rbnacl 3.4.0 → 4.0.0.pre

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bcf4ccd28c18cf4c35fbdaf0b6a477e76611dde0
-  data.tar.gz: 9e6e95385b32259c3de1a5be583e20f910ba3f9d
+  metadata.gz: c2f871a780f690af1d6c71ee6ac966a31c04e955
+  data.tar.gz: efb865e57cce84746c469fe9a5aba80e825fac3f
 SHA512:
-  metadata.gz: 06843ef90fb734f7b2003adf225f78701682766c45fc5f786e4ee2e09347f7b3827df96fa14e39a3347eb097db168327f58e8867f483cbfd07fcc6dbb0870849
-  data.tar.gz: 5afb3ed48547db7e6883478654fe4c06065aa2fec84e43ce78d6f950d3cc439130039aad2eb34240bfe1026ed4939efa10878dc31ec5a0faadc67af6f6adfa5c
+  metadata.gz: 5f6d7c58f9873cc194eca83fc1acae8554dba2624d98d7bc5c505ed99071119c9af40d77038f7c4ab015465fcdeda22c33910258bfb235d9335b53d4740be7e2
+  data.tar.gz: 471154df784020f8762d7ef3c41f4ae026764f87b720be581e9e0d8efc26c6ba41944d532015b54423f74b411b264c633ebac39065c18fa6843f216f2481c7f6

data/.rspec

@@ -3,3 +3,4 @@
 --backtrace
 --order random
 --warnings
+--require spec_helper

data/.rubocop.yml

@@ -1,10 +1,31 @@
+AllCops:
+  DisplayCopNames: true
+  Include:
+    - '**/Rakefile'
+  Exclude:
+    - 'spec/**/*'
+    - 'vendor/**/*'
+    - 'lib/rbnacl/test_vectors.rb'
+
+#
+# Metrics
+#
+
+Metrics/AbcSize:
+  Max: 20
+
+Metrics/ClassLength:
+  Max: 150
+
+Metrics/MethodLength:
+  Max: 25
+
 #
 # Style
 #
 
-# TODO: turn this down
 LineLength:
-  Max: 150
+  Max: 128
 
 Style/StringLiterals:
   EnforcedStyle: double_quotes
@@ -14,19 +35,3 @@ Style/SpaceBeforeFirstArg:
 
 Style/GlobalVars:
   Enabled: false
-
-#
-# Metrics
-#
-
-Metrics/MethodLength:
-  Max: 22
-
-Metrics/AbcSize:
-  Max: 20
-
-AllCops:
-  Include:
-    - '**/Rakefile'
-  Exclude:
-    - 'spec/**/*'

data/.ruby-version

@@ -0,0 +1 @@
+2.3.3

data/.travis.yml

@@ -1,33 +1,24 @@
 language: ruby
 sudo: false
+cache: bundler
 script: bundle exec rake ci
+bundler_args: --without development
+
 branches:
   only:
     - master
 
-bundler_args: --without development
-
 rvm:
-  - 2.0.0
-  - 2.1.10
-  - 2.2.5
-  - 2.3.1
-  - ruby-head
-  - jruby
-  - jruby-9.0.5.0
-  - jruby-head
-  - rbx-2
+  - jruby-9.1.6.0
+  - 2.2.6
+  - 2.3.3
 
 env:
-  - LIBSODIUM_VERSION=1.0.0 # Minimum supported
-  - LIBSODIUM_VERSION=1.0.8 # Latest released
+  - LIBSODIUM_VERSION=1.0.0  # Minimum supported
+  - LIBSODIUM_VERSION=1.0.11 # Latest released
 
 matrix:
   fast_finish: true
-  allow_failures:
-    - rvm: ruby-head
-    - rvm: jruby-head
-    - rvm: rbx-2
 
 notifications:
   irc: "irc.freenode.org#cryptosphere"

data/CHANGES.md

@@ -1,12 +1,27 @@
+4.0.0.pre (2016-12-04)
+----------------------
+
+* [#141](https://github.com/cryptosphere/rbnacl/pull/141)
+  Add wrappers for ChaCha20Poly1305 AEAD ciphers.
+  ([@aadavids])
+
+* [#142](https://github.com/cryptosphere/rbnacl/pull/142)
+  Added support for Argon2 password hash.
+  ([@elijh])
+
+* [#143](https://github.com/cryptosphere/rbnacl/pull/143)
+  Require Ruby 2.2.6+.
+  ([@tarcieri])
+
 3.4.0 (2015-05-07)
 ------------------
 * [#135](https://github.com/cryptosphere/rbnacl/pull/135)
   Expose RbNaCl::Signatures::Ed25519#keypair_bytes.
-  (@grempe)
+  ([@grempe])
 
 * [#137](https://github.com/cryptosphere/rbnacl/pull/137)
   Expose HMAC-SHA512 (with 64-byte keys)
-  (@mwpastore)
+  ([@mwpastore])
 
 3.3.0 (2015-12-29)
 ------------------
@@ -82,3 +97,7 @@
 
 [@namelessjon]: https://github.com/namelessjon
 [@tarcieri]: https://github.com/tarcieri
+[@aadavids]: https://github.com/aadavids
+[@grempe]: https://github.com/grempe
+[@mwpastore]: https://github.com/mwpastore
+[@elijh]: https://github.com/elijh

data/Gemfile

@@ -8,7 +8,7 @@ end
 
 group :test do
   gem "rspec"
-  gem "rubocop", "0.39.0"
+  gem "rubocop", "0.46.0"
   gem "coveralls", require: false
   gem "rbnacl-libsodium", ENV["LIBSODIUM_VERSION"]
 end

data/README.md

@@ -6,6 +6,11 @@
 [![Coverage Status](https://coveralls.io/repos/cryptosphere/rbnacl/badge.svg?branch=master)](https://coveralls.io/r/cryptosphere/rbnacl)
 [![MIT licensed](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/cryptosphere/rbnacl/blob/master/LICENSE.txt)
 
+_NOTE: This is the 4.x **development** branch of RbNaCl. For the 3.x **stable**
+branch, please see:_
+
+https://github.com/cryptosphere/rbnacl/tree/3-x-stable
+
 A Ruby binding to the state-of-the-art [Networking and Cryptography][nacl]
 library by [Daniel J. Bernstein][djb]. This is **NOT** Google Native Client.
 This is a crypto library.
@@ -53,11 +58,29 @@ For more information on NaCl's goals, see Dan Bernstein's presentation
 
 ## Supported platforms
 
-You can use RbNaCl anywhere you can get libsodium installed (see below).
-RbNaCl is continuously integration tested on the following Ruby VMs:
+You can use RbNaCl on platforms libsodium is supported (see below).
+
+This library aims to support and is [tested against][travis] the following Ruby
+versions:
+
+* Ruby 2.2.6+
+* Ruby 2.3.0+
+* JRuby 9.1.6.0+
+
+If something doesn't work on one of these versions, it's a bug.
+
+This library may inadvertently work (or seem to work) on other Ruby versions,
+however support will only be provided for the versions listed above.
 
-* MRI 2.0, 2.1, 2.2, 2.3
-* JRuby 1.7, 9000
+If you would like this library to support another Ruby version or
+implementation, you may volunteer to be a maintainer. Being a maintainer
+entails making sure all tests run and pass on that implementation. When
+something breaks on your implementation, you will be responsible for providing
+patches in a timely fashion. If critical issues for a particular implementation
+exist at the time of a major release, support for that Ruby version may be
+dropped.
+
+[travis]: http://travis-ci.org/cryptosphere/rbnacl
 
 ## Installation
 
@@ -72,7 +95,7 @@ To use RbNaCl, you will need to install libsodium:
 
 https://github.com/jedisct1/libsodium
 
-At least version `1.0.0` is recommended.
+At least version `1.0.0` is required.
 
 For OS X users, libsodium is available via homebrew and can be installed with:
 
@@ -139,19 +162,6 @@ information.
 [hashes]: https://github.com/cryptosphere/rbnacl/wiki/Hash-Functions
 [rdoc]: http://rubydoc.info/github/cryptosphere/rbnacl/master/frames
 
-## Reporting Security Problems
-
-If you have discovered a bug in RbNaCl of a sensitive nature, i.e.
-one which can compromise the security of RbNaCl users, you can
-report it securely by sending a GPG encrypted message. Please use
-the following key:
-
-https://raw.github.com/cryptosphere/rbnacl/master/bascule.asc
-
-The key fingerprint is (or should be):
-
-`9148 85A2 6242 1628 B6AA AB45 4CB9 B3D0 BACC 8B71`
-
 ## Learn More
 
 While NaCl has designed to be easier-than-usual to use for a crypto
@@ -163,6 +173,7 @@ interested in learning more about how NaCl works, it's recommended
 that you read them:
 
 * [Cryptography in NaCl](http://cr.yp.to/highspeed/naclcrypto-20090310.pdf)
+* [Salsa20 Design](https://cr.yp.to/snuffle/design.pdf)
 * [Curve25519: new Diffie-Hellman speed records](http://cr.yp.to/ecdh/curve25519-20060209.pdf)
 * [Ed25519: High-speed high-security signatures](http://ed25519.cr.yp.to/ed25519-20110926.pdf)
 

data/Rakefile

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require "bundler/gem_tasks"
 
 Dir[File.expand_path("../tasks/**/*.rake", __FILE__)].each { |task| load task }

data/lib/rbnacl.rb

@@ -1,4 +1,6 @@
 # encoding: binary
+# frozen_string_literal: true
+
 require "rbnacl/version"
 require "rbnacl/sodium"
 require "rbnacl/sodium/version"
@@ -10,6 +12,7 @@ require "rbnacl/random"
 require "rbnacl/simple_box"
 require "rbnacl/test_vectors"
 require "rbnacl/init"
+require "rbnacl/aead/aead"
 
 # NaCl/libsodium for Ruby
 module RbNaCl
@@ -63,15 +66,22 @@ module RbNaCl
   require "rbnacl/hash/sha512"
   require "rbnacl/hash/blake2b"
 
-  # Password hash function: scrypt
+  # Password hash functions
   require "rbnacl/password_hash"
   require "rbnacl/password_hash/scrypt"
+  if RbNaCl::Sodium::Version::ARGON2_SUPPORTED
+    require "rbnacl/password_hash/argon2"
+  end
 
   # HMAC: SHA256/512 and SHA512256
   require "rbnacl/hmac/sha256"
   require "rbnacl/hmac/sha512256"
   require "rbnacl/hmac/sha512"
 
+  # AEAD: ChaCha20-Poly1305
+  require "rbnacl/aead/chacha20poly1305"
+  require "rbnacl/aead/chacha20poly1305_ietf"
+
   #
   # Bind aliases used by the public API
   #

data/lib/rbnacl/aead/aead.rb

@@ -0,0 +1,143 @@
+# encoding: binary
+# frozen_string_literal: true
+
+module RbNaCl
+  module AEAD
+    # Authenticated Encryption with Additional Data
+    #
+    # This construction encrypts a message, and computes an authentication
+    # tag for the encrypted message and some optional additional data
+    #
+    # RbNaCl provides wrappers for both ChaCha20-Poly1305 AEAD implementations
+    # in libsodium: the original, and the IETF version.
+    class GenericAEAD
+      # Number of bytes in a valid key
+      KEYBYTES = 0
+
+      # Number of bytes in a valid nonce
+      NPUBBYTES = 0
+
+      attr_reader :key
+      private :key
+
+      # Create a new AEAD using the IETF chacha20poly1305 construction
+      #
+      # Sets up AEAD with a secret key for encrypting and decrypting messages.
+      #
+      # @param key [String] The key to encrypt and decrypt with
+      #
+      # @raise [RbNaCl::LengthError] on invalid keys
+      #
+      # @return [RbNaCl::AEAD::Chacha20Poly1305IETF] The new AEAD construct, ready to use
+      def initialize(key)
+        @key = Util.check_string(key, key_bytes, "Secret key")
+      end
+
+      # Encrypts and authenticates a message with additional authenticated data
+      #
+      # @param nonce [String] An 8-byte string containing the nonce.
+      # @param message [String] The message to be encrypted.
+      # @param additional_data [String] The additional authenticated data
+      #
+      # @raise [RbNaCl::LengthError] If the nonce is not valid
+      # @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated.
+      #
+      # @return [String] The encrypted message with the authenticator tag appended
+      def encrypt(nonce, message, additional_data)
+        Util.check_length(nonce, nonce_bytes, "Nonce")
+
+        ciphertext_len = Util.zeros(1)
+        ciphertext = Util.zeros(data_len(message) + tag_bytes)
+
+        success = do_encrypt(ciphertext, ciphertext_len, nonce, message, additional_data)
+        raise CryptoError, "Encryption failed" unless success
+        ciphertext
+      end
+
+      # Decrypts and verifies an encrypted message with additional authenticated data
+      #
+      # @param nonce [String] An 8-byte string containing the nonce.
+      # @param ciphertext [String] The message to be decrypted.
+      # @param additional_data [String] The additional authenticated data
+      #
+      # @raise [RbNaCl::LengthError] If the nonce is not valid
+      # @raise [RbNaCl::CryptoError] If the ciphertext cannot be authenticated.
+      #
+      # @return [String] The decrypted message
+      def decrypt(nonce, ciphertext, additional_data)
+        Util.check_length(nonce, nonce_bytes, "Nonce")
+
+        message_len = Util.zeros(1)
+        message = Util.zeros(data_len(ciphertext) - tag_bytes)
+
+        success = do_decrypt(message, message_len, nonce, ciphertext, additional_data)
+        raise CryptoError, "Decryption failed. Ciphertext failed verification." unless success
+        message
+      end
+
+      # The crypto primitive for this aead instance
+      #
+      # @return [Symbol] The primitive used
+      def primitive
+        self.class.primitive
+      end
+
+      # The nonce bytes for the AEAD class
+      #
+      # @return [Integer] The number of bytes in a valid nonce
+      def self.nonce_bytes
+        self::NPUBBYTES
+      end
+
+      # The nonce bytes for the AEAD instance
+      #
+      # @return [Integer] The number of bytes in a valid nonce
+      def nonce_bytes
+        self.class.nonce_bytes
+      end
+
+      # The key bytes for the AEAD class
+      #
+      # @return [Integer] The number of bytes in a valid key
+      def self.key_bytes
+        self::KEYBYTES
+      end
+
+      # The key bytes for the AEAD instance
+      #
+      # @return [Integer] The number of bytes in a valid key
+      def key_bytes
+        self.class.key_bytes
+      end
+
+      # The number bytes in the tag or authenticator from this AEAD class
+      #
+      # @return [Integer] number of tag bytes
+      def self.tag_bytes
+        self::ABYTES
+      end
+
+      # The number of bytes in the tag or authenticator for this AEAD instance
+      #
+      # @return [Integer] number of tag bytes
+      def tag_bytes
+        self.class.tag_bytes
+      end
+
+      private
+
+      def data_len(data)
+        return 0 if data.nil?
+        data.bytesize
+      end
+
+      def do_encrypt(_ciphertext, _ciphertext_len, _nonce, _message, _additional_data)
+        raise NotImplementedError
+      end
+
+      def do_decrypt(_message, _message_len, _nonce, _ciphertext, _additional_data)
+        raise NotImplementedError
+      end
+    end
+  end
+end

data/lib/rbnacl/aead/chacha20poly1305.rb

@@ -0,0 +1,42 @@
+# encoding: binary
+# frozen_string_literal: true
+
+module RbNaCl
+  module AEAD
+    # This class contains wrappers for the original libsodium implementation of
+    # Authenticated Encryption with Additional Data using ChaCha20-Poly1305
+    class Chacha20Poly1305 < GenericAEAD
+      extend Sodium
+
+      sodium_type :aead
+      sodium_primitive :chacha20poly1305
+      sodium_constant :KEYBYTES
+      sodium_constant :NPUBBYTES
+      sodium_constant :ABYTES
+
+      sodium_function :aead_chacha20poly1305_encrypt,
+                      :crypto_aead_chacha20poly1305_encrypt,
+                      [:pointer, :pointer, :pointer, :ulong_long, :pointer, :ulong_long, :pointer, :pointer, :pointer]
+
+      sodium_function :aead_chacha20poly1305_decrypt,
+                      :crypto_aead_chacha20poly1305_decrypt,
+                      [:pointer, :pointer, :pointer, :pointer, :ulong_long, :pointer, :ulong_long, :pointer, :pointer]
+
+      private
+
+      def do_encrypt(ciphertext, ciphertext_len, nonce, message, additional_data)
+        self.class.aead_chacha20poly1305_encrypt(ciphertext, ciphertext_len,
+                                                 message, data_len(message),
+                                                 additional_data, data_len(additional_data),
+                                                 nil, nonce, @key)
+      end
+
+      def do_decrypt(message, message_len, nonce, ciphertext, additional_data)
+        self.class.aead_chacha20poly1305_decrypt(message, message_len, nil,
+                                                 ciphertext, data_len(ciphertext),
+                                                 additional_data, data_len(additional_data),
+                                                 nonce, @key)
+      end
+    end
+  end
+end