ruar 0.0.2 → 0.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2ad6f68a61d0accd3eb5e970934fcbbf30e299c3caafb1ec69ebfc9f9a3b76bf
-  data.tar.gz: 9a9f620ce167c3c5b0f1ab163b0d40f4261652005b83f8f2757098b600ee5b6a
+  metadata.gz: 71e86cbea690ee3e4c66ca5079ba3ae43ffa2d21c1b01e3574a3324b9509d712
+  data.tar.gz: 4dd935f956cefc3c13fae4ca9c95edefea91c556e92944e36d1d1b7c89b32791
 SHA512:
-  metadata.gz: d5508e42916f61c9aeb2c47d90a956401139baac154d7a6776b600434da114aecdf156b860621c4117755a8dbf1f6ad45ee2cff5a601254b278b7d9804fe0065
-  data.tar.gz: 790039c7c05c5da8c09a22bc349926c3c10476e7b37090ac2e2c213cd91bbd512aae7c596900ab89e1afcfad98d06cfe89671d0ebf39fe534d9444221f6f9cd0
+  metadata.gz: 7e31c46a4daa42ad6432b41e78c94004816a908810a4f1f51fd062129ac6244f44b7bcad9be7294a643a57559bdf179a91a60e2be85bc61c7961b908ca3517d6
+  data.tar.gz: f944938e97821f40ad011c30ebd62bf6586e4931184e3311feff029615503c8308fd117bae4958661a0414bfafacc72c91e86f765c95283ddf02db28d4d184d7

data/README.md

@@ -5,6 +5,8 @@ Tar-like Archive for RIEN
 [![CI Tests](https://github.com/DarkKowalski/ruar/workflows/CI%20Tests/badge.svg)](https://github.com/DarkKowalski/ruar/actions?query=workflow%3A%22CI+Tests%22)
 [![Build](https://github.com/DarkKowalski/ruar/workflows/Build/badge.svg)](https://github.com/DarkKowalski/ruar/actions?query=workflow%3ABuild)
 
+This GEM is still in development, please use the latest git dev branch
+
 ## Usage
 
 ```ruby
@@ -33,6 +35,57 @@ require 'dir/file'
 # Here you go
 ```
 
+### AEAD
+
+Encrypt
+
+```ruby
+require 'ruar'
+require 'tmpdir'
+
+auth_data = Base64.encode64('nekomimi')
+Ruar.cipher.setup(auth_data: auth_data)
+
+archive = File.join(Dir.tmpdir, 'aead.ruar')
+Ruar::Serialize.aead('./test/sample', archive)
+```
+
+Then you will get `/tmp/aead.ruar.setup`
+
+```ruby
+Ruar.cipher.setup(
+  iv: 'niNGDaPcFiD8eKdb',
+  key: 'I0LpzLx3GuU19F5EOwTbfZJ6pYOlH4Pbumm9SolLJv8=',
+  auth_data: 'bmVrb21pbWk=',
+  tag: 'nN6rCnd5SmZaoTdpmUEjtw==')
+Ruar.cipher.enable
+```
+
+Decrypt
+
+```ruby
+require 'lib/ruar'
+require 'tmpdir'
+
+# Decryption Setup
+Ruar.cipher.setup(
+  iv: 'niNGDaPcFiD8eKdb',
+  key: 'I0LpzLx3GuU19F5EOwTbfZJ6pYOlH4Pbumm9SolLJv8=',
+  auth_data: 'bmVrb21pbWk=',
+  tag: 'nN6rCnd5SmZaoTdpmUEjtw==')
+Ruar.cipher.enable
+
+archive = File.join(Dir.tmpdir, 'aead.ruar')
+Ruar.setup(archive: archive).activate
+
+# Setup
+Ruar.setup(
+  archive: archive
+).activate
+
+# Require from /tmp/aeae.ruar
+require 'dir/file'
+```
 ## Format
 
 ```

data/ext/ruar/ruar.c

@@ -2,6 +2,7 @@
 
 #include <ctype.h>
 #include <ruby.h>
+#include <stdbool.h>
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -43,7 +44,12 @@ STATIC_ASSERT(sizeof(struct ruar_header) == HEADER_SIZE);
 /* Constants */
 static const uint32_t current_major_version = 0;
 static const uint32_t current_minor_version = 0;
-static const uint32_t current_patch_version = 1;
+static const uint32_t current_patch_version = 3;
+
+/* Flags */
+#define PLAIN 0
+#define AEAD_AES_256_GCM 1
+#define ZLIB_DEFLATE 1
 
 /* System info */
 #ifdef __linux__
@@ -67,6 +73,7 @@ static VALUE rb_mRuar_Serialize_Native;
 
 /* Functions exposed as module functions on Ruar::Serialize::Native */
 static VALUE ruar_serialize_rb_plain_header(VALUE self, VALUE dstfile, VALUE index);
+static VALUE ruar_serialize_rb_aead_header(VALUE self, VALUE dstfile, VALUE index);
 static VALUE ruar_serialize_rb_append_file(VALUE self, VALUE dstfile, VALUE srcfile);
 
 /* Ruar::Access::Native */
@@ -96,6 +103,7 @@ void Init_ruar(void)
     rb_mRuar_Serialize = rb_define_module_under(rb_mRuar, "Serialize");
     rb_mRuar_Serialize_Native = rb_define_module_under(rb_mRuar_Serialize, "Native");
     rb_define_module_function(rb_mRuar_Serialize_Native, "plain_header", ruar_serialize_rb_plain_header, 2);
+    rb_define_module_function(rb_mRuar_Serialize_Native, "aead_header", ruar_serialize_rb_aead_header, 2);
     rb_define_module_function(rb_mRuar_Serialize_Native, "append_file", ruar_serialize_rb_append_file, 2);
 
     rb_kRuar_Access = rb_define_class_under(rb_mRuar, "Access", rb_cObject);
@@ -137,38 +145,74 @@ static VALUE ruar_rb_header_hash(const struct ruar_header *header)
     return rb_header;
 }
 
-static VALUE ruar_serialize_rb_plain_header(VALUE self, VALUE dstfile, VALUE index)
+static struct ruar_header ruar_fillout_header(char *index_cstring, uint32_t index_size, uint32_t encryption_flags, uint32_t compression_flags)
 {
-    /* Call into ruby to generate the index */
-    char *index_cstring = rb_string_value_cstr(&index);
-    uint32_t index_size = INDEX_SIZE(index_cstring);
-
     /* Fill out a header */
     struct ruar_header header = {
         .major_version = current_major_version,
         .minor_version = current_minor_version,
         .patch_version = current_patch_version,
         .platform = current_platform,
-        .encryption_flags = 0,
-        .compression_flags = 0,
+        .encryption_flags = encryption_flags,
+        .compression_flags = compression_flags,
         .index_start = HEADER_SIZE,
         .index_size = index_size,
         .index_checksum = ruar_crc32_generate((unsigned char *)index_cstring, index_size),
         .header_checksum = 0};
     header.header_checksum = ruar_crc32_generate((unsigned char *)&header, HEADER_SIZE);
 
-    /* Write header */
-    char *dstfile_cstring = rb_string_value_cstr(&dstfile);
+    return header;
+}
+
+static bool ruar_write_header_to_file(char *dstfile_cstring, char *index_cstring, uint32_t index_size, struct ruar_header *header)
+{
     FILE *outfile = fopen(dstfile_cstring, "wb");
     if (outfile == NULL)
     {
         fprintf(stderr, "\nFailed to open file! %s\n", dstfile_cstring);
-        return Qnil;
+        return false;
     }
 
-    fwrite(&header, HEADER_SIZE, 1, outfile);
+    fwrite(header, HEADER_SIZE, 1, outfile);
     fwrite(index_cstring, index_size, 1, outfile);
     fclose(outfile);
+    return true;
+}
+
+static VALUE ruar_serialize_rb_plain_header(VALUE self, VALUE dstfile, VALUE index)
+{
+    char *index_cstring = rb_string_value_cstr(&index);
+    uint32_t index_size = INDEX_SIZE(index_cstring);
+
+    /* Fill out a header */
+    struct ruar_header header = ruar_fillout_header(index_cstring, index_size, PLAIN, PLAIN);
+
+    /* Write header */
+    char *dstfile_cstring = rb_string_value_cstr(&dstfile);
+    if (!ruar_write_header_to_file(dstfile_cstring, index_cstring, index_size, &header))
+    {
+        return Qnil;
+    }
+
+    /* Get Ruby Hash */
+    return ruar_rb_header_hash(&header);
+}
+
+static VALUE ruar_serialize_rb_aead_header(VALUE self, VALUE dstfile, VALUE index)
+{
+    /* Index should be encrypted in Ruby land */
+    char *index_cstring = rb_string_value_cstr(&index);
+    uint32_t index_size = INDEX_SIZE(index_cstring);
+
+    /* Fill out a header */
+    struct ruar_header header = ruar_fillout_header(index_cstring, index_size, AEAD_AES_256_GCM, ZLIB_DEFLATE);
+
+    /* Write header */
+    char *dstfile_cstring = rb_string_value_cstr(&dstfile);
+    if (!ruar_write_header_to_file(dstfile_cstring, index_cstring, index_size, &header))
+    {
+        return Qnil;
+    }
 
     /* Get Ruby Hash */
     return ruar_rb_header_hash(&header);
@@ -310,7 +354,6 @@ static VALUE ruar_access_rb_file(VALUE self, VALUE archive, VALUE offset, VALUE
 
     size_t size_cint = NUM2SIZET(size);
 
-    
     /* Ruby C API will convert this C-style String to a Ruby String Object
      * Thus one extra byte for the trialing '\0' 
      */

data/lib/ruar.rb

@@ -2,8 +2,11 @@
 
 require 'json'
 require 'tmpdir'
+require 'base64'
+require 'openssl'
 require 'pathname'
-require 'binding_of_caller'
+require 'zlib'
+# require 'binding_of_caller'
 
 require_relative 'ruar/version'
 require_relative 'ruar/ruar'
@@ -12,6 +15,8 @@ require_relative 'ruar/error'
 require_relative 'ruar/index'
 require_relative 'ruar/serialize'
 require_relative 'ruar/access'
+require_relative 'ruar/cipher'
+require_relative 'ruar/compression'
 require_relative 'ruar/entrypoint'
 
 require_relative 'ruar/setup'

data/lib/ruar/access.rb

@@ -27,6 +27,7 @@ module Ruar
       rebuild
     end
 
+    # TODO: Need to deliberately test this part
     def lookup(path)
       paths = Ruar::Access.clean_path(path)
       filename = paths.pop
@@ -50,7 +51,10 @@ module Ruar
 
     def read(path)
       offset, size, _executable = lookup(path)
-      Ruar::Access::Native.file(@archive, offset.to_i, size.to_i)
+      file = Ruar::Access::Native.file(@archive, offset.to_i, size.to_i)
+      file = Ruar.cipher.decrypt(file)[:decrypted] if Ruar.cipher.enable?
+
+      file
     end
 
     def eval(path, eval_bind = TOPLEVEL_BINDING)
@@ -86,7 +90,9 @@ module Ruar
 
     def rebuild
       @header = Ruar::Access::Native.header(@archive)
-      @index = JSON.parse(Ruar::Access::Native.index(@archive))
+      index_data = Ruar::Access::Native.index(@archive)
+      index_data = Ruar.cipher.decrypt(index_data)[:decrypted] if Ruar.cipher.enable?
+      @index = JSON.parse(index_data)
       @file_start = @header['index_start'] + @header['index_size']
     end
   end

data/lib/ruar/cipher.rb

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+module Ruar
+  class Cipher
+    def initialize
+      @enable = false
+    end
+
+    def aead
+      @aead ||= OpenSSL::Cipher.new('aes-256-gcm')
+    end
+
+    def enable?
+      @enable
+    end
+
+    def enable
+      @enable = true
+    end
+
+    def setup(key: nil, iv: nil, auth_data: nil, tag: nil)
+      @key = key.nil? ? aead.random_key : Base64.decode64(key)
+      @iv = iv.nil? ? aead.random_iv : Base64.decode64(iv)
+      @auth_data = auth_data.nil? ? 'ruar_default_auth_data' : Base64.decode64(auth_data)
+      @tag = tag.nil? ? 'ruar_invalid_auth_tag' : Base64.decode64(tag)
+
+      self
+    end
+
+    def encrypt(data, auth_data: @auth_data, key: @key, iv: @iv)
+      cipher = aead.encrypt
+      cipher.key = key
+      cipher.iv = iv
+      cipher.auth_data = auth_data
+
+      compressed = Ruar::Compression.compress(data)
+      encrypted = Base64.encode64(cipher.update(compressed) + cipher.final)
+      tag = cipher.auth_tag
+
+      {
+        encrypted: encrypted,
+        iv: iv,
+        key: key,
+        tag: tag,
+        auth_data: auth_data
+      }
+    end
+
+    def decrypt(data, auth_data: @auth_data, key: @key, iv: @iv, tag: @tag)
+      raise 'tag is truncated!' unless tag.bytesize == 16
+
+      cipher = aead.decrypt
+      cipher.key = key
+      cipher.iv = iv
+      cipher.auth_tag = tag
+      cipher.auth_data = auth_data
+
+      decrypted = cipher.update(Base64.decode64(data))
+      decompressed = Ruar::Compression.decompress(decrypted)
+
+      { decrypted: decompressed }
+    end
+  end
+end

data/lib/ruar/compression.rb

@@ -0,0 +1,11 @@
+module Ruar
+  module Compression
+    def self.compress(data)
+      Zlib::Deflate.deflate(data)
+    end
+
+    def self.decompress(data)
+      Zlib::Inflate.inflate(data)
+    end
+  end
+end

data/lib/ruar/core_ext/kernel_require.rb

@@ -14,9 +14,9 @@ module Ruar
         prefix = Ruar.path_prefix
         # TODO: support .so here
         if File.extname(path) == '.rb'
-          File.join(prefix, path)
+          Pathname.new(File.join(prefix, path)).cleanpath.to_s
         else
-          File.join(prefix, "#{path}.rb")
+          Pathname.new(File.join(prefix, "#{path}.rb")).cleanpath.to_s
         end
       end
     end
@@ -27,15 +27,14 @@ module Kernel
   module_function
 
   def ruar_eval_wrap(path, eval_bind = TOPLEVEL_BINDING)
-    Ruar.eval(path, eval_bind)
-    yield
+    Ruar.eval("#{path}.rb", eval_bind) # Ruar.eval(path.rb, eval_bind)
+    yield if block_given?
     true
   rescue Ruar::Error::FileNotFound
-    # Try again with .rb extension
+    # Try again without .rb extension
     begin
-      # For rubocop:
-      Ruar.eval("#{path}.rb", eval_bind) # Ruar.eval(path.rb, eval_bind)
-      yield
+      Ruar.eval(path, eval_bind)
+      yield if block_given?
       true
     rescue Ruar::Error::BaseError
       raise Ruar::Access::CoreExt.make_load_error(path)
@@ -91,9 +90,7 @@ module Kernel
   alias load_without_ruar load
 
   def load_with_ruar(path, eval_bind = TOPLEVEL_BINDING)
-    ruar_eval_wrap(path, eval_bind) do
-      # Do nothing, just read and eval
-    end
+    ruar_eval_wrap(path, eval_bind)
   end
 
   def load(path, from: :both)

data/lib/ruar/index.rb

@@ -6,7 +6,9 @@ module Ruar
 
     def initialize(dir = '.')
       @dir = dir
-      generate(dir)
+      generate(dir) do |file|
+        yield(file) if block_given?
+      end
     end
 
     def json_index
@@ -17,7 +19,9 @@ module Ruar
 
     # Generate json format index
     def generate(dir)
-      @index, @source_info = scan(dir, 0)
+      @index, @source_info = scan(dir, 0) do |file|
+        yield(file) if block_given?
+      end
     end
 
     # FIXME: don't recurse
@@ -32,6 +36,9 @@ module Ruar
 
         files = entities.select { |f| File.file?(f) }
         files.each do |f|
+          # Do something else likes encrypting the file
+          yield(f) if block_given?
+
           size = File.size(f)
 
           index['files'][f] = {
@@ -52,7 +59,9 @@ module Ruar
         dirs = entities.select { |d| File.directory?(d) }
         dirs.each do |d|
           # Notice: need to accumulate offset here
-          sub_index, sub_source_info, offset = scan(d, offset)
+          sub_index, sub_source_info, offset = scan(d, offset) do |f|
+            yield(f) if block_given?
+          end
           index['files'][d] = sub_index
           source_info.concat(sub_source_info)
         end

data/lib/ruar/serialize.rb

@@ -9,5 +9,38 @@ module Ruar
         Ruar::Serialize::Native.append_file(dstfile, src['realpath'])
       end
     end
+
+    def self.aead(srcdir, dstfile)
+      time = Time.now.strftime('%Y%m%dT%H%M')
+      tmpdir = File.expand_path("ruar_#{time}", Dir.tmpdir)
+      FileUtils.copy_entry(srcdir, tmpdir)
+
+      encryption_info = nil
+      index = Ruar::Index.new(tmpdir) do |file|
+        data = File.read(file)
+        encryption_info = Ruar.cipher.encrypt(data)
+        File.write(file, encryption_info[:encrypted])
+      end
+
+      encrypted_index = Ruar.cipher.encrypt(index.json_index)[:encrypted]
+      Ruar::Serialize::Native.aead_header(dstfile, encrypted_index)
+
+      index.source_info.each do |src|
+        Ruar::Serialize::Native.append_file(dstfile, src['realpath'])
+      end
+
+      setup_file = <<~SETUP
+        Ruar.cipher.setup(
+          iv: '#{Base64.encode64(encryption_info[:iv]).chomp}',
+          key: '#{Base64.encode64(encryption_info[:key]).chomp}',
+          auth_data: '#{Base64.encode64(encryption_info[:auth_data]).chomp}',
+          tag: '#{Base64.encode64(encryption_info[:tag]).chomp}')
+        Ruar.cipher.enable
+      SETUP
+
+      File.write("#{dstfile}.setup", setup_file)
+
+      FileUtils.rm_rf(tmpdir)
+    end
   end
 end

data/lib/ruar/setup.rb

@@ -32,6 +32,10 @@ module Ruar
       def eval(path, bind = TOPLEVEL_BINDING)
         @entrypoint.eval(path, bind)
       end
+
+      def cipher
+        @cipher ||= Ruar::Cipher.new
+      end
     end
   end
 end

data/lib/ruar/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Ruar
-  VERSION = '0.0.2'
+  VERSION = '0.0.3'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ruar
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
 platform: ruby
 authors:
 - Kowalski Dark
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-02-20 00:00:00.000000000 Z
+date: 2021-02-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: binding_of_caller
@@ -137,6 +137,8 @@ files:
 - ext/ruar/ruar.h
 - lib/ruar.rb
 - lib/ruar/access.rb
+- lib/ruar/cipher.rb
+- lib/ruar/compression.rb
 - lib/ruar/core_ext/kernel_require.rb
 - lib/ruar/core_ext/string_colorize.rb
 - lib/ruar/entrypoint.rb