polarssl 0.0.7 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.ruby-version +1 -1
- data/.travis.yml +13 -3
- data/README.md +23 -3
- data/ext/polarssl/cipher.c +46 -17
- data/lib/polarssl/version.rb +2 -2
- data/test/cipher_encryption_test.rb +16 -50
- data/test/test_helper.rb +1 -1
- metadata +7 -9
- data/test/verify_minitest_test.rb +0 -9
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1fd9d49d8ac891f5554252d42b1de6c9f1b4c4e5
|
|
4
|
+
data.tar.gz: f6fea6507b3f0614b6bbe33bf3b620a72fb21390
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6ed864224bc4bf545953f0bc5076f8f668ef74151755d70410879e0b85d6e9ddc1c32fab951c8411da0a9027c5b97e5ccb7e2f0112bad383de7af71d09584306
|
|
7
|
+
data.tar.gz: 8333074c510c02044f704563c2b4ea9999d4cb228ba74218bc888cc32c54e9ddfdd1d4b684b7311a1faab0b8f5b9e3e326c3ed5d58e9755fc5c1dfc8b6755b55
|
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.
|
|
1
|
+
2.1.2
|
data/.travis.yml
CHANGED
|
@@ -1,8 +1,18 @@
|
|
|
1
1
|
before_install:
|
|
2
2
|
- sudo apt-get update -qq
|
|
3
|
-
|
|
3
|
+
|
|
4
|
+
install:
|
|
5
|
+
- bundle install
|
|
6
|
+
- wget https://polarssl.org/download/polarssl-1.3.9-gpl.tgz
|
|
7
|
+
- tar -xzvf polarssl-1.3.9-gpl.tgz
|
|
8
|
+
- cd polarssl-1.3.9 && cmake -D USE_SHARED_POLARSSL_LIBRARY:BOOL=ON . && make && sudo make install
|
|
4
9
|
|
|
5
10
|
language: ruby
|
|
11
|
+
|
|
6
12
|
rvm:
|
|
7
|
-
-
|
|
8
|
-
-
|
|
13
|
+
- 2.0.0
|
|
14
|
+
- 1.9.3
|
|
15
|
+
|
|
16
|
+
notifications:
|
|
17
|
+
slack:
|
|
18
|
+
secure: gnM7a3r5oNA/O/+2NXDB6akdyRlio3RP0v0HCi3+/zOuph03JAWVE8u321vkDYdDUhOzWKA37FH3buUwULKjl3TBGto5DFDHh4BCT7jJyt2cLC2cZzC8Q5NZYDTUwXFlJnbWI81yZuTAG80MSrhQLRi7wZyZjWmWCQXbwIk179I=
|
data/README.md
CHANGED
|
@@ -4,12 +4,26 @@ PolarSSL for Ruby
|
|
|
4
4
|
* API documentation: http://michiels.github.io/polarssl-ruby/doc
|
|
5
5
|
* RubyGems.org: http://rubygems.org/gems/polarssl
|
|
6
6
|
|
|
7
|
+
<table>
|
|
8
|
+
<tr>
|
|
9
|
+
<th>PolarSSL version</th>
|
|
10
|
+
<th>Gem version</th>
|
|
11
|
+
</tr>
|
|
12
|
+
<tr>
|
|
13
|
+
<td><= 1.2.x</td><td>0.0.7</td>
|
|
14
|
+
</tr>
|
|
15
|
+
<tr>
|
|
16
|
+
<td>>= 1.3.x</td><td>1.x.x</td>
|
|
17
|
+
</tr>
|
|
18
|
+
</table>
|
|
19
|
+
|
|
7
20
|
## Description
|
|
8
21
|
|
|
9
22
|
With PolarSSL for Ruby, you can use SSL and cryptography functionality from PolarSSL in your Ruby programs.
|
|
10
23
|
|
|
11
24
|
## Features
|
|
12
25
|
|
|
26
|
+
* Encrypt/decrypt data.
|
|
13
27
|
* Set up encrypted SSL connections.
|
|
14
28
|
|
|
15
29
|
## Installation
|
|
@@ -18,6 +32,12 @@ With PolarSSL for Ruby, you can use SSL and cryptography functionality from Pola
|
|
|
18
32
|
gem install polarssl
|
|
19
33
|
```
|
|
20
34
|
|
|
35
|
+
Or in your Gemfile:
|
|
36
|
+
|
|
37
|
+
```
|
|
38
|
+
gem "polarssl", "~> 1.0.0"
|
|
39
|
+
```
|
|
40
|
+
|
|
21
41
|
## Usage
|
|
22
42
|
|
|
23
43
|
### Setting up a SSL connection
|
|
@@ -72,7 +92,7 @@ cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
|
|
72
92
|
|
|
73
93
|
my_iv = SecureRandom.random_bytes(16)
|
|
74
94
|
|
|
75
|
-
cipher.
|
|
95
|
+
cipher.set_iv(my_iv, 16)
|
|
76
96
|
cipher.setkey("my16bytekey23456", 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
|
77
97
|
cipher.update("some secret message I want to keep")
|
|
78
98
|
encrypted_data = cipher.finish
|
|
@@ -81,7 +101,7 @@ encoded_encrypted_data = Base64.encode64(encrypted_data)
|
|
|
81
101
|
encoded_iv = Base64.encode64(my_iv)
|
|
82
102
|
```
|
|
83
103
|
|
|
84
|
-
See the documentation for the `Cipher` class in the [API documentation](http://michiels.github.io/polarssl-ruby/doc)
|
|
104
|
+
See the documentation for the `Cipher` class in the [API documentation](http://michiels.github.io/polarssl-ruby/doc)
|
|
85
105
|
for all the available options.
|
|
86
106
|
|
|
87
107
|
## Contributing
|
|
@@ -138,4 +158,4 @@ GNU Lesser General Public License for more details.
|
|
|
138
158
|
|
|
139
159
|
You should have received a copy of the GNU Lesser General Public License
|
|
140
160
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
141
|
-
```
|
|
161
|
+
```
|
data/ext/polarssl/cipher.c
CHANGED
|
@@ -30,6 +30,7 @@ VALUE rb_cipher_initialize();
|
|
|
30
30
|
VALUE rb_cipher_setkey();
|
|
31
31
|
VALUE rb_cipher_update();
|
|
32
32
|
VALUE rb_cipher_finish();
|
|
33
|
+
VALUE rb_cipher_set_iv();
|
|
33
34
|
VALUE rb_cipher_reset();
|
|
34
35
|
void rb_cipher_free();
|
|
35
36
|
|
|
@@ -59,7 +60,7 @@ void Init_cipher(void)
|
|
|
59
60
|
* my_iv = SecureRandom.random_bytes(16)
|
|
60
61
|
*
|
|
61
62
|
* cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
|
62
|
-
* cipher.
|
|
63
|
+
* cipher.set_iv(my_iv, 16)
|
|
63
64
|
* cipher.setkey("mykey", 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
|
64
65
|
* cipher.update("secret stuff I want encrypted")
|
|
65
66
|
* encrypted_data = cipher.finish()
|
|
@@ -148,7 +149,8 @@ void Init_cipher(void)
|
|
|
148
149
|
rb_define_method( cCipher, "setkey", rb_cipher_setkey, 3 );
|
|
149
150
|
rb_define_method( cCipher, "update", rb_cipher_update, 1 );
|
|
150
151
|
rb_define_method( cCipher, "finish", rb_cipher_finish, 0 );
|
|
151
|
-
rb_define_method( cCipher, "
|
|
152
|
+
rb_define_method( cCipher, "set_iv", rb_cipher_set_iv, 2 );
|
|
153
|
+
rb_define_method( cCipher, "reset", rb_cipher_reset, 0 );
|
|
152
154
|
}
|
|
153
155
|
|
|
154
156
|
VALUE rb_cipher_allocate( VALUE klass )
|
|
@@ -170,7 +172,11 @@ VALUE rb_cipher_allocate( VALUE klass )
|
|
|
170
172
|
/*
|
|
171
173
|
* call-seq: new(cipher_type)
|
|
172
174
|
*
|
|
173
|
-
* Initializes a new Cipher object to encrypt data with.
|
|
175
|
+
* Initializes a new Cipher object to encrypt data with.
|
|
176
|
+
*
|
|
177
|
+
* cipher = PolarSSL::Cipher.new('AES-128-CTR')
|
|
178
|
+
*
|
|
179
|
+
* For supported cipher types,
|
|
174
180
|
* see: https://github.com/michiels/polarssl-ruby/wiki/Using-PolarSSL::Cipher
|
|
175
181
|
*
|
|
176
182
|
*/
|
|
@@ -204,35 +210,55 @@ VALUE rb_cipher_initialize( VALUE self, VALUE cipher_type )
|
|
|
204
210
|
}
|
|
205
211
|
|
|
206
212
|
/*
|
|
207
|
-
* call-seq:
|
|
213
|
+
* call-seq: set_iv(iv_val, iv_len_val)
|
|
208
214
|
*
|
|
209
|
-
* Sets
|
|
215
|
+
* Sets the initialization vector for the cipher. An initialization
|
|
210
216
|
* vector is used to "randomize" the output ciphertext so attackers cannot
|
|
211
217
|
* guess your data based on a partially decrypted data.
|
|
212
218
|
*
|
|
213
|
-
*
|
|
219
|
+
* cipher.set_iv("16byteiv12345678", 16)
|
|
214
220
|
*
|
|
215
221
|
* One option to generate a random initialization vector is by using
|
|
216
222
|
* SecureRandom.random_bytes. Store this initialization vector with the
|
|
217
223
|
* ciphertext and you'll easily able to decrypt the ciphertext.
|
|
218
224
|
*
|
|
219
225
|
*/
|
|
220
|
-
VALUE
|
|
226
|
+
VALUE rb_cipher_set_iv( VALUE self, VALUE iv_val, VALUE iv_len_val )
|
|
221
227
|
{
|
|
228
|
+
int ret = 0;
|
|
222
229
|
rb_cipher_t *rb_cipher;
|
|
223
230
|
unsigned char *iv;
|
|
224
|
-
|
|
231
|
+
size_t iv_len;
|
|
225
232
|
|
|
226
|
-
|
|
233
|
+
Data_Get_Struct( self, rb_cipher_t, rb_cipher );
|
|
234
|
+
Check_Type( iv_val, T_STRING );
|
|
235
|
+
iv = (unsigned char *) StringValuePtr( iv_val );
|
|
236
|
+
Check_Type( iv_len_val, T_FIXNUM );
|
|
237
|
+
iv_len = FIX2INT( iv_len_val );
|
|
227
238
|
|
|
228
|
-
|
|
239
|
+
if ( ( ret = cipher_set_iv( rb_cipher->ctx, iv, iv_len ) ) != 0 )
|
|
240
|
+
rb_raise( e_CipherError, "Failed to set IV. PolarSSL error: -0x%x", -ret );
|
|
229
241
|
|
|
230
|
-
|
|
242
|
+
return Qtrue;
|
|
243
|
+
}
|
|
231
244
|
|
|
232
|
-
|
|
245
|
+
/*
|
|
246
|
+
* call-seq: reset
|
|
247
|
+
*
|
|
248
|
+
* Reset the cipher context and buffers.
|
|
249
|
+
*
|
|
250
|
+
* cipher.reset()
|
|
251
|
+
*
|
|
252
|
+
*/
|
|
253
|
+
VALUE rb_cipher_reset( VALUE self )
|
|
254
|
+
{
|
|
255
|
+
int ret;
|
|
256
|
+
rb_cipher_t *rb_cipher;
|
|
233
257
|
|
|
234
|
-
|
|
235
|
-
|
|
258
|
+
Data_Get_Struct( self, rb_cipher_t, rb_cipher );
|
|
259
|
+
|
|
260
|
+
if ( ( ret = cipher_reset( rb_cipher->ctx ) ) != 0 )
|
|
261
|
+
rb_raise( e_CipherError, "Failed to reset cipher. PolarSSL error: -0x%x", -ret );
|
|
236
262
|
|
|
237
263
|
return Qtrue;
|
|
238
264
|
}
|
|
@@ -243,8 +269,7 @@ VALUE rb_cipher_reset( VALUE self, VALUE initialization_vector )
|
|
|
243
269
|
* Sets the key to be used for encrypting/decrypting this cipher. The key, key_length and operation
|
|
244
270
|
* depend on which cipher you are using. For example, when using AES-128-CTR you would use something like:
|
|
245
271
|
*
|
|
246
|
-
* cipher
|
|
247
|
-
* cipher.setkey('mykey', 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
|
272
|
+
* cipher.setkey('my16bytekey12345', 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
|
248
273
|
*
|
|
249
274
|
* for both encryping and decrypting your cipher.
|
|
250
275
|
*
|
|
@@ -273,6 +298,8 @@ VALUE rb_cipher_setkey( VALUE self, VALUE key, VALUE key_length, VALUE operation
|
|
|
273
298
|
*
|
|
274
299
|
* Adds input to your cipher.
|
|
275
300
|
*
|
|
301
|
+
* cipher.update("Some message I want to encrypt")
|
|
302
|
+
*
|
|
276
303
|
*/
|
|
277
304
|
VALUE rb_cipher_update( VALUE self, VALUE rb_input )
|
|
278
305
|
{
|
|
@@ -305,6 +332,8 @@ VALUE rb_cipher_update( VALUE self, VALUE rb_input )
|
|
|
305
332
|
*
|
|
306
333
|
* Finishes encrypting the data added by one or multiple update() calls and returns the encrypted data.
|
|
307
334
|
*
|
|
335
|
+
* encrypted_ciphertext = cipher.finish()
|
|
336
|
+
*
|
|
308
337
|
*/
|
|
309
338
|
VALUE rb_cipher_finish( VALUE self )
|
|
310
339
|
{
|
|
@@ -328,4 +357,4 @@ void rb_cipher_free( rb_cipher_t *rb_cipher )
|
|
|
328
357
|
cipher_free_ctx(rb_cipher->ctx );
|
|
329
358
|
|
|
330
359
|
xfree( rb_cipher );
|
|
331
|
-
}
|
|
360
|
+
}
|
data/lib/polarssl/version.rb
CHANGED
|
@@ -3,72 +3,38 @@ require 'base64'
|
|
|
3
3
|
require 'securerandom'
|
|
4
4
|
|
|
5
5
|
class CipherTest < MiniTest::Unit::TestCase
|
|
6
|
+
CIPHER = 'AES-128-CTR'
|
|
7
|
+
VALUE = 'test data value'
|
|
8
|
+
KEY = 'bar'
|
|
6
9
|
|
|
7
10
|
def test_aes_128_ctr_encrypt
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
|
16
|
-
cipher.setkey(key, 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
|
17
|
-
cipher.reset(iv)
|
|
18
|
-
cipher.update(input)
|
|
11
|
+
iv = SecureRandom.random_bytes(16)
|
|
12
|
+
|
|
13
|
+
cipher = PolarSSL::Cipher.new CIPHER
|
|
14
|
+
cipher.setkey KEY, 128, PolarSSL::Cipher::OPERATION_ENCRYPT
|
|
15
|
+
cipher.set_iv(iv, 16)
|
|
16
|
+
cipher.update(VALUE)
|
|
19
17
|
encrypted = cipher.finish
|
|
20
18
|
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
key = hex_to_bin("2b7e151628aed2a6abf7158809cf4f3c")
|
|
26
|
-
iv = hex_to_bin("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff")
|
|
27
|
-
input = hex_to_bin("874d6191b620e3261bef6864990db6ce")
|
|
28
|
-
should_decrypt_as = hex_to_bin("6bc1bee22e409f96e93d7e117393172a")
|
|
29
|
-
|
|
30
|
-
cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
|
31
|
-
cipher.setkey(key, 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
|
32
|
-
cipher.reset(iv)
|
|
33
|
-
cipher.update(input)
|
|
19
|
+
cipher = PolarSSL::Cipher.new CIPHER
|
|
20
|
+
cipher.setkey KEY, 128, PolarSSL::Cipher::OPERATION_DECRYPT
|
|
21
|
+
cipher.set_iv(iv, 16)
|
|
22
|
+
cipher.update(encrypted)
|
|
34
23
|
decrypted = cipher.finish
|
|
35
|
-
|
|
36
|
-
assert_equal
|
|
24
|
+
|
|
25
|
+
assert_equal VALUE, decrypted
|
|
37
26
|
end
|
|
38
27
|
|
|
39
28
|
def test_unsupported_cipher
|
|
40
|
-
|
|
41
29
|
assert_raises PolarSSL::Cipher::UnsupportedCipher do
|
|
42
30
|
PolarSSL::Cipher.new("meh")
|
|
43
31
|
end
|
|
44
|
-
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
def test_initialization_vector_not_a_string
|
|
48
|
-
cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
|
49
|
-
|
|
50
|
-
assert_raises TypeError do
|
|
51
|
-
cipher.reset(nil)
|
|
52
|
-
end
|
|
53
32
|
end
|
|
54
33
|
|
|
55
34
|
def test_unsupported_key
|
|
56
|
-
|
|
57
35
|
assert_raises PolarSSL::Cipher::Error do
|
|
58
36
|
cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
|
59
37
|
cipher.setkey("1234567890123456", 127, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
|
60
38
|
end
|
|
61
|
-
|
|
62
39
|
end
|
|
63
|
-
|
|
64
|
-
private
|
|
65
|
-
|
|
66
|
-
def hex_to_bin(hex)
|
|
67
|
-
hex.scan(/../).map { |x| x.hex.chr }.join
|
|
68
|
-
end
|
|
69
|
-
|
|
70
|
-
def bin_to_hex(data)
|
|
71
|
-
data.each_byte.map { |b| b.to_s(16).join }
|
|
72
|
-
end
|
|
73
|
-
|
|
74
|
-
end
|
|
40
|
+
end
|
data/test/test_helper.rb
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
1
|
require 'minitest/autorun'
|
|
2
|
-
require 'polarssl'
|
|
2
|
+
require 'polarssl'
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: polarssl
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Michiel Sikkes
|
|
@@ -17,9 +17,9 @@ extensions:
|
|
|
17
17
|
- ext/polarssl/extconf.rb
|
|
18
18
|
extra_rdoc_files: []
|
|
19
19
|
files:
|
|
20
|
-
- .gitignore
|
|
21
|
-
- .ruby-version
|
|
22
|
-
- .travis.yml
|
|
20
|
+
- ".gitignore"
|
|
21
|
+
- ".ruby-version"
|
|
22
|
+
- ".travis.yml"
|
|
23
23
|
- COPYING
|
|
24
24
|
- COPYING.LESSER
|
|
25
25
|
- Gemfile
|
|
@@ -48,7 +48,6 @@ files:
|
|
|
48
48
|
- test/entropy_test.rb
|
|
49
49
|
- test/ssl_connection_test.rb
|
|
50
50
|
- test/test_helper.rb
|
|
51
|
-
- test/verify_minitest_test.rb
|
|
52
51
|
homepage: http://github.com/michiels/polarssl-ruby
|
|
53
52
|
licenses:
|
|
54
53
|
- LGPL-3
|
|
@@ -59,18 +58,18 @@ require_paths:
|
|
|
59
58
|
- lib
|
|
60
59
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
61
60
|
requirements:
|
|
62
|
-
- -
|
|
61
|
+
- - ">="
|
|
63
62
|
- !ruby/object:Gem::Version
|
|
64
63
|
version: '0'
|
|
65
64
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
66
65
|
requirements:
|
|
67
|
-
- -
|
|
66
|
+
- - ">="
|
|
68
67
|
- !ruby/object:Gem::Version
|
|
69
68
|
version: '0'
|
|
70
69
|
requirements:
|
|
71
70
|
- libpolarssl
|
|
72
71
|
rubyforge_project:
|
|
73
|
-
rubygems_version: 2.
|
|
72
|
+
rubygems_version: 2.2.2
|
|
74
73
|
signing_key:
|
|
75
74
|
specification_version: 4
|
|
76
75
|
summary: Use the PolarSSL cryptographic and SSL library in Ruby.
|
|
@@ -79,4 +78,3 @@ test_files:
|
|
|
79
78
|
- test/ctr_drbg_test.rb
|
|
80
79
|
- test/entropy_test.rb
|
|
81
80
|
- test/ssl_connection_test.rb
|
|
82
|
-
- test/verify_minitest_test.rb
|