Version 0.9.0

Rearrange CryptoBox.
Move Sodium::Error to it's own file.
Requiring individual files is now possible.
Individual require now possible.
This commit is contained in:
Didactic Drunk 2019-07-01 06:24:26 -07:00
parent 7dcaeb1332
commit 92ac0ef6d4
22 changed files with 67 additions and 24 deletions

View File

@ -31,7 +31,7 @@ Crystal bindings for the [libsodium API](https://libsodium.gitbook.io/doc/)
- [ ] ChaCha20-Poly1305 - [ ] ChaCha20-Poly1305
- [Hashing](https://libsodium.gitbook.io/doc/hashing) - [Hashing](https://libsodium.gitbook.io/doc/hashing)
- [x] ☑ [Blake2b](https://libsodium.gitbook.io/doc/hashing/generic_hashing) - [x] ☑ [Blake2b](https://libsodium.gitbook.io/doc/hashing/generic_hashing)
- [x] Complete implementation including `key`, `salt`, `personal` and fully selectable output sizes. - [x] Complete libsodium implementation including `key`, `salt`, `personal` and fully selectable output sizes.
- [ ] [SipHash](https://libsodium.gitbook.io/doc/hashing/short-input_hashing) - [ ] [SipHash](https://libsodium.gitbook.io/doc/hashing/short-input_hashing)
- [Password Hashing](https://libsodium.gitbook.io/doc/password_hashing) - [Password Hashing](https://libsodium.gitbook.io/doc/password_hashing)
- [x] [Argon2](https://libsodium.gitbook.io/doc/password_hashing/the_argon2i_function) (Use for new applications) - [x] [Argon2](https://libsodium.gitbook.io/doc/password_hashing/the_argon2i_function) (Use for new applications)
@ -48,7 +48,10 @@ Crystal bindings for the [libsodium API](https://libsodium.gitbook.io/doc/)
- [x] ChaCha20 - [x] ChaCha20
- [ ] [One time auth](https://libsodium.gitbook.io/doc/advanced/poly1305) - [ ] [One time auth](https://libsodium.gitbook.io/doc/advanced/poly1305)
- [ ] Padding - [ ] Padding
- (Partial) Semi-automatic memory wiping. - Library features
- Faster builds by requiring what you need (`require "sodium/secret_box"`)
- Controlled memory wiping (by calling `.close`)
- Semi-automatic memory wiping (on GC).
☑ Indicate specs are compared against test vectors from another source. ☑ Indicate specs are compared against test vectors from another source.

View File

@ -1,5 +1,7 @@
require "../src/sodium" require "../src/sodium"
# Print most constant values.
{% for name in %w(KEY_SIZE KEY_SIZE_MIN KEY_SIZE_MAX SALT_SIZE PERSONAL_SIZE OUT_SIZE OUT_SIZE_MIN OUT_SIZE_MAX) %} {% for name in %w(KEY_SIZE KEY_SIZE_MIN KEY_SIZE_MAX SALT_SIZE PERSONAL_SIZE OUT_SIZE OUT_SIZE_MIN OUT_SIZE_MAX) %}
puts "Sodium::Digest::Blake2b::{{ name.id }} #{Sodium::Digest::Blake2b::{{ name.id }}}" puts "Sodium::Digest::Blake2b::{{ name.id }} #{Sodium::Digest::Blake2b::{{ name.id }}}"
{% end %} {% end %}

View File

@ -1,8 +1,9 @@
name: sodium name: sodium
version: 0.1.0 version: 0.9.0
authors: authors:
- Andrew Hamon <andrew@hamon.cc> - Andrew Hamon <andrew@hamon.cc>
- Didactic Drunk <1479616+didactic-drunk@users.noreply.github.com>
development_dependencies: development_dependencies:
ghshard: ghshard:

View File

@ -1,4 +1,5 @@
require "../../spec_helper" require "../../spec_helper"
require "../../../src/sodium/crypto_box/secret_key"
private def new_key_bytes private def new_key_bytes
Sodium::CryptoBox::SecretKey.new.bytes Sodium::CryptoBox::SecretKey.new.bytes

View File

@ -1,4 +1,5 @@
require "../../spec_helper" require "../../spec_helper"
require "../../../src/sodium/digest/blake2b"
require "json" require "json"
# From https://github.com/BLAKE2/BLAKE2/tree/master/testvectors # From https://github.com/BLAKE2/BLAKE2/tree/master/testvectors

View File

@ -1,4 +1,5 @@
require "../spec_helper" require "../spec_helper"
require "../../src/sodium/kdf"
CONTEXT = "8_bytess" CONTEXT = "8_bytess"

View File

@ -1,4 +1,5 @@
require "../spec_helper" require "../spec_helper"
require "../../src/sodium/pwhash"
private def pw_min private def pw_min
pwhash = Sodium::Pwhash.new pwhash = Sodium::Pwhash.new

View File

@ -1,4 +1,5 @@
require "../spec_helper" require "../spec_helper"
require "../../src/sodium/secret_box"
describe Sodium::SecretBox do describe Sodium::SecretBox do
it "encrypts/decrypts" do it "encrypts/decrypts" do

View File

@ -1,4 +1,5 @@
require "./spec_helper" require "./spec_helper"
require "../src/sodium"
describe Sodium do describe Sodium do
# Finished in 71 microseconds # Finished in 71 microseconds

View File

@ -1,5 +1,6 @@
require "spec" require "spec"
require "../src/sodium"
# require "../src/sodium"
def check_wiped(buf : Bytes) def check_wiped(buf : Bytes)
GC.collect GC.collect

View File

@ -1,17 +1,4 @@
require "random/secure"
module Sodium module Sodium
class Error < ::Exception
class VerificationFailed < Error
end
class DecryptionFailed < Error
end
end
def self.memzero(bytes : Bytes)
LibSodium.sodium_memzero bytes, bytes.bytesize
end
end end
require "./sodium/**" require "./sodium/**"

View File

@ -1,10 +1,16 @@
require "../lib_sodium" require "../lib_sodium"
require "../wipe"
module Sodium::Cipher module Sodium::Cipher
# The great beat you can eat! # The great beat you can eat!
# #
# What? They're both dance? # What? They're both dance?
#
# WARNING: This class takes ownership of any key material passed to it.
#
# WARNING: Not validated against test vectors. You should probably write some before using.
abstract class Chalsa abstract class Chalsa
@[Wipe::Var]
@key : Bytes? @key : Bytes?
@nonce : Bytes? @nonce : Bytes?

View File

@ -1,7 +1,9 @@
require "../lib_sodium" require "./lib_sodium"
require "./wipe"
require "./crypto_box/secret_key"
module Sodium::CryptoBox module Sodium
class Box class CryptoBox
include Wipe include Wipe
MAC_SIZE = LibSodium.crypto_box_macbytes MAC_SIZE = LibSodium.crypto_box_macbytes
@ -25,6 +27,10 @@ module Sodium::CryptoBox
{nonce, dst} {nonce, dst}
end end
def decrypt_easy(src)
decrypt_easy src.to_slice
end
def decrypt_easy(src : Bytes, dst = Bytes.new(src.bytesize - MAC_SIZE), nonce = Nonce.new) : Bytes def decrypt_easy(src : Bytes, dst = Bytes.new(src.bytesize - MAC_SIZE), nonce = Nonce.new) : Bytes
if LibSodium.crypto_box_open_easy(dst, src, src.bytesize, nonce.to_slice, @public_key.to_slice, @secret_key.to_slice) != 0 if LibSodium.crypto_box_open_easy(dst, src, src.bytesize, nonce.to_slice, @public_key.to_slice, @secret_key.to_slice) != 0
raise Error::DecryptionFailed.new("crypto_box_open_easy") raise Error::DecryptionFailed.new("crypto_box_open_easy")

View File

@ -1,6 +1,7 @@
require "../lib_sodium" require "../lib_sodium"
require "../key"
module Sodium::CryptoBox class Sodium::CryptoBox
class PublicKey < Key class PublicKey < Key
KEY_SIZE = LibSodium.crypto_box_publickeybytes KEY_SIZE = LibSodium.crypto_box_publickeybytes
SEAL_SIZE = LibSodium.crypto_box_sealbytes SEAL_SIZE = LibSodium.crypto_box_sealbytes

View File

@ -1,6 +1,9 @@
require "../lib_sodium" require "../lib_sodium"
require "../key"
require "./public_key"
require "../crypto_box"
module Sodium::CryptoBox class Sodium::CryptoBox
# Key used for encryption + authentication or encryption without authentication, not for unencrypted signing. # Key used for encryption + authentication or encryption without authentication, not for unencrypted signing.
# #
# WARNING: This class takes ownership of any key material passed to it. # WARNING: This class takes ownership of any key material passed to it.
@ -53,8 +56,8 @@ module Sodium::CryptoBox
end end
# Return a Box containing a precomputed shared secret for use with authenticated encryption/decryption. # Return a Box containing a precomputed shared secret for use with authenticated encryption/decryption.
def box(public_key) : Box def box(public_key) : CryptoBox
Box.new self, public_key CryptoBox.new self, public_key
end end
# Create a new box and automatically close when the block exits. # Create a new box and automatically close when the block exits.

View File

@ -1,3 +1,5 @@
require "../lib_sodium"
require "../wipe"
require "openssl/digest/digest_base" require "openssl/digest/digest_base"
module Sodium::Digest module Sodium::Digest

11
src/sodium/error.cr Normal file
View File

@ -0,0 +1,11 @@
require "random/secure"
module Sodium
class Error < ::Exception
class VerificationFailed < Error
end
class DecryptionFailed < Error
end
end
end

View File

@ -1,3 +1,6 @@
require "random/secure"
require "./error"
module Sodium module Sodium
@[Link(ldflags: "`#{__DIR__}/../../build/pkg-libs.sh #{__DIR__}/../..`")] @[Link(ldflags: "`#{__DIR__}/../../build/pkg-libs.sh #{__DIR__}/../..`")]
lib LibSodium lib LibSodium

View File

@ -1,3 +1,5 @@
require "./lib_sodium"
module Sodium module Sodium
# [Argon2 Password Hashing](https://libsodium.gitbook.io/doc/password_hashing/the_argon2i_function) # [Argon2 Password Hashing](https://libsodium.gitbook.io/doc/password_hashing/the_argon2i_function)
# * #store #verify #needs_rehash? are used together for password verification. # * #store #verify #needs_rehash? are used together for password verification.

View File

@ -1,4 +1,5 @@
require "./lib_sodium" require "./lib_sodium"
require "./key"
module Sodium module Sodium
# [https://libsodium.gitbook.io/doc/secret-key_cryptography](https://libsodium.gitbook.io/doc/secret-key_cryptography) # [https://libsodium.gitbook.io/doc/secret-key_cryptography](https://libsodium.gitbook.io/doc/secret-key_cryptography)

View File

@ -1,4 +1,6 @@
require "../lib_sodium" require "../lib_sodium"
require "../key"
require "./public_key"
module Sodium module Sodium
# Key used for signing/verification only. # Key used for signing/verification only.

View File

@ -1,3 +1,9 @@
module Sodium
def self.memzero(bytes : Bytes)
LibSodium.sodium_memzero bytes, bytes.bytesize
end
end
module Sodium::Wipe module Sodium::Wipe
annotation Var annotation Var
end end