mischacks 0.1.1 → 0.2.0

data/.gitignore

@@ -0,0 +1,2 @@
+*.gemspec
+pkg

data/History.txt

@@ -1,3 +1,8 @@
+=== 0.2.0 / 2010-08-29
+
+* Add Random.
+* Add Password.
+
 === 0.1.1 / 2010-08-25
 
 * Reupload 0.1.0 with fixed file permissions.

data/README.txt

@@ -31,6 +31,15 @@ dump an uncaught exception.
 
 IO#best_datasync:: Try fdatasync, falling back to fsync, falling back to flush.
 
+Random#exp:: Return a random integer 0 ≤ n < 2^argument (using SecureRandom).
+
+Random#float:: Return a random float 0.0 ≤ n < argument (using SecureRandom).
+
+Random#int:: Return a random integer 0 ≤ n < argument (using SecureRandom).
+
+Password:: A small wrapper for String#crypt that does secure salt generation
+and easy password verification.
+
 == FEATURES/PROBLEMS:
 
 The sh method is only safe if your sh script is safe. If unsure, add double

data/Rakefile

@@ -28,7 +28,12 @@ begin
   Jeweler::Tasks.new do |gemspec|
     gemspec.name = "mischacks"
     gemspec.summary = "Miscellaneous methods that may or may not be useful"
-    gemspec.description = "sh: Safely pass untrusted parameters to sh scripts.  overwrite: Safely replace a file.  Exception#to_formatted_string: Return a string that looks like how Ruby would dump an uncaught exception."
+    gemspec.description = \
+      "sh: Safely pass untrusted parameters to sh scripts.  " \
+      "overwrite: Safely replace a file.  " \
+      "Exception#to_formatted_string: Return a string that looks like how Ruby would dump an uncaught exception.  " \
+      "Random: Generate various types of random numbers using SecureRandom.  " \
+      "Password: A small wrapper for String#crypt that does secure salt generation and easy password verification."
     gemspec.email = "devel@johan.kiviniemi.name"
     gemspec.homepage = "http://johan.kiviniemi.name/software/mischacks/"
     gemspec.authors = ["Johan Kiviniemi"]

data/VERSION

@@ -1 +1 @@
-0.1.1
+0.2.0

data/lib/mischacks.rb

@@ -13,8 +13,11 @@
 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
+require 'mischacks/password'
+require 'mischacks/random'
+
 module MiscHacks
-  VERSION = '0.0.5'
+  VERSION = File.read(File.dirname(__FILE__)+'/../VERSION').chomp
 
   class ChildError < RuntimeError
     attr_reader :status

data/lib/mischacks/password.rb

@@ -0,0 +1,57 @@
+# mischacks – Miscellaneous methods that may or may not be useful
+# Copyright © 2010 Johan Kiviniemi
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+require 'mischacks/random'
+
+module MiscHacks
+  class Password
+    SALT_SET = ['a'..'z', 'A'..'Z', '0'..'9', %w{ . / }].map(&:to_a).flatten
+    SALT_SET.freeze
+    if SALT_SET.length != 64
+      raise RuntimeError, "SALT_SET.length = #{SALT_SET.length}, expected 64"
+    end
+
+    def self.random_salt
+      length = 9 + RANDOM.exp(3)  # Up to 9+(2³−1)=16
+      (0...length).map { SALT_SET[RANDOM.exp(6)] }.join
+    end
+
+    def self.new_from_password password
+      new password.crypt('$6$%s$' % random_salt)
+    end
+
+    def initialize encrypted
+      @salt, @encrypted = encrypted.scan(/\A(\$[^$]+\$[^$]+\$)(.+)\z/).first
+      if @salt.nil? or @encrypted.nil?
+        raise ArgumentError, "Failed to parse #{encrypted.inspect}", caller
+      end
+    end
+
+    def match? password
+      to_s == password.crypt(@salt)
+    end
+
+    def to_s
+      [@salt, @encrypted].join
+    end
+
+    def inspect
+      '#<%s: %s>' % [self.class, to_s.inspect]
+    end
+  end
+end
+
+# vim:set et sw=2 sts=2:
+

data/lib/mischacks/random.rb

@@ -0,0 +1,66 @@
+# mischacks – Miscellaneous methods that may or may not be useful
+# Copyright © 2010 Johan Kiviniemi
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+require 'securerandom'
+require 'singleton'
+require 'thread'
+
+module MiscHacks
+  class Random
+    include Singleton
+
+    def initialize
+      @mutex = Mutex.new
+      @pool = 0
+      @pool_size = 0
+    end
+
+    # 0 ≤ return_value < 2^size_bits
+    def exp size_bits
+      @mutex.synchronize do
+        while @pool_size < size_bits
+          # Push 32×8 bits to the pool.
+          SecureRandom.random_bytes(32).unpack('Q*').each do |byte|
+            @pool = (@pool << 64) | byte
+            @pool_size += 64
+          end
+        end
+
+        # Unshift size_bits bits from the pool.
+        @pool_size -= size_bits
+        bits   = @pool >> @pool_size
+        @pool ^= bits << @pool_size
+
+        bits
+      end
+    end
+
+    def float n=1
+      n*Math.ldexp(exp(Float::MANT_DIG), -Float::MANT_DIG)
+    end
+
+    def int n
+      float(n).floor
+    end
+
+    def inspect
+      "#<#{self.class}: pool_size=#{@pool_size}>"
+    end
+  end
+
+  RANDOM = Random.instance
+end
+
+# vim:set et sw=2 sts=2:

data/spec/mischacks/password_spec.rb

@@ -0,0 +1,136 @@
+# mischacks – Miscellaneous methods that may or may not be useful
+# Copyright © 2010 Johan Kiviniemi
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+require File.expand_path(File.dirname(__FILE__)+'/../spec_helper.rb')
+require 'mischacks/password'
+
+require 'set'
+
+describe MiscHacks::Password do
+  def match expected
+    simple_matcher("match #{expected.inspect}") do |given, matcher|
+      matcher.failure_message = "expected #{given.inspect} to match #{expected.inspect}"
+      matcher.negative_failure_message = "expected #{given.inspect} not to match #{expected.inspect}"
+      given.match? expected
+    end
+  end
+
+  before :all do
+    @many = 1000
+
+    @password  = 'foo'
+    @salt      = 'bar'
+    @encrypted = @password.crypt('$6$%s$' % @salt)
+  end
+
+  describe 'SALT_SET' do
+    salt_set = MiscHacks::Password::SALT_SET
+
+    it 'should be an array' do
+      salt_set.should be_an Array
+    end
+
+    it 'should contain 64 unique values' do
+      salt_set.length.should == 64
+      salt_set.to_set.length.should == 64
+    end
+
+    it 'should have characters as values' do
+      salt_set.each do |char|
+        char.should be_a String
+        char.bytesize.should == 1
+      end
+    end
+  end
+
+  describe 'random_salt' do
+    it 'should return strings of random length between 9 and 16' do
+      range = 9..16
+      counts = Array.new(range.max - range.min + 1) { 0 }
+
+      @many.times do
+        size = MiscHacks::Password.random_salt.bytesize
+        range.should include size
+        counts[size - range.min] += 1
+      end
+
+      probabilities = counts.map {|c| counts.length * c / @many.to_f }
+
+      probabilities.stddev.should                     be_close 0.0, 0.15
+      (probabilities.min - probabilities.mean).should be_close 0.0, 0.30
+      (probabilities.max - probabilities.mean).should be_close 0.0, 0.30
+    end
+
+    it 'should use SALT_SET with a sane distribution' do
+      salt_set = MiscHacks::Password::SALT_SET
+
+      counts = Array.new(salt_set.length) { 0 }
+      num_chars = 0
+      @many.times do
+        MiscHacks::Password.random_salt.each_char do |char|
+          MiscHacks::Password::SALT_SET.should include char
+
+          counts[salt_set.index(char)] += 1
+          num_chars += 1
+        end
+      end
+
+      probabilities = counts.map {|c| salt_set.length * c / num_chars.to_f }
+
+      probabilities.stddev.should                     be_close 0.0, 0.15
+      (probabilities.min - probabilities.mean).should be_close 0.0, 0.30
+      (probabilities.max - probabilities.mean).should be_close 0.0, 0.30
+    end
+  end
+
+  describe 'new_from_password' do
+    it 'should return a new instance with the parameter encrypted with random_salt' do
+      MiscHacks::Password.should_receive(:random_salt).once.and_return(@salt)
+
+      pw = MiscHacks::Password.new_from_password @password
+      pw.should be_a MiscHacks::Password
+    end
+  end
+
+  describe 'initialize' do
+    it 'should verify the format of the parameter' do
+      ['', 'foo', 'foo$$$', '$foo$$', '$$foo$', '$$$foo'].each do |str|
+        lambda { MiscHacks::Password.new str }.
+          should raise_exception ArgumentError
+      end
+
+      ['$foo$foo$foo', @encrypted].each do |str|
+        lambda { MiscHacks::Password.new str }.should_not raise_exception
+      end
+    end
+  end
+
+  describe 'match?' do
+    it 'should verify whether the cleartext parameter matches the encrypted password' do
+      %w{foo bar baz}.each do |password|
+        pw = MiscHacks::Password.new_from_password password
+        pw.should match password
+        pw.should_not match "#{password}x"
+        pw.should_not match ''
+      end
+    end
+  end
+
+  describe 'to_s' do
+    it 'should return the encrypted password' do
+      MiscHacks::Password.new(@encrypted).to_s.should == @encrypted
+    end
+  end
+end

data/spec/mischacks/random_spec.rb

@@ -0,0 +1,114 @@
+# mischacks – Miscellaneous methods that may or may not be useful
+# Copyright © 2010 Johan Kiviniemi
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+require File.expand_path(File.dirname(__FILE__)+'/../spec_helper.rb')
+require 'mischacks/random'
+
+require 'ostruct'
+
+describe MiscHacks::Random do
+  before :all do
+    @many = 1000
+  end
+
+  it 'should define MiscHacks::RANDOM as an instance' do
+    MiscHacks::RANDOM.should == MiscHacks::Random.instance
+  end
+
+  def self.spec_method meth, params, &block
+    params = OpenStruct.new params
+
+    describe meth do
+      it "should return #{params.return_type} values" do
+        params.args.each do |arg|
+          MiscHacks::RANDOM.send(meth, arg).should be_a params.return_type
+        end
+      end
+
+      it "should return #{params.range_str}" do
+        params.args.each do |arg|
+          range = params.range_for_arg.call arg
+          @many.times do
+            range.should include MiscHacks::RANDOM.send(meth, arg)
+          end
+        end
+      end
+
+      it 'should have a sane distribution' do
+        params.args.each do |arg|
+          quarter = params.quarter_for_arg.call arg
+
+          counts = (0...@many).inject [0, 0, 0] do |c, i|
+            n = MiscHacks::RANDOM.send(meth, arg)
+            [
+              c[0] + if n < quarter   then 1 else 0 end,
+              c[1] + if n < quarter*2 then 1 else 0 end,
+              c[2] + if n < quarter*3 then 1 else 0 end,
+            ]
+          end
+
+          counts.each_with_index do |count, i|
+            count.should be_close @many*0.25*(i+1), 50
+          end
+        end
+
+        instance_eval &block if block
+      end
+
+      if params.default_arg
+        it "should have #{params.default_arg} as the default argument" do
+          MiscHacks::RANDOM.method(meth).arity.should == -1
+
+          half = params.default_arg * 0.5
+
+          n = (0...@many).inject 0.0 do |sum, i|
+            sum + if MiscHacks::RANDOM.send(meth) < half then 1 else 0 end
+          end
+
+          n.should be_close @many*0.5, 50
+        end
+
+      else
+        it 'should have no default argument' do
+          MiscHacks::RANDOM.method(meth).arity.should == 1
+        end
+      end
+    end
+  end
+
+  spec_method :exp,
+              :return_type     => Integer,
+              :range_str       => '0 <= n < 2**size_bits',
+              :range_for_arg   => lambda {|arg| 0...2**arg },
+              :quarter_for_arg => lambda {|arg| 2**(arg-2) },
+              :args            => [2, 42, 99, 2345]
+
+  spec_method :float,
+              :return_type     => Float,
+              :range_str       => '0.0 <= n < max',
+              :range_for_arg   => lambda {|arg| 0.0...arg },
+              :quarter_for_arg => lambda {|arg| arg*0.25 },
+              :args            => [0.5, 1.5, 99.0, 1234567.8],
+              :default_arg     => 1.0
+
+  spec_method :int,
+              :return_type     => Integer,
+              :range_str       => '0 <= n < max',
+              :range_for_arg   => lambda {|arg| 0...arg },
+              :quarter_for_arg => lambda {|arg| arg/4 },
+              :args            => [1, 2, 42, 99, 1234567].map {|n| n*4 }
+end
+
+# vim:set et sw=2 sts=2:

data/spec/spec_helper.rb

@@ -23,6 +23,21 @@ class Object
   end
 end
 
+module Enumerable
+  def mean
+    inject(:+) / length.to_f
+  end
+
+  def stddev
+    Math.sqrt variance
+  end
+
+  def variance
+    mean_ = mean
+    inject(0) {|sum, e| sum + (e - mean_)**2} / length.to_f
+  end
+end
+
 Spec::Matchers.define :exit_with do |expected|
   match do |block|
     @status = 0

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: mischacks
 version: !ruby/object:Gem::Version 
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors: 
 - Johan Kiviniemi
@@ -9,11 +9,11 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-08-25 00:00:00 +03:00
+date: 2010-08-29 00:00:00 +03:00
 default_executable: 
 dependencies: []
 
-description: "sh: Safely pass untrusted parameters to sh scripts.  overwrite: Safely replace a file.  Exception#to_formatted_string: Return a string that looks like how Ruby would dump an uncaught exception."
+description: "sh: Safely pass untrusted parameters to sh scripts.  overwrite: Safely replace a file.  Exception#to_formatted_string: Return a string that looks like how Ruby would dump an uncaught exception.  Random: Generate various types of random numbers using SecureRandom.  Password: A small wrapper for String#crypt that does secure salt generation and easy password verification."
 email: devel@johan.kiviniemi.name
 executables: []
 
@@ -22,6 +22,7 @@ extensions: []
 extra_rdoc_files: 
 - README.txt
 files: 
+- .gitignore
 - COPYING
 - History.txt
 - Manifest.txt
@@ -29,6 +30,10 @@ files:
 - Rakefile
 - VERSION
 - lib/mischacks.rb
+- lib/mischacks/password.rb
+- lib/mischacks/random.rb
+- spec/mischacks/password_spec.rb
+- spec/mischacks/random_spec.rb
 - spec/mischacks_spec.rb
 - spec/spec_helper.rb
 has_rdoc: true
@@ -60,5 +65,7 @@ signing_key:
 specification_version: 3
 summary: Miscellaneous methods that may or may not be useful
 test_files: 
+- spec/mischacks/random_spec.rb
+- spec/mischacks/password_spec.rb
 - spec/spec_helper.rb
 - spec/mischacks_spec.rb