RubyGems - x25519 - Versions diffs - 1.0.5 → 1.0.9 - Mend

x25519 1.0.5 → 1.0.9

Files changed (22) hide show

checksums.yaml +4 -4
data/.github/workflows/ci.yml +42 -0
data/.rubocop.yml +1 -1
data/CHANGELOG.md +90 -0
data/Gemfile +2 -2
data/LICENSE +32 -165
data/README.md +35 -18
data/ext/x25519_precomputed/extconf.rb +1 -1
data/ext/x25519_precomputed/fp25519_x64.c +865 -746
data/ext/x25519_precomputed/fp25519_x64.h +89 -54
data/ext/x25519_precomputed/table_ladder_x25519.h +534 -267
data/ext/x25519_precomputed/x25519_precomputed.h +33 -12
data/ext/x25519_precomputed/x25519_x64.c +237 -217
data/lib/x25519.rb +3 -2
data/lib/x25519/montgomery_u.rb +1 -1
data/lib/x25519/scalar.rb +1 -0
data/lib/x25519/version.rb +1 -1
data/x25519.gemspec +5 -5
metadata +15 -16
data/.travis.yml +0 -21
data/CHANGES.md +0 -61
data/appveyor.yml +0 -20

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 316da0f14382521bac4d5142c22d44d4dbabda25ca5956e8c9d467b8b92661f7
-  data.tar.gz: 22efb4909f13bcbd27899b26851120a7a3e1d99a0311356191bc78033cd949b9
+  metadata.gz: 11ff922b9b148a4f8b37ae6ad4a6e1638930b50b93e5d45a169e0b1399963d22
+  data.tar.gz: 2b947a4726bc75e6a492821d25a656cce2852fa9d4b5a72cec491766f0cde724
 SHA512:
-  metadata.gz: 719c8a4fb16da08c8a9f8d20d66a78c5a3c003b1eef5e579e1b10062ddf840d14016d85bf292dfd7acd733ef978f7a0c82a0f9c93ed131811dc5e76e7cbdf947
-  data.tar.gz: bd019615fa2f53475e03b47e6fdd852e4aaffac71a63859b1572f35141998cca75d454e474c57ddd8d3670293e6f492f30f7ec8ecd115ee04354a295b72c0ef3
+  metadata.gz: 00caf2f9602bcf4af710eb0eadce522cf0bcf6fa9c00e06c75af67b2c94c24d96d19bd9a0213b6ec30146e13e2d989bc8e145c5690be1773fceb52fa974b914e
+  data.tar.gz: dc318a0d65303ffc6ac7e5dd27aefc93bd500e3f56354d13d7264072e331f58aeb36f50cf176cbfcfb1dc082223908544a36b0afd05a8cad68455ca099cda6c5

data/.github/workflows/ci.yml ADDED Viewed

@@ -0,0 +1,42 @@
+name: CI
+on:
+  pull_request:
+    paths-ignore:
+      - README.md
+  push:
+    branches: main
+    paths-ignore:
+      - README.md
+env:
+  BUNDLE_WITHOUT: "development"
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby:
+          - ruby-2.5
+          - ruby-2.6
+          - ruby-2.7
+          - ruby-3.0
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      - run: bundle exec rake compile
+      - run: bundle exec rake spec
+  rubocop:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.5
+          bundler-cache: true
+      - run: bundle exec rubocop --format progress --color

data/.rubocop.yml CHANGED Viewed

@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 2.2
+  TargetRubyVersion: 2.5
   DisplayCopNames: true
 #

data/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,90 @@
+## [1.0.9] (2021-08-04)
+[1.0.9]: https://github.com/RubyCrypto/x25519/compare/v1.0.8...v1.0.9
+- [#23](https://github.com/RubyCrypto/x25519/pull/23)
+  Bump `required_ruby_version` to 2.5
+- [#25](https://github.com/RubyCrypto/x25519/pull/25)
+  Fix SIGILL caused by use of `-march=native`
+## [1.0.8] (2018-11-08)
+[1.0.8]: https://github.com/RubyCrypto/x25519/compare/v1.0.7...v1.0.8
+- [#20](https://github.com/RubyCrypto/x25519/pull/19)
+  Change license to BSD-3-clause.
+## [1.0.7] (2018-02-26)
+[1.0.7]: https://github.com/RubyCrypto/x25519/compare/v1.0.6...v1.0.7
+- [#19](https://github.com/RubyCrypto/x25519/pull/19)
+  Incorporate upstream carry propagation bugfix and LICENSE changes.
+## [1.0.6] (2018-01-04)
+[1.0.6]: https://github.com/RubyCrypto/x25519/compare/v1.0.5...v1.0.6
+- Use correct (LGPLv3) license in gemspec
+## [1.0.5] (2017-12-31)
+[1.0.5]: https://github.com/RubyCrypto/x25519/compare/v1.0.4...v1.0.5
+- [#15](https://github.com/RubyCrypto/x25519/pull/15)
+  RuboCop 0.52.1
+- [#14](https://github.com/RubyCrypto/x25519/pull/14)
+  `ext/x25519_ref10`: Consolidate all field element code into `fe.c`.
+## [1.0.4] (2017-12-31)
+[1.0.4]: https://github.com/RubyCrypto/x25519/compare/v1.0.3...v1.0.4
+- [#13](https://github.com/RubyCrypto/x25519/pull/13)
+  Test against Ruby 2.5.0
+- [#12](https://github.com/RubyCrypto/x25519/pull/12)
+  Move project to the RubyCrypto GitHub organization
+## [1.0.3] (2017-12-13)
+[1.0.3]: https://github.com/RubyCrypto/x25519/compare/v1.0.2...v1.0.3
+- [#10](https://github.com/RubyCrypto/x25519/pull/10)
+  Detect degenerate (i.e. all-zero) public keys (fixes #6)
+## [1.0.2] (2017-12-13)
+[1.0.2]: https://github.com/RubyCrypto/x25519/compare/v1.0.1...v1.0.2
+- [#9](https://github.com/RubyCrypto/x25519/pull/9)
+  Make `X25519.provider` an `attr_accessor`
+- Raise `X25519::SelfTestFailure` when self-test fails
+## [1.0.1] (2017-12-12)
+[1.0.1]: https://github.com/RubyCrypto/x25519/compare/v1.0.0...v1.0.1
+- Have `X25519.self_test` return true on success
+## [1.0.0] (2017-12-12)
+[1.0.0]: https://github.com/RubyCrypto/x25519/compare/v0.2.0...v1.0.0
+- [#8](https://github.com/RubyCrypto/x25519/pull/8)
+  Add self-test
+- [#7](https://github.com/RubyCrypto/x25519/pull/7)
+  Factor providers into the `X25519::Provider` namespace
+## [0.2.0] (2017-12-12)
+[0.2.0]: https://github.com/RubyCrypto/x25519/compare/v0.1.0...v0.2.0
+- [#5](https://github.com/RubyCrypto/x25519/pull/5)
+  Rewrite gem in Ruby with minimal native extensions
+## 0.1.0 (2017-12-11)
+- Initial release

data/Gemfile CHANGED Viewed

@@ -7,6 +7,6 @@ gemspec
 group :development, :test do
   gem "rake", require: false
   gem "rake-compiler", "~> 1.0", require: false
-  gem "rspec", "~> 3.7", require: false
-  gem "rubocop", "0.52.1", require: false
+  gem "rspec", "~> 3.10", require: false
+  gem "rubocop", "1.18", require: false
 end

data/LICENSE CHANGED Viewed

@@ -1,165 +1,32 @@
-                   GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-  This version of the GNU Lesser General Public License incorporates
-the terms and conditions of version 3 of the GNU General Public
-License, supplemented by the additional permissions listed below.
-  0. Additional Definitions.
-  As used herein, "this License" refers to version 3 of the GNU Lesser
-General Public License, and the "GNU GPL" refers to version 3 of the GNU
-General Public License.
-  "The Library" refers to a covered work governed by this License,
-other than an Application or a Combined Work as defined below.
-  An "Application" is any work that makes use of an interface provided
-by the Library, but which is not otherwise based on the Library.
-Defining a subclass of a class defined by the Library is deemed a mode
-of using an interface provided by the Library.
-  A "Combined Work" is a work produced by combining or linking an
-Application with the Library.  The particular version of the Library
-with which the Combined Work was made is also called the "Linked
-Version".
-  The "Minimal Corresponding Source" for a Combined Work means the
-Corresponding Source for the Combined Work, excluding any source code
-for portions of the Combined Work that, considered in isolation, are
-based on the Application, and not on the Linked Version.
-  The "Corresponding Application Code" for a Combined Work means the
-object code and/or source code for the Application, including any data
-and utility programs needed for reproducing the Combined Work from the
-Application, but excluding the System Libraries of the Combined Work.
-  1. Exception to Section 3 of the GNU GPL.
-  You may convey a covered work under sections 3 and 4 of this License
-without being bound by section 3 of the GNU GPL.
-  2. Conveying Modified Versions.
-  If you modify a copy of the Library, and, in your modifications, a
-facility refers to a function or data to be supplied by an Application
-that uses the facility (other than as an argument passed when the
-facility is invoked), then you may convey a copy of the modified
-version:
-   a) under this License, provided that you make a good faith effort to
-   ensure that, in the event an Application does not supply the
-   function or data, the facility still operates, and performs
-   whatever part of its purpose remains meaningful, or
-   b) under the GNU GPL, with none of the additional permissions of
-   this License applicable to that copy.
-  3. Object Code Incorporating Material from Library Header Files.
-  The object code form of an Application may incorporate material from
-a header file that is part of the Library.  You may convey such object
-code under terms of your choice, provided that, if the incorporated
-material is not limited to numerical parameters, data structure
-layouts and accessors, or small macros, inline functions and templates
-(ten or fewer lines in length), you do both of the following:
-   a) Give prominent notice with each copy of the object code that the
-   Library is used in it and that the Library and its use are
-   covered by this License.
-   b) Accompany the object code with a copy of the GNU GPL and this license
-   document.
-  4. Combined Works.
-  You may convey a Combined Work under terms of your choice that,
-taken together, effectively do not restrict modification of the
-portions of the Library contained in the Combined Work and reverse
-engineering for debugging such modifications, if you also do each of
-the following:
-   a) Give prominent notice with each copy of the Combined Work that
-   the Library is used in it and that the Library and its use are
-   covered by this License.
-   b) Accompany the Combined Work with a copy of the GNU GPL and this license
-   document.
-   c) For a Combined Work that displays copyright notices during
-   execution, include the copyright notice for the Library among
-   these notices, as well as a reference directing the user to the
-   copies of the GNU GPL and this license document.
-   d) Do one of the following:
-       0) Convey the Minimal Corresponding Source under the terms of this
-       License, and the Corresponding Application Code in a form
-       suitable for, and under terms that permit, the user to
-       recombine or relink the Application with a modified version of
-       the Linked Version to produce a modified Combined Work, in the
-       manner specified by section 6 of the GNU GPL for conveying
-       Corresponding Source.
-       1) Use a suitable shared library mechanism for linking with the
-       Library.  A suitable mechanism is one that (a) uses at run time
-       a copy of the Library already present on the user's computer
-       system, and (b) will operate properly with a modified version
-       of the Library that is interface-compatible with the Linked
-       Version.
-   e) Provide Installation Information, but only if you would otherwise
-   be required to provide such information under section 6 of the
-   GNU GPL, and only to the extent that such information is
-   necessary to install and execute a modified version of the
-   Combined Work produced by recombining or relinking the
-   Application with a modified version of the Linked Version. (If
-   you use option 4d0, the Installation Information must accompany
-   the Minimal Corresponding Source and Corresponding Application
-   Code. If you use option 4d1, you must provide the Installation
-   Information in the manner specified by section 6 of the GNU GPL
-   for conveying Corresponding Source.)
-  5. Combined Libraries.
-  You may place library facilities that are a work based on the
-Library side by side in a single library together with other library
-facilities that are not Applications and are not covered by this
-License, and convey such a combined library under terms of your
-choice, if you do both of the following:
-   a) Accompany the combined library with a copy of the same work based
-   on the Library, uncombined with any other library facilities,
-   conveyed under the terms of this License.
-   b) Give prominent notice with the combined library that part of it
-   is a work based on the Library, and explaining where to find the
-   accompanying uncombined form of the same work.
-  6. Revised Versions of the GNU Lesser General Public License.
-  The Free Software Foundation may publish revised and/or new versions
-of the GNU Lesser General Public License from time to time. Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-  Each version is given a distinguishing version number. If the
-Library as you received it specifies that a certain numbered version
-of the GNU Lesser General Public License "or any later version"
-applies to it, you have the option of following the terms and
-conditions either of that published version or of any later version
-published by the Free Software Foundation. If the Library as you
-received it does not specify a version number of the GNU Lesser
-General Public License, you may choose any version of the GNU Lesser
-General Public License ever published by the Free Software Foundation.
-  If the Library as you received it specifies that a proxy can decide
-whether future versions of the GNU Lesser General Public License shall
-apply, that proxy's public statement of acceptance of any version is
-permanent authorization for you to choose that version for the
-Library.
+BSD-3 License.
+Copyright (c) 2017, Armando Faz <armfazh@ic.unicamp.br>. All rights reserved.
+Institute of Computing.
+University of Campinas, Brazil.
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+ * Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above
+   copyright notice, this list of conditions and the following
+   disclaimer in the documentation and/or other materials provided
+   with the distribution.
+ * Neither the name of University of Campinas nor the names of its
+   contributors may be used to endorse or promote products derived
+   from this software without specific prior written permission.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+OF THE POSSIBILITY OF SUCH DAMAGE.

data/README.md CHANGED Viewed

@@ -1,15 +1,13 @@
-# x25519.rb [![Latest Version][gem-shield]][gem-link] [![Build Status][build-image]][build-link] [![Appveyor CI Status][appveyor-image]][appveyor-link] [![Yard Docs][docs-image]][docs-link] [![License: LGPL v3][license-image]][license-link]
+# x25519.rb [![Latest Version][gem-shield]][gem-link] [![Yard Docs][docs-image]][docs-link] [![License: BSD 3-Clause][license-image]][license-link] [![Build Status][build-image]][build-link]
-[gem-shield]: https://badge.fury.io/rb/x25519.svg
+[gem-shield]: https://img.shields.io/gem/v/x25519?logo=ruby
 [gem-link]: https://rubygems.org/gems/x25519
-[build-image]: https://travis-ci.org/crypto-rb/x25519.svg?branch=master
-[build-link]: https://travis-ci.org/crypto-rb/x25519
-[appveyor-image]: https://ci.appveyor.com/api/projects/status/a245an53hsk05sn2?svg=true
-[appveyor-link]: https://ci.appveyor.com/project/tarcieri/x25519
 [docs-image]: https://img.shields.io/badge/yard-docs-blue.svg
-[docs-link]: http://www.rubydoc.info/gems/x25519/1.0.5
-[license-image]: https://img.shields.io/badge/License-LGPL%20v3-blue.svg
-[license-link]: https://www.gnu.org/licenses/lgpl-3.0
+[docs-link]: http://www.rubydoc.info/gems/x25519/1.0.6
+[license-image]: https://img.shields.io/badge/License-BSD%203--Clause-blue.svg
+[license-link]: https://spdx.org/licenses/BSD-3-Clause.html
+[build-image]: https://github.com/RubyCrypto/x25519/actions/workflows/ci.yml/badge.svg
+[build-link]: https://github.com/RubyCrypto/x25519/actions/workflows/ci.yml
 An efficient public key cryptography library for Ruby providing key
 exchange/agreement.
@@ -28,13 +26,30 @@ Curve25519.
 [RFC7748]: https://tools.ietf.org/html/rfc7748
 [How to (pre-)compute a ladder]: https://eprint.iacr.org/2017/264
 [rfc7748_precomputed]: https://github.com/armfazh/rfc7748_precomputed
-[ed25519 gem]: https://github.com/crypto-rb/ed25519
+[ed25519 gem]: https://github.com/RubyCrypto/ed25519
+### Is it any good?
+[Yes.](http://news.ycombinator.com/item?id=3067434)
+### What is it useful for?
+X25519 is a key exchange/agreement algorithm generally used as a low-level
+building block in cryptographic protocols.
+### Can I use X25519 to encrypt things?
+Please use [RbNaCl::Box] if you would like a high-level construction which uses
+X25519 for public-key encryption. Otherwise, the X25519 algorithm is not directly
+useful for encryption without a higher-level encryption protocol built on top of it.
+[RbNaCl::Box]: https://github.com/RubyCrypto/rbnacl/wiki/Public-Key-Encryption
 ## Requirements
 **x25519.rb** is supported on and tested against the following platforms:
-* MRI 2.2, 2.3, 2.4, 2.5
+- MRI 2.5, 2.6, 2.7, 3.0
 ## Installation
@@ -214,9 +229,9 @@ Returns a `String` containing a 32-byte compressed Montgomery-u coordinate
 ## Contributing
-Bug reports and pull requests are welcome on GitHub at https://github.com/crypto-rb/x25519.
+Bug reports and pull requests are welcome on GitHub at https://github.com/RubyCrypto/x25519.
 This project is intended to be a safe, welcoming space for collaboration,
-and contributors areexpected to adhere to the [Contributor Covenant](http://contributor-covenant.org)
+and contributors are expected to adhere to the [Contributor Covenant](https://contributor-covenant.org)
 code of conduct.
 ## Implementation Details
@@ -227,7 +242,8 @@ based on available CPU features.
 ### [rfc7748_precomputed]: optimized assembly implementation
-* Prime field arithmetic is optimized for the 4th and 6th generation of Intel Core processors (Haswell and Skylake micro-architectures).
+* Prime field arithmetic is optimized for the 4th and 6th generation of Intel Core processors
+  (Haswell and Skylake micro-architectures).
 * Efficient integer multiplication using MULX instruction.
 * Integer additions accelerated with ADCX/ADOX instructions.
 * Key generation uses a read-only table of 8 KB for X25519.
@@ -253,16 +269,17 @@ The optimized [rfc7748_precomputed] implementation was designed by:
 * Armando Faz-Hernández, University of Campinas, Brazil.
 * Francisco Rodríguez-Henríquez, Computer Science Department, Cinvestav-IPN, Mexico.
-## Copyright and License
+## License
-Copyright (c) 2017 Armando Faz, Tony Arcieri
+Copyright (c) 2017-2018 Armando Faz
+Copyright (c) 2017-2021 Tony Arcieri
 This gem is available as open source under the terms of the
-GNU Lesser General Public License v3.0 ([LICENSE](https://www.gnu.org/licenses/lgpl-3.0.txt))
+BSD-3 Clause License ([LICENSE](./LICENSE))
 ## Code of Conduct
 Everyone interacting in the x25519.rb project’s codebases, issue trackers, chat
 rooms and mailing lists is expected to follow the [code of conduct].
-[code of conduct]: https://github.com/crypto-rb/x25519/blob/master/CODE_OF_CONDUCT.md
+[code of conduct]: https://github.com/RubyCrypto/x25519/blob/main/CODE_OF_CONDUCT.md