diff --git a/.travis.yml b/.travis.yml index fb8e068..907ccd1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,7 +3,7 @@ os: - linux - osx install: -- COX_BUILD_DEBUG=1 LIBSODIUM_BUILD_DIR=$HOME/libsodium ./build/libsodium_install.sh +- SODIUM_BUILD_DEBUG=1 LIBSODIUM_BUILD_DIR=$HOME/libsodium ./build/libsodium_install.sh before_script: - export LIBSODIUM_BUILD_DIR=$HOME/libsodium after_failure: diff --git a/README.md b/README.md index 0798f49..cde79a3 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -# cox -[![Build Status](https://travis-ci.org/didactic-drunk/cox.svg?branch=master)](https://travis-ci.org/didactic-drunk/cox) -[![Docs](https://img.shields.io/badge/docs-available-brightgreen.svg)](https://didactic-drunk.github.io/cox/) +# sodium.cr +[![Build Status](https://travis-ci.org/didactic-drunk/sodium.cr.svg?branch=master)](https://travis-ci.org/didactic-drunk/sodium.cr) +[![Docs](https://img.shields.io/badge/docs-available-brightgreen.svg)](https://didactic-drunk.github.io/sodium.cr/) Updated Crystal bindings for the [libsodium API](https://libsodium.gitbook.io/doc/) @@ -56,8 +56,8 @@ Add this to your application's `shard.yml`: ```yaml dependencies: - cox: - github: didactic-drunk/cox + sodium.cr: + github: didactic-drunk/sodium.cr ``` ## What should I use for my application? @@ -65,16 +65,16 @@ dependencies: | Class | | | --- | --- | | `CryptoBox` `Sign` `SecretBox` | I don't know much about crypto. | -| [`Cox::CryptoBox::SecretKey`](https://didactic-drunk.github.io/cox/Cox/CryptoBox/SecretKey.html) | I want to encrypt + authenticate data using public key encryption. | -| [`Cox::Sign::SecretKey`](https://didactic-drunk.github.io/cox/Cox/Sign/SecretKey.html) | I want to sign or verify messages without encryption. | -| [`Cox::SecretBox`](https://didactic-drunk.github.io/cox/Cox/SecretBox.html) | I have a shared key and want to encrypt + authenticate data. | +| [`Sodium::CryptoBox::SecretKey`](https://didactic-drunk.github.io/sodium.cr/Sodium/CryptoBox/SecretKey.html) | I want to encrypt + authenticate data using public key encryption. | +| [`Sodium::Sign::SecretKey`](https://didactic-drunk.github.io/sodium.cr/Sodium/Sign/SecretKey.html) | I want to sign or verify messages without encryption. | +| [`Sodium::SecretBox`](https://didactic-drunk.github.io/sodium.cr/Sodium/SecretBox.html) | I have a shared key and want to encrypt + authenticate data. | | AEAD | I have a shared key and want encrypt + authenticate streamed data. (Not implemented yet) | -| [`Cox::Digest::Blake2b`](https://didactic-drunk.github.io/cox/Cox/Digest::Blake2b.html) | I want to hash data fast and securely. | -| `Cox::Digest::SipHash` | I want to hash data really fast and less securely. (Not implemented yet) | -| `Cox::Pwhash` | I want to hash a password and store it. | -| `Cox::Pwhash` | I want to derive a key from a password. | -| `Cox::Kdf` | I have a high quality master key and want to make subkeys. | -| [`Cox::Cipher::Chalsa`](https://didactic-drunk.github.io/cox/Cox/Cipher/Chalsa.html) | What goes with guacamole? | +| [`Sodium::Digest::Blake2b`](https://didactic-drunk.github.io/sodium.cr/Sodium/Digest::Blake2b.html) | I want to hash data fast and securely. | +| `Sodium::Digest::SipHash` | I want to hash data really fast and less securely. (Not implemented yet) | +| `Sodium::Pwhash` | I want to hash a password and store it. | +| `Sodium::Pwhash` | I want to derive a key from a password. | +| `Sodium::Kdf` | I have a high quality master key and want to make subkeys. | +| [`Sodium::Cipher::Chalsa`](https://didactic-drunk.github.io/sodium.cr/Sodium/Cipher/Chalsa.html) | What goes with guacamole? | | Everything else | I want to design my own crypto protocol and probably do it wrong. | @@ -84,15 +84,15 @@ The `specs` provide the best examples of how to use or misuse this shard. ### CryptoBox easy encryption ```crystal -require "cox" +require "sodium" data = "Hello World!" # Alice is the sender -alice = Cox::CryptoBox::SecretKey.new +alice = Sodium::CryptoBox::SecretKey.new # Bob is the recipient -bob = Cox::CryptoBox::SecretKey.new +bob = Sodium::CryptoBox::SecretKey.new # Precompute a shared secret between alice and bob. pair = alice.pair bob.public_key @@ -105,7 +105,7 @@ nonce, encrypted = pair.encrypt data bob.pair alice.public_key do |pair| # Decrypt the message using Bob's secret key, and verify its signature against # Alice's public key - decrypted = Cox.decrypt(encrypted, nonce, alice.public, bob.secret) + decrypted = Sodium.decrypt(encrypted, nonce, alice.public, bob.secret) String.new(decrypted) # => "Hello World!" end @@ -115,41 +115,41 @@ end ```crystal message = "Hello World!" -secret_key = Cox::Sign::SecretKey.new +secret_key = Sodium::Sign::SecretKey.new # Sign the message signature = secret_key.sign_detached message # Send secret_key.public_key to the recipient -public_key = Cox::Sign::PublicKey.new key_bytes +public_key = Sodium::Sign::PublicKey.new key_bytes -# raises Cox::Error::VerificationFailed on failure. +# raises Sodium::Error::VerificationFailed on failure. public_key.verify_detached message, signature ``` ### Secret Key Encryption ```crystal -key = Cox::SecretKey.new +key = Sodium::SecretKey.new message = "foobar" encrypted, nonce = key.encrypt_easy message # On the other side. -key = Cox::SecretKey.new key +key = Sodium::SecretKey.new key message = key.decrypt_easy encrypted, nonce ``` ### Blake2b ```crystal -key = Bytes.new Cox::Digest::Blake2B::KEY_SIZE -salt = Bytes.new Cox::Digest::Blake2B::SALT_SIZE -personal = Bytes.new Cox::Digest::Blake2B::PERSONAL_SIZE -out_size = 64 # bytes between Cox::Digest::Blake2B::OUT_SIZE_MIN and Cox::Digest::Blake2B::OUT_SIZE_MAX +key = Bytes.new Sodium::Digest::Blake2B::KEY_SIZE +salt = Bytes.new Sodium::Digest::Blake2B::SALT_SIZE +personal = Bytes.new Sodium::Digest::Blake2B::PERSONAL_SIZE +out_size = 64 # bytes between Sodium::Digest::Blake2B::OUT_SIZE_MIN and Sodium::Digest::Blake2B::OUT_SIZE_MAX data = "data".to_slice # output_size, key, salt, and personal are optional. -digest = Cox::Digest::Blake2b.new out_size, key: key, salt: salt, personal: personal +digest = Sodium::Digest::Blake2b.new out_size, key: key, salt: salt, personal: personal digest.update data output = d.hexdigest @@ -160,7 +160,7 @@ output = d.hexdigest ### Key derivation ```crystal -kdf = Cox::Kdf.new +kdf = Sodium::Kdf.new # kdf.derive(8_byte_context, subkey_id, subkey_size) subkey1 = kdf.derive "context1", 0, 16 @@ -171,10 +171,10 @@ subkey4 = kdf.derive "context2", 1, 64 ### Password Hashing ```crystal -pwhash = Cox::Pwhash.new +pwhash = Sodium::Pwhash.new -pwhash.memlimit = Cox::Pwhash::MEMLIMIT_MIN -pwhash.opslimit = Cox::Pwhash::OPSLIMIT_MIN +pwhash.memlimit = Sodium::Pwhash::MEMLIMIT_MIN +pwhash.opslimit = Sodium::Pwhash::OPSLIMIT_MIN pass = "1234" hash = pwhash.hash_str pass @@ -203,7 +203,7 @@ Ops limit → ## Contributing -1. Fork it ( https://github.com/didactic-drunk/cox/fork ) +1. Fork it ( https://github.com/didactic-drunk/sodium.cr/fork ) 2. **Install a formatting check git hook (ln -sf ../../scripts/git/pre-commit .git/hooks)** 3. Create your feature branch (git checkout -b my-new-feature) 4. Commit your changes (git commit -am 'Add some feature') diff --git a/benchmarks/blake2b.cr b/benchmarks/blake2b.cr index 566684f..fc16e03 100644 --- a/benchmarks/blake2b.cr +++ b/benchmarks/blake2b.cr @@ -1,5 +1,5 @@ require "benchmark" -require "../src/cox" +require "../src/sodium" require "openssl" require "openssl/digest" @@ -13,19 +13,19 @@ puts "'crystal run --release benchmarks/blake2b.cr sha1 sha256'" Benchmark.ips(warmup: 0.5) do |bm| sizes.each_with_index do |size, i| bm.report "blake2b new obj per iter #{size}" do - d = Cox::Digest::Blake2b.new 64 + d = Sodium::Digest::Blake2b.new 64 d.update bufs[i] d.digest end - d = Cox::Digest::Blake2b.new output_size + d = Sodium::Digest::Blake2b.new output_size bm.report "blake2b reset per iter #{size}" do d.reset d.update bufs[i] d.digest end - d = Cox::Digest::Blake2b.new output_size + d = Sodium::Digest::Blake2b.new output_size dst = Bytes.new d.digest_size bm.report "blake2b reset reusing buffer per iter #{size}" do d.reset diff --git a/benchmarks/blake2b.txt b/benchmarks/blake2b.txt index 44f5785..7db06ea 100644 --- a/benchmarks/blake2b.txt +++ b/benchmarks/blake2b.txt @@ -52,7 +52,7 @@ openssl speed -evp blake2b512 md5 Doing md5 for 3s on 16384 size blocks: 125954 md5's in 2.99s -# In all tests crystal Cox::Blake2b(512) beats crystal OpenSSL::Digest::SHA256. +# In all tests crystal Sodium::Digest::Blake2b(512) beats crystal OpenSSL::Digest::SHA256. # Using .reset instead of creating new objects gives a significant performance boost when hashing small data sizes. # Reusing an output buffer with .reset gives a further performance boost when hashing small data sizes. # New objects have a significant penalty for hashing small data sizes. Only problematic with iterative hashing or in a tight loop. diff --git a/build/env.sh b/build/env.sh index 65349ff..ad709a1 100644 --- a/build/env.sh +++ b/build/env.sh @@ -9,7 +9,7 @@ export MIN_LIBSODIUM_VERSION=1.0.18 export LIBSODIUM_SHA256=6f504490b342a4f8a4c4a02fc9b866cbef8622d5df4e5452b46be121e46636c1 -[ ! -z "$COX_BUILD_DEBUG" ] && export COX_BUILD_VERBOSE=1 +[ ! -z "$SODIUM_BUILD_DEBUG" ] && export SODIUM_BUILD_VERBOSE=1 function version { echo "$@" | awk -F. '{ printf("%d%03d%03d%03d\n", $1,$2,$3,$4); }'; } @@ -17,13 +17,13 @@ if `pkg-config libsodium --exists`; then PKG_VER=`pkg-config libsodium --modversion` if [ $(version "$PKG_VER") -ge $(version "$MIN_LIBSODIUM_VERSION") ]; then - [ ! -z "$COX_BUILD_VERBOSE" ] && echo "Using packaged libsodium." + [ ! -z "$SODIUM_BUILD_VERBOSE" ] && echo "Using packaged libsodium." else - [ ! -z "$COX_BUILD_VERBOSE" ] echo "System packaged libsodium is too old." + [ ! -z "$SODIUM_BUILD_VERBOSE" ] echo "System packaged libsodium is too old." export LIBSODIUM_INSTALL=1 fi else - [ ! -z "$COX_BUILD_VERBOSE" ] && echo "Missing libsodium system package." + [ ! -z "$SODIUM_BUILD_VERBOSE" ] && echo "Missing libsodium system package." export LIBSODIUM_INSTALL=1 fi diff --git a/build/libsodium_install.sh b/build/libsodium_install.sh index 32f0421..5585c68 100755 --- a/build/libsodium_install.sh +++ b/build/libsodium_install.sh @@ -12,8 +12,8 @@ set -e #export LIBSODIUM_INSTALL=1 if [ "$LIBSODIUM_INSTALL" != "1" ]; then - [ ! -z "$COX_BUILD_VERBOSE" ] echo "Skipping libsodium build." - exit + [ ! -z "$SODIUM_BUILD_VERBOSE" ] && echo "Skipping libsodium build." + exit 0 fi @@ -22,7 +22,7 @@ cd "$LIBSODIUM_BUILD_DIR" if [ ! -f "$LIBSODIUM_INSTALL_PATH/include/sodium.h" ]; then - [ ! -z "$COX_BUILD_DEBUG" ] && set -x + [ ! -z "$SODIUM_BUILD_DEBUG" ] && set -x DIRNAME=libsodium-"$MIN_LIBSODIUM_VERSION" TGZ_FILENAME="$DIRNAME".tar.gz @@ -58,11 +58,11 @@ if [ ! -f "$LIBSODIUM_INSTALL_PATH/include/sodium.h" ]; then touch .make.install.done fi - [ ! -z "$COX_BUILD_VERBOSE" ] && echo "Finished building libsodium." + [ ! -z "$SODIUM_BUILD_VERBOSE" ] && echo "Finished building libsodium." else # find "$LIBSODIUM_INSTALL_PATH" - [ ! -z "$COX_BUILD_VERBOSE" ] && echo "Using already built libsodium." + [ ! -z "$SODIUM_BUILD_VERBOSE" ] && echo "Using already built libsodium." fi exit 0 diff --git a/examples/pwhash_selector.cr b/examples/pwhash_selector.cr index 36e8d60..6fe30d1 100644 --- a/examples/pwhash_selector.cr +++ b/examples/pwhash_selector.cr @@ -1,5 +1,4 @@ -require "../src/cox" -require "tallboy" +require "../src/sodium" if ARGV.empty? puts "Help select Pwhash ops/mem limits for your application." @@ -15,8 +14,8 @@ time_limit = if t = ARGV.shift? else time_min * 4 end -mem_limit = (ARGV.shift?.try &.to_i || (Cox::Pwhash::MEMLIMIT_MAX)).to_u64 -pwhash = Cox::Pwhash.new +mem_limit = (ARGV.shift?.try &.to_i || (Sodium::Pwhash::MEMLIMIT_MAX)).to_u64 +pwhash = Sodium::Pwhash.new pass = "1234" # data = Array(Array({UInt64, UInt64, Float64})).new @@ -36,9 +35,9 @@ def bytes_str(b) "%5d#{suffix}" % b end -pwhash.memlimit = Cox::Pwhash::MEMLIMIT_MIN +pwhash.memlimit = Sodium::Pwhash::MEMLIMIT_MIN loop do - pwhash.opslimit = Cox::Pwhash::OPSLIMIT_MIN + pwhash.opslimit = Sodium::Pwhash::OPSLIMIT_MIN row = ["%5dK" % (pwhash.memlimit / 1024)] data << row @@ -72,7 +71,7 @@ loop do puts "" break if pwhash.memlimit >= mem_limit - break if pwhash.opslimit == Cox::Pwhash::OPSLIMIT_MIN # Couldn't get past 1 iteration before going over time. + break if pwhash.opslimit == Sodium::Pwhash::OPSLIMIT_MIN # Couldn't get past 1 iteration before going over time. pwhash.memlimit *= 4 end # header << "Ops limit" diff --git a/shard.yml b/shard.yml index 7d0da18..1ff131e 100644 --- a/shard.yml +++ b/shard.yml @@ -1,4 +1,4 @@ -name: cox +name: sodium.cr version: 0.1.0 authors: @@ -8,6 +8,6 @@ development_dependencies: ghshard: github: bcardiff/ghshard -crystal: 0.24.1 +crystal: 0.28.0 license: MIT diff --git a/spec/cox_spec.cr b/spec/cox_spec.cr index d1e56e8..ef80fe0 100644 --- a/spec/cox_spec.cr +++ b/spec/cox_spec.cr @@ -1,6 +1,6 @@ require "./spec_helper" -describe Cox do +describe Sodium do # Finished in 71 microseconds # 1 examples, 2 failures, 5 errors, 0 pending # What a man. diff --git a/spec/cox/blake2b_spec.cr b/spec/sodium/blake2b_spec.cr similarity index 68% rename from spec/cox/blake2b_spec.cr rename to spec/sodium/blake2b_spec.cr index cff3f3c..9d22e0e 100644 --- a/spec/cox/blake2b_spec.cr +++ b/spec/sodium/blake2b_spec.cr @@ -23,10 +23,10 @@ test_vectors = [ }, ] -describe Cox::Digest::Blake2b do +describe Sodium::Digest::Blake2b do it "libsodium comparisons" do libsodium_comparisons.each do |vec| - d = Cox::Digest::Blake2b.new vec[:out_size], key: vec[:key].try(&.hexbytes) + d = Sodium::Digest::Blake2b.new vec[:out_size], key: vec[:key].try(&.hexbytes) d.update vec[:input].hexbytes d.hexdigest.should eq vec[:output] end @@ -34,31 +34,31 @@ describe Cox::Digest::Blake2b do it "test vectors" do test_vectors.each do |vec| - d = Cox::Digest::Blake2b.new 64, key: vec[:key].hexbytes + d = Sodium::Digest::Blake2b.new 64, key: vec[:key].hexbytes d.update vec[:input].hexbytes d.hexdigest.should eq vec[:output] end end it "produces different output with different salt or personal params" do - key = Bytes.new Cox::Digest::Blake2b::KEY_SIZE - salt = Bytes.new Cox::Digest::Blake2b::SALT_SIZE - salt2 = Bytes.new Cox::Digest::Blake2b::SALT_SIZE + key = Bytes.new Sodium::Digest::Blake2b::KEY_SIZE + salt = Bytes.new Sodium::Digest::Blake2b::SALT_SIZE + salt2 = Bytes.new Sodium::Digest::Blake2b::SALT_SIZE salt2 = salt.dup salt2[0] = 1 - personal = Bytes.new Cox::Digest::Blake2b::PERSONAL_SIZE + personal = Bytes.new Sodium::Digest::Blake2b::PERSONAL_SIZE personal2 = personal.dup personal2[0] = 1 - d = Cox::Digest::Blake2b.new key: key, salt: salt, personal: personal + d = Sodium::Digest::Blake2b.new key: key, salt: salt, personal: personal d.update "foo".to_slice output = d.hexdigest - d = Cox::Digest::Blake2b.new key: key, salt: salt2, personal: personal + d = Sodium::Digest::Blake2b.new key: key, salt: salt2, personal: personal d.update "foo".to_slice saltout = d.hexdigest - d = Cox::Digest::Blake2b.new key: key, salt: salt, personal: personal2 + d = Sodium::Digest::Blake2b.new key: key, salt: salt, personal: personal2 d.update "foo".to_slice personalout = d.hexdigest @@ -69,19 +69,19 @@ describe Cox::Digest::Blake2b do it "raises on invalid " do expect_raises ArgumentError do - Cox::Digest::Blake2b.new key: Bytes.new(128) + Sodium::Digest::Blake2b.new key: Bytes.new(128) end expect_raises ArgumentError do - Cox::Digest::Blake2b.new salt: Bytes.new(1) + Sodium::Digest::Blake2b.new salt: Bytes.new(1) end expect_raises ArgumentError do - Cox::Digest::Blake2b.new salt: Bytes.new(128) + Sodium::Digest::Blake2b.new salt: Bytes.new(128) end expect_raises ArgumentError do - Cox::Digest::Blake2b.new personal: Bytes.new(128) + Sodium::Digest::Blake2b.new personal: Bytes.new(128) end end end diff --git a/spec/cox/cipher/chalsa_spec.cr b/spec/sodium/cipher/chalsa_spec.cr similarity index 73% rename from spec/cox/cipher/chalsa_spec.cr rename to spec/sodium/cipher/chalsa_spec.cr index 70df4e2..fc94568 100644 --- a/spec/cox/cipher/chalsa_spec.cr +++ b/spec/sodium/cipher/chalsa_spec.cr @@ -1,13 +1,13 @@ require "../../spec_helper" -require "../../../src/cox/cipher/chalsa" +require "../../../src/sodium/cipher/chalsa" {% for name in %w(XSalsa20 Salsa20 XChaCha20 ChaCha20Ietf ChaCha20) %} # TODO: verify against test vectors. - describe Cox::Cipher::{{ name.id }} do + describe Sodium::Cipher::{{ name.id }} do it "xors" do data = Bytes.new(100) - cipher1 = Cox::Cipher::{{ name.id }}.new - cipher2 = Cox::Cipher::{{ name.id }}.new + cipher1 = Sodium::Cipher::{{ name.id }}.new + cipher2 = Sodium::Cipher::{{ name.id }}.new key = cipher1.random_key nonce = cipher1.random_nonce output = cipher1.update data diff --git a/spec/cox/crypto_box/secret_key_spec.cr b/spec/sodium/crypto_box/secret_key_spec.cr similarity index 82% rename from spec/cox/crypto_box/secret_key_spec.cr rename to spec/sodium/crypto_box/secret_key_spec.cr index c4bcc88..542c9b5 100644 --- a/spec/cox/crypto_box/secret_key_spec.cr +++ b/spec/sodium/crypto_box/secret_key_spec.cr @@ -1,14 +1,14 @@ require "../../spec_helper" -describe Cox::CryptoBox::SecretKey do +describe Sodium::CryptoBox::SecretKey do it "easy encrypt/decrypt" do data = "Hello World!" # Alice is the sender - alice = Cox::CryptoBox::SecretKey.new + alice = Sodium::CryptoBox::SecretKey.new # Bob is the recipient - bob = Cox::CryptoBox::SecretKey.new + bob = Sodium::CryptoBox::SecretKey.new # Encrypt a message for Bob using his public key, signing it with Alice's # secret key diff --git a/spec/cox/kdf_spec.cr b/spec/sodium/kdf_spec.cr similarity index 78% rename from spec/cox/kdf_spec.cr rename to spec/sodium/kdf_spec.cr index 368689a..67bf2e0 100644 --- a/spec/cox/kdf_spec.cr +++ b/spec/sodium/kdf_spec.cr @@ -2,12 +2,12 @@ require "../spec_helper" CONTEXT = "8_bytess" -describe Cox::Kdf do +describe Sodium::Kdf do it "generates master key" do - kdf1 = Cox::Kdf.new + kdf1 = Sodium::Kdf.new # verify loading saved key - kdf2 = Cox::Kdf.from_base64 kdf1.to_base64 + kdf2 = Sodium::Kdf.from_base64 kdf1.to_base64 # verify generated subkey's are the same after loading key1_s1 = kdf1.derive CONTEXT, 0, 16 @@ -16,7 +16,7 @@ describe Cox::Kdf do end it "generates different keys" do - kdf1 = Cox::Kdf.new + kdf1 = Sodium::Kdf.new subkey1 = kdf1.derive CONTEXT, 0, 16 subkey2 = kdf1.derive CONTEXT, 1, 16 subkey1.should_not eq subkey2 diff --git a/spec/cox/pwhash_spec.cr b/spec/sodium/pwhash_spec.cr similarity index 75% rename from spec/cox/pwhash_spec.cr rename to spec/sodium/pwhash_spec.cr index 9de69a7..3a049d2 100644 --- a/spec/cox/pwhash_spec.cr +++ b/spec/sodium/pwhash_spec.cr @@ -1,27 +1,27 @@ require "../spec_helper" private def pw_min - pwhash = Cox::Pwhash.new + pwhash = Sodium::Pwhash.new # set to minimum to speed up tests - pwhash.memlimit = Cox::Pwhash::MEMLIMIT_MIN - pwhash.opslimit = Cox::Pwhash::OPSLIMIT_MIN + pwhash.memlimit = Sodium::Pwhash::MEMLIMIT_MIN + pwhash.opslimit = Sodium::Pwhash::OPSLIMIT_MIN pwhash end -describe Cox::Pwhash do +describe Sodium::Pwhash do it "hashes and verifies a password" do pwhash = pw_min pass = "1234" hash = pwhash.store pass pwhash.verify hash, pass - expect_raises(Cox::Pwhash::PasswordVerifyError) do + expect_raises(Sodium::Pwhash::PasswordVerifyError) do pwhash.verify hash, "5678" end pwhash.needs_rehash?(hash).should be_false - pwhash.opslimit = Cox::Pwhash::OPSLIMIT_MAX + pwhash.opslimit = Sodium::Pwhash::OPSLIMIT_MAX pwhash.needs_rehash?(hash).should be_true end @@ -34,7 +34,7 @@ describe Cox::Pwhash do it "derives a key from a password" do pwhash = pw_min - pwhash.algorithm = Cox::Pwhash::Algorithm::Argon2id13 + pwhash.algorithm = Sodium::Pwhash::Algorithm::Argon2id13 salt = pwhash.salt key1 = pwhash.key_derive salt, "foo", 16 key2 = pwhash.key_derive salt, "foo", 16 diff --git a/spec/cox/secret_box_spec.cr b/spec/sodium/secret_box_spec.cr similarity index 72% rename from spec/cox/secret_box_spec.cr rename to spec/sodium/secret_box_spec.cr index 52203e6..c751b50 100644 --- a/spec/cox/secret_box_spec.cr +++ b/spec/sodium/secret_box_spec.cr @@ -1,15 +1,15 @@ require "../spec_helper" -describe Cox::SecretBox do +describe Sodium::SecretBox do it "encrypts/decrypts" do - key = Cox::SecretBox.new + key = Sodium::SecretBox.new message = "foobar" encrypted, nonce = key.encrypt_easy message decrypted = key.decrypt_easy encrypted, nonce message.should eq String.new(decrypted) - expect_raises(Cox::Error::DecryptionFailed) do + expect_raises(Sodium::Error::DecryptionFailed) do key.decrypt_easy "badmsgbadmsgbadmsgbadmsgbadmsg".to_slice, nonce end end diff --git a/spec/cox/sign/secret_key.cr b/spec/sodium/sign/secret_key.cr similarity index 60% rename from spec/cox/sign/secret_key.cr rename to spec/sodium/sign/secret_key.cr index 6d91c12..5c3299e 100644 --- a/spec/cox/sign/secret_key.cr +++ b/spec/sodium/sign/secret_key.cr @@ -1,10 +1,10 @@ require "../../spec_helper" -require "../../../src/cox/sign/secret_key" +require "../../../src/sodium/sign/secret_key" -describe Cox::Sign::SecretKey do +describe Sodium::Sign::SecretKey do it "signs and verifies" do message = "foo" - skey = Cox::Sign::SecretKey.new + skey = Sodium::Sign::SecretKey.new sig = skey.sign_detached message skey.public_key.verify_detached message, sig @@ -12,10 +12,10 @@ describe Cox::Sign::SecretKey do it "signs and fails" do message = "foo" - skey = Cox::Sign::SecretKey.new + skey = Sodium::Sign::SecretKey.new sig = skey.sign_detached message - expect_raises Cox::Error::VerificationFailed do + expect_raises Sodium::Error::VerificationFailed do skey.public_key.verify_detached "bar", sig end end diff --git a/spec/spec_helper.cr b/spec/spec_helper.cr index 21974ee..4ee79af 100644 --- a/spec/spec_helper.cr +++ b/spec/spec_helper.cr @@ -1,2 +1,2 @@ require "spec" -require "../src/cox" +require "../src/sodium" diff --git a/src/cox.cr b/src/sodium.cr similarity index 79% rename from src/cox.cr rename to src/sodium.cr index 42f8fec..3ab1381 100644 --- a/src/cox.cr +++ b/src/sodium.cr @@ -1,6 +1,6 @@ require "random/secure" -module Cox +module Sodium class Error < ::Exception class VerificationFailed < Error end @@ -14,8 +14,8 @@ module Cox end end -require "./cox/**" +require "./sodium/**" -if Cox::LibSodium.sodium_init == -1 +if Sodium::LibSodium.sodium_init == -1 abort "Failed to init libsodium" end diff --git a/src/cox/cipher/chalsa.cr b/src/sodium/cipher/chalsa.cr similarity index 90% rename from src/cox/cipher/chalsa.cr rename to src/sodium/cipher/chalsa.cr index 0fc485f..234c441 100644 --- a/src/cox/cipher/chalsa.cr +++ b/src/sodium/cipher/chalsa.cr @@ -1,6 +1,6 @@ require "../lib_sodium" -module Cox::Cipher +module Sodium::Cipher # The great beat you can eat! # # What? They're both dance? @@ -69,7 +69,7 @@ module Cox::Cipher # # This class mimicks the OpenSSL::Cipher interface with minor differences. # - # See `spec/cox/cipher/chalsa_spec.cr` for examples on how to use this class. + # See `spec/sodium/cipher/chalsa_spec.cr` for examples on how to use this class. class {{ key.id }} < Chalsa # Xor's src with the cipher output and places in dst. # @@ -78,12 +78,12 @@ module Cox::Cipher if (key = @key) && (nonce = @nonce) raise ArgumentError.new("src and dst bytesize must be identical") if src.bytesize != dst.bytesize if LibSodium.crypto_stream_{{ val.id }}_xor_ic(dst, src, src.bytesize, nonce, @offset, key) != 0 - raise Cox::Error.new("crypto_stream_{{ val.id }}_xor_ic") + raise Sodium::Error.new("crypto_stream_{{ val.id }}_xor_ic") end @offset += src.bytesize dst else - raise Cox::Error.new("key and nonce must be set before calling update #{@key.nil?} #{@nonce.nil?}") + raise Sodium::Error.new("key and nonce must be set before calling update #{@key.nil?} #{@nonce.nil?}") end end diff --git a/src/cox/crypto_box/pair.cr b/src/sodium/crypto_box/pair.cr similarity index 97% rename from src/cox/crypto_box/pair.cr rename to src/sodium/crypto_box/pair.cr index 18567d8..485d24f 100644 --- a/src/cox/crypto_box/pair.cr +++ b/src/sodium/crypto_box/pair.cr @@ -1,6 +1,6 @@ require "../lib_sodium" -module Cox::CryptoBox +module Sodium::CryptoBox class Pair include Wipe diff --git a/src/cox/crypto_box/public_key.cr b/src/sodium/crypto_box/public_key.cr similarity index 92% rename from src/cox/crypto_box/public_key.cr rename to src/sodium/crypto_box/public_key.cr index 41af091..64b095e 100644 --- a/src/cox/crypto_box/public_key.cr +++ b/src/sodium/crypto_box/public_key.cr @@ -1,6 +1,6 @@ require "../lib_sodium" -module Cox::CryptoBox +module Sodium::CryptoBox class PublicKey < Key include Wipe KEY_SIZE = LibSodium::PUBLIC_KEY_SIZE diff --git a/src/cox/crypto_box/secret_key.cr b/src/sodium/crypto_box/secret_key.cr similarity index 97% rename from src/cox/crypto_box/secret_key.cr rename to src/sodium/crypto_box/secret_key.cr index 599c3f4..98e012a 100644 --- a/src/cox/crypto_box/secret_key.cr +++ b/src/sodium/crypto_box/secret_key.cr @@ -1,6 +1,6 @@ require "../lib_sodium" -module Cox::CryptoBox +module Sodium::CryptoBox class SecretKey < Key include Wipe KEY_SIZE = LibSodium::SECRET_KEY_SIZE diff --git a/src/cox/digest/blake2b.cr b/src/sodium/digest/blake2b.cr similarity index 93% rename from src/cox/digest/blake2b.cr rename to src/sodium/digest/blake2b.cr index 61af3c4..ef70e61 100644 --- a/src/cox/digest/blake2b.cr +++ b/src/sodium/digest/blake2b.cr @@ -1,6 +1,6 @@ require "openssl/digest/digest_base" -module Cox::Digest +module Sodium::Digest class Blake2b # provides copying digest/hexdigest methods include OpenSSL::DigestBase @@ -57,13 +57,13 @@ module Cox::Digest personal = @have_personal ? @personal.to_unsafe : nil if LibSodium.crypto_generichash_blake2b_init_salt_personal(@state, key, @key_size, @digest_size, salt, personal) != 0 - raise Cox::Error.new("blake2b_init_key_salt_personal") + raise Sodium::Error.new("blake2b_init_key_salt_personal") end end def update(data : Bytes) if LibSodium.crypto_generichash_blake2b_update(@state, data, data.bytesize) != 0 - raise Cox::Error.new("crypto_generichash_blake2b_update") + raise Sodium::Error.new("crypto_generichash_blake2b_update") end self @@ -81,7 +81,7 @@ module Cox::Digest # Use .digest or .hexdigest instead. def finish(dst : Bytes) : Bytes if LibSodium.crypto_generichash_blake2b_final(@state, dst, dst.bytesize) != 0 - raise Cox::Error.new("crypto_generichash_blake2b_final") + raise Sodium::Error.new("crypto_generichash_blake2b_final") end dst diff --git a/src/cox/kdf.cr b/src/sodium/kdf.cr similarity index 88% rename from src/cox/kdf.cr rename to src/sodium/kdf.cr index 61e7cdb..fac7b78 100644 --- a/src/cox/kdf.cr +++ b/src/sodium/kdf.cr @@ -1,4 +1,4 @@ -module Cox +module Sodium class Kdf property bytes : Bytes @@ -25,7 +25,7 @@ module Cox subkey = Bytes.new subkey_size if (ret = LibSodium.crypto_kdf_derive_from_key(subkey, subkey.bytesize, subkey_id, context, @bytes)) != 0 - raise Cox::Error.new("crypto_kdf_derive_from_key returned #{ret} (subkey size is probably out of range)") + raise Sodium::Error.new("crypto_kdf_derive_from_key returned #{ret} (subkey size is probably out of range)") end subkey end diff --git a/src/cox/key.cr b/src/sodium/key.cr similarity index 94% rename from src/cox/key.cr rename to src/sodium/key.cr index 70dfa8e..4a6298a 100644 --- a/src/cox/key.cr +++ b/src/sodium/key.cr @@ -1,4 +1,4 @@ -module Cox +module Sodium abstract class Key abstract def bytes diff --git a/src/cox/lib_sodium.cr b/src/sodium/lib_sodium.cr similarity index 99% rename from src/cox/lib_sodium.cr rename to src/sodium/lib_sodium.cr index 7d75c03..c30d9ec 100644 --- a/src/cox/lib_sodium.cr +++ b/src/sodium/lib_sodium.cr @@ -1,4 +1,4 @@ -module Cox +module Sodium @[Link(ldflags: "`#{__DIR__}/../../build/pkg-libs.sh #{__DIR__}/../..`")] lib LibSodium fun sodium_init : LibC::Int diff --git a/src/cox/nonce.cr b/src/sodium/nonce.cr similarity index 96% rename from src/cox/nonce.cr rename to src/sodium/nonce.cr index 53dcc58..1919466 100644 --- a/src/cox/nonce.cr +++ b/src/sodium/nonce.cr @@ -1,7 +1,7 @@ require "./lib_sodium" require "random/secure" -module Cox +module Sodium class Nonce NONCE_SIZE = LibSodium::NONCE_SIZE diff --git a/src/cox/pwhash.cr b/src/sodium/pwhash.cr similarity index 93% rename from src/cox/pwhash.cr rename to src/sodium/pwhash.cr index 815284a..5b5fbdf 100644 --- a/src/cox/pwhash.cr +++ b/src/sodium/pwhash.cr @@ -1,11 +1,11 @@ -module Cox +module Sodium # [Argon2 Password Hashing](https://libsodium.gitbook.io/doc/password_hashing/the_argon2i_function) # * #store #verify #needs_rehash? are used together for password verification. # * #key_derive is used on it's own to generate password based keys. # # See `examples/pwhash_selector.cr` for help on selecting parameters. class Pwhash - class PasswordVerifyError < Cox::Error + class PasswordVerifyError < Sodium::Error end OPSLIMIT_MIN = LibSodium.crypto_pwhash_opslimit_min @@ -39,7 +39,7 @@ module Cox def store(pass) outstr = Bytes.new LibSodium::PWHASH_STR_SIZE if LibSodium.crypto_pwhash_str(outstr, pass, pass.bytesize, @opslimit, @memlimit) != 0 - raise Cox::Error.new("crypto_pwhash_str") + raise Sodium::Error.new("crypto_pwhash_str") end outstr end @@ -65,7 +65,7 @@ module Cox when 1 true else - raise Cox::Error.new("crypto_pwhash_str_needs_rehash") + raise Sodium::Error.new("crypto_pwhash_str_needs_rehash") end end @@ -76,7 +76,7 @@ module Cox if alg = algorithm key = Bytes.new key_bytes if LibSodium.crypto_pwhash(key, key.bytesize, pass, pass.bytesize, salt, @opslimit, @memlimit, alg) != 0 - raise Cox::Error.new("crypto_pwhash_str") + raise Sodium::Error.new("crypto_pwhash_str") end key else diff --git a/src/cox/secret_box.cr b/src/sodium/secret_box.cr similarity index 86% rename from src/cox/secret_box.cr rename to src/sodium/secret_box.cr index 59ebf55..53adf65 100644 --- a/src/cox/secret_box.cr +++ b/src/sodium/secret_box.cr @@ -1,15 +1,15 @@ require "./lib_sodium" -module Cox +module Sodium # [https://libsodium.gitbook.io/doc/secret-key_cryptography](https://libsodium.gitbook.io/doc/secret-key_cryptography) # # ```crystal - # key = Cox::SecretKey.new + # key = Sodium::SecretKey.new # message = "foobar" # encrypted, nonce = key.encrypt_easy message # # # On the other side. - # key = Cox::SecretKey.new key + # key = Sodium::SecretKey.new key # message = key.decrypt_easy encrypted, nonce # ``` class SecretBox < Key @@ -54,14 +54,14 @@ module Cox raise ArgumentError.new("dst.bytesize must be src.bytesize + MAC_SIZE, got #{dst.bytesize}") end if LibSodium.crypto_secretbox_easy(dst, src, src.bytesize, nonce.to_slice, @bytes) != 0 - raise Cox::Error.new("crypto_secretbox_easy") + raise Sodium::Error.new("crypto_secretbox_easy") end dst end def decrypt_easy(data : Bytes, nonce : Nonce) : Bytes output_size = data.bytesize - MAC_SIZE - raise Cox::Error::DecryptionFailed.new("encrypted data too small #{data.bytesize}") if output_size <= 0 + raise Sodium::Error::DecryptionFailed.new("encrypted data too small #{data.bytesize}") if output_size <= 0 output = Bytes.new output_size decrypt_easy(data, output, nonce) end @@ -71,7 +71,7 @@ module Cox raise ArgumentError.new("dst.bytesize must be src.bytesize - MAC_SIZE, got #{dst.bytesize}") end if LibSodium.crypto_secretbox_open_easy(dst, src, src.bytesize, nonce.to_slice, @bytes) != 0 - raise Cox::Error::DecryptionFailed.new("crypto_secretbox_easy") + raise Sodium::Error::DecryptionFailed.new("crypto_secretbox_easy") end dst end diff --git a/src/cox/sign/public_key.cr b/src/sodium/sign/public_key.cr similarity index 89% rename from src/cox/sign/public_key.cr rename to src/sodium/sign/public_key.cr index b4220cf..8b063f2 100644 --- a/src/cox/sign/public_key.cr +++ b/src/sodium/sign/public_key.cr @@ -1,6 +1,6 @@ require "../lib_sodium" -module Cox +module Sodium class Sign::PublicKey < Key include Wipe KEY_SIZE = LibSodium::PUBLIC_SIGN_SIZE @@ -24,7 +24,7 @@ module Cox v = LibSodium.crypto_sign_verify_detached sig, message, message.bytesize, @bytes if v != 0 - raise Cox::Error::VerificationFailed.new("crypto_sign_verify_detached") + raise Sodium::Error::VerificationFailed.new("crypto_sign_verify_detached") end end end diff --git a/src/cox/sign/secret_key.cr b/src/sodium/sign/secret_key.cr similarity index 96% rename from src/cox/sign/secret_key.cr rename to src/sodium/sign/secret_key.cr index 2e10001..2f5b6e8 100644 --- a/src/cox/sign/secret_key.cr +++ b/src/sodium/sign/secret_key.cr @@ -1,7 +1,7 @@ require "../lib_sodium" -module Cox - class Sign::SecretKey < Cox::Key +module Sodium + class Sign::SecretKey < Sodium::Key include Wipe KEY_SIZE = LibSodium::SECRET_SIGN_SIZE diff --git a/src/cox/version.cr b/src/sodium/version.cr similarity index 63% rename from src/cox/version.cr rename to src/sodium/version.cr index 9e380cd..83bf696 100644 --- a/src/cox/version.cr +++ b/src/sodium/version.cr @@ -1,3 +1,3 @@ -module Cox +module Sodium VERSION = "0.1.0" end diff --git a/src/cox/wipe.cr b/src/sodium/wipe.cr similarity index 84% rename from src/cox/wipe.cr rename to src/sodium/wipe.cr index 8073907..1735411 100644 --- a/src/cox/wipe.cr +++ b/src/sodium/wipe.cr @@ -1,4 +1,4 @@ -module Cox::Wipe +module Sodium::Wipe @closed = false def close @@ -9,7 +9,7 @@ module Cox::Wipe protected def wipe return if @closed - Cox.memzero @bytes + Sodium.memzero @bytes end def finalize