ruby_rncryptor 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +7 -0
  2. data/lib/ruby_rncryptor.rb +79 -0
  3. metadata +44 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: c80019973b935b1f0e103db228bf56c895354819
4
+ data.tar.gz: da313bcf46200818efa308af74bc2606bb1df055
5
+ SHA512:
6
+ metadata.gz: 659d506bc5e569e0a1c449dee320d3a0f228df995510ec5094a7a3d617982fe9bc257d2fc27318051ea9392c8bd0dfc8ecd1faf97a5246fc41c96d911876b975
7
+ data.tar.gz: 8c0dc3e406987daceeb3931abefe86b74f70c74f7649f80dfad1ee5f3243ae4401be4afe2a72115fa917e0eec2e8cf6481000936fa63c851d4327d2f9ded78b4
@@ -0,0 +1,79 @@
1
+ # RubyRNCryptor by Erik Wrenholt.
2
+ # Based on data format described by Rob Napier
3
+ # https://github.com/rnapier/RNCryptor/wiki/Data-Format
4
+ # MIT License
5
+
6
+ require 'openssl'
7
+ require 'securerandom'
8
+
9
+ class RubyRNCryptor
10
+ include OpenSSL
11
+
12
+ def self.decrypt(data, password)
13
+
14
+ version = data[0,1]
15
+ raise "RubyRNCryptor only decrypts version 2 or 3" unless (version == "\x02" || version == "\x03")
16
+ options = data[1,1]
17
+ encryption_salt = data[2,8]
18
+ hmac_salt = data[10,8]
19
+ iv = data[18,16]
20
+ cipher_text = data[34,data.length-66]
21
+ hmac = data[data.length-32,32]
22
+
23
+ msg = version + options + encryption_salt + hmac_salt + iv + cipher_text
24
+
25
+ # Verify password is correct. First try with correct encoding
26
+ hmac_key = PKCS5.pbkdf2_hmac_sha1(password, hmac_salt, 10000, 32)
27
+ verified = [HMAC.hexdigest('sha256', hmac_key, msg)].pack('H*') == hmac
28
+
29
+ if !verified && version == "\x02"
30
+ # Version 2 Cocoa version truncated multibyte passwords, so try truncating.
31
+ password = RubyRNCryptor.truncate_multibyte_password(password)
32
+ hmac_key = PKCS5.pbkdf2_hmac_sha1(password, hmac_salt, 10000, 32)
33
+ verified = [HMAC.hexdigest('sha256', hmac_key, msg)].pack('H*') == hmac
34
+ end
35
+
36
+ raise "Password may be incorrect, or the data has been corrupted. (HMAC could not be verified)" unless verified
37
+
38
+ # HMAC was verified, now decrypt it.
39
+ cipher = Cipher::Cipher.new('aes-256-cbc')
40
+ cipher.decrypt
41
+ cipher.iv = iv
42
+ cipher.key = PKCS5.pbkdf2_hmac_sha1(password, encryption_salt, 10000, 32)
43
+
44
+ return cipher.update(cipher_text) + cipher.final
45
+ end
46
+
47
+ def self.encrypt(data, password, version = 3)
48
+
49
+ raise "RubyRNCryptor only encrypts version 2 or 3" unless (version == 2 || version == 3)
50
+
51
+ version = version.chr.to_s # Currently version 3
52
+ options = 1.chr.to_s # Uses password
53
+ encryption_salt = SecureRandom.random_bytes(8)
54
+ hmac_salt = SecureRandom.random_bytes(8)
55
+ iv = SecureRandom.random_bytes(16)
56
+ cipher_text = data[34,data.length-66]
57
+
58
+ hmac_key = PKCS5.pbkdf2_hmac_sha1(password, hmac_salt, 10000, 32)
59
+
60
+ cipher = Cipher::Cipher.new('aes-256-cbc')
61
+ cipher.encrypt
62
+ cipher.iv = iv
63
+ cipher.key = PKCS5.pbkdf2_hmac_sha1(password, encryption_salt, 10000, 32)
64
+ cipher_text = cipher.update(data) + cipher.final
65
+
66
+ msg = version + options + encryption_salt + hmac_salt + iv + cipher_text
67
+ hmac = [HMAC.hexdigest('sha256', hmac_key, msg)].pack('H*')
68
+
69
+ return msg + hmac
70
+ end
71
+
72
+ def self.truncate_multibyte_password(str)
73
+ if str.bytes.to_a.count == str.length
74
+ return str
75
+ end
76
+ return str.bytes.to_a[0...str.length].map {|c| c.chr}.join
77
+ end
78
+
79
+ end
metadata ADDED
@@ -0,0 +1,44 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: ruby_rncryptor
3
+ version: !ruby/object:Gem::Version
4
+ version: 3.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Erik Wrenholt
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2013-12-20 00:00:00.000000000 Z
12
+ dependencies: []
13
+ description: Encrypt and Decrypt the RNCryptor format.
14
+ email: erik@timestretch.com
15
+ executables: []
16
+ extensions: []
17
+ extra_rdoc_files: []
18
+ files:
19
+ - lib/ruby_rncryptor.rb
20
+ homepage: https://github.com/timestretch/RNCryptor/tree/master/ruby
21
+ licenses:
22
+ - MIT
23
+ metadata: {}
24
+ post_install_message:
25
+ rdoc_options: []
26
+ require_paths:
27
+ - lib
28
+ required_ruby_version: !ruby/object:Gem::Requirement
29
+ requirements:
30
+ - - '>='
31
+ - !ruby/object:Gem::Version
32
+ version: '0'
33
+ required_rubygems_version: !ruby/object:Gem::Requirement
34
+ requirements:
35
+ - - '>='
36
+ - !ruby/object:Gem::Version
37
+ version: '0'
38
+ requirements: []
39
+ rubyforge_project:
40
+ rubygems_version: 2.0.14
41
+ signing_key:
42
+ specification_version: 4
43
+ summary: Encrypt and Decrypt the RNCryptor format
44
+ test_files: []