sjcl 0.0.1 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 29f8b5de12d94ed4a88c0bc39573a2e6b0448231
-  data.tar.gz: 3a042cd7897783efa68a1ed3c1303ac823f23218
+  metadata.gz: 9bc27222ca1e75a41a1db9f11f8cb007b6a79874
+  data.tar.gz: 999c3ec4e08aef5f06daa2d60f6756f93f94331a
 SHA512:
-  metadata.gz: b45ef4f755370378ffdc7b84f80509032789a2c3efdd7a8e0fbbd25422c4d60d97ca89b1928c7420c9dcd388593b55b544cd260a897f5859ae9af32ee0c2739c
-  data.tar.gz: c7dc290ae0bc477bdee3e62eece162f7671be51ab4908b7c35d926d431cd6a33efe41653aa17115f2bcca1890a8c58cfd0b62362e33ff15c1bfa8e515b61a44d
+  metadata.gz: 716feceacd1b35b785cb122cf53aeb2735292b9e0765da504779fa5ff49fd13c3b4411ad9bb8215d753fcb8b0f3ff5c44270d4510cdd7157c5e350304f097e53
+  data.tar.gz: 1c8821376b8969072246b53058dc163b5250de237ed80aca1954d33f88f8f332993f9c478439d4b774ce7ad5c6a597084c5d743328a2f88daea865518e2f17c0

data/README.md

@@ -3,7 +3,7 @@
 
 A Ruby gem to interop with SJCL in AES-CCM mode.
 
-Defaults to 256 bit AES in CCM mode with 10_000 iteration PBKDF2
+Defaults to 256 bit AES in CCM mode with 100_000 iterations PBKDF2
 
 ### Install
 
@@ -14,14 +14,24 @@ gem install sjcl
     enc = SJCL.encrypt('password', "Something to encrypt")
     dec = SJCL.decrypt('password', enc)
 
-### Dev Notes
+    # Custom number of PBKDF2 iterations
+    enc = SJCL.encrypt('password', "Something to encrypt", {:iter => 10_000})
 
-This is a very naive implementation of SJCL's AES library in ruby.
-It's not been optimized for performance and instead tries to be a very
-close approximation of SJCL in terms of code and organization.
+### Usage
+
+    dec = SJCL.decrypt('password', enc)
+
+### Dev Goals
+
+- Should be 100% compatible with SJCL Javascript library in AES-CCM mode
+- Should not be dependent upon OpenSSL having been compiles with AES-CCM-256 support (May be slower)
 
 ### TODO
 
-- More modes
 - Test interop with node module directly
-- Test more scenarios
+
+### Changelog
+
+- 1.0.0
+  - Update to use OpenSSL PBKDF2 function for increased speed
+  - Increase default iterations to 100,000

data/Rakefile

@@ -4,7 +4,7 @@ require "rspec/core/rake_task"
 
 RSpec::Core::RakeTask.new(:rspec) do |spec|
   spec.pattern = 'spec/**/*_spec.rb'
-  spec.rspec_opts = ['-cfs --backtrace']
+  spec.rspec_opts = ['--format documentation', '--backtrace']
 end
 
 task :default => :rspec

data/lib/sjcl.rb

@@ -12,7 +12,7 @@ require 'base64'
 module SJCL
 
   DEFAULT = {
-    v:1, iter:10000, ks:256, ts:64,
+    iter:100_000, ks:256, ts:64,
     mode:"ccm", adata:"", cipher:"aes"
   }
 

data/lib/sjcl/pbkdf2.rb

@@ -5,166 +5,10 @@ module SJCL
   module Misc
 
     def self.pbkdf2(password, salt, iter, length)
-      salt = Base64.decode64(salt)
-      key = SJCL::PBKDF2.new(:password=>password,
-                 :salt=>salt,
-                 :key_length => length/8,
-                 :iterations=>iter).hex_string
-      SJCL::Codec::Hex.toBits(key)
+      key = OpenSSL::PKCS5.pbkdf2_hmac(password, Base64.decode64(salt), iter, length/8, 'SHA256')
+      SJCL::Codec::Hex.toBits(key.unpack('H*')[0])
     end
 
   end
 end
 
-
-# Pilfered from https://github.com/emerose and updated to Ruby >2.0
-class SJCL::PBKDF2
-  def initialize(opts={})
-    @hash_function = OpenSSL::Digest.new("sha256")
-
-    # override with options
-    opts.each_key do |k|
-      if self.respond_to?("#{k}=")
-        self.send("#{k}=", opts[k])
-      else
-        raise ArgumentError, "Argument '#{k}' is not allowed"
-      end
-    end
-
-    yield self if block_given?
-
-    # set this to the default if nothing was given
-    @key_length ||= @hash_function.size
-
-    # make sure the relevant things got set
-    raise ArgumentError, "password not set" if @password.nil?
-    raise ArgumentError, "salt not set" if @salt.nil?
-    raise ArgumentError, "iterations not set" if @iterations.nil?
-  end
-  attr_reader :key_length, :hash_function, :iterations, :salt, :password
-
-  def key_length=(l)
-    raise ArgumentError, "key too short" if l < 1
-    raise ArgumentError, "key too long" if l > ((2**32 - 1) * @hash_function.size)
-    @value = nil
-    @key_length = l
-  end
-
-  def hash_function=(h)
-    @value = nil
-    @hash_function = find_hash(h)
-  end
-
-  def iterations=(i)
-    raise ArgumentError, "iterations can't be less than 1" if i < 1
-    @value = nil
-    @iterations = i
-  end
-
-  def salt=(s)
-    @value = nil
-    @salt = s
-  end
-
-  def password=(p)
-    @value = nil
-    @password = p
-  end
-
-  def value
-    calculate! if @value.nil?
-    @value
-  end
-
-  alias bin_string value
-
-  def hex_string
-    bin_string.unpack("H*").first
-  end
-
-  # return number of milliseconds it takes to complete one iteration
-  def benchmark(iters = 400000)
-    iter_orig = @iterations
-    @iterations=iters
-    start = Time.now
-    calculate!
-    time = Time.now - start
-    @iterations = iter_orig
-    return (time/iters)
-  end
-
-  protected
-
-  # finds and instantiates, if necessary, a hash function
-  def find_hash(hash)
-    case hash
-    when Class
-      # allow people to pass in classes to be instantiated
-      # (eg, pass in OpenSSL::Digest::SHA1)
-      hash = find_hash(hash.new)
-    when Symbol
-      # convert symbols to strings and see if OpenSSL::Digest can make sense of
-      hash = find_hash(hash.to_s)
-    when String
-      # if it's a string, first strip off any leading 'hmacWith' (which is implied)
-      hash.gsub!(/^hmacWith/i,'')
-      # see if the OpenSSL lib understands it
-      hash = OpenSSL::Digest.new(hash)
-    when OpenSSL::Digest
-    when OpenSSL::Digest::Digest
-      # ok
-    else
-      raise TypeError, "Unknown hash type: #{hash.class}"
-    end
-    hash
-  end
-
-  # the pseudo-random function defined in the spec
-  def prf(data)
-    OpenSSL::HMAC.digest(@hash_function, @password, data)
-  end
-
-  # this is a translation of the helper function "F" defined in the spec
-  def calculate_block(block_num)
-    # u_1:
-    u = prf(salt+[block_num].pack("N"))
-    ret = u
-    # u_2 through u_c:
-    2.upto(@iterations) do
-      # calculate u_n
-      u = prf(u)
-      # xor it with the previous results
-      ret = str_xor(ret, u)
-    end
-    ret
-  end
-
-  # the bit that actually does the calculating
-  def calculate!
-    # how many blocks we'll need to calculate (the last may be truncated)
-    blocks_needed = (@key_length.to_f / @hash_function.size).ceil
-    # reset
-    @value = ""
-    # main block-calculating loop:
-    1.upto(blocks_needed) do |block_num|
-     @value << calculate_block(block_num)
-    end
-    # truncate to desired length:
-    @value = @value.slice(0,@key_length)
-    @value
-  end
-
-  def str_xor(str1, str2)
-    raise ArgumentError, "Can't bitwise-XOR a String with a non-String" \
-      unless str1.kind_of? String
-    raise ArgumentError, "Can't bitwise-XOR strings of different length" \
-      unless str2.length == str1.length
-    result = "".encode("ASCII-8BIT")
-    o_bytes = str2.bytes.to_a
-    str1.bytes.each_with_index do |c, i|
-      result << (c ^ o_bytes[i])
-    end
-    result
-  end
-
-end

data/lib/sjcl/version.rb

@@ -1,3 +1,3 @@
 module SJCL
-  VERSION = "0.0.1"
+  VERSION = "1.0.0"
 end

data/spec/aes_spec.rb

@@ -6,15 +6,15 @@ describe "the SJCL AES cipher" do
       expectedEnc = [-1029611070, -1587456955, 1398035525, 17593584058368, -473824721, 1118000746, 301400623, 1117979183, -340453629, -1458159255, -1193196730, -96321175, -1019810258, 1780526919, -759043071, 679718248, 665037594, 1300431965, -1623005092, -1212070604, 1338880947, 38713326, -1660133454, 718084742, -764414122, -803127112, 1294802698, 1742734732, 1929679827, -1557802133, -301413279, -1981232659, 1759102580, -872671969, 636803454, -1407446893, -283960603, 619646970, 18601604, -1391999465, 480766576, 944301450, 961753870, -1806371559]
       expectedDec = [480766576, -1806371559, 961753870, 944301450, -286319329, -615496010, 2062433761, -793409572, -2072105771, -1581352105, -1436829123, 1046125251, -1529599379, 199606634, -1811865346, -1171999210, -614676899, -1612389996, 774215400, 519085179, 1932300365, -1312721028, 819268243, -978560474, -1259908556, -2129363473, -176598859, -1233073557, 8079113, 1953312090, 1140431582, 40343647, -1507275254, 932493188, 1100874369, 35446614, 1689034073, 1980413189, 1132649943, -1540091556, -1029611070, 17593584058368, 1398035525, -1587456955]
       cipher = SJCL::Cipher::AES.new([-1029611070, -1587456955, 1398035525, 17593584058368])
-      SJCL::BitArray.compare(cipher.key[0], expectedEnc).should be_true
-      SJCL::BitArray.compare(cipher.key[1], expectedDec).should be_true
+      SJCL::BitArray.compare(cipher.key[0], expectedEnc).should be_truthy
+      SJCL::BitArray.compare(cipher.key[1], expectedDec).should be_truthy
     end
     it "should match at 256bits" do
       expectedEnc = [1181708080, 1181708080, 1181708080, 1181708080, 1181708080, 1181708080, 1181708080, 1181708080, -272143510, -1448606630, -272143510, -1448606630, -1783784050, -742198594, -1783784050, -742198594, -934361844, 1642512726, -1910396356, 663334502, 1493858749, -1966568701, 526718605, -861412301, -1876490681, -238958831, 2145414445, 1483326283, 871585550, -1187259379, -1503737216, 1794715315, 18246469, -254301100, -1892171399, -681704910, 1034625069, -2070873056, 583939744, 1211570195, -1950673385, 2070723139, -195331270, 587561224, 465606173, -1622119875, -1113695075, -173456242, 2023755761, 63747506, -141046136, -728582272, 1401896912, -857778707, 1900087664, -2065150466, -1555843922, -1601240804, 1461243796, -2088077292]
       expectedDec = [-1555843922, -2088077292, 1461243796, -1601240804, -349970150, 681329711, -584960127, 1016916195, 431432362, 457480884, -564876537, -1173387270, 1389592494, -172067922, -507584670, -675345927, 199160848, -988794445, 1683696893, -1548180144, 1369923852, 335588556, 906090139, -2056489385, 1985048176, -1588912818, -941389395, -1469689536, 507794320, 570522199, -1284661044, -724887717, -1929777810, 1722324195, 1871042797, -566804688, 1011165639, -1855137125, 1738979223, -896580405, -363759219, 153963534, -1313675299, 1389285982, -1389759652, -154505972, -1389759652, -154505972, -478399101, -1197495341, -478399101, -1197495341, 1541643856, 1541643856, 1541643856, 1541643856, 1181708080, 1181708080, 1181708080, 1181708080]
       cipher = SJCL::Cipher::AES.new(SJCL::Codec::UTF8String.toBits("Foo0Foo0Foo0Foo0Foo0Foo0Foo0Foo0"))
-      SJCL::BitArray.compare(cipher.key[0], expectedEnc).should be_true
-      SJCL::BitArray.compare(cipher.key[1], expectedDec).should be_true
+      SJCL::BitArray.compare(cipher.key[0], expectedEnc).should be_truthy
+      SJCL::BitArray.compare(cipher.key[1], expectedDec).should be_truthy
     end
   end
 
@@ -25,11 +25,11 @@ describe "the SJCL AES cipher" do
     it "should encrypt data" do
       expectedEnc = [1991380212, -38165922, 194830393, 500234942] # Taken from SJCL JS
       enc = cipher.encrypt(data)
-      SJCL::BitArray.compare(enc, expectedEnc).should be_true
+      SJCL::BitArray.compare(enc, expectedEnc).should be_truthy
     end
     it "should decrypt data" do
       dec = cipher.decrypt(cipher.encrypt(data))
-      SJCL::BitArray.compare(data, dec).should be_true
+      SJCL::BitArray.compare(data, dec).should be_truthy
     end
   end
 end

data/spec/spec_helper.rb

@@ -1,10 +1,14 @@
 require 'rubygems'
 require 'bundler/setup'
 require 'rspec'
-require 'rspec/autorun'
 
 require 'sjcl'
 
 RSpec.configure do |config|
-  # some (optional) config here
+  config.mock_with :rspec do |c|
+    c.syntax = [:should, :expect]
+  end
+  config.expect_with :rspec do |c|
+    c.syntax = [:should, :expect]
+  end
 end

metadata

@@ -1,41 +1,41 @@
 --- !ruby/object:Gem::Specification
 name: sjcl
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 1.0.0
 platform: ruby
 authors:
 - Mark Percival
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-03-17 00:00:00.000000000 Z
+date: 2015-01-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 description: 
@@ -45,8 +45,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- ".travis.yml"
+- .gitignore
+- .travis.yml
 - Gemfile
 - LICENSE
 - README.md
@@ -82,27 +82,18 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: sjcl
-rubygems_version: 2.1.11
+rubygems_version: 2.0.2
 signing_key: 
 specification_version: 4
 summary: A Ruby library for interopping with SJCL's AES crypto
-test_files:
-- spec/aes_spec.rb
-- spec/bit_array_spec.rb
-- spec/ccm_spec.rb
-- spec/code_base64_spec.rb
-- spec/codec_string_spec.rb
-- spec/codex_hex_spec.rb
-- spec/integration_spec.rb
-- spec/pbkdf2_spec.rb
-- spec/spec_helper.rb
+test_files: []