diff --git a/README.md b/README.md index 12ffd21..614a404 100644 --- a/README.md +++ b/README.md @@ -173,10 +173,11 @@ Ops limit → ## Contributing 1. Fork it ( https://github.com/didactic-drunk/cox/fork ) -2. Create your feature branch (git checkout -b my-new-feature) -3. Commit your changes (git commit -am 'Add some feature') -4. Push to the branch (git push origin my-new-feature) -5. Create a new Pull Request +2. **Install a formatting check git hook (ln -sf ../../scripts/git/pre-commit .git/hooks)** +3. Create your feature branch (git checkout -b my-new-feature) +4. Commit your changes (git commit -am 'Add some feature') +5. Push to the branch (git push origin my-new-feature) +6. Create a new Pull Request ## Contributors diff --git a/examples/pwhash_selector.cr b/examples/pwhash_selector.cr index 0852eb0..36e8d60 100644 --- a/examples/pwhash_selector.cr +++ b/examples/pwhash_selector.cr @@ -19,20 +19,20 @@ mem_limit = (ARGV.shift?.try &.to_i || (Cox::Pwhash::MEMLIMIT_MAX)).to_u64 pwhash = Cox::Pwhash.new pass = "1234" -#data = Array(Array({UInt64, UInt64, Float64})).new +# data = Array(Array({UInt64, UInt64, Float64})).new header = [" "] data = [header] def bytes_str(b) suffix = if b >= 1024*1024 - b /= (1024*1024) - "M" - elsif b >= 1024 - b = b / 1024 - "K" - else - "" - end + b /= (1024*1024) + "M" + elsif b >= 1024 + b = b / 1024 + "K" + else + "" + end "%5d#{suffix}" % b end @@ -49,7 +49,7 @@ loop do header << ostr if data.size == 2 if t >= time_min mstr = bytes_str pwhash.memlimit -# mstr = "%5dK" % (pwhash.memlimit / 1024) + # mstr = "%5dK" % (pwhash.memlimit / 1024) tstr = "%6.3fs" % t row << tstr s = String.build do |sb| @@ -75,7 +75,7 @@ loop do break if pwhash.opslimit == Cox::Pwhash::OPSLIMIT_MIN # Couldn't get past 1 iteration before going over time. pwhash.memlimit *= 4 end -#header << "Ops limit" +# header << "Ops limit" data << ["Memory"] # Quick n dirty sparse table. diff --git a/spec/cox/blake2b_spec.cr b/spec/cox/blake2b_spec.cr index f858174..c17ac05 100644 --- a/spec/cox/blake2b_spec.cr +++ b/spec/cox/blake2b_spec.cr @@ -2,9 +2,9 @@ require "../spec_helper" libsodium_comparisons = [ { - key: nil, - input: "", - output: "0e5751c026e543b2e8ab2eb06099daa1d1e5df47778f7787faab45cdf12fe3a8", + key: nil, + input: "", + output: "0e5751c026e543b2e8ab2eb06099daa1d1e5df47778f7787faab45cdf12fe3a8", out_size: 32, }, ] @@ -12,18 +12,17 @@ libsodium_comparisons = [ # from https://github.com/BLAKE2/BLAKE2/tree/master/testvectors test_vectors = [ { - key: "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", - input: "", + key: "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + input: "", output: "10ebb67700b1868efb4417987acf4690ae9d972fb7a590c2f02871799aaa4786b5e996e8f0f4eb981fc214b005f42d2ff4233499391653df7aefcbc13fc51568", }, { - key: "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", - input: "00", + key: "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + input: "00", output: "961f6dd1e4dd30f63901690c512e78e4b45e4742ed197c3c5e45c549fd25f2e4187b0bc9fe30492b16b0d0bc4ef9b0f34c7003fac09a5ef1532e69430234cebd", }, ] - describe Cox::Blake2b do it "libsodium comparisons" do libsodium_comparisons.each do |vec| @@ -51,7 +50,6 @@ describe Cox::Blake2b do personal2 = personal.dup personal2[0] = 1 - d = Cox::Blake2b.new key: key, salt: salt, personal: personal d.update "foo".to_slice output = d.hexdigest diff --git a/spec/cox/cipher/chalsa_spec.cr b/spec/cox/cipher/chalsa_spec.cr index 39925cd..70df4e2 100644 --- a/spec/cox/cipher/chalsa_spec.cr +++ b/spec/cox/cipher/chalsa_spec.cr @@ -20,4 +20,3 @@ require "../../../src/cox/cipher/chalsa" end end {% end %} - diff --git a/spec/cox/kdf_spec.cr b/spec/cox/kdf_spec.cr index a8675a1..368689a 100644 --- a/spec/cox/kdf_spec.cr +++ b/spec/cox/kdf_spec.cr @@ -22,5 +22,5 @@ describe Cox::Kdf do subkey1.should_not eq subkey2 end -# TODO: test exceptions + # TODO: test exceptions end diff --git a/spec/cox/pwhash_spec.cr b/spec/cox/pwhash_spec.cr index 28be1a7..9de69a7 100644 --- a/spec/cox/pwhash_spec.cr +++ b/spec/cox/pwhash_spec.cr @@ -1,12 +1,12 @@ require "../spec_helper" private def pw_min - pwhash = Cox::Pwhash.new + pwhash = Cox::Pwhash.new - # set to minimum to speed up tests - pwhash.memlimit = Cox::Pwhash::MEMLIMIT_MIN - pwhash.opslimit = Cox::Pwhash::OPSLIMIT_MIN - pwhash + # set to minimum to speed up tests + pwhash.memlimit = Cox::Pwhash::MEMLIMIT_MIN + pwhash.opslimit = Cox::Pwhash::OPSLIMIT_MIN + pwhash end describe Cox::Pwhash do @@ -45,6 +45,6 @@ describe Cox::Pwhash do key1.should eq key2 key1.should_not eq key3 key1.should_not eq key4 -# BUG: validate against known passwords + # BUG: validate against known passwords end end diff --git a/src/cox.cr b/src/cox.cr index b656f22..d1965ad 100644 --- a/src/cox.cr +++ b/src/cox.cr @@ -3,13 +3,14 @@ require "random/secure" module Cox class Error < ::Exception end + class VerificationFailed < Error end + class DecryptionFailed < Error end end - require "./cox/*" module Cox @@ -59,7 +60,7 @@ module Cox end end -if Cox::LibSodium.sodium_init() == -1 +if Cox::LibSodium.sodium_init == -1 STDERR.puts("Failed to init libsodium") exit(1) end diff --git a/src/cox/blake2b.cr b/src/cox/blake2b.cr index 1848277..3aa5bab 100644 --- a/src/cox/blake2b.cr +++ b/src/cox/blake2b.cr @@ -5,7 +5,7 @@ module Cox # provides copying digest/hexdigest methods include OpenSSL::DigestBase - KEY_SIZE = LibSodium.crypto_generichash_blake2b_keybytes + KEY_SIZE = LibSodium.crypto_generichash_blake2b_keybytes KEY_SIZE_MIN = LibSodium.crypto_generichash_blake2b_keybytes_min KEY_SIZE_MAX = LibSodium.crypto_generichash_blake2b_keybytes_max @@ -13,7 +13,7 @@ module Cox PERSONAL_SIZE = LibSodium.crypto_generichash_blake2b_personalbytes - OUT_SIZE = LibSodium.crypto_generichash_blake2b_bytes.to_i32 + OUT_SIZE = LibSodium.crypto_generichash_blake2b_bytes.to_i32 OUT_SIZE_MIN = LibSodium.crypto_generichash_blake2b_bytes_min.to_i32 OUT_SIZE_MAX = LibSodium.crypto_generichash_blake2b_bytes_max.to_i32 @@ -24,7 +24,6 @@ module Cox @have_salt = false @have_personal = false - # implemented as static array's so clone works without jumping through hoops. @key = StaticArray(UInt8, 64).new 0 @salt = StaticArray(UInt8, 16).new 0 @@ -104,5 +103,3 @@ module Cox Blake2b.new.__validate_sizes__ end - - diff --git a/src/cox/cipher/chalsa.cr b/src/cox/cipher/chalsa.cr index 45e160c..0fc485f 100644 --- a/src/cox/cipher/chalsa.cr +++ b/src/cox/cipher/chalsa.cr @@ -41,10 +41,9 @@ module Cox::Cipher # Xor's src with the cipher output and returns a new Slice def update(src : Bytes) : Bytes - update src, Bytes.new(src.bytesize) + update src, Bytes.new(src.bytesize) end - # Provided for compatibility with block ciphers. # Stream ciphers don't have additional data. def final @@ -57,11 +56,11 @@ module Cox::Cipher end abstract def update(src : Bytes, dst : Bytes) - abstract def key_size() - abstract def nonce_size() + abstract def key_size + abstract def nonce_size end - {% for key, val in { "XSalsa20" => "xsalsa20", "Salsa20" => "salsa20", "XChaCha20" => "xchacha20", "ChaCha20Ietf" => "chacha20_ietf", "ChaCha20" => "chacha20",} %} + {% for key, val in {"XSalsa20" => "xsalsa20", "Salsa20" => "salsa20", "XChaCha20" => "xchacha20", "ChaCha20Ietf" => "chacha20_ietf", "ChaCha20" => "chacha20"} %} # These classes can be used to generate pseudo-random data from a key, # or as building blocks for implementing custom constructions, but they # are not alternatives to secretbox. diff --git a/src/cox/lib_sodium.cr b/src/cox/lib_sodium.cr index 4c0218a..e2c6d91 100644 --- a/src/cox/lib_sodium.cr +++ b/src/cox/lib_sodium.cr @@ -1,31 +1,31 @@ module Cox @[Link(ldflags: "`#{__DIR__}/../../build/pkg-libs.sh #{__DIR__}/../..`")] lib LibSodium - fun sodium_init() : LibC::Int + fun sodium_init : LibC::Int - fun crypto_box_publickeybytes() : LibC::SizeT - fun crypto_box_secretkeybytes() : LibC::SizeT - fun crypto_box_noncebytes() : LibC::SizeT - fun crypto_box_macbytes() : LibC::SizeT - fun crypto_sign_publickeybytes() : LibC::SizeT - fun crypto_sign_secretkeybytes() : LibC::SizeT - fun crypto_sign_bytes() : LibC::SizeT - fun crypto_kdf_keybytes() : LibC::SizeT - fun crypto_kdf_contextbytes() : LibC::SizeT - fun crypto_pwhash_memlimit_min() : LibC::SizeT - fun crypto_pwhash_memlimit_interactive() : LibC::SizeT - fun crypto_pwhash_memlimit_max() : LibC::SizeT - fun crypto_pwhash_opslimit_min() : LibC::SizeT - fun crypto_pwhash_opslimit_interactive() : LibC::SizeT - fun crypto_pwhash_opslimit_moderate() : LibC::SizeT - fun crypto_pwhash_opslimit_sensitive() : LibC::SizeT - fun crypto_pwhash_opslimit_max() : LibC::SizeT - fun crypto_pwhash_strbytes() : LibC::SizeT - fun crypto_pwhash_alg_argon2i13() : LibC::Int - fun crypto_pwhash_alg_argon2id13() : LibC::Int + fun crypto_box_publickeybytes : LibC::SizeT + fun crypto_box_secretkeybytes : LibC::SizeT + fun crypto_box_noncebytes : LibC::SizeT + fun crypto_box_macbytes : LibC::SizeT + fun crypto_sign_publickeybytes : LibC::SizeT + fun crypto_sign_secretkeybytes : LibC::SizeT + fun crypto_sign_bytes : LibC::SizeT + fun crypto_kdf_keybytes : LibC::SizeT + fun crypto_kdf_contextbytes : LibC::SizeT + fun crypto_pwhash_memlimit_min : LibC::SizeT + fun crypto_pwhash_memlimit_interactive : LibC::SizeT + fun crypto_pwhash_memlimit_max : LibC::SizeT + fun crypto_pwhash_opslimit_min : LibC::SizeT + fun crypto_pwhash_opslimit_interactive : LibC::SizeT + fun crypto_pwhash_opslimit_moderate : LibC::SizeT + fun crypto_pwhash_opslimit_sensitive : LibC::SizeT + fun crypto_pwhash_opslimit_max : LibC::SizeT + fun crypto_pwhash_strbytes : LibC::SizeT + fun crypto_pwhash_alg_argon2i13 : LibC::Int + fun crypto_pwhash_alg_argon2id13 : LibC::Int fun crypto_pwhash_saltbytes : LibC::SizeT - fun crypto_pwhash_bytes_min() : LibC::SizeT - fun crypto_pwhash_bytes_max() : LibC::SizeT + fun crypto_pwhash_bytes_min : LibC::SizeT + fun crypto_pwhash_bytes_max : LibC::SizeT fun crypto_generichash_blake2b_statebytes : LibC::SizeT fun crypto_generichash_blake2b_bytes : LibC::SizeT fun crypto_generichash_blake2b_bytes_min : LibC::SizeT @@ -48,25 +48,25 @@ module Cox PWHASH_STR_SIZE = crypto_pwhash_strbytes() fun crypto_secretbox_easy( - output : Pointer(LibC::UChar), - data : Pointer(LibC::UChar), - data_size : LibC::ULongLong, - nonce : Pointer(LibC::UChar), - key : Pointer(LibC::UChar), + output : Pointer(LibC::UChar), + data : Pointer(LibC::UChar), + data_size : LibC::ULongLong, + nonce : Pointer(LibC::UChar), + key : Pointer(LibC::UChar) ) : LibC::Int fun crypto_secretbox_open_easy( - output : Pointer(LibC::UChar), - data : Pointer(LibC::UChar), - data_size : LibC::ULongLong, - nonce : Pointer(LibC::UChar), - key : Pointer(LibC::UChar), + output : Pointer(LibC::UChar), + data : Pointer(LibC::UChar), + data_size : LibC::ULongLong, + nonce : Pointer(LibC::UChar), + key : Pointer(LibC::UChar) ) : LibC::Int -# TODO: Add reduced round variants. + # TODO: Add reduced round variants. {% for name in ["_chacha20", "_chacha20_ietf", "_xchacha20", "_salsa20", "_xsalsa20"] %} - fun crypto_stream{{ name.id}}_keybytes() : LibC::SizeT - fun crypto_stream{{ name.id}}_noncebytes() : LibC::SizeT + fun crypto_stream{{ name.id }}_keybytes() : LibC::SizeT + fun crypto_stream{{ name.id }}_noncebytes() : LibC::SizeT fun crypto_stream{{ name.id }}_xor_ic( c : Pointer(LibC::UChar), @@ -84,20 +84,20 @@ module Cox ) fun crypto_box_easy( - output : Pointer(LibC::UChar), - data : Pointer(LibC::UChar), - data_size : LibC::ULongLong, - nonce : Pointer(LibC::UChar), + output : Pointer(LibC::UChar), + data : Pointer(LibC::UChar), + data_size : LibC::ULongLong, + nonce : Pointer(LibC::UChar), recipient_public_key : Pointer(LibC::UChar), - sender_secret_key : Pointer(LibC::UChar) + sender_secret_key : Pointer(LibC::UChar) ) : LibC::Int fun crypto_box_open_easy( - output : Pointer(LibC::UChar), - data : Pointer(LibC::UChar), - data_size : LibC::ULongLong, - nonce : Pointer(LibC::UChar), - sender_public_key : Pointer(LibC::UChar), + output : Pointer(LibC::UChar), + data : Pointer(LibC::UChar), + data_size : LibC::ULongLong, + nonce : Pointer(LibC::UChar), + sender_public_key : Pointer(LibC::UChar), recipient_secret_key : Pointer(LibC::UChar) ) : LibC::Int @@ -107,57 +107,57 @@ module Cox ) : LibC::Int fun crypto_sign_detached( - signature_output : Pointer(LibC::UChar), + signature_output : Pointer(LibC::UChar), signature_output_size : LibC::ULongLong, - message : Pointer(LibC::UChar), - message_size : LibC::ULongLong, - secret_key : Pointer(LibC::UChar) + message : Pointer(LibC::UChar), + message_size : LibC::ULongLong, + secret_key : Pointer(LibC::UChar) ) : LibC::Int fun crypto_sign_verify_detached( - signature : Pointer(LibC::UChar), - message : Pointer(LibC::UChar), + signature : Pointer(LibC::UChar), + message : Pointer(LibC::UChar), message_size : LibC::ULongLong, - public_key : Pointer(LibC::UChar) + public_key : Pointer(LibC::UChar) ) : LibC::Int fun crypto_kdf_derive_from_key( - subkey : Pointer(LibC::UChar), - subkey_len : LibC::SizeT, - subkey_id : UInt64, - ctx : Pointer(LibC::UChar), - key : Pointer(LibC::UChar) + subkey : Pointer(LibC::UChar), + subkey_len : LibC::SizeT, + subkey_id : UInt64, + ctx : Pointer(LibC::UChar), + key : Pointer(LibC::UChar) ) : LibC::Int fun crypto_pwhash( - key : Pointer(LibC::UChar), - key_size : LibC::ULongLong, - pass : Pointer(LibC::UChar), - pass_size : LibC::ULongLong, - salt : Pointer(LibC::UChar), - optslimit : LibC::ULongLong, - memlimit : LibC::SizeT, - alg : LibC::Int, + key : Pointer(LibC::UChar), + key_size : LibC::ULongLong, + pass : Pointer(LibC::UChar), + pass_size : LibC::ULongLong, + salt : Pointer(LibC::UChar), + optslimit : LibC::ULongLong, + memlimit : LibC::SizeT, + alg : LibC::Int ) : LibC::Int fun crypto_pwhash_str( - outstr : Pointer(LibC::UChar), - pass : Pointer(LibC::UChar), - pass_size : LibC::ULongLong, - optslimit : LibC::ULongLong, - memlimit : LibC::SizeT, + outstr : Pointer(LibC::UChar), + pass : Pointer(LibC::UChar), + pass_size : LibC::ULongLong, + optslimit : LibC::ULongLong, + memlimit : LibC::SizeT ) : LibC::Int fun crypto_pwhash_str_verify( - str : Pointer(LibC::UChar), - pass : Pointer(LibC::UChar), - pass_size : LibC::ULongLong, + str : Pointer(LibC::UChar), + pass : Pointer(LibC::UChar), + pass_size : LibC::ULongLong ) : LibC::Int fun crypto_pwhash_str_needs_rehash( - str : Pointer(LibC::UChar), - optslimit : LibC::ULongLong, - memlimit : LibC::SizeT, + str : Pointer(LibC::UChar), + optslimit : LibC::ULongLong, + memlimit : LibC::SizeT ) : LibC::Int fun crypto_generichash_blake2b_init_salt_personal( @@ -165,20 +165,20 @@ module Cox key : Pointer(LibC::UChar), key_len : UInt8, out_len : UInt8, - salt : Pointer(LibC::UChar), - personal : Pointer(LibC::UChar), + salt : Pointer(LibC::UChar), + personal : Pointer(LibC::UChar) ) : LibC::Int fun crypto_generichash_blake2b_update( state : Pointer(LibC::UChar), in : Pointer(LibC::UChar), - in_len : UInt64, + in_len : UInt64 ) : LibC::Int fun crypto_generichash_blake2b_final( state : Pointer(LibC::UChar), output : Pointer(LibC::UChar), - output_len : UInt64, + output_len : UInt64 ) : LibC::Int end end diff --git a/src/cox/pwhash.cr b/src/cox/pwhash.cr index bd11be4..50dece1 100644 --- a/src/cox/pwhash.cr +++ b/src/cox/pwhash.cr @@ -17,7 +17,7 @@ module Cox MEMLIMIT_INTERACTIVE = LibSodium.crypto_pwhash_memlimit_interactive enum Algorithm - Argon2i13 = 1 + Argon2i13 = 1 Argon2id13 = 2 end