Skip to content

Commit

Permalink
rubocop
Browse files Browse the repository at this point in the history
  • Loading branch information
@jshawl
jshawl committed Feb 3, 2024
1 parent 96ae0c5 commit 9fb18dc
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 43 deletions.
58 changes: 18 additions & 40 deletions lib/minisign/private_key.rb
View file
Original file line number Diff line number Diff line change
@@ -1,62 +1,40 @@
# frozen_string_literal: true

module Minisign
# Parse ed25519 signing key from minisign private key
class PrivateKey
attr_reader :signature_algorithm, :kdf_algorithm, :cksum_algorithm, :kdf_salt, :kdf_opslimit, :kdf_memlimit,
:key_id, :public_key, :secret_key, :checksum

def initialize(opts, _password = nil)
@signature_algorithm = opts[:signature_algorithm]
@kdf_algorithm = opts[:kdf_algorithm]
@cksum_algorithm = opts[:cksum_algorithm]
@kdf_salt = opts[:kdf_salt]
@kdf_opslimit = opts[:kdf_opslimit]
@kdf_memlimit = opts[:kdf_memlimit]
@key_id = opts[:key_id]
@secret_key = opts[:secret_key]
@public_key = opts[:public_key]
@checksum = opts[:checksum]
end

def self.from_file(path, password = nil)
# rubocop:disable Metrics/AbcSize
def initialize(path, password = nil)
contents = File.read(path).split("\n")
bytes = Base64.decode64(contents.last).bytes
signature_algorithm = bytes[0..1].pack('U*')
kdf_algorithm = bytes[2..3].pack('U*')
cksum_algorithm = bytes[4..5].pack('U*')
kdf_salt = bytes[6..37]
kdf_opslimit = bytes[38..45].pack('V*').unpack('N*').sum
kdf_memlimit = bytes[46..53].pack('V*').unpack('N*').sum
@signature_algorithm, @kdf_algorithm, @cksum_algorithm =
[bytes[0..1], bytes[2..3], bytes[4..5]].map { |a| a.pack('U*') }
@kdf_salt = bytes[6..37]
@kdf_opslimit = bytes[38..45].pack('V*').unpack('N*').sum
@kdf_memlimit = bytes[46..53].pack('V*').unpack('N*').sum
kdf_output = derive_key(password, @kdf_salt, @kdf_opslimit, @kdf_memlimit)
@key_id, @secret_key, @public_key, @checksum = xor(kdf_output, bytes[54..157])
end
# rubocop:enable Metrics/AbcSize

kdf_output = RbNaCl::PasswordHash.scrypt(
def derive_key(password, kdf_salt, kdf_opslimit, kdf_memlimit)
RbNaCl::PasswordHash.scrypt(
password,
kdf_salt.pack('C*'),
kdf_opslimit,
kdf_memlimit,
104
).bytes
end

def xor(kdf_output, contents)
xored = kdf_output.each_with_index.map do |b, i|
bytes[54..157][i] ^ b
contents[i] ^ b
end

key_id = xored[0..7]
secret_key = xored[8..39]
public_key = xored[40..71]
checksum = xored[72..103]

new({
signature_algorithm: signature_algorithm,
kdf_algorithm: kdf_algorithm,
cksum_algorithm: cksum_algorithm,
kdf_salt: kdf_salt,
kdf_opslimit: kdf_opslimit,
kdf_memlimit: kdf_memlimit,
key_id: key_id,
secret_key: secret_key,
public_key: public_key,
checksum: checksum
})
[xored[0..7], xored[8..39], xored[40..71], xored[72..103]]
end
end
end
6 changes: 3 additions & 3 deletions spec/minisign/private_key_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
describe Minisign::PrivateKey do
describe '.from_file' do
before(:all) do
@private_key = Minisign::PrivateKey.from_file('test/minisign.key', 'password')
@private_key = Minisign::PrivateKey.new('test/minisign.key', 'password')
end

it 'parses the signature_algorithm' do
Expand Down Expand Up @@ -38,12 +38,12 @@

it 'parses the public key' do
expect(@private_key.public_key).to eq([108, 35, 192, 26, 47, 128, 233, 165, 133, 38, 242, 5, 76, 55, 135, 40,
103, 72, 230, 43, 184, 117, 219, 37, 173, 250, 196, 122, 252, 174, 173, 140])
103, 72, 230, 43, 184, 117, 219, 37, 173, 250, 196, 122, 252, 174, 173, 140]) # rubocop:disable Layout/LineLength
end

it 'parses the secret key' do
expect(@private_key.secret_key).to eq([65, 87, 110, 33, 168, 130, 118, 100, 249, 200, 160, 167, 47, 59, 141,
122, 156, 38, 80, 199, 139, 1, 21, 18, 116, 110, 204, 131, 199, 202, 181, 87])
122, 156, 38, 80, 199, 139, 1, 21, 18, 116, 110, 204, 131, 199, 202, 181, 87]) # rubocop:disable Layout/LineLength
end

it 'parses the checksum' do
Expand Down

0 comments on commit 9fb18dc

Please sign in to comment.