krypt-ossl 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE +20 -0
- data/README.md +15 -0
- data/lib/krypt/ossl.rb +38 -0
- data/lib/krypt/ossl/pkcs5.rb +17 -0
- data/test/test_pkcs5.rb +100 -0
- metadata +69 -0
data/LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2013 Martin Boßlet
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
krypt-ossl
|
2
|
+
-----------------
|
3
|
+
|
4
|
+
[![Build Status](https://secure.travis-ci.org/krypt/krypt-ossl.png?branch=master)](http://travis-ci.org/krypt/krypt-ossl)
|
5
|
+
|
6
|
+
A [krypt](https://github.com/krypt/krypt) shim that provides the same
|
7
|
+
interface as the Ruby OpenSSL extension.
|
8
|
+
|
9
|
+
For more information about krypt, please have a look at the project and its
|
10
|
+
wiki at
|
11
|
+
|
12
|
+
https://github.com/krypt/krypt
|
13
|
+
|
14
|
+
Copyright (c) 2013
|
15
|
+
Martin Boßlet <Martin.Bosslet@gmail.com>
|
data/lib/krypt/ossl.rb
ADDED
@@ -0,0 +1,38 @@
|
|
1
|
+
=begin
|
2
|
+
|
3
|
+
= Info
|
4
|
+
|
5
|
+
krypt-ossl - A krypt shim to offer the same API as the Ruby OpenSSL extension
|
6
|
+
|
7
|
+
Copyright (C) 2013
|
8
|
+
Martin Bosslet <martin.bosslet@gmail.com>
|
9
|
+
All rights reserved.
|
10
|
+
|
11
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
12
|
+
a copy of this software and associated documentation files (the
|
13
|
+
"Software"), to deal in the Software without restriction, including
|
14
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
15
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
16
|
+
permit persons to whom the Software is furnished to do so, subject to
|
17
|
+
the following conditions:
|
18
|
+
|
19
|
+
The above copyright notice and this permission notice shall be
|
20
|
+
included in all copies or substantial portions of the Software.
|
21
|
+
|
22
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
23
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
24
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
25
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
26
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
27
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
28
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
29
|
+
|
30
|
+
=end
|
31
|
+
|
32
|
+
require 'krypt'
|
33
|
+
|
34
|
+
module OpenSSL
|
35
|
+
class Error < StandardError; end
|
36
|
+
end unless defined? OpenSSL
|
37
|
+
|
38
|
+
require_relative 'ossl/pkcs5'
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module OpenSSL
|
2
|
+
|
3
|
+
#
|
4
|
+
# Offers the same functionality as OpenSSL::PKCS5
|
5
|
+
#
|
6
|
+
module PKCS5
|
7
|
+
module_function
|
8
|
+
|
9
|
+
def pbkdf2_hmac_sha1(pass, salt, iter, keylen)
|
10
|
+
Krypt::PBKDF2.new(Krypt::Digest::SHA1.new).generate(pass, salt, iter, keylen)
|
11
|
+
end
|
12
|
+
|
13
|
+
def pbkdf2_hmac(pass, salt, iter, keylen, digest)
|
14
|
+
Krypt::PBKDF2.new(digest).generate(pass, salt, iter, keylen)
|
15
|
+
end
|
16
|
+
end unless defined? OpenSSL::PKCS5
|
17
|
+
end
|
data/test/test_pkcs5.rb
ADDED
@@ -0,0 +1,100 @@
|
|
1
|
+
# encoding: US-ASCII
|
2
|
+
require_relative 'utils'
|
3
|
+
|
4
|
+
class OpenSSL::TestPKCS5 < Test::Unit::TestCase
|
5
|
+
|
6
|
+
def test_pbkdf2_hmac_sha1_rfc6070_c_1_len_20
|
7
|
+
p ="password"
|
8
|
+
s = "salt"
|
9
|
+
c = 1
|
10
|
+
dk_len = 20
|
11
|
+
raw = %w{ 0c 60 c8 0f 96 1f 0e 71
|
12
|
+
f3 a9 b5 24 af 60 12 06
|
13
|
+
2f e0 37 a6 }
|
14
|
+
expected = [raw.join('')].pack('H*')
|
15
|
+
value = OpenSSL::PKCS5.pbkdf2_hmac_sha1(p, s, c, dk_len)
|
16
|
+
assert_equal(expected, value)
|
17
|
+
end
|
18
|
+
|
19
|
+
def test_pbkdf2_hmac_sha1_rfc6070_c_2_len_20
|
20
|
+
p ="password"
|
21
|
+
s = "salt"
|
22
|
+
c = 2
|
23
|
+
dk_len = 20
|
24
|
+
raw = %w{ ea 6c 01 4d c7 2d 6f 8c
|
25
|
+
cd 1e d9 2a ce 1d 41 f0
|
26
|
+
d8 de 89 57 }
|
27
|
+
expected = [raw.join('')].pack('H*')
|
28
|
+
value = OpenSSL::PKCS5.pbkdf2_hmac_sha1(p, s, c, dk_len)
|
29
|
+
assert_equal(expected, value)
|
30
|
+
end
|
31
|
+
|
32
|
+
def test_pbkdf2_hmac_sha1_rfc6070_c_4096_len_20
|
33
|
+
p ="password"
|
34
|
+
s = "salt"
|
35
|
+
c = 4096
|
36
|
+
dk_len = 20
|
37
|
+
raw = %w{ 4b 00 79 01 b7 65 48 9a
|
38
|
+
be ad 49 d9 26 f7 21 d0
|
39
|
+
65 a4 29 c1 }
|
40
|
+
expected = [raw.join('')].pack('H*')
|
41
|
+
value = OpenSSL::PKCS5.pbkdf2_hmac_sha1(p, s, c, dk_len)
|
42
|
+
assert_equal(expected, value)
|
43
|
+
end
|
44
|
+
|
45
|
+
# takes too long!
|
46
|
+
# def test_pbkdf2_hmac_sha1_rfc6070_c_16777216_len_20
|
47
|
+
# p ="password"
|
48
|
+
# s = "salt"
|
49
|
+
# c = 16777216
|
50
|
+
# dk_len = 20
|
51
|
+
# raw = %w{ ee fe 3d 61 cd 4d a4 e4
|
52
|
+
# e9 94 5b 3d 6b a2 15 8c
|
53
|
+
# 26 34 e9 84 }
|
54
|
+
# expected = [raw.join('')].pack('H*')
|
55
|
+
# value = OpenSSL::PKCS5.pbkdf2_hmac_sha1(p, s, c, dk_len)
|
56
|
+
# assert_equal(expected, value)
|
57
|
+
# end
|
58
|
+
|
59
|
+
def test_pbkdf2_hmac_sha1_rfc6070_c_4096_len_25
|
60
|
+
p ="passwordPASSWORDpassword"
|
61
|
+
s = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
|
62
|
+
c = 4096
|
63
|
+
dk_len = 25
|
64
|
+
|
65
|
+
raw = %w{ 3d 2e ec 4f e4 1c 84 9b
|
66
|
+
80 c8 d8 36 62 c0 e4 4a
|
67
|
+
8b 29 1a 96 4c f2 f0 70
|
68
|
+
38 }
|
69
|
+
expected = [raw.join('')].pack('H*')
|
70
|
+
value = OpenSSL::PKCS5.pbkdf2_hmac_sha1(p, s, c, dk_len)
|
71
|
+
assert_equal(expected, value)
|
72
|
+
end
|
73
|
+
|
74
|
+
def test_pbkdf2_hmac_sha1_rfc6070_c_4096_len_16
|
75
|
+
p ="pass\0word"
|
76
|
+
s = "sa\0lt"
|
77
|
+
c = 4096
|
78
|
+
dk_len = 16
|
79
|
+
raw = %w{ 56 fa 6a a7 55 48 09 9d
|
80
|
+
cc 37 d7 f0 34 25 e0 c3 }
|
81
|
+
expected = [raw.join('')].pack('H*')
|
82
|
+
value = OpenSSL::PKCS5.pbkdf2_hmac_sha1(p, s, c, dk_len)
|
83
|
+
assert_equal(expected, value)
|
84
|
+
end
|
85
|
+
|
86
|
+
def test_pbkdf2_hmac_sha256_c_20000_len_32
|
87
|
+
#unfortunately no official test vectors available yet for SHA-2
|
88
|
+
p ="password"
|
89
|
+
#s = OpenSSL::Random.random_bytes(16)
|
90
|
+
s = Random.new.bytes(16)
|
91
|
+
c = 20000
|
92
|
+
dk_len = 32
|
93
|
+
#digest = OpenSSL::Digest::SHA256.new
|
94
|
+
digest = Krypt::Digest::SHA256.new
|
95
|
+
value1 = OpenSSL::PKCS5.pbkdf2_hmac(p, s, c, dk_len, digest)
|
96
|
+
value2 = OpenSSL::PKCS5.pbkdf2_hmac(p, s, c, dk_len, digest)
|
97
|
+
assert_equal(value1, value2)
|
98
|
+
end if OpenSSL::PKCS5.respond_to?(:pbkdf2_hmac)
|
99
|
+
|
100
|
+
end
|
metadata
ADDED
@@ -0,0 +1,69 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: krypt-ossl
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Martin Bosslet
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2013-02-27 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: krypt
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ! '>='
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: '0'
|
22
|
+
type: :runtime
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - ! '>='
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '0'
|
30
|
+
description: A krypt shim to offer the same API as the Ruby OpenSSL extension. The
|
31
|
+
implementation uses krypt internally.
|
32
|
+
email: Martin.Bosslet@gmail.com
|
33
|
+
executables: []
|
34
|
+
extensions: []
|
35
|
+
extra_rdoc_files:
|
36
|
+
- README.md
|
37
|
+
files:
|
38
|
+
- lib/krypt/ossl.rb
|
39
|
+
- lib/krypt/ossl/pkcs5.rb
|
40
|
+
- LICENSE
|
41
|
+
- README.md
|
42
|
+
- test/test_pkcs5.rb
|
43
|
+
homepage: https://github.com/krypt/krypt-ossl
|
44
|
+
licenses:
|
45
|
+
- MIT
|
46
|
+
post_install_message:
|
47
|
+
rdoc_options: []
|
48
|
+
require_paths:
|
49
|
+
- lib
|
50
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
51
|
+
none: false
|
52
|
+
requirements:
|
53
|
+
- - ! '>='
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
version: 1.9.3
|
56
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
57
|
+
none: false
|
58
|
+
requirements:
|
59
|
+
- - ! '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
requirements: []
|
63
|
+
rubyforge_project:
|
64
|
+
rubygems_version: 1.8.23
|
65
|
+
signing_key:
|
66
|
+
specification_version: 3
|
67
|
+
summary: A wrapper that emulates the OpenSSL extension through krypt
|
68
|
+
test_files:
|
69
|
+
- test/test_pkcs5.rb
|