Blake2b accepts a SecureBuffer key.

More public constructors for SecretBox.
master
Didactic Drunk 2019-07-08 13:24:25 -07:00
parent d1c8829fcf
commit cfd8a10b6b
3 changed files with 11 additions and 8 deletions

View File

@ -19,13 +19,13 @@ module Sodium::Digest
include OpenSSL::DigestBase
include Wipe
KEY_SIZE = LibSodium.crypto_generichash_blake2b_keybytes # 32
KEY_SIZE_MIN = LibSodium.crypto_generichash_blake2b_keybytes_min # 16
KEY_SIZE_MAX = LibSodium.crypto_generichash_blake2b_keybytes_max # 64
KEY_SIZE = LibSodium.crypto_generichash_blake2b_keybytes.to_i # 32
KEY_SIZE_MIN = LibSodium.crypto_generichash_blake2b_keybytes_min.to_i # 16
KEY_SIZE_MAX = LibSodium.crypto_generichash_blake2b_keybytes_max.to_i # 64
SALT_SIZE = LibSodium.crypto_generichash_blake2b_saltbytes # 16
SALT_SIZE = LibSodium.crypto_generichash_blake2b_saltbytes.to_i # 16
PERSONAL_SIZE = LibSodium.crypto_generichash_blake2b_personalbytes # 16
PERSONAL_SIZE = LibSodium.crypto_generichash_blake2b_personalbytes.to_i # 16
OUT_SIZE = LibSodium.crypto_generichash_blake2b_bytes.to_i32 # 32
OUT_SIZE_MIN = LibSodium.crypto_generichash_blake2b_bytes_min.to_i32 # 16
@ -50,8 +50,9 @@ module Sodium::Digest
#
# `key`, `salt`, and `personal` are all optional. Most other libsodium bindings don't support them.
# Check the other implementation(s) you need to interoperate with before using.
def initialize(@digest_size : Int32 = OUT_SIZE, key : Bytes? = nil, salt : Bytes? = nil, personal : Bytes? = nil)
def initialize(@digest_size : Int32 = OUT_SIZE, key : Bytes? | SecureBuffer? = nil, salt : Bytes? = nil, personal : Bytes? = nil)
if k = key
k = k.to_slice
raise ArgumentError.new("key larger than KEY_SIZE_MAX(#{KEY_SIZE_MAX}), got #{k.bytesize}") if k.bytesize > KEY_SIZE_MAX
@key_size = k.bytesize
k.copy_to @key.to_slice

View File

@ -30,7 +30,7 @@ module Sodium
end
# Use an existing SecureBuffer.
protected def initialize(@buf : SecureBuffer)
def initialize(@buf : SecureBuffer)
if @buf.bytesize != KEY_SIZE
raise ArgumentError.new("Secret key must be #{KEY_SIZE} bytes, got #{@buf.bytesize}")
end
@ -40,7 +40,7 @@ module Sodium
# Copy bytes to a new SecureBuffer
#
# Optionally erases bytes after copying if erase is set
protected def initialize(bytes : Bytes, erase = false)
def initialize(bytes : Bytes, erase = false)
if bytes.bytesize != KEY_SIZE
raise ArgumentError.new("Secret key must be #{KEY_SIZE} bytes, got #{bytes.bytesize}")
end

View File

@ -5,6 +5,8 @@ module Sodium
class SecureBuffer
getter bytesize
delegate :+, :[], to: to_slice
# Allocate guarded memory using [sodium_malloc](https://libsodium.gitbook.io/doc/memory_management)
def initialize(@bytesize : Int32)
@ptr = LibSodium.sodium_malloc @bytesize