Initial commit
This commit is contained in:
commit
2a69e4f15c
7
.editorconfig
Normal file
7
.editorconfig
Normal file
@ -0,0 +1,7 @@
|
||||
[*.cr]
|
||||
charset = utf-8
|
||||
end_of_line = lf
|
||||
insert_final_newline = true
|
||||
indent_style = space
|
||||
indent_size = 2
|
||||
trim_trailing_whitespace = true
|
8
.gitignore
vendored
Normal file
8
.gitignore
vendored
Normal file
@ -0,0 +1,8 @@
|
||||
/doc/
|
||||
/lib/
|
||||
/bin/
|
||||
/.shards/
|
||||
|
||||
# Libraries don't need dependency lock
|
||||
# Dependencies will be locked in application that uses them
|
||||
/shard.lock
|
1
.travis.yml
Normal file
1
.travis.yml
Normal file
@ -0,0 +1 @@
|
||||
language: crystal
|
21
LICENSE
Normal file
21
LICENSE
Normal file
@ -0,0 +1,21 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2017 Andrew Hamon
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in
|
||||
all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
THE SOFTWARE.
|
52
README.md
Normal file
52
README.md
Normal file
@ -0,0 +1,52 @@
|
||||
# cox
|
||||
|
||||
Crystal bindings for the [libsodium box API](https://download.libsodium.org/doc/public-key_cryptography/authenticated_encryption.html)
|
||||
|
||||
Given a recipients public key, you can encrypt and sign a message for them. Upon
|
||||
receipt, they can decrypt and authenticate the message as having come from you.
|
||||
|
||||
## Installation
|
||||
|
||||
Add this to your application's `shard.yml`:
|
||||
|
||||
```yaml
|
||||
dependencies:
|
||||
cox:
|
||||
github: andrewhamon/cox
|
||||
```
|
||||
|
||||
## Usage
|
||||
|
||||
```crystal
|
||||
require "cox"
|
||||
|
||||
data = "Hello World!"
|
||||
|
||||
# Alice is the sender
|
||||
alice = Cox::KeyPair.new
|
||||
|
||||
# Bob is the recipient
|
||||
bob = Cox::KeyPair.new
|
||||
|
||||
# Encrypt a message for Bob using his public key, signing it with Alice's
|
||||
# secret key
|
||||
nonce, encrypted = Cox.encrypt(data, bob.public, alice.secret)
|
||||
|
||||
# Decrypt the message using Bob's secret key, and verify its signature against
|
||||
# Alice's public key
|
||||
decrypted = Cox.decrypt(encrypted, nonce, alice.public, bob.secret)
|
||||
|
||||
String.new(decrypted) # => "Hello World!"
|
||||
```
|
||||
|
||||
## Contributing
|
||||
|
||||
1. Fork it ( https://github.com/andrewhamon/cox/fork )
|
||||
2. Create your feature branch (git checkout -b my-new-feature)
|
||||
3. Commit your changes (git commit -am 'Add some feature')
|
||||
4. Push to the branch (git push origin my-new-feature)
|
||||
5. Create a new Pull Request
|
||||
|
||||
## Contributors
|
||||
|
||||
- [andrewhamon](https://github.com/andrewhamon) Andrew Hamon - creator, maintainer
|
9
shard.yml
Normal file
9
shard.yml
Normal file
@ -0,0 +1,9 @@
|
||||
name: cox
|
||||
version: 0.1.0
|
||||
|
||||
authors:
|
||||
- Andrew Hamon <andrew@hamon.cc>
|
||||
|
||||
crystal: 0.23.0
|
||||
|
||||
license: MIT
|
25
spec/cox_spec.cr
Normal file
25
spec/cox_spec.cr
Normal file
@ -0,0 +1,25 @@
|
||||
require "./spec_helper"
|
||||
|
||||
describe Cox do
|
||||
# TODO: Write tests
|
||||
|
||||
it "works" do
|
||||
data = "Hello World!"
|
||||
|
||||
# Alice is the sender
|
||||
alice = Cox::KeyPair.new
|
||||
|
||||
# Bob is the recipient
|
||||
bob = Cox::KeyPair.new
|
||||
|
||||
# Encrypt a message for Bob using his public key, signing it with Alice's
|
||||
# secret key
|
||||
nonce, encrypted = Cox.encrypt(data, bob.public, alice.secret)
|
||||
|
||||
# Decrypt the message using Bob's secret key, and verify its signature against
|
||||
# Alice's public key
|
||||
decrypted = Cox.decrypt(encrypted, nonce, alice.public, bob.secret)
|
||||
|
||||
String.new(decrypted).should eq(data)
|
||||
end
|
||||
end
|
2
spec/spec_helper.cr
Normal file
2
spec/spec_helper.cr
Normal file
@ -0,0 +1,2 @@
|
||||
require "spec"
|
||||
require "../src/cox"
|
30
src/cox.cr
Normal file
30
src/cox.cr
Normal file
@ -0,0 +1,30 @@
|
||||
require "./cox/*"
|
||||
require "secure_random"
|
||||
|
||||
module Cox
|
||||
def self.encrypt(data, nonce : Nonce, recipient_public_key : PublicKey, sender_secret_key : SecretKey)
|
||||
data_buffer = data.to_slice
|
||||
data_size = data_buffer.bytesize
|
||||
output_buffer = Bytes.new(data_buffer.bytesize + LibSodium::MAC_BYTES)
|
||||
LibSodium.crypto_box_easy(output_buffer.to_unsafe, data_buffer, data_size, nonce.pointer, recipient_public_key.pointer, sender_secret_key.pointer)
|
||||
output_buffer
|
||||
end
|
||||
|
||||
def self.encrypt(data, recipient_public_key : PublicKey, sender_secret_key : SecretKey)
|
||||
nonce = Nonce.new
|
||||
{nonce, encrypt(data, nonce, recipient_public_key, sender_secret_key)}
|
||||
end
|
||||
|
||||
def self.decrypt(data, nonce : Nonce, sender_public_key : PublicKey, recipient_secret_key : SecretKey)
|
||||
data_buffer = data.to_slice
|
||||
data_size = data_buffer.bytesize
|
||||
output_buffer = Bytes.new(data_buffer.bytesize - LibSodium::MAC_BYTES)
|
||||
LibSodium.crypto_box_open_easy(output_buffer.to_unsafe, data_buffer.to_unsafe, data_size, nonce.pointer, sender_public_key.pointer, recipient_secret_key.pointer)
|
||||
output_buffer
|
||||
end
|
||||
end
|
||||
|
||||
if Cox::LibSodium.sodium_init() == -1
|
||||
STDERR.puts("Failed to init libsodium")
|
||||
exit(1)
|
||||
end
|
21
src/cox/key.cr
Normal file
21
src/cox/key.cr
Normal file
@ -0,0 +1,21 @@
|
||||
module Cox
|
||||
abstract class Key
|
||||
abstract def bytes
|
||||
|
||||
def pointer
|
||||
bytes.to_unsafe
|
||||
end
|
||||
|
||||
def pointer(size)
|
||||
bytes.pointer(size)
|
||||
end
|
||||
|
||||
def to_base64
|
||||
Base64.encode(bytes)
|
||||
end
|
||||
|
||||
def self.from_base64(encoded_key)
|
||||
new(Base64.decode(encoded_key))
|
||||
end
|
||||
end
|
||||
end
|
25
src/cox/key_pair.cr
Normal file
25
src/cox/key_pair.cr
Normal file
@ -0,0 +1,25 @@
|
||||
require "./lib_sodium"
|
||||
|
||||
|
||||
module Cox
|
||||
class KeyPair
|
||||
property public : PublicKey
|
||||
property secret : SecretKey
|
||||
|
||||
def initialize(@public, @secret)
|
||||
end
|
||||
|
||||
def self.new(pub : Bytes, sec : Bytes)
|
||||
new(PublicKey.new(pub), SecretKey.new(sec))
|
||||
end
|
||||
|
||||
def self.new
|
||||
public_key = Bytes.new(PublicKey::KEY_LENGTH)
|
||||
secret_key = Bytes.new(SecretKey::KEY_LENGTH)
|
||||
|
||||
LibSodium.crypto_box_keypair(public_key.to_unsafe, secret_key.to_unsafe)
|
||||
|
||||
new(public_key, secret_key)
|
||||
end
|
||||
end
|
||||
end
|
39
src/cox/lib_sodium.cr
Normal file
39
src/cox/lib_sodium.cr
Normal file
@ -0,0 +1,39 @@
|
||||
module Cox
|
||||
@[Link("sodium")]
|
||||
lib LibSodium
|
||||
fun sodium_init() : LibC::Int
|
||||
|
||||
fun crypto_box_publickeybytes() : LibC::SizeT
|
||||
fun crypto_box_secretkeybytes() : LibC::SizeT
|
||||
fun crypto_box_noncebytes() : LibC::SizeT
|
||||
fun crypto_box_macbytes() : LibC::SizeT
|
||||
|
||||
PUBLIC_KEY_BYTES = crypto_box_publickeybytes()
|
||||
SECRET_KEY_BYTES = crypto_box_secretkeybytes()
|
||||
NONCE_BYTES = crypto_box_macbytes()
|
||||
MAC_BYTES = crypto_box_macbytes()
|
||||
|
||||
fun crypto_box_keypair(
|
||||
public_key_output : Pointer(LibC::UChar),
|
||||
secret_key_output : Pointer(LibC::UChar)
|
||||
)
|
||||
|
||||
fun crypto_box_easy(
|
||||
output : Pointer(LibC::UChar),
|
||||
data : Pointer(LibC::UChar),
|
||||
data_size : LibC::ULongLong,
|
||||
nonce : Pointer(LibC::UChar),
|
||||
recipient_public_key : Pointer(LibC::UChar),
|
||||
sender_secret_key : Pointer(LibC::UChar)
|
||||
) : LibC::Int
|
||||
|
||||
fun crypto_box_open_easy(
|
||||
output : Pointer(LibC::UChar),
|
||||
data : Pointer(LibC::UChar),
|
||||
data_size : LibC::ULongLong,
|
||||
nonce : Pointer(LibC::UChar),
|
||||
sender_public_key : Pointer(LibC::UChar),
|
||||
recipient_secret_key : Pointer(LibC::UChar)
|
||||
) : LibC::Int
|
||||
end
|
||||
end
|
28
src/cox/nonce.cr
Normal file
28
src/cox/nonce.cr
Normal file
@ -0,0 +1,28 @@
|
||||
require "./lib_sodium"
|
||||
require "secure_random"
|
||||
|
||||
module Cox
|
||||
class Nonce
|
||||
property bytes : Bytes
|
||||
|
||||
NONCE_LENGTH = LibSodium::NONCE_BYTES
|
||||
|
||||
def initialize(@bytes : Bytes)
|
||||
if bytes.bytesize != NONCE_LENGTH
|
||||
raise ArgumentError.new("Nonce must be #{NONCE_LENGTH} bytes, got #{bytes.bytesize}")
|
||||
end
|
||||
end
|
||||
|
||||
def self.new
|
||||
new(SecureRandom.random_bytes(NONCE_LENGTH))
|
||||
end
|
||||
|
||||
def pointer
|
||||
bytes.to_unsafe
|
||||
end
|
||||
|
||||
def pointer(size)
|
||||
bytes.pointer(size)
|
||||
end
|
||||
end
|
||||
end
|
15
src/cox/public_key.cr
Normal file
15
src/cox/public_key.cr
Normal file
@ -0,0 +1,15 @@
|
||||
require "./lib_sodium"
|
||||
|
||||
module Cox
|
||||
class PublicKey < Key
|
||||
property bytes : Bytes
|
||||
|
||||
KEY_LENGTH = LibSodium::PUBLIC_KEY_BYTES
|
||||
|
||||
def initialize(@bytes : Bytes)
|
||||
if bytes.bytesize != KEY_LENGTH
|
||||
raise ArgumentError.new("Public key must be #{KEY_LENGTH} bytes, got #{bytes.bytesize}")
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
15
src/cox/secret_key.cr
Normal file
15
src/cox/secret_key.cr
Normal file
@ -0,0 +1,15 @@
|
||||
require "./lib_sodium"
|
||||
|
||||
module Cox
|
||||
class SecretKey < Key
|
||||
property bytes : Bytes
|
||||
|
||||
KEY_LENGTH = LibSodium::SECRET_KEY_BYTES
|
||||
|
||||
def initialize(@bytes : Bytes)
|
||||
if bytes.bytesize != KEY_LENGTH
|
||||
raise ArgumentError.new("Secret key must be #{KEY_LENGTH} bytes, got #{bytes.bytesize}")
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
3
src/cox/version.cr
Normal file
3
src/cox/version.cr
Normal file
@ -0,0 +1,3 @@
|
||||
module Cox
|
||||
VERSION = "0.1.0"
|
||||
end
|
Loading…
Reference in New Issue
Block a user