Add Documentation.

master
Didactic Drunk 2019-08-06 04:09:08 -07:00
parent fde955c509
commit 31c3ead851
8 changed files with 29 additions and 5 deletions

View File

@ -14,17 +14,17 @@ ebufs1 = sizes.map { |size| Bytes.new(size + Sodium::CryptoBox::MAC_SIZE) }.to_a
dbufs2 = sizes.map { |size| Bytes.new(size) }.to_a dbufs2 = sizes.map { |size| Bytes.new(size) }.to_a
ebufs2 = sizes.map { |size| Bytes.new(size + Sodium::CryptoBox::PublicKey::SEAL_SIZE) }.to_a ebufs2 = sizes.map { |size| Bytes.new(size + Sodium::CryptoBox::PublicKey::SEAL_SIZE) }.to_a
Benchmark.ips do |bm| Benchmark.ips warmup: 0.5 do |bm|
sizes.each_with_index do |size, i| sizes.each_with_index do |size, i|
dbuf = dbufs1[i] dbuf = dbufs1[i]
ebuf = ebufs1[i] ebuf = ebufs1[i]
bm.report "box encrypt #{size}" do bm.report "box encrypt #{size}" do
to_alice.encrypt_easy dbuf, ebuf, nonce: nonce to_alice.encrypt dbuf, ebuf, nonce: nonce
end end
bm.report "box decrypt #{size}" do bm.report "box decrypt #{size}" do
from_bob.decrypt_easy ebuf, dbuf, nonce: nonce from_bob.decrypt ebuf, dbuf, nonce: nonce
end end
end end

View File

@ -17,21 +17,30 @@ module Sodium
# TODO: precompute using crypto_box_beforenm # TODO: precompute using crypto_box_beforenm
end end
# Encrypts data and returns {ciphertext, nonce}
def encrypt(src) def encrypt(src)
encrypt src.to_slice encrypt src.to_slice
end end
def encrypt(src : Bytes, dst = Bytes.new(src.bytesize + MAC_SIZE), nonce = Nonce.new) # Encrypts data and returns {ciphertext, nonce}
#
# Optionally supply a destination buffer.
def encrypt(src : Bytes, dst = Bytes.new(src.bytesize + MAC_SIZE), nonce = Nonce.new) : {Bytes, Nonce}
if LibSodium.crypto_box_easy(dst, src, src.bytesize, nonce.to_slice, @public_key.to_slice, @secret_key.to_slice) != 0 if LibSodium.crypto_box_easy(dst, src, src.bytesize, nonce.to_slice, @public_key.to_slice, @secret_key.to_slice) != 0
raise Error.new("crypto_box_easy") raise Error.new("crypto_box_easy")
end end
{dst, nonce} {dst, nonce}
end end
# Returns decrypted message.
#
def decrypt(src) def decrypt(src)
decrypt src.to_slice decrypt src.to_slice
end end
# Returns decrypted message.
#
# Optionally supply a destination buffer.
def decrypt(src : Bytes, dst = Bytes.new(src.bytesize - MAC_SIZE), nonce = Nonce.new) : Bytes def decrypt(src : Bytes, dst = Bytes.new(src.bytesize - MAC_SIZE), nonce = Nonce.new) : Bytes
if LibSodium.crypto_box_open_easy(dst, src, src.bytesize, nonce.to_slice, @public_key.to_slice, @secret_key.to_slice) != 0 if LibSodium.crypto_box_open_easy(dst, src, src.bytesize, nonce.to_slice, @public_key.to_slice, @secret_key.to_slice) != 0
raise Error::DecryptionFailed.new("crypto_box_open_easy") raise Error::DecryptionFailed.new("crypto_box_open_easy")

View File

@ -6,6 +6,7 @@ class Sodium::CryptoBox
KEY_SIZE = LibSodium.crypto_box_publickeybytes.to_i KEY_SIZE = LibSodium.crypto_box_publickeybytes.to_i
SEAL_SIZE = LibSodium.crypto_box_sealbytes SEAL_SIZE = LibSodium.crypto_box_sealbytes
# Returns key
delegate to_slice, to: @bytes delegate to_slice, to: @bytes
# :nodoc: # :nodoc:

View File

@ -14,6 +14,7 @@ class Sodium::CryptoBox
getter public_key : PublicKey getter public_key : PublicKey
# Returns key
delegate to_slice, to: @sbuf delegate to_slice, to: @sbuf
@seed : SecureBuffer? @seed : SecureBuffer?

View File

@ -283,6 +283,7 @@ module Sodium
end end
module Sodium module Sodium
# Constant time memory compare.
def self.memcmp(a : Bytes, b : Bytes) : Bool def self.memcmp(a : Bytes, b : Bytes) : Bool
if a.bytesize != b.bytesize if a.bytesize != b.bytesize
false false
@ -293,6 +294,7 @@ module Sodium
end end
end end
# Constant time memory compare.
# Raises unless comparison succeeds. # Raises unless comparison succeeds.
def self.memcmp!(a, b) def self.memcmp!(a, b)
raise Error::MemcmpFailed.new unless memcmp(a, b) raise Error::MemcmpFailed.new unless memcmp(a, b)

View File

@ -20,6 +20,7 @@ module Sodium
NONCE_SIZE = LibSodium.crypto_secretbox_noncebytes.to_i NONCE_SIZE = LibSodium.crypto_secretbox_noncebytes.to_i
MAC_SIZE = LibSodium.crypto_secretbox_macbytes.to_i MAC_SIZE = LibSodium.crypto_secretbox_macbytes.to_i
# Returns key
delegate to_slice, to: @buf delegate to_slice, to: @buf
# Generate a new random key held in a SecureBuffer. # Generate a new random key held in a SecureBuffer.
@ -37,7 +38,7 @@ module Sodium
# Copy bytes to a new SecureBuffer # Copy bytes to a new SecureBuffer
# #
# Optionally erases bytes after copying if erase is set # Optionally erases bytes after copying if erase is set.
def initialize(bytes : Bytes, erase = false) def initialize(bytes : Bytes, erase = false)
if bytes.bytesize != KEY_SIZE if bytes.bytesize != KEY_SIZE
raise ArgumentError.new("Secret key must be #{KEY_SIZE} bytes, got #{bytes.bytesize}") raise ArgumentError.new("Secret key must be #{KEY_SIZE} bytes, got #{bytes.bytesize}")
@ -45,10 +46,14 @@ module Sodium
@buf = SecureBuffer.new bytes, erase: erase @buf = SecureBuffer.new bytes, erase: erase
end end
# Encrypts data and returns {ciphertext, nonce}
def encrypt(data) def encrypt(data)
encrypt data.to_slice encrypt data.to_slice
end end
# Encrypts data and returns {ciphertext, nonce}
#
# Optionally supply a destination buffer.
def encrypt(src : Bytes, dst : Bytes = Bytes.new(src.bytesize + MAC_SIZE), nonce : Nonce = Nonce.new) : {Bytes, Nonce} def encrypt(src : Bytes, dst : Bytes = Bytes.new(src.bytesize + MAC_SIZE), nonce : Nonce = Nonce.new) : {Bytes, Nonce}
if dst.bytesize != (src.bytesize + MAC_SIZE) if dst.bytesize != (src.bytesize + MAC_SIZE)
raise ArgumentError.new("dst.bytesize must be src.bytesize + MAC_SIZE, got #{dst.bytesize}") raise ArgumentError.new("dst.bytesize must be src.bytesize + MAC_SIZE, got #{dst.bytesize}")
@ -59,6 +64,7 @@ module Sodium
{dst, nonce} {dst, nonce}
end end
# Returns decrypted message.
def decrypt(src : Bytes, nonce : Nonce) : Bytes def decrypt(src : Bytes, nonce : Nonce) : Bytes
dst_size = src.bytesize - MAC_SIZE dst_size = src.bytesize - MAC_SIZE
raise Sodium::Error::DecryptionFailed.new("encrypted data too small #{src.bytesize}") if dst_size <= 0 raise Sodium::Error::DecryptionFailed.new("encrypted data too small #{src.bytesize}") if dst_size <= 0
@ -66,6 +72,9 @@ module Sodium
decrypt(src, dst, nonce) decrypt(src, dst, nonce)
end end
# Returns decrypted message.
#
# Optionally supply a destination buffer.
def decrypt(src : Bytes, dst : Bytes, nonce : Nonce) : Bytes def decrypt(src : Bytes, dst : Bytes, nonce : Nonce) : Bytes
if dst.bytesize != (src.bytesize - MAC_SIZE) if dst.bytesize != (src.bytesize - MAC_SIZE)
raise ArgumentError.new("dst.bytesize must be src.bytesize - MAC_SIZE, got #{dst.bytesize}") raise ArgumentError.new("dst.bytesize must be src.bytesize - MAC_SIZE, got #{dst.bytesize}")

View File

@ -5,6 +5,7 @@ module Sodium
KEY_SIZE = LibSodium.crypto_sign_publickeybytes.to_i KEY_SIZE = LibSodium.crypto_sign_publickeybytes.to_i
SIG_SIZE = LibSodium.crypto_sign_bytes.to_i SIG_SIZE = LibSodium.crypto_sign_bytes.to_i
# Returns key
delegate to_slice, to: @bytes delegate to_slice, to: @bytes
# :nodoc: # :nodoc:

View File

@ -20,6 +20,7 @@ module Sodium
getter public_key : PublicKey getter public_key : PublicKey
# Returns key
delegate to_slice, to: @sbuf delegate to_slice, to: @sbuf
@seed : SecureBuffer? @seed : SecureBuffer?