2017-07-12 05:13:52 +02:00
|
|
|
# cox
|
2019-06-25 22:19:59 +02:00
|
|
|
[](https://travis-ci.org/didactic-drunk/cox)
|
2019-06-28 11:18:23 +02:00
|
|
|
[](https://didactic-drunk.github.io/cox/)
|
2017-07-12 05:13:52 +02:00
|
|
|
|
2019-06-25 22:19:59 +02:00
|
|
|
Updated Crystal bindings for the [libsodium API](https://libsodium.gitbook.io/doc/)
|
2017-07-12 05:13:52 +02:00
|
|
|
|
2019-06-27 06:10:42 +02:00
|
|
|
## Features
|
|
|
|
|
|
2019-06-28 22:26:31 +02:00
|
|
|
- [Public-Key Cryptography](https://libsodium.gitbook.io/doc/public-key_cryptography)
|
|
|
|
|
- [x] [Crypto Box Easy](https://libsodium.gitbook.io/doc/public-key_cryptography/authenticated_encryption)
|
|
|
|
|
- [ ] [Sealed Box](https://libsodium.gitbook.io/doc/public-key_cryptography/sealed_boxes)
|
|
|
|
|
- [ ] [Combined Signatures](https://libsodium.gitbook.io/doc/public-key_cryptography/public-key_signatures)
|
|
|
|
|
- [x] [Detached Signatures](https://libsodium.gitbook.io/doc/public-key_cryptography/public-key_signatures)
|
2019-06-28 01:19:11 +02:00
|
|
|
- [Secret-Key Cryptography](https://libsodium.gitbook.io/doc/secret-key_cryptography)
|
|
|
|
|
- Secret Box
|
|
|
|
|
- [x] [Combined mode](https://libsodium.gitbook.io/doc/secret-key_cryptography/authenticated_encryption)
|
2019-06-28 22:26:31 +02:00
|
|
|
- [ ] [Detached mode](https://libsodium.gitbook.io/doc/secret-key_cryptography/authenticated_encryption)
|
|
|
|
|
- [AEAD](https://libsodium.gitbook.io/doc/secret-key_cryptography/aead)
|
|
|
|
|
- [ ] AES256-GCM (Requires hardware acceleration)
|
|
|
|
|
- [ ] XChaCha20-Poly1305-IETF
|
|
|
|
|
- [ ] ChaCha20-Poly1305-IETF
|
|
|
|
|
- [ ] ChaCha20-Poly1305
|
|
|
|
|
- [Hashing](https://libsodium.gitbook.io/doc/hashing)
|
2019-06-28 01:19:11 +02:00
|
|
|
- [x] ☑ [Blake2b](https://libsodium.gitbook.io/doc/hashing/generic_hashing)
|
|
|
|
|
- [ ] [SipHash](https://libsodium.gitbook.io/doc/hashing/short-input_hashing)
|
|
|
|
|
- [Password Hashing](https://libsodium.gitbook.io/doc/password_hashing)
|
|
|
|
|
- [x] [Argon2](https://libsodium.gitbook.io/doc/password_hashing/the_argon2i_function) (Use for new applications)
|
2019-06-28 22:26:31 +02:00
|
|
|
- [ ] [Scrypt](https://libsodium.gitbook.io/doc/advanced/scrypt) (For compatibility with older applications)
|
2019-06-27 06:10:42 +02:00
|
|
|
- Other
|
2019-06-28 01:19:11 +02:00
|
|
|
- [x] [Key Derivation](https://libsodium.gitbook.io/doc/key_derivation)
|
|
|
|
|
- [ ] [Key Exchange](https://libsodium.gitbook.io/doc/key_exchange)
|
2019-06-28 22:26:31 +02:00
|
|
|
- [Advanced](https://libsodium.gitbook.io/doc/advanced0
|
|
|
|
|
- [Stream Ciphers](https://libsodium.gitbook.io/doc/advanced/stream_ciphers)
|
2019-06-28 01:19:11 +02:00
|
|
|
- [x] XSalsa20
|
|
|
|
|
- [x] Salsa20
|
|
|
|
|
- [x] XChaCha20
|
|
|
|
|
- [x] ChaCha20 Ietf
|
|
|
|
|
- [x] ChaCha20
|
2019-06-28 22:26:31 +02:00
|
|
|
- [ ] [One time auth](https://libsodium.gitbook.io/doc/advanced/poly1305)
|
2019-06-28 01:19:11 +02:00
|
|
|
- [ ] Padding
|
2019-06-28 22:26:31 +02:00
|
|
|
- (Partial) Semi-automatic memory wiping.
|
2019-06-27 06:10:42 +02:00
|
|
|
|
2019-06-28 01:19:11 +02:00
|
|
|
☑ Indicate specs are compared against test vectors from another source.
|
|
|
|
|
|
|
|
|
|
Several features in libsodium are already provided by Crystal:
|
2019-06-27 22:52:09 +02:00
|
|
|
* Random (Use [Random::Secure](https://crystal-lang.org/api/latest/Random/Secure.html))
|
2019-06-27 06:10:42 +02:00
|
|
|
* SHA-2 (Use [OpenSSL::Digest](https://crystal-lang.org/api/latest/OpenSSL/Digest.html))
|
|
|
|
|
* HMAC SHA-2 (Use [OpenSSL::HMAC](https://crystal-lang.org/api/latest/OpenSSL/HMAC.html))
|
|
|
|
|
|
2019-06-28 01:19:11 +02:00
|
|
|
## Installation
|
|
|
|
|
|
|
|
|
|
**[Optionally Install libsodium.](https://download.libsodium.org/doc/installation/)**
|
|
|
|
|
A recent version of libsodium is automatically downloaded and compiled if you don't install your own version.
|
|
|
|
|
|
|
|
|
|
Add this to your application's `shard.yml`:
|
|
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
|
dependencies:
|
|
|
|
|
cox:
|
|
|
|
|
github: didactic-drunk/cox
|
|
|
|
|
```
|
|
|
|
|
|
2019-06-28 22:26:31 +02:00
|
|
|
## What should I use for my application?
|
|
|
|
|
|
|
|
|
|
| Class | |
|
|
|
|
|
| --- | --- |
|
|
|
|
|
| `CryptoBox` `Sign` `SecretBox` | I don't know much about crypto. |
|
|
|
|
|
| `Cox::CryptoBox::PrivateKey` | I want to encrypt + authenticate data using public key encryption. |
|
|
|
|
|
| `Cox::Sign::PrivateKey` | I want to sign or verify messages without encryption. |
|
|
|
|
|
| `Cox::SecretBox` | I have a shared key and want to encrypt + authenticate data. |
|
|
|
|
|
| AEAD | I have a shared key and want encrypt + authenticate streamed data. (not implemented yet) |
|
|
|
|
|
| `Cox::Blake2b` | I want to hash data fast and securely. |
|
|
|
|
|
| `Cox::SipHash` | I want to hash data really fast and less securely. (not implemented yet) |
|
|
|
|
|
| `Cox::Pwhash` | I want to hash a password and store it. |
|
|
|
|
|
| `Cox::Pwhash` | I want to derive a key from a password. |
|
|
|
|
|
| `Cox::Kdf` | I have a high quality master key and want to make subkeys. |
|
|
|
|
|
| `Cox::Cipher::Chalsa` | What goes with guacamole? |
|
|
|
|
|
| Everything else | I want to design my own crypto protocol and probably do it wrong. |
|
|
|
|
|
|
|
|
|
|
The `specs` provide the best examples of how to use or misuse this shard.
|
|
|
|
|
|
2017-07-12 05:13:52 +02:00
|
|
|
## Usage
|
|
|
|
|
|
2019-06-28 13:32:16 +02:00
|
|
|
### CryptoBox easy encryption
|
2017-07-12 05:13:52 +02:00
|
|
|
```crystal
|
|
|
|
|
require "cox"
|
|
|
|
|
|
|
|
|
|
data = "Hello World!"
|
|
|
|
|
|
|
|
|
|
# Alice is the sender
|
2019-06-28 13:32:16 +02:00
|
|
|
alice = Cox::CryptoBox::SecretKey.new
|
2017-07-12 05:13:52 +02:00
|
|
|
|
|
|
|
|
# Bob is the recipient
|
2019-06-28 13:32:16 +02:00
|
|
|
bob = Cox::CryptoBox::SecretKey.new
|
|
|
|
|
|
|
|
|
|
# Precompute a shared secret between alice and bob.
|
|
|
|
|
pair = alice.pair bob.public_key
|
2017-07-12 05:13:52 +02:00
|
|
|
|
|
|
|
|
# Encrypt a message for Bob using his public key, signing it with Alice's
|
|
|
|
|
# secret key
|
2019-06-28 13:32:16 +02:00
|
|
|
nonce, encrypted = pair.encrypt data
|
2017-07-12 05:13:52 +02:00
|
|
|
|
2019-06-28 13:32:16 +02:00
|
|
|
# Precompute within a block. The shared secret is wiped when the block exits.
|
|
|
|
|
bob.pair alice.public_key do |pair|
|
|
|
|
|
# Decrypt the message using Bob's secret key, and verify its signature against
|
|
|
|
|
# Alice's public key
|
|
|
|
|
decrypted = Cox.decrypt(encrypted, nonce, alice.public, bob.secret)
|
2017-07-12 05:13:52 +02:00
|
|
|
|
2019-06-28 13:32:16 +02:00
|
|
|
String.new(decrypted) # => "Hello World!"
|
|
|
|
|
end
|
2019-06-19 10:46:42 +02:00
|
|
|
```
|
2018-02-12 08:18:45 +01:00
|
|
|
|
2019-06-27 06:10:42 +02:00
|
|
|
### Public key signing
|
2019-06-19 10:46:42 +02:00
|
|
|
```crystal
|
2018-02-12 08:18:45 +01:00
|
|
|
message = "Hello World!"
|
|
|
|
|
|
2019-06-28 12:30:33 +02:00
|
|
|
secret_key = Cox::Sign::SecretKey.new
|
2018-02-12 08:18:45 +01:00
|
|
|
|
|
|
|
|
# Sign the message
|
2019-06-28 12:30:33 +02:00
|
|
|
signature = secret_key.sign_detached message
|
2018-02-12 08:18:45 +01:00
|
|
|
|
2019-06-28 12:30:33 +02:00
|
|
|
# Send secret_key.public_key to the recipient
|
|
|
|
|
|
|
|
|
|
public_key = Cox::Sign::PublicKey.new key_bytes
|
|
|
|
|
|
|
|
|
|
# raises Cox::Error::VerificationFailed on failure.
|
|
|
|
|
public_key.verify_detached message, signature
|
2017-07-12 05:13:52 +02:00
|
|
|
```
|
|
|
|
|
|
2019-06-27 06:10:42 +02:00
|
|
|
### Secret Key Encryption
|
2019-06-19 10:46:42 +02:00
|
|
|
```crystal
|
2019-06-28 14:20:56 +02:00
|
|
|
key = Cox::SecretKey.new
|
2019-06-19 10:46:42 +02:00
|
|
|
|
|
|
|
|
message = "foobar"
|
|
|
|
|
encrypted, nonce = key.encrypt_easy message
|
|
|
|
|
|
|
|
|
|
# On the other side.
|
|
|
|
|
key = Cox::SecretKey.new key
|
|
|
|
|
message = key.decrypt_easy encrypted, nonce
|
|
|
|
|
```
|
|
|
|
|
|
2019-06-27 06:10:42 +02:00
|
|
|
### Blake2b
|
2019-06-19 10:46:42 +02:00
|
|
|
```crystal
|
|
|
|
|
key = Bytes.new Cox::Blake2B::KEY_SIZE
|
|
|
|
|
salt = Bytes.new Cox::Blake2B::SALT_SIZE
|
|
|
|
|
personal = Bytes.new Cox::Blake2B::PERSONAL_SIZE
|
|
|
|
|
out_size = 64 # bytes between Cox::Blake2B::OUT_SIZE_MIN and Cox::Blake2B::OUT_SIZE_MAX
|
|
|
|
|
data = "data".to_slice
|
|
|
|
|
|
|
|
|
|
# output_size, key, salt, and personal are optional.
|
|
|
|
|
digest = Cox::Blake2b.new out_size, key: key, salt: salt, personal: personal
|
|
|
|
|
digest.update data
|
|
|
|
|
output = d.hexdigest
|
|
|
|
|
|
|
|
|
|
digest.reset # Reuse existing object to hash again.
|
|
|
|
|
digest.update data
|
|
|
|
|
output = d.hexdigest
|
|
|
|
|
```
|
|
|
|
|
|
2019-06-27 06:10:42 +02:00
|
|
|
### Key derivation
|
2019-06-19 10:46:42 +02:00
|
|
|
```crystal
|
2019-05-28 23:31:31 +02:00
|
|
|
kdf = Cox::Kdf.new
|
|
|
|
|
|
2019-06-28 01:52:45 +02:00
|
|
|
# kdf.derive(8_byte_context, subkey_id, subkey_size)
|
|
|
|
|
subkey1 = kdf.derive "context1", 0, 16
|
|
|
|
|
subkey2 = kdf.derive "context1", 1, 16
|
|
|
|
|
subkey3 = kdf.derive "context2", 0, 32
|
|
|
|
|
subkey4 = kdf.derive "context2", 1, 64
|
2019-06-19 10:46:42 +02:00
|
|
|
```
|
|
|
|
|
|
2019-06-27 06:10:42 +02:00
|
|
|
### Password Hashing
|
2019-06-19 10:46:42 +02:00
|
|
|
```crystal
|
|
|
|
|
pwhash = Cox::Pwhash.new
|
|
|
|
|
|
|
|
|
|
pwhash.memlimit = Cox::Pwhash::MEMLIMIT_MIN
|
|
|
|
|
pwhash.opslimit = Cox::Pwhash::OPSLIMIT_MIN
|
|
|
|
|
|
|
|
|
|
pass = "1234"
|
|
|
|
|
hash = pwhash.hash_str pass
|
|
|
|
|
pwhash.verify hash, pass
|
|
|
|
|
```
|
2019-05-28 23:31:31 +02:00
|
|
|
|
2019-06-25 21:40:58 +02:00
|
|
|
Use `examples/pwhash_selector.cr` to help choose ops/mem limits.
|
|
|
|
|
|
|
|
|
|
|
2019-06-27 18:34:23 +02:00
|
|
|
Example output:
|
|
|
|
|
Ops limit →
|
|
|
|
|
|
|
|
|
|
| | 1 | 4 | 16 | 64 | 256 | 1024 | 4096 | 16384 | 65536 | 262144 | 1048576 |
|
|
|
|
|
| -------- | ------- | ------- | ------- | ------- | ------- | ------- | ------- | ------- | ------- | ------- | ------- |
|
|
|
|
|
| 8K | | | | | | | | | | 0.542s | 2.114s |
|
|
|
|
|
| 32K | | | | | | | | | 0.513s | 2.069s |
|
|
|
|
|
| 128K | | | | | | | | 0.530s | 2.121s |
|
|
|
|
|
| 512K | | | | | | | 0.566s | 2.237s |
|
|
|
|
|
| 2048K | | | | | | 0.567s | 2.290s |
|
|
|
|
|
| 8192K | | | | | 0.670s | 2.542s |
|
|
|
|
|
| 32768K | | | | 0.684s | 2.777s |
|
|
|
|
|
| 131072K | | | 0.805s | 3.106s |
|
|
|
|
|
| 524288K | 0.504s | 1.135s | 3.661s |
|
|
|
|
|
| 2097152K | 2.119s |
|
|
|
|
|
| Memory |
|
|
|
|
|
|
2017-07-12 05:13:52 +02:00
|
|
|
## Contributing
|
|
|
|
|
|
2019-06-25 22:19:59 +02:00
|
|
|
1. Fork it ( https://github.com/didactic-drunk/cox/fork )
|
2019-06-28 02:20:02 +02:00
|
|
|
2. **Install a formatting check git hook (ln -sf ../../scripts/git/pre-commit .git/hooks)**
|
|
|
|
|
3. Create your feature branch (git checkout -b my-new-feature)
|
|
|
|
|
4. Commit your changes (git commit -am 'Add some feature')
|
|
|
|
|
5. Push to the branch (git push origin my-new-feature)
|
|
|
|
|
6. Create a new Pull Request
|
2017-07-12 05:13:52 +02:00
|
|
|
|
|
|
|
|
## Contributors
|
|
|
|
|
|
2019-06-25 22:19:59 +02:00
|
|
|
- [andrewhamon](https://github.com/andrewhamon) Andrew Hamon - creator, former maintainer
|
2018-02-12 08:18:45 +01:00
|
|
|
- [dorkrawk](https://github.com/dorkrawk) Dave Schwantes - contributor
|
2019-06-25 22:19:59 +02:00
|
|
|
- [didactic-drunk](https://github.com/didactic-drunk) - current maintainer
|
