RubyGems - sodium - Versions diffs - 0.0.0 → 0.5.0 - Mend

sodium 0.0.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (47) hide show

data/.gitignore +4 -0
data/.travis.yml +27 -0
data/Gemfile +9 -0
data/README.md +111 -0
data/Rakefile +3 -0
data/VERSION +1 -0
data/config/nacl_ffi.yml +90 -0
data/lib/sodium.rb +24 -0
data/lib/sodium/auth.rb +52 -0
data/lib/sodium/box.rb +127 -0
data/lib/sodium/buffer.rb +141 -0
data/lib/sodium/delegate.rb +58 -0
data/lib/sodium/ffi.rb +9 -0
data/lib/sodium/ffi/crypto.rb +106 -0
data/lib/sodium/ffi/lib_c.rb +9 -0
data/lib/sodium/ffi/random.rb +11 -0
data/lib/sodium/hash.rb +23 -0
data/lib/sodium/one_time_auth.rb +52 -0
data/lib/sodium/random.rb +16 -0
data/lib/sodium/secret_box.rb +65 -0
data/lib/sodium/sign.rb +75 -0
data/lib/sodium/version.rb +5 -0
data/sodium.gemspec +9 -3
data/sodium.pub.gpg +37 -0
data/tasks/libsodium.rake +70 -0
data/tasks/test.rake +6 -0
data/tasks/version.rake +3 -0
data/test/sodium/auth/hmacsha256_test.rb +54 -0
data/test/sodium/auth/hmacsha512256_test.rb +53 -0
data/test/sodium/auth_test.rb +49 -0
data/test/sodium/box/curve25519xsalsa20poly1305_test.rb +79 -0
data/test/sodium/box_test.rb +109 -0
data/test/sodium/buffer_test.rb +120 -0
data/test/sodium/delegate_test.rb +44 -0
data/test/sodium/hash/sha256_test.rb +31 -0
data/test/sodium/hash/sha512_test.rb +35 -0
data/test/sodium/hash_test.rb +35 -0
data/test/sodium/one_time_auth/poly1305_test.rb +54 -0
data/test/sodium/one_time_auth_test.rb +49 -0
data/test/sodium/random_test.rb +25 -0
data/test/sodium/secret_box/xsalsa20poly1305_test.rb +50 -0
data/test/sodium/secret_box_test.rb +56 -0
data/test/sodium/sign/ed25519_test.rb +52 -0
data/test/sodium/sign_test.rb +58 -0
data/test/test_helper.rb +44 -0
metadata +117 -8
checksums.yaml +0 -7

data/test/sodium/box_test.rb ADDED Viewed

@@ -0,0 +1,109 @@
+require 'test_helper'
+describe Sodium::Box do
+  include SodiumTestHelpers
+  subject       { self.klass.new(*self.keypair) }
+  let(:klass)   { Sodium::Box }
+  let(:keypair) { self.klass.keypair }
+  it 'must default to the Curve22519XSalsa20Poly1305 implementation' do
+    self.klass.implementation.
+      must_equal Sodium::Box::Curve25519XSalsa20Poly1305
+  end
+  it 'must allow access to alternate implementations' do
+    self.klass.implementation(:xyz).
+      must_equal nil
+  end
+  it 'must instantiate the default implementation' do
+    self.subject.
+      must_be_kind_of Sodium::Box::Curve25519XSalsa20Poly1305
+  end
+  it 'must mint keypairs from the default implementation' do
+    sodium_mock_default(self.klass) do |klass, mock|
+      mock.expect :nacl_keypair, true, [ '', '' ]
+      mock.expect :[],           0,    [:PUBLICKEYBYTES]
+      mock.expect :[],           0,    [:SECRETKEYBYTES]
+      sk, pk = klass.keypair
+      sk.to_str.must_equal ''
+      pk.to_str.must_equal ''
+    end
+  end
+  it 'must raise when instantiating with an invalid keypair' do
+    secret_key, public_key = self.keypair
+    lambda { self.klass.new(secret_key.to_str[0..-2], public_key) }.
+      must_raise Sodium::LengthError
+    lambda { self.klass.new(secret_key, public_key.to_str[0..-2]) }.
+      must_raise Sodium::LengthError
+  end
+  it 'must raise when receiving an invalid nonce' do
+    lambda { self.subject.box('message', self.subject.nonce.to_str[0..-2]) }.
+      must_raise Sodium::LengthError
+  end
+  it 'must raise when receiving an invalid shared key' do
+    lambda { self.klass.afternm('key', 'message', self.subject.nonce) }.
+      must_raise Sodium::LengthError
+  end
+  it 'must raise when failing to generate keypairs' do
+    sodium_stub_failure(self.klass, :nacl_keypair) do
+      lambda { self.keypair }.
+        must_raise Sodium::CryptoError
+    end
+  end
+  it 'must raise when failing to close a box' do
+    sodium_stub_failure(self.klass, :nacl) do
+      lambda { self.subject.box('message', self.subject.nonce) }.
+        must_raise Sodium::CryptoError
+    end
+  end
+  it 'must raise when failing to open a box' do
+    sodium_stub_failure(self.klass, :nacl_open) do
+      lambda { self.subject.open('ciphertext', self.subject.nonce) }.
+        must_raise Sodium::CryptoError
+    end
+  end
+  it 'must raise when failing to generate a shared key' do
+    sodium_stub_failure(self.klass, :nacl_beforenm) do
+      lambda { self.subject.beforenm }.
+        must_raise Sodium::CryptoError
+    end
+  end
+  it 'must raise when failing to close a box with a shared key' do
+    sodium_stub_failure(self.klass, :nacl_afternm) do
+      lambda do
+        key     = self.subject.beforenm
+        nonce   = self.subject.nonce
+        message = 'message'
+        self.klass.afternm(key, message, nonce)
+      end.must_raise Sodium::CryptoError
+    end
+  end
+  it 'must raise when failing to open a box with a shared key' do
+    sodium_stub_failure(self.klass, :nacl_open_afternm) do
+      lambda do
+        key        = self.subject.beforenm
+        nonce      = self.subject.nonce
+        ciphertext = 'ciphertext'
+        self.klass.open_afternm(key, ciphertext, nonce)
+      end.must_raise Sodium::CryptoError
+    end
+  end
+end

data/test/sodium/buffer_test.rb ADDED Viewed

@@ -0,0 +1,120 @@
+require 'test_helper'
+describe Sodium::Buffer do
+  subject { Sodium::Buffer }
+  it '::key must securely generate random keys of specified length' do
+    Sodium::Random.stub(:bytes, lambda {|l| ' ' * l }) do
+      subject.key( 7).to_str.must_equal(' ' *  7)
+      subject.key( 8).to_str.must_equal(' ' *  8)
+      subject.key(16).to_str.must_equal(' ' * 16)
+      subject.key(32).to_str.must_equal(' ' * 32)
+      subject.key(64).to_str.must_equal(' ' * 64)
+    end
+  end
+  it '::nonce must securely generate random nonces of specified length' do
+    Sodium::Random.stub(:bytes, lambda {|l| ' ' * l }) do
+      subject.nonce( 7).to_str.must_equal(' ' *  7)
+      subject.nonce( 8).to_str.must_equal(' ' *  8)
+      subject.nonce(16).to_str.must_equal(' ' * 16)
+      subject.nonce(32).to_str.must_equal(' ' * 32)
+      subject.nonce(64).to_str.must_equal(' ' * 64)
+    end
+  end
+  it '::empty must generate an empty buffer of specified length' do
+    subject.empty(32).to_str.must_equal("\0" * 32)
+    subject.empty(40).to_str.must_equal("\0" * 40)
+  end
+  it '::empty must yield to a block when given' do
+    mock = MiniTest::Mock.new
+    mock.expect :flag, nil
+    subject.empty(5) {|buffer| mock.flag }
+    mock.verify
+  end
+  it '::new must create a buffer containing the specified string' do
+    subject.new('xyz'     ).to_str.must_equal('xyz')
+    subject.new('xyz' * 50).to_str.must_equal('xyz' * 50)
+  end
+  it '::new must do optional length checking' do
+    lambda { subject.new('xyz', 4).to_str }.
+      must_raise Sodium::LengthError
+  end
+  it '#initialize must freeze its bytes' do
+    subject.new('s').to_str.must_be :frozen?
+  end
+  it '#initialize must wipe the memory from the original string' do
+    'test'.tap do |s|
+      subject.new(s)
+    end.must_equal("\0" * 4)
+  end
+  it '#initialize must wipe the buffer during finalization'
+  it '#initialize must prevent the string from being paged to disk'
+  it '#pad bytes onto the front' do
+    subject.new('s').pad(3).to_str.must_equal "\0\0\0s"
+  end
+  it '#unpad bytes from the front' do
+    subject.new("\0\0\0s").unpad(3).to_str.must_equal 's'
+  end
+  it '#byteslice must accept an indivdual byte offset to return' do
+    subject.new('xyz').tap do |buffer|
+      buffer.byteslice(-4).to_str.must_equal ''
+      buffer.byteslice(-3).to_str.must_equal 'x'
+      buffer.byteslice(-2).to_str.must_equal 'y'
+      buffer.byteslice(-1).to_str.must_equal 'z'
+      buffer.byteslice( 0).to_str.must_equal 'x'
+      buffer.byteslice( 1).to_str.must_equal 'y'
+      buffer.byteslice( 2).to_str.must_equal 'z'
+      buffer.byteslice( 3).to_str.must_equal ''
+    end
+  end
+  it '#byteslice must accept ranges of bytes to return' do
+    subject.new('xyz').tap do |buffer|
+      buffer.byteslice( 0.. 0).to_str.must_equal 'x'
+      buffer.byteslice( 0.. 1).to_str.must_equal 'xy'
+      buffer.byteslice( 0.. 2).to_str.must_equal 'xyz'
+      buffer.byteslice( 0.. 3).to_str.must_equal 'xyz'
+      buffer.byteslice( 1..-1).to_str.must_equal 'yz'
+      buffer.byteslice( 2..-2).to_str.must_equal ''
+      buffer.byteslice(-3..-1).to_str.must_equal 'xyz'
+      buffer.byteslice(-4.. 1).to_str.must_equal ''
+    end
+  end
+  it '#byteslice must accept an offset and number of bytes to return' do
+    subject.new('xyz').tap do |buffer|
+      buffer.byteslice( 0,  0).to_str.must_equal ''
+      buffer.byteslice( 0,  1).to_str.must_equal 'x'
+      buffer.byteslice( 0,  3).to_str.must_equal 'xyz'
+      buffer.byteslice( 2,  4).to_str.must_equal 'z'
+      buffer.byteslice( 2,  1).to_str.must_equal 'z'
+      buffer.byteslice(-2,  1).to_str.must_equal 'y'
+      buffer.byteslice( 0, -1).to_str.must_equal ''
+    end
+  end
+  it '#bytesize must return its length' do
+    subject.new('testing').bytesize.must_equal 7
+  end
+  it '#inspect must not reveal its instance variables' do
+    subject.new('blah').inspect.wont_include 'blah'
+  end
+  it '#to_str must return its internal bytes' do
+    subject.new('xyz').to_str.must_equal('xyz')
+  end
+end

data/test/sodium/delegate_test.rb ADDED Viewed

@@ -0,0 +1,44 @@
+require 'test_helper'
+class DelegateTest
+  include Sodium::Delegate
+  def self.[](key)
+    self.const_get(key)
+  end
+  class Subclass1 < self; PRIMITIVE = :subclass1; end
+  class Subclass2 < self; PRIMITIVE = :subclass2; end
+  DEFAULT = :subclass1
+end
+describe Sodium::Delegate do
+  subject        { self.klass.new          }
+  let(:klass)    { DelegateTest            }
+  let(:subclass) { DelegateTest::Subclass1 }
+  it '::implementation must be the default' do
+    self.klass.implementation.must_equal self.subclass
+  end
+  it 'must allow access to constants through indexing' do
+    self.klass.implementation[:PRIMITIVE].must_equal :subclass1
+  end
+  it 'must allow access to arbitrary implementations' do
+    self.klass.implementation(:subclass2).must_equal DelegateTest::Subclass2
+  end
+  it 'must instantiate the default implementation' do
+    self.klass.new.class.must_equal self.subclass
+  end
+  it 'must allow instance access to the instantiated primitive' do
+    self.subject.primitive.must_equal self.subclass::PRIMITIVE
+  end
+  it 'must allow class access to the instantiated primitive' do
+    self.subject.class.primitive.must_equal self.subclass::PRIMITIVE
+  end
+end

data/test/sodium/hash/sha256_test.rb ADDED Viewed

@@ -0,0 +1,31 @@
+require 'test_helper'
+describe Sodium::Hash::SHA256 do
+  include SodiumTestHelpers
+  let (:klass)     { Sodium::Hash::SHA256 }
+  let (:primitive) { :sha256 }
+  let :constants do
+    { :BYTES => 32 }
+  end
+  let_64(:hash)      { 'q1MKE+RZFJgrefm34/uplM/R8/si9xzqGvvwK0YMbR0=' }
+  let_64(:plaintext) { 'bWVzc2FnZQ==' }
+  it '::primitive must be correct' do
+    self.klass.primitive.must_equal self.primitive
+  end
+  it 'must have correct values for its constants' do
+    self.constants.each_pair do |name, value|
+      self.klass[name].must_equal value
+    end
+  end
+  it 'must generate hashes' do
+    self.klass.hash(
+      self.plaintext
+    ).to_str.must_equal self.hash
+  end
+end

data/test/sodium/hash/sha512_test.rb ADDED Viewed

@@ -0,0 +1,35 @@
+require 'test_helper'
+describe Sodium::Hash::SHA512 do
+  include SodiumTestHelpers
+  let (:klass)     { Sodium::Hash::SHA512 }
+  let (:primitive) { :sha512 }
+  let :constants do
+    { :BYTES => 64 }
+  end
+  let_64(:hash) do
+    %{ +Nr1ejNHzE1rnVdbMf5gd+LLSH9gqWIzwIy0edvzFTjMkV7G1IvbqpbdwaFt
+       tPT5bzcnbPyzUQuCRiQXcNWVLA== }
+  end
+  let_64(:plaintext) { 'bWVzc2FnZQ==' }
+  it '::primitive must be correct' do
+    self.klass.primitive.must_equal self.primitive
+  end
+  it 'must have correct values for its constants' do
+    self.constants.each_pair do |name, value|
+      self.klass[name].must_equal value
+    end
+  end
+  it 'must generate hashes' do
+    self.klass.hash(
+      self.plaintext
+    ).to_str.must_equal self.hash
+  end
+end

data/test/sodium/hash_test.rb ADDED Viewed

@@ -0,0 +1,35 @@
+require 'test_helper'
+describe Sodium::Hash do
+  include SodiumTestHelpers
+  let(:klass)     { Sodium::Hash }
+  let_64(:plaintext) { 'bWVzc2FnZQ==' }
+  it 'must default to the SHA512 implementation' do
+    self.klass.implementation.
+      must_equal Sodium::Hash::SHA512
+  end
+  it 'must allow access to alternate implementations' do
+    self.klass.implementation(:sha256).
+      must_equal Sodium::Hash::SHA256
+  end
+  it 'must hash from the default implementation' do
+    sodium_mock_default(self.klass) do |klass, mock|
+      mock.expect :[],   0,  [ :BYTES ]
+      mock.expect :nacl, '', [ String, self.plaintext, self.plaintext.bytesize ]
+      klass.hash(self.plaintext).to_str.must_equal ''
+    end
+  end
+  it 'must raise when failing to generate a hash' do
+    sodium_stub_failure(self.klass, :nacl) do
+      lambda { self.klass.hash(self.plaintext) }.
+        must_raise Sodium::CryptoError
+    end
+  end
+end

data/test/sodium/one_time_auth/poly1305_test.rb ADDED Viewed

@@ -0,0 +1,54 @@
+require 'test_helper'
+describe Sodium::OneTimeAuth::Poly1305 do
+  include SodiumTestHelpers
+  subject { self.klass.new(self.key) }
+  let(:klass)     { Sodium::OneTimeAuth::Poly1305 }
+  let(:primitive) { :poly1305 }
+  let :constants do
+    { :BYTES    => 16,
+      :KEYBYTES => 32, }
+  end
+  let_64(:key)           { 'tZUeTVtSHOfgOei4DUwCt10xqrIYhALpO08NIDMWFB0=' }
+  let_64(:authenticator) { 'n+6StqC6SLRuLT8YZoQoFw==' }
+  let_64(:plaintext)     { 'bWVzc2FnZQ==' }
+  it '::primitive must be correct' do
+    self.klass.primitive.must_equal self.primitive
+  end
+  it 'must have correct values for its constants' do
+    self.constants.each_pair do |name, value|
+      self.klass[name].must_equal value
+    end
+  end
+  it 'must mint keys' do
+    self.klass.key.bytesize.
+      must_equal self.klass::KEYBYTES
+  end
+  it 'must generate authenticators' do
+    self.subject.one_time_auth(
+      self.plaintext
+    ).to_str.must_equal self.authenticator
+  end
+  it 'must verify authenticators' do
+    self.subject.verify(
+      self.plaintext,
+      self.authenticator
+    ).must_equal true
+  end
+  it 'must not verify forged authenticators' do
+    self.subject.verify(
+      self.plaintext,
+      self.authenticator.succ
+    ).must_equal false
+  end
+end

data/test/sodium/one_time_auth_test.rb ADDED Viewed

@@ -0,0 +1,49 @@
+require 'test_helper'
+describe Sodium::OneTimeAuth do
+  include SodiumTestHelpers
+  subject     { self.klass.new(self.key) }
+  let(:klass) { Sodium::OneTimeAuth }
+  let(:key)   { self.klass.key }
+  it 'must default to the Poly1305 implementation' do
+    self.klass.implementation.
+      must_equal Sodium::OneTimeAuth::Poly1305
+  end
+  it 'must allow access to alternate implementations' do
+    self.klass.implementation(:foo).
+      must_equal nil
+  end
+  it 'must instantiate the default implementation' do
+    self.subject.
+      must_be_kind_of Sodium::OneTimeAuth::Poly1305
+  end
+  it 'must mint keys from the default implementation' do
+    sodium_mock_default(self.klass) do |klass, mock|
+      mock.expect :[], 0, [:KEYBYTES]
+      klass.key.to_str.must_equal ''
+    end
+  end
+  it 'must raise when instantiating with an invalid key' do
+    lambda { self.klass.new(self.key.to_str[0..-2]) }.
+      must_raise Sodium::LengthError
+  end
+  it 'must raise when verifying an invalid authenticator' do
+    lambda { self.subject.verify('message', 'blaah') }.
+      must_raise Sodium::LengthError
+  end
+  it 'must raise when failing to generate an authenticator' do
+    sodium_stub_failure(self.klass, :nacl) do
+      lambda { self.subject.one_time_auth('message') }.
+        must_raise Sodium::CryptoError
+    end
+  end
+end