ore-rs 0.7.0

data/ext/ore_rs/Cargo.toml

@@ -0,0 +1,14 @@
+[package]
+name = "ore-rs"
+version = "0.0.0"
+edition = "2021"
+
+[dependencies]
+lazy_static = "^0.2.2"
+ore-rs = "^0.6.0"
+ore-encoding-rs = { git = "https://github.com/cipherstash/ore_encoding.rs" }
+rb-sys = "0.8.0"
+rutie = { git = "https://github.com/mpalmer/rutie", branch = "rb_sys" }
+
+[lib]
+crate-type = ["cdylib"]

data/ext/ore_rs/extconf.rb

@@ -0,0 +1,4 @@
+require "mkmf"
+require "rb_sys/mkmf"
+
+create_rust_makefile("ore_rs/ore_rs")

data/ext/ore_rs/src/lib.rs

@@ -0,0 +1,142 @@
+#[macro_use]
+extern crate rutie;
+
+#[macro_use]
+extern crate lazy_static;
+
+use ore_encoding_rs::OrePlaintext;
+use ore_rs::{CipherText, ORECipher, OREEncrypt};
+use ore_rs::scheme::bit2::OREAES128;
+use rutie::{Boolean, Class, Encoding, Float, Integer, Module, Object, RString, VerifiedObject, VM};
+use std::cmp::Ordering;
+
+module!(RbORE);
+class!(RbOREAES128);
+class!(RbOREAES128Ciphertext);
+
+impl VerifiedObject for RbOREAES128Ciphertext {
+    fn is_correct_type<T: Object>(object: &T) -> bool {
+        let klass = Module::from_existing("ORE").get_nested_class("AES128").get_nested_class("Ciphertext");
+        klass.case_equals(object)
+    }
+
+    fn error_message() -> &'static str {
+        "Error converting to ORE::AES128::Ciphertext"
+    }
+}
+
+impl From<CipherText<OREAES128, 8>> for RbOREAES128Ciphertext {
+    fn from(ct: CipherText<OREAES128, 8>) -> Self {
+        let klass = Module::from_existing("ORE").get_nested_class("AES128").get_nested_class("Ciphertext");
+        klass.wrap_data(OreAes128Ciphertext { ct: ct.to_bytes(), n: 8 }, &*OREAES128_CIPHERTEXT_WRAPPER)
+    }
+}
+
+pub struct OreAes128 {
+    cipher: OREAES128
+}
+
+wrappable_struct!(OreAes128, OreAes128Wrapper, OREAES128_WRAPPER);
+
+pub struct OreAes128Ciphertext {
+    #[allow(dead_code)]
+    n: u32,
+    ct: Vec<u8>
+}
+
+wrappable_struct!(OreAes128Ciphertext, OreAes128CiphertextWrapper, OREAES128_CIPHERTEXT_WRAPPER);
+
+methods!(
+    RbOREAES128,
+    rbself,
+
+    fn ore_aes128_new(k1string: RString, k2string: RString) -> RbOREAES128 {
+        let mut k1: [u8; 16] = Default::default();
+        let mut k2: [u8; 16] = Default::default();
+
+        k1.clone_from_slice(k1string.unwrap().to_bytes_unchecked());
+        k2.clone_from_slice(k2string.unwrap().to_bytes_unchecked());
+
+        let cipher: OREAES128 = ORECipher::init(&k1, &k2).unwrap();
+
+        let klass = Module::from_existing("ORE").get_nested_class("AES128");
+        return klass.wrap_data(OreAes128 { cipher: cipher }, &*OREAES128_WRAPPER);
+    }
+
+    fn ore_aes128_encrypt_u64(plaintext: Integer) -> RbOREAES128Ciphertext {
+        let ore = rbself.get_data_mut(&*OREAES128_WRAPPER);
+        plaintext.unwrap().to_u64().encrypt(&mut ore.cipher).map_err(|e| VM::raise(Class::from_existing("RuntimeError"), &format!("Failed to encrypt ORE plaintext: {:?}", e))).unwrap().into()
+    }
+
+    fn ore_aes128_encrypt_f64(plaintext: Float) -> RbOREAES128Ciphertext {
+        let ore = rbself.get_data_mut(&*OREAES128_WRAPPER);
+        OrePlaintext::<u64>::from(plaintext.unwrap().to_f64()).0.encrypt(&mut ore.cipher).map_err(|e| VM::raise(Class::from_existing("RuntimeError"), &format!("Failed to encrypt ORE plaintext: {:?}", e))).unwrap().into()
+    }
+
+    fn ore_aes128_encrypt_string(plaintext: RString) -> RbOREAES128Ciphertext {
+        let ore = rbself.get_data_mut(&*OREAES128_WRAPPER);
+        OrePlaintext::<u64>::from(plaintext.unwrap().to_string_unchecked()).0.encrypt(&mut ore.cipher).map_err(|e| VM::raise(Class::from_existing("RuntimeError"), &format!("Failed to encrypt ORE plaintext: {:?}", e))).unwrap().into()
+    }
+
+    fn ore_aes128_encrypt_bool(plaintext: Boolean) -> RbOREAES128Ciphertext {
+        let ore = rbself.get_data_mut(&*OREAES128_WRAPPER);
+        OrePlaintext::<u64>::from(plaintext.unwrap().to_bool()).0.encrypt(&mut ore.cipher).map_err(|e| VM::raise(Class::from_existing("RuntimeError"), &format!("Failed to encrypt ORE plaintext: {:?}", e))).unwrap().into()
+    }
+);
+
+methods!(
+    RbOREAES128Ciphertext,
+    rbself,
+
+    fn ore_aes128_ciphertext_new(serialized_ciphertext: RString, n: Integer) -> RbOREAES128Ciphertext {
+        let ct = CipherText::<OREAES128, 8>::from_bytes(&serialized_ciphertext.unwrap().to_vec_u8_unchecked()).map_err(|e| VM::raise(Class::from_existing("ArgumentError"), &format!("Failed to deserialize ORE ciphertext: {:?}", e))).unwrap();
+
+        let klass = Module::from_existing("ORE").get_nested_class("AES128").get_nested_class("Ciphertext");
+        return klass.wrap_data(OreAes128Ciphertext { ct: ct.to_bytes(), n: n.unwrap().to_u32() }, &*OREAES128_CIPHERTEXT_WRAPPER);
+    }
+
+    fn ore_aes128_ciphertext_serialize() -> RString {
+        let obj = rbself.get_data(&*OREAES128_CIPHERTEXT_WRAPPER);
+
+        return RString::from_bytes(&obj.ct, &Encoding::find("BINARY").unwrap());
+    }
+
+    fn ore_aes128_ciphertext_cmp(other: RbOREAES128Ciphertext) -> Integer {
+        let obj = rbself.get_data(&*OREAES128_CIPHERTEXT_WRAPPER);
+        let real_other = other.unwrap();
+        let oth = real_other.get_data(&*OREAES128_CIPHERTEXT_WRAPPER);
+
+        match OREAES128::compare_raw_slices(&obj.ct, &oth.ct) {
+            Some(Ordering::Equal) => Integer::from(0),
+            Some(Ordering::Less) => Integer::from(-1),
+            Some(Ordering::Greater) => Integer::from(1),
+            None => {
+                VM::raise(Class::from_existing("RuntimeError"), "Comparison failed");
+                Integer::from(0)
+            }
+        }
+    }
+);
+
+
+
+
+#[allow(non_snake_case)]
+#[no_mangle]
+pub extern "C" fn Init_ore_rs() {
+    Module::from_existing("ORE").define(|oremod| {
+        oremod.define_nested_class("AES128", None).define(|cipher_class| {
+            cipher_class.singleton_class().def_private("_new", ore_aes128_new);
+            cipher_class.def_private("_encrypt_u64", ore_aes128_encrypt_u64);
+            cipher_class.def_private("_encrypt_f64", ore_aes128_encrypt_f64);
+            cipher_class.def_private("_encrypt_string", ore_aes128_encrypt_string);
+            cipher_class.def_private("_encrypt_bool", ore_aes128_encrypt_bool);
+
+            cipher_class.define_nested_class("Ciphertext", None).define(|ciphertext_class| {
+                ciphertext_class.singleton_class().def_private("_new", ore_aes128_ciphertext_new);
+                ciphertext_class.def_private("_serialize", ore_aes128_ciphertext_serialize);
+                ciphertext_class.def_private("_cmp", ore_aes128_ciphertext_cmp);
+            });
+        });
+    });
+}

data/lib/ore/aes128/ciphertext.rb

@@ -0,0 +1,47 @@
+module ORE
+  class AES128
+    # An ORE ciphertext produced by an AES128 cipher.
+    class Ciphertext
+      include Comparable
+
+      # Create a ciphertext object from a serialized form.
+      #
+      # ORE ciphertexts can be serialized (using #to_s), and then deserialized by
+      # passing them into this constructor.
+      #
+      # @param ct [String] the serialized ciphertext.  This must be a `BINARY` encoded
+      #   string.
+      #
+      # @param n [Integer] the number of ORE blocks contained in the ciphertext.  Each
+      #   ORE block represents one octet of the plaintext.  At present, only 64-bit
+      #   plaintexts are supported, so this must always be `8`.
+      #
+      # @raises [ArgumentError] if the string passed as the ciphertext is not valid,
+      #   or `n` is not a supported value.
+      #
+      def self.new(ct, n)
+        unless ct.is_a?(String)
+          raise ArgumentError, "Ciphertext must be a string"
+        end
+
+        unless n == 8
+          raise ArgumentError, "Only a block count of 8 is currently supported"
+        end
+
+        _new(ct, n)
+      end
+
+      def to_s
+        _serialize
+      end
+
+      def <=>(other)
+        unless other.is_a?(ORE::AES128::Ciphertext)
+          raise ArgumentError, "Cannot compare an ORE ciphertext to anything other than another ciphertext"
+        end
+
+        _cmp(other)
+      end
+    end
+  end
+end

data/lib/ore/aes128.rb

@@ -0,0 +1,204 @@
+require "date"
+
+require_relative "./aes128/ciphertext"
+
+module ORE
+  class AES128
+    VALID_STRING_ENCODINGS = [Encoding.find("UTF-8"), Encoding.find("US-ASCII")]
+    private_constant :VALID_STRING_ENCODINGS
+
+    # Create a new ORE::AES128 "cipher" -- an object capable of encrypting plaintexts into ORE ciphertexts.
+    #
+    # @param k1 [String] also known as the "PRF key", this is one of the two keys required
+    #   to encrypt with ORE.  This key must be a 16 octet string in the `BINARY` encoding.
+    #
+    # @param k2 [String] also known as the "PRP key", this is the other of the two keys
+    #   required to encrypt with ORE.  This key must also be a 16 octet string in the `BINARY`
+    #   encoding.
+    #
+    # @param b [Integer] the number of bits in each plaintext.  At present, the only supported
+    #   value for this parameter is `64`.
+    #
+    # @param n [Integer] the number of blocks to generate in the ORE ciphertext.  Each block
+    #   is derived from 8 bits of plaintext, and thus at present the only supported value
+    #   for this parameter is `8`.
+    #
+    # @raises [ArgumentError] if any of the parameters do not meet the requirements.
+    #
+    def self.new(k1, k2, b, n)
+      validate_key(k1, "k1")
+      validate_key(k2, "k2")
+
+      unless b == 64
+        raise ArgumentError, "Only 64 bit ORE plaintexts are supported at present"
+      end
+
+      unless n == 8
+        raise ArgumentError, "Only 8 bit ORE blocks are supported at present"
+      end
+
+      _new(k1, k2, b, n)
+    end
+
+    # Encrypt a plaintext into an ORE::AES128::Ciphertext.
+    #
+    # @note the type of the object you pass in as the plaintext is crucially important.
+    #   Different types of object are encoded incompatibly, and comparisons between
+    #   ciphertexts generated from objects of different types is not guaranteed.
+    #   For example, `#encrypt(-3.0) < #encrypt(1)` will not necessarily be true,
+    #   even though `#encrypt(-3.0) < #encrypt(1.0)` is guaranteed.
+    #
+    # The currently supported types are:
+    #
+    # * `Integer` -- must be in the range 0..2**64-1 (inclusive).  Will be encoded as
+    #   an ORE `uint64`.
+    #
+    # * `Float` -- can be any double precision floating-point number, except for a NaN.
+    #
+    # * `String` -- any valid UTF-8 string.  Will be hashed into a 64-bit value for storage.
+    #
+    # * `Range` -- a range of Integers, Floats, Dates, or Times; both ends must be of the
+    #     same type.  Indefinite beginnings *or* ends are supported, but not both.
+    #
+    # * `Date`, `Time` -- will be converted into milliseconds relative to the UTC epoch.
+    #
+    # @param plaintext [Integer, Float] the plaintext to encrypt.
+    #
+    # @raises [ArgumentError] if the type of the plaintext is not one currently supported,
+    #   or the value of the plaintext is not one which is valid.
+    #
+    # @raises [RuntimeError] if a float is encrypted on a platform that doesn't use
+    #   IEEE754 double-precision floating-point numbers as its representation of a
+    #   `Float`, or if something spectacularly wrong happens in the ORE encryption process.
+    #
+    def encrypt(plaintext)
+      case plaintext
+      when Integer
+        encrypt_u64(plaintext)
+      when Float
+        encrypt_f64(plaintext)
+      when String
+        encrypt_string(plaintext)
+      when TrueClass, FalseClass
+        encrypt_bool(plaintext)
+      when Range
+        encrypt_range(plaintext)
+      when Date
+        encrypt(plaintext.to_time)
+      when Time
+        encrypt_time(plaintext)
+      else
+        raise ArgumentError, "Do not know how to ORE encrypt a #{plaintext.class}"
+      end
+    end
+
+    class << self
+      private
+
+      def validate_key(k, name)
+        unless k.is_a?(String) && k.encoding == Encoding::BINARY && k.bytesize == 16
+          raise ArgumentError, "#{name} must be a 16 octet binary string"
+        end
+      end
+    end
+
+    private
+
+    def encrypt_u64(plaintext)
+      if plaintext < 0
+        raise ArgumentError, "Cannot encrypt integers less than zero"
+      end
+
+      if plaintext >= 2**64
+        raise ArgumentError, "Cannot encrypt integers greater than 2^64 - 1"
+      end
+
+      _encrypt_u64(plaintext)
+    end
+
+    def encrypt_f64(plaintext)
+      if Float::MAX_EXP != 1024 || Float::MIN_EXP != -1021
+        # This is a pure sanity check, so...
+        #:nocov:
+        raise RuntimeError, "This platform does not conform to our expectations for floating-point representations.  Out of an abundance of caution, we will not encrypt floats on this platform."
+        #:nocov:
+      end
+
+      if plaintext.nan?
+        raise ArgumentError, "Cannot ORE encrypt NaN"
+      end
+
+      _encrypt_f64(plaintext)
+    end
+
+    def encrypt_string(plaintext)
+      unless VALID_STRING_ENCODINGS.include?(plaintext.encoding)
+        raise ArgumentError, "Cannot encrypt non-UTF-8 string"
+      end
+
+      if !plaintext.valid_encoding?
+        raise ArgumentError, "Cannot encrypt invalid UTF-8 string"
+      end
+
+      _encrypt_string(plaintext)
+    end
+
+    def encrypt_bool(plaintext)
+      _encrypt_bool(plaintext)
+    end
+
+    def encrypt_range(plaintext)
+      min, max = plaintext.begin, plaintext.end
+
+      case [min.class, max.class]
+      # Integer ranges
+      when [Integer, Integer]
+        if max < min
+          raise ArgumentError, "Cannot encrypt a non-ascending range"
+        end
+        (encrypt_u64(min)..encrypt_u64(max))
+      when [Integer, NilClass]
+        (encrypt_u64(min)..encrypt_u64(2**64-1))
+      when [NilClass, Integer]
+        (encrypt_u64(0)..encrypt_u64(max))
+
+      # Float ranges
+      when [Float, Float]
+        if max < min
+          raise ArgumentError, "Cannot encrypt a non-ascending range"
+        end
+        (encrypt_f64(min)..encrypt_f64(max))
+      when [Float, NilClass]
+        (encrypt_f64(min)..encrypt_f64(Float::INFINITY))
+      when [NilClass, Float]
+        (encrypt_f64(-Float::INFINITY)..encrypt_f64(max))
+
+      # Date ranges
+      when [Date, Date]
+        encrypt_range(min.to_time..max.to_time)
+      when [Date, NilClass]
+        encrypt_range(min.to_time..)
+      when [NilClass, Date]
+        encrypt_range(..max.to_time)
+
+      # Time ranges
+      when [Time, Time]
+        (encrypt_time(min)..encrypt_time(max))
+      when [Time, NilClass]
+        (encrypt_time(min)..encrypt_u64(2**64-1))
+      when [NilClass, Time]
+        (encrypt_u64(0)..encrypt_time(max))
+
+      else
+        raise ArgumentError, "Cannot encrypt a range over #{min.class}..#{max.class}"
+      end
+    end
+
+    def encrypt_time(plaintext)
+      # Get the time in integer milliseconds, and then "shift" it so
+      # that times before the epoch are still positive numbers, just
+      # smaller than times after the epoch
+      encrypt_u64((plaintext.to_r * 1000).to_i + 2**63)
+    end
+  end
+end

data/lib/ore/version.rb

@@ -0,0 +1,3 @@
+module ORE
+  VERSION = "0.7.0"
+end

data/lib/ore-rs.rb

@@ -0,0 +1,15 @@
+module ORE
+end
+
+begin
+  RUBY_VERSION =~ /(\d+\.\d+)/
+  require_relative "./#{$1}/ore_rs"
+rescue LoadError
+  begin
+    require_relative "./ore_rs"
+  rescue LoadError
+    raise LoadError, "Could not load ore_rs binary library"
+  end
+end
+
+require_relative "./ore/aes128"

data/ore-rs.gemspec

@@ -0,0 +1,43 @@
+require_relative './lib/ore/version'
+
+Gem::Specification.new do |s|
+  s.name = "ore-rs"
+
+  s.version = ORE::VERSION
+  s.date    = Time.now.strftime("%Y-%m-%d")
+
+  s.platform = Gem::Platform::RUBY
+
+  s.summary  = "Ruby bindings for the ore.rs Order-Revealing Encryption library"
+
+  s.authors  = ["James Sadler", "Bennett Hardwick", "Drew Thomas"]
+  s.email    = ["james@cipherstash.com", "bennett@cipherstash.com", "drew@cipherstash.com"]
+  s.homepage = "https://cipherstash.com/protect"
+
+  s.files = `git ls-files -z`.split("\0").reject { |f| f =~ /^(\.|G|spec|Rakefile)/ }
+
+  s.extensions = ["ext/ore_rs/extconf.rb"]
+
+  s.required_ruby_version = ">= 2.7.0"
+
+  s.metadata["homepage_uri"] = s.homepage
+  s.metadata["source_code_uri"] = "https://github.com/cipherstash/ruby-ore-rs"
+  s.metadata["changelog_uri"] = "https://github.com/cipherstash/ruby-ore-rs/releases"
+  s.metadata["bug_tracker_uri"] = "https://github.com/cipherstash/ruby-ore-rs/issues"
+  s.metadata["documentation_uri"] = "https://rubydoc.info/gems/ore-rs"
+  s.metadata["mailing_list_uri"] = "https://discuss.cipherstash.com"
+
+  s.add_runtime_dependency 'rb_sys', '~> 0.1'
+
+  s.add_development_dependency 'bundler'
+  s.add_development_dependency 'guard-rspec'
+  s.add_development_dependency 'rake', '~> 13.0'
+  s.add_development_dependency 'rake-compiler', '~> 1.2'
+  s.add_development_dependency 'rake-compiler-dock', '~> 1.2'
+  s.add_development_dependency 'rb-inotify', '~> 0.9'
+  s.add_development_dependency 'rb_sys', '~> 0.1'
+  s.add_development_dependency 'redcarpet'
+  s.add_development_dependency 'rspec'
+  s.add_development_dependency 'simplecov'
+  s.add_development_dependency 'yard'
+end