scl 0.1.0

data/lib/scl/formats/words.rb

@@ -0,0 +1,23 @@
+module Scl
+  class Words < Format
+
+    WORDS = IO.read(File.expand_path(__FILE__+"/../wordlist.txt")).split("\n")
+    INDICES = Hash[WORDS.map.with_index{|w, i|[w,i]}]
+
+    def encode(data)
+      data.bytes.each_slice(2).map do |b1, b2|
+        WORDS[(b1 << 8) + (b2 || 0)]
+      end.join(' ')
+    end
+
+    def decode(data)
+      bytes = data.split(' ').each.map do |word|
+        bytes = INDICES[word]
+        b2 = bytes & 255
+        b1 = (bytes >> 8) & 255
+        [b1, b2]
+      end.flatten
+      bytes.map(&:chr).join
+    end
+  end
+end

data/lib/scl/rsa.rb

@@ -0,0 +1,72 @@
+module Scl
+  class RSA
+    attr_reader :private, :public
+    def initialize(file: nil, public: nil, private: nil, input_encoder: Format::BINARY, output_encoder: Format::BINARY)
+      if file
+        @public  = OpenSSL::PKey::RSA.new(encoder.decode(IO.read("#{file}.pub"))) if File.exists?("#{file}.pub")
+        @private = OpenSSL::PKey::RSA.new(encoder.decode(IO.read("#{file}.priv"))) if File.exists?("#{file}.priv")
+      else
+        @public  = public
+        @private = private
+      end
+      @public  = Key.new(@public)
+      @private = Key.new(@private)
+    end
+
+    def save(dir, name='rsa-keypair')
+      IO.write(File.join(dir, "#{name}.pub"),  output_encoder.encode(@public.export))
+      IO.write(File.join(dir, "#{name}.priv"), output_encoder.encode(@private.export))
+      dir
+    end
+
+    def self.generate(key_size)
+      rsa_pair = OpenSSL::PKey::RSA.new(key_size || 2048)
+      RSA.new(public: rsa_pair.public_key, private: rsa_pair)
+    end
+
+    def self.encrypt(msg)
+      pair = self.generate
+      [pair.private.export, pair.public.export, pair.private.encrypt(msg)]
+    end
+
+    class Key
+      attr_reader :rsa
+      def initialize(rsa)
+        @rsa = rsa
+        @aes = Scl::AES.new
+      end
+
+      def sign(data)
+        rsa.sign(OpenSSL::Digest::SHA256.new, data)
+      end
+
+      def verify(signature, data)
+        rsa.verify(OpenSSL::Digest::SHA256.new, signature, data)
+      end
+
+      def encrypt(plaintext, key=nil, iv=nil)
+        ciphertext, key, iv = @aes.encrypt(plaintext, key, iv)
+        encrypted_key =
+          case
+          when rsa.private? then rsa.private_encrypt(key)
+          else rsa.public_encrypt(key)
+          end
+        [encrypted_key, iv, ciphertext].join('::')
+      end
+
+      def decrypt(ciphertext)
+        encrypted_key, iv, ciphertext = ciphertext.split('::', 3)
+        decrypted_key =
+          case
+          when rsa.private? then rsa.private_decrypt(encrypted_key)
+          else rsa.public_decrypt(encrypted_key)
+          end
+        @aes.decrypt(ciphertext, decrypted_key, iv)
+      end
+
+      def export
+        rsa.export
+      end
+    end
+  end
+end

data/lib/scl/secret_share.rb

@@ -0,0 +1,122 @@
+require 'openssl'
+require 'ostruct'
+
+module Scl
+  PRIME = OpenSSL::BN.new("214663014907494254264734401372860550616125566004826012670437788223410219893687")
+  ENCODED_CHUNK_SIZE = 44
+
+  class SecretShare
+    def initialize(minimum, shares, encoder: Format::BASE64)
+      raise "Minimum must be larger than zero and less than shares" unless (0..shares) === minimum
+      @encoder = encoder
+      @minimum = minimum
+      @shares  = shares
+    end
+
+    def random()
+      @seen ||= { nil => true}
+      number = Random.rand(1...PRIME) while @seen[number]
+      @seen[number] = true
+      OpenSSL::BN.new(number)
+    end
+
+    def chunks(secret)
+      Enumerator.new do |enum|
+        as_hex = secret.each_byte.map{|b| b.to_s(16).rjust(2, '0') }.join
+        as_hex.chars.each_slice(64) do |slice|
+          chunk = OpenSSL::BN.new(slice.join.ljust(64, ?0), 16)
+          enum << chunk
+        end
+      end
+    end
+
+    def evaluate_polynomial(polynomial, x)
+      polynomial.reverse.reduce(OpenSSL::BN.new(0)) do |mem, value|
+        ((mem * x) % PRIME + value) % PRIME
+      end
+    end
+
+    def generate(secret)
+      polynomials = chunks(secret).map do |chunk|
+        polynomial = [chunk] + (@minimum - 1).times.map do |i|
+          random
+        end
+      end
+
+      @shares.times.map do |i|
+        result = ''
+        poly_result = polynomials.map do |polynomial|
+          x = random
+          y = evaluate_polynomial(polynomial, x)
+          result << base64_encode(x)
+          result << base64_encode(y)
+        end
+        @encoder == Format::BASE64 ? result : @encoder.encode(result)
+      end
+    end
+
+    def base64_encode(number)
+      return ::Base64.urlsafe_encode64(number.to_s(16).rjust(64, ?0).scan(/../).map{|x| x.hex.chr}.join)
+    end
+
+    def self.base64_decode(number)
+      ::Base64.urlsafe_decode64(number).chars.map{|x| "0#{x.ord.to_s(16)}"[-2..-1] }.join.rjust(64, ?0).hex
+    end
+
+    def self.extended_gcd(a, b)
+      abs = ->(v){ v < 0 ? v * -1 : v}
+      last_remainder, remainder = abs[a], abs[b]
+      x, last_x, y, last_y = 0, 1, 1, 0
+      while remainder != 0
+        last_remainder, (quotient, remainder) = remainder, last_remainder./(remainder)
+        x, last_x = last_x - quotient*x, x
+        y, last_y = last_y - quotient*y, y
+      end
+
+      return last_remainder, last_x * (a < 0 ? -1 : 1)
+    end
+
+    def self.mod_inverse(e, p=PRIME)
+      g, x = extended_gcd(e, p)
+      x % p
+    end
+
+    def self.combine(shares, encoder: nil)
+      abs = ->(v){ v < 0 ? v * -1 : v}
+      decoded = shares.map do |share|
+        share = encoder && encoder != Format::BASE64 ? encoder.decode(share) : share
+        share.chars.each_slice(ENCODED_CHUNK_SIZE).map(&:join).each_slice(2).map do |random, polynomial|
+          OpenStruct.new({
+            x: base64_decode(random),
+            y: base64_decode(polynomial)
+          })
+        end
+      end
+
+      chunks = decoded[0].length.times.map do |chunk|
+        secret = OpenSSL::BN.new(0)
+        decoded.each do |share|
+          point = share[chunk]
+          numerator, denominator = OpenSSL::BN.new(1), OpenSSL::BN.new(1)
+          decoded.each do |peer|
+            if peer != share
+              current = peer[chunk].x
+              numerator =  OpenSSL::BN.new((numerator * -current).to_i % PRIME)
+              denominator = OpenSSL::BN.new((denominator * (point.x - current)).to_i  % PRIME)
+            end
+          end
+          working = (point.y * numerator) * mod_inverse(denominator) + PRIME
+          secret = ((secret + working) + 1000 * PRIME) % PRIME
+        end
+        secret
+      end
+
+      hex_data = chunks.map{|chunk| chunk.to_s(16).rjust(64, "0") }.join
+      hex_data.chars.each_slice(64).map(&:join).map do |chunk|
+        chunk.gsub(/(?:00)+$/,'').chars.each_slice(2).map{|pair|
+          pair.join.to_i(16).chr
+        }
+      end.join
+    end
+  end
+end

data/lib/scl/version.rb

@@ -0,0 +1,3 @@
+module Scl
+  VERSION = "0.1.0"
+end

data/lib/scl.rb

@@ -0,0 +1,12 @@
+require "scl/version"
+require "scl/dh"
+require "scl/rsa"
+require "scl/aes"
+require "scl/secret_share"
+require "scl/control"
+require "scl/digest"
+require "scl/formats/format"
+require 'openssl'
+
+module Scl
+end

data/scl.gemspec

@@ -0,0 +1,25 @@
+# coding: utf-8
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "scl/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "scl"
+  spec.version       = Scl::VERSION
+  spec.authors       = ["Wouter Coppieters"]
+  spec.email         = ["wouter@youdo.co.nz"]
+
+  spec.summary       = "Simple crypto library"
+  spec.description   = "Simple crypto library"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.15"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "pry-byebug"
+end

metadata

@@ -0,0 +1,120 @@
+--- !ruby/object:Gem::Specification
+name: scl
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Wouter Coppieters
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2017-11-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.15'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.15'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: pry-byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Simple crypto library
+email:
+- wouter@youdo.co.nz
+executables:
+- scl
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- exe/scl
+- lib/scl.rb
+- lib/scl/aes.rb
+- lib/scl/control.rb
+- lib/scl/control/aes.rb
+- lib/scl/control/controller.rb
+- lib/scl/control/controller_module.rb
+- lib/scl/control/dh.rb
+- lib/scl/control/digest.rb
+- lib/scl/control/output.rb
+- lib/scl/control/rsa.rb
+- lib/scl/control/sss.rb
+- lib/scl/dh.rb
+- lib/scl/digest.rb
+- lib/scl/formats/auto.rb
+- lib/scl/formats/base64.rb
+- lib/scl/formats/binary.rb
+- lib/scl/formats/format.rb
+- lib/scl/formats/hex.rb
+- lib/scl/formats/qrcode.rb
+- lib/scl/formats/stdout.rb
+- lib/scl/formats/wordlist.txt
+- lib/scl/formats/words.rb
+- lib/scl/rsa.rb
+- lib/scl/secret_share.rb
+- lib/scl/version.rb
+- scl.gemspec
+homepage: 
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.1
+signing_key: 
+specification_version: 4
+summary: Simple crypto library
+test_files: []