scl 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 043a75c0ec7aab24c5bde01c147e009b7e0bc58f
-  data.tar.gz: 3e1bf4954baccfab324591cddcbaa1fc60f14dab
+  metadata.gz: dd44c29e009a373f15867aabba011afd2081eec8
+  data.tar.gz: fd478293a6d0cf19c22d6b13c8aac6dfbb755ecc
 SHA512:
-  metadata.gz: eb615f84d442a67a169c804f99a2a243553c99055879a52d7479e96742f43142e69da4971657f6ead3d19bea5584f3722553e7b64193f563507e6950fe19dd2a
-  data.tar.gz: c0f3e20309a25ff69d1e4ebb2dcfaf8e2275fee1ebd7fa48cbefeb6d379ad9a4fb1b72e0d3c2b64cceb593e26755e065be4c3bdb40095533ed71a7ab8e430c6b
+  metadata.gz: 40f19d23ec8425cfbe315c74b5be4329c5f494822ac54f0a3d3025bac27df4332547bb7b0e2a6546eb81ed1357dbbf9611ba36314eaeff5a3e8d0ab4ce826d75
+  data.tar.gz: 052ad1a09df6f1280680b433ccb9d8242abf6dfebb32ede7943ca6be47667a02dfdf2de5a2c4dfbe8e158e67067a5071e0b4639fdc754423cfbd054748600f45

data/README.md

@@ -1,8 +1,22 @@
 # Scl (Simple Crypto Library)
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/scl`. To experiment with that code, run `bin/console` for an interactive prompt.
+Scl is the Ruby *Simple Cryptography Library*. It comes with both a library for use in a Ruby codebase and a fully featured command line tool for all of your basic cryptography needs.
 
-TODO: Delete this and the text above, and describe your gem
+As anybody in the crypto-space knows using any cryptography library that has not been extensively audited and battle-tested in a security critical system is asking for trouble, hence:<br/>
+**This library is intended for use in hobbyist projects or educational purposes. Use at own risk**
+
+For much of its functionality it is simply a fairly thin wrapper over OpenSSL functions and primitives and therefore should be quite robust and performant. It couples this with a clean and easy to use API making it a fantastic tool to learn about what cryptography has to offer.
+
+With learning in mind it covers some of the most widely used and exciting functionality offered to us by cryptography.
+
+* [Diffie Hellman key-exchange](#diffie-hellman-key-exchange)
+* [Public-key encryption (RSA)](#rsa-encryption)
+* [Public-key verification (RSA)](#rsa-verification)
+* [Shamirs secret sharing](#shamirs-secret-sharing)
+* [AES Block Cipher Encryption](#aes-encryption)
+* [HMAC and Digests](#hmac-and-digests)
+
+This tool provides basic insight around what each of the above has to offer us, and how you might potentially use these in unison to offer secure and/or verifiable solutions. Each of the above modules can be used from the command line interface, or imported directly into your code
 
 ## Installation
 
@@ -20,6 +34,76 @@ Or install it yourself as:
 
     $ gem install scl
 
+## Usage (per module)
+
+### Diffie Hellman Key Exchange
+#### What is it?
+Diffie–Hellman key exchange (D–H) is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as originally conceptualized by Ralph Merkle and named after Whitfield Diffie and Martin Hellman.<sup>[[1]]</sup>
+
+#### How do I use it?
+##### CLI
+##### Library
+#### Why is it great?
+* You can agree on a shared secret on a public-channel without exposing anything to an eavesdropper.
+* This means you do not need to trust your communication channel for it to be effective! (You could securely communicate using snail mail, smoke signals, carrier pigeons) and as long as both parties to the transmission properly secure the generated private and shared keys of the exchange you can know your communication is secure and private
+* You do not need to share any secrets to complete the exchange.
+* You can negotitate a new secret per transmission for perfect forward secrecy
+
+#### How does it work?
+
+### RSA(Encryption)
+#### What is it?
+RSA can be used to encrypt and decrypt messages utilising public-key cryptography.
+
+Public key cryptography, or asymmetrical cryptography, is any cryptographic system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner. This accomplishes two functions: authentication, which is when the public key is used to verify that a holder of the paired private key sent the message, and encryption, whereby only the holder of the paired private key can decrypt the message encrypted with the public key.<sup>[[2]]</sup>
+
+#### How do I use it?
+##### CLI
+##### Library
+#### Why is it great?
+* You can use your private key to prove a message came from you
+* Anyone can use your public key to construct a message for your eyes only
+* You can establish secure communications between two or more parties without the need to engage in a key-negotiation process
+* See also RSA(Verification)
+
+#### How does it work?
+
+### RSA(Verification)
+#### What is it?
+RSA can be used to generate digital signatures for a message and to compare a given signature with one generated from a digital message.
+
+A digital signature is a mathematical scheme for demonstrating the authenticity of digital messages or documents. A valid digital signature gives a recipient reason to believe that the message was created by a known sender (authentication), that the sender cannot deny having sent the message (non-repudiation), and that the message was not altered in transit (integrity)<sup>[[3]]</sup>
+#### How do I use it?
+##### CLI
+##### Library
+#### Why is it great?
+* See also RSA(Encryption)
+#### How does it work?
+
+### Shamir's Secret Sharing
+#### What is it?
+#### How do I use it?
+##### CLI
+##### Library
+#### Why is it great?
+#### How does it work?
+
+### AES Encryption
+#### What is it?
+#### How do I use it?
+##### CLI
+##### Library
+#### Why is it great?
+#### How does it work?
+
+### HMAC and Digests
+#### What is it?
+#### How do I use it?
+##### CLI
+##### Library
+#### Why is it great?
+#### How does it work?
+
 ## CLI
 
 SCL Comes with a command line interface that allows you to perform basic encryption, decryption and key generation and key negotiation operations.
@@ -52,9 +136,6 @@ scl aes encrypt [file]             # Encrypt from file
 scl aes encrypt --key="abc" [file] # Enc
 ```
 
-## Usage
-
-TODO: Write usage instructions here
 
 ## Development
 
@@ -69,3 +150,7 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/[USERN
 ## Code of Conduct
 
 Everyone interacting in the Scl project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/scl/blob/master/CODE_OF_CONDUCT.md).
+
+[1]: https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
+[2]: https://en.wikipedia.org/wiki/Public-key_cryptography
+[3]: https://en.wikipedia.org/wiki/Digital_signature

data/Rakefile

@@ -1,2 +1,10 @@
 require "bundler/gem_tasks"
-task :default => :spec
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test"
+  t.libs << "lib"
+  t.test_files = FileList['test/**/*_test.rb']
+end
+
+task :default => :test

data/lib/scl/aes.rb

@@ -5,12 +5,12 @@ module Scl
       @block_size = block_size || 256
     end
 
-    def build_cypher
+    def build_cipher
       OpenSSL::Cipher::AES.new(@block_size, @block_cipher)
     end
 
     def encrypt(plaintext, key=nil, iv=nil)
-      block_cipher = build_cypher
+      block_cipher = build_cipher
       block_cipher.encrypt
       block_cipher.key = key ||= block_cipher.random_key
       block_cipher.iv  = iv  ||= block_cipher.random_iv
@@ -18,7 +18,7 @@ module Scl
     end
 
     def decrypt(ciphertext, key, iv)
-      block_cipher = build_cypher
+      block_cipher = build_cipher
       block_cipher.decrypt
       block_cipher.key = key
       block_cipher.iv  =  iv

data/lib/scl/control/aes.rb

@@ -42,6 +42,16 @@ module Scl
         )
       end
 
+      help <<-HELP,
+      ciphers. Prints a list of supported ciphers
+
+        e.g
+          scl aes ciphers
+      HELP
+      def ciphers
+        puts OpenSSL::Cipher.ciphers.select{|x| x[/^aes/]}
+      end
+
       private
         def aes
           Scl::AES.new(args.block_size, args.block_cipher)

data/lib/scl/control/controller.rb

@@ -46,7 +46,6 @@ module Scl
         case "#{format}".strip
         when "base64"               then Format::BASE64
         when "qrcode"               then Format::QRCODE
-        when "base64"               then Format::BASE64
         when "words"                then Format::WORDS
         when "hex"                  then Format::HEX
         when "binary","text","none" then Format::BINARY

data/lib/scl/control/rsa.rb

@@ -18,7 +18,7 @@ module Scl
             Output.new(result.public.export, '.pub'),
             Output.new(result.private.export, '.priv')
           )
-        rescue StandardError => e
+        rescue StandardError
           raise ControlError.new("Couldn't generate key of size #{args.key_size}")
         end
       end

data/lib/scl/digest.rb

@@ -18,7 +18,7 @@ module Scl
       def self.digest_exists?(digest)
         begin
           OpenSSL::Digest.const_get(digest.upcase)
-        rescue NameError => e
+        rescue NameError
           puts "Couldn't get digest type. #{digest}"
           puts "Try $ scl digest list  – for a list of supported digests"
           return false

data/lib/scl/formats/auto.rb

@@ -1,7 +1,7 @@
 module Scl
   class Scl::Auto < Scl::Format
     def encode(data)
-      sorted = (data.chars.map(&:ord).uniq.sort) - [10]
+      sorted = (data.force_encoding("binary").chars.map(&:ord).uniq.sort) - [10]
       if sorted.first < 32 || sorted.max > 126
         Scl::Format::BASE64.encode(data)
       else
@@ -11,7 +11,7 @@ module Scl
 
     def decode(data)
       png = Regexp.new("\x89PNG".force_encoding("binary"))
-      if /^#{png}/ === data
+      if /^#{png}/ === data.force_encoding("binary")
         Scl::Format::QRCODE.decode(data)
       elsif data[/[^A-Za-z0-9\+\/\n=]/]
         Scl::Format::BINARY.decode(data)

data/lib/scl/formats/words.rb

@@ -17,7 +17,7 @@ module Scl
         b1 = (bytes >> 8) & 255
         [b1, b2]
       end.flatten
-      bytes.map(&:chr).join
+      bytes.map(&:chr).join.gsub(/\x00$/,'')
     end
   end
 end

data/lib/scl/rsa.rb

@@ -9,13 +9,14 @@ module Scl
         @public  = public
         @private = private
       end
+      @output_encoder = output_encoder
       @public  = Key.new(@public)
       @private = Key.new(@private)
     end
 
     def save(dir, name='rsa-keypair')
-      IO.write(File.join(dir, "#{name}.pub"),  output_encoder.encode(@public.export))
-      IO.write(File.join(dir, "#{name}.priv"), output_encoder.encode(@private.export))
+      IO.write(File.join(dir, "#{name}.pub"),  @output_encoder.encode(@public.export))
+      IO.write(File.join(dir, "#{name}.priv"), @output_encoder.encode(@private.export))
       dir
     end
 
@@ -24,8 +25,8 @@ module Scl
       RSA.new(public: rsa_pair.public_key, private: rsa_pair)
     end
 
-    def self.encrypt(msg)
-      pair = self.generate
+    def self.encrypt(msg, key_size=1024)
+      pair = self.generate(key_size)
       [pair.private.export, pair.public.export, pair.private.encrypt(msg)]
     end
 

data/lib/scl/secret_share.rb

@@ -13,39 +13,16 @@ module Scl
       @shares  = shares
     end
 
-    def random()
-      @seen ||= { nil => true}
-      number = Random.rand(1...PRIME) while @seen[number]
-      @seen[number] = true
-      OpenSSL::BN.new(number)
-    end
-
-    def chunks(secret)
-      Enumerator.new do |enum|
-        as_hex = secret.each_byte.map{|b| b.to_s(16).rjust(2, '0') }.join
-        as_hex.chars.each_slice(64) do |slice|
-          chunk = OpenSSL::BN.new(slice.join.ljust(64, ?0), 16)
-          enum << chunk
-        end
-      end
-    end
-
-    def evaluate_polynomial(polynomial, x)
-      polynomial.reverse.reduce(OpenSSL::BN.new(0)) do |mem, value|
-        ((mem * x) % PRIME + value) % PRIME
-      end
-    end
-
     def generate(secret)
       polynomials = chunks(secret).map do |chunk|
-        polynomial = [chunk] + (@minimum - 1).times.map do |i|
+        [chunk] + (@minimum - 1).times.map do |i|
           random
         end
       end
 
       @shares.times.map do |i|
         result = ''
-        poly_result = polynomials.map do |polynomial|
+        polynomials.map do |polynomial|
           x = random
           y = evaluate_polynomial(polynomial, x)
           result << base64_encode(x)
@@ -55,34 +32,7 @@ module Scl
       end
     end
 
-    def base64_encode(number)
-      return ::Base64.urlsafe_encode64(number.to_s(16).rjust(64, ?0).scan(/../).map{|x| x.hex.chr}.join)
-    end
-
-    def self.base64_decode(number)
-      ::Base64.urlsafe_decode64(number).chars.map{|x| "0#{x.ord.to_s(16)}"[-2..-1] }.join.rjust(64, ?0).hex
-    end
-
-    def self.extended_gcd(a, b)
-      abs = ->(v){ v < 0 ? v * -1 : v}
-      last_remainder, remainder = abs[a], abs[b]
-      x, last_x, y, last_y = 0, 1, 1, 0
-      while remainder != 0
-        last_remainder, (quotient, remainder) = remainder, last_remainder./(remainder)
-        x, last_x = last_x - quotient*x, x
-        y, last_y = last_y - quotient*y, y
-      end
-
-      return last_remainder, last_x * (a < 0 ? -1 : 1)
-    end
-
-    def self.mod_inverse(e, p=PRIME)
-      g, x = extended_gcd(e, p)
-      x % p
-    end
-
     def self.combine(shares, encoder: nil)
-      abs = ->(v){ v < 0 ? v * -1 : v}
       decoded = shares.map do |share|
         share = encoder && encoder != Format::BASE64 ? encoder.decode(share) : share
         share.chars.each_slice(ENCODED_CHUNK_SIZE).map(&:join).each_slice(2).map do |random, polynomial|
@@ -118,5 +68,56 @@ module Scl
         }
       end.join
     end
+
+    private
+      def random()
+        @seen ||= { nil => true}
+        number = Random.rand(1...PRIME) while @seen[number]
+        @seen[number] = true
+        OpenSSL::BN.new(number)
+      end
+
+      def chunks(secret)
+        Enumerator.new do |enum|
+          as_hex = secret.each_byte.map{|b| b.to_s(16).rjust(2, '0') }.join
+          as_hex.chars.each_slice(64) do |slice|
+            chunk = OpenSSL::BN.new(slice.join.ljust(64, ?0), 16)
+            enum << chunk
+          end
+        end
+      end
+
+      def evaluate_polynomial(polynomial, x)
+        polynomial.reverse.reduce(OpenSSL::BN.new(0)) do |mem, value|
+          ((mem * x) % PRIME + value) % PRIME
+        end
+      end
+
+
+      def base64_encode(number)
+        return ::Base64.urlsafe_encode64(number.to_s(16).rjust(64, ?0).scan(/../).map{|x| x.hex.chr}.join)
+      end
+
+      def self.base64_decode(number)
+        ::Base64.urlsafe_decode64(number).chars.map{|x| "0#{x.ord.to_s(16)}"[-2..-1] }.join.rjust(64, ?0).hex
+      end
+
+      def self.extended_gcd(a, b)
+        abs = ->(v){ v < 0 ? v * -1 : v}
+        last_remainder, remainder = abs[a], abs[b]
+        x, last_x, y, last_y = 0, 1, 1, 0
+        while remainder != 0
+          last_remainder, (quotient, remainder) = remainder, last_remainder./(remainder)
+          x, last_x = last_x - quotient*x, x
+          y, last_y = last_y - quotient*y, y
+        end
+
+        return last_remainder, last_x * (a < 0 ? -1 : 1)
+      end
+
+      def self.mod_inverse(e, p=PRIME)
+        _, x = extended_gcd(e, p)
+        x % p
+      end
   end
 end

data/lib/scl/version.rb

@@ -1,3 +1,3 @@
 module Scl
-  VERSION = "0.1.0"
+  VERSION = "0.1.1"
 end

data/scl.gemspec

@@ -8,7 +8,7 @@ Gem::Specification.new do |spec|
   spec.version       = Scl::VERSION
   spec.authors       = ["Wouter Coppieters"]
   spec.email         = ["wouter@youdo.co.nz"]
-
+  spec.homepage      = "https://github.com/wouterken/scl"
   spec.summary       = "Simple crypto library"
   spec.description   = "Simple crypto library"
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: scl
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Wouter Coppieters
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-11-12 00:00:00.000000000 Z
+date: 2017-11-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -94,7 +94,7 @@ files:
 - lib/scl/secret_share.rb
 - lib/scl/version.rb
 - scl.gemspec
-homepage: 
+homepage: https://github.com/wouterken/scl
 licenses: []
 metadata: {}
 post_install_message: