Baguette
/
sodium.cr
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Formatting

master
Didactic Drunk 2019-06-27 17:20:02 -07:00
parent e0ea31bd2e
commit be5b250a22
11 changed files with 121 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -173,10 +173,11 @@ Ops limit →
## Contributing ## Contributing
1. Fork it ( https://github.com/didactic-drunk/cox/fork ) 1. Fork it ( https://github.com/didactic-drunk/cox/fork )
2. Create your feature branch (git checkout -b my-new-feature) 2. **Install a formatting check git hook (ln -sf ../../scripts/git/pre-commit .git/hooks)**
3. Commit your changes (git commit -am 'Add some feature') 3. Create your feature branch (git checkout -b my-new-feature)
4. Push to the branch (git push origin my-new-feature) 4. Commit your changes (git commit -am 'Add some feature')
5. Create a new Pull Request 5. Push to the branch (git push origin my-new-feature)
6. Create a new Pull Request
## Contributors ## Contributors

22
examples/pwhash_selector.cr
View File

@ -19,20 +19,20 @@ mem_limit = (ARGV.shift?.try &.to_i || (Cox::Pwhash::MEMLIMIT_MAX)).to_u64
pwhash = Cox::Pwhash.new pwhash = Cox::Pwhash.new
pass = "1234" pass = "1234"
#data = Array(Array({UInt64, UInt64, Float64})).new # data = Array(Array({UInt64, UInt64, Float64})).new
header = [" "] header = [" "]
data = [header] data = [header]
def bytes_str(b) def bytes_str(b)
suffix = if b >= 1024*1024 suffix = if b >= 1024*1024
b /= (1024*1024) b /= (1024*1024)
"M" "M"
elsif b >= 1024 elsif b >= 1024
b = b / 1024 b = b / 1024
"K" "K"
else else
"" ""
end end
"%5d#{suffix}" % b "%5d#{suffix}" % b
end end
@ -49,7 +49,7 @@ loop do
header << ostr if data.size == 2 header << ostr if data.size == 2
if t >= time_min if t >= time_min
mstr = bytes_str pwhash.memlimit mstr = bytes_str pwhash.memlimit
# mstr = "%5dK" % (pwhash.memlimit / 1024) # mstr = "%5dK" % (pwhash.memlimit / 1024)
tstr = "%6.3fs" % t tstr = "%6.3fs" % t
row << tstr row << tstr
s = String.build do |sb| s = String.build do |sb|
@ -75,7 +75,7 @@ loop do
break if pwhash.opslimit == Cox::Pwhash::OPSLIMIT_MIN # Couldn't get past 1 iteration before going over time. break if pwhash.opslimit == Cox::Pwhash::OPSLIMIT_MIN # Couldn't get past 1 iteration before going over time.
pwhash.memlimit *= 4 pwhash.memlimit *= 4
end end
#header << "Ops limit" # header << "Ops limit"
data << ["Memory"] data << ["Memory"]
# Quick n dirty sparse table. # Quick n dirty sparse table.

16
spec/cox/blake2b_spec.cr
View File

@ -2,9 +2,9 @@ require "../spec_helper"
libsodium_comparisons = [ libsodium_comparisons = [
{ {
key: nil, key: nil,
input: "", input: "",
output: "0e5751c026e543b2e8ab2eb06099daa1d1e5df47778f7787faab45cdf12fe3a8", output: "0e5751c026e543b2e8ab2eb06099daa1d1e5df47778f7787faab45cdf12fe3a8",
out_size: 32, out_size: 32,
}, },
] ]
@ -12,18 +12,17 @@ libsodium_comparisons = [
# from https://github.com/BLAKE2/BLAKE2/tree/master/testvectors # from https://github.com/BLAKE2/BLAKE2/tree/master/testvectors
test_vectors = [ test_vectors = [
{ {
key: "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", key: "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
input: "", input: "",
output: "10ebb67700b1868efb4417987acf4690ae9d972fb7a590c2f02871799aaa4786b5e996e8f0f4eb981fc214b005f42d2ff4233499391653df7aefcbc13fc51568", output: "10ebb67700b1868efb4417987acf4690ae9d972fb7a590c2f02871799aaa4786b5e996e8f0f4eb981fc214b005f42d2ff4233499391653df7aefcbc13fc51568",
}, },
{ {
key: "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", key: "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
input: "00", input: "00",
output: "961f6dd1e4dd30f63901690c512e78e4b45e4742ed197c3c5e45c549fd25f2e4187b0bc9fe30492b16b0d0bc4ef9b0f34c7003fac09a5ef1532e69430234cebd", output: "961f6dd1e4dd30f63901690c512e78e4b45e4742ed197c3c5e45c549fd25f2e4187b0bc9fe30492b16b0d0bc4ef9b0f34c7003fac09a5ef1532e69430234cebd",
}, },
] ]
describe Cox::Blake2b do describe Cox::Blake2b do
it "libsodium comparisons" do it "libsodium comparisons" do
libsodium_comparisons.each do |vec| libsodium_comparisons.each do |vec|
@ -51,7 +50,6 @@ describe Cox::Blake2b do
personal2 = personal.dup personal2 = personal.dup
personal2[0] = 1 personal2[0] = 1
d = Cox::Blake2b.new key: key, salt: salt, personal: personal d = Cox::Blake2b.new key: key, salt: salt, personal: personal
d.update "foo".to_slice d.update "foo".to_slice
output = d.hexdigest output = d.hexdigest

1
spec/cox/cipher/chalsa_spec.cr
View File

@ -20,4 +20,3 @@ require "../../../src/cox/cipher/chalsa"
end end
end end
{% end %} {% end %}

2
spec/cox/kdf_spec.cr
View File

@ -22,5 +22,5 @@ describe Cox::Kdf do
subkey1.should_not eq subkey2 subkey1.should_not eq subkey2
end end
# TODO: test exceptions # TODO: test exceptions
end end

12
spec/cox/pwhash_spec.cr
View File

@ -1,12 +1,12 @@
require "../spec_helper" require "../spec_helper"
private def pw_min private def pw_min
pwhash = Cox::Pwhash.new pwhash = Cox::Pwhash.new
# set to minimum to speed up tests # set to minimum to speed up tests
pwhash.memlimit = Cox::Pwhash::MEMLIMIT_MIN pwhash.memlimit = Cox::Pwhash::MEMLIMIT_MIN
pwhash.opslimit = Cox::Pwhash::OPSLIMIT_MIN pwhash.opslimit = Cox::Pwhash::OPSLIMIT_MIN
pwhash pwhash
end end
describe Cox::Pwhash do describe Cox::Pwhash do
@ -45,6 +45,6 @@ describe Cox::Pwhash do
key1.should eq key2 key1.should eq key2
key1.should_not eq key3 key1.should_not eq key3
key1.should_not eq key4 key1.should_not eq key4
# BUG: validate against known passwords # BUG: validate against known passwords
end end
end end

5
src/cox.cr
View File

@ -3,13 +3,14 @@ require "random/secure"
module Cox module Cox
class Error < ::Exception class Error < ::Exception
end end
class VerificationFailed < Error class VerificationFailed < Error
end end
class DecryptionFailed < Error class DecryptionFailed < Error
end end
end end
require "./cox/*" require "./cox/*"
module Cox module Cox
@ -59,7 +60,7 @@ module Cox
end end
end end
if Cox::LibSodium.sodium_init() == -1 if Cox::LibSodium.sodium_init == -1
STDERR.puts("Failed to init libsodium") STDERR.puts("Failed to init libsodium")
exit(1) exit(1)
end end

7
src/cox/blake2b.cr
View File

@ -5,7 +5,7 @@ module Cox
# provides copying digest/hexdigest methods # provides copying digest/hexdigest methods
include OpenSSL::DigestBase include OpenSSL::DigestBase
KEY_SIZE = LibSodium.crypto_generichash_blake2b_keybytes KEY_SIZE = LibSodium.crypto_generichash_blake2b_keybytes
KEY_SIZE_MIN = LibSodium.crypto_generichash_blake2b_keybytes_min KEY_SIZE_MIN = LibSodium.crypto_generichash_blake2b_keybytes_min
KEY_SIZE_MAX = LibSodium.crypto_generichash_blake2b_keybytes_max KEY_SIZE_MAX = LibSodium.crypto_generichash_blake2b_keybytes_max
@ -13,7 +13,7 @@ module Cox
PERSONAL_SIZE = LibSodium.crypto_generichash_blake2b_personalbytes PERSONAL_SIZE = LibSodium.crypto_generichash_blake2b_personalbytes
OUT_SIZE = LibSodium.crypto_generichash_blake2b_bytes.to_i32 OUT_SIZE = LibSodium.crypto_generichash_blake2b_bytes.to_i32
OUT_SIZE_MIN = LibSodium.crypto_generichash_blake2b_bytes_min.to_i32 OUT_SIZE_MIN = LibSodium.crypto_generichash_blake2b_bytes_min.to_i32
OUT_SIZE_MAX = LibSodium.crypto_generichash_blake2b_bytes_max.to_i32 OUT_SIZE_MAX = LibSodium.crypto_generichash_blake2b_bytes_max.to_i32
@ -24,7 +24,6 @@ module Cox
@have_salt = false @have_salt = false
@have_personal = false @have_personal = false
# implemented as static array's so clone works without jumping through hoops. # implemented as static array's so clone works without jumping through hoops.
@key = StaticArray(UInt8, 64).new 0 @key = StaticArray(UInt8, 64).new 0
@salt = StaticArray(UInt8, 16).new 0 @salt = StaticArray(UInt8, 16).new 0
@ -104,5 +103,3 @@ module Cox
Blake2b.new.__validate_sizes__ Blake2b.new.__validate_sizes__
end end

9
src/cox/cipher/chalsa.cr
View File

@ -41,10 +41,9 @@ module Cox::Cipher
# Xor's src with the cipher output and returns a new Slice # Xor's src with the cipher output and returns a new Slice
def update(src : Bytes) : Bytes def update(src : Bytes) : Bytes
update src, Bytes.new(src.bytesize) update src, Bytes.new(src.bytesize)
end end
# Provided for compatibility with block ciphers. # Provided for compatibility with block ciphers.
# Stream ciphers don't have additional data. # Stream ciphers don't have additional data.
def final def final
@ -57,11 +56,11 @@ module Cox::Cipher
end end
abstract def update(src : Bytes, dst : Bytes) abstract def update(src : Bytes, dst : Bytes)
abstract def key_size() abstract def key_size
abstract def nonce_size() abstract def nonce_size
end end
{% for key, val in { "XSalsa20" => "xsalsa20", "Salsa20" => "salsa20", "XChaCha20" => "xchacha20", "ChaCha20Ietf" => "chacha20_ietf", "ChaCha20" => "chacha20",} %} {% for key, val in {"XSalsa20" => "xsalsa20", "Salsa20" => "salsa20", "XChaCha20" => "xchacha20", "ChaCha20Ietf" => "chacha20_ietf", "ChaCha20" => "chacha20"} %}
# These classes can be used to generate pseudo-random data from a key, # These classes can be used to generate pseudo-random data from a key,
# or as building blocks for implementing custom constructions, but they # or as building blocks for implementing custom constructions, but they
# are not alternatives to secretbox. # are not alternatives to secretbox.

162
src/cox/lib_sodium.cr
View File

@ -1,31 +1,31 @@
module Cox module Cox
@[Link(ldflags: "`#{__DIR__}/../../build/pkg-libs.sh #{__DIR__}/../..`")] @[Link(ldflags: "`#{__DIR__}/../../build/pkg-libs.sh #{__DIR__}/../..`")]
lib LibSodium lib LibSodium
fun sodium_init() : LibC::Int fun sodium_init : LibC::Int
fun crypto_box_publickeybytes() : LibC::SizeT fun crypto_box_publickeybytes : LibC::SizeT
fun crypto_box_secretkeybytes() : LibC::SizeT fun crypto_box_secretkeybytes : LibC::SizeT
fun crypto_box_noncebytes() : LibC::SizeT fun crypto_box_noncebytes : LibC::SizeT
fun crypto_box_macbytes() : LibC::SizeT fun crypto_box_macbytes : LibC::SizeT
fun crypto_sign_publickeybytes() : LibC::SizeT fun crypto_sign_publickeybytes : LibC::SizeT
fun crypto_sign_secretkeybytes() : LibC::SizeT fun crypto_sign_secretkeybytes : LibC::SizeT
fun crypto_sign_bytes() : LibC::SizeT fun crypto_sign_bytes : LibC::SizeT
fun crypto_kdf_keybytes() : LibC::SizeT fun crypto_kdf_keybytes : LibC::SizeT
fun crypto_kdf_contextbytes() : LibC::SizeT fun crypto_kdf_contextbytes : LibC::SizeT
fun crypto_pwhash_memlimit_min() : LibC::SizeT fun crypto_pwhash_memlimit_min : LibC::SizeT
fun crypto_pwhash_memlimit_interactive() : LibC::SizeT fun crypto_pwhash_memlimit_interactive : LibC::SizeT
fun crypto_pwhash_memlimit_max() : LibC::SizeT fun crypto_pwhash_memlimit_max : LibC::SizeT
fun crypto_pwhash_opslimit_min() : LibC::SizeT fun crypto_pwhash_opslimit_min : LibC::SizeT
fun crypto_pwhash_opslimit_interactive() : LibC::SizeT fun crypto_pwhash_opslimit_interactive : LibC::SizeT
fun crypto_pwhash_opslimit_moderate() : LibC::SizeT fun crypto_pwhash_opslimit_moderate : LibC::SizeT
fun crypto_pwhash_opslimit_sensitive() : LibC::SizeT fun crypto_pwhash_opslimit_sensitive : LibC::SizeT
fun crypto_pwhash_opslimit_max() : LibC::SizeT fun crypto_pwhash_opslimit_max : LibC::SizeT
fun crypto_pwhash_strbytes() : LibC::SizeT fun crypto_pwhash_strbytes : LibC::SizeT
fun crypto_pwhash_alg_argon2i13() : LibC::Int fun crypto_pwhash_alg_argon2i13 : LibC::Int
fun crypto_pwhash_alg_argon2id13() : LibC::Int fun crypto_pwhash_alg_argon2id13 : LibC::Int
fun crypto_pwhash_saltbytes : LibC::SizeT fun crypto_pwhash_saltbytes : LibC::SizeT
fun crypto_pwhash_bytes_min() : LibC::SizeT fun crypto_pwhash_bytes_min : LibC::SizeT
fun crypto_pwhash_bytes_max() : LibC::SizeT fun crypto_pwhash_bytes_max : LibC::SizeT
fun crypto_generichash_blake2b_statebytes : LibC::SizeT fun crypto_generichash_blake2b_statebytes : LibC::SizeT
fun crypto_generichash_blake2b_bytes : LibC::SizeT fun crypto_generichash_blake2b_bytes : LibC::SizeT
fun crypto_generichash_blake2b_bytes_min : LibC::SizeT fun crypto_generichash_blake2b_bytes_min : LibC::SizeT
@ -48,25 +48,25 @@ module Cox
PWHASH_STR_SIZE = crypto_pwhash_strbytes() PWHASH_STR_SIZE = crypto_pwhash_strbytes()
fun crypto_secretbox_easy( fun crypto_secretbox_easy(
output : Pointer(LibC::UChar), output : Pointer(LibC::UChar),
data : Pointer(LibC::UChar), data : Pointer(LibC::UChar),
data_size : LibC::ULongLong, data_size : LibC::ULongLong,
nonce : Pointer(LibC::UChar), nonce : Pointer(LibC::UChar),
key : Pointer(LibC::UChar), key : Pointer(LibC::UChar)
) : LibC::Int ) : LibC::Int
fun crypto_secretbox_open_easy( fun crypto_secretbox_open_easy(
output : Pointer(LibC::UChar), output : Pointer(LibC::UChar),
data : Pointer(LibC::UChar), data : Pointer(LibC::UChar),
data_size : LibC::ULongLong, data_size : LibC::ULongLong,
nonce : Pointer(LibC::UChar), nonce : Pointer(LibC::UChar),
key : Pointer(LibC::UChar), key : Pointer(LibC::UChar)
) : LibC::Int ) : LibC::Int
# TODO: Add reduced round variants. # TODO: Add reduced round variants.
{% for name in ["_chacha20", "_chacha20_ietf", "_xchacha20", "_salsa20", "_xsalsa20"] %} {% for name in ["_chacha20", "_chacha20_ietf", "_xchacha20", "_salsa20", "_xsalsa20"] %}
fun crypto_stream{{ name.id}}_keybytes() : LibC::SizeT fun crypto_stream{{ name.id }}_keybytes() : LibC::SizeT
fun crypto_stream{{ name.id}}_noncebytes() : LibC::SizeT fun crypto_stream{{ name.id }}_noncebytes() : LibC::SizeT
fun crypto_stream{{ name.id }}_xor_ic( fun crypto_stream{{ name.id }}_xor_ic(
c : Pointer(LibC::UChar), c : Pointer(LibC::UChar),
@ -84,20 +84,20 @@ module Cox
) )
fun crypto_box_easy( fun crypto_box_easy(
output : Pointer(LibC::UChar), output : Pointer(LibC::UChar),
data : Pointer(LibC::UChar), data : Pointer(LibC::UChar),
data_size : LibC::ULongLong, data_size : LibC::ULongLong,
nonce : Pointer(LibC::UChar), nonce : Pointer(LibC::UChar),
recipient_public_key : Pointer(LibC::UChar), recipient_public_key : Pointer(LibC::UChar),
sender_secret_key : Pointer(LibC::UChar) sender_secret_key : Pointer(LibC::UChar)
) : LibC::Int ) : LibC::Int
fun crypto_box_open_easy( fun crypto_box_open_easy(
output : Pointer(LibC::UChar), output : Pointer(LibC::UChar),
data : Pointer(LibC::UChar), data : Pointer(LibC::UChar),
data_size : LibC::ULongLong, data_size : LibC::ULongLong,
nonce : Pointer(LibC::UChar), nonce : Pointer(LibC::UChar),
sender_public_key : Pointer(LibC::UChar), sender_public_key : Pointer(LibC::UChar),
recipient_secret_key : Pointer(LibC::UChar) recipient_secret_key : Pointer(LibC::UChar)
) : LibC::Int ) : LibC::Int
@ -107,57 +107,57 @@ module Cox
) : LibC::Int ) : LibC::Int
fun crypto_sign_detached( fun crypto_sign_detached(
signature_output : Pointer(LibC::UChar), signature_output : Pointer(LibC::UChar),
signature_output_size : LibC::ULongLong, signature_output_size : LibC::ULongLong,
message : Pointer(LibC::UChar), message : Pointer(LibC::UChar),
message_size : LibC::ULongLong, message_size : LibC::ULongLong,
secret_key : Pointer(LibC::UChar) secret_key : Pointer(LibC::UChar)
) : LibC::Int ) : LibC::Int
fun crypto_sign_verify_detached( fun crypto_sign_verify_detached(
signature : Pointer(LibC::UChar), signature : Pointer(LibC::UChar),
message : Pointer(LibC::UChar), message : Pointer(LibC::UChar),
message_size : LibC::ULongLong, message_size : LibC::ULongLong,
public_key : Pointer(LibC::UChar) public_key : Pointer(LibC::UChar)
) : LibC::Int ) : LibC::Int
fun crypto_kdf_derive_from_key( fun crypto_kdf_derive_from_key(
subkey : Pointer(LibC::UChar), subkey : Pointer(LibC::UChar),
subkey_len : LibC::SizeT, subkey_len : LibC::SizeT,
subkey_id : UInt64, subkey_id : UInt64,
ctx : Pointer(LibC::UChar), ctx : Pointer(LibC::UChar),
key : Pointer(LibC::UChar) key : Pointer(LibC::UChar)
) : LibC::Int ) : LibC::Int
fun crypto_pwhash( fun crypto_pwhash(
key : Pointer(LibC::UChar), key : Pointer(LibC::UChar),
key_size : LibC::ULongLong, key_size : LibC::ULongLong,
pass : Pointer(LibC::UChar), pass : Pointer(LibC::UChar),
pass_size : LibC::ULongLong, pass_size : LibC::ULongLong,
salt : Pointer(LibC::UChar), salt : Pointer(LibC::UChar),
optslimit : LibC::ULongLong, optslimit : LibC::ULongLong,
memlimit : LibC::SizeT, memlimit : LibC::SizeT,
alg : LibC::Int, alg : LibC::Int
) : LibC::Int ) : LibC::Int
fun crypto_pwhash_str( fun crypto_pwhash_str(
outstr : Pointer(LibC::UChar), outstr : Pointer(LibC::UChar),
pass : Pointer(LibC::UChar), pass : Pointer(LibC::UChar),
pass_size : LibC::ULongLong, pass_size : LibC::ULongLong,
optslimit : LibC::ULongLong, optslimit : LibC::ULongLong,
memlimit : LibC::SizeT, memlimit : LibC::SizeT
) : LibC::Int ) : LibC::Int
fun crypto_pwhash_str_verify( fun crypto_pwhash_str_verify(
str : Pointer(LibC::UChar), str : Pointer(LibC::UChar),
pass : Pointer(LibC::UChar), pass : Pointer(LibC::UChar),
pass_size : LibC::ULongLong, pass_size : LibC::ULongLong
) : LibC::Int ) : LibC::Int
fun crypto_pwhash_str_needs_rehash( fun crypto_pwhash_str_needs_rehash(
str : Pointer(LibC::UChar), str : Pointer(LibC::UChar),
optslimit : LibC::ULongLong, optslimit : LibC::ULongLong,
memlimit : LibC::SizeT, memlimit : LibC::SizeT
) : LibC::Int ) : LibC::Int
fun crypto_generichash_blake2b_init_salt_personal( fun crypto_generichash_blake2b_init_salt_personal(
@ -165,20 +165,20 @@ module Cox
key : Pointer(LibC::UChar), key : Pointer(LibC::UChar),
key_len : UInt8, key_len : UInt8,
out_len : UInt8, out_len : UInt8,
salt : Pointer(LibC::UChar), salt : Pointer(LibC::UChar),
personal : Pointer(LibC::UChar), personal : Pointer(LibC::UChar)
) : LibC::Int ) : LibC::Int
fun crypto_generichash_blake2b_update( fun crypto_generichash_blake2b_update(
state : Pointer(LibC::UChar), state : Pointer(LibC::UChar),
in : Pointer(LibC::UChar), in : Pointer(LibC::UChar),
in_len : UInt64, in_len : UInt64
) : LibC::Int ) : LibC::Int
fun crypto_generichash_blake2b_final( fun crypto_generichash_blake2b_final(
state : Pointer(LibC::UChar), state : Pointer(LibC::UChar),
output : Pointer(LibC::UChar), output : Pointer(LibC::UChar),
output_len : UInt64, output_len : UInt64
) : LibC::Int ) : LibC::Int
end end
end end

2
src/cox/pwhash.cr
View File

@ -17,7 +17,7 @@ module Cox
MEMLIMIT_INTERACTIVE = LibSodium.crypto_pwhash_memlimit_interactive MEMLIMIT_INTERACTIVE = LibSodium.crypto_pwhash_memlimit_interactive
enum Algorithm enum Algorithm
Argon2i13 = 1 Argon2i13 = 1
Argon2id13 = 2 Argon2id13 = 2
end end