Module: Cryptosphere

Defined in:

lib/cryptosphere.rb,
lib/cryptosphere/cli.rb,
lib/cryptosphere/head.rb,
lib/cryptosphere/version.rb,
lib/cryptosphere/identity.rb,
lib/cryptosphere/blobs/blob.rb,
lib/cryptosphere/blobs/tree.rb,
lib/cryptosphere/crypto/kdf.rb,
lib/cryptosphere/protocol/handshake.rb,
lib/cryptosphere/crypto/asymmetric_cipher.rb,
lib/cryptosphere/crypto/signature_algorithm.rb

Defined Under Namespace

Modules: Handshake Classes: AsymmetricCipher, Blob, CLI, CapabilityError, Head, Identity, InvalidSignatureError, InvalidTimestampError, Tree

Constant Summary

PUBKEY_SIZE =

How large of a key to use for the pubkey cipher

2048

VERSION =

"0.0.0"

Class Method Summary

• .block_cipher ⇒ Object

  256-bit block cipher.

• .hash_function ⇒ Object

  256-bit hash function.

• .kdf(secret, options = {}) ⇒ Object

  Cryptographically secure key derivation function: HKDF (RFC 5869).

• .sign(key, message) ⇒ Object

  Sign the given message with a private key.

• .verify(key, message, signature) ⇒ Object

  Verify a message with the public key.

• .verify!(key, message, signature) ⇒ Object

  Verify a message, raising InvalidSignatureError on signature mismatch.

Instance Method Summary

• #random_bytes(size) ⇒ Object

  Secure random data source.

Class Method Details

.block_cipher ⇒ Object

256-bit block cipher

# File 'lib/cryptosphere.rb', line 33

def self.block_cipher
  OpenSSL::Cipher::Cipher.new("aes-256-cbc")
end

.hash_function ⇒ Object

256-bit hash function

# File 'lib/cryptosphere.rb', line 28

def self.hash_function
  Digest::SHA256.new
end

.kdf(secret, options = {}) ⇒ Object

Cryptographically secure key derivation function: HKDF (RFC 5869)

Options:

• size: how many bytes of output to generate (default 32, i.e. 256 bits)

# File 'lib/cryptosphere/crypto/kdf.rb', line 8

def self.kdf(secret, options = {})
  size = options[:size] || 32
  HKDF.new(secret).next_bytes(size)
end

.sign(key, message) ⇒ Object

Sign the given message with a private key

# File 'lib/cryptosphere/crypto/signature_algorithm.rb', line 3

def self.sign(key, message)
  AsymmetricCipher.new(key).private_encrypt(kdf(message))
end

.verify(key, message, signature) ⇒ Object

Verify a message with the public key. Returns if the signature matches, and false if there’s a mismatch

# File 'lib/cryptosphere/crypto/signature_algorithm.rb', line 9

def self.verify(key, message, signature)
  AsymmetricCipher.new(key).public_decrypt(signature) == kdf(message)
end

.verify!(key, message, signature) ⇒ Object

Verify a message, raising InvalidSignatureError on signature mismatch

# File 'lib/cryptosphere/crypto/signature_algorithm.rb', line 14

def self.verify!(key, message, signature)
  verify(key, message, signature) or raise InvalidSignatureError, "signature mismatch"
end

Instance Method Details

#random_bytes(size) ⇒ Object

Secure random data source

# File 'lib/cryptosphere.rb', line 23

def random_bytes(size)
  OpenSSL::Random.random_bytes(size)
end