keystores 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0ecbd40c0a3022aeae1e8f6257e96160909008e5
+  data.tar.gz: c6d278eca9d05a4ca80c0cfa96274b6c3ddfcab4
+SHA512:
+  metadata.gz: 16f5d801475e7d1e13c64648c73205fc02e7fd9364354f95e0c714dd94a7b8724169582e9fca2b01ffe492a696aa2534b0a213c9322c41191dc8557d963f9d8a
+  data.tar.gz: 67d510a0f27ef57792e6e6e1fda4dfcde58f5d70db3be421caaea5360dee55de39a396e1c3c097361534687275938074d48b9e7461599ffe7a06e819f0bd7454

data/.gitignore

@@ -0,0 +1,10 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+.idea

data/.rspec

@@ -0,0 +1,2 @@
+--format documentation
+--color

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - 2.0.0
+before_install: gem install bundler -v 1.10.5

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in keystores.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Ryan Larson
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,69 @@
+# Keystores
+
+This gem provides ruby implementations of different key stores. This was primarily created to provide the ability
+to use many of the good Java key stores from ruby.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'keystores'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install keystores
+
+## Usage
+
+The API for this gem is modeled after the Java `KeyStore` class. All of the `KeyStore` implementations provided by this
+gem conform to the `Keystores::Keystore` interface.
+
+The certificate and key objects that these keystores return and expect are `OpenSSL::X509::Certificate` and
+`OpenSSL::PKey` objects, respectively.
+
+### Supported Key Store types
+
+#### Java Key Store (jks) format
+
+##### Reading
+
+This gem supports reading trusted certificate entries and private key entries. It can read
+and decrypt RSA, DSA, and EC keys.
+
+Example usage:
+
+```
+require 'keystores/java_keystore'
+keystore = Keystores::JavaKeystore.new
+
+# Load can take any IO object, or a path to a file
+key_store_password = 'keystores'
+keystore.load('/tmp/keystore.jks', key_store_password)
+
+certificate = keystore.get_certificate('my_certificate')
+key = keystore.get_key('my_key', key_store_password)
+
+certificate.check_private_key(key)
+
+certificate_chain = keystore.get_certificate_chain('my_key')
+```
+
+##### Writing
+
+This gem supports writing trusted certificate entries and private key entries. It currently supports
+writing DSA, RSA, and EC private key entries.
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/rylarson/keystores.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+

data/Rakefile

@@ -0,0 +1,10 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+require 'rubygems/tasks'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec
+
+#This gives us build, install, and release
+Gem::Tasks.new(:console => false, :sign => false)

data/keystores.gemspec

@@ -0,0 +1,26 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'keystores/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'keystores'
+  spec.version       = Keystores::VERSION
+  spec.authors       = ['Ryan Larson']
+  spec.email         = ['ryan.mango.larson@gmail.com']
+
+  spec.summary       = 'This gem allows applications to interact with different types of keystores'
+  spec.description   = spec.summary
+  spec.homepage      = 'https://github.com/rylarson/keystores'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'rubygems-tasks'
+end

data/lib/keystores.rb

@@ -0,0 +1,5 @@
+require "keystores/version"
+
+module Keystores
+  # Your code goes here...
+end

data/lib/keystores/java_key_store.rb

@@ -0,0 +1,355 @@
+require 'keystores/keystore'
+require 'keystores/jks/key_protector'
+require 'keystores/jks/encrypted_private_key_info'
+require 'thread'
+require 'openssl'
+require 'date'
+
+module Keystores
+  # An implementation of a Java Key Store (JKS) Format
+  class JavaKeystore < Keystore
+
+    TYPE = 'JKS'
+
+    # Defined by JavaKeyStore.java
+    MAGIC = 0xfeedfeed
+    VERSION_1 = 0x01
+    VERSION_2 = 0x02
+    KEY_ENTRY_TAG = 1
+    TRUSTED_CERTIFICATE_ENTRY_TAG = 2
+
+    def initialize
+      @entries = {}
+      @entries_mutex = Mutex.new
+    end
+
+    def aliases
+      @entries.keys
+    end
+
+    def contains_alias(aliaz)
+      @entries.has_key?(aliaz)
+    end
+
+    def delete_entry(aliaz)
+      @entries_mutex.synchronize { @entries.delete(aliaz) }
+    end
+
+    def get_certificate(aliaz)
+      entry = @entries[aliaz]
+      unless entry.nil?
+        if entry.is_a? TrustedCertificateEntry
+          entry.certificate
+        elsif entry.is_a? KeyEntry
+          entry.certificate_chain[0]
+        else
+          nil
+        end
+      end
+    end
+
+    def get_certificate_alias(certificate)
+      @entries.each do |aliaz, entry|
+        if entry.is_a? TrustedCertificateEntry
+          # We have to DER encode both of the certificates because OpenSSL::X509::Certificate doesn't implement equal?
+          return aliaz if certificate.to_der == entry.certificate.to_der
+        elsif entry.is_a? KeyEntry
+          # We have to DER encode both of the certificates because OpenSSL::X509::Certificate doesn't implement equal?
+          return aliaz if certificate.to_der == entry.certificate_chain[0].to_der
+        end
+      end
+      nil
+    end
+
+    def get_certificate_chain(aliaz)
+      entry = @entries[aliaz]
+      if !entry.nil? && entry.is_a?(KeyEntry)
+        entry.certificate_chain
+      else
+        nil
+      end
+    end
+
+    def get_key(aliaz, password)
+      entry = @entries[aliaz]
+
+      # This somewhat odd control flow mirrors the Java code for ease of porting
+      # TODO clean this up
+      if entry.nil? || !entry.is_a?(KeyEntry)
+        return nil
+      end
+
+      if password.nil?
+        raise IOError.new('Password must not be nil')
+      end
+
+      encrypted_private_key = entry.encrypted_private_key
+      encrypted_private_key_info = Keystores::Jks::EncryptedPrivateKeyInfo.new(:encoded => encrypted_private_key)
+      Keystores::Jks::KeyProtector.new(password).recover(encrypted_private_key_info)
+    end
+
+    def get_type
+      TYPE
+    end
+
+    def is_certificate_entry(aliaz)
+      !@entries[aliaz].nil? && @entries[aliaz].is_a?(TrustedCertificateEntry)
+    end
+
+    def is_key_entry(aliaz)
+      !@entries[aliaz].nil? && @entries[aliaz].is_a?(KeyEntry)
+    end
+
+    def load(key_store_file, password)
+      @entries_mutex.synchronize do
+        key_store_bytes = key_store_file.respond_to?(:read) ? key_store_file.read : IO.binread(key_store_file)
+        # We pass this Message Digest around and add all of the bytes we read to it so we can verify integrity
+        md = get_pre_keyed_hash(password)
+
+        magic = read_int!(key_store_bytes, md)
+        version = read_int!(key_store_bytes, md)
+
+        if magic != MAGIC || (version != VERSION_1 && version != VERSION_2)
+          raise IOError.new('Invalid keystore format')
+        end
+
+        count = read_int!(key_store_bytes, md)
+
+        count.times do
+          tag = read_int!(key_store_bytes, md)
+
+          if tag == KEY_ENTRY_TAG
+            key_entry = KeyEntry.new
+            aliaz = read_utf!(key_store_bytes, md)
+            time = read_long!(key_store_bytes, md)
+
+            key_entry.creation_date = time
+
+            private_key_length = read_int!(key_store_bytes, md)
+            encrypted_private_key = key_store_bytes.slice!(0..(private_key_length - 1))
+            md << encrypted_private_key
+
+            key_entry.encrypted_private_key = encrypted_private_key
+
+            number_of_certs = read_int!(key_store_bytes, md)
+
+            certificate_chain = []
+
+            number_of_certs.times do
+              certificate_chain << read_certificate(key_store_bytes, version, md)
+            end
+
+            key_entry.certificate_chain = certificate_chain
+            @entries[aliaz] = key_entry
+          elsif tag == TRUSTED_CERTIFICATE_ENTRY_TAG
+            trusted_cert_entry = TrustedCertificateEntry.new
+            aliaz = read_utf!(key_store_bytes, md)
+            time = read_long!(key_store_bytes, md)
+
+            trusted_cert_entry.creation_date = time
+            certificate = read_certificate(key_store_bytes, version, md)
+            trusted_cert_entry.certificate = certificate
+            @entries[aliaz] = trusted_cert_entry
+          else
+            raise IOError.new('Unrecognized keystore entry')
+          end
+        end
+
+        unless password.nil?
+          verify_key_store_integrity(key_store_bytes, md)
+        end
+      end
+    end
+
+    def set_certificate_entry(aliaz, certificate)
+      @entries_mutex.synchronize do
+        entry = @entries[aliaz]
+        if !entry.nil? && entry.is_a?(KeyEntry)
+          raise ArgumentError.new('Cannot overwrite own certificate')
+        end
+
+        entry = TrustedCertificateEntry.new
+        entry.certificate = certificate
+        # Java uses new Date().getTime() which returns milliseconds since epoch, so we do the same here with %Q
+        entry.creation_date = DateTime.now.strftime('%Q').to_i
+
+        @entries[aliaz] = entry
+      end
+    end
+
+    def set_key_entry(aliaz, key, certificate_chain, password=nil)
+      super
+    end
+
+    def size
+      @entries.size
+    end
+
+    def store(key_store_file, password)
+      @entries_mutex.synchronize do
+        # password is mandatory when storing
+        if password.nil?
+          raise ArgumentError.new("password can't be null")
+        end
+
+        md = get_pre_keyed_hash(password)
+
+        io = key_store_file.respond_to?(:write) ? key_store_file : File.open(key_store_file, 'w')
+
+        write_int(io, MAGIC, md)
+        # Always write the latest version
+        write_int(io, VERSION_2, md)
+        write_int(io, @entries.size, md)
+
+        @entries.each do |aliaz, entry|
+          if entry.is_a? KeyEntry
+            write_int(io, KEY_ENTRY_TAG, md)
+            write_utf(io, aliaz, md)
+            write_long(io, entry.creation_date, md)
+            write_int(io, entry.encrypted_private_key.length, md)
+            write(io, entry.encrypted_private_key, md)
+
+            certificate_chain = entry.certificate_chain
+            chain_length = certificate_chain.nil? ? 0 : certificate_chain.length
+
+            write_int(io, chain_length, md)
+
+            unless certificate_chain.nil?
+              certificate_chain.each { |certificate| write_certificate(io, certificate, md) }
+            end
+          elsif entry.is_a? TrustedCertificateEntry
+            write_int(io, TRUSTED_CERTIFICATE_ENTRY_TAG, md)
+            write_utf(io, aliaz, md)
+            write_long(io, entry.creation_date, md)
+            write_certificate(io, entry.certificate, md)
+          else
+            raise IOError.new('Unrecognized keystore entry')
+          end
+        end
+        # Write the keyed hash which is used to detect tampering with
+        # the keystore (such as deleting or modifying key or
+        # certificate entries).
+        io.write(md.digest)
+        io.flush
+      end
+    end
+
+    private
+
+    def read_certificate(key_store_bytes, version, md)
+      # If we are a version 2 JKS, we check to see if we have the right certificate type
+      # Version 1 JKS format unconditionally assumed X509
+      if version == 2
+        cert_type = read_utf!(key_store_bytes, md)
+        if cert_type != 'X.509' && cert_type != 'X509'
+          raise IOError.new("Unrecognized certificate type: #{cert_type}")
+        end
+      end
+      certificate_length = read_int!(key_store_bytes, md)
+      certificate = key_store_bytes.slice!(0..(certificate_length - 1))
+      md << certificate
+      OpenSSL::X509::Certificate.new(certificate)
+    end
+
+    def write_certificate(file, certificate, md)
+      encoded = certificate.to_der
+      write_utf(file, 'X.509', md)
+      write_int(file, encoded.length, md)
+      write(file, encoded, md)
+    end
+
+    # Derive a key in the same goofy way that Java does
+    def get_pre_keyed_hash(password)
+      md = OpenSSL::Digest::SHA1.new
+      passwd_bytes = []
+      password.unpack('c*').each do |byte|
+        passwd_bytes << (byte >> 8)
+        passwd_bytes << byte
+      end
+      md << passwd_bytes.pack('c*')
+      md << 'Mighty Aphrodite'.force_encoding('UTF-8')
+      md
+    end
+
+    def verify_key_store_integrity(key_store_bytes, md)
+      # The remaining key store bytes are the password based hash
+      actual_hash = key_store_bytes
+      computed_hash = md.digest
+
+      # TODO, change how we compare these to defend against timing attacks even though JAVA doesn't
+      if actual_hash != computed_hash
+        raise IOError.new('Keystore was tampered with, or password was incorrect')
+      end
+    end
+
+    # Java uses DataInputStream#readInt() which is defined as reading 4 bytes and interpreting it as an int
+    def read_int!(bytes, md)
+      bytes = bytes.slice!(0..3)
+      md << bytes
+      bytes.unpack('N')[0]
+    end
+
+    # Java uses DataInputStream#readUnsignedShort() which is defined as reading 2 bytes and interpreting it as an int
+    def read_unsigned_short!(bytes, md)
+      bytes = bytes.slice!(0..1)
+      md << bytes
+      bytes.unpack('n')[0]
+    end
+
+    # Java uses DataInputStream#readUTF which does a bunch of crap to read a modified UTF-8 format
+    # TODO, this is a bit of a hack, but seems to work fine. We just assume we get a string out of the array
+    def read_utf!(bytes, md)
+      utf_length = read_unsigned_short!(bytes, md)
+      bytes = bytes.slice!(0..(utf_length - 1))
+      md << bytes
+      bytes
+    end
+
+    # Java uses DataInputStream#readLong which is defined as reading 8 bytes and interpreting it as a signed long
+    def read_long!(bytes, md)
+      bytes = bytes.slice!(0..7)
+      md << bytes
+      bytes.unpack('q>')[0]
+    end
+
+    # Java uses DataOutputStream#writeUTF to write the length + string
+    def write_utf(file, string, md)
+      write_short(file, string.length, md)
+      write(file, string, md)
+    end
+
+    # Java uses DataInputStream#writeInt() which writes a 32 bit integer
+    def write_int(file, int, md)
+      int = [int].pack('N')
+      md << int
+      file.write(int)
+    end
+
+    # Java uses DataInputStream#writeShort() which writes a 16 bit integer
+    def write_short(file, short, md)
+      short = [short].pack('n')
+      md << short
+      file.write(short)
+    end
+
+    # Java uses DataInputStream#writeLong which writes a 64 bit integer
+    def write_long(file, long, md)
+      long = [long].pack('q>')
+      md << long
+      file.write(long)
+    end
+
+    def write(file, bytes, md)
+      md << bytes
+      file.write(bytes)
+    end
+
+    class KeyEntry
+      attr_accessor :creation_date, :encrypted_private_key, :certificate_chain
+    end
+
+    class TrustedCertificateEntry
+      attr_accessor :creation_date, :certificate
+    end
+  end
+end

data/lib/keystores/jks/encrypted_private_key_info.rb

@@ -0,0 +1,49 @@
+# This class implements the EncryptedPrivateKeyInfo type,
+# which is defined in PKCS #8 as follows:
+#
+#   EncryptedPrivateKeyInfo ::=  SEQUENCE {
+#      encryptionAlgorithm   AlgorithmIdentifier,
+#      encryptedData   OCTET STRING }
+#
+
+require 'openssl'
+
+module Keystores
+  module Jks
+    class EncryptedPrivateKeyInfo
+      attr_accessor :encrypted_data, :algorithm, :encoded
+
+      def initialize(opts = {})
+        # Parses from encoded private key
+        if opts.has_key?(:encoded)
+          encoded = opts[:encoded]
+          @asn1 = OpenSSL::ASN1.decode(encoded)
+          @encrypted_data = @asn1.value[1].value
+          @algorithm = @asn1.value[0].value[0].value
+          @encoded = encoded
+        else
+          @algorithm = opts[:algorithm]
+          @encrypted_data = opts[:encrypted_data]
+          @encoded = encode(@algorithm, @encrypted_data)
+        end
+      end
+
+      private
+
+      # Java actually encodes:
+      #
+      #   EncryptedPrivateKeyInfo ::=  SEQUENCE {
+      #      SEQUENCE {
+      #      null,
+      #      encryptionAlgorithm   AlgorithmIdentifier},
+      #      encryptedData   OCTET STRING }
+      def encode(algorithm, encrypted_data)
+        a = OpenSSL::ASN1::ObjectId.new(algorithm)
+        null = OpenSSL::ASN1::Null.new(nil)
+        oid_sequence = OpenSSL::ASN1::Sequence.new([a, null])
+        d = OpenSSL::ASN1::OctetString.new(encrypted_data)
+        OpenSSL::ASN1::Sequence.new([oid_sequence, d]).to_der
+      end
+    end
+  end
+end

data/lib/keystores/jks/key_protector.rb

@@ -0,0 +1,191 @@
+require 'openssl'
+require 'securerandom'
+require 'keystores/jks/pkcs8_key'
+require 'keystores/jks/encrypted_private_key_info'
+
+# This is an implementation of a Sun proprietary, exportable algorithm
+# intended for use when protecting (or recovering the cleartext version of)
+# sensitive keys.
+# This algorithm is not intended as a general purpose cipher.
+#
+# This is how the algorithm works for key protection:
+# p - user password
+# s - random salt
+# X - xor key
+# P - to-be-protected key
+# Y - protected key
+# R - what gets stored in the keystore
+#
+# Step 1:
+# Take the user's password, append a random salt (of fixed size) to it,
+# and hash it: d1 = digest(p, s)
+# Store d1 in X.
+#
+# Step 2:
+# Take the user's password, append the digest result from the previous step,
+# and hash it: dn = digest(p, dn-1).
+# Store dn in X (append it to the previously stored digests).
+# Repeat this step until the length of X matches the length of the private key P.
+#
+# Step 3:
+# XOR X and P, and store the result in Y: Y = X XOR P.
+#
+# Step 4:
+# Store s, Y, and digest(p, P) in the result buffer R:
+# R = s + Y + digest(p, P), where "+" denotes concatenation.
+# (NOTE: digest(p, P) is stored in the result buffer, so that when the key is
+# recovered, we can check if the recovered key indeed matches the original
+# key.) R is stored in the keystore.
+#
+# The protected key is recovered as follows:
+#
+# Step1 and Step2 are the same as above, except that the salt is not randomly
+# generated, but taken from the result R of step 4 (the first length(s)
+# bytes).
+#
+# Step 3 (XOR operation) yields the plaintext key.
+#
+# Then concatenate the password with the recovered key, and compare with the
+# last length(digest(p, P)) bytes of R. If they match, the recovered key is
+# indeed the same key as the original key.
+
+module Keystores
+  module Jks
+    class KeyProtector
+      SALT_LEN = 20
+      DIGEST_LEN = 20
+      KEY_PROTECTOR_OID = '1.3.6.1.4.1.42.2.17.1.1'
+
+      def initialize(password)
+        @password = password
+        @passwd_bytes = []
+        password.unpack('c*').each do |byte|
+          @passwd_bytes << (byte >> 8)
+          @passwd_bytes << byte
+        end
+        @message_digest = OpenSSL::Digest::SHA1.new
+      end
+
+      def protect(key)
+        if key.nil?
+          raise ArgumentError.new("plaintext key can't be null")
+        end
+
+        plain_key = key.to_pkcs8_der.unpack('c*')
+
+        # Determine the number of digest rounds
+        num_rounds = plain_key.length / DIGEST_LEN
+        num_rounds += 1 if (plain_key.length % DIGEST_LEN) != 0
+
+        salt = SecureRandom.random_bytes(SALT_LEN)
+        xor_key = Array.new(plain_key.length, 0)
+
+        xor_offset = 0
+        digest = salt
+
+        # Compute the digests, and store them in xor_key
+        for i in 1..num_rounds
+          @message_digest.update(@passwd_bytes.pack('c*'))
+          @message_digest.update(digest)
+          digest = @message_digest.digest
+          @message_digest.reset
+
+          if i < num_rounds
+            xor_key[xor_offset..(digest.length + xor_offset -1)] = digest.bytes
+          else
+            xor_key[xor_offset..-1] = digest[0..(xor_key.length - xor_offset - 1)].bytes
+          end
+          xor_offset += DIGEST_LEN
+        end
+
+        # XOR plain_key with xor_key, and store the result in tmpKey
+        tmp_key = []
+        for i in 0..(plain_key.length - 1)
+          tmp_key[i] = plain_key[i] ^ xor_key[i]
+        end
+
+        # Store salt and tmp_key in encr_key
+        encr_key = salt.unpack('c*') + tmp_key
+
+        # Append digest(password, plain_key) as an integrity check to encr_key
+        @message_digest << @passwd_bytes.pack('c*')
+        @passwd_bytes.fill(0)
+        @passwd_bytes = nil
+        @message_digest << plain_key.pack('c*')
+        digest = @message_digest.digest
+        @message_digest.reset
+
+        encr_key += digest.unpack('c*')
+        Keystores::Jks::EncryptedPrivateKeyInfo.new(:algorithm => KEY_PROTECTOR_OID,
+                                                    :encrypted_data => encr_key.pack('c*')).encoded
+      end
+
+      def recover(encrypted_private_key_info)
+        unless encrypted_private_key_info.algorithm == KEY_PROTECTOR_OID
+          raise IOError.new("Unsupported key protection algorithm: #{encrypted_private_key_info.algorithm}")
+        end
+
+        protected_key = encrypted_private_key_info.encrypted_data
+
+        # Get the salt associated with this key (the first SALT_LEN bytes of protected_key)
+        salt = protected_key.slice(0..(SALT_LEN - 1))
+
+        # Determine the number of digest rounds
+        encr_key_len = protected_key.length - SALT_LEN - DIGEST_LEN
+        num_rounds = encr_key_len / DIGEST_LEN
+        num_rounds += 1 if (encr_key_len % DIGEST_LEN) != 0
+
+        # Get the encrypted key portion
+        encr_key = protected_key.slice(SALT_LEN..(encr_key_len + SALT_LEN - 1))
+
+        xor_key = Array.new(encr_key.size, 0)
+        xor_offset = 0
+
+        digest = salt
+        # Compute the digests, and store them in xor_key
+        for i in 1..num_rounds
+          @message_digest.update(@passwd_bytes.pack('c*'))
+          @message_digest.update(digest)
+          digest = @message_digest.digest
+          @message_digest.reset
+
+          if i < num_rounds
+            xor_key[xor_offset..(digest.length + xor_offset -1)] = digest.bytes
+          else
+            xor_key[xor_offset..-1] = digest[0..(xor_key.length - xor_offset - 1)].bytes
+          end
+          xor_offset += DIGEST_LEN
+        end
+
+        # XOR encr_key with xor_key, and store the result in plain_key
+        plain_key = []
+        encr_key_unpacked = encr_key.bytes
+
+        for i in 0..(encr_key.size - 1)
+          plain_key[i] = encr_key_unpacked[i] ^ xor_key[i]
+        end
+
+        # Check the integrity of the recovered key by concatenating it with
+        # the password, digesting the concatenation, and comparing the
+        # result of the digest operation with the digest provided at the end
+        # of protected_key. If the two digest values are
+        # * different, raise an error.
+        @message_digest << @passwd_bytes.pack('c*')
+        @passwd_bytes.fill(0)
+        @passwd_bytes = nil
+        @message_digest << plain_key.pack('c*')
+        digest = @message_digest.digest
+        @message_digest.reset
+
+        for i in 0..(digest.length - 1)
+          if digest[i] != protected_key[SALT_LEN + encr_key_len + i]
+            raise IOError.new('Cannot recover key')
+          end
+        end
+        OpenSSL::PKey.pkcs8_parse(plain_key.pack('c*'))
+      end
+    end
+  end
+end
+
+

data/lib/keystores/jks/pkcs8_key.rb

@@ -0,0 +1,172 @@
+require 'base64'
+require 'openssl'
+
+module OpenSSL
+  module PKey
+    class EC
+      original_initialize = instance_method(:initialize)
+
+      define_method(:initialize) do |der_or_pem|
+        init = original_initialize.bind(self)
+        begin
+          init.(der_or_pem)
+        rescue Exception
+          # If we blow up trying to parse the key, we might be der encoded PKCS8, and if we are, convert ourselves
+          # to PEM and try again.
+          init.(OpenSSL::PKey.der_to_pem(der_or_pem))
+        end
+      end
+
+      def to_pkcs8
+        integer = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new('0'))
+        oid = OpenSSL::ASN1::ObjectId.new('id-ecPublicKey')
+        curve_name = OpenSSL::ASN1::ObjectId.new(self.group.curve_name)
+        sequence = OpenSSL::ASN1::Sequence.new([oid, curve_name])
+        octet_string = OpenSSL::ASN1::OctetString.new(encode_private_key.to_der)
+        OpenSSL::ASN1::Sequence.new([integer, sequence, octet_string])
+      end
+
+      def to_pkcs8_der
+        to_pkcs8.to_der
+      end
+
+      def to_pkcs8_pem
+        to_pkcs8.to_pem
+      end
+
+      private
+
+      # ASN.1 syntax for EC private keys from SEC 1 v1.5 (draft):
+      #
+      # ECPrivateKey ::= SEQUENCE {
+      #   version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+      #   privateKey OCTET STRING,
+      #   parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL,
+      #   publicKey [1] BIT STRING OPTIONAL
+      # }
+      #
+      # We currently ignore the optional parameters and publicKey fields.
+      # We encode the parameters are as part of the curve name,
+      # not in the private key structure.We do this because Java expects things
+      # to be encoded this way
+      def encode_private_key
+        version = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new('1'))
+        # The private key is stored as the twos complement binary representation
+        priv_key = OpenSSL::ASN1::OctetString(private_key.to_s(2))
+        OpenSSL::ASN1::Sequence.new([version, priv_key])
+      end
+    end
+
+    class RSA
+      original_initialize = instance_method(:initialize)
+
+      define_method(:initialize) do |der_or_pem|
+        init = original_initialize.bind(self)
+        begin
+          init.(der_or_pem)
+        rescue Exception
+          # If we blow up trying to parse the key, we might be der encoded PKCS8, and if we are, convert ourselves
+          # to PEM and try again.
+          init.(OpenSSL::PKey.der_to_pem(der_or_pem))
+        end
+      end
+
+      def to_pkcs8
+        integer = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new('0'))
+        oid = OpenSSL::ASN1::ObjectId.new('rsaEncryption')
+        sequence = OpenSSL::ASN1::Sequence.new([oid, OpenSSL::ASN1::Null.new(nil)])
+
+        params = self.params
+        version = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new('0'))
+        n = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['n']))
+        e = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['e']))
+        d = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['d']))
+        p = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['p']))
+        q = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['q']))
+        dmp1 = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['dmp1']))
+        dmq1 = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['dmq1']))
+        iqmp = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['iqmp']))
+
+        params_sequence = OpenSSL::ASN1::Sequence.new([version, n, e, d, p, q, dmp1, dmq1, iqmp])
+
+        octet_string = OpenSSL::ASN1::OctetString.new(params_sequence.to_der)
+        OpenSSL::ASN1::Sequence.new([integer, sequence, octet_string])
+      end
+
+      def to_pkcs8_der
+        to_pkcs8.to_der
+      end
+
+      def to_pkcs8_pem
+        to_pkcs8.to_pem
+      end
+    end
+
+    class DSA
+      original_initialize = instance_method(:initialize)
+
+      define_method(:initialize) do |der_or_pem|
+        init = original_initialize.bind(self)
+        begin
+          init.(der_or_pem)
+        rescue Exception
+          # If we blow up trying to parse the key, we might be der encoded PKCS8, and if we are, convert ourselves
+          # to PEM and try again.
+          init.(OpenSSL::PKey.der_to_pem(der_or_pem))
+        end
+      end
+
+      def to_pkcs8
+        params = self.params
+        integer = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new('0'))
+        oid = OpenSSL::ASN1::ObjectId.new('DSA')
+        p = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['p']))
+        q = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['q']))
+        g = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['g']))
+        param_sequence = OpenSSL::ASN1::Sequence.new([p, q, g])
+        sequence = OpenSSL::ASN1::Sequence.new([oid, param_sequence])
+        octet_string = OpenSSL::ASN1::OctetString.new(OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(params['priv_key'])).to_der)
+        OpenSSL::ASN1::Sequence.new([integer, sequence, octet_string])
+      end
+
+      def to_pkcs8_der
+        to_pkcs8.to_der
+      end
+
+      def to_pkcs8_pem
+        to_pkcs8.to_pem
+      end
+    end
+
+    # Parse the correct type of OpenSSL::PKey from a der encoded PKCS8 private key
+    def self.pkcs8_parse(der_bytes)
+      key_type = extract_key_type(der_bytes)
+      # pem = der_to_pem(der_bytes)
+      OpenSSL::PKey.const_get(key_type).new(der_bytes)
+    end
+
+    private
+
+    def self.extract_key_type(der_bytes)
+      asn1 = OpenSSL::ASN1.decode(der_bytes)
+      algorithm = asn1.value[1].value[0].value.downcase
+      if algorithm.include? 'rsa'
+        'RSA'
+      elsif algorithm.include? 'ec'
+        'EC'
+      elsif algorithm.include? 'dsa'
+        'DSA'
+      end
+    end
+
+    def self.der_to_pem(der)
+      box(Base64.strict_encode64(der).scan(/.{1,64}/))
+    end
+
+    def self.box(lines)
+      lines.unshift '-----BEGIN PRIVATE KEY-----'
+      lines.push '-----END PRIVATE KEY-----'
+      lines.join("\n")
+    end
+  end
+end

data/lib/keystores/keystore.rb

@@ -0,0 +1,91 @@
+module Keystores
+  class Keystore
+
+    @@registry = {}
+
+    # Get an instance of a key store, given a key store algorithm string
+    def self.get_instance(key_store_algorithm)
+      @@registry[key_store_algorithm].new
+    end
+
+    # Register your key store algorithm
+    def self.register_algorithm(algorithm, clazz)
+      @@registry[algorithm] = clazz
+    end
+
+    # Lists all the alias names of this keystore.
+    def aliases
+
+    end
+
+    # Checks if the given alias exists in this keystore.
+    def contains_alias(aliaz)
+
+    end
+
+    # Deletes the entry identified by the given alias from this keystore.
+    def delete_entry(aliaz)
+
+    end
+
+    # Returns the certificate associated with the given alias.
+    def get_certificate(aliaz)
+
+    end
+
+    # Returns the (alias) name of the first keystore entry whose certificate matches the given certificate.
+    def get_certificate_alias(certificate)
+
+    end
+
+    # Returns the certificate chain associated with the given alias.
+    def get_certificate_chain(aliaz)
+
+    end
+
+    # Returns the key associated with the given alias, using the given password to recover it.
+    def get_key(aliaz, password)
+
+    end
+
+    # Returns the type of this keystore.
+    def get_type
+
+    end
+
+    # Returns true if the entry identified by the given alias was created by a call to #set_certificate_entry
+    def is_certificate_entry(aliaz)
+
+    end
+
+    # Returns true if the entry identified by the given alias was created by a call to #set_key_entry
+    def is_key_entry(aliaz)
+
+    end
+
+    # Loads this Keystore from the given path.
+    def load(key_store_file, password)
+
+    end
+
+    # Stores this keystore to the given path, and protects its integrity with the given password.
+    def store(key_store_file, password)
+
+    end
+
+    # Assigns the given trusted certificate to the given alias.
+    def set_certificate_entry(aliaz, certificate)
+
+    end
+
+    # Assigns the given key to the given alias. If password is nil, it is assumed that the key is already protected
+    def set_key_entry(aliaz, key, certificate_chain, password = nil)
+
+    end
+
+    # Retrieves the number of entries in this keystore.
+    def size
+
+    end
+  end
+end

data/lib/keystores/version.rb

@@ -0,0 +1,3 @@
+module Keystores
+  VERSION = '0.1.0'
+end

metadata

@@ -0,0 +1,115 @@
+--- !ruby/object:Gem::Specification
+name: keystores
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Ryan Larson
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2016-04-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubygems-tasks
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: This gem allows applications to interact with different types of keystores
+email:
+- ryan.mango.larson@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- .travis.yml
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- keystores.gemspec
+- lib/keystores.rb
+- lib/keystores/java_key_store.rb
+- lib/keystores/jks/encrypted_private_key_info.rb
+- lib/keystores/jks/key_protector.rb
+- lib/keystores/jks/pkcs8_key.rb
+- lib/keystores/keystore.rb
+- lib/keystores/version.rb
+homepage: https://github.com/rylarson/keystores
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.8
+signing_key: 
+specification_version: 4
+summary: This gem allows applications to interact with different types of keystores
+test_files: []