x25519-termux 1.1.0

data/ext/x25519_ref10/x25519_ref10.h

@@ -0,0 +1,15 @@
+#ifndef X25519_REF10_H
+#define X25519_REF10_H
+
+#include <stdint.h>
+
+#define X25519_KEYSIZE_BYTES 32
+typedef uint8_t X25519_KEY[X25519_KEYSIZE_BYTES];
+
+/* Fixed-base scalar multiplication */
+int x25519_ref10_scalarmult(uint8_t *q, const uint8_t *n, const uint8_t *p);
+
+/* Variable-base scalar multiplication */
+int x25519_ref10_scalarmult_base(uint8_t *q, const uint8_t *n);
+
+#endif /* X25519_REF10_H */

data/lib/x25519-termux.rb

@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+
+require "securerandom"
+
+require "x25519-termux/version"
+
+require "x25519-termux/montgomery_u"
+require "x25519-termux/scalar"
+require "x25519-termux/test_vectors"
+
+# Native extension backends
+require "x25519_ref10"
+# require "x25519_precomputed"
+
+module X25519::Provider::Precomputed
+  def self.available?; false; end
+end
+
+# The X25519 elliptic curve Diffie-Hellman algorithm
+module X25519
+  module_function
+
+  # Size of an X25519 key (public or private) in bytes
+  KEY_SIZE = 32
+
+  # Raised when we detect a degenerate (i.e. all-zero) public key
+  InvalidKeyError = Class.new(StandardError)
+
+  # Raised when the built-in self-test fails
+  SelfTestFailure = Class.new(StandardError)
+
+  class << self
+    # Obtain the backend provider module
+    attr_accessor :provider
+  end
+
+  # ref10 is the default provider
+  self.provider = X25519::Provider::Ref10
+
+  # X25519::Precomputed requires a 4th generation Intel Core CPU or newer,
+  # so only enable it if we detect we're on a supported platform. Otherwise,
+  # fall back to the ref10 portable C implementation.
+  self.provider = X25519::Provider::Precomputed if X25519::Provider::Precomputed.available?
+
+  # Raw fixed-base scalar multiplication function that acts directly on
+  # bytestrings. Calculates the coordinate of the elliptic curve point that
+  # represents the public key for a given scalar.
+  #
+  # @param scalar_bytes [String] a serialized private scalar
+  #
+  # @return [String] compressed Montgomery-u coordinate of the resulting point
+  def calculate_public_key(scalar_bytes)
+    validate_key_bytes(scalar_bytes)
+    provider.scalarmult_base(scalar_bytes)
+  end
+
+  # Raw Diffie-Hellman function that acts directly on bytestrings. An
+  # alternative to the object-oriented API
+  #
+  # @param scalar_bytes [String] a serialized private scalar
+  # @param montgomery_u_bytes [String] a point we wish to multiply by the scalar
+  #
+  # @return [String] resulting point, serialized as bytes
+  def diffie_hellman(scalar_bytes, montgomery_u_bytes)
+    validate_key_bytes(scalar_bytes)
+    validate_key_bytes(montgomery_u_bytes)
+
+    # The point located at a Montgomery-u coordinate of zero always returns
+    # the point at zero regardless of which scalar it's multiplied with
+    raise InvalidKeyError, "degenerate public key" if montgomery_u_bytes == ("\0" * KEY_SIZE)
+
+    provider.scalarmult(scalar_bytes, montgomery_u_bytes)
+  end
+
+  # Ensure a serialized key meets the requirements
+  def validate_key_bytes(key_bytes)
+    raise TypeError, "expected String, got #{key_bytes.class}" unless key_bytes.is_a?(String)
+    return true if key_bytes.bytesize == KEY_SIZE
+    raise ArgumentError, "expected #{KEY_SIZE}-byte String, got #{key_bytes.bytesize}"
+  end
+
+  # Perform a self-test to ensure the selected provider is working
+  def self_test
+    X25519::TestVectors::VARIABLE_BASE.each do |v|
+      shared_secret = provider.scalarmult([v.scalar].pack("H*"), [v.input_coord].pack("H*"))
+      raise SelfTestFailure, "self test failed!" unless shared_secret.unpack("H*").first == v.output_coord
+    end
+
+    X25519::TestVectors::FIXED_BASE.each do |v|
+      public_key = provider.scalarmult_base([v.scalar].pack("H*"))
+      raise SelfTestFailure, "self test failed!" unless public_key.unpack("H*").first == v.output_coord
+    end
+
+    true
+  end
+end
+
+# Automatically run self-test when library loads
+X25519.self_test

data/lib/x25519-termux/montgomery_u.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module X25519
+  # X25519 public keys and shared secrets
+  #
+  # Montgomery-u coordinates of points on the elliptic curve used by X25519
+  # (a.k.a. Curve25519)
+  class MontgomeryU
+    # Create an object representing a Montgomery-u coordinate from a bytestring
+    #
+    # @param bytes [String] 32-byte compressed Montgomery-u coordinate
+    def initialize(bytes)
+      X25519.validate_key_bytes(bytes)
+
+      # The point located at a Montgomery-u coordinate of zero always returns
+      # the point at zero regardless of which scalar it's multiplied with
+      raise InvalidKeyError, "degenerate public key" if bytes == ("\0" * KEY_SIZE)
+
+      @bytes = bytes
+    end
+
+    # Return a compressed Montgomery-u coordinate serialized as a bytestring
+    #
+    # @return [String] bytestring serialization of a Montgomery-u coordinate
+    def to_bytes
+      @bytes
+    end
+
+    # Show hex representation of serialized coordinate in string inspection
+    def inspect
+      "#<#{self.class}:#{@bytes.unpack('H*').first}>"
+    end
+  end
+end

data/lib/x25519-termux/scalar.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+module X25519
+  # X25519 private keys
+  #
+  # Scalars are the integer component of scalar multiplication, multiplied
+  # against an elliptic curve point.
+  class Scalar
+    # Securely generate a random scalar
+    def self.generate
+      new(SecureRandom.random_bytes(X25519::KEY_SIZE))
+    end
+
+    # Create an X25519 scalar object from a bytestring
+    #
+    # @param bytes [String] 32-byte random secret scalar
+    def initialize(bytes)
+      X25519.validate_key_bytes(bytes)
+      @scalar_bytes = bytes
+    end
+
+    # Variable-base scalar multiplication a.k.a. Diffie-Hellman
+    #
+    # This can be used to obtain a shared secret from a public key
+    #
+    # @param montgomery_u [X25519::MontgomeryU] coordinate of the public key/point to perform D-H with
+    #
+    # @return [X25519::MontgomeryU] resulting point (i.e. D-H shared secret)
+    def diffie_hellman(montgomery_u)
+      raise TypeError, "expected X25519::MontgomeryU, got #{montgomery_u}" unless montgomery_u.is_a?(MontgomeryU)
+      MontgomeryU.new(X25519.diffie_hellman(@scalar_bytes, montgomery_u.to_bytes))
+    end
+    alias multiply diffie_hellman
+
+    # Fixed-base scalar multiplication. Calculates a public key from a
+    # private scalar
+    #
+    # @return [X25519::MontgomeryU] resulting point (i.e. public key)
+    def public_key
+      MontgomeryU.new(X25519.calculate_public_key(@scalar_bytes))
+    end
+    alias multiply_base public_key
+
+    # Return a bytestring representation of this scalar
+    #
+    # @return [String] scalar converted to a bytestring
+    def to_bytes
+      @scalar_bytes
+    end
+
+    # String inspection that does not leak the private scalar
+    def inspect
+      to_s
+    end
+  end
+end

data/lib/x25519-termux/test_vectors.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module X25519
+  # Known-good inputs and outputs for X25519 functions
+  module TestVectors
+    # Test vector for variable-base scalar multiplication
+    VariableBaseVector = Struct.new(:scalar, :input_coord, :output_coord)
+
+    # X25519 variable-base test vectors from RFC 7748
+    VARIABLE_BASE = [
+      VariableBaseVector.new(
+        "a546e36bf0527c9d3b16154b82465edd62144c0ac1fc5a18506a2244ba449ac4",
+        "e6db6867583030db3594c1a424b15f7c726624ec26b3353b10a903a6d0ab1c4c",
+        "c3da55379de9c6908e94ea4df28d084f32eccf03491c71f754b4075577a28552"
+      ),
+      VariableBaseVector.new(
+        "4b66e9d4d1b4673c5ad22691957d6af5c11b6421e0ea01d42ca4169e7918ba0d",
+        "e5210f12786811d3f4b7959d0538ae2c31dbe7106fc03c3efc4cd549c715a493",
+        "95cbde9476e8907d7aade45cb4b873f88b595a68799fa152e6f8f7647aac7957"
+      )
+    ].freeze
+
+    # Test vector for fixed-base scalar multiplication
+    FixedBaseVector = Struct.new(:scalar, :output_coord)
+
+    # X25519 fixed-base test vectors, generated via RbNaCl/libsodium
+    FIXED_BASE = [
+      FixedBaseVector.new(
+        "a546e36bf0527c9d3b16154b82465edd62144c0ac1fc5a18506a2244ba449ac4",
+        "1c9fd88f45606d932a80c71824ae151d15d73e77de38e8e000852e614fae7019"
+      ),
+      FixedBaseVector.new(
+        "4b66e9d4d1b4673c5ad22691957d6af5c11b6421e0ea01d42ca4169e7918ba0d",
+        "ff63fe57bfbf43fa3f563628b149af704d3db625369c49983650347a6a71e00e"
+      )
+    ].freeze
+  end
+end

data/lib/x25519-termux/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module X25519
+  VERSION = "1.1.0".freeze
+end

data/x25519-termux.gemspec

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+require File.expand_path('lib/x25519-termux/version', __dir__)
+
+Gem::Specification.new do |spec|
+  spec.name          = 'x25519-termux'
+  spec.version       = X25519::VERSION
+  spec.authors       = ['Thomas Cowan']
+  spec.email         = ['thomas@corda.company']
+  spec.summary       = "Public key cryptography library providing the X25519 D-H function"
+  spec.description = <<-DESCRIPTION.strip.gsub(/\s+/, ' ')
+    An efficient public key cryptography library for Ruby providing key
+    exchange/agreement via the X25519 (a.k.a. Curve25519) Elliptic Curve
+    Diffie-Hellman function as described in RFC 7748. Forked branch of
+    crypto-rb/x25519 modified to work on termux or other platforms where
+    compiling the precomputed C extension fails.
+  DESCRIPTION
+  spec.date          = '2020-04-21'
+  spec.homepage      = 'https://github.com/tpcowan/x25519'
+  spec.license       = 'BSD-3-Clause' # https://spdx.org/licenses/BSD-3-Clause.html
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+  spec.platform      = Gem::Platform::RUBY
+  spec.extensions    = ['ext/x25519_ref10/extconf.rb'] # ['ext/x25519_precomputed/extconf.rb']
+
+  spec.required_ruby_version = '>= 2.2.2'
+  spec.add_development_dependency 'bundler', '~> 2.0'
+end

metadata

@@ -0,0 +1,97 @@
+--- !ruby/object:Gem::Specification
+name: x25519-termux
+version: !ruby/object:Gem::Version
+  version: 1.1.0
+platform: ruby
+authors:
+- Thomas Cowan
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2020-04-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+description: An efficient public key cryptography library for Ruby providing key exchange/agreement
+  via the X25519 (a.k.a. Curve25519) Elliptic Curve Diffie-Hellman function as described
+  in RFC 7748. Forked branch of crypto-rb/x25519 modified to work on termux or other
+  platforms where compiling the precomputed C extension fails.
+email:
+- thomas@corda.company
+executables: []
+extensions:
+- ext/x25519_ref10/extconf.rb
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- appveyor.yml
+- ext/extconf_helpers.rb
+- ext/x25519_precomputed/cputest.c
+- ext/x25519_precomputed/extconf.rb
+- ext/x25519_precomputed/fp25519_x64.c
+- ext/x25519_precomputed/fp25519_x64.h
+- ext/x25519_precomputed/table_ladder_x25519.h
+- ext/x25519_precomputed/x25519_precomputed.c
+- ext/x25519_precomputed/x25519_precomputed.h
+- ext/x25519_precomputed/x25519_x64.c
+- ext/x25519_ref10/api.h
+- ext/x25519_ref10/base.c
+- ext/x25519_ref10/extconf.rb
+- ext/x25519_ref10/fe.c
+- ext/x25519_ref10/fe.h
+- ext/x25519_ref10/montgomery.h
+- ext/x25519_ref10/pow225521.h
+- ext/x25519_ref10/scalarmult.c
+- ext/x25519_ref10/x25519_ref10.c
+- ext/x25519_ref10/x25519_ref10.h
+- lib/x25519-termux.rb
+- lib/x25519-termux/montgomery_u.rb
+- lib/x25519-termux/scalar.rb
+- lib/x25519-termux/test_vectors.rb
+- lib/x25519-termux/version.rb
+- x25519-termux.gemspec
+homepage: https://github.com/tpcowan/x25519
+licenses:
+- BSD-3-Clause
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.2.2
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.8
+signing_key: 
+specification_version: 4
+summary: Public key cryptography library providing the X25519 D-H function
+test_files: []