simple-secrets 1.0.0 → 2.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: dce15098b369653fbfa4f4f1a5c38123254c4d17
+  data.tar.gz: 7b3c14b5e9ce8a62d84eea8f561c5785d647bbe6
+SHA512:
+  metadata.gz: 6ded25d7753b56b891fbcdb578e33369bfe8d8a863a9deb2a3af1f16c0be5b76747ab028cd19f51e3fbb5d83901f2c891bc247d98fed72c5b80561920831cb25
+  data.tar.gz: f0f34544a1bbacc377633d77167e9cb19fc6ad79481edda31f43d796e16cb30a891209e35b583fa32b225e44734d87551791a10ef7bc5202b421da0e549a1550

data/.travis.yml

@@ -1,4 +1,4 @@
 language: ruby
 rvm:
-  - 1.9.3
   - 2.0.0
+  - 2.2.4

data/README.md

@@ -1,9 +1,13 @@
 
-# SimpleSecrets [![Build Status](https://travis-ci.org/timshadel/simple-secrets.rb.png?branch=master)](https://travis-ci.org/timshadel/simple-secrets.rb)
+# simple-secrets.rb [![Build Status](https://travis-ci.org/timshadel/simple-secrets.rb.png?branch=master)](https://travis-ci.org/timshadel/simple-secrets.rb)
 
-A Ruby client for [simple-secrets][simple-secrets], the simple, opinionated library for encrypting small packets of data securely.
+The Ruby implementation of a simple, opinionated library for encrypting small packets of data securely. Designed for exchanging tokens among systems written in a variety of programming languages: [Node.js][simple-secrets], [Ruby][simple-secrets.rb], [Objective-C][SimpleSecrets], [Java][simple-secrets.java], [Erlang][simple_secrets.erl].
 
 [simple-secrets]: https://github.com/timshadel/simple-secrets
+[simple-secrets.rb]: https://github.com/timshadel/simple-secrets.rb
+[SimpleSecrets]: https://github.com/timshadel/SimpleSecrets
+[simple-secrets.java]: https://github.com/timshadel/simple-secrets.java
+[simple_secrets.erl]: https://github.com/CamShaft/simple_secrets.erl
 
 ## Examples
 
@@ -12,29 +16,32 @@ A Ruby client for [simple-secrets][simple-secrets], the simple, opinionated libr
 Send:
 
 ```ruby
-require('simple-secrets')
+require 'simple-secrets'
+
+include SimpleSecrets
 
 # Try `head /dev/urandom | shasum -a 256` to make a decent 256-bit key
-master_key = new Buffer('<64-char hex string (32 bytes, 256 bits)>', 'hex');
-# => <Buffer 71 c8 67 56 23 4b fd 3c 37 ... >
+sender = Packet.new '<64-char hex string master key (32 bytes, 256 bits)>'
+# => #<SimpleSecrets::Packet:0x007fec7c198e60 @master_key="d\xDD\xB5...", @identity="B\xBE...">
 
-var sender = secrets(master_key);
-var packet = sender.pack('this is a secret message');
-# => 'OqlG6KVMeyFYmunboS3HIXkvN_nXKTxg2yNkQydZOhvJrZvmfov54hUmkkiZCnlhzyrlwOJkbV7XnPPbqvdzZ6TsFOO5YdmxjxRksZmeIhbhLaMiDbfsOuSY1dBn_ZgtYCw-FRIM'
+packet = sender.pack msg: 'this is a secret message'
+# => 'Qr4m7AughkcQIRqQvlyXiB67EwHdBf5n9JD2s_Z9NpO4ksPGvLYjNbDm3HRzvFXFSpV2IqDQw_LTamndMh2c7iOQT0lSp4LstqJPAtoQklU5sb7JHYyTOuf-6W-q7W8gAnq1wCs5'
 ```
 
 Receive:
 
-```js
-var secrets = require('simple-secrets');
+```ruby
+require 'simple-secrets'
+
+include SimpleSecrets
+
+# Same shared key
+sender = Packet.new '<64-char hex string master key (32 bytes, 256 bits)>'
+# Read data from somewhere
+packet = 'OqlG6KVMeyFYmunboS3HIXkvN_nXKTxg2yNkQydZOhvJrZvmfov54hUmkkiZCnlhzyrlwOJkbV7XnPPbqvdzZ6TsFOO5YdmxjxRksZmeIhbhLaMiDbfsOuSY1dBn_ZgtYCw-FRIM'
 
-// Same shared key
-var master_key = new Buffer('<shared-key-hex>', 'hex');
-var sender = secrets(master_key);
-var packet = new Buffer('<read data from somewhere>');
-// => 'OqlG6KVMeyFYmunboS3HIXkvN_nXKTxg2yNkQydZOhvJrZvmfov54hUmkkiZCnlhzyrlwOJkbV7XnPPbqvdzZ6TsFOO5YdmxjxRksZmeIhbhLaMiDbfsOuSY1dBn_ZgtYCw-FRIM'
-var secret_message = sender.unpack(packet);
-// => 'this is a secret message'
+secret_message = sender.unpack(packet);
+# => {"msg"=>"this is a secret message"}
 ```
 
 

data/lib/msgpack_extensions.rb

@@ -0,0 +1,31 @@
+if RUBY_PLATFORM == 'java'
+  class Array
+    def to_msgpack
+      MessagePack.pack self
+    end
+  end
+
+  class String
+    def to_msgpack
+      MessagePack.pack self
+    end
+  end
+
+  class Fixnum
+    def to_msgpack
+      MessagePack.pack self
+    end
+  end
+
+  class NilClass
+    def to_msgpack
+      MessagePack.pack self
+    end
+  end
+
+  class Hash
+    def to_msgpack
+      MessagePack.pack self
+    end
+  end
+end

data/lib/simple_secrets/primitives.rb

@@ -1,6 +1,7 @@
 require 'openssl'
 require 'base64'
 require 'msgpack'
+require 'msgpack_extensions'
 
 module SimpleSecrets
 
@@ -121,7 +122,7 @@ module SimpleSecrets
       cipher = OpenSSL::Cipher::AES256.new(:CBC)
       cipher.encrypt
       cipher.key = key
-      iv = cipher.random_iv
+      iv = cipher.iv = OpenSSL::Random.random_bytes(16)
 
       encrypted = ''.force_encoding('BINARY')
       encrypted << iv
@@ -360,7 +361,7 @@ private
     end
 
     def self.assert256BitBinary binary
-      raise '256-bit binary string required.' unless binary.size == 32
+      raise "256-bit binary string required. '#{binary.unpack("H*")}'" unless binary.size == 32
     end
 
     def self.assert128BitBinary binary

data/lib/simple_secrets/version.rb

@@ -1,3 +1,3 @@
 module SimpleSecrets
-  VERSION = "1.0.0"
+  VERSION = "2.0.0"
 end

data/simple_secrets.gemspec

@@ -17,8 +17,13 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
+  spec.required_ruby_version = '>= 2.0'
 
-  spec.add_dependency "msgpack"
+  if RUBY_PLATFORM == 'java'
+    spec.add_dependency "msgpack-jruby", "~> 1.4.0"
+  else
+    spec.add_dependency "msgpack", "~> 0.7.1"
+  end
 
   spec.add_development_dependency "bundler", "~> 1.3"
   spec.add_development_dependency "rake"

data/spec/compatibility_spec.rb

@@ -0,0 +1,112 @@
+require 'spec_helper'
+
+include SimpleSecrets
+
+describe 'the Ruby implementation should handle the compatibility standard items' do
+
+  let(:master_key){ 'eda00b0f46f6518d4c77944480a0b9b0a7314ad45e124521e490263c2ea217ad' }
+  let(:iv){ Util.hex_to_bin '7f3333233ce9235860ef902e6d0fcf35' }
+  let(:nonce){ Util.hex_to_bin '83dcf5916c0b5c4bc759e44f9f5c8c50' }
+
+  subject{ Packet.new master_key }
+
+  before(:each) do
+    allow(Primitives).to receive(:nonce) { nonce }
+    allow(OpenSSL::Random).to receive(:random_bytes) { iv }
+  end
+
+  describe 'string' do
+    let(:string){ 'This is the simple-secrets compatibility standard string.' }
+    let(:websafe_msgpack1){ 'W7l1PJaffzMzIzzpI1hg75AubQ_PNSjEUycoH1Z7GEwonPVW7yMqhBNKylbt-R7lByBe6fmIZdLIH2C2BPyYOtA-z2oGxclL_nZ0Ylo8e_gkf3bXzMn04l61i4dRsVCMJ5pL72suwuJMURy81n73eZEu2ASoVqSSVsnJo9WODLLmvsF_Mu0' }
+    let(:websafe_msgpack5){ 'W7l1PJaffzMzIzzpI1hg75AubQ_PNSjEUycoH1Z7GEwonPVW7yNp54eHe8KRY2JqOo9H8bi3Hnm4G0-r5SNlXXhIW9S99qTxTwibKW7mLkaNMTeZ1ktDwx-4sjCpCnXPIyZe7-l6-o6XjIqazRdhGD6AH5ZS9UFqLpaqIowSUQ9CeiQeFBQ' }
+
+    it 'creates' do
+      expect(subject.pack(string)).to eq websafe_msgpack5
+    end
+
+    it 'recovers' do
+      expect(subject.unpack(websafe_msgpack1)).to eq string
+      expect(subject.unpack(websafe_msgpack5)).to eq string
+    end
+  end
+
+  describe 'binary' do
+    let(:binary){ "32".hex_to_bin(10) }
+    let(:websafe_msgpack1){ 'W7l1PJaffzMzIzzpI1hg75AubQ_PNSjEUycoH1Z7GEwonPVW7yOnGuj4lHrhU_Uv8rMbpjXQJiqd3OMdktrw1asMDXy6jyLrVe9Ea-W09XC90Dgaxlk' }
+    let(:websafe_msgpack5){ 'W7l1PJaffzMzIzzpI1hg75AubQ_PNSjEUycoH1Z7GEwonPVW7yMVgYX8jn_wUmumA0aJMLlWffSYU0oaJsyJsVjxxF96Ia6mZgAalv5iywbsKORqxtQ' }
+
+    it 'creates' do
+      expect(subject.pack(binary)).to eq websafe_msgpack5
+    end
+
+    it 'recovers' do
+      expect(subject.unpack(websafe_msgpack1)).to eq binary
+      expect(subject.unpack(websafe_msgpack5)).to eq binary
+    end
+  end
+
+  describe 'numbers' do
+    let(:number){ 65234 }
+    let(:websafe_msgpack1){ 'W7l1PJaffzMzIzzpI1hg75AubQ_PNSjEUycoH1Z7GEwonPVW7yN5I1SH6a75Y_qQlQIclwrVyOk6jJJnMrjeOm6D27_wD0DxwIY9cxSw8boQDgEsLKg' }
+
+    it 'creates' do
+      expect(subject.pack(number)).to eq websafe_msgpack1
+    end
+
+    it 'recovers' do
+      expect(subject.unpack(websafe_msgpack1)).to eq number
+    end
+  end
+
+  describe 'nil' do
+    let(:null){ nil }
+    let(:websafe_msgpack1){ 'W7l1PJaffzMzIzzpI1hg75AubQ_PNSjEUycoH1Z7GEwonPVW7yPYBCYpYMU-4WChi6L1O1GCEApGRhWlg13kVPLTb90cXcEN9vpYgvttgcBJBh6Tjv8' }
+
+    it 'creates' do
+      expect(subject.pack(null)).to eq websafe_msgpack1
+    end
+
+    it 'recovers' do
+      expect(subject.unpack(websafe_msgpack1)).to eq nil
+    end
+  end
+
+  describe 'array' do
+    let(:array){ ['This is the simple-secrets compatibility standard array.','This is the simple-secrets compatibility standard array.'] }
+    let(:websafe_msgpack1){ 'W7l1PJaffzMzIzzpI1hg75AubQ_PNSjEUycoH1Z7GEwonPVW7yMKAFsDUUYwc2fKvPhP_RHYhDOUfJ58li1gJgg9sVeaKx9yC0vFkpxuTmzJP6hZjn6XXlrG6A7-EeNgyzvP547booi2LUi0ALyAzbCaR8abXqnzoNwITRz7TL0J_NkP2gfxbpwUvyBo8ZT0cxGRr9jGnW5F5s6D0jmKZTl209nDJEpXDFRDXCo5y08tmvMNogs7rsZYz74mAap3mrBS-J7W' }
+    let(:websafe_msgpack5){ 'W7l1PJaffzMzIzzpI1hg75AubQ_PNSjEUycoH1Z7GEwonPVW7yP5Au9NtEbC-uoWkSPKgnAjODduuH_a2tH-zXaPNdqScWNR8snsQK2OufCVnb2OFk8O7VwgrObvx5gnGgC3pOsmk2Z5CasmOAfzn0B6uEnaBpiMOs74d0d70t07J4MdCRs1aDai9SJqxMpbjz5KJpVmSWqnT3n5KhzEdTLQwCuXQhSA0JKFaAlwQHh5tzq6ToWZZVR34REAGdAo7RMLSSi3' }
+
+    it 'creates' do
+      expect(subject.pack(array)).to eq websafe_msgpack5
+    end
+
+    it 'recovers' do
+      expect(subject.unpack(websafe_msgpack1)).to eq array
+      expect(subject.unpack(websafe_msgpack5)).to eq array
+    end
+  end
+
+  describe 'map' do
+    let(:map){ {'compatibility-key' => 'This is the simple-secrets compatibility standard map.'} }
+    let(:websafe_msgpack1){ 'W7l1PJaffzMzIzzpI1hg75AubQ_PNSjEUycoH1Z7GEwonPVW7yNR4q6kPij6WINZKHgOqKHXYKrvvhyLbyFTsndgOx5M5yockEUwdSgv6jG_JYpAiU5R37Y7OIZnF3IN2EWtaFSuJko0ajcvoYgDPeLMvjAJdRyBUYIKcvR-g56_p4O7Uef3yJRnfCprG6jUdMyDBai_' }
+    let(:websafe_msgpack5){ 'W7l1PJaffzMzIzzpI1hg75AubQ_PNSjEUycoH1Z7GEwonPVW7yNR4q6kPij6WINZKHgOqKHXsI6Zwegq5A48uq2i-l13bNQWLY9Ho-lG_s6PzwQhjGz6BnCwAK66YsDBlTqflM-X1mviccZbvUV7K6i2ZPOs8gDUtMIVnu-ByDFopGwZUHjelkUZiLZcRKWXIYSLWyKp' }
+
+    it 'creates' do
+      expect(subject.pack(map)).to eq websafe_msgpack5
+    end
+
+    it 'recovers' do
+      expect(subject.unpack(websafe_msgpack1)).to eq map
+      expect(subject.unpack(websafe_msgpack5)).to eq map
+    end
+  end
+
+end
+
+class Util
+  def self.hex_to_bin string
+    b = [string].pack('H*')
+    b.force_encoding 'BINARY'
+    b
+  end
+end

data/spec/packet_spec.rb

@@ -17,26 +17,26 @@ describe Packet do
   describe '#initialize' do
     it 'sets its master key' do
       its_key = subject.instance_variable_get(:@master_key)
-      its_key.unpack('H*').first.should eq master_key
-      its_key.encoding.should eq Encoding::ASCII_8BIT
+      expect(its_key.unpack('H*').first).to eq(master_key)
+      expect(its_key.encoding).to eq(Encoding::ASCII_8BIT)
     end
 
     it 'sets its identity' do
       identity = Primitives.identify subject.instance_variable_get(:@master_key)
-      subject.instance_variable_get(:@identity).should eq identity
+      expect(subject.instance_variable_get(:@identity)).to eq(identity)
     end
   end
 
   describe '#build_body' do
     it 'concatenates the serialized body with a nonce' do
-      Primitives.should_receive(:nonce){ nonce }
-      subject.build_body(data).should eq test_body
+      expect(Primitives).to receive(:nonce) { nonce }
+      expect(subject.build_body(data)).to eq(test_body)
     end
   end
 
   describe '#body_to_data' do
     it 'it splits out the nonce and deserializes the body' do
-      subject.body_to_data(test_body).should eq data
+      expect(subject.body_to_data(test_body)).to eq(data)
     end
   end
 
@@ -46,9 +46,9 @@ describe Packet do
 
       cipher_data = subject.encrypt_body test_body, key
       decrypted_body = subject.decrypt_body cipher_data, key
-      test_body.should_not eq cipher_data
-      cipher_data.should_not eq decrypted_body
-      decrypted_body.should eq test_body
+      expect(test_body).not_to eq(cipher_data)
+      expect(cipher_data).not_to eq(decrypted_body)
+      expect(decrypted_body).to eq(test_body)
     end
   end
 
@@ -59,7 +59,7 @@ describe Packet do
 
       packet = subject.authenticate test_body, key, id
       data = subject.verify packet, key, id
-      data.should eq test_body
+      expect(data).to eq(test_body)
     end
 
     it 'returns nil if the key identity does not match' do
@@ -68,7 +68,7 @@ describe Packet do
 
       packet = subject.authenticate test_body, key, bad_id
       data = subject.verify packet, key, id
-      data.should be_nil
+      expect(data).to be_nil
     end
 
     it 'returns nil if the MAC does not match' do
@@ -79,17 +79,17 @@ describe Packet do
       packet = "#{packet[0...-32]}#{bad_mac}"
 
       data = subject.verify packet, key, id
-      data.should be_nil
+      expect(data).to be_nil
     end
   end
 
   describe '.pack and .unpack' do
     it 'encrypts and signs data into web-safe string, then verifies and decrypts it back' do
       packed_data = subject.pack data
-      packed_data.should_not eq data
+      expect(packed_data).not_to eq(data)
 
       unpacked_data = subject.unpack packed_data
-      unpacked_data.should eq data
+      expect(unpacked_data).to eq(data)
     end
   end
 end

data/spec/primitives_spec.rb

@@ -213,9 +213,9 @@ describe Primitives do
       b = "12".hex_to_bin
       c = "11".hex_to_bin
 
-      expect(Primitives.compare(a,a)).to be_true
-      expect(Primitives.compare(a,b)).to be_false
-      expect(Primitives.compare(a,c)).to be_true
+      expect(Primitives.compare(a,a)).to be true
+      expect(Primitives.compare(a,b)).to be false
+      expect(Primitives.compare(a,c)).to be true
     end
 
     # Timing test, in progress from node.js version
@@ -330,6 +330,14 @@ describe Primitives do
       expect(Primitives.deserialize(Primitives.serialize('abcd'))).to eq('abcd')
       expect(Primitives.deserialize(Primitives.serialize([]))).to eq([])
       expect(Primitives.deserialize(Primitives.serialize({}))).to eq({})
+      buf = "32".hex_to_bin(10)
+      out = Primitives.deserialize(Primitives.serialize(buf))
+      expect(out).to eq(buf)
+      # msgpack bug: data is correctly extracted, but tagged with incorrect
+      #   encoding. Make sure it can be coerced back.
+      if out.encoding != buf.encoding
+        expect(out.force_encoding(buf.encoding)).to eq(buf)
+      end
     end
   end
 

data/spec/simple_secrets_spec.rb

@@ -2,6 +2,6 @@ require 'spec_helper'
 
 describe SimpleSecrets do
   it 'should have a version number' do
-    SimpleSecrets::VERSION.should_not be_nil
+    expect(SimpleSecrets::VERSION).not_to be_nil
   end
 end

metadata

@@ -1,78 +1,69 @@
 --- !ruby/object:Gem::Specification
 name: simple-secrets
 version: !ruby/object:Gem::Version
-  version: 1.0.0
-  prerelease: 
+  version: 2.0.0
 platform: ruby
 authors:
 - Tim Shadel
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-05-11 00:00:00.000000000 Z
+date: 2016-01-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: msgpack
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.7.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.7.1
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 description: A Ruby client for simple-secrets, the simple, opinionated library for
@@ -83,19 +74,21 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .rspec
-- .travis.yml
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
+- lib/msgpack_extensions.rb
 - lib/simple-secrets.rb
 - lib/simple_secrets.rb
 - lib/simple_secrets/packet.rb
 - lib/simple_secrets/primitives.rb
 - lib/simple_secrets/version.rb
 - simple_secrets.gemspec
+- spec/compatibility_spec.rb
 - spec/packet_spec.rb
 - spec/primitives_spec.rb
 - spec/simple_secrets_spec.rb
@@ -103,30 +96,30 @@ files:
 homepage: https://github.com/timshadel/simple-secrets.rb
 licenses:
 - MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 2.4.5
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: A Ruby client for simple-secrets, the simple, opinionated library for encrypting
   small packets of data securely.
 test_files:
+- spec/compatibility_spec.rb
 - spec/packet_spec.rb
 - spec/primitives_spec.rb
 - spec/simple_secrets_spec.rb