rbnacl 5.0.0 → 6.0.0

data/lib/rbnacl/util.rb

@@ -6,8 +6,9 @@ module RbNaCl
   module Util
     extend Sodium
 
-    sodium_function :c_verify16, :crypto_verify_16, [:pointer, :pointer]
-    sodium_function :c_verify32, :crypto_verify_32, [:pointer, :pointer]
+    sodium_function :c_verify16, :crypto_verify_16, %i[pointer pointer]
+    sodium_function :c_verify32, :crypto_verify_32, %i[pointer pointer]
+    sodium_function :c_verify64, :crypto_verify_64, %i[pointer pointer]
 
     module_function
 
@@ -81,6 +82,8 @@ module RbNaCl
     # @param description [String] Description of the string (used in the error)
     def check_length(string, length, description)
       if string.nil?
+        # code below is runs only in test cases
+        # nil can't be converted to str with #to_str method
         raise LengthError,
               "#{description} was nil (Expected #{length.to_int})",
               caller
@@ -106,19 +109,98 @@ module RbNaCl
     # @param length [Integer] The only acceptable length of the string
     # @param description [String] Description of the string (used in the error)
     def check_string(string, length, description)
-      unless string.respond_to? :to_str
-        raise TypeError, "can't convert #{string.class} into String with #to_str"
-      end
+      check_string_validation(string)
+      string = string.to_s
+      check_length(string, length, description)
+
+      string
+    end
+
+    # Check a passed in string, convertion if necessary
+    #
+    # This method will check the key, and raise error
+    # if argument is not a string, and if it's empty string.
+    #
+    # RFC 2104 HMAC
+    # The key for HMAC can be of any length (keys longer than B bytes are
+    # first hashed using H). However, less than L bytes is strongly
+    # discouraged as it would decrease the security strength of the
+    # function.  Keys longer than L bytes are acceptable but the extra
+    # length would not significantly increase the function strength. (A
+    # longer key may be advisable if the randomness of the key is
+    # considered weak.)
+    #
+    # see https://tools.ietf.org/html/rfc2104#section-3
+    #
+    #
+    # @raise [ArgumentError] If we cannot convert to a string with #to_str
+    # @raise [RbNaCl::LengthError] If the string is empty
+    #
+    # @param string [#to_str] The input string
+    def check_hmac_key(string, _description)
+      check_string_validation(string)
 
       string = string.to_str
-      unless string.encoding == Encoding::BINARY
-        raise EncodingError, "strings must use BINARY encoding (got #{string.encoding})"
+
+      if string.bytesize.zero?
+        raise LengthError,
+              "#{Description} was #{string.bytesize} bytes (Expected more than 0)",
+              caller
       end
-      check_length(string, length, description)
 
       string
     end
 
+    # Check a passed string is it valid
+    #
+    # Raise an error if passed argument is invalid
+    #
+    # @raise [TypeError] If string cannot convert to a string with #to_str
+    # @raise [EncodingError] If string have wrong encoding
+    #
+    # @param string [#to_str] The input string
+    def check_string_validation(string)
+      raise TypeError, "can't convert #{string.class} into String with #to_str" unless string.respond_to? :to_str
+
+      string = string.to_str
+
+      raise EncodingError, "strings must use BINARY encoding (got #{string.encoding})" if string.encoding != Encoding::BINARY
+    end
+
+    # Compare two 64 byte strings in constant time
+    #
+    # This should help to avoid timing attacks for string comparisons in your
+    # application.  Note that many of the functions (such as HmacSha512#verify)
+    # use this method under the hood already.
+    #
+    # @param [String] one String #1
+    # @param [String] two String #2
+    #
+    # @return [Boolean] Well, are they equal?
+    def verify64(one, two)
+      return false unless two.bytesize == 64 && one.bytesize == 64
+
+      c_verify64(one, two)
+    end
+
+    # Compare two 64 byte strings in constant time
+    #
+    # This should help to avoid timing attacks for string comparisons in your
+    # application.  Note that many of the functions (such as HmacSha512#verify)
+    # use this method under the hood already.
+    #
+    # @param [String] one String #1
+    # @param [String] two String #2
+    #
+    # @raise [ArgumentError] If the strings are not equal in length
+    #
+    # @return [Boolean] Well, are they equal?
+    def verify64!(one, two)
+      check_length(one, 64, "First message")
+      check_length(two, 64, "Second message")
+      c_verify64(one, two)
+    end
+
     # Compare two 32 byte strings in constant time
     #
     # This should help to avoid timing attacks for string comparisons in your
@@ -131,6 +213,7 @@ module RbNaCl
     # @return [Boolean] Well, are they equal?
     def verify32(one, two)
       return false unless two.bytesize == 32 && one.bytesize == 32
+
       c_verify32(one, two)
     end
 
@@ -164,6 +247,7 @@ module RbNaCl
     # @return [Boolean] Well, are they equal?
     def verify16(one, two)
       return false unless two.bytesize == 16 && one.bytesize == 16
+
       c_verify16(one, two)
     end
 

data/lib/rbnacl/version.rb

@@ -4,5 +4,5 @@
 # NaCl/libsodium for Ruby
 module RbNaCl
   # The library's version
-  VERSION = "5.0.0"
+  VERSION = "6.0.0".freeze
 end

data/rbnacl.gemspec

@@ -1,5 +1,6 @@
-# -*- encoding: utf-8 -*-
-lib = File.expand_path("../lib", __FILE__)
+# frozen_string_literal: true
+
+lib = File.expand_path("lib", __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require "rbnacl/version"
 
@@ -8,21 +9,19 @@ Gem::Specification.new do |spec|
   spec.version       = RbNaCl::VERSION
   spec.authors       = ["Tony Arcieri", "Jonathan Stott"]
   spec.email         = ["bascule@gmail.com", "jonathan.stott@gmail.com"]
-  spec.homepage      = "https://github.com/cryptosphere/rbnacl"
+  spec.homepage      = "https://github.com/crypto-rb/rbnacl"
   spec.licenses      = ["MIT"]
-  spec.summary       = "Ruby binding to the Networking and Cryptography (NaCl) library"
-  spec.description = <<-DESCRIPTION.strip.gsub(/\s+/, " ")
+  spec.summary       = "Ruby binding to the libsodium/NaCl cryptography library"
+  spec.description   = <<-DESCRIPTION.strip.gsub(/\s+/, " ")
     The Networking and Cryptography (NaCl) library provides a high-level toolkit for building
     cryptographic systems and protocols
   DESCRIPTION
-
   spec.files         = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
   spec.executables   = spec.files.grep(%r{^bin/}).map { |f| File.basename(f) }
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
   spec.required_ruby_version = ">= 2.2.6"
-  spec.platform = "jruby" if defined? JRUBY_VERSION
 
   spec.add_runtime_dependency "ffi"
 

data/spec/rbnacl/aead/xchacha20poly1305_ietf_spec.rb

@@ -0,0 +1,14 @@
+# encoding: binary
+# frozen_string_literal: true
+
+RSpec.describe RbNaCl::AEAD::XChaCha20Poly1305IETF do
+  if RbNaCl::Sodium::Version.supported_version?("1.0.12")
+    include_examples "aead" do
+      let(:key)        { vector :aead_xchacha20poly1305_ietf_key }
+      let(:message)    { vector :aead_xchacha20poly1305_ietf_message }
+      let(:nonce)      { vector :aead_xchacha20poly1305_ietf_nonce }
+      let(:ad)         { vector :aead_xchacha20poly1305_ietf_ad }
+      let(:ciphertext) { vector :aead_xchacha20poly1305_ietf_ciphertext }
+    end
+  end
+end

data/spec/rbnacl/authenticators/poly1305_spec.rb

@@ -2,7 +2,27 @@
 # frozen_string_literal: true
 
 RSpec.describe RbNaCl::OneTimeAuth do
-  let(:tag) { vector :auth_onetime }
+  let(:key)     { vector "auth_key_#{described_class.key_bytes}".to_sym }
+  let(:message) { vector :auth_message }
+  let(:tag)     { vector :auth_onetime }
+
+  context ".new" do
+    it "raises ArgumentError on a key which is too long" do
+      expect { described_class.new("\0" * described_class.key_bytes.succ) }.to raise_error(ArgumentError)
+    end
+  end
+
+  context ".auth" do
+    it "raises ArgumentError on a key which is too long" do
+      expect { described_class.auth("\0" * described_class.key_bytes.succ, message) }.to raise_error(ArgumentError)
+    end
+  end
+
+  context ".verify" do
+    it "raises ArgumentError on a key which is too long" do
+      expect { described_class.verify("\0" * described_class.key_bytes.succ, tag, message) }.to raise_error(ArgumentError)
+    end
+  end
 
   include_examples "authenticator"
 end

data/spec/rbnacl/boxes/curve25519xsalsa20poly1305_spec.rb

@@ -9,27 +9,39 @@ RSpec.describe RbNaCl::Box do
 
   context "new" do
     it "accepts strings" do
-      expect { RbNaCl::Box.new(alicepk, bobsk) }.to_not raise_error
+      expect do
+        RbNaCl::Box.new(alicepk, bobsk)
+      end.to_not raise_error
     end
 
     it "accepts KeyPairs" do
-      expect { RbNaCl::Box.new(alice_key, bob_key) }.to_not raise_error
+      expect do
+        RbNaCl::Box.new(alice_key, bob_key)
+      end.to_not raise_error
     end
 
     it "raises TypeError on a nil public key" do
-      expect { RbNaCl::Box.new(nil, bobsk) }.to raise_error(TypeError)
+      expect do
+        RbNaCl::Box.new(nil, bobsk)
+      end.to raise_error(TypeError)
     end
 
     it "raises RbNaCl::LengthError on an invalid public key" do
-      expect { RbNaCl::Box.new("hello", bobsk) }.to raise_error(RbNaCl::LengthError, /Public key was 5 bytes \(Expected 32\)/)
+      expect do
+        RbNaCl::Box.new("hello", bobsk)
+      end.to raise_error(RbNaCl::LengthError, /Public key was 5 bytes \(Expected 32\)/)
     end
 
     it "raises TypeError on a nil secret key" do
-      expect { RbNaCl::Box.new(alicepk, nil) }.to raise_error(TypeError)
+      expect do
+        RbNaCl::Box.new(alicepk, nil)
+      end.to raise_error(TypeError)
     end
 
     it "raises RbNaCl::LengthError on an invalid secret key" do
-      expect { RbNaCl::Box.new(alicepk, "hello") }.to raise_error(RbNaCl::LengthError, /Private key was 5 bytes \(Expected 32\)/)
+      expect do
+        RbNaCl::Box.new(alicepk, "hello")
+      end.to raise_error(RbNaCl::LengthError, /Private key was 5 bytes \(Expected 32\)/)
     end
   end
 

data/spec/rbnacl/hmac/sha256_spec.rb

@@ -2,7 +2,12 @@
 # frozen_string_literal: true
 
 RSpec.describe RbNaCl::HMAC::SHA256 do
-  let(:tag) { vector :auth_hmacsha256 }
+  let(:key)       { vector :auth_hmac_key }
+  let(:message)   { vector :auth_hmac_data }
+  let(:tag)       { vector :auth_hmacsha256_tag }
+  let(:mult_tag)  { vector :auth_hmacsha256_mult_tag }
+  let(:wrong_key) { "key".encode("utf-8") }
 
+  include_examples "HMAC"
   include_examples "authenticator"
 end

data/spec/rbnacl/hmac/sha512256_spec.rb

@@ -2,7 +2,12 @@
 # frozen_string_literal: true
 
 RSpec.describe RbNaCl::HMAC::SHA512256 do
-  let(:tag) { vector :auth_hmacsha512256 }
+  let(:key)       { vector :auth_hmac_key }
+  let(:message)   { vector :auth_message }
+  let(:tag)       { vector :auth_hmacsha512256_tag }
+  let(:mult_tag)  { vector :auth_hmacsha512256_mult_tag }
+  let(:wrong_key) { "key".encode("utf-8") }
 
+  include_examples "HMAC"
   include_examples "authenticator"
 end

data/spec/rbnacl/hmac/sha512_spec.rb

@@ -2,7 +2,12 @@
 # frozen_string_literal: true
 
 RSpec.describe RbNaCl::HMAC::SHA512 do
-  let(:tag) { vector :auth_hmacsha512 }
+  let(:key)       { vector :auth_hmac_key }
+  let(:message)   { vector :auth_hmac_data }
+  let(:tag)       { vector :auth_hmacsha512_tag }
+  let(:mult_tag)  { vector :auth_hmacsha512_mult_tag }
+  let(:wrong_key) { "key".encode("utf-8") }
 
+  include_examples "HMAC"
   include_examples "authenticator"
 end

data/spec/rbnacl/password_hash/argon2_spec.rb

@@ -3,26 +3,68 @@
 
 if RbNaCl::Sodium::Version::ARGON2_SUPPORTED
   RSpec.describe RbNaCl::PasswordHash::Argon2 do
-    let(:reference_password) { vector :argon2_password }
-    let(:reference_salt)     { vector :argon2_salt }
-    let(:reference_opslimit) { RbNaCl::TEST_VECTORS[:argon2_opslimit] }
-    let(:reference_memlimit) { RbNaCl::TEST_VECTORS[:argon2_memlimit] }
-    let(:reference_digest)   { vector :argon2_digest }
-    let(:reference_outlen)   { RbNaCl::TEST_VECTORS[:argon2_outlen] }
+    let(:argon2i_password) { vector :argon2i_password }
+    let(:argon2i_salt)     { vector :argon2i_salt }
+    let(:argon2i_opslimit) { RbNaCl::TEST_VECTORS[:argon2i_opslimit] }
+    let(:argon2i_memlimit) { RbNaCl::TEST_VECTORS[:argon2i_memlimit] }
+    let(:argon2i_digest)   { vector :argon2i_digest }
+    let(:argon2i_outlen)   { RbNaCl::TEST_VECTORS[:argon2i_outlen] }
+
+    let(:argon2id_password) { vector :argon2id_password }
+    let(:argon2id_salt)     { vector :argon2id_salt }
+    let(:argon2id_opslimit) { RbNaCl::TEST_VECTORS[:argon2id_opslimit] }
+    let(:argon2id_memlimit) { RbNaCl::TEST_VECTORS[:argon2id_memlimit] }
+    let(:argon2id_digest)   { vector :argon2id_digest }
+    let(:argon2id_outlen)   { RbNaCl::TEST_VECTORS[:argon2id_outlen] }
 
     let(:str_ref_password) { RbNaCl::TEST_VECTORS[:argon2_str_passwd] }
     let(:str_ref_digest)   { RbNaCl::TEST_VECTORS[:argon2_str_digest] }
 
-    it "calculates the correct digest for a reference password/salt" do
-      digest = RbNaCl::PasswordHash.argon2(
-        reference_password,
-        reference_salt,
-        reference_opslimit,
-        reference_memlimit,
-        reference_outlen
+    it "calculates the correct argon2i digest for a reference password/salt" do
+      digest = RbNaCl::PasswordHash.argon2i(
+        argon2i_password,
+        argon2i_salt,
+        argon2i_opslimit,
+        argon2i_memlimit,
+        argon2i_outlen
       )
+      expect(digest).to eq argon2i_digest
+    end
+
+    if RbNaCl::Sodium::Version::ARGON2_SUPPORTED
+      it "calculates the correct argon2id digest for a reference password/salt" do
+        digest = RbNaCl::PasswordHash.argon2id(
+          argon2id_password,
+          argon2id_salt,
+          argon2id_opslimit,
+          argon2id_memlimit,
+          argon2id_outlen
+        )
+        expect(digest).to eq argon2id_digest
+      end
+
+      it "calculates the correct argon2 default digest" do
+        if RbNaCl::Sodium::Version.supported_version?("1.0.15")
+          digest = RbNaCl::PasswordHash.argon2(
+            argon2id_password,
+            argon2id_salt,
+            argon2id_opslimit,
+            argon2id_memlimit,
+            argon2id_outlen
+          )
+          expect(digest).to eq argon2id_digest
+        else
+          digest = RbNaCl::PasswordHash.argon2(
+            argon2i_password,
+            argon2i_salt,
+            argon2i_opslimit,
+            argon2i_memlimit,
+            argon2i_outlen
+          )
+          expect(digest).to eq argon2i_digest
+        end
+      end
 
-      expect(digest).to eq reference_digest
     end
 
     it "verifies password" do

data/spec/rbnacl/signatures/ed25519/signing_key_spec.rb

@@ -2,9 +2,10 @@
 # frozen_string_literal: true
 
 RSpec.describe RbNaCl::SigningKey do
-  let(:signing_key) { vector :sign_private }
-  let(:message)     { vector :sign_message }
-  let(:signature)   { vector :sign_signature }
+  let(:signing_key)     { vector :sign_private }
+  let(:signing_keypair) { vector :sign_keypair }
+  let(:message)         { vector :sign_message }
+  let(:signature)       { vector :sign_signature }
 
   subject { described_class.new(signing_key) }
 
@@ -22,7 +23,7 @@ RSpec.describe RbNaCl::SigningKey do
 
   it "serializes the internal signing key to bytes" do
     expect(subject.keypair_bytes.length).to eq 64
-    expect(subject.keypair_bytes).to eq "\xB1\x8E\x1D\x00E\x99^\xC3\xD0\x10\xC3\x87\xCC\xFE\xB9\x84\xD7\x83\xAF\x8F\xBB\x0F@\xFA}\xB1&\xD8\x89\xF6\xDA\xDDw\xF4\x8BY\xCA\xED\xA7wQ\xED\x13\x8B\x0E\xC6g\xFFP\xF8v\x8C%\xD4\x83\t\xA8\xF3\x86\xA2\xBA\xD1\x87\xFB"
+    expect(subject.keypair_bytes).to eq signing_keypair
   end
 
   include_examples "key equality" do

data/spec/rbnacl/util_spec.rb

@@ -2,6 +2,57 @@
 # frozen_string_literal: true
 
 RSpec.describe RbNaCl::Util do
+  context ".verify64" do
+    let(:msg) { RbNaCl::Util.zeros(64) }
+    let(:identical_msg) { RbNaCl::Util.zeros(64) }
+    let(:other_msg) { RbNaCl::Util.zeros(63) + "\001" }
+    let(:short_msg) { RbNaCl::Util.zeros(63) }
+    let(:long_msg) { RbNaCl::Util.zeros(65) }
+
+    it "confirms identical messages are identical" do
+      expect(RbNaCl::Util.verify64(msg, identical_msg)).to be true
+    end
+
+    it "confirms non-identical messages are non-identical" do
+      expect(RbNaCl::Util.verify64(msg, other_msg)).to be false
+      expect(RbNaCl::Util.verify64(other_msg, msg)).to be false
+      expect(RbNaCl::Util.verify64(short_msg, msg)).to be false
+      expect(RbNaCl::Util.verify64(msg, short_msg)).to be false
+      expect(RbNaCl::Util.verify64(long_msg, msg)).to be false
+      expect(RbNaCl::Util.verify64(msg, long_msg)).to be false
+    end
+  end
+
+  context ".verify64!" do
+    let(:msg) { RbNaCl::Util.zeros(64) }
+    let(:identical_msg) { RbNaCl::Util.zeros(64) }
+    let(:other_msg) { RbNaCl::Util.zeros(63) + "\001" }
+    let(:short_msg) { RbNaCl::Util.zeros(63) }
+    let(:long_msg) { RbNaCl::Util.zeros(65) }
+
+    it "confirms identical messages are identical" do
+      expect(RbNaCl::Util.verify64!(msg, identical_msg)).to be true
+    end
+
+    it "confirms non-identical messages are non-identical" do
+      expect(RbNaCl::Util.verify64!(msg, other_msg)).to be false
+      expect(RbNaCl::Util.verify64!(other_msg, msg)).to be false
+    end
+
+    it "raises descriptively on a short message in position 1" do
+      expect { RbNaCl::Util.verify64!(short_msg, msg) }.to raise_error(RbNaCl::LengthError)
+    end
+    it "raises descriptively on a short message in position 2" do
+      expect { RbNaCl::Util.verify64!(msg, short_msg) }.to raise_error(RbNaCl::LengthError)
+    end
+    it "raises descriptively on a long message in position 1" do
+      expect { RbNaCl::Util.verify64!(long_msg, msg) }.to raise_error(RbNaCl::LengthError)
+    end
+    it "raises descriptively on a long message in position 2" do
+      expect { RbNaCl::Util.verify64!(msg, long_msg) }.to raise_error(RbNaCl::LengthError)
+    end
+  end
+
   context ".verify32!" do
     let(:msg) { RbNaCl::Util.zeros(32) }
     let(:identical_msg) { RbNaCl::Util.zeros(32) }
@@ -106,16 +157,24 @@ RSpec.describe RbNaCl::Util do
 
   context "check_length" do
     it "accepts strings of the correct length" do
-      expect { RbNaCl::Util.check_length("A" * 4, 4, "Test String") }.not_to raise_error
+      expect do
+        RbNaCl::Util.check_length("A" * 4, 4, "Test String")
+      end.not_to raise_error
     end
     it "rejects strings which are too short" do
-      expect { RbNaCl::Util.check_length("A" * 3, 4, "Test String") }.to raise_error(RbNaCl::LengthError, "Test String was 3 bytes (Expected 4)")
+      expect do
+        RbNaCl::Util.check_length("A" * 3, 4, "Test String")
+      end.to raise_error(RbNaCl::LengthError, "Test String was 3 bytes (Expected 4)")
     end
     it "rejects strings which are too long" do
-      expect { RbNaCl::Util.check_length("A" * 5, 4, "Test String") }.to raise_error(RbNaCl::LengthError, "Test String was 5 bytes (Expected 4)")
+      expect do
+        RbNaCl::Util.check_length("A" * 5, 4, "Test String")
+      end.to raise_error(RbNaCl::LengthError, "Test String was 5 bytes (Expected 4)")
     end
     it "rejects nil strings" do
-      expect { RbNaCl::Util.check_length(nil, 4, "Test String") }.to raise_error(RbNaCl::LengthError, "Test String was nil (Expected 4)")
+      expect do
+        RbNaCl::Util.check_length(nil, 4, "Test String")
+      end.to raise_error(RbNaCl::LengthError, "Test String was nil (Expected 4)")
     end
   end