krypter 1.0.0 → 1.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7e0dfa5c8ff00e53057804420023fe37efb06f4b
-  data.tar.gz: b7daec95060bf484e2203fce88174f383375a0b6
+  metadata.gz: cb0a9a64893aff504e77095a510ba548c8b40492
+  data.tar.gz: d2d33978f856c3aa0cb92f3554f9623e90658de4
 SHA512:
-  metadata.gz: 8260c08cb857ee43e15a2652bfb3a17141cae99c6e9345a9772eb7b5e2dcf2d7f0e5fbf339a97674a901e7c9b9eb9a1a9a672bf9197c8556922d5128f9066d8a
-  data.tar.gz: f0a2c5226ea6b3add326e8760398d80f07c8a2073208aa4f60ff0d90acb91148cfecbd6c1c3feae3526f3232ca4754ef050ebb226a4190a67f9cb5ebad34f9d3
+  metadata.gz: 4e8476f5bbcaf9b8b919255fc4e26e870845b85969c0dd993c74e3233b0ad7b0b0261b64d992c47116c2ac2c32f49d171abefb10f48e65fa5198dd595e1a6d23
+  data.tar.gz: d082f85b4c2107e683285c6819f2d761c64f592dff1f27fd1f0fc82178933269ebcc16e8fd3ace5862f9b4a59c7be9db575aa8282d0f13d04e32fa70f40606e8

data/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2014 Francesco Rodríguez
+Copyright (c) 2014-2015 Francesco Rodríguez
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -1,8 +1,29 @@
-krypter
+Krypter [![Build Status](https://travis-ci.org/frodsan/krypter.svg)](https://travis-ci.org/frodsan/krypter)
 =======
 
 Encrypts messages with authentication.
 
+Installation
+------------
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem "krypter"
+```
+
+And then execute:
+
+```
+$ bundle
+```
+
+Or install it yourself as:
+
+```
+$ gem install krypter
+```
+
 Usage
 -----
 
@@ -39,16 +60,40 @@ to prevent tampering and chosen ciphertext attacks.
 The defaults can be changed when instantiating the encryptor object.
 
 ```ruby
-encryptor = Encryptor.new(secret,
+encryptor = Krypter.new(secret,
   cipher: "aes-256-cbc",
   digest: "SHA256",
   separator: "--"
 )
 ```
 
-Installation
+Contributing
 ------------
 
+Fork the project with:
+
 ```
-$ gem install krypter
+$ git clone git@gitlab.com:frodsan/krypter.git
+```
+
+To install dependencies, use:
+
 ```
+$ bundle install
+```
+
+To run the test suite, do:
+
+```
+$ rake test
+```
+
+For bug reports and pull requests, use [GitLab][issues].
+
+License
+-------
+
+Krypter is released under the [MIT License][mit].
+
+[mit]: http://www.opensource.org/licenses/MIT
+[issues]: https://gitlab.com/frodsan/krypter/issues

data/lib/krypter.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require "base64"
 require "openssl"
 
@@ -5,7 +6,12 @@ class Krypter
   InvalidSignature = Class.new(StandardError)
   InvalidMessage = Class.new(StandardError)
 
-  def initialize(secret, cipher: "aes-256-cbc", digest: "SHA256", separator: "--")
+  def initialize(
+    secret,
+    cipher: "aes-256-cbc",
+    digest: "SHA256",
+    separator: "--"
+  )
     @cipher = cipher
     @digest = digest
     @separator = separator
@@ -14,21 +20,17 @@ class Krypter
   end
 
   def encrypt(message)
-    return sign(_encrypt(message))
+    sign(_encrypt(message))
   end
 
   def decrypt(message)
-    ciphertext = verify(message)
-
-    if ciphertext
-      return _decrypt(ciphertext)
-    end
+    (ciphertext = verify(message)) && _decrypt(ciphertext)
   end
 
   private
 
   def hmac(secret, message)
-    return OpenSSL::HMAC.hexdigest(@digest, secret, message)
+    OpenSSL::HMAC.hexdigest(@digest, secret, message)
   end
 
   def _encrypt(message)
@@ -40,7 +42,7 @@ class Krypter
     ciphertext = cipher.update(message)
     ciphertext << cipher.final
 
-    return [ciphertext, iv].join(@separator)
+    [ciphertext, iv].join(@separator)
   end
 
   def _decrypt(encrypted)
@@ -63,11 +65,11 @@ class Krypter
     encoded = Base64.strict_encode64(value)
     signature = authenticate(encoded)
 
-    return [encoded, signature].join(@separator)
+    [encoded, signature].join(@separator)
   end
 
   def authenticate(message)
-    return hmac(@sign_secret, message)
+    hmac(@sign_secret, message)
   end
 
   def verify(message)
@@ -91,6 +93,6 @@ class Krypter
       result |= char ^ cmp[index]
     end
 
-    return result == 0
+    result == 0
   end
 end

data/test/krypter_test.rb

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+require "bundler/setup"
+require "minitest/autorun"
+require "minitest/pride"
+require "minitest/sugar"
+require "securerandom"
+require_relative "../lib/krypter"
+
+class KrypterTest < Minitest::Test
+  setup do
+    @encryptor = Krypter.new(SecureRandom.hex(32))
+  end
+
+  test "encrypts and decrypts" do
+    encrypted = @encryptor.encrypt("message")
+    decrypted = @encryptor.decrypt(encrypted)
+
+    assert_equal("message", decrypted)
+  end
+
+  test "encrypt returns different ciphertexts" do
+    encrypted1 = @encryptor.encrypt("message")
+    encrypted2 = @encryptor.encrypt("message")
+
+    assert encrypted1 != encrypted2
+  end
+
+  test "wrong signature" do
+    encrypted = @encryptor.encrypt("message")
+    separator = @encryptor.instance_variable_get(:@separator)
+    ciphertext, signature = encrypted.split(separator)
+
+    message = [signature, ciphertext] * separator
+    assert_raises(Krypter::InvalidSignature) do
+      @encryptor.decrypt(message)
+    end
+
+    message = [ciphertext, signature.reverse] * separator
+    assert_raises(Krypter::InvalidSignature) do
+      @encryptor.decrypt(message)
+    end
+
+    message = [ciphertext.reverse, signature] * separator
+    assert_raises(Krypter::InvalidSignature) do
+      @encryptor.decrypt(message)
+    end
+
+    message = [ciphertext.reverse, signature.reverse] * separator
+    assert_raises(Krypter::InvalidSignature) do
+      @encryptor.decrypt(message)
+    end
+  end
+
+  test "tampered data" do
+    encrypted = @encryptor.encrypt("message")
+    separator = @encryptor.instance_variable_get(:@separator)
+
+    ciphertext, iv = @encryptor.send(:verify, encrypted).split(separator)
+
+    message = @encryptor.send(:sign, [iv, ciphertext] * separator)
+    assert_raises(Krypter::InvalidMessage) do
+      @encryptor.decrypt(message)
+    end
+
+    message = @encryptor.send(:sign, [ciphertext, iv.reverse] * separator)
+    assert_raises(Krypter::InvalidMessage) do
+      @encryptor.decrypt(message)
+    end
+
+    message = @encryptor.send(:sign, [ciphertext.reverse, iv] * separator)
+    assert_raises(Krypter::InvalidMessage) do
+      @encryptor.decrypt(message)
+    end
+
+    str = [ciphertext.reverse, iv.reverse] * separator
+
+    message = @encryptor.send(:sign, str)
+
+    assert_raises(Krypter::InvalidMessage) do
+      @encryptor.decrypt(message)
+    end
+  end
+end

metadata

@@ -1,46 +1,82 @@
 --- !ruby/object:Gem::Specification
 name: krypter
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.1
 platform: ruby
 authors:
 - Francesco Rodríguez
-- Mayn Kjær
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-31 00:00:00.000000000 Z
+date: 2016-04-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: cutest
+  name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '5.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
-description: Encrypts and signs messages.
-email:
-- frodsan@me.com
-- mayn.kjaer@gmail.com
+        version: '5.8'
+- !ruby/object:Gem::Dependency
+  name: minitest-sugar
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.39'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.39'
+description: Load environment variables from .env
+email: hello@frodsan.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gems"
 - LICENSE
 - README.md
-- krypter.gemspec
 - lib/krypter.rb
-- makefile
-- test/krypter.rb
-homepage: https://github.com/harmoni-io/krypter
+- test/krypter_test.rb
+homepage: https://gitlab.com/frodsan/krypter
 licenses:
 - MIT
 metadata: {}
@@ -60,8 +96,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
-summary: Encrypts and signs messages.
-test_files: []
+summary: Load environment variables from .env
+test_files:
+- test/krypter_test.rb

data/.gems

@@ -1 +0,0 @@
-cutest -v 1.2.1

data/krypter.gemspec

@@ -1,14 +0,0 @@
-Gem::Specification.new do |s|
-  s.name = "krypter"
-  s.version = "1.0.0"
-  s.summary = "Encrypts and signs messages."
-  s.description = s.summary
-  s.authors = ["Francesco Rodríguez", "Mayn Kjær"]
-  s.email = ["frodsan@me.com", "mayn.kjaer@gmail.com"]
-  s.homepage = "https://github.com/harmoni-io/krypter"
-  s.license = "MIT"
-
-  s.files = `git ls-files`.split("\n")
-
-  s.add_development_dependency "cutest"
-end

data/makefile

@@ -1,4 +0,0 @@
-.PHONY: test
-
-test:
-	cutest test/*.rb

data/test/krypter.rb

@@ -1,73 +0,0 @@
-require "cutest"
-require "securerandom"
-require_relative "../lib/krypter"
-
-setup do
-  Krypter.new(SecureRandom.hex(32))
-end
-
-test "encrypts and decrypts" do |encryptor|
-  encrypted = encryptor.encrypt("message")
-  decrypted = encryptor.decrypt(encrypted)
-
-  assert_equal("message", decrypted)
-end
-
-test "encrypt returns different ciphertexts" do |encryptor|
-  encrypted1 = encryptor.encrypt("message")
-  encrypted2 = encryptor.encrypt("message")
-
-  assert encrypted1 != encrypted2
-end
-
-test "wrong signature" do |encryptor|
-  encrypted = encryptor.encrypt("message")
-  separator = encryptor.instance_variable_get(:@separator)
-  ciphertext, signature = encrypted.split(separator)
-
-  message = [signature, ciphertext] * separator
-  assert_raise(Krypter::InvalidSignature) do
-    encryptor.decrypt(message)
-  end
-
-  message = [ciphertext, signature.reverse] * separator
-  assert_raise(Krypter::InvalidSignature) do
-    encryptor.decrypt(message)
-  end
-
-  message = [ciphertext.reverse, signature] * separator
-  assert_raise(Krypter::InvalidSignature) do
-    encryptor.decrypt(message)
-  end
-
-  message = [ciphertext.reverse, signature.reverse] * separator
-  assert_raise(Krypter::InvalidSignature) do
-    encryptor.decrypt(message)
-  end
-end
-
-test "tampered data" do |encryptor|
-  encrypted = encryptor.encrypt("message")
-  separator = encryptor.instance_variable_get(:@separator)
-  ciphertext, iv = encryptor.send(:verify, encrypted).split(separator)
-
-  message = encryptor.send(:sign, [iv, ciphertext] * separator)
-  assert_raise(Krypter::InvalidMessage) do
-    encryptor.decrypt(message)
-  end
-
-  message = encryptor.send(:sign, [ciphertext, iv.reverse] * separator)
-  assert_raise(Krypter::InvalidMessage) do
-    encryptor.decrypt(message)
-  end
-
-  message = encryptor.send(:sign, [ciphertext.reverse, iv] * separator)
-  assert_raise(Krypter::InvalidMessage) do
-    encryptor.decrypt(message)
-  end
-
-  message = encryptor.send(:sign, [ciphertext.reverse, iv.reverse] * separator)
-  assert_raise(Krypter::InvalidMessage) do
-    encryptor.decrypt(message)
-  end
-end