rbnacl 1.0.0 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/CHANGES.md +3 -4
- data/README.md +41 -14
- data/bascule.cert +21 -0
- data/lib/rbnacl.rb +6 -0
- data/lib/rbnacl/auth.rb +30 -3
- data/lib/rbnacl/auth/one_time.rb +7 -0
- data/lib/rbnacl/box.rb +40 -10
- data/lib/rbnacl/hmac/sha256.rb +7 -0
- data/lib/rbnacl/hmac/sha512256.rb +7 -0
- data/lib/rbnacl/keys/private_key.rb +19 -4
- data/lib/rbnacl/keys/public_key.rb +15 -1
- data/lib/rbnacl/keys/signing_key.rb +30 -9
- data/lib/rbnacl/keys/verify_key.rb +23 -3
- data/lib/rbnacl/nacl.rb +33 -19
- data/lib/rbnacl/point.rb +7 -4
- data/lib/rbnacl/random_nonce_box.rb +7 -2
- data/lib/rbnacl/secret_box.rb +38 -5
- data/lib/rbnacl/version.rb +1 -1
- data/rbnacl.gemspec +2 -2
- data/spec/rbnacl/auth/one_time_spec.rb +1 -1
- data/spec/rbnacl/box_spec.rb +6 -6
- data/spec/rbnacl/hash_spec.rb +10 -2
- data/spec/rbnacl/hmac/sha256_spec.rb +1 -1
- data/spec/rbnacl/hmac/sha512256_spec.rb +1 -1
- data/spec/rbnacl/keys/private_key_spec.rb +12 -12
- data/spec/rbnacl/keys/public_key_spec.rb +10 -10
- data/spec/rbnacl/keys/signing_key_spec.rb +11 -12
- data/spec/rbnacl/keys/verify_key_spec.rb +6 -6
- data/spec/rbnacl/point_spec.rb +10 -10
- data/spec/rbnacl/random_nonce_box_spec.rb +6 -30
- data/spec/rbnacl/secret_box_spec.rb +3 -3
- data/spec/shared/authenticator.rb +5 -5
- data/spec/shared/box.rb +3 -3
- data/spec/spec_helper.rb +12 -0
- metadata +5 -2
- metadata.gz.sig +2 -2
@@ -2,17 +2,17 @@
|
|
2
2
|
require 'spec_helper'
|
3
3
|
|
4
4
|
describe Crypto::PublicKey do
|
5
|
-
let(:alicepk) {
|
6
|
-
let(:
|
5
|
+
let(:alicepk) { test_vector :alice_public }
|
6
|
+
let(:alicepk_hex) { bytes2hex alicepk }
|
7
7
|
|
8
|
-
subject { Crypto::PublicKey.new(alicepk
|
8
|
+
subject { Crypto::PublicKey.new(alicepk) }
|
9
9
|
|
10
10
|
context "new" do
|
11
11
|
it "accepts a valid key" do
|
12
|
-
expect { Crypto::PublicKey.new(
|
12
|
+
expect { Crypto::PublicKey.new(alicepk) }.not_to raise_error
|
13
13
|
end
|
14
14
|
it "accepts a valid key in hex" do
|
15
|
-
expect { Crypto::PublicKey.new(
|
15
|
+
expect { Crypto::PublicKey.new(alicepk_hex, :hex) }.not_to raise_error
|
16
16
|
end
|
17
17
|
it "rejects a nil key" do
|
18
18
|
expect { Crypto::PublicKey.new(nil) }.to raise_error(ArgumentError)
|
@@ -24,22 +24,22 @@ describe Crypto::PublicKey do
|
|
24
24
|
|
25
25
|
context "#to_bytes" do
|
26
26
|
it "returns the bytes of the key" do
|
27
|
-
subject.to_bytes.should eq
|
27
|
+
subject.to_bytes.should eq alicepk
|
28
28
|
end
|
29
29
|
end
|
30
30
|
|
31
31
|
context "#to_s" do
|
32
32
|
it "returns the bytes of the key" do
|
33
|
-
subject.to_s.should eq
|
33
|
+
subject.to_s.should eq alicepk
|
34
34
|
end
|
35
35
|
it "returns the bytes of the key hex encoded" do
|
36
|
-
subject.to_s(:hex).should eq
|
36
|
+
subject.to_s(:hex).should eq alicepk_hex
|
37
37
|
end
|
38
38
|
end
|
39
|
-
|
39
|
+
|
40
40
|
include_examples "key equality" do
|
41
41
|
let(:key) { subject }
|
42
42
|
let(:key_bytes) { subject.to_bytes }
|
43
|
-
let(:other_key) { described_class.new(
|
43
|
+
let(:other_key) { described_class.new(alicepk.succ) }
|
44
44
|
end
|
45
45
|
end
|
@@ -2,38 +2,37 @@
|
|
2
2
|
require 'spec_helper'
|
3
3
|
|
4
4
|
describe Crypto::SigningKey do
|
5
|
-
let(:
|
6
|
-
let(:
|
5
|
+
let(:signing_key_hex) { hex_vector :sign_private }
|
6
|
+
let(:signing_key) { hex2bytes signing_key_hex }
|
7
7
|
|
8
|
-
let(:message) {
|
9
|
-
let(:signature) {
|
10
|
-
let(:signature_raw) { Crypto::Encoder[:hex].decode(signature) }
|
8
|
+
let(:message) { test_vector :sign_message }
|
9
|
+
let(:signature) { test_vector :sign_signature }
|
11
10
|
|
12
11
|
# NOTE: this implicitly covers testing initialization from bytes
|
13
|
-
subject { described_class.new(
|
12
|
+
subject { described_class.new(signing_key_hex, :hex) }
|
14
13
|
|
15
14
|
it "generates keys" do
|
16
15
|
described_class.generate.should be_a described_class
|
17
16
|
end
|
18
17
|
|
19
18
|
it "signs messages as bytes" do
|
20
|
-
subject.sign(message).should eq
|
19
|
+
subject.sign(message).should eq signature
|
21
20
|
end
|
22
21
|
|
23
22
|
it "signs messages as hex" do
|
24
|
-
subject.sign(message, :hex).should eq signature
|
23
|
+
subject.sign(message, :hex).should eq bytes2hex signature
|
25
24
|
end
|
26
25
|
|
27
26
|
it "serializes to hex" do
|
28
|
-
subject.to_s(:hex).should eq
|
27
|
+
subject.to_s(:hex).should eq signing_key_hex
|
29
28
|
end
|
30
29
|
|
31
30
|
it "serializes to bytes" do
|
32
|
-
subject.to_bytes.should eq
|
31
|
+
subject.to_bytes.should eq signing_key
|
33
32
|
end
|
34
|
-
|
33
|
+
|
35
34
|
include_examples "key equality" do
|
36
|
-
let(:key_bytes) {
|
35
|
+
let(:key_bytes) { signing_key }
|
37
36
|
let(:key) { described_class.new(key_bytes) }
|
38
37
|
let(:other_key) { described_class.new("B"*32) }
|
39
38
|
end
|
@@ -1,12 +1,12 @@
|
|
1
1
|
# encoding: binary
|
2
2
|
describe Crypto::VerifyKey do
|
3
|
-
let(:signing_key) {
|
4
|
-
let(:verify_key) {
|
5
|
-
let(:verify_key_raw) {
|
3
|
+
let(:signing_key) { hex_vector :sign_private }
|
4
|
+
let(:verify_key) { hex_vector :sign_public }
|
5
|
+
let(:verify_key_raw) { hex2bytes verify_key }
|
6
6
|
|
7
|
-
let(:message) {
|
8
|
-
let(:signature) {
|
9
|
-
let(:signature_raw) {
|
7
|
+
let(:message) { test_vector :sign_message }
|
8
|
+
let(:signature) { hex_vector :sign_signature }
|
9
|
+
let(:signature_raw) { hex2bytes signature }
|
10
10
|
let(:bad_signature) { sig = signature.dup; sig[0] = (sig[0].ord + 1).chr; sig }
|
11
11
|
|
12
12
|
subject { Crypto::SigningKey.new(signing_key, :hex).verify_key }
|
data/spec/rbnacl/point_spec.rb
CHANGED
@@ -2,28 +2,28 @@
|
|
2
2
|
require 'spec_helper'
|
3
3
|
|
4
4
|
describe Crypto::Point do
|
5
|
-
let(:alice_private) {
|
6
|
-
let(:alice_public) {
|
5
|
+
let(:alice_private) { test_vector :alice_private }
|
6
|
+
let(:alice_public) { test_vector :alice_public }
|
7
7
|
|
8
|
-
let(:bob_public) {
|
8
|
+
let(:bob_public) { test_vector :bob_public }
|
9
9
|
|
10
|
-
let(:alice_mult_bob) {
|
10
|
+
let(:alice_mult_bob) { test_vector :alice_mult_bob }
|
11
11
|
|
12
|
-
subject { described_class.new(bob_public
|
12
|
+
subject { described_class.new(bob_public) }
|
13
13
|
|
14
14
|
it "multiplies integers with the base point" do
|
15
|
-
described_class.base.mult(alice_private
|
15
|
+
described_class.base.mult(alice_private).to_s.should eq alice_public
|
16
16
|
end
|
17
17
|
|
18
18
|
it "multiplies integers with arbitrary points" do
|
19
|
-
described_class.new(bob_public
|
19
|
+
described_class.new(bob_public).mult(alice_private).to_s.should eq alice_mult_bob
|
20
20
|
end
|
21
21
|
|
22
22
|
it "serializes to bytes" do
|
23
|
-
subject.to_bytes.should eq
|
23
|
+
subject.to_bytes.should eq bob_public
|
24
24
|
end
|
25
25
|
|
26
26
|
it "serializes to hex" do
|
27
|
-
subject.to_s(:hex).should eq bob_public
|
27
|
+
subject.to_s(:hex).should eq bytes2hex bob_public
|
28
28
|
end
|
29
|
-
end
|
29
|
+
end
|
@@ -2,13 +2,10 @@
|
|
2
2
|
require 'spec_helper'
|
3
3
|
|
4
4
|
describe Crypto::RandomNonceBox do
|
5
|
-
let (:secret_key) {
|
6
|
-
[0x1b,0x27,0x55,0x64,0x73,0xe9,0x85,0xd4,0x62,0xcd,0x51,0x19,0x7a,0x9a,0x46,0xc7,
|
7
|
-
0x60,0x09,0x54,0x9e,0xac,0x64,0x74,0xf2,0x06,0xc4,0xee,0x08,0x44,0xf6,0x83,0x89].pack('c*')
|
8
|
-
} # from the nacl distribution
|
5
|
+
let (:secret_key) { test_vector :secret_key }
|
9
6
|
let(:secret_box) { Crypto::SecretBox.new(secret_key) }
|
10
|
-
let (:alicepk) {
|
11
|
-
let (:bobsk)
|
7
|
+
let (:alicepk) { test_vector :alice_public }
|
8
|
+
let (:bobsk) { test_vector :bob_private }
|
12
9
|
|
13
10
|
context "instantiation" do
|
14
11
|
it "can be instantiated from an already existing box" do
|
@@ -32,30 +29,9 @@ describe Crypto::RandomNonceBox do
|
|
32
29
|
|
33
30
|
|
34
31
|
context "cryptography" do
|
35
|
-
let(:nonce)
|
36
|
-
let(:message)
|
37
|
-
|
38
|
-
0x52,0x28,0xc5,0x2a,0x4c,0x62,0xcb,0xd4,0x4b,0x66,0x84,0x9b,0x64,0x24,0x4f,0xfc,
|
39
|
-
0xe5,0xec,0xba,0xaf,0x33,0xbd,0x75,0x1a,0x1a,0xc7,0x28,0xd4,0x5e,0x6c,0x61,0x29,
|
40
|
-
0x6c,0xdc,0x3c,0x01,0x23,0x35,0x61,0xf4,0x1d,0xb6,0x6c,0xce,0x31,0x4a,0xdb,0x31,
|
41
|
-
0x0e,0x3b,0xe8,0x25,0x0c,0x46,0xf0,0x6d,0xce,0xea,0x3a,0x7f,0xa1,0x34,0x80,0x57,
|
42
|
-
0xe2,0xf6,0x55,0x6a,0xd6,0xb1,0x31,0x8a,0x02,0x4a,0x83,0x8f,0x21,0xaf,0x1f,0xde,
|
43
|
-
0x04,0x89,0x77,0xeb,0x48,0xf5,0x9f,0xfd,0x49,0x24,0xca,0x1c,0x60,0x90,0x2e,0x52,
|
44
|
-
0xf0,0xa0,0x89,0xbc,0x76,0x89,0x70,0x40,0xe0,0x82,0xf9,0x37,0x76,0x38,0x48,0x64,
|
45
|
-
0x5e,0x07,0x05].pack('c*')
|
46
|
-
}
|
47
|
-
let(:ciphertext) { # from nacl distribution
|
48
|
-
[0xf3,0xff,0xc7,0x70,0x3f,0x94,0x00,0xe5,0x2a,0x7d,0xfb,0x4b,0x3d,0x33,0x05,0xd9,
|
49
|
-
0x8e,0x99,0x3b,0x9f,0x48,0x68,0x12,0x73,0xc2,0x96,0x50,0xba,0x32,0xfc,0x76,0xce,
|
50
|
-
0x48,0x33,0x2e,0xa7,0x16,0x4d,0x96,0xa4,0x47,0x6f,0xb8,0xc5,0x31,0xa1,0x18,0x6a,
|
51
|
-
0xc0,0xdf,0xc1,0x7c,0x98,0xdc,0xe8,0x7b,0x4d,0xa7,0xf0,0x11,0xec,0x48,0xc9,0x72,
|
52
|
-
0x71,0xd2,0xc2,0x0f,0x9b,0x92,0x8f,0xe2,0x27,0x0d,0x6f,0xb8,0x63,0xd5,0x17,0x38,
|
53
|
-
0xb4,0x8e,0xee,0xe3,0x14,0xa7,0xcc,0x8a,0xb9,0x32,0x16,0x45,0x48,0xe5,0x26,0xae,
|
54
|
-
0x90,0x22,0x43,0x68,0x51,0x7a,0xcf,0xea,0xbd,0x6b,0xb3,0x73,0x2b,0xc0,0xe9,0xda,
|
55
|
-
0x99,0x83,0x2b,0x61,0xca,0x01,0xb6,0xde,0x56,0x24,0x4a,0x9e,0x88,0xd5,0xf9,0xb3,
|
56
|
-
0x79,0x73,0xf6,0x22,0xa4,0x3d,0x14,0xa6,0x59,0x9b,0x1f,0x65,0x4c,0xb4,0x5a,0x74,
|
57
|
-
0xe3,0x55,0xa5].pack('c*')
|
58
|
-
}
|
32
|
+
let(:nonce) { test_vector :box_nonce }
|
33
|
+
let(:message) { test_vector :box_message }
|
34
|
+
let(:ciphertext) { test_vector :box_ciphertext }
|
59
35
|
let(:random_box) { Crypto::RandomNonceBox.from_keypair(alicepk, bobsk) }
|
60
36
|
let(:enciphered_message) { random_box.box(message) }
|
61
37
|
let(:enciphered_message_hex) { random_box.box(message, :hex) }
|
@@ -2,11 +2,11 @@
|
|
2
2
|
require 'spec_helper'
|
3
3
|
|
4
4
|
describe Crypto::SecretBox do
|
5
|
-
let (:key) {
|
5
|
+
let (:key) { test_vector :secret_key }
|
6
6
|
|
7
7
|
context "new" do
|
8
8
|
it "accepts strings" do
|
9
|
-
expect { Crypto::SecretBox.new(key
|
9
|
+
expect { Crypto::SecretBox.new(key) }.to_not raise_error(Exception)
|
10
10
|
end
|
11
11
|
|
12
12
|
it "raises on a nil key" do
|
@@ -19,6 +19,6 @@ describe Crypto::SecretBox do
|
|
19
19
|
end
|
20
20
|
|
21
21
|
include_examples "box" do
|
22
|
-
let(:box) { Crypto::SecretBox.new(key
|
22
|
+
let(:box) { Crypto::SecretBox.new(key) }
|
23
23
|
end
|
24
24
|
end
|
@@ -1,10 +1,10 @@
|
|
1
1
|
# encoding: binary
|
2
2
|
shared_examples "authenticator" do
|
3
|
-
let (:hex_key) {
|
4
|
-
let (:key) {
|
5
|
-
let (:message) {
|
6
|
-
let(:tag)
|
7
|
-
|
3
|
+
let (:hex_key) { hex_vector :auth_key }
|
4
|
+
let (:key) { test_vector :auth_key }
|
5
|
+
let (:message) { test_vector :auth_message }
|
6
|
+
let (:tag) { hex2bytes hex_tag }
|
7
|
+
|
8
8
|
context ".new" do
|
9
9
|
it "accepts a key" do
|
10
10
|
expect { described_class.new(key) }.to_not raise_error(ArgumentError)
|
data/spec/shared/box.rb
CHANGED
@@ -3,11 +3,11 @@
|
|
3
3
|
require 'spec_helper'
|
4
4
|
|
5
5
|
shared_examples "box" do
|
6
|
-
let(:nonce) {
|
6
|
+
let(:nonce) { test_vector :box_nonce }
|
7
7
|
let(:invalid_nonce) { nonce[0,12] } # too short!
|
8
8
|
let(:invalid_nonce_long) { nonce + nonce } # too long!
|
9
|
-
let(:message) {
|
10
|
-
let(:ciphertext) {
|
9
|
+
let(:message) { test_vector :box_message }
|
10
|
+
let(:ciphertext) { test_vector :box_ciphertext }
|
11
11
|
let (:nonce_error_regex) { /Nonce.*(Expected #{Crypto::NaCl::NONCEBYTES})/ }
|
12
12
|
let(:corrupt_ciphertext) { ciphertext[80] = " " } # picked at random by fair diceroll
|
13
13
|
|
data/spec/spec_helper.rb
CHANGED
@@ -12,3 +12,15 @@ Coveralls.wear!
|
|
12
12
|
def hex2bytes(hex)
|
13
13
|
Crypto::Encoder[:hex].decode(hex)
|
14
14
|
end
|
15
|
+
|
16
|
+
def bytes2hex(bytes)
|
17
|
+
Crypto::Encoder[:hex].encode(bytes)
|
18
|
+
end
|
19
|
+
|
20
|
+
def test_vector(name)
|
21
|
+
hex2bytes(hex_vector(name))
|
22
|
+
end
|
23
|
+
|
24
|
+
def hex_vector(name)
|
25
|
+
Crypto::TestVectors[name]
|
26
|
+
end
|
metadata
CHANGED
@@ -1,10 +1,11 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rbnacl
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tony Arcieri
|
8
|
+
- Jonathan Stott
|
8
9
|
autorequire:
|
9
10
|
bindir: bin
|
10
11
|
cert_chain:
|
@@ -30,7 +31,7 @@ cert_chain:
|
|
30
31
|
3L/NVZQttSvxjd+WF6mA9yeCjpomboQMP36GRIZ30SoOVPMGvZ/+QpW52QU7mJW5
|
31
32
|
GzWyf92p0uscgUZVTYixjg==
|
32
33
|
-----END CERTIFICATE-----
|
33
|
-
date: 2013-
|
34
|
+
date: 2013-04-19 00:00:00.000000000 Z
|
34
35
|
dependencies:
|
35
36
|
- !ruby/object:Gem::Dependency
|
36
37
|
name: ffi
|
@@ -77,6 +78,7 @@ dependencies:
|
|
77
78
|
description: Ruby binding to the Networking and Cryptography (NaCl) library
|
78
79
|
email:
|
79
80
|
- tony.arcieri@gmail.com
|
81
|
+
- jonathan.stott@gmail.com
|
80
82
|
executables: []
|
81
83
|
extensions: []
|
82
84
|
extra_rdoc_files: []
|
@@ -91,6 +93,7 @@ files:
|
|
91
93
|
- LICENSE.txt
|
92
94
|
- README.md
|
93
95
|
- Rakefile
|
96
|
+
- bascule.cert
|
94
97
|
- images/dragons.png
|
95
98
|
- images/ed25519.png
|
96
99
|
- images/hash.png
|
metadata.gz.sig
CHANGED
@@ -1,2 +1,2 @@
|
|
1
|
-
|
2
|
-
|
1
|
+
Ea���E?�&rL}:�!�`��u�B�\�$GP�>�: ����)cv�"H*�#��4���ei��*�&�pjk#*�芚$��I�_����:��oC����W��h �=���ƕʗZ��K��Oc{����<P�~G�(���M���
|
2
|
+
��X�V���>'XA�'�C�y� Tvj�q� S�X�����
|