rbnacl 3.3.0 → 3.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +8 -3
- data/.travis.yml +11 -4
- data/CHANGES.md +10 -0
- data/Gemfile +6 -1
- data/README.md +5 -2
- data/lib/rbnacl.rb +2 -1
- data/lib/rbnacl/auth.rb +3 -3
- data/lib/rbnacl/boxes/curve25519xsalsa20poly1305.rb +6 -6
- data/lib/rbnacl/boxes/curve25519xsalsa20poly1305/private_key.rb +1 -1
- data/lib/rbnacl/hash.rb +2 -2
- data/lib/rbnacl/hash/blake2b.rb +5 -5
- data/lib/rbnacl/hmac/sha512.rb +42 -0
- data/lib/rbnacl/key_comparator.rb +13 -8
- data/lib/rbnacl/password_hash/scrypt.rb +38 -45
- data/lib/rbnacl/secret_boxes/xsalsa20poly1305.rb +4 -4
- data/lib/rbnacl/self_test.rb +12 -12
- data/lib/rbnacl/signatures/ed25519/signing_key.rb +9 -1
- data/lib/rbnacl/signatures/ed25519/verify_key.rb +1 -1
- data/lib/rbnacl/simple_box.rb +2 -2
- data/lib/rbnacl/sodium/version.rb +2 -2
- data/lib/rbnacl/test_vectors.rb +7 -3
- data/lib/rbnacl/util.rb +9 -9
- data/lib/rbnacl/version.rb +1 -1
- data/spec/rbnacl/hmac/sha512_spec.rb +8 -0
- data/spec/rbnacl/signatures/ed25519/signing_key_spec.rb +5 -0
- data/spec/shared/authenticator.rb +5 -5
- metadata +5 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bcf4ccd28c18cf4c35fbdaf0b6a477e76611dde0
|
|
4
|
+
data.tar.gz: 9e6e95385b32259c3de1a5be583e20f910ba3f9d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 06843ef90fb734f7b2003adf225f78701682766c45fc5f786e4ee2e09347f7b3827df96fa14e39a3347eb097db168327f58e8867f483cbfd07fcc6dbb0870849
|
|
7
|
+
data.tar.gz: 5afb3ed48547db7e6883478654fe4c06065aa2fec84e43ce78d6f950d3cc439130039aad2eb34240bfe1026ed4939efa10878dc31ec5a0faadc67af6f6adfa5c
|
data/.rubocop.yml
CHANGED
|
@@ -9,7 +9,7 @@ LineLength:
|
|
|
9
9
|
Style/StringLiterals:
|
|
10
10
|
EnforcedStyle: double_quotes
|
|
11
11
|
|
|
12
|
-
Style/
|
|
12
|
+
Style/SpaceBeforeFirstArg:
|
|
13
13
|
Enabled: false
|
|
14
14
|
|
|
15
15
|
Style/GlobalVars:
|
|
@@ -20,8 +20,13 @@ Style/GlobalVars:
|
|
|
20
20
|
#
|
|
21
21
|
|
|
22
22
|
Metrics/MethodLength:
|
|
23
|
-
|
|
24
|
-
Max: 25
|
|
23
|
+
Max: 22
|
|
25
24
|
|
|
26
25
|
Metrics/AbcSize:
|
|
27
26
|
Max: 20
|
|
27
|
+
|
|
28
|
+
AllCops:
|
|
29
|
+
Include:
|
|
30
|
+
- '**/Rakefile'
|
|
31
|
+
Exclude:
|
|
32
|
+
- 'spec/**/*'
|
data/.travis.yml
CHANGED
|
@@ -1,13 +1,20 @@
|
|
|
1
|
+
language: ruby
|
|
2
|
+
sudo: false
|
|
1
3
|
script: bundle exec rake ci
|
|
4
|
+
branches:
|
|
5
|
+
only:
|
|
6
|
+
- master
|
|
7
|
+
|
|
8
|
+
bundler_args: --without development
|
|
2
9
|
|
|
3
10
|
rvm:
|
|
4
11
|
- 2.0.0
|
|
5
|
-
- 2.1.
|
|
6
|
-
- 2.2.
|
|
7
|
-
- 2.3.
|
|
12
|
+
- 2.1.10
|
|
13
|
+
- 2.2.5
|
|
14
|
+
- 2.3.1
|
|
8
15
|
- ruby-head
|
|
9
16
|
- jruby
|
|
10
|
-
- jruby-9.0.
|
|
17
|
+
- jruby-9.0.5.0
|
|
11
18
|
- jruby-head
|
|
12
19
|
- rbx-2
|
|
13
20
|
|
data/CHANGES.md
CHANGED
|
@@ -1,3 +1,13 @@
|
|
|
1
|
+
3.4.0 (2015-05-07)
|
|
2
|
+
------------------
|
|
3
|
+
* [#135](https://github.com/cryptosphere/rbnacl/pull/135)
|
|
4
|
+
Expose RbNaCl::Signatures::Ed25519#keypair_bytes.
|
|
5
|
+
(@grempe)
|
|
6
|
+
|
|
7
|
+
* [#137](https://github.com/cryptosphere/rbnacl/pull/137)
|
|
8
|
+
Expose HMAC-SHA512 (with 64-byte keys)
|
|
9
|
+
(@mwpastore)
|
|
10
|
+
|
|
1
11
|
3.3.0 (2015-12-29)
|
|
2
12
|
------------------
|
|
3
13
|
* [#105](https://github.com/cryptosphere/rbnacl/pull/105)
|
data/Gemfile
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
source "https://rubygems.org"
|
|
2
2
|
|
|
3
|
-
# Specify your gem's dependencies in rbnacl.gemspec
|
|
4
3
|
gemspec
|
|
5
4
|
|
|
6
5
|
group :development do
|
|
@@ -8,6 +7,12 @@ group :development do
|
|
|
8
7
|
end
|
|
9
8
|
|
|
10
9
|
group :test do
|
|
10
|
+
gem "rspec"
|
|
11
|
+
gem "rubocop", "0.39.0"
|
|
11
12
|
gem "coveralls", require: false
|
|
12
13
|
gem "rbnacl-libsodium", ENV["LIBSODIUM_VERSION"]
|
|
13
14
|
end
|
|
15
|
+
|
|
16
|
+
group :development, :test do
|
|
17
|
+
gem "rake"
|
|
18
|
+
end
|
data/README.md
CHANGED
|
@@ -4,6 +4,7 @@
|
|
|
4
4
|
[](https://travis-ci.org/cryptosphere/rbnacl)
|
|
5
5
|
[](https://codeclimate.com/github/cryptosphere/rbnacl)
|
|
6
6
|
[](https://coveralls.io/r/cryptosphere/rbnacl)
|
|
7
|
+
[](https://github.com/cryptosphere/rbnacl/blob/master/LICENSE.txt)
|
|
7
8
|
|
|
8
9
|
A Ruby binding to the state-of-the-art [Networking and Cryptography][nacl]
|
|
9
10
|
library by [Daniel J. Bernstein][djb]. This is **NOT** Google Native Client.
|
|
@@ -71,6 +72,8 @@ To use RbNaCl, you will need to install libsodium:
|
|
|
71
72
|
|
|
72
73
|
https://github.com/jedisct1/libsodium
|
|
73
74
|
|
|
75
|
+
At least version `1.0.0` is recommended.
|
|
76
|
+
|
|
74
77
|
For OS X users, libsodium is available via homebrew and can be installed with:
|
|
75
78
|
|
|
76
79
|
brew install libsodium
|
|
@@ -195,5 +198,5 @@ Sure, here you go:
|
|
|
195
198
|
|
|
196
199
|
## License
|
|
197
200
|
|
|
198
|
-
Copyright (c) 2012-
|
|
199
|
-
|
|
201
|
+
Copyright (c) 2012-2016 Jonathan Stott, Tony Arcieri. Distributed under the MIT License.
|
|
202
|
+
See LICENSE.txt for further details.
|
data/lib/rbnacl.rb
CHANGED
|
@@ -67,9 +67,10 @@ module RbNaCl
|
|
|
67
67
|
require "rbnacl/password_hash"
|
|
68
68
|
require "rbnacl/password_hash/scrypt"
|
|
69
69
|
|
|
70
|
-
# HMAC: SHA256 and SHA512256
|
|
70
|
+
# HMAC: SHA256/512 and SHA512256
|
|
71
71
|
require "rbnacl/hmac/sha256"
|
|
72
72
|
require "rbnacl/hmac/sha512256"
|
|
73
|
+
require "rbnacl/hmac/sha512"
|
|
73
74
|
|
|
74
75
|
#
|
|
75
76
|
# Bind aliases used by the public API
|
data/lib/rbnacl/auth.rb
CHANGED
|
@@ -70,7 +70,7 @@ module RbNaCl
|
|
|
70
70
|
def verify(authenticator, message)
|
|
71
71
|
auth = authenticator.to_s
|
|
72
72
|
Util.check_length(auth, tag_bytes, "Provided authenticator")
|
|
73
|
-
verify_message(auth, message) ||
|
|
73
|
+
verify_message(auth, message) || raise(BadAuthenticatorError, "Invalid authenticator provided, message is corrupt")
|
|
74
74
|
end
|
|
75
75
|
|
|
76
76
|
# The crypto primitive for this authenticator instance
|
|
@@ -111,11 +111,11 @@ module RbNaCl
|
|
|
111
111
|
private
|
|
112
112
|
|
|
113
113
|
def compute_authenticator(_authenticator, _message)
|
|
114
|
-
|
|
114
|
+
raise NotImplementedError
|
|
115
115
|
end
|
|
116
116
|
|
|
117
117
|
def verify_message(_authenticator, _message)
|
|
118
|
-
|
|
118
|
+
raise NotImplementedError
|
|
119
119
|
end
|
|
120
120
|
end
|
|
121
121
|
end
|
|
@@ -99,7 +99,7 @@ module RbNaCl
|
|
|
99
99
|
def initialize(public_key, private_key)
|
|
100
100
|
@public_key = public_key.is_a?(PublicKey) ? public_key : PublicKey.new(public_key)
|
|
101
101
|
@private_key = private_key.is_a?(PrivateKey) ? private_key : PrivateKey.new(private_key)
|
|
102
|
-
|
|
102
|
+
raise IncorrectPrimitiveError unless @public_key.primitive == primitive && @private_key.primitive == primitive
|
|
103
103
|
end
|
|
104
104
|
|
|
105
105
|
# Encrypts a message
|
|
@@ -121,10 +121,10 @@ module RbNaCl
|
|
|
121
121
|
msg = Util.prepend_zeros(ZEROBYTES, message)
|
|
122
122
|
ct = Util.zeros(msg.bytesize)
|
|
123
123
|
|
|
124
|
-
self.class.box_curve25519xsalsa20poly1305_afternm(ct, msg, msg.bytesize, nonce, beforenm) ||
|
|
124
|
+
self.class.box_curve25519xsalsa20poly1305_afternm(ct, msg, msg.bytesize, nonce, beforenm) || raise(CryptoError, "Encryption failed")
|
|
125
125
|
Util.remove_zeros(BOXZEROBYTES, ct)
|
|
126
126
|
end
|
|
127
|
-
|
|
127
|
+
alias encrypt box
|
|
128
128
|
|
|
129
129
|
# Decrypts a ciphertext
|
|
130
130
|
#
|
|
@@ -146,11 +146,11 @@ module RbNaCl
|
|
|
146
146
|
message = Util.zeros(ct.bytesize)
|
|
147
147
|
|
|
148
148
|
success = self.class.box_curve25519xsalsa20poly1305_open_afternm(message, ct, ct.bytesize, nonce, beforenm)
|
|
149
|
-
|
|
149
|
+
raise CryptoError, "Decryption failed. Ciphertext failed verification." unless success
|
|
150
150
|
|
|
151
151
|
Util.remove_zeros(ZEROBYTES, message)
|
|
152
152
|
end
|
|
153
|
-
|
|
153
|
+
alias decrypt open
|
|
154
154
|
|
|
155
155
|
# The crypto primitive for the box class
|
|
156
156
|
#
|
|
@@ -179,7 +179,7 @@ module RbNaCl
|
|
|
179
179
|
@_key ||= begin
|
|
180
180
|
key = Util.zeros(BEFORENMBYTES)
|
|
181
181
|
success = self.class.box_curve25519xsalsa20poly1305_beforenm(key, @public_key.to_s, @private_key.to_s)
|
|
182
|
-
|
|
182
|
+
raise CryptoError, "Failed to derive shared key" unless success
|
|
183
183
|
key
|
|
184
184
|
end
|
|
185
185
|
end
|
|
@@ -52,7 +52,7 @@ module RbNaCl
|
|
|
52
52
|
def self.generate
|
|
53
53
|
pk = Util.zeros(Boxes::Curve25519XSalsa20Poly1305::PUBLICKEYBYTES)
|
|
54
54
|
sk = Util.zeros(Boxes::Curve25519XSalsa20Poly1305::PRIVATEKEYBYTES)
|
|
55
|
-
box_curve25519xsalsa20poly1305_keypair(pk, sk) ||
|
|
55
|
+
box_curve25519xsalsa20poly1305_keypair(pk, sk) || raise(CryptoError, "Failed to generate a key pair")
|
|
56
56
|
new(sk)
|
|
57
57
|
end
|
|
58
58
|
|
data/lib/rbnacl/hash.rb
CHANGED
|
@@ -25,7 +25,7 @@ module RbNaCl
|
|
|
25
25
|
def self.sha256(data)
|
|
26
26
|
data = data.to_str
|
|
27
27
|
digest = Util.zeros(SHA256::BYTES)
|
|
28
|
-
SHA256.hash_sha256(digest, data, data.bytesize) ||
|
|
28
|
+
SHA256.hash_sha256(digest, data, data.bytesize) || raise(CryptoError, "Hashing failed!")
|
|
29
29
|
digest
|
|
30
30
|
end
|
|
31
31
|
|
|
@@ -40,7 +40,7 @@ module RbNaCl
|
|
|
40
40
|
# @return [String] The SHA-512 hash digest as raw bytes
|
|
41
41
|
def self.sha512(data)
|
|
42
42
|
digest = Util.zeros(SHA512::BYTES)
|
|
43
|
-
SHA512.hash_sha512(digest, data, data.bytesize) ||
|
|
43
|
+
SHA512.hash_sha512(digest, data, data.bytesize) || raise(CryptoError, "Hashing failed!")
|
|
44
44
|
digest
|
|
45
45
|
end
|
|
46
46
|
|
data/lib/rbnacl/hash/blake2b.rb
CHANGED
|
@@ -47,15 +47,15 @@ module RbNaCl
|
|
|
47
47
|
|
|
48
48
|
if @key
|
|
49
49
|
@key_size = @key.bytesize
|
|
50
|
-
|
|
51
|
-
|
|
50
|
+
raise LengthError, "key too short" if @key_size < KEYBYTES_MIN
|
|
51
|
+
raise LengthError, "key too long" if @key_size > KEYBYTES_MAX
|
|
52
52
|
else
|
|
53
53
|
@key_size = 0
|
|
54
54
|
end
|
|
55
55
|
|
|
56
56
|
@digest_size = opts.fetch(:digest_size, BYTES_MAX)
|
|
57
|
-
|
|
58
|
-
|
|
57
|
+
raise LengthError, "digest size too short" if @digest_size < BYTES_MIN
|
|
58
|
+
raise LengthError, "digest size too long" if @digest_size > BYTES_MAX
|
|
59
59
|
|
|
60
60
|
@personal = opts.fetch(:personal, EMPTY_PERSONAL)
|
|
61
61
|
@personal = Util.zero_pad(PERSONALBYTES, @personal)
|
|
@@ -72,7 +72,7 @@ module RbNaCl
|
|
|
72
72
|
def digest(message)
|
|
73
73
|
digest = Util.zeros(@digest_size)
|
|
74
74
|
self.class.generichash_blake2b(digest, @digest_size, message, message.bytesize, @key, @key_size, @salt, @personal) ||
|
|
75
|
-
|
|
75
|
+
raise(CryptoError, "Hashing failed!")
|
|
76
76
|
digest
|
|
77
77
|
end
|
|
78
78
|
end
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
# encoding: binary
|
|
2
|
+
module RbNaCl
|
|
3
|
+
module HMAC
|
|
4
|
+
# Computes an authenticator as HMAC-SHA-512
|
|
5
|
+
#
|
|
6
|
+
# The authenticator can be used at a later time to verify the provenance of
|
|
7
|
+
# the message by recomputing the HMAC over the message and then comparing it to
|
|
8
|
+
# the provided authenticator. The class provides methods for generating
|
|
9
|
+
# signatures and also has a constant-time implementation for checking them.
|
|
10
|
+
#
|
|
11
|
+
# This is a secret key authenticator, i.e. anyone who can verify signatures
|
|
12
|
+
# can also create them.
|
|
13
|
+
#
|
|
14
|
+
# @see http://nacl.cr.yp.to/auth.html
|
|
15
|
+
class SHA512 < Auth
|
|
16
|
+
extend Sodium
|
|
17
|
+
|
|
18
|
+
sodium_type :auth
|
|
19
|
+
sodium_primitive :hmacsha512
|
|
20
|
+
sodium_constant :BYTES
|
|
21
|
+
sodium_constant :KEYBYTES
|
|
22
|
+
|
|
23
|
+
sodium_function :auth_hmacsha512,
|
|
24
|
+
:crypto_auth_hmacsha512,
|
|
25
|
+
[:pointer, :pointer, :ulong_long, :pointer]
|
|
26
|
+
|
|
27
|
+
sodium_function :auth_hmacsha512_verify,
|
|
28
|
+
:crypto_auth_hmacsha512_verify,
|
|
29
|
+
[:pointer, :pointer, :ulong_long, :pointer]
|
|
30
|
+
|
|
31
|
+
private
|
|
32
|
+
|
|
33
|
+
def compute_authenticator(authenticator, message)
|
|
34
|
+
self.class.auth_hmacsha512(authenticator, message, message.bytesize, key)
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def verify_message(authenticator, message)
|
|
38
|
+
self.class.auth_hmacsha512_verify(authenticator, message, message.bytesize, key)
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
@@ -22,14 +22,7 @@ module RbNaCl
|
|
|
22
22
|
else
|
|
23
23
|
return nil
|
|
24
24
|
end
|
|
25
|
-
|
|
26
|
-
if Util.verify32(to_bytes, other)
|
|
27
|
-
return 0
|
|
28
|
-
elsif to_bytes > other
|
|
29
|
-
return 1
|
|
30
|
-
else
|
|
31
|
-
return -1
|
|
32
|
-
end
|
|
25
|
+
compare32(other)
|
|
33
26
|
end
|
|
34
27
|
|
|
35
28
|
# equality operator
|
|
@@ -55,5 +48,17 @@ module RbNaCl
|
|
|
55
48
|
end
|
|
56
49
|
Util.verify32(to_bytes, other)
|
|
57
50
|
end
|
|
51
|
+
|
|
52
|
+
private
|
|
53
|
+
|
|
54
|
+
def compare32(other)
|
|
55
|
+
if Util.verify32(to_bytes, other)
|
|
56
|
+
0
|
|
57
|
+
elsif to_bytes > other
|
|
58
|
+
1
|
|
59
|
+
else
|
|
60
|
+
-1
|
|
61
|
+
end
|
|
62
|
+
end
|
|
58
63
|
end
|
|
59
64
|
end
|
|
@@ -17,52 +17,45 @@ module RbNaCl
|
|
|
17
17
|
# on GPUs or FPGAs) with additional computation.
|
|
18
18
|
class SCrypt
|
|
19
19
|
extend Sodium
|
|
20
|
+
sodium_type :pwhash
|
|
21
|
+
sodium_primitive :scryptsalsa208sha256
|
|
22
|
+
|
|
23
|
+
sodium_constant :SALTBYTES
|
|
24
|
+
|
|
25
|
+
sodium_function :scrypt,
|
|
26
|
+
:crypto_pwhash_scryptsalsa208sha256,
|
|
27
|
+
[:pointer, :ulong_long, :pointer, :ulong_long, :pointer, :ulong_long, :size_t]
|
|
28
|
+
|
|
29
|
+
# Create a new SCrypt password hash object
|
|
30
|
+
#
|
|
31
|
+
# @param [Integer] opslimit the CPU cost (e.g. 2**20)
|
|
32
|
+
# @param [Integer] memlimit the memory cost (e.g. 2**24)
|
|
33
|
+
#
|
|
34
|
+
# @return [RbNaCl::PasswordHash::SCrypt] An SCrypt password hasher object
|
|
35
|
+
def initialize(opslimit, memlimit, digest_size = 64)
|
|
36
|
+
# TODO: sanity check these parameters
|
|
37
|
+
@opslimit = opslimit
|
|
38
|
+
@memlimit = memlimit
|
|
39
|
+
|
|
40
|
+
# TODO: check digest size validity
|
|
41
|
+
# raise LengthError, "digest size too short" if @digest_size < BYTES_MIN
|
|
42
|
+
# raise LengthError, "digest size too long" if @digest_size > BYTES_MAX
|
|
43
|
+
|
|
44
|
+
@digest_size = digest_size
|
|
45
|
+
end
|
|
20
46
|
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
# @param [Integer] opslimit the CPU cost (e.g. 2**20)
|
|
34
|
-
# @param [Integer] memlimit the memory cost (e.g. 2**24)
|
|
35
|
-
#
|
|
36
|
-
# @return [RbNaCl::PasswordHash::SCrypt] An SCrypt password hasher object
|
|
37
|
-
def initialize(opslimit, memlimit, digest_size = 64)
|
|
38
|
-
# TODO: sanity check these parameters
|
|
39
|
-
@opslimit = opslimit
|
|
40
|
-
@memlimit = memlimit
|
|
41
|
-
|
|
42
|
-
# TODO: check digest size validity
|
|
43
|
-
# raise LengthError, "digest size too short" if @digest_size < BYTES_MIN
|
|
44
|
-
# raise LengthError, "digest size too long" if @digest_size > BYTES_MAX
|
|
45
|
-
|
|
46
|
-
@digest_size = digest_size
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
# Calculate an scrypt digest for a given password and salt
|
|
50
|
-
#
|
|
51
|
-
# @param [String] password to be hashed
|
|
52
|
-
# @param [String] salt to make the digest unique
|
|
53
|
-
#
|
|
54
|
-
# @return [String] scrypt digest of the string as raw bytes
|
|
55
|
-
def digest(password, salt)
|
|
56
|
-
digest = Util.zeros(@digest_size)
|
|
57
|
-
salt = Util.check_string(salt, SALTBYTES, "salt")
|
|
58
|
-
|
|
59
|
-
self.class.scrypt(digest, @digest_size, password, password.bytesize, salt, @opslimit, @memlimit) || fail(CryptoError, "scrypt failed!")
|
|
60
|
-
digest
|
|
61
|
-
end
|
|
62
|
-
rescue FFI::NotFoundError
|
|
63
|
-
def initialize(_opslimit, _memlimit, _digest_size = 64)
|
|
64
|
-
raise NotImplementedError, "scrypt not implemented in this version of libsodium"
|
|
65
|
-
end
|
|
47
|
+
# Calculate an scrypt digest for a given password and salt
|
|
48
|
+
#
|
|
49
|
+
# @param [String] password to be hashed
|
|
50
|
+
# @param [String] salt to make the digest unique
|
|
51
|
+
#
|
|
52
|
+
# @return [String] scrypt digest of the string as raw bytes
|
|
53
|
+
def digest(password, salt)
|
|
54
|
+
digest = Util.zeros(@digest_size)
|
|
55
|
+
salt = Util.check_string(salt, SALTBYTES, "salt")
|
|
56
|
+
|
|
57
|
+
self.class.scrypt(digest, @digest_size, password, password.bytesize, salt, @opslimit, @memlimit) || raise(CryptoError, "scrypt failed!")
|
|
58
|
+
digest
|
|
66
59
|
end
|
|
67
60
|
end
|
|
68
61
|
end
|
|
@@ -68,11 +68,11 @@ module RbNaCl
|
|
|
68
68
|
ct = Util.zeros(msg.bytesize)
|
|
69
69
|
|
|
70
70
|
success = self.class.secretbox_xsalsa20poly1305(ct, msg, msg.bytesize, nonce, @key)
|
|
71
|
-
|
|
71
|
+
raise CryptoError, "Encryption failed" unless success
|
|
72
72
|
|
|
73
73
|
Util.remove_zeros(BOXZEROBYTES, ct)
|
|
74
74
|
end
|
|
75
|
-
|
|
75
|
+
alias encrypt box
|
|
76
76
|
|
|
77
77
|
# Decrypts a ciphertext
|
|
78
78
|
#
|
|
@@ -94,11 +94,11 @@ module RbNaCl
|
|
|
94
94
|
message = Util.zeros(ct.bytesize)
|
|
95
95
|
|
|
96
96
|
success = self.class.secretbox_xsalsa20poly1305_open(message, ct, ct.bytesize, nonce, @key)
|
|
97
|
-
|
|
97
|
+
raise CryptoError, "Decryption failed. Ciphertext failed verification." unless success
|
|
98
98
|
|
|
99
99
|
Util.remove_zeros(ZEROBYTES, message)
|
|
100
100
|
end
|
|
101
|
-
|
|
101
|
+
alias decrypt open
|
|
102
102
|
|
|
103
103
|
# The crypto primitive for the SecretBox instance
|
|
104
104
|
#
|
data/lib/rbnacl/self_test.rb
CHANGED
|
@@ -32,8 +32,8 @@ module RbNaCl
|
|
|
32
32
|
message = vector :box_message
|
|
33
33
|
ciphertext = vector :box_ciphertext
|
|
34
34
|
|
|
35
|
-
|
|
36
|
-
|
|
35
|
+
raise SelfTestFailure, "failed to generate correct ciphertext" unless box.encrypt(nonce, message) == ciphertext
|
|
36
|
+
raise SelfTestFailure, "failed to decrypt ciphertext correctly" unless box.decrypt(nonce, ciphertext) == message
|
|
37
37
|
|
|
38
38
|
begin
|
|
39
39
|
passed = false
|
|
@@ -43,7 +43,7 @@ module RbNaCl
|
|
|
43
43
|
rescue CryptoError
|
|
44
44
|
passed = true
|
|
45
45
|
ensure
|
|
46
|
-
passed ||
|
|
46
|
+
passed || raise(SelfTestFailure, "failed to detect corrupt ciphertext")
|
|
47
47
|
end
|
|
48
48
|
end
|
|
49
49
|
|
|
@@ -53,7 +53,7 @@ module RbNaCl
|
|
|
53
53
|
|
|
54
54
|
unless verify_key.to_s == vector(:sign_public)
|
|
55
55
|
#:nocov:
|
|
56
|
-
|
|
56
|
+
raise SelfTestFailure, "failed to generate verify key correctly"
|
|
57
57
|
#:nocov:
|
|
58
58
|
end
|
|
59
59
|
|
|
@@ -62,13 +62,13 @@ module RbNaCl
|
|
|
62
62
|
|
|
63
63
|
unless signature == vector(:sign_signature)
|
|
64
64
|
#:nocov:
|
|
65
|
-
|
|
65
|
+
raise SelfTestFailure, "failed to generate correct signature"
|
|
66
66
|
#:nocov:
|
|
67
67
|
end
|
|
68
68
|
|
|
69
69
|
unless verify_key.verify(signature, message)
|
|
70
70
|
#:nocov:
|
|
71
|
-
|
|
71
|
+
raise SelfTestFailure, "failed to verify a valid signature"
|
|
72
72
|
#:nocov:
|
|
73
73
|
end
|
|
74
74
|
|
|
@@ -79,7 +79,7 @@ module RbNaCl
|
|
|
79
79
|
rescue CryptoError
|
|
80
80
|
passed = true
|
|
81
81
|
ensure
|
|
82
|
-
passed ||
|
|
82
|
+
passed || raise(SelfTestFailure, "failed to detect corrupt ciphertext")
|
|
83
83
|
end
|
|
84
84
|
end
|
|
85
85
|
|
|
@@ -87,16 +87,16 @@ module RbNaCl
|
|
|
87
87
|
message = vector :sha256_message
|
|
88
88
|
digest = vector :sha256_digest
|
|
89
89
|
|
|
90
|
-
|
|
90
|
+
raise SelfTestFailure, "failed to generate a correct SHA256 digest" unless RbNaCl::Hash.sha256(message) == digest
|
|
91
91
|
end
|
|
92
92
|
|
|
93
93
|
def hmac_test(klass, tag)
|
|
94
|
-
authenticator = klass.new(vector(
|
|
94
|
+
authenticator = klass.new(vector("auth_key_#{klass.key_bytes}".to_sym))
|
|
95
95
|
|
|
96
96
|
message = vector :auth_message
|
|
97
97
|
|
|
98
|
-
|
|
99
|
-
|
|
98
|
+
raise SelfTestFailure, "#{klass} failed to generate correct authentication tag" unless authenticator.auth(message) == vector(tag)
|
|
99
|
+
raise SelfTestFailure, "#{klass} failed to verify correct authentication tag" unless authenticator.verify(vector(tag), message)
|
|
100
100
|
|
|
101
101
|
begin
|
|
102
102
|
passed = false
|
|
@@ -104,7 +104,7 @@ module RbNaCl
|
|
|
104
104
|
rescue CryptoError
|
|
105
105
|
passed = true
|
|
106
106
|
ensure
|
|
107
|
-
passed ||
|
|
107
|
+
passed || raise(SelfTestFailure, "failed to detect corrupt ciphertext")
|
|
108
108
|
end
|
|
109
109
|
end
|
|
110
110
|
end
|
|
@@ -58,7 +58,7 @@ module RbNaCl
|
|
|
58
58
|
pk = Util.zeros(Ed25519::VERIFYKEYBYTES)
|
|
59
59
|
sk = Util.zeros(Ed25519::SIGNINGKEYBYTES)
|
|
60
60
|
|
|
61
|
-
self.class.sign_ed25519_seed_keypair(pk, sk, seed) ||
|
|
61
|
+
self.class.sign_ed25519_seed_keypair(pk, sk, seed) || raise(CryptoError, "Failed to generate a key pair")
|
|
62
62
|
|
|
63
63
|
@seed = seed
|
|
64
64
|
@signing_key = sk
|
|
@@ -86,6 +86,14 @@ module RbNaCl
|
|
|
86
86
|
@seed
|
|
87
87
|
end
|
|
88
88
|
|
|
89
|
+
# Return the raw 64 byte value of this key
|
|
90
|
+
#
|
|
91
|
+
# @return [String] The signature key bytes. Left half is 32-byte
|
|
92
|
+
# curve25519 private scalar, right half is 32-byte group element
|
|
93
|
+
def keypair_bytes
|
|
94
|
+
@signing_key
|
|
95
|
+
end
|
|
96
|
+
|
|
89
97
|
# The crypto primitive this SigningKey class uses for signatures
|
|
90
98
|
#
|
|
91
99
|
# @return [Symbol] The primitive
|
|
@@ -51,7 +51,7 @@ module RbNaCl
|
|
|
51
51
|
buffer_len = Util.zeros(FFI::Type::LONG_LONG.size)
|
|
52
52
|
|
|
53
53
|
success = self.class.sign_ed25519_open(buffer, buffer_len, sig_and_msg, sig_and_msg.bytesize, @key)
|
|
54
|
-
|
|
54
|
+
raise(BadSignatureError, "signature was forged/corrupt") unless success
|
|
55
55
|
|
|
56
56
|
true
|
|
57
57
|
end
|
data/lib/rbnacl/simple_box.rb
CHANGED
|
@@ -80,7 +80,7 @@ module RbNaCl
|
|
|
80
80
|
cipher_text = @box.box(nonce, message)
|
|
81
81
|
nonce + cipher_text
|
|
82
82
|
end
|
|
83
|
-
|
|
83
|
+
alias encrypt box
|
|
84
84
|
|
|
85
85
|
# Decrypts the ciphertext with a random nonce
|
|
86
86
|
#
|
|
@@ -96,7 +96,7 @@ module RbNaCl
|
|
|
96
96
|
nonce, ciphertext = extract_nonce(enciphered_message.to_s)
|
|
97
97
|
@box.open(nonce, ciphertext)
|
|
98
98
|
end
|
|
99
|
-
|
|
99
|
+
alias decrypt open
|
|
100
100
|
|
|
101
101
|
private
|
|
102
102
|
|
|
@@ -4,7 +4,7 @@ module RbNaCl
|
|
|
4
4
|
module Sodium
|
|
5
5
|
# libsodium version API
|
|
6
6
|
module Version
|
|
7
|
-
MINIMUM_LIBSODIUM_VERSION = "0.4.3"
|
|
7
|
+
MINIMUM_LIBSODIUM_VERSION = "0.4.3".freeze
|
|
8
8
|
|
|
9
9
|
extend Sodium
|
|
10
10
|
attach_function :sodium_version_string, [], :string
|
|
@@ -17,7 +17,7 @@ module RbNaCl
|
|
|
17
17
|
|
|
18
18
|
case installed_version <=> minimum_version
|
|
19
19
|
when -1
|
|
20
|
-
|
|
20
|
+
raise "Sorry, you need to install libsodium #{MINIMUM_LIBSODIUM_VERSION}+. You have #{Version::STRING} installed"
|
|
21
21
|
end
|
|
22
22
|
end
|
|
23
23
|
end
|
data/lib/rbnacl/test_vectors.rb
CHANGED
|
@@ -122,7 +122,9 @@ module RbNaCl
|
|
|
122
122
|
# Auth test vectors
|
|
123
123
|
# Taken from NaCl distribution
|
|
124
124
|
#
|
|
125
|
-
|
|
125
|
+
auth_key_32: "eea6a7251c1e72916d11c2cb214d3c252539121d8e234e652d651fa4c8cff880",
|
|
126
|
+
auth_key_64: "eaaa4c73ef13e7e9a53011304c5be141da9c3713b5ca822037ed57aded31b70a" \
|
|
127
|
+
"50a0dd80843d580fe5b57e470bb534333e907a624cf02873c6b9eaba70e0fc7e",
|
|
126
128
|
auth_message: "8e993b9f48681273c29650ba32fc76ce48332ea7164d96a4476fb8c531a1186a" \
|
|
127
129
|
"c0dfc17c98dce87b4da7f011ec48c97271d2c20f9b928fe2270d6fb863d51738" \
|
|
128
130
|
"b48eeee314a7cc8ab932164548e526ae90224368517acfeabd6bb3732bc0e9da" \
|
|
@@ -131,6 +133,8 @@ module RbNaCl
|
|
|
131
133
|
auth_onetime: "f3ffc7703f9400e52a7dfb4b3d3305d9",
|
|
132
134
|
# self-created (FIXME: find standard test vectors)
|
|
133
135
|
auth_hmacsha256: "7f7b9b707e8790ca8620ff94df5e6533ddc8e994060ce310c9d7de04d44aabc3",
|
|
134
|
-
auth_hmacsha512256: "b2a31b8d4e01afcab2ee545b5caf4e3d212a99d7b3a116a97cec8e83c32e107d"
|
|
135
|
-
|
|
136
|
+
auth_hmacsha512256: "b2a31b8d4e01afcab2ee545b5caf4e3d212a99d7b3a116a97cec8e83c32e107d",
|
|
137
|
+
auth_hmacsha512: "b2a31b8d4e01afcab2ee545b5caf4e3d212a99d7b3a116a97cec8e83c32e107d" \
|
|
138
|
+
"270e3921f69016c267a63ab4b226449a0dee0dc7dcb897a9bce9d27d788f8e8d"
|
|
139
|
+
}.freeze
|
|
136
140
|
end
|
data/lib/rbnacl/util.rb
CHANGED
|
@@ -60,7 +60,7 @@ module RbNaCl
|
|
|
60
60
|
if len == n
|
|
61
61
|
message
|
|
62
62
|
elsif len > n
|
|
63
|
-
|
|
63
|
+
raise LengthError, "String too long for zero-padding to #{n} bytes"
|
|
64
64
|
else
|
|
65
65
|
message + zeros(n - len)
|
|
66
66
|
end
|
|
@@ -78,15 +78,15 @@ module RbNaCl
|
|
|
78
78
|
# @param description [String] Description of the string (used in the error)
|
|
79
79
|
def check_length(string, length, description)
|
|
80
80
|
if string.nil?
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
81
|
+
raise LengthError,
|
|
82
|
+
"#{description} was nil (Expected #{length.to_int})",
|
|
83
|
+
caller
|
|
84
84
|
end
|
|
85
85
|
|
|
86
86
|
if string.bytesize != length.to_int
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
87
|
+
raise LengthError,
|
|
88
|
+
"#{description} was #{string.bytesize} bytes (Expected #{length.to_int})",
|
|
89
|
+
caller
|
|
90
90
|
end
|
|
91
91
|
true
|
|
92
92
|
end
|
|
@@ -104,12 +104,12 @@ module RbNaCl
|
|
|
104
104
|
# @param description [String] Description of the string (used in the error)
|
|
105
105
|
def check_string(string, length, description)
|
|
106
106
|
unless string.respond_to? :to_str
|
|
107
|
-
|
|
107
|
+
raise TypeError, "can't convert #{string.class} into String with #to_str"
|
|
108
108
|
end
|
|
109
109
|
|
|
110
110
|
string = string.to_str
|
|
111
111
|
unless string.encoding == Encoding::BINARY
|
|
112
|
-
|
|
112
|
+
raise EncodingError, "strings must use BINARY encoding (got #{string.encoding})"
|
|
113
113
|
end
|
|
114
114
|
check_length(string, length, description)
|
|
115
115
|
|
data/lib/rbnacl/version.rb
CHANGED
|
@@ -20,6 +20,11 @@ RSpec.describe RbNaCl::SigningKey do
|
|
|
20
20
|
expect(subject.to_bytes).to eq signing_key
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
+
it "serializes the internal signing key to bytes" do
|
|
24
|
+
expect(subject.keypair_bytes.length).to eq 64
|
|
25
|
+
expect(subject.keypair_bytes).to eq "\xB1\x8E\x1D\x00E\x99^\xC3\xD0\x10\xC3\x87\xCC\xFE\xB9\x84\xD7\x83\xAF\x8F\xBB\x0F@\xFA}\xB1&\xD8\x89\xF6\xDA\xDDw\xF4\x8BY\xCA\xED\xA7wQ\xED\x13\x8B\x0E\xC6g\xFFP\xF8v\x8C%\xD4\x83\t\xA8\xF3\x86\xA2\xBA\xD1\x87\xFB"
|
|
26
|
+
end
|
|
27
|
+
|
|
23
28
|
include_examples "key equality" do
|
|
24
29
|
let(:key_bytes) { signing_key }
|
|
25
30
|
let(:key) { described_class.new(key_bytes) }
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# encoding: binary
|
|
2
2
|
RSpec.shared_examples "authenticator" do
|
|
3
|
-
let(:key) { vector
|
|
3
|
+
let(:key) { vector "auth_key_#{described_class.key_bytes}".to_sym }
|
|
4
4
|
let(:message) { vector :auth_message }
|
|
5
5
|
|
|
6
6
|
context ".new" do
|
|
@@ -17,11 +17,11 @@ RSpec.shared_examples "authenticator" do
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
it "raises ArgumentError on a key which is too long" do
|
|
20
|
-
expect { described_class.new("\0" *
|
|
20
|
+
expect { described_class.new("\0" * described_class.key_bytes.succ) }.to raise_error(ArgumentError)
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
it "raises ArgumentError on a key which is too short" do
|
|
24
|
-
expect { described_class.new("\0" *
|
|
24
|
+
expect { described_class.new("\0" * described_class.key_bytes.pred) }.to raise_error(ArgumentError)
|
|
25
25
|
end
|
|
26
26
|
end
|
|
27
27
|
|
|
@@ -35,7 +35,7 @@ RSpec.shared_examples "authenticator" do
|
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
it "raises ArgumentError on a key which is too long" do
|
|
38
|
-
expect { described_class.auth("\0" *
|
|
38
|
+
expect { described_class.auth("\0" * described_class.key_bytes.succ, message) }.to raise_error(ArgumentError)
|
|
39
39
|
end
|
|
40
40
|
end
|
|
41
41
|
|
|
@@ -49,7 +49,7 @@ RSpec.shared_examples "authenticator" do
|
|
|
49
49
|
end
|
|
50
50
|
|
|
51
51
|
it "raises ArgumentError on a key which is too long" do
|
|
52
|
-
expect { described_class.verify("\0" *
|
|
52
|
+
expect { described_class.verify("\0" * described_class.key_bytes.succ, tag, message) }.to raise_error(ArgumentError)
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
it "fails to validate an invalid authenticator" do
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rbnacl
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tony Arcieri
|
|
@@ -10,7 +10,7 @@ autorequire:
|
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain:
|
|
12
12
|
- bascule.cert
|
|
13
|
-
date:
|
|
13
|
+
date: 2016-05-07 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: ffi
|
|
@@ -105,6 +105,7 @@ files:
|
|
|
105
105
|
- lib/rbnacl/hash/sha256.rb
|
|
106
106
|
- lib/rbnacl/hash/sha512.rb
|
|
107
107
|
- lib/rbnacl/hmac/sha256.rb
|
|
108
|
+
- lib/rbnacl/hmac/sha512.rb
|
|
108
109
|
- lib/rbnacl/hmac/sha512256.rb
|
|
109
110
|
- lib/rbnacl/init.rb
|
|
110
111
|
- lib/rbnacl/key_comparator.rb
|
|
@@ -134,6 +135,7 @@ files:
|
|
|
134
135
|
- spec/rbnacl/hash_spec.rb
|
|
135
136
|
- spec/rbnacl/hmac/sha256_spec.rb
|
|
136
137
|
- spec/rbnacl/hmac/sha512256_spec.rb
|
|
138
|
+
- spec/rbnacl/hmac/sha512_spec.rb
|
|
137
139
|
- spec/rbnacl/password_hash/scrypt_spec.rb
|
|
138
140
|
- spec/rbnacl/random_spec.rb
|
|
139
141
|
- spec/rbnacl/secret_box_spec.rb
|
|
@@ -183,6 +185,7 @@ test_files:
|
|
|
183
185
|
- spec/rbnacl/hash_spec.rb
|
|
184
186
|
- spec/rbnacl/hmac/sha256_spec.rb
|
|
185
187
|
- spec/rbnacl/hmac/sha512256_spec.rb
|
|
188
|
+
- spec/rbnacl/hmac/sha512_spec.rb
|
|
186
189
|
- spec/rbnacl/password_hash/scrypt_spec.rb
|
|
187
190
|
- spec/rbnacl/random_spec.rb
|
|
188
191
|
- spec/rbnacl/secret_box_spec.rb
|
|
@@ -195,4 +198,3 @@ test_files:
|
|
|
195
198
|
- spec/shared/key_equality.rb
|
|
196
199
|
- spec/shared/serializable.rb
|
|
197
200
|
- spec/spec_helper.rb
|
|
198
|
-
has_rdoc:
|