oroku_saki 1.0.0 → 1.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 92e35fcb6b712a4480ed16ad9ded3959f066b08a
-  data.tar.gz: 87979e5935c98d372ab042a1d9aa0ddc36adb13b
+SHA256:
+  metadata.gz: 52938f10790d5d1fed271cd6ebf9f0fcf7f734745bf3b707b9594c8ffe5e5913
+  data.tar.gz: 33f7261880251491f3c8aa79db6d4816cdd508330b6a429043a930da41b4db74
 SHA512:
-  metadata.gz: 6a755589cecf5494141b5e78d5598395fd2b022cdb6a4bdc7f94e59f9119fbb9b1218a84276c75727d32d4e7b75368e88526e8411afd631b5fdac29dbe5ad1ad
-  data.tar.gz: f4be1b4ddbd048c686f956c6d1c884a1f3e62b70b8cbeaa6527e2743b3e28c425967044a74fcdd23eb88229cc997f580d2fdc36b74bcc93da0c49596f6a93072
+  metadata.gz: 7ecd06e1cd35594ef8a7524d815a6779d6486d1bff8e08e2a6176e7dff07cdefcc3b6cfb9067e3b2b1c63bcc022fceba448fad90abc8dedbd0ebb0cd4ea419c0
+  data.tar.gz: a2f056b0f95d575bdce333fcbab22d6792c7c633ac7d4d24d8b788d6f80197ba602082ff2fb8057c31f998e26f59d5db88651344758d4b774e4be84ef00ac6a9

data/.travis.yml

@@ -1,4 +1,6 @@
 language: ruby
 rvm:
+  - 2.1.1
   - 2.2.2
+  - 2.3.0
 before_install: gem install bundler -v 1.11.2

data/README.md

@@ -1,4 +1,6 @@
 # OrokuSaki
+[![Build Status](https://travis-ci.org/tpickett66/oroku_saki.svg?branch=master)](https://travis-ci.org/tpickett66/oroku_saki)
+[![Gem Version](https://badge.fury.io/rb/oroku_saki.svg)](https://badge.fury.io/rb/oroku_saki)
 
 OrokuSaki, a.k.a. Shredder, is the destroyer of strings and attacker's worst
 nightmare!
@@ -36,17 +38,25 @@ second_secret = 'another sekret'
 second_secret.shred! # => "\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000"
 ```
 
-Setting a string to be shredded before garbage collection:
+Setting a string to be shredded before garbage collection via a finalizer:
+
 ```ruby
 my_secret = 'super sekret value!!!'
 OrokuSaki.shred_later(my_secret) # => nil
 puts my_secret # => "super sekret value!!!"
-# A finalizer shreds the str just before it gets collected.
 
 second_secret = 'another sekret'
 second_scret.shred_later
 ```
 
+Comparing Strings in constant time (nearly as fast as `==` for small inputs):
+
+```ruby
+hmac = '16b9b8ae8e164768d0505bcb16269efb35804643dd351084b3c6ebbc6f7db2c8'
+other_hmac = '16b9b8ae8e164768d0505bcb16269efb35804643dd351084b3c6ebbc6f7db2c8'
+OrokuSaki.secure_compare(hmac, other_hmac) #=> true
+```
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/ext/oroku_saki/oroku_saki.c

@@ -1,31 +1,77 @@
+#include <stdint.h>
 #include "oroku_saki.h"
 
-/* Zero out the memory housing the passed string.
- *
- * This method takes in a string and zeros out the memory it occupies, by design
- * it does not respect frozen states of strings so make sure you're actually
- * done with the String before using this method.
- *
- * @param [String] str The string to be zeroed out.
- * @raise [TypeError] When passed something other than a String
- * @return [nil]
- */
-VALUE oroku_saki_shred_bang(VALUE rb_module, VALUE rb_str) {
-  if (TYPE(rb_str) != T_STRING) {
+void raise_unless_string(VALUE rb_maybe_str, char *original_function_name) {
+  if (TYPE(rb_maybe_str) != T_STRING) {
     VALUE inspected_obj, obj_class_name;
-    inspected_obj = rb_funcall(rb_str, rb_intern("inspect"), 0);
+    inspected_obj = rb_funcall(rb_maybe_str, rb_intern("inspect"), 0);
     obj_class_name = rb_funcall(
-        rb_funcall(rb_str, rb_intern("class"), 0),
+        rb_funcall(rb_maybe_str, rb_intern("class"), 0),
         rb_intern("name"),
         0
         );
     rb_raise(
         rb_eTypeError,
-        "OrokuSaki.shred! received %s (%s), expected String!",
+        "%s received %s (%s), expected String!",
+        original_function_name,
         StringValueCStr(inspected_obj),
         StringValueCStr(obj_class_name)
         );
   }
+}
+
+/*
+ * This is a modified version of NaCl's crypto_verify_N functions adatpted to
+ * work with Ruby's String types and with variable lengths. We're returning
+ * the bitmonkeyed int from this to avoid branch predication.
+ */
+int secure_compare(VALUE rb_str_a, VALUE rb_str_b) {
+  uint_fast16_t d = 0U;
+  int i;
+  int len = RSTRING_LEN(rb_str_a);
+  char *a = RSTRING_PTR(rb_str_a);
+  char *b = RSTRING_PTR(rb_str_b);
+
+  for (i = 0; i < len; i++) {
+    d |= a[i] ^ b[i];
+  }
+
+  return (1 & ((d - 1) >> 8)) - 1;
+}
+
+/* The C implementation of secure compare, don't use!
+ *
+ * The return type is a Fixnum to avoid certain optimizations that cause the
+ * branch predictor to potentially leak timing information.
+ *
+ * @param [String] rb_str_a
+ * @param [String] rb_str_b
+ * @return [Fixnum] Zero for success, other values for failure.
+ * @api private
+ */
+VALUE oroku_saki_secure_compare(VALUE rb_module, VALUE rb_str_a, VALUE rb_str_b) {
+  raise_unless_string(rb_str_a, "OrokuSaki.secure_compare");
+  raise_unless_string(rb_str_b, "OrokuSaki.secure_compare");
+
+  if (RSTRING_LEN(rb_str_a) != RSTRING_LEN(rb_str_b)) {
+    return INT2FIX(-1);
+  }
+
+  return INT2FIX(secure_compare(rb_str_a, rb_str_b));
+}
+
+/* Zero out the memory housing the passed string.
+ *
+ * This method takes in a string and zeros out the memory it occupies, by design
+ * it does not respect frozen states of strings so make sure you're actually
+ * done with the String before using this method.
+ *
+ * @param [String] rb_str The string to be zeroed out.
+ * @raise [TypeError] When passed something other than a String
+ * @return [nil]
+ */
+VALUE oroku_saki_shred_bang(VALUE rb_module, VALUE rb_str) {
+  raise_unless_string(rb_str, "OrokuSaki.shred!");
   memzero(RSTRING_PTR(rb_str), RSTRING_LEN(rb_str));
   return Qnil;
 }
@@ -38,4 +84,6 @@ Init_oroku_saki(void)
   rb_mOrokuSaki = rb_define_module("OrokuSaki");
   rb_define_singleton_method(rb_mOrokuSaki, "shred!",
       oroku_saki_shred_bang, 1);
+  rb_define_singleton_method(rb_mOrokuSaki, "secure_compare_c",
+      oroku_saki_secure_compare, 2);
 }

data/ext/oroku_saki/oroku_saki.h

@@ -4,4 +4,7 @@
 #include "ruby.h"
 #include "memzero.h"
 
+VALUE oroku_saki_secure_compare(VALUE rb_module, VALUE rb_str_a, VALUE rb_str_b);
+VALUE oroku_saki_shred_bang(VALUE rb_module, VALUE rb_str);
+
 #endif /* OROKU_SAKI_H */

data/lib/oroku_saki/version.rb

@@ -1,3 +1,3 @@
 module OrokuSaki
-  VERSION = "1.0.0"
+  VERSION = "1.1.2"
 end

data/lib/oroku_saki.rb

@@ -6,10 +6,14 @@ require 'objspace'
 
 module OrokuSaki
   STRING_FINALIZER =  ->(id) {
-    OrokuSaki.shred!(ObjectSpace._id2ref(id))
+    OrokuSaki.shred!(ObjectSpace._id2ref(id)) rescue nil
   }
   private_constant :STRING_FINALIZER
 
+  class << self
+    private :secure_compare_c
+  end
+
   # Attaches the shred method as a finalizer for the passed string
   #
   # Gems working with sensitive data that needs to be returned to the user need
@@ -19,13 +23,23 @@ module OrokuSaki
   #
   # @param [String] str The string to be shredded befor GC reaping
   # @return [String] The original string
-  #
+  # @raise [TypeError] When passed something other than a String
   def self.shred_later(str)
     if !(String === str)
       raise TypeError,
         "OrokuSaki.shred_later received #{str} (#{str.class}), expected String!"
     end
-    ObjectSpace.define_finalizer(str, STRING_FINALIZER)
+    ObjectSpace.define_finalizer(str, STRING_FINALIZER) unless str.frozen?
     str
   end
+
+  # Bitewise compare two strings in constant time
+  #
+  # @param [String] a The first string to look at
+  # @param [String] b The second string to look at
+  # @return [Boolean]
+  # @raise [TypeError] When passed something other than a String for either argument
+  def self.secure_compare(a, b)
+    secure_compare_c(a, b) == 0
+  end
 end

data/oroku_saki.gemspec

@@ -10,9 +10,10 @@ Gem::Specification.new do |spec|
   spec.email         = ["t.pickett66@gmail.com"]
 
   spec.summary       = %q{OrokuSaki, a.k.a. Shredder, is the destroyer of strings and attacker's worst nightmare!}
-  spec.description   = "OrokuSaki, a.k.a. Shredder, is a small collection for " \
-    "ensuring the strings used in cryptographic operations remain secret. It is " \
-    "based around a simple memzero C function."
+  spec.description   = "OrokuSaki, a.k.a. Shredder, is a small collection of " \
+    "utilities for ensuring the strings used in cryptographic operations " \
+    "remain secret. This currently includes memory zeroing and constant time " \
+    "String comparisons."
   spec.homepage      = "https://github.com/tpickett66/oroku_saki"
   spec.license       = "MIT"
 
@@ -22,10 +23,10 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
   spec.extensions    = ["ext/oroku_saki/extconf.rb"]
 
-  spec.add_development_dependency "bundler", "~> 1.11"
-  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "bundler", "~> 2.2.33"
+  spec.add_development_dependency "rake", "~> 12.3.2"
   spec.add_development_dependency "rake-compiler", "~> 0.9"
   spec.add_development_dependency "rspec", "~> 3.0"
   spec.add_development_dependency "byebug", "~> 8.2"
-  spec.add_development_dependency "yard", "~> 0.8.7"
+  spec.add_development_dependency "yard", "~> 0.9.11"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oroku_saki
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.2
 platform: ruby
 authors:
 - Tyler Pickett
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2016-04-13 00:00:00.000000000 Z
+date: 2022-03-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.11'
+        version: 2.2.33
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.11'
+        version: 2.2.33
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.2
 - !ruby/object:Gem::Dependency
   name: rake-compiler
   requirement: !ruby/object:Gem::Requirement
@@ -86,17 +86,17 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.7
+        version: 0.9.11
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.7
-description: OrokuSaki, a.k.a. Shredder, is a small collection for ensuring the strings
-  used in cryptographic operations remain secret. It is based around a simple memzero
-  C function.
+        version: 0.9.11
+description: OrokuSaki, a.k.a. Shredder, is a small collection of utilities for ensuring
+  the strings used in cryptographic operations remain secret. This currently includes
+  memory zeroing and constant time String comparisons.
 email:
 - t.pickett66@gmail.com
 executables: []
@@ -127,7 +127,7 @@ homepage: https://github.com/tpickett66/oroku_saki
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -142,11 +142,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.5
-signing_key: 
+rubygems_version: 3.3.7
+signing_key:
 specification_version: 4
 summary: OrokuSaki, a.k.a. Shredder, is the destroyer of strings and attacker's worst
   nightmare!
 test_files: []
-has_rdoc: