPKE; RFC 9180) on Ruby"
13
+ spec.homepage = "https://github.com/sylph01/hpke-rb"
14
+ spec.license = "MIT"
15
+ spec.required_ruby_version = ">= 3.1.0"
16
+
17
+ spec.metadata["homepage_uri"] = spec.homepage
18
+ spec.metadata["source_code_uri"] = "https://github.com/sylph01/hpke-rb"
19
+
20
+ # Specify which files should be added to the gem when it is released.
21
+ # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
22
+ spec.files = Dir.chdir(__dir__) do
23
+ `git ls-files -z`.split("\x0").reject do |f|
24
+ (File.expand_path(f) == __FILE__) || f.start_with?(*%w[bin/ test/ spec/ features/ .git .circleci appveyor])
25
+ end
26
+ end
27
+ spec.bindir = "exe"
28
+ spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
29
+ spec.require_paths = ["lib"]
30
+
31
+ # Uncomment to register a new dependency of your gem
32
+ spec.add_dependency "openssl", "~> 3.3.0"
33
+
34
+ # For more information and examples about making a new gem, check out our
35
+ # guide at: https://bundler.io/guides/creating_gem.html
36
+ end
data/lib/hpke/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  class HPKE
4
- VERSION = "0.1.0"
4
+ VERSION = "0.3.0"
5
5
  end
data/lib/hpke.rb CHANGED
@@ -168,6 +168,30 @@ class HPKE
168
168
  @hkdf.labeled_expand(exporter_secret, 'sec', exporter_context, len, suite_id)
169
169
  end
170
170
 
171
+ def aead_encrypt(key, nonce, aad, pt)
172
+ cipher = OpenSSL::Cipher.new(aead_name)
173
+ cipher.encrypt
174
+ cipher.key = key
175
+ cipher.iv = nonce
176
+ cipher.auth_data = aad
177
+ cipher.padding = 0
178
+ s = cipher.update(pt) << cipher.final
179
+ s + cipher.auth_tag
180
+ end
181
+
182
+ def aead_decrypt(key, nonce, aad, ct)
183
+ ct_body = ct[0, ct.length - n_t]
184
+ tag = ct[-n_t, n_t]
185
+ cipher = OpenSSL::Cipher.new(aead_name)
186
+ cipher.decrypt
187
+ cipher.key = key
188
+ cipher.iv = nonce
189
+ cipher.auth_tag = tag
190
+ cipher.auth_data = aad
191
+ cipher.padding = 0
192
+ cipher.update(ct_body) << cipher.final
193
+ end
194
+
171
195
  private
172
196
 
173
197
  def suite_id
@@ -254,47 +278,19 @@ class HPKE::ContextS < HPKE::Context
254
278
  def seal(aad, pt)
255
279
  raise Exception.new('AEAD is export only') if @hpke.aead_name == :export_only
256
280
 
257
- ct = cipher_seal(@key, compute_nonce(@sequence_number), aad, pt)
281
+ ct = @hpke.aead_encrypt(@key, compute_nonce(@sequence_number), aad, pt)
258
282
  increment_seq
259
283
  ct
260
284
  end
261
-
262
- private
263
-
264
- def cipher_seal(key, nonce, aad, pt)
265
- cipher = OpenSSL::Cipher.new(@hpke.aead_name)
266
- cipher.encrypt
267
- cipher.key = key
268
- cipher.iv = nonce
269
- cipher.auth_data = aad
270
- cipher.padding = 0
271
- s = cipher.update(pt) << cipher.final
272
- s + cipher.auth_tag
273
- end
274
285
  end
275
286
 
276
287
  class HPKE::ContextR < HPKE::Context
277
288
  def open(aad, ct)
278
289
  raise Exception.new('AEAD is export only') if @hpke.aead_name == :export_only
279
290
 
280
- pt = cipher_open(@key, compute_nonce(@sequence_number), aad, ct)
291
+ pt = @hpke.aead_decrypt(@key, compute_nonce(@sequence_number), aad, ct)
281
292
  # TODO: catch openerror then send out own openerror
282
293
  increment_seq
283
294
  pt
284
295
  end
285
-
286
- private
287
-
288
- def cipher_open(key, nonce, aad, ct)
289
- ct_body = ct[0, ct.length - @hpke.n_t]
290
- tag = ct[-@hpke.n_t, @hpke.n_t]
291
- cipher = OpenSSL::Cipher.new(@hpke.aead_name)
292
- cipher.decrypt
293
- cipher.key = key
294
- cipher.iv = nonce
295
- cipher.auth_tag = tag
296
- cipher.auth_data = aad
297
- cipher.padding = 0
298
- cipher.update(ct_body) << cipher.final
299
- end
300
- end
296
+ end
metadata CHANGED
@@ -1,14 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hpke
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ryo Kajiwara
8
- autorequire:
9
8
  bindir: exe
10
9
  cert_chain: []
11
- date: 2023-07-15 00:00:00.000000000 Z
10
+ date: 2025-04-04 00:00:00.000000000 Z
12
11
  dependencies:
13
12
  - !ruby/object:Gem::Dependency
14
13
  name: openssl
@@ -16,14 +15,14 @@ dependencies:
16
15
  requirements:
17
16
  - - "~>"
18
17
  - !ruby/object:Gem::Version
19
- version: 3.0.0
18
+ version: 3.3.0
20
19
  type: :runtime
21
20
  prerelease: false
22
21
  version_requirements: !ruby/object:Gem::Requirement
23
22
  requirements:
24
23
  - - "~>"
25
24
  - !ruby/object:Gem::Version
26
- version: 3.0.0
25
+ version: 3.3.0
27
26
  description: Hybrid Public Key Encryption (HPKE; RFC 9180) on Ruby
28
27
  email:
29
28
  - sylph01@s01.ninja
@@ -37,6 +36,7 @@ files:
37
36
  - LICENSE.txt
38
37
  - README.md
39
38
  - Rakefile
39
+ - hpke.gemspec
40
40
  - lib/hpke.rb
41
41
  - lib/hpke/dhkem.rb
42
42
  - lib/hpke/hkdf.rb
@@ -49,7 +49,6 @@ licenses:
49
49
  metadata:
50
50
  homepage_uri: https://github.com/sylph01/hpke-rb
51
51
  source_code_uri: https://github.com/sylph01/hpke-rb
52
- post_install_message:
53
52
  rdoc_options: []
54
53
  require_paths:
55
54
  - lib
@@ -64,8 +63,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
64
63
  - !ruby/object:Gem::Version
65
64
  version: '0'
66
65
  requirements: []
67
- rubygems_version: 3.4.10
68
- signing_key:
66
+ rubygems_version: 3.6.5
69
67
  specification_version: 4
70
68
  summary: Hybrid Public Key Encryption (HPKE; RFC 9180) on Ruby
71
69
  test_files: []