libpasta 0.0.5

data/ext/pasta-bindings/libpasta/src/primitives/scrypt.rs

@@ -0,0 +1,144 @@
+/// Native Rust implementation of scrypt.
+pub use self::native::Scrypt;
+
+/// Native Rust implementation of scrypt.
+mod native {
+    #![allow(cast_possible_truncation)]
+
+    use primitives::Primitive;
+    use sod::Sod;
+
+    use ring_pwhash::scrypt;
+    use serde_mcf::Hashes;
+
+    use std::fmt;
+
+    /// Struct holding `scrypt` parameters.
+    ///
+    /// This implementation is backed by `ring_pwhash`.
+    pub struct Scrypt {
+        log_n: u8,
+        r: u32,
+        p: u32,
+        /// Parameters used internally by `ring_pwhash`.
+        params: scrypt::ScryptParams,
+    }
+
+    lazy_static! {
+        static ref DEFAULT: Scrypt = {
+            Scrypt::new_impl(14, 8, 1)
+        };
+    }
+
+    impl ::primitives::PrimitiveImpl for Scrypt {
+        /// Compute the scrypt hash
+        fn compute<'a>(&'a self, password: &[u8], salt: &[u8]) -> Vec<u8> {
+            let mut hash = [0_u8; 32];
+            scrypt::scrypt(password, salt, &self.params, &mut hash);
+            hash[..32].to_vec()
+        }
+
+        /// Convert parameters into a vector of (key, value) tuples
+        /// for serializing.
+        fn params_as_vec(&self) -> Vec<(&'static str, String)> {
+            vec![("ln", self.log_n.to_string()), ("r", self.r.to_string()), ("p", self.p.to_string())]
+        }
+
+        fn hash_id(&self) -> Hashes {
+            Hashes::Scrypt
+        }
+    }
+
+    impl fmt::Debug for Scrypt {
+        fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
+            write!(f,
+                   "Scrypt, N: {}, r: {}, p: {}",
+                   1 << self.log_n,
+                   self.r,
+                   self.p)
+        }
+    }
+
+    impl Scrypt {
+        /// Gets the default scrypt instance.
+        pub fn default() -> Primitive {
+            Primitive(Sod::Static(&*DEFAULT))
+        }
+
+        fn new_impl(log_n: u8, r: u32, p: u32) -> Self {
+            Self {
+                log_n, r, p,
+                params: scrypt::ScryptParams::new(log_n, r, p),
+            }
+        }
+
+        /// Create  a new scrypt instance.
+        pub fn new(log_n: u8, r: u32, p: u32) -> Primitive {
+            Self::new_impl(log_n, r, p).into()
+        }
+    }
+
+}
+
+
+#[cfg(test)]
+mod test {
+    use data_encoding;
+    use ::hashing::*;
+    use serde_mcf;
+    #[test]
+    fn sanity_check() {
+        let password = "hunter2";
+        let params = super::Scrypt::default();
+        let salt = ::get_salt();
+        let hash = params.compute(password.as_bytes(), &salt);
+        let hash2 = params.compute(password.as_bytes(), &salt);
+        assert_eq!(hash, hash2);
+        let out = Output {
+            alg: Algorithm::Single(params.into()),
+            salt: salt,
+            hash: hash,
+        };
+        println!("{:?}", serde_mcf::to_string(&out).unwrap());
+    }
+
+    fn scrypt_test(password: &str, salt: &str, n: u32, r: u32, p: u32, _output_len: u32, expected: &str) {
+        let scrypt = super::Scrypt::new(f32::log2(n as f32) as u8, r, p);
+        let hash = scrypt.compute(password.as_bytes(), salt.as_bytes());
+        let expected = expected.replace(" ", "");
+        println!("{}", expected);
+        let expected = data_encoding::HEXLOWER.decode(expected.as_bytes()).unwrap();
+        assert_eq!(&expected[..32], &hash[..]);
+    }
+
+    #[test]
+    fn scrypt_test_vectors() {
+        scrypt_test("", "", 16, 1, 1, 64, "\
+        77 d6 57 62 38 65 7b 20 3b 19 ca 42 c1 8a 04 97\
+        f1 6b 48 44 e3 07 4a e8 df df fa 3f ed e2 14 42\
+        fc d0 06 9d ed 09 48 f8 32 6a 75 3a 0f c8 1f 17\
+        e8 d3 e0 fb 2e 0d 36 28 cf 35 e2 0c 38 d1 89 06");
+
+        scrypt_test("password", "NaCl", 1024, 8, 16, 64, "\
+        fd ba be 1c 9d 34 72 00 78 56 e7 19 0d 01 e9 fe\
+        7c 6a d7 cb c8 23 78 30 e7 73 76 63 4b 37 31 62\
+        2e af 30 d9 2e 22 a3 88 6f f1 09 27 9d 98 30 da\
+        c7 27 af b9 4a 83 ee 6d 83 60 cb df a2 cc 06 40"); 
+    }
+
+    #[test] #[cfg(feature = "long_tests")]
+    fn scrypt_test_vectors_long() {
+        scrypt_test("pleaseletmein", "SodiumChloride", 16384, 8, 1, 64,"\
+        70 23 bd cb 3a fd 73 48 46 1c 06 cd 81 fd 38 eb\
+        fd a8 fb ba 90 4f 8e 3e a9 b5 43 f6 54 5d a1 f2\
+        d5 43 29 55 61 3f 0f cf 62 d4 97 05 24 2a 9a f9\
+        e6 1e 85 dc 0d 65 1e 40 df cf 01 7b 45 57 58 87");
+        scrypt_test("pleaseletmein", "SodiumChloride", 1048576, 8, 1, 64,"\
+        21 01 cb 9b 6a 51 1a ae ad db be 09 cf 70 f8 81\
+        ec 56 8d 57 4a 2f fd 4d ab e5 ee 98 20 ad aa 47\
+        8e 56 fd 8f 4b a5 d0 9f fa 1c 6d 92 7c 40 f4 c3\
+        37 30 40 49 e8 a9 52 fb cb f4 5c 6f a7 7a 41 a4");
+    }
+}
+
+benches!(Scrypt);

data/ext/pasta-bindings/libpasta/src/sod.rs

@@ -0,0 +1,46 @@
+/// Sod stands for Static or Dynamic. An enum to encapsulate values which
+/// are either dynamically, heap-allocated values, or statics.
+///
+/// This allows us to define default primitives which are used throughout
+/// without the overhead of reference counting, while still supporting the
+/// flexibility to create primitives dynamically.
+///
+/// Thanks to the `Deref` implementation, either variants are treated like
+/// the inner type without needing to worry about which it is.
+///
+/// Many thanks to [panicbit](https://github.com/panicbit) for helping to
+/// get the `Deref` implementation working to make all the magic happen.
+
+use std::ops::Deref;
+use std::sync::Arc;
+
+#[derive(Debug, PartialEq, PartialOrd)]
+/// Enum to hold either static references or reference-counted owned objects.
+/// Implements `Deref` to `T` for ease of use.
+/// Since internal data is either a static reference, or an `Arc`, cloning
+/// is a cheap operation.
+pub enum Sod<T: ?Sized + 'static> {
+    /// Static reference to T
+    Static(&'static T),
+    /// Dynamically allocated T, on the heap, atomically reference-counted.
+    Dynamic(Arc<Box<T>>),
+}
+
+impl<T: ?Sized> Deref for Sod<T> {
+    type Target = T;
+    fn deref(&self) -> &T {
+        match *self {
+            Sod::Static(t) => t,
+            Sod::Dynamic(ref t) => t,
+        }
+    }
+}
+
+impl<T: ?Sized> Clone for Sod<T> {
+    fn clone(&self) -> Self {
+        match *self {
+            Sod::Static(t) => Sod::Static(t),
+            Sod::Dynamic(ref t) => Sod::Dynamic(Arc::clone(t)),
+        }
+    }
+}

data/ext/pasta-bindings/libpasta/tests/.libpasta.yaml

@@ -0,0 +1,8 @@
+default: Custom
+keyed: ~
+primitive: 
+  id: "scrypt"
+  params: 
+    ln: 11
+    r: 8
+    p: 1

data/ext/pasta-bindings/libpasta/tests/common/mod.rs

@@ -0,0 +1,37 @@
+#![allow(dead_code, unused_macros)]
+
+extern crate env_logger;
+
+use std::path::PathBuf;
+
+macro_rules! config_test {
+    ($name:ident, $prefix:expr) => (
+        #[macro_use]
+        extern crate log;
+
+        #[test]
+        fn test_prim() {
+            common::init_test();
+
+            let password = "hunter2";
+            let config = libpasta::Config::with_primitive($name::default());
+            trace!("config setup as: {}", config.to_string());
+            let password_hash = config.hash_password(password);
+            assert!(password_hash.starts_with($prefix));
+            assert!(libpasta::verify_password(&password_hash, password));
+        }
+    
+    )
+}
+
+pub fn get_test_path(filename: &str) -> PathBuf {
+    let mut path = PathBuf::from(file!());
+    path.pop();
+    path.pop();
+    path.push(filename);
+    path
+}
+
+pub fn init_test() {
+    self::env_logger::init().unwrap();
+}

data/ext/pasta-bindings/libpasta/tests/test_argon2.rs

@@ -0,0 +1,8 @@
+extern crate libpasta;
+
+#[macro_use]
+mod common;
+
+use libpasta::primitives::Argon2;
+
+config_test!(Argon2, "$$argon2");

data/ext/pasta-bindings/libpasta/tests/test_bcrypt.rs

@@ -0,0 +1,8 @@
+extern crate libpasta;
+
+#[macro_use]
+mod common;
+
+use libpasta::primitives::Bcrypt;
+
+config_test!(Bcrypt, "$$2y");

data/ext/pasta-bindings/libpasta/tests/test_from_file.rs

@@ -0,0 +1,13 @@
+extern crate libpasta;
+
+use libpasta::config;
+
+mod common;
+
+#[test]
+pub fn test_config_file() {
+    common::init_test();
+    let config = config::Config::from_file(common::get_test_path(".libpasta.yaml")).unwrap();
+    println!("{}", config.to_string());
+    assert!(config.to_string().contains("ln: \"11\""));
+}

data/ext/pasta-bindings/libpasta/tests/test_hmac.rs

@@ -0,0 +1,26 @@
+extern crate libpasta;
+extern crate ring;
+
+use ring::digest;
+
+#[test]
+fn test_hmac() {
+    // Use scrypt as the default inner hash
+    let hash_primitive = libpasta::primitives::Scrypt::default();
+    let mut config = libpasta::Config::with_primitive(hash_primitive);
+
+    // Some proper way of getting a key
+    let key = b"yellow submarine";
+    let key_id = config.add_key(key);
+    // Construct an HMAC instance and use this as the outer configuration
+    let keyed_function = libpasta::primitives::Hmac::with_key_id(&digest::SHA256, &key_id);
+    config.set_keyed_hash(keyed_function);
+
+    let hash = config.hash_password("hunter2");
+    println!("Computed hash: {:?}", hash);
+    // Outputs:
+    // Computed hash: "$!$hmac$key_id=LNMhDy...,h=SHA256$$scrypt$ln=14,r=8,p=1$ZJ5EY...$grlNA...."
+
+    assert!(hash.starts_with("$!$hmac"));
+    assert!(hash.contains("scrypt"));
+}

data/ext/pasta-bindings/libpasta/tests/test_pbkdf2.rs

@@ -0,0 +1,8 @@
+extern crate libpasta;
+
+#[macro_use]
+mod common;
+
+use libpasta::primitives::Pbkdf2;
+
+config_test!(Pbkdf2, "$$pbkdf2");

data/ext/pasta-bindings/libpasta/tests/test_ringpbkdf2.rs

@@ -0,0 +1,8 @@
+extern crate libpasta;
+
+#[macro_use]
+mod common;
+
+use libpasta::primitives::RingPbkdf2;
+
+config_test!(RingPbkdf2, "$$pbkdf2");

data/ext/pasta-bindings/libpasta/tests/test_scrypt.rs

@@ -0,0 +1,8 @@
+extern crate libpasta;
+
+#[macro_use]
+mod common;
+
+use libpasta::primitives::Scrypt;
+
+config_test!(Scrypt, "$$scrypt");

data/ext/pasta-bindings/pasta.i

@@ -0,0 +1,31 @@
+%module(package="libpasta") pasta
+%{
+    #include "../libpasta/libpasta-capi/include/pasta.h"
+%}
+
+%typemap(newfree) char * "free_string($1);";
+%newobject hash_password;
+%newobject read_password;
+
+
+ 
+%pragma(java) jniclassimports=%{
+import org.scijava.nativelib.*;
+%}
+
+%pragma(java) jniclasscode=%{
+  static {
+    try {
+        NativeLoader.loadLibrary("pasta_jni");
+    } catch (Exception e) {
+      try {
+        NativeLibraryUtil.loadNativeLibrary(pastaJNI.class, "pasta_jni");
+      } catch (Exception e2) {
+        System.err.println("Native code library failed to load. \n" + e);
+        System.exit(1);
+      }
+    }
+  }
+%}
+
+%include "libpasta/libpasta-capi/include/pasta.h"

data/ext/pasta-bindings/tests/Makefile

@@ -0,0 +1,38 @@
+LD_LIBRARY_PATH="../"
+NATIVE_LIBS=-lcrypto -lc -lm -lc -lutil -lutil -ldl -lrt -lpthread -lgcc_s -lc -lm -lrt -lpthread -lutil
+
+all: c java javascript go php python ruby
+
+c:
+	@printf "\nTest C:\n"
+	@echo -e "\e[1;33mC tests should be performed using the libpasta repo in the libpasta-capi/ folder.\e[0m"
+
+java:
+	@printf "\nTest Java:\n"
+	@echo -e "\e[1;33mJava tests should be performed using the libpasta-java repo.\e[0m"
+
+javascript:
+	@printf "\nTest Javascript (node.js)\n"
+	cd ../javascript && node-gyp build
+
+go:
+	@printf "\nTest Go:\n"
+	go test
+
+php5 php56 php:
+	@printf "\nTest PHP:\n"
+	@$(PHP_BIN) test.php || \
+	echo -e "\e[1;33mPHP requires either installing libpasta (try: make install_php), or enabling dynamically loaded extensions.\e[0m"
+
+
+python:
+	@printf "\nTest Python:\n"
+	LD_LIBRARY_PATH=$(LD_LIBRARY_PATH) \
+	python2 test.py
+
+ruby:
+	@printf "\nTest Ruby\n"
+	LD_LIBRARY_PATH=$(LD_LIBRARY_PATH) \
+	ruby test.rb
+
+.PHONY: all c java javascript go php python ruby

data/ext/pasta-bindings/tests/pasta_test.go

@@ -0,0 +1,12 @@
+package pasta_test
+
+import "../go"
+import "testing"
+
+func TestPasta(t *testing.T) {
+    hash := pasta.Hash_password("hello123")
+    verify := pasta.Verify_password(hash, "hello123")
+    if verify == 0 {
+        t.Error("failed to verify correctly")
+    }
+}

data/ext/pasta-bindings/tests/test.php

@@ -0,0 +1,7 @@
+<?php
+include("../php5/pasta.php");
+
+$hash = pasta::hash_password("hello123"); 
+assert(pasta::verify_password($hash, "hello123"));
+echo "\033[1;32mPHP test passed.\033[m";
+?> 

data/ext/pasta-bindings/tests/test.py

@@ -0,0 +1,7 @@
+import sys
+sys.path.insert(1, '../python')
+import pasta
+
+hash = pasta.hash_password("hello123")
+assert pasta.verify_password(hash, "hello123")
+print '\x1b[1;32m' + "Python test passed." + '\x1b[m'

data/ext/pasta-bindings/tests/test.rb

@@ -0,0 +1,5 @@
+require '../ruby/pasta.so'
+
+hash = Pasta::hash_password("hunter2")
+raise "Failed to verify password" unless Pasta::verify_password(hash, "hunter2")
+puts "\e[1;32m" + "Ruby test passed." + "\e[m"