RubyGems - secretsharing - Versions diffs - 0.3 → 1.0.0 - Mend

secretsharing 0.3 → 1.0.0

Files changed (28) hide show

checksums.yaml +7 -0
data/.coco.yml +6 -0
data/.gitignore +18 -0
data/.rubocop.yml +29 -0
data/.travis.yml +16 -0
data/CHANGES +17 -0
data/Gemfile +4 -0
data/LICENSE.txt +202 -0
data/README.md +286 -0
data/Rakefile +12 -0
data/SIGNED.md +99 -0
data/bin/secretsharing +111 -0
data/gemfiles/Gemfile.ci +7 -0
data/lib/secretsharing.rb +25 -0
data/lib/secretsharing/shamir.rb +91 -293
data/lib/secretsharing/shamir/container.rb +93 -0
data/lib/secretsharing/shamir/secret.rb +123 -0
data/lib/secretsharing/shamir/share.rb +156 -0
data/lib/secretsharing/version.rb +20 -0
data/secretsharing.gemspec +47 -0
data/spec/shamir_container_spec.rb +373 -0
data/spec/shamir_secret_spec.rb +208 -0
data/spec/shamir_share_spec.rb +59 -0
data/spec/shamir_spec.rb +35 -0
data/spec/spec_helper.rb +33 -0
metadata +204 -57
data/README +0 -67
data/test/test_shamir.rb +0 -161

data/spec/shamir_secret_spec.rb ADDED Viewed

@@ -0,0 +1,208 @@
+# -*- encoding: utf-8 -*-
+# Copyright 2011-2015 Glenn Rempe
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#     http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require File.expand_path('../spec_helper', __FILE__)
+describe SecretSharing::Shamir::Secret do
+  describe 'initialization' do
+    before do
+      @num = OpenSSL::BN.new('1234567890')
+      @s = SecretSharing::Shamir::Secret.new(:secret => @num)
+    end
+    it 'must return the correct max secret bitlength constant value' do
+      SecretSharing::Shamir::Secret::MAX_BITLENGTH.must_equal(4096)
+    end
+    it 'must respond to #secret' do
+      @s.respond_to?(:secret).must_equal(true)
+    end
+    it 'must respond to #bitlength' do
+      @s.respond_to?(:bitlength).must_equal(true)
+    end
+    it 'must respond to #valid_hmac?' do
+      @s.respond_to?(:valid_hmac?).must_equal(true)
+    end
+    it 'must initialize with a random secret and set @secret and @bitlength by default' do
+      @s.secret.is_a?(OpenSSL::BN).must_equal(true)
+      @s.bitlength.is_a?(Integer).must_equal(true)
+    end
+    it 'must raise an ArgumentError if an Integer instead of an OpenSSL::BN is provided to the constructor' do
+      lambda { SecretSharing::Shamir::Secret.new(:secret => 1_234_567_890) }.must_raise(ArgumentError)
+    end
+    it 'must raise an ArgumentError if the bitlength of the secret is greater than MAX_BITLENGTH' do
+      # 1234 * 1's is 4097 num_bits
+      lambda { SecretSharing::Shamir::Secret.new(:secret => OpenSSL::BN.new("#{'1' * 1234}")) }.must_raise(ArgumentError)
+    end
+    it 'must initialize with a fixed secret and set @secret and @bitlength to the same if passed an OpenSSL::BN' do
+      @s.secret.is_a?(OpenSSL::BN).must_equal(true)
+      @s.secret.must_equal(@num)
+      @s.bitlength.is_a?(Integer).must_equal(true)
+      @s.bitlength.must_equal(@num.num_bits)
+    end
+    it 'must throw an exception if initialized with a String that does not base64 re-hydrate as expected from the output of #to_s' do
+      lambda { SecretSharing::Shamir::Secret.new(:secret => 'foo') }.must_raise(ArgumentError)
+    end
+    it 'must throw an exception if initialized with a String that contains \n on platform that is not true for Base64.respond_to?(:urlsafe_encode64)' do
+      Base64.stub(:respond_to?, false) do
+        lambda { SecretSharing::Shamir::Secret.new(:secret => 'foo\nbar') }.must_raise(ArgumentError)
+      end
+    end
+    it 'must use Base64.decode64 instead of Base64.urlsafe_decode64 on platform that is not true for Base64.respond_to?(:urlsafe_encode64)' do
+      Base64.stub(:respond_to?, false) do
+        num = OpenSSL::BN.new('1234567890123456789012345678901234567890')
+        s1 = SecretSharing::Shamir::Secret.new(:secret => num)
+        s1_str = s1.to_s
+        s1_str.must_equal('MWl6aWJqZjR6dmRibXZxNjZkNndtOGcxY2k=')
+        # Re-hydrate a new Secret object from the previously de-hydrated String
+        s2 = SecretSharing::Shamir::Secret.new(:secret => s1_str)
+        s2.must_equal(s1)
+      end
+    end
+    it 'must decode to the SAME String on mixed platforms that are, or are not, truthy for Base64.respond_to?(:urlsafe_decode64)' do
+      # NOTE : OpenSSL::BN.new('1234567890123456789012345678901234567890')
+      str = 'MWl6aWJqZjR6dmRibXZxNjZkNndtOGcxY2k='
+      s2 = nil
+      s3 = nil
+      s1 = SecretSharing::Shamir::Secret.new(:secret => str)
+      s1_str = s1.to_s
+      s1_str.must_equal(str)
+      Base64.stub(:respond_to?, false) do
+        s2 = SecretSharing::Shamir::Secret.new(:secret => str)
+        s2_str = s2.to_s
+        s2_str.must_equal(str)
+      end
+      Base64.stub(:respond_to?, false) do
+        s3 = SecretSharing::Shamir::Secret.new(:secret => str)
+        s3_str = s3.to_s
+        s3_str.must_equal(str)
+      end
+      s1.must_equal(s2)
+      s1.must_equal(s3)
+    end
+    it 'must throw an ArgumentError if an unknown option hash key is passed in' do
+      lambda { SecretSharing::Shamir::Secret.new(:secret => 'foo\nbar', :unknown_arg => true) }.must_raise(ArgumentError)
+    end
+  end # describe initialization
+  describe '==' do
+    before do
+      @num = OpenSSL::BN.new('1234567890')
+      @s = SecretSharing::Shamir::Secret.new(:secret => @num)
+    end
+    it 'must return true if two secrets have the same OpenSSL::BN set internally' do
+      s2 = @s
+      (@s == s2).must_equal(true)
+    end
+    it 'must return false if two secrets have different OpenSSL::BN set internally' do
+      s2 = SecretSharing::Shamir::Secret.new(:secret => OpenSSL::BN.new('987654321'))
+      (@s == s2).must_equal(false)
+    end
+  end
+  describe 'secret?' do
+    before do
+      @num = OpenSSL::BN.new('1234567890')
+      @s = SecretSharing::Shamir::Secret.new(:secret => @num)
+    end
+    it 'must return true if a secret is set' do
+      @s.secret.is_a?(OpenSSL::BN).must_equal(true)
+      @s.secret?.must_equal(true)
+    end
+    it 'must return false if a secret is not set' do
+      @s.secret = nil
+      @s.secret?.must_equal(false)
+    end
+  end
+  describe 'secret()' do
+    before do
+      @num = OpenSSL::BN.new('1234567890')
+      @s = SecretSharing::Shamir::Secret.new(:secret => @num)
+    end
+    it 'must return true if a secret is set' do
+      @s.secret.is_a?(OpenSSL::BN).must_equal(true)
+      @s.secret?.must_equal(true)
+    end
+    it 'must return false if a secret is not set' do
+      @s.secret = nil
+      @s.secret?.must_equal(false)
+    end
+  end
+  describe 'to_s' do
+    it 'must return a proper and consistent URL safe encoded String representation of @secret and allow round trip of that String' do
+      num = OpenSSL::BN.new('1234567890123456789012345678901234567890')
+      s1 = SecretSharing::Shamir::Secret.new(:secret => num)
+      s1_str = s1.to_s
+      s1_str.must_equal('MWl6aWJqZjR6dmRibXZxNjZkNndtOGcxY2k=')
+      # Re-hydrate a new Secret object from the previously de-hydrated String
+      s2 = SecretSharing::Shamir::Secret.new(:secret => s1_str)
+      s2.must_equal(s1)
+    end
+  end
+  describe 'valid_hmac?' do
+    before do
+      @num = OpenSSL::BN.new('1234567890')
+      @s = SecretSharing::Shamir::Secret.new(:secret => @num)
+    end
+    it 'must return true if a a valid HMAC based on the secret is set' do
+      @s.valid_hmac?.must_equal(true)
+    end
+    it 'must return false if a secret is not set' do
+      @s.secret = nil
+      @s.valid_hmac?.must_equal(false)
+    end
+    it 'must return false if the HMAC was tampered with at all' do
+      @s.hmac = @s.hmac + 'a'
+      @s.valid_hmac?.must_equal(false)
+    end
+  end
+end # describe SecretSharing::Shamir::Secret

data/spec/shamir_share_spec.rb ADDED Viewed

@@ -0,0 +1,59 @@
+# -*- encoding: utf-8 -*-
+# Copyright 2011-2015 Glenn Rempe
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#     http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require File.expand_path('../spec_helper', __FILE__)
+describe SecretSharing::Shamir::Share do
+  describe 'initialization' do
+    before do
+      @args = { :hmac => 'foo', :k => 3, :n => 4, :x => 1, :y => 1, :prime => 1, :prime_bitlength => 1 }
+    end
+    it 'will raise when instantiated with no args' do
+      lambda { SecretSharing::Shamir::Share.new }.must_raise(ArgumentError)
+    end
+    it 'will raise if an unknown option hash key is passed in' do
+      lambda { SecretSharing::Shamir::Share.new(@args.merge(:foo => 'bar')) }.must_raise(ArgumentError)
+    end
+    it 'will raise when instantiated with missing args' do
+      lambda { SecretSharing::Shamir::Share.new(@args.merge(:version => nil)) }.must_raise(ArgumentError)
+      lambda { SecretSharing::Shamir::Share.new(@args.merge(:hmac => nil)) }.must_raise(ArgumentError)
+      lambda { SecretSharing::Shamir::Share.new(@args.merge(:k => nil)) }.must_raise(ArgumentError)
+      lambda { SecretSharing::Shamir::Share.new(@args.merge(:n => nil)) }.must_raise(ArgumentError)
+      lambda { SecretSharing::Shamir::Share.new(@args.merge(:x => nil)) }.must_raise(ArgumentError)
+      lambda { SecretSharing::Shamir::Share.new(@args.merge(:y => nil)) }.must_raise(ArgumentError)
+      lambda { SecretSharing::Shamir::Share.new(@args.merge(:prime => nil)) }.must_raise(ArgumentError)
+      lambda { SecretSharing::Shamir::Share.new(@args.merge(:prime_bitlength => nil)) }.must_raise(ArgumentError)
+    end
+    it 'will be instantiated when provided with complete args' do
+      @s = SecretSharing::Shamir::Share.new(:hmac => 'foo', :k => 3, :n => 4, :x => 1, :y => 1, :prime => 1, :prime_bitlength => 1)
+      @s.must_be_kind_of(SecretSharing::Shamir::Share)
+    end
+    it 'must be able to be compared directly to another share (==)' do
+      @s1 = SecretSharing::Shamir::Share.new(:hmac => 'foo', :k => 3, :n => 4, :x => 1, :y => 1, :prime => 1, :prime_bitlength => 1)
+      @s2 = SecretSharing::Shamir::Share.new(:hmac => 'foo', :k => 3, :n => 4, :x => 1, :y => 1, :prime => 1, :prime_bitlength => 1)
+      @s1.must_equal(@s2)
+    end
+  end
+end

data/spec/shamir_spec.rb ADDED Viewed

@@ -0,0 +1,35 @@
+# -*- encoding: utf-8 -*-
+# Copyright 2011-2015 Glenn Rempe
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#     http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require File.expand_path('../spec_helper', __FILE__)
+describe SecretSharing::Shamir do
+  describe 'usafe_encode64 and usafe_decode64' do
+    include SecretSharing::Shamir
+    it 'will encode and decode back to the original String' do
+      str = MultiJson.dump(:foo => 'bar', :bar => 12_345_678_748_390_743_789)
+      enc = usafe_encode64(str)
+      dec = usafe_decode64(enc)
+      dec.must_equal(str)
+    end
+  end
+end

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,33 @@
+# -*- encoding: utf-8 -*-
+# Copyright 2011-2015 Glenn Rempe
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#     http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require 'rubygems'
+require 'bundler'
+Bundler.setup
+# code coverage
+begin
+  require 'coco'
+rescue LoadError
+  # Don't blow up if coco isn't available.
+  # It won't install on MRI Ruby < 1.9.2 or
+  # other platforms. It is not installed
+  # in the Travis CI build environment.
+end
+require File.expand_path('../../lib/secretsharing', __FILE__)
+require 'minitest/autorun'
+require 'mocha/setup'

metadata CHANGED Viewed

@@ -1,74 +1,221 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification
 name: secretsharing
-version: !ruby/object:Gem::Version
-  hash: 13
-  prerelease: false
-  segments:
-  - 0
-  - 3
-  version: "0.3"
+version: !ruby/object:Gem::Version
+  version: 1.0.0
 platform: ruby
-authors:
+authors:
 - Alexander Klink
+- Glenn Rempe
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-06-27 00:00:00 +02:00
-default_executable:
-dependencies: []
+date: 2015-01-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: highline
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: coco
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rb-fsevent
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rerun
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.4'
 description: |
-  A libary for sharing secrets in an information-theoretically secure way.
-  It uses Shamir's secret sharing to enable sharing a (random) secret between
-  n persons where k <= n persons are enough to recover the secret. k-1 secret
-  share holders learn nothing about the secret when they combine their shares.
-email: secretsharing@alech.de
-executables: []
+  Shamir's Secret Sharing is an algorithm in cryptography. It is a
+  form of secret sharing, where a secret is divided into parts,
+  giving each participant its own unique part, where some of the
+  parts or all of them are needed in order to reconstruct the
+  secret. Holders of a share gain no knowledge of the larger secret.
+email:
+- glenn@rempe.us
+executables:
+- secretsharing
 extensions: []
-extra_rdoc_files:
-- README
-files:
+extra_rdoc_files:
+- README.md
+files:
+- ".coco.yml"
+- ".gitignore"
+- ".rubocop.yml"
+- ".travis.yml"
+- CHANGES
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- SIGNED.md
+- bin/secretsharing
+- gemfiles/Gemfile.ci
 - lib/secretsharing.rb
 - lib/secretsharing/shamir.rb
-- test/test_shamir.rb
-- README
-has_rdoc: true
-homepage:
-licenses: []
+- lib/secretsharing/shamir/container.rb
+- lib/secretsharing/shamir/secret.rb
+- lib/secretsharing/shamir/share.rb
+- lib/secretsharing/version.rb
+- secretsharing.gemspec
+- spec/shamir_container_spec.rb
+- spec/shamir_secret_spec.rb
+- spec/shamir_share_spec.rb
+- spec/shamir_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/grempe/secretsharing
+licenses:
+- APACHE 2.0
+metadata: {}
 post_install_message:
 rdoc_options: []
-require_paths:
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
-  requirements:
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version
-      hash: 3
-      segments:
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
-  requirements:
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version
-      hash: 3
-      segments:
-      - 0
-      version: "0"
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 1.3.7
+rubyforge_project: secretsharing
+rubygems_version: 2.4.5
 signing_key:
-specification_version: 3
-summary: A library to share secrets in an information-theoretically secure way.
-test_files:
-- test/test_shamir.rb
+specification_version: 4
+summary: A Ruby Gem to enable sharing secrets using Shamirs Secret Sharing.
+test_files:
+- spec/shamir_container_spec.rb
+- spec/shamir_secret_spec.rb
+- spec/shamir_share_spec.rb
+- spec/shamir_spec.rb
+- spec/spec_helper.rb