Version 0.9.0
Rearrange CryptoBox. Move Sodium::Error to it's own file. Requiring individual files is now possible. Individual require now possible.
This commit is contained in:
parent
7dcaeb1332
commit
92ac0ef6d4
@ -31,7 +31,7 @@ Crystal bindings for the [libsodium API](https://libsodium.gitbook.io/doc/)
|
||||
- [ ] ChaCha20-Poly1305
|
||||
- [Hashing](https://libsodium.gitbook.io/doc/hashing)
|
||||
- [x] ☑ [Blake2b](https://libsodium.gitbook.io/doc/hashing/generic_hashing)
|
||||
- [x] Complete implementation including `key`, `salt`, `personal` and fully selectable output sizes.
|
||||
- [x] Complete libsodium implementation including `key`, `salt`, `personal` and fully selectable output sizes.
|
||||
- [ ] [SipHash](https://libsodium.gitbook.io/doc/hashing/short-input_hashing)
|
||||
- [Password Hashing](https://libsodium.gitbook.io/doc/password_hashing)
|
||||
- [x] [Argon2](https://libsodium.gitbook.io/doc/password_hashing/the_argon2i_function) (Use for new applications)
|
||||
@ -48,7 +48,10 @@ Crystal bindings for the [libsodium API](https://libsodium.gitbook.io/doc/)
|
||||
- [x] ChaCha20
|
||||
- [ ] [One time auth](https://libsodium.gitbook.io/doc/advanced/poly1305)
|
||||
- [ ] Padding
|
||||
- (Partial) Semi-automatic memory wiping.
|
||||
- Library features
|
||||
- Faster builds by requiring what you need (`require "sodium/secret_box"`)
|
||||
- Controlled memory wiping (by calling `.close`)
|
||||
- Semi-automatic memory wiping (on GC).
|
||||
|
||||
☑ Indicate specs are compared against test vectors from another source.
|
||||
|
||||
|
@ -1,5 +1,7 @@
|
||||
require "../src/sodium"
|
||||
|
||||
# Print most constant values.
|
||||
|
||||
{% for name in %w(KEY_SIZE KEY_SIZE_MIN KEY_SIZE_MAX SALT_SIZE PERSONAL_SIZE OUT_SIZE OUT_SIZE_MIN OUT_SIZE_MAX) %}
|
||||
puts "Sodium::Digest::Blake2b::{{ name.id }} #{Sodium::Digest::Blake2b::{{ name.id }}}"
|
||||
{% end %}
|
||||
|
@ -1,8 +1,9 @@
|
||||
name: sodium
|
||||
version: 0.1.0
|
||||
version: 0.9.0
|
||||
|
||||
authors:
|
||||
- Andrew Hamon <andrew@hamon.cc>
|
||||
- Didactic Drunk <1479616+didactic-drunk@users.noreply.github.com>
|
||||
|
||||
development_dependencies:
|
||||
ghshard:
|
||||
|
@ -1,4 +1,5 @@
|
||||
require "../../spec_helper"
|
||||
require "../../../src/sodium/crypto_box/secret_key"
|
||||
|
||||
private def new_key_bytes
|
||||
Sodium::CryptoBox::SecretKey.new.bytes
|
||||
|
@ -1,4 +1,5 @@
|
||||
require "../../spec_helper"
|
||||
require "../../../src/sodium/digest/blake2b"
|
||||
require "json"
|
||||
|
||||
# From https://github.com/BLAKE2/BLAKE2/tree/master/testvectors
|
||||
|
@ -1,4 +1,5 @@
|
||||
require "../spec_helper"
|
||||
require "../../src/sodium/kdf"
|
||||
|
||||
CONTEXT = "8_bytess"
|
||||
|
||||
|
@ -1,4 +1,5 @@
|
||||
require "../spec_helper"
|
||||
require "../../src/sodium/pwhash"
|
||||
|
||||
private def pw_min
|
||||
pwhash = Sodium::Pwhash.new
|
||||
|
@ -1,4 +1,5 @@
|
||||
require "../spec_helper"
|
||||
require "../../src/sodium/secret_box"
|
||||
|
||||
describe Sodium::SecretBox do
|
||||
it "encrypts/decrypts" do
|
||||
|
@ -1,4 +1,5 @@
|
||||
require "./spec_helper"
|
||||
require "../src/sodium"
|
||||
|
||||
describe Sodium do
|
||||
# Finished in 71 microseconds
|
@ -1,5 +1,6 @@
|
||||
require "spec"
|
||||
require "../src/sodium"
|
||||
|
||||
# require "../src/sodium"
|
||||
|
||||
def check_wiped(buf : Bytes)
|
||||
GC.collect
|
||||
|
@ -1,17 +1,4 @@
|
||||
require "random/secure"
|
||||
|
||||
module Sodium
|
||||
class Error < ::Exception
|
||||
class VerificationFailed < Error
|
||||
end
|
||||
|
||||
class DecryptionFailed < Error
|
||||
end
|
||||
end
|
||||
|
||||
def self.memzero(bytes : Bytes)
|
||||
LibSodium.sodium_memzero bytes, bytes.bytesize
|
||||
end
|
||||
end
|
||||
|
||||
require "./sodium/**"
|
||||
|
@ -1,10 +1,16 @@
|
||||
require "../lib_sodium"
|
||||
require "../wipe"
|
||||
|
||||
module Sodium::Cipher
|
||||
# The great beat you can eat!
|
||||
#
|
||||
# What? They're both dance?
|
||||
#
|
||||
# WARNING: This class takes ownership of any key material passed to it.
|
||||
#
|
||||
# WARNING: Not validated against test vectors. You should probably write some before using.
|
||||
abstract class Chalsa
|
||||
@[Wipe::Var]
|
||||
@key : Bytes?
|
||||
@nonce : Bytes?
|
||||
|
||||
|
@ -1,7 +1,9 @@
|
||||
require "../lib_sodium"
|
||||
require "./lib_sodium"
|
||||
require "./wipe"
|
||||
require "./crypto_box/secret_key"
|
||||
|
||||
module Sodium::CryptoBox
|
||||
class Box
|
||||
module Sodium
|
||||
class CryptoBox
|
||||
include Wipe
|
||||
|
||||
MAC_SIZE = LibSodium.crypto_box_macbytes
|
||||
@ -25,6 +27,10 @@ module Sodium::CryptoBox
|
||||
{nonce, dst}
|
||||
end
|
||||
|
||||
def decrypt_easy(src)
|
||||
decrypt_easy src.to_slice
|
||||
end
|
||||
|
||||
def decrypt_easy(src : Bytes, dst = Bytes.new(src.bytesize - MAC_SIZE), nonce = Nonce.new) : Bytes
|
||||
if LibSodium.crypto_box_open_easy(dst, src, src.bytesize, nonce.to_slice, @public_key.to_slice, @secret_key.to_slice) != 0
|
||||
raise Error::DecryptionFailed.new("crypto_box_open_easy")
|
@ -1,6 +1,7 @@
|
||||
require "../lib_sodium"
|
||||
require "../key"
|
||||
|
||||
module Sodium::CryptoBox
|
||||
class Sodium::CryptoBox
|
||||
class PublicKey < Key
|
||||
KEY_SIZE = LibSodium.crypto_box_publickeybytes
|
||||
SEAL_SIZE = LibSodium.crypto_box_sealbytes
|
||||
|
@ -1,6 +1,9 @@
|
||||
require "../lib_sodium"
|
||||
require "../key"
|
||||
require "./public_key"
|
||||
require "../crypto_box"
|
||||
|
||||
module Sodium::CryptoBox
|
||||
class Sodium::CryptoBox
|
||||
# Key used for encryption + authentication or encryption without authentication, not for unencrypted signing.
|
||||
#
|
||||
# WARNING: This class takes ownership of any key material passed to it.
|
||||
@ -53,8 +56,8 @@ module Sodium::CryptoBox
|
||||
end
|
||||
|
||||
# Return a Box containing a precomputed shared secret for use with authenticated encryption/decryption.
|
||||
def box(public_key) : Box
|
||||
Box.new self, public_key
|
||||
def box(public_key) : CryptoBox
|
||||
CryptoBox.new self, public_key
|
||||
end
|
||||
|
||||
# Create a new box and automatically close when the block exits.
|
||||
|
@ -1,3 +1,5 @@
|
||||
require "../lib_sodium"
|
||||
require "../wipe"
|
||||
require "openssl/digest/digest_base"
|
||||
|
||||
module Sodium::Digest
|
||||
|
11
src/sodium/error.cr
Normal file
11
src/sodium/error.cr
Normal file
@ -0,0 +1,11 @@
|
||||
require "random/secure"
|
||||
|
||||
module Sodium
|
||||
class Error < ::Exception
|
||||
class VerificationFailed < Error
|
||||
end
|
||||
|
||||
class DecryptionFailed < Error
|
||||
end
|
||||
end
|
||||
end
|
@ -1,3 +1,6 @@
|
||||
require "random/secure"
|
||||
require "./error"
|
||||
|
||||
module Sodium
|
||||
@[Link(ldflags: "`#{__DIR__}/../../build/pkg-libs.sh #{__DIR__}/../..`")]
|
||||
lib LibSodium
|
||||
|
@ -1,3 +1,5 @@
|
||||
require "./lib_sodium"
|
||||
|
||||
module Sodium
|
||||
# [Argon2 Password Hashing](https://libsodium.gitbook.io/doc/password_hashing/the_argon2i_function)
|
||||
# * #store #verify #needs_rehash? are used together for password verification.
|
||||
|
@ -1,4 +1,5 @@
|
||||
require "./lib_sodium"
|
||||
require "./key"
|
||||
|
||||
module Sodium
|
||||
# [https://libsodium.gitbook.io/doc/secret-key_cryptography](https://libsodium.gitbook.io/doc/secret-key_cryptography)
|
||||
|
@ -1,4 +1,6 @@
|
||||
require "../lib_sodium"
|
||||
require "../key"
|
||||
require "./public_key"
|
||||
|
||||
module Sodium
|
||||
# Key used for signing/verification only.
|
||||
|
@ -1,3 +1,9 @@
|
||||
module Sodium
|
||||
def self.memzero(bytes : Bytes)
|
||||
LibSodium.sodium_memzero bytes, bytes.bytesize
|
||||
end
|
||||
end
|
||||
|
||||
module Sodium::Wipe
|
||||
annotation Var
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user