lanet 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ede54bdc497c24a54cb29df640fb7c5d72f5dc1ae24ab55d88a25f10218b3664
-  data.tar.gz: 51ab9e3cc032475fab45a863e1586412e629529ad83c0f961132f865f9382e3c
+  metadata.gz: 46d63ec0fb7276e1741780b97152879fb319bf42c0fd37c079b18faf355170ae
+  data.tar.gz: c7d07927e338e9ce4248c6909c2ec65903d23af9f09da94cf837181d14ac5ed0
 SHA512:
-  metadata.gz: 58200a1c18fdc38e68d029d0f2558330369ff3c7ddac7c8f954a88bf71aa04fc4fcd501b4386c2586f92fb0fef2f7cb49fd0cbda805d56567e5d83fa75c0a686
-  data.tar.gz: 165cb9a1ccf3672ed98af138e0a91149b3818b5e7043f796cb0229f5482598ddda49ffed62e9d7b4409902d73fc1f50ca4f425cc5625813446ab2219a599a645
+  metadata.gz: '018bc023c9d38cce80a28495df69d6ae66aeaa0977862fbab115e4eb77340337366b615ce73041b41f416c10baa4905da00ca4966008875553a1b881b8ee3678'
+  data.tar.gz: 4f173fb766cb88c84340c84327db204853328016be6a50cd4ea3cd183501aaabfd7f1019ba306d79e110daa5b0a6d1fe0a2a57d2bf8f0f1fec8beb2e54c52cc0

data/CHANGELOG.md

@@ -1,25 +1,36 @@
-## [Unreleased]
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.2.0] - 2025-03-08
+
+### Added
+- Digital signature support for message authentication and integrity
+- New `Signer` class for creating and verifying digital signatures
+- RSA-based key pair generation for signing and verification
+- CLI command for generating key pairs (`keygen`)
+- Support for signed-encrypted and signed-plaintext message formats
+- Signature verification in message processing
+- Updated documentation with signature examples
+
+### Changed
+- Enhanced `Encryptor.prepare_message` to accept a private key for signing
+- Modified `Encryptor.process_message` to verify signatures with public keys
+- Extended message formats to include signature information
+- CLI commands updated to support digital signature options
+- Return values from message processing now include verification status
+
+### Fixed
+- Improved error handling for encryption and signature operations
 
 ## [0.1.0] - 2025-03-06
 
 ### Added
-- Initial release of Lanet gem
-- Core network functionality:
-  - Network scanning with customizable IP ranges
-  - Network discovery with detailed host information
-  - Host pinging with response time measurement
-  - Multiple host ping support with continuous mode
-- Messaging capabilities:
-  - Direct messaging to specific IP addresses
-  - Broadcast messaging to all network devices
-  - Message listening service
-- Security features:
-  - Built-in encryption and decryption for secure messaging
-- Command-line interface:
-  - `scan` command for network discovery
-  - `send` command for direct messaging
-  - `broadcast` command for network-wide announcements
-  - `listen` command to receive incoming messages
-  - `ping` command for host availability checking
-- Ruby API for programmatic usage
-- Complete documentation with usage examples
+- Initial release of Lanet
+- Basic UDP-based message sending and receiving
+- Support for encrypted and plaintext messages
+- Broadcasting capability
+- Simple CLI interface

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    lanet (0.1.0)
+    lanet (0.2.0)
       thor (~> 1.2)
 
 GEM

data/README.md

@@ -1,9 +1,10 @@
 # Lanet
 
-[![Gem Version](https://badge.fury.io/rb/lanet.svg?icon=si%3Arubygems)](https://badge.fury.io/rb/lanet)
+![Gem Version](https://img.shields.io/gem/v/lanet?style=flat)
+![Gem Total Downloads](https://img.shields.io/gem/dt/lanet?style=flat)
 [![MIT License](https://img.shields.io/badge/license-MIT-blue.svg)](https://opensource.org/licenses/MIT)
 
-A lightweight, powerful LAN communication tool for Ruby that enables secure message exchange between devices on the same network. Lanet makes peer-to-peer networking simple with built-in encryption, network discovery, and both targeted and broadcast messaging capabilities.
+A lightweight, powerful LAN communication tool that enables secure message exchange between devices on the same network. Lanet makes peer-to-peer networking simple with built-in encryption, network discovery, and both targeted and broadcast messaging capabilities.
 
 ## Features
 
@@ -16,7 +17,20 @@ A lightweight, powerful LAN communication tool for Ruby that enables secure mess
 - 🖥️ **Command-line interface** - Perform common network operations directly from your terminal.
 - 🧩 **Extensible** - Easily build custom tools and integrations using the Lanet API.
 - ⚙️ **Configurable:**  Adjust port settings, encryption keys, and network scan ranges.
+- **Digital Signatures**: Ensure message authenticity and integrity
 
+## Security Features
+
+### Encryption
+
+Lanet uses AES-256-CBC encryption to protect the content of messages. This ensures confidentiality during transmission.
+
+### Digital Signatures
+
+Digital signatures provide:
+- **Authentication**: Verify the identity of the message sender
+- **Data Integrity**: Ensure the message hasn't been tampered with during transit
+- **Non-repudiation**: Senders cannot deny sending a message they signed
 
 ## Installation
 
@@ -44,6 +58,76 @@ gem install lanet
 
 Lanet provides a powerful CLI for common network operations:
 
+#### Generating Signature Keys
+
+Generate a key pair for digital signatures:
+
+```bash
+lanet keygen
+```
+
+Generate a key pair with specific options:
+
+```bash
+lanet keygen --bits 4096 --output ~/.lanet_keys
+```
+
+The command will generate two files:
+- `lanet_private.key`: Keep this secure and don't share it
+- `lanet_public.key`: Share this with others who need to verify your messages
+
+#### Sending Signed Messages
+
+Send a digitally signed message (without encryption):
+
+```bash
+lanet send --target 192.168.1.5 --message "Signed message" --private-key-file lanet_private.key
+```
+
+Send an encrypted and signed message:
+
+```bash
+lanet send --target 192.168.1.5 --message "Secure signed message" --key "my_secret_key" --private-key-file lanet_private.key
+```
+
+Broadcast a signed message to all devices:
+
+```bash
+lanet broadcast --message "Important announcement" --private-key-file lanet_private.key
+```
+
+#### Receiving and Verifying Signed Messages
+
+Listen for messages and verify signatures:
+
+```bash
+lanet listen --public-key-file lanet_public.key
+```
+
+Listen for encrypted and signed messages:
+
+```bash
+lanet listen --encryption-key "my_secret_key" --public-key-file lanet_public.key
+```
+
+When a signed message is received, the output will show verification status:
+
+```
+Message from 192.168.1.5:
+Content: Hello, this is a signed message
+Signature: VERIFIED
+----------------------------------------
+```
+
+If signature verification fails:
+
+```
+Message from 192.168.1.5:
+Content: Hello, this message was tampered with
+Signature: NOT VERIFIED: Signature verification failed
+----------------------------------------
+```
+
 #### Scanning the network
 
 ```bash

data/index.html

@@ -1,233 +1,142 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1.0">
-  <title>Lanet - Lightweight LAN Communication Tool for Networking</title>
-  <style>
-    body {
-      font-family: 'Arial', sans-serif;
-      line-height: 1.6;
-      color: #333;
-      margin: 0;
-      padding: 0;
-      background-color: #f4f4f4;
-    }
-    .container {
-      max-width: 1200px;
-      margin: 0 auto;
-      padding: 20px;
-    }
-    header {
-      background: linear-gradient(90deg, #007BFF, #0056b3);
-      color: white;
-      padding: 40px 0;
-      text-align: center;
-      box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1);
-    }
-    header h1 {
-      font-size: 3em;
-      margin: 0;
-    }
-    header p {
-      font-size: 1.2em;
-      margin-top: 10px;
-    }
-    .badges {
-      margin-top: 20px;
-    }
-    .badges img {
-      margin: 0 10px;
-    }
-    section {
-      margin: 40px 0;
-      padding: 20px;
-      background-color: white;
-      border-radius: 8px;
-      box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
-    }
-    h2 {
-      color: #007BFF;
-      font-size: 2em;
-      margin-bottom: 20px;
-    }
-    h3 {
-      color: #0056b3;
-      font-size: 1.5em;
-      margin-top: 30px;
-    }
-    code {
-      background-color: #f4f4f4;
-      padding: 2px 4px;
-      border-radius: 4px;
-      font-family: 'Courier New', monospace;
-    }
-    pre {
-      background-color: #f4f4f4;
-      padding: 15px;
-      border-radius: 8px;
-      overflow-x: auto;
-    }
-    .feature-list {
-      list-style-type: none;
-      padding: 0;
-    }
-    .feature-list li {
-      margin: 10px 0;
-      font-size: 1.1em;
-    }
-    .feature-list li::before {
-      content: '🚀';
-      margin-right: 10px;
-    }
-    .cli-example, .api-example {
-      margin: 20px 0;
-    }
-    .cli-example h4, .api-example h4 {
-      margin-bottom: 10px;
-      font-size: 1.2em;
-    }
-    footer {
-      text-align: center;
-      padding: 20px;
-      background-color: #007BFF;
-      color: white;
-      margin-top: 40px;
-    }
-    footer a {
-      color: white;
-      text-decoration: none;
-    }
-  </style>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Lanet - Secure Network Communications Library</title>
+    <style>
+        body {
+            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+            line-height: 1.6;
+            color: #333;
+            max-width: 800px;
+            margin: 0 auto;
+            padding: 20px;
+        }
+        h1 {
+            color: #2c3e50;
+            border-bottom: 2px solid #3498db;
+            padding-bottom: 10px;
+        }
+        h2 {
+            color: #2980b9;
+            margin-top: 30px;
+        }
+        pre {
+            background-color: #f8f8f8;
+            border: 1px solid #ddd;
+            border-left: 3px solid #3498db;
+            padding: 15px;
+            overflow-x: auto;
+        }
+        code {
+            font-family: 'Courier New', Courier, monospace;
+        }
+        .container {
+            background-color: #fff;
+            border-radius: 5px;
+            box-shadow: 0 2px 10px rgba(0, 0, 0, 0.1);
+            padding: 20px;
+        }
+        .feature {
+            margin: 20px 0;
+            padding-left: 20px;
+            border-left: 4px solid #2ecc71;
+        }
+        .security-feature {
+            background-color: #e8f4fc;
+            padding: 15px;
+            margin: 10px 0;
+            border-radius: 4px;
+        }
+    </style>
 </head>
 <body>
-  <header>
     <div class="container">
-      <h1>Lanet</h1>
-      <p>A lightweight, powerful LAN communication tool for Networking</p> 
-      <div class="badges">
-        <a href="https://badge.fury.io/rb/lanet"><img src="https://badge.fury.io/rb/lanet.svg" alt="Gem Version"></a>
-        <a href="https://opensource.org/licenses/MIT"><img src="https://img.shields.io/badge/license-MIT-blue.svg" alt="MIT License"></a>
-      </div>
-    </div>
-  </header>
-
-  <div class="container">
-    <section id="about">
-      <h2>About Lanet</h2>
-      <p>Lanet is a lightweight and powerful LAN communication tool for Ruby that enables secure message exchange between devices on the same network. It simplifies peer-to-peer networking with built-in encryption, network discovery, and both targeted and broadcast messaging capabilities.</p>
-    </section>
-
-    <section id="features">
-      <h2>Features</h2>
-      <ul class="feature-list">
-        <li>Simple API - An intuitive Ruby interface for straightforward network communication.</li>
-        <li>Built-in encryption - Optional message encryption with AES-256-GCM for confidentiality.</li>
-        <li>Network scanning - Automatically discover active devices on your local network.</li>
-        <li>Targeted messaging - Send messages to specific IP addresses.</li>
-        <li>Broadcasting - Send messages to all devices on the network.</li>
-        <li>Host pinging - Check host availability and measure response times (with a familiar <code>ping</code> interface).</li>
-        <li>Command-line interface - Perform common network operations directly from your terminal.</li>
-        <li>Extensible - Easily build custom tools and integrations using the Lanet API.</li>
-        <li>Configurable - Adjust port settings, encryption keys, and network scan ranges.</li>
-      </ul>
-    </section>
-
-    <section id="installation">
-      <h2>Installation</h2>
-      <p>Add this line to your application's Gemfile:</p>
-      <pre><code>gem 'lanet'</code></pre>
-      <p>And then execute:</p>
-      <pre><code>bundle install</code></pre>
-      <p>Or install it yourself as:</p>
-      <pre><code>gem install lanet</code></pre>
-    </section>
-
-    <section id="usage">
-      <h2>Usage</h2>
-      <h3>Command Line Interface (CLI)</h3>
-      <div class="cli-example">
-        <h4>Scanning the network</h4>
-        <pre><code>lanet scan --range 192.168.1.0/24</code></pre>
-        <p>With verbose output (shows hostname, MAC address, open ports, and response time):</p>
-        <pre><code>lanet scan --range 192.168.1.0/24 --verbose</code></pre>
-      </div>
-      <div class="cli-example">
-        <h4>Sending a message to a specific target</h4>
-        <pre><code>lanet send --target 192.168.1.5 --message "Hello there!"</code></pre>
-        <p>Sending an encrypted message:</p>
-        <pre><code>lanet send --target 192.168.1.5 --message "Secret message" --key "my_secret_key"</code></pre>
-      </div>
-      <div class="cli-example">
-        <h4>Broadcasting a message to all devices</h4>
-        <pre><code>lanet broadcast --message "Announcement for everyone!"</code></pre>
-      </div>
-      <div class="cli-example">
-        <h4>Pinging a specific host</h4>
-        <pre><code>lanet ping --host 192.168.1.5</code></pre>
-      </div>
-
-      <h3>Ruby API</h3>
-      <div class="api-example">
-        <h4>Scanning the network</h4>
+        <h1>Lanet</h1>
+        <p>A secure network communication library for Ruby applications.</p>
+        
+        <h2>Key Features</h2>
+        
+        <div class="feature">
+            <h3>Encrypted Communication</h3>
+            <p>Protect your messages with military-grade AES-256-CBC encryption to ensure confidentiality.</p>
+        </div>
+        
+        <div class="feature">
+            <h3>Digital Signatures</h3>
+            <p>Verify message authenticity and integrity with RSA-based digital signatures.</p>
+            
+            <div class="security-feature">
+                <h4>Benefits of Digital Signatures:</h4>
+                <ul>
+                    <li><strong>Authentication</strong>: Verify that the message came from the claimed sender</li>
+                    <li><strong>Data Integrity</strong>: Ensure the message hasn't been tampered with during transit</li>
+                    <li><strong>Non-repudiation</strong>: Senders cannot deny sending a message they signed</li>
+                    <li><strong>Protection against MITM attacks</strong>: Detect man-in-the-middle tampering attempts</li>
+                </ul>
+            </div>
+        </div>
+        
+        <div class="feature">
+            <h3>Simple UDP-based Messaging</h3>
+            <p>Send and receive messages easily with straightforward sender and receiver classes.</p>
+        </div>
+        
+        <div class="feature">
+            <h3>Network Broadcasting</h3>
+            <p>Support for broadcasting messages across your entire network.</p>
+        </div>
+        
+        <h2>Quick Example</h2>
+        
         <pre><code>require 'lanet'
 
-scanner = Lanet.scanner
-active_ips = scanner.scan('192.168.1.0/24')
-puts "Found devices: #{active_ips.join(', ')}"</code></pre>
-      </div>
-      <div class="api-example">
-        <h4>Sending a message</h4>
-        <pre><code>sender = Lanet.sender
-sender.send_to('192.168.1.5', 'Hello from Ruby!')</code></pre>
-        <p>Broadcasting a message:</p>
-        <pre><code>sender.broadcast('Announcement to all devices!')</code></pre>
-      </div>
-      <div class="api-example">
-        <h4>Listening for messages</h4>
-        <pre><code>receiver = Lanet.receiver
-receiver.listen do |data, ip|
-  puts "Received from #{ip}: #{data}"
-end</code></pre>
-      </div>
-    </section>
-
-    <section id="configuration">
-      <h2>Configuration</h2>
-      <p>Lanet can be configured with several options:</p>
-      <ul>
-        <li><strong>Port</strong>: Default is 5000, but can be changed for both sending and receiving.</li>
-        <li><strong>Encryption Keys</strong>: Use your own encryption keys for secure communication.</li>
-        <li><strong>Custom Ranges</strong>: Scan specific network ranges to discover devices.</li>
-      </ul>
-    </section>
-
-    <section id="development">
-      <h2>Development</h2>
-      <p>After checking out the repo, run <code>bin/setup</code> to install dependencies. Then, run <code>rake spec</code> to run the tests.</p>
-      <p>To install this gem locally, run <code>bundle exec rake install</code>.</p>
-    </section>
+# Generate RSA key pair for signing
+key_pair = Lanet::Signer.generate_key_pair
+private_key = key_pair[:private_key]
+public_key = key_pair[:public_key]
 
-    <section id="contributing">
-      <h2>Contributing</h2>
-      <p>Bug reports and pull requests are welcome on GitHub at <a href="https://github.com/davidesantangelo/lanet">https://github.com/davidesantangelo/lanet</a>. Follow these steps:</p>
-      <ol>
-        <li>Fork the repository</li>
-        <li>Create your feature branch (<code>git checkout -b my-new-feature</code>)</li>
-        <li>Commit your changes (<code>git commit -am 'Add some feature'</code>)</li>
-        <li>Push to the branch (<code>git push origin my-new-feature</code>)</li>
-        <li>Create a new Pull Request</li>
-      </ol>
-    </section>
+# Set up sender and receiver
+sender = Lanet::Sender.new(9000)
+encryption_key = "secret-key-123"
 
-    <section id="license">
-      <h2>License</h2>
-      <p>The gem is available under the <a href="https://opensource.org/licenses/MIT">MIT License</a>.</p>
-    </section>
-  </div>
+# Send a signed and encrypted message
+message = "Hello, secure world!"
+prepared_message = Lanet::Encryptor.prepare_message(
+  message, 
+  encryption_key, 
+  private_key
+)
+sender.send_to("192.168.1.5", prepared_message)
 
-  <footer>
-    <p>&copy; 2025 Lanet. All rights reserved. | <a href="https://github.com/davidesantangelo/lanet">View on GitHub</a></p>
-  </footer>
+# Receive and verify messages
+receiver = Lanet::Receiver.new(9000)
+receiver.listen do |data, sender_ip|
+  result = Lanet::Encryptor.process_message(
+    data, 
+    encryption_key, 
+    public_key
+  )
+  
+  puts "Message: #{result[:content]}"
+  puts "Verified: #{result[:verified]}"
+end</code></pre>
+        
+        <h2>Installation</h2>
+        
+        <p>Add this to your Gemfile:</p>
+        <pre><code>gem 'lanet'</code></pre>
+        
+        <p>Or install directly:</p>
+        <pre><code>gem install lanet</code></pre>
+        
+        <h2>Documentation</h2>
+        <p>For complete documentation, please visit the <a href="https://github.com/yourusername/lanet">GitHub repository</a>.</p>
+        
+        <footer style="margin-top: 40px; text-align: center; color: #7f8c8d;">
+            <p>Lanet - Secure Network Communications Library</p>
+        </footer>
+    </div>
 </body>
 </html>

data/lib/lanet/cli.rb

@@ -14,27 +14,55 @@ module Lanet
       false
     end
 
-    desc "send --target IP --message MSG [--key KEY] [--port PORT]", "Send a message to a specific target"
-    option :target, required: true
-    option :message, required: true
-    option :key
-    option :port, type: :numeric, default: 5000
+    desc "send", "Send a message to a specific target"
+    method_option :target, type: :string, required: true, desc: "Target IP address"
+    method_option :message, type: :string, required: true, desc: "Message to send"
+    method_option :key, type: :string, desc: "Encryption key (optional)"
+    method_option :private_key_file, type: :string, desc: "Path to private key file for signing (optional)"
+    method_option :port, type: :numeric, default: 5000, desc: "Port number"
     def send
-      sender = Sender.new(options[:port])
-      message = Encryptor.prepare_message(options[:message], options[:key])
+      sender = Lanet::Sender.new(options[:port])
+
+      private_key = nil
+      if options[:private_key_file]
+        begin
+          private_key = File.read(options[:private_key_file])
+          puts "Message will be digitally signed"
+        rescue StandardError => e
+          puts "Error reading private key file: #{e.message}"
+          return
+        end
+      end
+
+      message = Lanet::Encryptor.prepare_message(options[:message], options[:key], private_key)
+
       sender.send_to(options[:target], message)
       puts "Message sent to #{options[:target]}"
     end
 
-    desc "broadcast --message MSG [--key KEY] [--port PORT]", "Broadcast a message to all devices"
-    option :message, required: true
-    option :key
-    option :port, type: :numeric, default: 5000
+    desc "broadcast", "Broadcast a message to all devices on the network"
+    method_option :message, type: :string, required: true, desc: "Message to broadcast"
+    method_option :key, type: :string, desc: "Encryption key (optional)"
+    method_option :private_key_file, type: :string, desc: "Path to private key file for signing (optional)"
+    method_option :port, type: :numeric, default: 5000, desc: "Port number"
     def broadcast
-      sender = Sender.new(options[:port])
-      message = Encryptor.prepare_message(options[:message], options[:key])
+      sender = Lanet::Sender.new(options[:port])
+
+      private_key = nil
+      if options[:private_key_file]
+        begin
+          private_key = File.read(options[:private_key_file])
+          puts "Message will be digitally signed"
+        rescue StandardError => e
+          puts "Error reading private key file: #{e.message}"
+          return
+        end
+      end
+
+      message = Lanet::Encryptor.prepare_message(options[:message], options[:key], private_key)
+
       sender.broadcast(message)
-      puts "Message broadcasted"
+      puts "Message broadcasted to the network"
     end
 
     desc "scan --range CIDR [--timeout TIMEOUT] [--threads THREADS] [--verbose]",
@@ -77,64 +105,84 @@ module Lanet
       end
     end
 
-    desc "listen [--port PORT] [--key KEY]", "Listen for incoming messages"
-    option :port, type: :numeric, default: 5000
-    option :key
+    desc "listen", "Listen for incoming messages"
+    method_option :encryption_key, type: :string, desc: "Encryption key for decrypting messages (optional)"
+    method_option :public_key_file, type: :string, desc: "Path to public key file for signature verification (optional)"
+    method_option :port, type: :numeric, default: 5000, desc: "Port to listen on"
     def listen
-      receiver = Receiver.new(options[:port])
-      puts "Listening on port #{options[:port]}..."
-      receiver.listen do |data, ip|
-        message = Encryptor.process_message(data, options[:key])
-        puts "From #{ip}: #{message}"
+      receiver = Lanet::Receiver.new(options[:port])
+
+      public_key = nil
+      if options[:public_key_file]
+        begin
+          public_key = File.read(options[:public_key_file])
+          puts "Digital signature verification enabled"
+        rescue StandardError => e
+          puts "Error reading public key file: #{e.message}"
+          return
+        end
       end
-    end
 
-    desc "ping [HOST]", "Ping a host or multiple hosts with real-time output"
-    option :host, type: :string, desc: "Single host to ping"
-    option :hosts, type: :string, desc: "Comma-separated list of hosts to ping"
-    option :timeout, type: :numeric, default: 1, desc: "Ping timeout in seconds"
-    option :count, type: :numeric, default: 5, desc: "Number of ping packets to send"
-    option :quiet, type: :boolean, default: false, desc: "Only display summary"
-    option :continuous, type: :boolean, default: false, desc: "Ping continuously until interrupted"
-    def ping(target_host = nil)
-      # Support both traditional command (lanet ping 192.168.1.1) and option-style (--host)
-      target = target_host || options[:host] || options[:hosts]
-
-      unless target
-        puts "Error: Missing host to ping"
-        puts "Usage: lanet ping HOST"
-        puts "   or: lanet ping --host HOST"
-        puts "   or: lanet ping --hosts HOST1,HOST2,HOST3"
-        return
-      end
+      puts "Listening for messages on port #{options[:port]}..."
+      puts "Press Ctrl+C to stop"
 
-      pinger = Lanet::Ping.new(timeout: options[:timeout], count: options[:count])
+      receiver.listen do |data, sender_ip|
+        result = Lanet::Encryptor.process_message(data, options[:encryption_key], public_key)
 
-      if target_host || options[:host]
-        # For a single host, we use real-time output unless quiet is specified
-        host = target_host || options[:host]
-        if options[:quiet]
-          result = pinger.ping_host(host, false, options[:continuous])
-          display_ping_summary(host, result)
-        else
-          pinger.ping_host(host, true, options[:continuous]) # Real-time output with optional continuous mode
-        end
-      else
-        hosts = options[:hosts].split(",").map(&:strip)
+        puts "\nMessage from #{sender_ip}:"
+        puts "Content: #{result[:content]}"
 
-        if options[:quiet]
-          results = pinger.ping_hosts(hosts, false, options[:continuous])
-          hosts.each do |host|
-            display_ping_summary(host, results[host])
-            puts "\n" unless host == hosts.last
-          end
-        else
-          # Real-time output for multiple hosts
-          pinger.ping_hosts(hosts, true, options[:continuous])
+        if result.key?(:verified)
+          verification_status = if result[:verified]
+                                  "VERIFIED"
+                                else
+                                  "NOT VERIFIED: #{result[:verification_status]}"
+                                end
+          puts "Signature: #{verification_status}"
         end
+
+        puts "-" * 40
       end
     end
 
+    desc "ping", "Ping a host to check connectivity"
+    method_option :host, type: :string, desc: "Host to ping"
+    method_option :hosts, type: :string, desc: "Comma-separated list of hosts to ping"
+    method_option :timeout, type: :numeric, default: 1, desc: "Timeout in seconds"
+    method_option :count, type: :numeric, default: 4, desc: "Number of pings"
+    method_option :continuous, type: :boolean, default: false, desc: "Ping continuously until interrupted"
+    method_option :quiet, type: :boolean, default: false, desc: "Show only summary"
+    def ping(single_host = nil)
+      # This is a placeholder for the ping implementation
+      target_host = single_host || options[:host]
+      puts "Pinging #{target_host || options[:hosts]}..."
+      puts "Ping functionality not implemented yet"
+    end
+
+    desc "keygen", "Generate key pair for digital signatures"
+    method_option :bits, type: :numeric, default: 2048, desc: "Key size in bits"
+    method_option :output, type: :string, default: ".", desc: "Output directory"
+    def keygen
+      key_pair = Lanet::Signer.generate_key_pair(options[:bits])
+
+      private_key_file = File.join(options[:output], "lanet_private.key")
+      public_key_file = File.join(options[:output], "lanet_public.key")
+
+      File.write(private_key_file, key_pair[:private_key])
+      File.write(public_key_file, key_pair[:public_key])
+
+      puts "Key pair generated!"
+      puts "Private key saved to: #{private_key_file}"
+      puts "Public key saved to: #{public_key_file}"
+      puts "\nIMPORTANT: Keep your private key secure and never share it."
+      puts "Share your public key with others who need to verify your messages."
+    end
+
+    desc "version", "Display the version of Lanet"
+    def version
+      puts "Lanet version #{Lanet::VERSION}"
+    end
+
     private
 
     def display_ping_details(host, result)

data/lib/lanet/encryptor.rb

@@ -3,6 +3,7 @@
 require "openssl"
 require "digest"
 require "base64"
+require_relative "signer"
 
 module Lanet
   class Encryptor
@@ -10,16 +11,50 @@ module Lanet
     CIPHER_ALGORITHM = "AES-256-CBC"
     ENCRYPTED_PREFIX = "E"
     PLAINTEXT_PREFIX = "P"
+    SIGNED_ENCRYPTED_PREFIX = "SE"
+    SIGNED_PLAINTEXT_PREFIX = "SP"
     IV_SIZE = 16
+    SIGNATURE_DELIMITER = "||SIG||"
+    MAX_KEY_LENGTH = 64
 
     # Error class for encryption/decryption failures
     class Error < StandardError; end
 
-    # Encrypts a message if key is provided, otherwise marks it as plaintext
+    # Prepares a message with encryption and/or signing
     # @param message [String] the message to prepare
-    # @param key [String, nil] encryption key or nil for plaintext
+    # @param encryption_key [String, nil] encryption key or nil for plaintext
+    # @param private_key [String, nil] PEM-encoded private key for signing or nil for unsigned
     # @return [String] prepared message with appropriate prefix
-    def self.prepare_message(message, key)
+    def self.prepare_message(message, encryption_key, private_key = nil)
+      if private_key.nil? || private_key.empty?
+        prepare_unsigned_message(message, encryption_key)
+      else
+        # Sign the message
+        signature = Signer.sign(message.to_s, private_key)
+        message_with_signature = "#{message}#{SIGNATURE_DELIMITER}#{signature}"
+
+        return "#{SIGNED_PLAINTEXT_PREFIX}#{message_with_signature}" if encryption_key.nil? || encryption_key.empty?
+
+        # Signed but not encrypted
+
+        # Signed and encrypted
+        begin
+          cipher = OpenSSL::Cipher.new("AES-128-CBC")
+          cipher.encrypt
+          cipher.key = derive_key(encryption_key)
+          iv = cipher.random_iv
+          encrypted = cipher.update(message_with_signature) + cipher.final
+          encoded = Base64.strict_encode64(iv + encrypted)
+          "#{SIGNED_ENCRYPTED_PREFIX}#{encoded}"
+        rescue StandardError => e
+          raise Error, "Encryption failed: #{e.message}"
+        end
+
+      end
+    end
+
+    # Original prepare_message renamed
+    def self.prepare_unsigned_message(message, key)
       return PLAINTEXT_PREFIX + message.to_s if key.nil? || key.empty?
 
       begin
@@ -35,35 +70,78 @@ module Lanet
       end
     end
 
-    # Processes a message, decrypting if necessary
+    # Processes a message, decrypting and verifying if necessary
     # @param data [String] the data to process
-    # @param key [String, nil] decryption key or nil
-    # @return [String] processed message
-    def self.process_message(data, key)
-      return "[Empty message]" if data.nil? || data.empty?
+    # @param encryption_key [String, nil] decryption key or nil
+    # @param public_key [String, nil] PEM-encoded public key for verification or nil
+    # @return [Hash] processed message with content and verification status
+    def self.process_message(data, encryption_key = nil, public_key = nil)
+      return { content: "[Empty message]", verified: false } if data.nil? || data.empty?
 
-      prefix = data[0]
-      content = data[1..]
+      prefix = data[0..0] # First character for simple prefixes
+      prefix = data[0..1] if data.length > 1 && %w[SE SP].include?(data[0..1]) # Two characters for complex prefixes
+      content = data[prefix.length..]
 
       case prefix
       when ENCRYPTED_PREFIX
-        if key.nil? || key.strip.empty?
-          "[Encrypted message received, but no key provided]"
+        if encryption_key.nil? || encryption_key.strip.empty?
+          { content: "[Encrypted message received, but no key provided]", verified: false }
         else
           begin
-            decode_encrypted_message(content, key)
+            decrypted = decode_encrypted_message(content, encryption_key)
+            { content: decrypted, verified: false }
           rescue StandardError => e
-            "Decryption failed: #{e.message}"
+            { content: "Decryption failed: #{e.message}", verified: false }
           end
         end
       when PLAINTEXT_PREFIX
-        content
+        { content: content, verified: false }
+      when SIGNED_ENCRYPTED_PREFIX
+        if encryption_key.nil? || encryption_key.strip.empty?
+          { content: "[Signed encrypted message received, but no encryption key provided]", verified: false }
+        else
+          begin
+            decrypted = decode_encrypted_message(content, encryption_key)
+            process_signed_content(decrypted, public_key)
+          rescue StandardError => e
+            { content: "Processing signed encrypted message failed: #{e.message}", verified: false }
+          end
+        end
+      when SIGNED_PLAINTEXT_PREFIX
+        process_signed_content(content, public_key)
       else
-        "[Invalid message format]"
+        { content: "[Invalid message format]", verified: false }
+      end
+    end
+
+    # Process content that contains a signature
+    def self.process_signed_content(content, public_key)
+      if content.include?(SIGNATURE_DELIMITER)
+        message, signature = content.split(SIGNATURE_DELIMITER, 2)
+
+        if public_key.nil? || public_key.strip.empty?
+          { content: message, verified: false, verification_status: "No public key provided for verification" }
+        else
+          begin
+            verified = Signer.verify(message, signature, public_key)
+            { content: message, verified: verified,
+              verification_status: verified ? "Verified" : "Signature verification failed" }
+          rescue StandardError => e
+            { content: message, verified: false, verification_status: "Verification error: #{e.message}" }
+          end
+        end
+      else
+        { content: content, verified: false, verification_status: "No signature found" }
       end
     end
 
     def self.derive_key(key)
+      # Add validation to reject keys that are too long
+      if key && key.length > MAX_KEY_LENGTH
+        raise Error,
+              "Encryption key is too long (maximum #{MAX_KEY_LENGTH} characters)"
+      end
+
       digest = OpenSSL::Digest.new("SHA256")
       OpenSSL::PKCS5.pbkdf2_hmac(key, "salt", 1000, 16, digest)
     end

data/lib/lanet/signer.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require "openssl"
+require "base64"
+
+module Lanet
+  class Signer
+    # Error class for signature failures
+    class Error < StandardError; end
+
+    # Signs a message using the provided private key
+    # @param message [String] the message to sign
+    # @param private_key_pem [String] the PEM-encoded private key
+    # @return [String] Base64-encoded signature
+    def self.sign(message, private_key_pem)
+      private_key = OpenSSL::PKey::RSA.new(private_key_pem)
+      signature = private_key.sign(OpenSSL::Digest.new("SHA256"), message.to_s)
+      Base64.strict_encode64(signature)
+    rescue StandardError => e
+      raise Error, "Signing failed: #{e.message}"
+    end
+
+    # Verifies a signature using the provided public key
+    # @param message [String] the original message
+    # @param signature_base64 [String] the Base64-encoded signature
+    # @param public_key_pem [String] the PEM-encoded public key
+    # @return [Boolean] true if signature is valid
+    def self.verify(message, signature_base64, public_key_pem)
+      public_key = OpenSSL::PKey::RSA.new(public_key_pem)
+      signature = Base64.strict_decode64(signature_base64)
+      public_key.verify(OpenSSL::Digest.new("SHA256"), signature, message.to_s)
+    rescue StandardError => e
+      raise Error, "Verification failed: #{e.message}"
+    end
+
+    # Generates a new RSA key pair
+    # @param bits [Integer] key size in bits
+    # @return [Hash] containing :private_key and :public_key as PEM strings
+    def self.generate_key_pair(bits = 2048)
+      key = OpenSSL::PKey::RSA.new(bits)
+      {
+        private_key: key.to_pem,
+        public_key: key.public_key.to_pem
+      }
+    end
+  end
+end

data/lib/lanet/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Lanet
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: lanet
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Davide Santangelo
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-03-06 00:00:00.000000000 Z
+date: 2025-03-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -97,6 +97,7 @@ files:
 - lib/lanet/receiver.rb
 - lib/lanet/scanner.rb
 - lib/lanet/sender.rb
+- lib/lanet/signer.rb
 - lib/lanet/version.rb
 - sig/lanet.rbs
 homepage: https://github.com/davidesantangelo/lanet