salsa20 0.1.0

data/ext/salsa20_ext/salsa20_ext.c

@@ -0,0 +1,87 @@
+#include <ruby.h>
+#include "ecrypt-sync.h"
+
+/* Older versions of Ruby (< 1.8.6) need these */
+#ifndef RSTRING_PTR
+#define RSTRING_PTR(s) (RSTRING(s)->ptr)
+#endif
+#ifndef RSTRING_LEN
+#define RSTRING_LEN(s) (RSTRING(s)->len)
+#endif
+#ifndef RARRAY_PTR
+#define RARRAY_PTR(s) (RARRAY(s)->ptr)
+#endif
+#ifndef RARRAY_LEN
+#define RARRAY_LEN(s) (RARRAY(s)->len)
+#endif
+
+static VALUE cSalsa20;
+
+static VALUE rb_salsa20_alloc(VALUE klass) {
+    VALUE obj;
+    ECRYPT_ctx *ctx;
+
+    obj = Data_Make_Struct(klass, ECRYPT_ctx, 0, 0, ctx);
+    return obj;
+}
+
+static VALUE rb_salsa20_init_context(VALUE self) {
+    VALUE key, iv;
+    ECRYPT_ctx *ctx;
+
+    Data_Get_Struct(self, ECRYPT_ctx, ctx);
+    key = rb_iv_get(self, "@key");
+    iv = rb_iv_get(self, "@iv");
+
+    ECRYPT_keysetup(ctx, (const unsigned char*)RSTRING_PTR(key), (unsigned int)RSTRING_LEN(key) * 8, 64);
+    ECRYPT_ivsetup(ctx, (const unsigned char*)RSTRING_PTR(iv));
+
+    return self;
+}
+
+static VALUE rb_salsa20_encrypt_or_decrypt(int argc, VALUE * argv, VALUE self) {
+    VALUE input, output;
+    ECRYPT_ctx *ctx;
+
+    Data_Get_Struct(self, ECRYPT_ctx, ctx);
+
+    rb_scan_args(argc, argv, "1", &input);
+    Check_Type(input, T_STRING);
+
+    output = rb_str_new(0, RSTRING_LEN(input));
+    ECRYPT_encrypt_bytes(ctx, (const unsigned char*)RSTRING_PTR(input), (unsigned char*)RSTRING_PTR(output), (unsigned int)RSTRING_LEN(input));
+
+    return output;
+}
+
+static VALUE rb_salsa20_set_cipher_position(int argc, VALUE * argv, VALUE self) {
+    VALUE low_32bits, high_32bits;
+    ECRYPT_ctx *ctx;
+
+    Data_Get_Struct(self, ECRYPT_ctx, ctx);
+
+    rb_scan_args(argc, argv, "2", &low_32bits, &high_32bits);
+    ctx->input[8] = NUM2INT(low_32bits);
+    ctx->input[9] = NUM2INT(high_32bits);
+
+    return Qnil;
+}
+
+static VALUE rb_salsa20_get_cipher_position(VALUE self) {
+    ECRYPT_ctx *ctx;
+
+    Data_Get_Struct(self, ECRYPT_ctx, ctx);
+
+    return rb_ull2inum(((unsigned LONG_LONG)(ctx->input[9]) << 32) | (unsigned LONG_LONG)(ctx->input[8]));
+}
+
+void Init_salsa20_ext() {
+    cSalsa20 = rb_define_class("Salsa20", rb_cObject);
+
+    rb_define_alloc_func(cSalsa20, rb_salsa20_alloc);
+
+    rb_define_private_method(cSalsa20, "init_context", rb_salsa20_init_context, 0);
+    rb_define_private_method(cSalsa20, "encrypt_or_decrypt", rb_salsa20_encrypt_or_decrypt, -1);
+    rb_define_private_method(cSalsa20, "set_cipher_position", rb_salsa20_set_cipher_position, -1);
+    rb_define_private_method(cSalsa20, "get_cipher_position", rb_salsa20_get_cipher_position, 0);
+}

data/lib/salsa20.rb

@@ -0,0 +1,105 @@
+require 'salsa20_ext'
+
+# Salsa20 stream cipher engine. Initialize the engine with +key+ and +iv+, and
+# then call Salsa20#encrypt or Salsa20#decrypt (they are actually identical --
+# that's how stream ciphers work).
+#
+# Example:
+#
+#   encryptor = Salsa20.new(key_str, iv_str)
+#   cipher_text = encryptor.encrypt(plain_text)
+#
+class Salsa20
+
+  # Salsa20 engine was initialized withe a key of the wrong length (see Salsa20#new).
+  class InvalidKeyError < StandardError
+  end
+
+  # Salsa20#encrypt was called after a non 64-bytes boundry block
+  class EngineClosedError < StandardError
+  end
+
+  # Salsa20#seek was called with a non 64-bytes boundry position
+  class IllegalSeekError < StandardError
+  end
+
+  # The encryption key
+  attr_reader :key
+
+  # The encryption IV (Initialization Vector) / nonce
+  attr_reader :iv
+
+  # Create a new Salsa20 encryption/decryption engine.
+  #
+  # +key+ is the encryption key and must be exactly 128-bits (16 bytes) or
+  # 256-bits (32 bytes) long
+  #
+  # +iv+ is the encryption IV and must be exactly 64-bits (8 bytes) long
+  #
+  # If +key+ or +iv+ lengths are invalid then a Salsa20::InvalidKeyError
+  # exception is raised.
+  def initialize(key, iv)
+    # do all the possible checks here to make sure the C extension code gets clean variables
+    raise TypeError, "key must be a String" unless key.is_a? String
+    raise TypeError, "iv must be a String" unless iv.is_a? String
+
+    raise InvalidKeyError, "key length must be 16 or 32 bytes" unless key.size == 16 || key.size == 32
+    raise InvalidKeyError, "iv length must be 8 bytes" unless iv.size == 8
+
+    @key = key
+    @iv = iv
+    @closed = false
+    init_context # Implemented in the C extension
+  end
+
+  # Returns _true_ if the last encryption was of a non 64-bytes boundry chunk.
+  # This means this instance cannot be further used (subsequent calls to
+  # Salsa20#encrypt or Salsa20#decrypt will raise a Salsa20::EngineClosedError
+  # exception); _false_ if the instance can be further used to encrypt/decrypt
+  # additional chunks.
+  def closed?
+    @closed
+  end
+
+  # Encrypts/decrypts the string +input+. If +input+ length is on 64-bytes
+  # boundry, you may call encrypt (or decrypt) again; once you call it with a
+  # non 64-bytes boundry chunk this must be the final chunk (subsequent calls will
+  # raise a Salsa20::EngineClosedError exception).
+  #
+  # Returns the encrypted/decrypted string, which has the same size as the
+  # input string.
+  def encrypt(input)
+    raise TypeError, "input must be a string" unless input.is_a? String
+    raise EngineClosedError, "instance is closed" if closed?
+    @closed = true if (input.size % 64) != 0
+    encrypt_or_decrypt(input) # Implemented in the C extension
+  end
+
+  alias :decrypt :encrypt
+
+  # Advance the cipher engine into +position+ (given in bytes). This can be
+  # used to start decrypting from the middle of a file, for example.
+  #
+  # Note: +position+ must be on a 64-bytes boundry (otherwise a
+  # Salsa20::IllegalSeekError exception is raised).
+  def seek(position)
+    raise IllegalSeekError, "seek position must be on 64-bytes boundry" unless position % 64 == 0
+    position /= 64
+    set_cipher_position(low_32bits(position), high_32bits(position)) # Implemented in the C extension
+  end
+
+  # Returns the current cipher stream position in bytes
+  def position
+    get_cipher_position * 64
+  end
+
+  private
+
+  def low_32bits(n)
+    n & 0xffffffff
+  end
+
+  def high_32bits(n)
+    (n >> 32) & 0xffffffff
+  end
+end

data/salsa20.gemspec

@@ -0,0 +1,28 @@
+Gem::Specification.new do |s|
+  s.name = 'salsa20'
+  s.version = '0.1.0'
+
+  s.summary = "Salsa20 stream cipher algorithm."
+  s.description = <<-EOF
+    Salsa20 is a stream cipher algorithm designed by Daniel Bernstein. salsa20-ruby provides
+    a simple Ruby wrapper.
+  EOF
+
+  s.files = `git ls-files`.split("\n")
+  s.require_path = 'lib'
+
+  s.test_files = `git ls-files test`.split("\n")
+
+  s.add_development_dependency 'rdoc'
+  s.add_development_dependency 'rake-compiler'
+
+  s.has_rdoc = true
+  s.rdoc_options += ['--title', 'salsa20', '--main', 'README.rdoc']
+  s.extra_rdoc_files += ['README.rdoc', 'LICENSE', 'CHANGELOG', 'lib/salsa20.rb']
+
+  s.extensions = 'ext/salsa20_ext/extconf.rb'
+
+  s.authors = ["Dov Murik"]
+  s.email = "dov.murik@gmail.com"
+  s.homepage = "https://github.com/dubek/salsa20-ruby"
+end

data/test/salsa20_test.rb

@@ -0,0 +1,140 @@
+require File.expand_path(File.join(File.dirname(__FILE__), "..", "lib", "salsa20"))
+require 'test/unit'
+
+class Salsa20Test < Test::Unit::TestCase
+  def test_salsa20_keystream
+    expected = "@\x8D\x94\xF48f9Z)\e\xBD\xB8?\xCC\xEC\xD6g\xB3;\xC7ev\v\xCA]\xEE\x19I;\xA2<\\^\xCEFQn\x94B{+\x06\xE2\x85\x9F\xEC\xBBp@\xA4\x8F\xD8~\xD3\x12\x197\f\xD7'\x8C\xC8\xEF\xFC"
+    assert_equal expected, Salsa20.new("K"*32, "I"*8).encrypt("\x00"*64)
+  end
+
+  def test_bad_number_of_arguments_for_new_should_raise_exception
+    assert_raise(ArgumentError) { Salsa20.new }
+    assert_raise(ArgumentError) { Salsa20.new("K"*32) }
+    assert_raise(ArgumentError) { Salsa20.new("K"*32, "I"*8, "third") }
+  end
+
+  def test_non_string_arguments_for_new_should_raise_exception
+    assert_raise(TypeError) { Salsa20.new([1,2,3], "I"*8) }
+    assert_raise(TypeError) { Salsa20.new("K"*32, { "a" => "b"}) }
+    assert_raise(TypeError) { Salsa20.new([1,2,3], { "a" => "b"}) }
+  end
+
+  def test_invalid_key_length_should_raise_exception
+    assert_raise(Salsa20::InvalidKeyError) { Salsa20.new("K"*15, "I"*8) }
+    assert_nothing_raised { Salsa20.new("K"*16, "I"*8) }
+    assert_raise(Salsa20::InvalidKeyError) { Salsa20.new("K"*17, "I"*8) }
+    assert_raise(Salsa20::InvalidKeyError) { Salsa20.new("K"*31, "I"*8) }
+    assert_nothing_raised { Salsa20.new("K"*32, "I"*8) }
+    assert_raise(Salsa20::InvalidKeyError) { Salsa20.new("K"*33, "I"*8) }
+  end
+
+  def test_invalid_iv_length_should_raise_exception
+    assert_raise(Salsa20::InvalidKeyError) { Salsa20.new("K"*32, "I"*7) }
+    assert_nothing_raised { Salsa20.new("K"*32, "I"*8) }
+    assert_raise(Salsa20::InvalidKeyError) { Salsa20.new("K"*32, "I"*9) }
+    assert_raise(Salsa20::InvalidKeyError) { Salsa20.new("K"*32, "I"*16) }
+  end
+
+  def test_accessors
+    the_key = "K"*32
+    the_iv = "I"*8
+    encryptor = Salsa20.new(the_key, the_iv)
+    assert_equal the_key, encryptor.key
+    assert_equal the_iv, encryptor.iv
+  end
+
+  def test_encrypt_and_decrypt_with_256_bit_key
+    the_key = "A"*32
+    the_iv = "B"*8
+    plain_text = "the quick brown fox jumped over the lazy dog"
+    encryptor = Salsa20.new(the_key, the_iv)
+    cipher_text = encryptor.encrypt(plain_text)
+    assert_equal plain_text.size, cipher_text.size
+    decryptor = Salsa20.new(the_key, the_iv)
+    assert_equal plain_text, decryptor.decrypt(cipher_text)
+  end
+
+  def test_encrypted_encoding_should_be_binary
+    return unless "TEST".respond_to?(:encoding)
+    save_encoding = Encoding.default_external
+    Encoding.default_external = "UTF-8"
+    the_key = "A"*32
+    the_iv = "B"*8
+    plain_text = "the quick brown fox jumped over the lazy dog"
+    encryptor = Salsa20.new(the_key, the_iv)
+    cipher_text = encryptor.encrypt(plain_text)
+    assert_equal Encoding.find("ASCII-8BIT"), cipher_text.encoding
+    assert_equal Encoding.find("BINARY"), cipher_text.encoding
+    Encoding.default_external = save_encoding
+  end
+
+  def test_encrypt_and_decrypt_with_128_bit_key
+    the_key = "C"*16
+    the_iv = "D"*8
+    plain_text = "the quick brown fox jumped over the lazy dog"
+    encryptor = Salsa20.new(the_key, the_iv)
+    cipher_text = encryptor.encrypt(plain_text)
+    assert_equal plain_text.size, cipher_text.size
+    decryptor = Salsa20.new(the_key, the_iv)
+    assert_equal plain_text, decryptor.decrypt(cipher_text)
+  end
+
+  def test_multiple_encrypt_and_one_decrypt
+    the_key = "E"*32
+    the_iv = "F"*8
+    plain_text = "the quick brown fox jumped over the lazy dog" * 5
+    parts = [ plain_text[0,64], plain_text[64,64], plain_text[128,64], plain_text[192,64] ]
+    assert_equal plain_text, parts.join
+    encryptor = Salsa20.new(the_key, the_iv)
+    cipher_text = parts.map { |part| encryptor.encrypt(part) }.join
+    assert_equal true, encryptor.closed?
+    assert_equal plain_text.size, cipher_text.size
+    decryptor = Salsa20.new(the_key, the_iv)
+    assert_equal plain_text, decryptor.decrypt(cipher_text)
+    assert_equal true, decryptor.closed?
+  end
+
+  def test_encrypt_after_non_64_bytes_should_raise_exception
+    the_key = "G"*32
+    the_iv = "H"*8
+    part1 = "a"*63
+    part2 = "b"*64
+    encryptor = Salsa20.new(the_key, the_iv)
+    assert_equal false, encryptor.closed?
+    encryptor.encrypt(part1)
+    assert_equal true, encryptor.closed?
+    assert_raise(Salsa20::EngineClosedError) { encryptor.encrypt(part2) }
+  end
+
+  def test_seek
+    the_key = "I"*32
+    the_iv = "J"*8
+    plain_text = "the quick brown fox jumped over the lazy dog" * 5
+    encryptor = Salsa20.new(the_key, the_iv)
+    cipher_text = encryptor.encrypt(plain_text)
+    decryptor = Salsa20.new(the_key, the_iv)
+    assert_equal 0, decryptor.position
+    cipher_text.slice!(0,128)
+    decryptor.seek(128)
+    assert_equal 128, decryptor.position
+    assert_equal plain_text[128..-1], decryptor.decrypt(cipher_text)
+    assert_equal 256, decryptor.position
+  end
+
+  def test_seek_to_non_64_bytes_boundry_should_raise_exception
+    the_key = "K"*32
+    the_iv = "L"*8
+    encryptor = Salsa20.new(the_key, the_iv)
+    assert_raise(Salsa20::IllegalSeekError) { encryptor.seek(65) }
+  end
+
+  def test_seek_and_position_to_large_positions
+    the_key = "M"*32
+    the_iv = "N"*8
+    large_position = 1 << 50
+    encryptor = Salsa20.new(the_key, the_iv)
+    assert_equal 0, encryptor.position
+    encryptor.seek(large_position)
+    assert_equal large_position, encryptor.position
+  end
+end

metadata

@@ -0,0 +1,94 @@
+--- !ruby/object:Gem::Specification
+name: salsa20
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- Dov Murik
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2011-08-20 00:00:00.000000000 +03:00
+default_executable: 
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: &2156666300 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2156666300
+- !ruby/object:Gem::Dependency
+  name: rake-compiler
+  requirement: &2156665860 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2156665860
+description: ! "    Salsa20 is a stream cipher algorithm designed by Daniel Bernstein.
+  salsa20-ruby provides\n    a simple Ruby wrapper.\n"
+email: dov.murik@gmail.com
+executables: []
+extensions:
+- ext/salsa20_ext/extconf.rb
+extra_rdoc_files:
+- README.rdoc
+- LICENSE
+- CHANGELOG
+- lib/salsa20.rb
+files:
+- .gitignore
+- CHANGELOG
+- LICENSE
+- README.rdoc
+- Rakefile
+- ext/salsa20_ext/ecrypt-config.h
+- ext/salsa20_ext/ecrypt-machine.h
+- ext/salsa20_ext/ecrypt-portable.h
+- ext/salsa20_ext/ecrypt-sync.h
+- ext/salsa20_ext/extconf.rb
+- ext/salsa20_ext/salsa20.c
+- ext/salsa20_ext/salsa20_ext.c
+- lib/salsa20.rb
+- salsa20.gemspec
+- test/salsa20_test.rb
+has_rdoc: true
+homepage: https://github.com/dubek/salsa20-ruby
+licenses: []
+post_install_message: 
+rdoc_options:
+- --title
+- salsa20
+- --main
+- README.rdoc
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.6.2
+signing_key: 
+specification_version: 3
+summary: Salsa20 stream cipher algorithm.
+test_files:
+- test/salsa20_test.rb