x25519-termux 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +15 -0
- data/.rspec +5 -0
- data/.rubocop.yml +38 -0
- data/.travis.yml +21 -0
- data/CODE_OF_CONDUCT.md +74 -0
- data/Gemfile +13 -0
- data/LICENSE +32 -0
- data/README.md +301 -0
- data/Rakefile +25 -0
- data/appveyor.yml +20 -0
- data/ext/extconf_helpers.rb +20 -0
- data/ext/x25519_precomputed/cputest.c +74 -0
- data/ext/x25519_precomputed/extconf.rb +19 -0
- data/ext/x25519_precomputed/fp25519_x64.c +943 -0
- data/ext/x25519_precomputed/fp25519_x64.h +122 -0
- data/ext/x25519_precomputed/table_ladder_x25519.h +544 -0
- data/ext/x25519_precomputed/x25519_precomputed.c +99 -0
- data/ext/x25519_precomputed/x25519_precomputed.h +58 -0
- data/ext/x25519_precomputed/x25519_x64.c +251 -0
- data/ext/x25519_ref10/api.h +2 -0
- data/ext/x25519_ref10/base.c +9 -0
- data/ext/x25519_ref10/extconf.rb +13 -0
- data/ext/x25519_ref10/fe.c +912 -0
- data/ext/x25519_ref10/fe.h +44 -0
- data/ext/x25519_ref10/montgomery.h +140 -0
- data/ext/x25519_ref10/pow225521.h +160 -0
- data/ext/x25519_ref10/scalarmult.c +47 -0
- data/ext/x25519_ref10/x25519_ref10.c +82 -0
- data/ext/x25519_ref10/x25519_ref10.h +15 -0
- data/lib/x25519-termux.rb +99 -0
- data/lib/x25519-termux/montgomery_u.rb +34 -0
- data/lib/x25519-termux/scalar.rb +56 -0
- data/lib/x25519-termux/test_vectors.rb +38 -0
- data/lib/x25519-termux/version.rb +5 -0
- data/x25519-termux.gemspec +30 -0
- metadata +97 -0
@@ -0,0 +1,15 @@
|
|
1
|
+
#ifndef X25519_REF10_H
|
2
|
+
#define X25519_REF10_H
|
3
|
+
|
4
|
+
#include <stdint.h>
|
5
|
+
|
6
|
+
#define X25519_KEYSIZE_BYTES 32
|
7
|
+
typedef uint8_t X25519_KEY[X25519_KEYSIZE_BYTES];
|
8
|
+
|
9
|
+
/* Fixed-base scalar multiplication */
|
10
|
+
int x25519_ref10_scalarmult(uint8_t *q, const uint8_t *n, const uint8_t *p);
|
11
|
+
|
12
|
+
/* Variable-base scalar multiplication */
|
13
|
+
int x25519_ref10_scalarmult_base(uint8_t *q, const uint8_t *n);
|
14
|
+
|
15
|
+
#endif /* X25519_REF10_H */
|
@@ -0,0 +1,99 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "securerandom"
|
4
|
+
|
5
|
+
require "x25519-termux/version"
|
6
|
+
|
7
|
+
require "x25519-termux/montgomery_u"
|
8
|
+
require "x25519-termux/scalar"
|
9
|
+
require "x25519-termux/test_vectors"
|
10
|
+
|
11
|
+
# Native extension backends
|
12
|
+
require "x25519_ref10"
|
13
|
+
# require "x25519_precomputed"
|
14
|
+
|
15
|
+
module X25519::Provider::Precomputed
|
16
|
+
def self.available?; false; end
|
17
|
+
end
|
18
|
+
|
19
|
+
# The X25519 elliptic curve Diffie-Hellman algorithm
|
20
|
+
module X25519
|
21
|
+
module_function
|
22
|
+
|
23
|
+
# Size of an X25519 key (public or private) in bytes
|
24
|
+
KEY_SIZE = 32
|
25
|
+
|
26
|
+
# Raised when we detect a degenerate (i.e. all-zero) public key
|
27
|
+
InvalidKeyError = Class.new(StandardError)
|
28
|
+
|
29
|
+
# Raised when the built-in self-test fails
|
30
|
+
SelfTestFailure = Class.new(StandardError)
|
31
|
+
|
32
|
+
class << self
|
33
|
+
# Obtain the backend provider module
|
34
|
+
attr_accessor :provider
|
35
|
+
end
|
36
|
+
|
37
|
+
# ref10 is the default provider
|
38
|
+
self.provider = X25519::Provider::Ref10
|
39
|
+
|
40
|
+
# X25519::Precomputed requires a 4th generation Intel Core CPU or newer,
|
41
|
+
# so only enable it if we detect we're on a supported platform. Otherwise,
|
42
|
+
# fall back to the ref10 portable C implementation.
|
43
|
+
self.provider = X25519::Provider::Precomputed if X25519::Provider::Precomputed.available?
|
44
|
+
|
45
|
+
# Raw fixed-base scalar multiplication function that acts directly on
|
46
|
+
# bytestrings. Calculates the coordinate of the elliptic curve point that
|
47
|
+
# represents the public key for a given scalar.
|
48
|
+
#
|
49
|
+
# @param scalar_bytes [String] a serialized private scalar
|
50
|
+
#
|
51
|
+
# @return [String] compressed Montgomery-u coordinate of the resulting point
|
52
|
+
def calculate_public_key(scalar_bytes)
|
53
|
+
validate_key_bytes(scalar_bytes)
|
54
|
+
provider.scalarmult_base(scalar_bytes)
|
55
|
+
end
|
56
|
+
|
57
|
+
# Raw Diffie-Hellman function that acts directly on bytestrings. An
|
58
|
+
# alternative to the object-oriented API
|
59
|
+
#
|
60
|
+
# @param scalar_bytes [String] a serialized private scalar
|
61
|
+
# @param montgomery_u_bytes [String] a point we wish to multiply by the scalar
|
62
|
+
#
|
63
|
+
# @return [String] resulting point, serialized as bytes
|
64
|
+
def diffie_hellman(scalar_bytes, montgomery_u_bytes)
|
65
|
+
validate_key_bytes(scalar_bytes)
|
66
|
+
validate_key_bytes(montgomery_u_bytes)
|
67
|
+
|
68
|
+
# The point located at a Montgomery-u coordinate of zero always returns
|
69
|
+
# the point at zero regardless of which scalar it's multiplied with
|
70
|
+
raise InvalidKeyError, "degenerate public key" if montgomery_u_bytes == ("\0" * KEY_SIZE)
|
71
|
+
|
72
|
+
provider.scalarmult(scalar_bytes, montgomery_u_bytes)
|
73
|
+
end
|
74
|
+
|
75
|
+
# Ensure a serialized key meets the requirements
|
76
|
+
def validate_key_bytes(key_bytes)
|
77
|
+
raise TypeError, "expected String, got #{key_bytes.class}" unless key_bytes.is_a?(String)
|
78
|
+
return true if key_bytes.bytesize == KEY_SIZE
|
79
|
+
raise ArgumentError, "expected #{KEY_SIZE}-byte String, got #{key_bytes.bytesize}"
|
80
|
+
end
|
81
|
+
|
82
|
+
# Perform a self-test to ensure the selected provider is working
|
83
|
+
def self_test
|
84
|
+
X25519::TestVectors::VARIABLE_BASE.each do |v|
|
85
|
+
shared_secret = provider.scalarmult([v.scalar].pack("H*"), [v.input_coord].pack("H*"))
|
86
|
+
raise SelfTestFailure, "self test failed!" unless shared_secret.unpack("H*").first == v.output_coord
|
87
|
+
end
|
88
|
+
|
89
|
+
X25519::TestVectors::FIXED_BASE.each do |v|
|
90
|
+
public_key = provider.scalarmult_base([v.scalar].pack("H*"))
|
91
|
+
raise SelfTestFailure, "self test failed!" unless public_key.unpack("H*").first == v.output_coord
|
92
|
+
end
|
93
|
+
|
94
|
+
true
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
# Automatically run self-test when library loads
|
99
|
+
X25519.self_test
|
@@ -0,0 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module X25519
|
4
|
+
# X25519 public keys and shared secrets
|
5
|
+
#
|
6
|
+
# Montgomery-u coordinates of points on the elliptic curve used by X25519
|
7
|
+
# (a.k.a. Curve25519)
|
8
|
+
class MontgomeryU
|
9
|
+
# Create an object representing a Montgomery-u coordinate from a bytestring
|
10
|
+
#
|
11
|
+
# @param bytes [String] 32-byte compressed Montgomery-u coordinate
|
12
|
+
def initialize(bytes)
|
13
|
+
X25519.validate_key_bytes(bytes)
|
14
|
+
|
15
|
+
# The point located at a Montgomery-u coordinate of zero always returns
|
16
|
+
# the point at zero regardless of which scalar it's multiplied with
|
17
|
+
raise InvalidKeyError, "degenerate public key" if bytes == ("\0" * KEY_SIZE)
|
18
|
+
|
19
|
+
@bytes = bytes
|
20
|
+
end
|
21
|
+
|
22
|
+
# Return a compressed Montgomery-u coordinate serialized as a bytestring
|
23
|
+
#
|
24
|
+
# @return [String] bytestring serialization of a Montgomery-u coordinate
|
25
|
+
def to_bytes
|
26
|
+
@bytes
|
27
|
+
end
|
28
|
+
|
29
|
+
# Show hex representation of serialized coordinate in string inspection
|
30
|
+
def inspect
|
31
|
+
"#<#{self.class}:#{@bytes.unpack('H*').first}>"
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,56 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module X25519
|
4
|
+
# X25519 private keys
|
5
|
+
#
|
6
|
+
# Scalars are the integer component of scalar multiplication, multiplied
|
7
|
+
# against an elliptic curve point.
|
8
|
+
class Scalar
|
9
|
+
# Securely generate a random scalar
|
10
|
+
def self.generate
|
11
|
+
new(SecureRandom.random_bytes(X25519::KEY_SIZE))
|
12
|
+
end
|
13
|
+
|
14
|
+
# Create an X25519 scalar object from a bytestring
|
15
|
+
#
|
16
|
+
# @param bytes [String] 32-byte random secret scalar
|
17
|
+
def initialize(bytes)
|
18
|
+
X25519.validate_key_bytes(bytes)
|
19
|
+
@scalar_bytes = bytes
|
20
|
+
end
|
21
|
+
|
22
|
+
# Variable-base scalar multiplication a.k.a. Diffie-Hellman
|
23
|
+
#
|
24
|
+
# This can be used to obtain a shared secret from a public key
|
25
|
+
#
|
26
|
+
# @param montgomery_u [X25519::MontgomeryU] coordinate of the public key/point to perform D-H with
|
27
|
+
#
|
28
|
+
# @return [X25519::MontgomeryU] resulting point (i.e. D-H shared secret)
|
29
|
+
def diffie_hellman(montgomery_u)
|
30
|
+
raise TypeError, "expected X25519::MontgomeryU, got #{montgomery_u}" unless montgomery_u.is_a?(MontgomeryU)
|
31
|
+
MontgomeryU.new(X25519.diffie_hellman(@scalar_bytes, montgomery_u.to_bytes))
|
32
|
+
end
|
33
|
+
alias multiply diffie_hellman
|
34
|
+
|
35
|
+
# Fixed-base scalar multiplication. Calculates a public key from a
|
36
|
+
# private scalar
|
37
|
+
#
|
38
|
+
# @return [X25519::MontgomeryU] resulting point (i.e. public key)
|
39
|
+
def public_key
|
40
|
+
MontgomeryU.new(X25519.calculate_public_key(@scalar_bytes))
|
41
|
+
end
|
42
|
+
alias multiply_base public_key
|
43
|
+
|
44
|
+
# Return a bytestring representation of this scalar
|
45
|
+
#
|
46
|
+
# @return [String] scalar converted to a bytestring
|
47
|
+
def to_bytes
|
48
|
+
@scalar_bytes
|
49
|
+
end
|
50
|
+
|
51
|
+
# String inspection that does not leak the private scalar
|
52
|
+
def inspect
|
53
|
+
to_s
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module X25519
|
4
|
+
# Known-good inputs and outputs for X25519 functions
|
5
|
+
module TestVectors
|
6
|
+
# Test vector for variable-base scalar multiplication
|
7
|
+
VariableBaseVector = Struct.new(:scalar, :input_coord, :output_coord)
|
8
|
+
|
9
|
+
# X25519 variable-base test vectors from RFC 7748
|
10
|
+
VARIABLE_BASE = [
|
11
|
+
VariableBaseVector.new(
|
12
|
+
"a546e36bf0527c9d3b16154b82465edd62144c0ac1fc5a18506a2244ba449ac4",
|
13
|
+
"e6db6867583030db3594c1a424b15f7c726624ec26b3353b10a903a6d0ab1c4c",
|
14
|
+
"c3da55379de9c6908e94ea4df28d084f32eccf03491c71f754b4075577a28552"
|
15
|
+
),
|
16
|
+
VariableBaseVector.new(
|
17
|
+
"4b66e9d4d1b4673c5ad22691957d6af5c11b6421e0ea01d42ca4169e7918ba0d",
|
18
|
+
"e5210f12786811d3f4b7959d0538ae2c31dbe7106fc03c3efc4cd549c715a493",
|
19
|
+
"95cbde9476e8907d7aade45cb4b873f88b595a68799fa152e6f8f7647aac7957"
|
20
|
+
)
|
21
|
+
].freeze
|
22
|
+
|
23
|
+
# Test vector for fixed-base scalar multiplication
|
24
|
+
FixedBaseVector = Struct.new(:scalar, :output_coord)
|
25
|
+
|
26
|
+
# X25519 fixed-base test vectors, generated via RbNaCl/libsodium
|
27
|
+
FIXED_BASE = [
|
28
|
+
FixedBaseVector.new(
|
29
|
+
"a546e36bf0527c9d3b16154b82465edd62144c0ac1fc5a18506a2244ba449ac4",
|
30
|
+
"1c9fd88f45606d932a80c71824ae151d15d73e77de38e8e000852e614fae7019"
|
31
|
+
),
|
32
|
+
FixedBaseVector.new(
|
33
|
+
"4b66e9d4d1b4673c5ad22691957d6af5c11b6421e0ea01d42ca4169e7918ba0d",
|
34
|
+
"ff63fe57bfbf43fa3f563628b149af704d3db625369c49983650347a6a71e00e"
|
35
|
+
)
|
36
|
+
].freeze
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require File.expand_path('lib/x25519-termux/version', __dir__)
|
4
|
+
|
5
|
+
Gem::Specification.new do |spec|
|
6
|
+
spec.name = 'x25519-termux'
|
7
|
+
spec.version = X25519::VERSION
|
8
|
+
spec.authors = ['Thomas Cowan']
|
9
|
+
spec.email = ['thomas@corda.company']
|
10
|
+
spec.summary = "Public key cryptography library providing the X25519 D-H function"
|
11
|
+
spec.description = <<-DESCRIPTION.strip.gsub(/\s+/, ' ')
|
12
|
+
An efficient public key cryptography library for Ruby providing key
|
13
|
+
exchange/agreement via the X25519 (a.k.a. Curve25519) Elliptic Curve
|
14
|
+
Diffie-Hellman function as described in RFC 7748. Forked branch of
|
15
|
+
crypto-rb/x25519 modified to work on termux or other platforms where
|
16
|
+
compiling the precomputed C extension fails.
|
17
|
+
DESCRIPTION
|
18
|
+
spec.date = '2020-04-21'
|
19
|
+
spec.homepage = 'https://github.com/tpcowan/x25519'
|
20
|
+
spec.license = 'BSD-3-Clause' # https://spdx.org/licenses/BSD-3-Clause.html
|
21
|
+
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
22
|
+
spec.bindir = 'exe'
|
23
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
24
|
+
spec.require_paths = ['lib']
|
25
|
+
spec.platform = Gem::Platform::RUBY
|
26
|
+
spec.extensions = ['ext/x25519_ref10/extconf.rb'] # ['ext/x25519_precomputed/extconf.rb']
|
27
|
+
|
28
|
+
spec.required_ruby_version = '>= 2.2.2'
|
29
|
+
spec.add_development_dependency 'bundler', '~> 2.0'
|
30
|
+
end
|
metadata
ADDED
@@ -0,0 +1,97 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: x25519-termux
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Thomas Cowan
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2020-04-21 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '2.0'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '2.0'
|
27
|
+
description: An efficient public key cryptography library for Ruby providing key exchange/agreement
|
28
|
+
via the X25519 (a.k.a. Curve25519) Elliptic Curve Diffie-Hellman function as described
|
29
|
+
in RFC 7748. Forked branch of crypto-rb/x25519 modified to work on termux or other
|
30
|
+
platforms where compiling the precomputed C extension fails.
|
31
|
+
email:
|
32
|
+
- thomas@corda.company
|
33
|
+
executables: []
|
34
|
+
extensions:
|
35
|
+
- ext/x25519_ref10/extconf.rb
|
36
|
+
extra_rdoc_files: []
|
37
|
+
files:
|
38
|
+
- ".gitignore"
|
39
|
+
- ".rspec"
|
40
|
+
- ".rubocop.yml"
|
41
|
+
- ".travis.yml"
|
42
|
+
- CODE_OF_CONDUCT.md
|
43
|
+
- Gemfile
|
44
|
+
- LICENSE
|
45
|
+
- README.md
|
46
|
+
- Rakefile
|
47
|
+
- appveyor.yml
|
48
|
+
- ext/extconf_helpers.rb
|
49
|
+
- ext/x25519_precomputed/cputest.c
|
50
|
+
- ext/x25519_precomputed/extconf.rb
|
51
|
+
- ext/x25519_precomputed/fp25519_x64.c
|
52
|
+
- ext/x25519_precomputed/fp25519_x64.h
|
53
|
+
- ext/x25519_precomputed/table_ladder_x25519.h
|
54
|
+
- ext/x25519_precomputed/x25519_precomputed.c
|
55
|
+
- ext/x25519_precomputed/x25519_precomputed.h
|
56
|
+
- ext/x25519_precomputed/x25519_x64.c
|
57
|
+
- ext/x25519_ref10/api.h
|
58
|
+
- ext/x25519_ref10/base.c
|
59
|
+
- ext/x25519_ref10/extconf.rb
|
60
|
+
- ext/x25519_ref10/fe.c
|
61
|
+
- ext/x25519_ref10/fe.h
|
62
|
+
- ext/x25519_ref10/montgomery.h
|
63
|
+
- ext/x25519_ref10/pow225521.h
|
64
|
+
- ext/x25519_ref10/scalarmult.c
|
65
|
+
- ext/x25519_ref10/x25519_ref10.c
|
66
|
+
- ext/x25519_ref10/x25519_ref10.h
|
67
|
+
- lib/x25519-termux.rb
|
68
|
+
- lib/x25519-termux/montgomery_u.rb
|
69
|
+
- lib/x25519-termux/scalar.rb
|
70
|
+
- lib/x25519-termux/test_vectors.rb
|
71
|
+
- lib/x25519-termux/version.rb
|
72
|
+
- x25519-termux.gemspec
|
73
|
+
homepage: https://github.com/tpcowan/x25519
|
74
|
+
licenses:
|
75
|
+
- BSD-3-Clause
|
76
|
+
metadata: {}
|
77
|
+
post_install_message:
|
78
|
+
rdoc_options: []
|
79
|
+
require_paths:
|
80
|
+
- lib
|
81
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
82
|
+
requirements:
|
83
|
+
- - ">="
|
84
|
+
- !ruby/object:Gem::Version
|
85
|
+
version: 2.2.2
|
86
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - ">="
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '0'
|
91
|
+
requirements: []
|
92
|
+
rubyforge_project:
|
93
|
+
rubygems_version: 2.7.8
|
94
|
+
signing_key:
|
95
|
+
specification_version: 4
|
96
|
+
summary: Public key cryptography library providing the X25519 D-H function
|
97
|
+
test_files: []
|