shatter 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 21861829b74cc78af7c6dc8db6b9bab8fd13e87c
-  data.tar.gz: 57b5858ca1af53a8c035d83c818f46df455409ea
+  metadata.gz: 20e9bdc967f06ba0dee596b2020c07df2fe81c84
+  data.tar.gz: 4e1e0424410eb2af42f20fcd5631aa58b375e33a
 SHA512:
-  metadata.gz: cb13accb271cb65b0da9b641544b46131cbef0c2a97f3332e0ad841126aa8e5005058432f39c196db168cf910c70225ffcb3f54ed1824bbd7df915588c102f43
-  data.tar.gz: 6b54e5c27425d2c25f3fa4bb898a5425c6c8a38635d82d273de626417f7ec9b6141ee0084e57d117c4971e2b3b0bef8ba81d4c52b415d35b02cbc3085930f563
+  metadata.gz: ad48cf810f51ad4e2a6bc290a6b88c8d97ca4557176975afcc83a3c68473f92f26201abf5aed018cbd8b8a4a7e07f5595a29975ece8fa8fdf6050e4834acd328
+  data.tar.gz: bb3065cffdd67f6ab83c16fea8efeb7e4414fade4b39a42378458610837045fa571e948097a456bc95df87ca655560bafcded416c9e38aeeac7418d53f17d4ae

data/lib/shatter.rb

@@ -1,21 +1,36 @@
 require 'funtools'
+require 'rbnacl'
+require 'rbnacl/libsodium'
 require 'shatter/controller'
 
 module Shatter
   extend self
-  VERSION   = '0.0.1'
+  VERSION   = '0.0.2'
   PORTRANGE = 9479..9749
 
   controller = nil
   set        = ->(new_controller) { controller ||= new_controller }
 
+  get_random = ->(varname, size = RbNaCl::PasswordHash::SCrypt::SALTBYTES) do
+    if ENV[varname].to_s.length == size
+      ENV[varname].force_encoding('BINARY')
+    else
+      RbNaCl::Random.random_bytes(size)
+    end
+  end
+
+  salt = get_random.('SHATTER_SALT')
+  pass = get_random.('SHATTER_PASS')
+  size = RbNaCl::SecretBox::KEYBYTES
+  key  = RbNaCl::PasswordHash.scrypt(pass, salt, 2**20, 2**40, size)
+
   # Public: Set the Controller for the currently running process.  This will be
   # used directly if the current process is expected to be passed messages.
   #
   # parent - Pid to which to report the process's new Pid. (default: nil)
   #
   # Returns nothing.
-  define_method(:init)    { |parent=nil| set.(Controller.new(parent)) }
+  define_method(:init)    { |parent=nil| set.(Controller.new(parent, key)) }
 
   # Public: Clear the process's Controller, then call init to set a new one.
   # This is needed after calling fork in order to obtain a new socket.

data/lib/shatter/controller.rb

@@ -11,15 +11,17 @@ module Shatter
     # thread to manage the mailbox.
     #
     # parent - Pid of the parent Controller, if applicable.
-    def initialize(parent)
+    # key    - String containing the shared secret for an RbNaCl SecretBox.
+    def initialize(parent, key)
       @parent  = parent
+      @box     = RbNaCl::SecretBox.new(key)
       @socket  = listen
       @mailbox = Queue.new
       @known   = Shatter::Pidlist.new
       @chunks  = {}
 
       pass(@parent, :system, [:childpid, pid]) if @parent
-      Thread.new { mailbox_loop }
+      Thread.new { mailbox_loop(key) }
     end
 
     # Public: Pass items in the current mailbox to a given block, removing them
@@ -45,7 +47,7 @@ module Shatter
     def pid
       unless @pid
         _, port, _, ip = @socket.addr.map(&:freeze)
-        @pid           = Shatter::Pid.new($$, ip, port, '')
+        @pid           = Shatter::Pid.new($$, ip, port, @box, '')
       end
       @pid
     end
@@ -56,15 +58,18 @@ module Shatter
     # and putting them into the mailbox.  This should be run within its own
     # thread.
     #
+    # key - String containing the shared secret for an RbNaCl SecretBox.
+    #
     # Does not return.
-    deftail :mailbox_loop do
+    deftail :mailbox_loop do |key|
       connection = @socket.accept
       Thread.new do
         data = connection.read
         begin
-          message = Marshal.load(data)
+          nonce, ciphertext = Marshal.load(data)
+          message = Marshal.load(@box.decrypt(nonce, ciphertext))
           @mailbox << message unless handle_message(message)
-        rescue ArgumentError
+        rescue ArgumentError, RbNaCl::CryptoError, RbNaCl::LengthError
         end
       end
       mailbox_loop

data/lib/shatter/pid.rb

@@ -1,7 +1,7 @@
 require 'socket'
 
 module Shatter
-  class Pid < Struct.new(:pid, :host, :port, :name)
+  class Pid < Struct.new(:pid, :host, :port, :box, :name)
     # Public: Open a socket to a given Controller and send any number of
     # messages to it.
     #
@@ -10,8 +10,10 @@ module Shatter
     #
     # Returns nothing.
     def pass(*messages)
-      socket = TCPSocket.new(host, port)
-      socket.send(Marshal.dump(messages), 0)
+      socket  = TCPSocket.new(host, port)
+      nonce   = RbNaCl::Random.random_bytes(RbNaCl::SecretBox::NONCEBYTES)
+      message = box.encrypt(nonce, Marshal.dump(messages))
+      socket.send(Marshal.dump([nonce, message]), 0)
       socket.close
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: shatter
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - Tina Wuest
@@ -30,6 +30,46 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 0.7.1
+- !ruby/object:Gem::Dependency
+  name: rbnacl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.1.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.1.2
+- !ruby/object:Gem::Dependency
+  name: rbnacl-libsodium
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.0
 description: Framework to facilitate distributed computing with Ruby
 email: tina@wuest.me
 executables: []