scl 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 043a75c0ec7aab24c5bde01c147e009b7e0bc58f
+  data.tar.gz: 3e1bf4954baccfab324591cddcbaa1fc60f14dab
+SHA512:
+  metadata.gz: eb615f84d442a67a169c804f99a2a243553c99055879a52d7479e96742f43142e69da4971657f6ead3d19bea5584f3722553e7b64193f563507e6950fe19dd2a
+  data.tar.gz: c0f3e20309a25ff69d1e4ebb2dcfaf8e2275fee1ebd7fa48cbefeb6d379ad9a4fb1b72e0d3c2b64cceb593e26755e065be4c3bdb40095533ed71a7ab8e430c6b

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at wouter@youdo.co.nz. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

data/Gemfile

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+
+git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in scl.gemspec
+gemspec

data/README.md

@@ -0,0 +1,71 @@
+# Scl (Simple Crypto Library)
+
+Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/scl`. To experiment with that code, run `bin/console` for an interactive prompt.
+
+TODO: Delete this and the text above, and describe your gem
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'scl'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install scl
+
+## CLI
+
+SCL Comes with a command line interface that allows you to perform basic encryption, decryption and key generation and key negotiation operations.
+
+Example usage:
+
+```
+RSA:
+scl rsa generate # Generate an RSA key-pair > prints to stdout in base64
+scl rsa generate --size=2048 --out=/tmp/keypair # Generate an RSA key-pair with size 2048 and
+                                                                # output binary as binary encoded.
+                                                                # Save to path /tmp/keypair
+
+scl rsa verify  --pub-key=/tmp/keypair/rsa.pub /path/to/file "signature" # Verify the signature of a file using a public key
+scl rsa sign    --priv-key=/tmp/keypair/rsa.priv  /path/to/file          # Generate a signature, outputs to stdout
+scl rsa encrypt --key=/tmp/keypair/rsa.[priv|pub] /path/to/file          # Encrypt a file, output to stdout
+scl rsa decrypt --key=/tmp/keypair/rsa.[priv|pub] /path/to/file          # Decrypt a file, output to stdout
+
+encrypt and decrypt both accept optional --cipher-size/-cs arguments
+All rsa actions accept --format/--input-format/--output-format -f/-if/-of arguments
+
+DH:
+scl dh ping                               # Start a diffie hellman key-generation
+scl dh pong [der] [public-key]            # Complete side-1 of a diffie hellman key-generation
+scl dh done [der] [public-key] [priv-key] # Complete side-2 of a diffie hellman key-generation
+
+AES:
+scl aes encrypt                    # Encrypt from stdin
+scl aes encrypt [file]             # Encrypt from file
+scl aes encrypt --key="abc" [file] # Enc
+```
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/scl. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+
+## Code of Conduct
+
+Everyone interacting in the Scl project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/scl/blob/master/CODE_OF_CONDUCT.md).

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "scl"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+require 'pry-byebug'
+Pry.start
+
+# require "irb"
+# IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/exe/scl

@@ -0,0 +1,124 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "scl"
+require 'optparse'
+require 'pry-byebug'
+
+Options = Struct.new(
+  :input_format,
+  :output_format,
+  :key_format,
+  :module,
+  :action,
+  :verbose,
+  :key_path,
+  :key_size,
+  :private_key_file,
+  :public_key_file,
+  :output_file,
+  :min_shares,
+  :num_shares,
+  :block_size,
+  :block_cipher,
+  :digest,
+  :help,
+  :opts
+)
+
+args = Options.new()
+opt_parser = OptionParser.new do |opts|
+  opts.banner = "Usage: scl [mode] [command] [options] "
+
+  opts.separator ""
+  opts.separator "Where mode is one of (aes, rsa, dh, sss, digest)"
+  opts.separator "try scl [mode] -h or scl [mode] [command] -h for more details"
+  opts.separator ""
+  opts.separator "Where options are:"
+
+  opts.on("-v", "--verbose", "Verbose output") do
+    args.verbose = true
+  end
+
+  opts.on(%i(words qrcode base64 binary hex stdout), "-f [FORMAT]", "--format [=FORMAT]", "Format to use for output, one of base64, qrcode, words, hex, stdout, none") do |f|
+    puts "Selected output format #{f}" if args.verbose
+    args.output_format = f
+  end
+
+  opts.on(%i(words qrcode base64 binary hex), "-i [INPUT_FORMAT]", "--input-format [=INPUT_FORMAT]", "Format to use for input, one of base64, qrcode, words, hex, none") do |f|
+    puts "Selected input format #{f}" if args.verbose
+    args.input_format = f
+  end
+
+  opts.on(%i(words qrcode base64 binary hex), "-b [KEY_FORMAT]", "--key-format [=KEY_FORMAT]", "Format to use for keys, one of base64, qrcode, words, hex, none") do |f|
+    puts "Selected key format #{f}" if args.verbose
+    args.key_format = f
+  end
+
+  opts.on("-k [KEY_PATH]", "--key-path [=KEY_PATH]", "The path of the key(s) to use (Looks for  [key_path].pub and [key_path].priv)") do |p|
+    puts "Selected key path #{p}" if args.verbose
+    args.key_path = p
+  end
+
+  opts.on("-Z [PRIVATE_KEY]", "--priv-key [=PRIVATE_KEY]", "Private key file to use") do |p|
+    puts "Using private key file #{p}" if args.verbose
+    args.private_key_file = p
+  end
+
+  opts.on("-p [PUBLIC_KEY]", "--pub-key [=PUBLIC_KEY]", "Public key file to use") do |p|
+    puts "Using public key file #{p}" if args.verbose
+    args.public_key_file = p
+  end
+
+  opts.on("-o [OUTPUT_FILE]", "--out [=OUTPUT_FILE]", "File or file-prefix for where to save outputs") do |p|
+    puts "Using output file #{p}" if args.verbose
+    args.output_file = p
+  end
+
+  opts.on("-s [KEY_SIZE]", "--key-size [=KEY_SIZE]", Integer, "Size of the generated key") do |ks|
+    puts "Using key size #{ks}" if args.verbose
+    args.key_size = ks
+  end
+
+  opts.on("-m [MIN_SHARES]", "--min-shares [=MIN_SHARES]", Integer, "Size of the generated key") do |ms|
+    puts "Using min shares #{ms}" if args.verbose
+    args.min_shares = ms
+  end
+
+  opts.on("-n [NUM_SHARES]", "--num-shares [=NUM_SHARES]", Integer, "Size of the generated key") do |ns|
+    puts "Using num shares #{ns}" if args.verbose
+    args.num_shares = ns
+  end
+
+  opts.on("-S [BLOCK_SIZE]", "--block-size [=BLOCK_SIZE]", Integer, "Block size of cipher") do |bs|
+    puts "Using block size #{bs}" if args.verbose
+    args.block_size = bs
+  end
+
+  opts.on("-C [BLOCK_CIPHER]", "--block-size [=BLOCK_CIPHER]", String, "Block cipher") do |bc|
+    puts "Using block cipher #{bc}" if args.verbose
+    args.block_cipher = bc
+  end
+
+  opts.on('-d [DIGEST]', '--digest [=DIGEST]', String, 'Digest (e.g. sha256)') do |dg|
+    puts "Using digest #{dg}" if args.verbose
+    args.digest = dg
+  end
+
+  opts.on("-h", "--help", "Prints this help") do
+    args.help = true
+  end
+  args.opts = opts
+
+end
+
+opt_parser.parse!
+
+unless ARGV.any?
+  puts args.opts
+  exit(0)
+else
+  Scl::Control::Controller.new(args)
+                          .module(ARGV.shift)
+                          .action(ARGV.shift, ARGV)
+end

data/lib/scl/aes.rb

@@ -0,0 +1,28 @@
+module Scl
+  class AES
+    def initialize(block_size=256, block_cipher=:CBC)
+      @block_cipher = block_cipher || :CBC
+      @block_size = block_size || 256
+    end
+
+    def build_cypher
+      OpenSSL::Cipher::AES.new(@block_size, @block_cipher)
+    end
+
+    def encrypt(plaintext, key=nil, iv=nil)
+      block_cipher = build_cypher
+      block_cipher.encrypt
+      block_cipher.key = key ||= block_cipher.random_key
+      block_cipher.iv  = iv  ||= block_cipher.random_iv
+      [block_cipher.update(plaintext) + block_cipher.final, key, iv]
+    end
+
+    def decrypt(ciphertext, key, iv)
+      block_cipher = build_cypher
+      block_cipher.decrypt
+      block_cipher.key = key
+      block_cipher.iv  =  iv
+      block_cipher.update( ciphertext ) + block_cipher.final
+    end
+  end
+end

data/lib/scl/control/aes.rb

@@ -0,0 +1,51 @@
+module Scl
+  module Control
+    class AES < ControllerModule
+
+      help <<-HELP,
+      encrypt. Encrypt a given file.
+      Can optionally be given an existing key, otherwise a unique one will be generated alongside
+      the cipher text.
+        e.g
+          scl aes encrypt somefile
+          scl aes encrypt somefile -k somekey
+      HELP
+      def encrypt(file)
+        input_key = args.key_path ?
+          read_file(args.key_path) :
+          nil
+        file_content = read_file(file)
+        ct, key, iv = aes.encrypt(file_content, input_key)
+        args.output_file ||= file
+        controller.output(
+          Output.new(iv << '::' << ct, ".enc"),
+          input_key ? nil : Output.new(key, '.key')
+        )
+      end
+
+
+      help <<-HELP,
+      decrypt. Decrypt a given file.
+      Must be given a key using -k/--key-path
+        e.g
+          scl aes decrypt somefile.enc -k somekey.key
+          scl aes decrypt somefile.enc -k somekey.key -o output.txt
+      HELP
+      def decrypt(file)
+        key = input_decoder.decode(read_file(args.key_path, "encryption key", "Use -k option"))
+        iv, cipher_text = input_decoder.decode(read_file(file, 'ciphertext')).split('::', 2)
+
+        plaintext = aes.decrypt(cipher_text, key, iv)
+        args.output_format = 'binary'
+        controller.output(
+          Output.new(plaintext, '')
+        )
+      end
+
+      private
+        def aes
+          Scl::AES.new(args.block_size, args.block_cipher)
+        end
+    end
+  end
+end

data/lib/scl/control/controller.rb

@@ -0,0 +1,96 @@
+module Scl
+  module Control
+    class Controller
+      attr_reader :args
+      def initialize(args)
+        @args = args
+        puts "Using output format #{output_encoder.name}" if verbose?
+        puts "Using input format #{input_decoder.name}" if verbose?
+      end
+
+      def output_encoder
+        coder_for(args.output_format)
+      end
+
+      def input_decoder
+        coder_for(args.input_format)
+      end
+
+      def key_coder
+        coder_for(args.key_format)
+      end
+
+      def output_file
+        "#{@args.output_file}".strip
+      end
+
+      def verbose?
+        @args.verbose
+      end
+
+      def module(module_name)
+        case module_name
+        when "aes" then Control::AES.new(self)
+        when "rsa" then Control::RSA.new(self)
+        when "dh"  then Control::DH.new(self)
+        when "sss"  then Control::SSS.new(self)
+        when "digest"  then Control::Digest.new(self)
+        else
+          puts "No scl module found \"#{module_name}\""
+          puts args.opts
+          exit(1)
+        end
+      end
+
+      def coder_for(format)
+        case "#{format}".strip
+        when "base64"               then Format::BASE64
+        when "qrcode"               then Format::QRCODE
+        when "base64"               then Format::BASE64
+        when "words"                then Format::WORDS
+        when "hex"                  then Format::HEX
+        when "binary","text","none" then Format::BINARY
+        when "", "auto"             then Format::AUTO
+        when "stdout"               then Format::STDOUT
+        else
+          puts "Unexpected format \"#{format}\""
+          exit(1)
+        end
+      end
+
+      def output(*results)
+        case output_file
+        when '' then
+          puts "\n\n"
+          puts results.compact.map{|r| output_encoder.encode(r.content) }.join("\n\n")
+        else
+          results.compact.each do |result|
+            puts "Writing #{result.file(output_file)}" if verbose?
+            if args.output_format == 'stdout'
+              output_encoder.encode(result.content)
+            else
+              IO.write(
+                result.file(output_file),
+                output_encoder.encode(result.content)
+              ) if confirm_overwrite?(result.file(output_file))
+            end
+          end
+        end
+      end
+
+      def confirm_overwrite?(filename)
+        if File.exists?(filename)
+          puts "File #{filename} already exists. Confirm overwrite? [Yn]"
+          if gets.strip.downcase == 'y'
+            puts "Confirmed overwrite for #{filename}" if verbose?
+            return true
+          else
+            puts "Skipping save for #{filename}" if verbose?
+            return false
+          end
+        end
+        return true
+      end
+    end
+  end
+end

data/lib/scl/control/controller_module.rb

@@ -0,0 +1,102 @@
+module Scl
+  module Control
+    class ControllerModule
+      attr_reader :controller
+      def initialize(controller)
+        @controller = controller
+      end
+
+      def args
+        @controller.args
+      end
+
+      def input_decoder
+        @controller.input_decoder
+      end
+
+      def output_encoder
+        @controller.output_encoder
+      end
+
+      def key_coder
+        @controller.key_coder
+      end
+
+      def help?
+        args.help
+      end
+
+      def self.help(message, method)
+        @@help ||= {}
+        @@help[self.name] ||= {}
+        @@help[self.name][method.to_s] = message
+      end
+
+      def self.print_help(args, method, own_methods=[])
+        module_name = self.name.split('::').last.downcase
+        puts "======="
+        if method && @@help[self.name] && @@help[self.name][method]
+          puts "Usage: scl #{module_name} #{method} (options)\n"
+          puts
+          puts @@help[self.name][method].split("\n").map{|line| line.gsub(/^\s{6}/,'')}.join("\n")
+          puts
+        else
+          puts "No help docs found for \"#{method}\"\n=======\n" if method
+          puts "Usage: scl #{module_name} [command] (options)"
+          puts
+          puts "Supported commands are [#{own_methods.join(' ')}]"
+          puts
+          puts "Try scl #{module_name} [command] -h for more info"
+          puts
+          puts args.opts.to_s[/Where options.*/m]
+        end
+        exit(0)
+      end
+
+      def action(action_name, args)
+        args = args.dup
+        ARGV.clear
+        if @controller.args.help || !action_name
+          self.class.print_help(@controller.args, action_name, self.public_methods.select{|m| self.method(m).owner == self.class })
+          exit(0)
+        end
+        if self.respond_to?(action_name)
+          begin
+            action = self.method(action_name)
+            required_args = action.arity >= 0 ? action.arity : -(action.arity + 1)
+            unless required_args <= args.length
+              raise ControlError.new("#{action_name} expected at least #{required_args} arguments\nE.g.\n#{action_name} #{action.parameters.map(&:last).map{|x| "[#{x}]"}[-required_args..-1].join(' ')} (options)")
+            end
+            self.send(action_name, *args)
+          rescue ArgumentError => e
+            puts e.message
+            puts "#{action_name} expects #{required_args} arguments by default\nE.g.\n#{action_name} #{action.parameters.map(&:last).map{|x| "[#{x}]"}[-required_args..-1].join(' ')}"
+            self.class.print_help(@controller.args, action_name)
+            puts e.backtrace if @controller.verbose?
+          rescue ControlError => e
+            puts e.message
+            puts e.cause
+            puts e.cause.backtrace if @controller.verbose?
+            self.class.print_help(@controller.args, action_name)
+          end
+        else
+          own_methods = self.public_methods.select{|m| self.method(m).owner == self.class }
+          puts "Command not supported: \"#{action_name}\""
+          puts "Supported commands are [#{own_methods.join(' ')}]"
+          exit(1)
+        end
+      end
+
+      private
+        def read_file(file, label='', help)
+          unless file
+            raise ControlError.new("Expected #{label} file not given\n#{help}")
+          end
+          unless File.exists?(file)
+            raise ControlError.new("Expected #{label} file #{file} doesnt exist\n#{help}")
+          end
+          IO.read(file)
+        end
+    end
+  end
+end