ruby_rncryptor_secured 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/ruby_rncryptor.rb +79 -0
- metadata +44 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA1:
|
|
3
|
+
metadata.gz: 787594561e48e0d6c41efa06fe055ae0890e24f5
|
|
4
|
+
data.tar.gz: 6f8056e3845aa22abe770a0b9b8656f041e7abc0
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: c2c58acd3235120340d1522856afff379749fff15915cabe87394bb17b2b98a1b87444527d6ce7cd7a676604045f8cc2e423b6a5574f59386deb0ad0270a7821
|
|
7
|
+
data.tar.gz: 135e3ab2f5ba0ecfb243a477c739eb065dbe3aacd677e285a07697dd86699515085f0ac7467dac3f4a9985013123d8c4d20d4396b81431c0b2218fc12b8a5386
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
# RubyRNCryptor by Erik Wrenholt.
|
|
2
|
+
# Based on data format described by Rob Napier
|
|
3
|
+
# https://github.com/rnapier/RNCryptor/wiki/Data-Format
|
|
4
|
+
# MIT License
|
|
5
|
+
|
|
6
|
+
require 'openssl'
|
|
7
|
+
require 'securerandom'
|
|
8
|
+
|
|
9
|
+
class RubyRNCryptor
|
|
10
|
+
include OpenSSL
|
|
11
|
+
|
|
12
|
+
def self.decrypt(data, password)
|
|
13
|
+
|
|
14
|
+
version = data[0,1]
|
|
15
|
+
raise "RubyRNCryptor only decrypts version 2 or 3" unless (version == "\x02" || version == "\x03")
|
|
16
|
+
options = data[1,1]
|
|
17
|
+
encryption_salt = data[2,8]
|
|
18
|
+
hmac_salt = data[10,8]
|
|
19
|
+
iv = data[18,16]
|
|
20
|
+
cipher_text = data[34,data.length-66]
|
|
21
|
+
hmac = data[data.length-32,32]
|
|
22
|
+
|
|
23
|
+
msg = version + options + encryption_salt + hmac_salt + iv + cipher_text
|
|
24
|
+
|
|
25
|
+
# Verify password is correct. First try with correct encoding
|
|
26
|
+
hmac_key = PKCS5.pbkdf2_hmac_sha1(password, hmac_salt, 10000, 32)
|
|
27
|
+
verified = [HMAC.hexdigest('sha256', hmac_key, msg)].pack('H*') == hmac
|
|
28
|
+
|
|
29
|
+
if !verified && version == "\x02"
|
|
30
|
+
# Version 2 Cocoa version truncated multibyte passwords, so try truncating.
|
|
31
|
+
password = RubyRNCryptor.truncate_multibyte_password(password)
|
|
32
|
+
hmac_key = PKCS5.pbkdf2_hmac_sha1(password, hmac_salt, 10000, 32)
|
|
33
|
+
verified = [HMAC.hexdigest('sha256', hmac_key, msg)].pack('H*') == hmac
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
raise "Password may be incorrect, or the data has been corrupted. (HMAC could not be verified)" unless verified
|
|
37
|
+
|
|
38
|
+
# HMAC was verified, now decrypt it.
|
|
39
|
+
cipher = Cipher::Cipher.new('aes-256-cbc')
|
|
40
|
+
cipher.decrypt
|
|
41
|
+
cipher.iv = iv
|
|
42
|
+
cipher.key = PKCS5.pbkdf2_hmac_sha1(password, encryption_salt, 10000, 32)
|
|
43
|
+
|
|
44
|
+
return cipher.update(cipher_text) + cipher.final
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def self.encrypt(data, password, version = 3)
|
|
48
|
+
|
|
49
|
+
raise "RubyRNCryptor only encrypts version 2 or 3" unless (version == 2 || version == 3)
|
|
50
|
+
|
|
51
|
+
version = version.chr.to_s # Currently version 3
|
|
52
|
+
options = 1.chr.to_s # Uses password
|
|
53
|
+
encryption_salt = SecureRandom.random_bytes(8)
|
|
54
|
+
hmac_salt = SecureRandom.random_bytes(8)
|
|
55
|
+
iv = SecureRandom.random_bytes(16)
|
|
56
|
+
cipher_text = data[34,data.length-66]
|
|
57
|
+
|
|
58
|
+
hmac_key = PKCS5.pbkdf2_hmac_sha1(password, hmac_salt, 10000, 32)
|
|
59
|
+
|
|
60
|
+
cipher = Cipher::Cipher.new('aes-256-cbc')
|
|
61
|
+
cipher.encrypt
|
|
62
|
+
cipher.iv = iv
|
|
63
|
+
cipher.key = PKCS5.pbkdf2_hmac_sha1(password, encryption_salt, 10000, 32)
|
|
64
|
+
cipher_text = cipher.update(data) + cipher.final
|
|
65
|
+
|
|
66
|
+
msg = version + options + encryption_salt + hmac_salt + iv + cipher_text
|
|
67
|
+
hmac = [HMAC.hexdigest('sha256', hmac_key, msg)].pack('H*')
|
|
68
|
+
|
|
69
|
+
return msg + hmac
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
def self.truncate_multibyte_password(str)
|
|
73
|
+
if str.bytes.to_a.count == str.length
|
|
74
|
+
return str
|
|
75
|
+
end
|
|
76
|
+
return str.bytes.to_a[0...str.length].map {|c| c.chr}.join
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: ruby_rncryptor_secured
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 1.0.0
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- Dheena Erik Wrenholt
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2015-12-04 00:00:00.000000000 Z
|
|
12
|
+
dependencies: []
|
|
13
|
+
description: Encrypt and Decrypt the RNCryptor format - By Erik Wrenholt.
|
|
14
|
+
email: dheenaindian@gmail.com
|
|
15
|
+
executables: []
|
|
16
|
+
extensions: []
|
|
17
|
+
extra_rdoc_files: []
|
|
18
|
+
files:
|
|
19
|
+
- lib/ruby_rncryptor.rb
|
|
20
|
+
homepage: https://github.com/timestretch/RNCryptor/tree/master/ruby
|
|
21
|
+
licenses:
|
|
22
|
+
- MIT
|
|
23
|
+
metadata: {}
|
|
24
|
+
post_install_message:
|
|
25
|
+
rdoc_options: []
|
|
26
|
+
require_paths:
|
|
27
|
+
- lib
|
|
28
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
29
|
+
requirements:
|
|
30
|
+
- - ">="
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: '0'
|
|
33
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
34
|
+
requirements:
|
|
35
|
+
- - ">="
|
|
36
|
+
- !ruby/object:Gem::Version
|
|
37
|
+
version: '0'
|
|
38
|
+
requirements: []
|
|
39
|
+
rubyforge_project:
|
|
40
|
+
rubygems_version: 2.4.8
|
|
41
|
+
signing_key:
|
|
42
|
+
specification_version: 4
|
|
43
|
+
summary: Encrypt and Decrypt the RNCryptor format
|
|
44
|
+
test_files: []
|