ruby_rncryptor 3.0.0 → 3.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/ruby_rncryptor.rb +18 -6
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 198670f6550021801e7a3d827685ea0aa692e318
|
4
|
+
data.tar.gz: f4d4c09d8961d704346ccffaa5935e40cbdf4ada
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f5c9127520297db15f116f6ad907a72d8fb5982e5e09f770d177ec74d364a621226c3b4eb85393c232ebfdfd5077296102c2724fabd84599aa9cfd079c25786d
|
7
|
+
data.tar.gz: b44a4ee39a11848f96c19fde168508ada4b99091d3c2ff7909cdf10145c8354038b08d7d37e20f787a756e072b9abd9dc18a2b0fa1418484c8a788a2f7aa7a37
|
data/lib/ruby_rncryptor.rb
CHANGED
@@ -14,7 +14,7 @@ class RubyRNCryptor
|
|
14
14
|
version = data[0,1]
|
15
15
|
raise "RubyRNCryptor only decrypts version 2 or 3" unless (version == "\x02" || version == "\x03")
|
16
16
|
options = data[1,1]
|
17
|
-
encryption_salt =
|
17
|
+
encryption_salt = data[2,8]
|
18
18
|
hmac_salt = data[10,8]
|
19
19
|
iv = data[18,16]
|
20
20
|
cipher_text = data[34,data.length-66]
|
@@ -24,13 +24,13 @@ class RubyRNCryptor
|
|
24
24
|
|
25
25
|
# Verify password is correct. First try with correct encoding
|
26
26
|
hmac_key = PKCS5.pbkdf2_hmac_sha1(password, hmac_salt, 10000, 32)
|
27
|
-
verified = [HMAC.hexdigest('sha256', hmac_key, msg)].pack('H*')
|
27
|
+
verified = eql_time_cmp([HMAC.hexdigest('sha256', hmac_key, msg)].pack('H*'), hmac)
|
28
28
|
|
29
29
|
if !verified && version == "\x02"
|
30
30
|
# Version 2 Cocoa version truncated multibyte passwords, so try truncating.
|
31
31
|
password = RubyRNCryptor.truncate_multibyte_password(password)
|
32
32
|
hmac_key = PKCS5.pbkdf2_hmac_sha1(password, hmac_salt, 10000, 32)
|
33
|
-
verified = [HMAC.hexdigest('sha256', hmac_key, msg)].pack('H*')
|
33
|
+
verified = eql_time_cmp([HMAC.hexdigest('sha256', hmac_key, msg)].pack('H*'), hmac)
|
34
34
|
end
|
35
35
|
|
36
36
|
raise "Password may be incorrect, or the data has been corrupted. (HMAC could not be verified)" unless verified
|
@@ -41,7 +41,7 @@ class RubyRNCryptor
|
|
41
41
|
cipher.iv = iv
|
42
42
|
cipher.key = PKCS5.pbkdf2_hmac_sha1(password, encryption_salt, 10000, 32)
|
43
43
|
|
44
|
-
|
44
|
+
cipher.update(cipher_text) + cipher.final
|
45
45
|
end
|
46
46
|
|
47
47
|
def self.encrypt(data, password, version = 3)
|
@@ -66,14 +66,26 @@ class RubyRNCryptor
|
|
66
66
|
msg = version + options + encryption_salt + hmac_salt + iv + cipher_text
|
67
67
|
hmac = [HMAC.hexdigest('sha256', hmac_key, msg)].pack('H*')
|
68
68
|
|
69
|
-
|
69
|
+
msg + hmac
|
70
70
|
end
|
71
71
|
|
72
72
|
def self.truncate_multibyte_password(str)
|
73
73
|
if str.bytes.to_a.count == str.length
|
74
74
|
return str
|
75
75
|
end
|
76
|
-
|
76
|
+
str.bytes.to_a[0...str.length].map {|c| c.chr}.join
|
77
77
|
end
|
78
78
|
|
79
|
+
# From http://ruby-doc.org/stdlib-2.0.0/libdoc/openssl/rdoc/OpenSSL/PKCS5.html#module-OpenSSL::PKCS5-label-Important+Note+on+Checking+Passwords
|
80
|
+
def self.eql_time_cmp(a, b)
|
81
|
+
unless a.length == b.length
|
82
|
+
return false
|
83
|
+
end
|
84
|
+
cmp = b.bytes.to_a
|
85
|
+
result = 0
|
86
|
+
a.bytes.each_with_index {|c,i|
|
87
|
+
result |= c ^ cmp[i]
|
88
|
+
}
|
89
|
+
result == 0
|
90
|
+
end
|
79
91
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ruby_rncryptor
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.0.
|
4
|
+
version: 3.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Erik Wrenholt
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2016-01-25 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Encrypt and Decrypt the RNCryptor format.
|
14
14
|
email: erik@timestretch.com
|
@@ -17,7 +17,7 @@ extensions: []
|
|
17
17
|
extra_rdoc_files: []
|
18
18
|
files:
|
19
19
|
- lib/ruby_rncryptor.rb
|
20
|
-
homepage: https://github.com/
|
20
|
+
homepage: https://github.com/RNCryptor/ruby_rncryptor
|
21
21
|
licenses:
|
22
22
|
- MIT
|
23
23
|
metadata: {}
|