2019-06-29 01:17:09 +02:00
# sodium.cr
[![Build Status ](https://travis-ci.org/didactic-drunk/sodium.cr.svg?branch=master )](https://travis-ci.org/didactic-drunk/sodium.cr)
[![Docs ](https://img.shields.io/badge/docs-available-brightgreen.svg )](https://didactic-drunk.github.io/sodium.cr/)
2017-07-12 05:13:52 +02:00
2019-06-29 03:29:33 +02:00
Crystal bindings for the [libsodium API ](https://libsodium.gitbook.io/doc/ )
## Goals
* Provide an easy to use API based on reviewing most other [libsodium bindings ](https://libsodium.gitbook.io/doc/bindings_for_other_languages ).
* Provide the most commonly used libsodium API's.
* Test for compatibility against other libsodium bindings to ensure interoperability.
* Always provide a stream interface to handle arbitrarily sized data when one is available.
* Drop in replacement classes compatible with OpenSSL::{Digest,Cipher} when possible.
* Use the newest system packaged libsodium or download the most recent stable version without manual configuration.
2017-07-12 05:13:52 +02:00
2019-06-27 06:10:42 +02:00
## Features
2019-06-28 22:26:31 +02:00
- [Public-Key Cryptography ](https://libsodium.gitbook.io/doc/public-key_cryptography )
- [x] [Crypto Box Easy ](https://libsodium.gitbook.io/doc/public-key_cryptography/authenticated_encryption )
- [ ] [Sealed Box ](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes )
- [ ] [Combined Signatures ](https://libsodium.gitbook.io/doc/public-key_cryptography/public-key_signatures )
- [x] [Detached Signatures ](https://libsodium.gitbook.io/doc/public-key_cryptography/public-key_signatures )
2019-06-28 01:19:11 +02:00
- [Secret-Key Cryptography ](https://libsodium.gitbook.io/doc/secret-key_cryptography )
- Secret Box
- [x] [Combined mode ](https://libsodium.gitbook.io/doc/secret-key_cryptography/authenticated_encryption )
2019-06-28 22:26:31 +02:00
- [ ] [Detached mode ](https://libsodium.gitbook.io/doc/secret-key_cryptography/authenticated_encryption )
- [AEAD ](https://libsodium.gitbook.io/doc/secret-key_cryptography/aead )
2019-06-28 22:44:33 +02:00
- [ ] AES256-GCM (Requires hardware acceleration)
- [ ] XChaCha20-Poly1305-IETF
- [ ] ChaCha20-Poly1305-IETF
- [ ] ChaCha20-Poly1305
2019-06-28 22:26:31 +02:00
- [Hashing ](https://libsodium.gitbook.io/doc/hashing )
2019-06-28 01:19:11 +02:00
- [x] ☑ [Blake2b ](https://libsodium.gitbook.io/doc/hashing/generic_hashing )
- [ ] [SipHash ](https://libsodium.gitbook.io/doc/hashing/short-input_hashing )
- [Password Hashing ](https://libsodium.gitbook.io/doc/password_hashing )
- [x] [Argon2 ](https://libsodium.gitbook.io/doc/password_hashing/the_argon2i_function ) (Use for new applications)
2019-06-28 22:26:31 +02:00
- [ ] [Scrypt ](https://libsodium.gitbook.io/doc/advanced/scrypt ) (For compatibility with older applications)
2019-06-27 06:10:42 +02:00
- Other
2019-06-28 01:19:11 +02:00
- [x] [Key Derivation ](https://libsodium.gitbook.io/doc/key_derivation )
- [ ] [Key Exchange ](https://libsodium.gitbook.io/doc/key_exchange )
2019-06-28 22:26:31 +02:00
- [Advanced](https://libsodium.gitbook.io/doc/advanced0
- [Stream Ciphers ](https://libsodium.gitbook.io/doc/advanced/stream_ciphers )
2019-06-28 01:19:11 +02:00
- [x] XSalsa20
- [x] Salsa20
- [x] XChaCha20
- [x] ChaCha20 Ietf
- [x] ChaCha20
2019-06-28 22:26:31 +02:00
- [ ] [One time auth ](https://libsodium.gitbook.io/doc/advanced/poly1305 )
2019-06-28 01:19:11 +02:00
- [ ] Padding
2019-06-28 22:26:31 +02:00
- (Partial) Semi-automatic memory wiping.
2019-06-27 06:10:42 +02:00
2019-06-28 01:19:11 +02:00
☑ Indicate specs are compared against test vectors from another source.
Several features in libsodium are already provided by Crystal:
2019-06-27 22:52:09 +02:00
* Random (Use [Random::Secure ](https://crystal-lang.org/api/latest/Random/Secure.html ))
2019-06-27 06:10:42 +02:00
* SHA-2 (Use [OpenSSL::Digest ](https://crystal-lang.org/api/latest/OpenSSL/Digest.html ))
* HMAC SHA-2 (Use [OpenSSL::HMAC ](https://crystal-lang.org/api/latest/OpenSSL/HMAC.html ))
2019-06-28 01:19:11 +02:00
2019-06-28 22:26:31 +02:00
## What should I use for my application?
| Class | |
| --- | --- |
| `CryptoBox` `Sign` `SecretBox` | I don't know much about crypto. |
2019-06-29 01:17:09 +02:00
| [`Sodium::CryptoBox::SecretKey` ](https://didactic-drunk.github.io/sodium.cr/Sodium/CryptoBox/SecretKey.html ) | I want to encrypt + authenticate data using public key encryption. |
| [`Sodium::Sign::SecretKey` ](https://didactic-drunk.github.io/sodium.cr/Sodium/Sign/SecretKey.html ) | I want to sign or verify messages without encryption. |
| [`Sodium::SecretBox` ](https://didactic-drunk.github.io/sodium.cr/Sodium/SecretBox.html ) | I have a shared key and want to encrypt + authenticate data. |
2019-06-28 22:58:55 +02:00
| AEAD | I have a shared key and want encrypt + authenticate streamed data. (Not implemented yet) |
2019-06-29 01:17:09 +02:00
| [`Sodium::Digest::Blake2b` ](https://didactic-drunk.github.io/sodium.cr/Sodium/Digest::Blake2b.html ) | I want to hash data fast and securely. |
| `Sodium::Digest::SipHash` | I want to hash data really fast and less securely. (Not implemented yet) |
| `Sodium::Pwhash` | I want to hash a password and store it. |
| `Sodium::Pwhash` | I want to derive a key from a password. |
| `Sodium::Kdf` | I have a high quality master key and want to make subkeys. |
| [`Sodium::Cipher::Chalsa` ](https://didactic-drunk.github.io/sodium.cr/Sodium/Cipher/Chalsa.html ) | What goes with guacamole? |
2019-06-28 22:26:31 +02:00
| Everything else | I want to design my own crypto protocol and probably do it wrong. |
2019-06-29 03:29:33 +02:00
## Installation
**[Optionally Install libsodium.](https://download.libsodium.org/doc/installation/)**
A recent version of libsodium is automatically downloaded and compiled if you don't install your own version.
Add this to your application's `shard.yml` :
```yaml
dependencies:
sodium.cr:
github: didactic-drunk/sodium.cr
```
2017-07-12 05:13:52 +02:00
## Usage
2019-06-28 22:44:33 +02:00
The `specs` provide the best examples of how to use or misuse this shard.
2019-06-29 03:29:33 +02:00
### Warning
This library uses automatic memory wiping. **Make sure you write your keys to disk or send them over a network
before losing references to objects that contain keys.** You may also call `.dup` .
```crystal
# Returns Bytes representation and loses reference to SecretKey
def new_key
secret_key = Sodium::CryptoBox::SecretKey.new
secret_key.bytes
end
saved_key = new_key
p saved_key[0, 8]
GC.collect
p saved_key[0, 8]
```
```
# Before GC
Bytes[175, 134, 134, 159, 149, 208, 171, 251]
# After GC
Bytes[0, 0, 0, 0, 0, 0, 0, 0]
```
You may call `.close` on any object that retains keying material to wipe it's key(s) earlier.
Objects with a `.close` method also respond to `Class.open` and wipe when the block returns.
```crystal
Sodium::CryptoBox::SecretKey.open(sec_key, pub_key) do |secret_key|
... Do crypto operations ...
end
# sec_key is wiped
# public keys aren't wiped.
```
2019-06-28 13:32:16 +02:00
### CryptoBox easy encryption
2017-07-12 05:13:52 +02:00
```crystal
2019-06-29 01:17:09 +02:00
require "sodium"
2017-07-12 05:13:52 +02:00
data = "Hello World!"
# Alice is the sender
2019-06-29 01:17:09 +02:00
alice = Sodium::CryptoBox::SecretKey.new
2017-07-12 05:13:52 +02:00
# Bob is the recipient
2019-06-29 01:17:09 +02:00
bob = Sodium::CryptoBox::SecretKey.new
2019-06-28 13:32:16 +02:00
# Precompute a shared secret between alice and bob.
2019-06-29 21:44:47 +02:00
box = alice.box bob.public_key
2017-07-12 05:13:52 +02:00
# Encrypt a message for Bob using his public key, signing it with Alice's
# secret key
2019-06-29 21:44:47 +02:00
nonce, encrypted = box.encrypt data
2017-07-12 05:13:52 +02:00
2019-06-28 13:32:16 +02:00
# Precompute within a block. The shared secret is wiped when the block exits.
2019-06-29 21:44:47 +02:00
bob.box alice.public_key do |box|
2019-06-28 13:32:16 +02:00
# Decrypt the message using Bob's secret key, and verify its signature against
# Alice's public key
2019-06-29 01:17:09 +02:00
decrypted = Sodium.decrypt(encrypted, nonce, alice.public, bob.secret)
2017-07-12 05:13:52 +02:00
2019-06-28 13:32:16 +02:00
String.new(decrypted) # => "Hello World!"
end
2019-06-19 10:46:42 +02:00
```
2018-02-12 08:18:45 +01:00
2019-06-27 06:10:42 +02:00
### Public key signing
2019-06-19 10:46:42 +02:00
```crystal
2018-02-12 08:18:45 +01:00
message = "Hello World!"
2019-06-29 01:17:09 +02:00
secret_key = Sodium::Sign::SecretKey.new
2018-02-12 08:18:45 +01:00
# Sign the message
2019-06-28 12:30:33 +02:00
signature = secret_key.sign_detached message
2018-02-12 08:18:45 +01:00
2019-06-28 12:30:33 +02:00
# Send secret_key.public_key to the recipient
2019-06-29 01:17:09 +02:00
public_key = Sodium::Sign::PublicKey.new key_bytes
2019-06-28 12:30:33 +02:00
2019-06-29 01:17:09 +02:00
# raises Sodium::Error::VerificationFailed on failure.
2019-06-28 12:30:33 +02:00
public_key.verify_detached message, signature
2017-07-12 05:13:52 +02:00
```
2019-06-27 06:10:42 +02:00
### Secret Key Encryption
2019-06-19 10:46:42 +02:00
```crystal
2019-06-29 01:17:09 +02:00
key = Sodium::SecretKey.new
2019-06-19 10:46:42 +02:00
message = "foobar"
encrypted, nonce = key.encrypt_easy message
# On the other side.
2019-06-29 01:17:09 +02:00
key = Sodium::SecretKey.new key
2019-06-19 10:46:42 +02:00
message = key.decrypt_easy encrypted, nonce
```
2019-06-27 06:10:42 +02:00
### Blake2b
2019-06-19 10:46:42 +02:00
```crystal
2019-06-29 01:17:09 +02:00
key = Bytes.new Sodium::Digest::Blake2B::KEY_SIZE
salt = Bytes.new Sodium::Digest::Blake2B::SALT_SIZE
personal = Bytes.new Sodium::Digest::Blake2B::PERSONAL_SIZE
out_size = 64 # bytes between Sodium::Digest::Blake2B::OUT_SIZE_MIN and Sodium::Digest::Blake2B::OUT_SIZE_MAX
2019-06-19 10:46:42 +02:00
data = "data".to_slice
# output_size, key, salt, and personal are optional.
2019-06-29 01:17:09 +02:00
digest = Sodium::Digest::Blake2b.new out_size, key: key, salt: salt, personal: personal
2019-06-19 10:46:42 +02:00
digest.update data
output = d.hexdigest
digest.reset # Reuse existing object to hash again.
digest.update data
output = d.hexdigest
```
2019-06-27 06:10:42 +02:00
### Key derivation
2019-06-19 10:46:42 +02:00
```crystal
2019-06-29 01:17:09 +02:00
kdf = Sodium::Kdf.new
2019-05-28 23:31:31 +02:00
2019-06-28 01:52:45 +02:00
# kdf.derive(8_byte_context, subkey_id, subkey_size)
subkey1 = kdf.derive "context1", 0, 16
subkey2 = kdf.derive "context1", 1, 16
subkey3 = kdf.derive "context2", 0, 32
subkey4 = kdf.derive "context2", 1, 64
2019-06-19 10:46:42 +02:00
```
2019-06-27 06:10:42 +02:00
### Password Hashing
2019-06-19 10:46:42 +02:00
```crystal
2019-06-29 01:17:09 +02:00
pwhash = Sodium::Pwhash.new
2019-06-19 10:46:42 +02:00
2019-06-29 01:17:09 +02:00
pwhash.memlimit = Sodium::Pwhash::MEMLIMIT_MIN
pwhash.opslimit = Sodium::Pwhash::OPSLIMIT_MIN
2019-06-19 10:46:42 +02:00
pass = "1234"
hash = pwhash.hash_str pass
pwhash.verify hash, pass
```
2019-05-28 23:31:31 +02:00
2019-06-25 21:40:58 +02:00
Use `examples/pwhash_selector.cr` to help choose ops/mem limits.
2019-06-27 18:34:23 +02:00
Example output:
Ops limit →
| | 1 | 4 | 16 | 64 | 256 | 1024 | 4096 | 16384 | 65536 | 262144 | 1048576 |
| -------- | ------- | ------- | ------- | ------- | ------- | ------- | ------- | ------- | ------- | ------- | ------- |
| 8K | | | | | | | | | | 0.542s | 2.114s |
| 32K | | | | | | | | | 0.513s | 2.069s |
| 128K | | | | | | | | 0.530s | 2.121s |
| 512K | | | | | | | 0.566s | 2.237s |
| 2048K | | | | | | 0.567s | 2.290s |
| 8192K | | | | | 0.670s | 2.542s |
| 32768K | | | | 0.684s | 2.777s |
| 131072K | | | 0.805s | 3.106s |
| 524288K | 0.504s | 1.135s | 3.661s |
| 2097152K | 2.119s |
| Memory |
2017-07-12 05:13:52 +02:00
## Contributing
2019-06-29 01:17:09 +02:00
1. Fork it ( https://github.com/didactic-drunk/sodium.cr/fork )
2019-06-28 02:20:02 +02:00
2. **Install a formatting check git hook (ln -sf ../../scripts/git/pre-commit .git/hooks)**
3. Create your feature branch (git checkout -b my-new-feature)
4. Commit your changes (git commit -am 'Add some feature')
5. Push to the branch (git push origin my-new-feature)
6. Create a new Pull Request
2017-07-12 05:13:52 +02:00
2019-06-29 03:29:33 +02:00
## Project History
* Originally created by [Andrew Hamon ](https://github.com/andrewhamons/cox )
* Forked by [Didactic Drunk ](https://github.com/didactic-drunk/cox ) for lack of updates in the original project.
* Complaints about the name being too controversial. Project name changed from "cox" to a more libsodium related name of "salty seaman".
* ~50% complete libsodium API.
* More complaints about the name. Dead hooker jokes added.
* None of the original API is left.
* More complaints threatening a boycott. Told them "Go ahead, I own Coca Cola and Water".
* Account unsuspended.
* Unrelated to the boycott the project name changed to "libsodium" because sodium happens to be a tasty byproduct of the two earlier names.
* Account unsuspended.
* Dead hooker jokes (mostly) removed.
2017-07-12 05:13:52 +02:00
## Contributors
2019-06-25 22:19:59 +02:00
- [andrewhamon ](https://github.com/andrewhamon ) Andrew Hamon - creator, former maintainer
2018-02-12 08:18:45 +01:00
- [dorkrawk ](https://github.com/dorkrawk ) Dave Schwantes - contributor
2019-06-25 22:19:59 +02:00
- [didactic-drunk ](https://github.com/didactic-drunk ) - current maintainer