sym-crypt 1.0.0

data/lib/sym/crypt/data/decoder.rb

@@ -0,0 +1,31 @@
+require 'sym/crypt/errors'
+require 'base64'
+require 'zlib'
+
+module Sym
+  module Crypt
+    module Data
+      class Decoder
+        attr_accessor :data, :data_encoded, :data
+
+        def initialize(data_encoded, compress)
+          self.data_encoded = data_encoded
+          self.data         = begin
+            Base64.urlsafe_decode64(data_encoded)
+          rescue
+            data_encoded
+          end
+
+          if compress.nil? || compress # auto-guess
+            self.data = begin
+              Zlib::Inflate.inflate(data)
+            rescue Zlib::Error => e
+              data
+            end
+          end
+          self.data = Marshal.load(data)
+        end
+      end
+    end
+  end
+end

data/lib/sym/crypt/data/encoder.rb

@@ -0,0 +1,25 @@
+require 'base64'
+require 'zlib'
+
+require 'sym/crypt/configuration'
+
+module Sym
+  module Crypt
+    module Data
+      class Encoder
+        attr_accessor :data, :data_encoded
+
+        def initialize(data, compress)
+          self.data         = data
+          self.data_encoded = Marshal.dump(data)
+          self.data_encoded = Zlib::Deflate.deflate(data_encoded, compression_level) if compress
+          self.data_encoded = Base64.urlsafe_encode64(data_encoded)
+        end
+
+        def compression_level
+          Sym::Crypt::Configuration.config.compression_level
+        end
+      end
+    end
+  end
+end

data/lib/sym/crypt/data/wrapper_struct.rb

@@ -0,0 +1,44 @@
+module Sym
+  module Crypt
+    module Data
+      class WrapperStruct < Struct.new(
+        :encrypted_data, # [Blob] Binary encrypted data (possibly compressed)
+        :iv, # [String] IV used to encrypt the data
+        :cipher_name, # [String] Name of the cipher used
+        :salt, # [Integer] For password-encrypted data this is the salt
+        :version, # [Integer] Version of the cipher used
+        :compress # [Boolean] indicates if compression should be applied
+      )
+
+        VERSION = 1
+
+        attr_accessor :compressed
+
+        def initialize(
+          encrypted_data:, # [Blob] Binary encrypted data (possibly compressed)
+          iv:, # [String] IV used to encrypt the data
+          cipher_name:, # [String] Name of the cipher used
+          salt: nil, # [Integer] For password-encrypted data this is the salt
+          version: VERSION, # [Integer] Version of the cipher used
+          compress: Sym::Crypt::Configuration.config.compression_enabled
+        )
+          super(encrypted_data, iv, cipher_name, salt, version, compress)
+        end
+
+        def config
+          Sym::Crypt::Configuration.config
+        end
+
+        def serialize
+          Marshal.dump(self)
+        end
+
+        def self.deserialize(data)
+          Marshal.load(data)
+        end
+      end
+    end
+  end
+end
+
+

data/lib/sym/crypt/errors.rb

@@ -0,0 +1,14 @@
+module Sym
+  module Crypt
+    # All public exceptions of this library are here.
+    module Errors
+      class Error < StandardError; end
+
+      class NoPasswordProvided < Sym::Crypt::Errors::Error; end
+
+      class NoPrivateKeyFound < Sym::Crypt::Errors::Error; end
+
+      class NoDataProvided < Sym::Crypt::Errors::Error; end
+    end
+  end
+end

data/lib/sym/crypt/extensions/class_methods.rb

@@ -0,0 +1,15 @@
+require 'base64'
+require 'sym/crypt/cipher_handler'
+
+module Sym
+  module Crypt
+    module Extensions
+      module ClassMethods
+        def create_private_key
+          key = Sym::Crypt::NEW_CIPHER_PROC.call(Sym::Crypt::Configuration.property(:private_key_cipher)).random_key
+          ::Base64.urlsafe_encode64(key)
+        end
+      end
+    end
+  end
+end

data/lib/sym/crypt/extensions/instance_methods.rb

@@ -0,0 +1,123 @@
+require 'sym/crypt'
+require 'sym/crypt/data'
+require 'sym/crypt/cipher_handler'
+require 'openssl'
+module Sym
+  module Crypt
+    module Extensions
+      # This is the module that is really included in your class
+      # when you include +Sym::Crypt+.
+      #
+      # The module provides easy access to the encryption configuration
+      # via the +#encryption_config+ method, as well as two key
+      # methods: +#encr+ and +#decr+.
+      #
+      # Methods +#encr_password+ and +#decr_password+ provide a good
+      # example of how this module can be extended to provide more uses
+      # of various ciphers, by calling into the private +_encr+ and +_decr+
+      # methods.f
+      module InstanceMethods
+        include Sym::Crypt::Data
+        include Sym::Crypt::CipherHandler
+
+        # Expects key to be a base64 encoded key
+        def encr(data, key, iv = nil)
+          raise Sym::Crypt::Errors::NoPrivateKeyFound unless key.present?
+          raise Sym::Crypt::Errors::NoDataProvided unless data.present?
+          encrypt_data(data, encryption_config.data_cipher, iv) do |cipher_struct|
+            cipher_struct.cipher.key = decode_key(key)
+          end
+        end
+
+        # Expects key to be a base64 encoded key
+        def decr(encrypted_data, key, iv = nil)
+          raise Sym::Crypt::Errors::NoPrivateKeyFound unless key.present?
+          raise Sym::Crypt::Errors::NoDataProvided unless encrypted_data.present?
+          decrypt_data(encrypted_data, encryption_config.data_cipher, iv) do |cipher_struct|
+            cipher_struct.cipher.key = decode_key(key)
+          end
+        end
+
+        def encr_password(data, password, iv = nil)
+          raise Sym::Crypt::Errors::NoDataProvided unless data.present?
+          raise Sym::Crypt::Errors::NoPasswordProvided unless password.present?
+          encrypt_data(data, encryption_config.password_cipher, iv) do |cipher_struct|
+            key, salt                = make_password_key(cipher_struct.cipher, password)
+            cipher_struct.cipher.key = key
+            cipher_struct.salt       = salt
+          end
+        end
+
+        def decr_password(encrypted_data, password, iv = nil)
+          raise Sym::Crypt::Errors::NoDataProvided unless encrypted_data.present?
+          raise Sym::Crypt::Errors::NoPasswordProvided unless password.present?
+          decrypt_data(encrypted_data, encryption_config.password_cipher, iv) do |cipher_struct|
+            key,                     = make_password_key(cipher_struct.cipher, password, cipher_struct.salt)
+            cipher_struct.cipher.key = key
+          end
+        end
+
+        private
+
+        def encryption_config
+          Sym::Crypt::Configuration.config
+        end
+
+
+        def decode_key(encoded_key)
+          Base64.urlsafe_decode64(encoded_key)
+        rescue
+          encoded_key
+        end
+
+        def make_password_key(cipher, password, salt = nil)
+          key_len = cipher.key_len
+          salt    ||= OpenSSL::Random.random_bytes 16
+          iter    = 20000
+          digest  = OpenSSL::Digest::SHA256.new
+          key     = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iter, key_len, digest)
+          return key, salt
+        end
+
+        # Expects key to be a base64 encoded key data
+        def encrypt_data(data, cipher_name, iv = nil, &block)
+          data, compression_enabled = encode_incoming_data(data)
+          cipher_struct             = create_cipher(direction:   :encrypt,
+                                                    cipher_name: cipher_name,
+                                                    iv:          iv)
+
+          block.call(cipher_struct) if block
+
+          encrypted_data = update_cipher(cipher_struct.cipher, data)
+          wrapper_struct = WrapperStruct.new(
+            encrypted_data: encrypted_data,
+            iv:             cipher_struct.iv,
+            cipher_name:    cipher_struct.cipher.name,
+            salt:           cipher_struct.salt,
+            compress:       !compression_enabled)
+          encode(wrapper_struct, false)
+        end
+
+        # Expects key to be a base64 encoded key data
+        def decrypt_data(encoded_data, cipher_name, iv = nil, &block)
+          wrapper_struct = decode(encoded_data)
+          cipher_struct  = create_cipher(cipher_name: cipher_name,
+                                         iv:          wrapper_struct.iv || iv,
+                                         direction:   :decrypt,
+                                         salt:        wrapper_struct.salt)
+          block.call(cipher_struct) if block
+          decode(update_cipher(cipher_struct.cipher, wrapper_struct.encrypted_data))
+        end
+
+
+        def encode_incoming_data(data)
+          compression_enabled = !data.respond_to?(:size) || (data.size > 100 && encryption_config.compression_enabled)
+          data                = encode(data, compression_enabled)
+          [data, compression_enabled]
+        end
+
+      end
+    end
+  end
+end
+

data/lib/sym/crypt/version.rb

@@ -0,0 +1,17 @@
+module Sym
+  module Crypt
+  VERSION     = '1.0.0'
+  DESCRIPTION = <<-eof
+sym-crypt is a core encryption module for the symmetric encryption app 
+(and a corresponding gem) "sym", and contains the main base serialization, 
+encryption, encoding, compression routines.
+
+sym-crypt uses a symmetric 256-bit key with the AES-256-CBC cipher, which is the 
+same cipher as the one used by the US Government. For encyption with a 
+password sym-crypt uses AES-128-CBC cipher. 
+
+The resulting data is zlib-compressed and base64-encoded. The keys are also 
+base64 encoded for easy copying/pasting/etc.
+  eof
+  end
+end

data/sym-crypt.gemspec

@@ -0,0 +1,37 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'sym/crypt/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'sym-crypt'
+  spec.version       = Sym::Crypt::VERSION
+  spec.authors       = ['Konstantin Gredeskoul']
+  spec.email         = %w(kigster@gmail.com)
+
+  spec.summary       = %q{Base encryption/decryption core of the encryption app Sym. If you need simple convenience wrappers around symmetric encryption provided by OpenSSL with sensible defaults, this gem is for you. If you require a CLI tool, please take a look at the gem 'sym'.}
+
+  spec.description   = Sym::Crypt::DESCRIPTION
+
+  spec.homepage      = 'https://github.com/kigster/sym-crypt'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+  spec.required_ruby_version = '>= 2.2'
+
+  #spec.add_dependency 'activesupport'
+  #spec.add_dependency 'highline', '~> 1.7'
+  #spec.add_dependency 'coin', '~> 0.1.8'
+  #spec.add_dependency 'dalli', '~> 2.7'
+
+  spec.add_development_dependency 'codeclimate-test-reporter', '~> 1.0'
+  spec.add_development_dependency 'simplecov'
+  spec.add_development_dependency 'irbtools'
+  spec.add_development_dependency 'bundler', '~> 1'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'rspec', '~> 3'
+  spec.add_development_dependency 'rspec-its'
+  spec.add_development_dependency 'yard'
+end

metadata

@@ -0,0 +1,189 @@
+--- !ruby/object:Gem::Specification
+name: sym-crypt
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Konstantin Gredeskoul
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2017-07-31 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: codeclimate-test-reporter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: irbtools
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3'
+- !ruby/object:Gem::Dependency
+  name: rspec-its
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: "sym-crypt is a core encryption module for the symmetric encryption app
+  \n(and a corresponding gem) \"sym\", and contains the main base serialization, \nencryption,
+  encoding, compression routines.\n\nsym-crypt uses a symmetric 256-bit key with the
+  AES-256-CBC cipher, which is the \nsame cipher as the one used by the US Government.
+  For encyption with a \npassword sym-crypt uses AES-128-CBC cipher. \n\nThe resulting
+  data is zlib-compressed and base64-encoded. The keys are also \nbase64 encoded for
+  easy copying/pasting/etc.\n"
+email:
+- kigster@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".codeclimate.yml"
+- ".document"
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- ".yardopts"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/sym/crypt.rb
+- lib/sym/crypt/cipher_handler.rb
+- lib/sym/crypt/configuration.rb
+- lib/sym/crypt/data.rb
+- lib/sym/crypt/data/decoder.rb
+- lib/sym/crypt/data/encoder.rb
+- lib/sym/crypt/data/wrapper_struct.rb
+- lib/sym/crypt/errors.rb
+- lib/sym/crypt/extensions/class_methods.rb
+- lib/sym/crypt/extensions/instance_methods.rb
+- lib/sym/crypt/version.rb
+- sym-crypt.gemspec
+homepage: https://github.com/kigster/sym-crypt
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.2'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.11
+signing_key: 
+specification_version: 4
+summary: Base encryption/decryption core of the encryption app Sym. If you need simple
+  convenience wrappers around symmetric encryption provided by OpenSSL with sensible
+  defaults, this gem is for you. If you require a CLI tool, please take a look at
+  the gem 'sym'.
+test_files: []