cmac-rb 0.0.1

data/ext/cmac/cmac.c

@@ -0,0 +1,112 @@
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/evp.h>
+#include <openssl/aes.h>
+
+#include "cmac.h"
+
+static void cmac_xor (unsigned char *out, const unsigned char *in) {
+  
+  int i;
+  
+  for (i = 0; i < AES_BLOCK_SIZE; i++) {
+    out[i] ^= in[i];
+  }
+  
+}
+
+static void cmac_pad (unsigned char *buf, int len) {
+
+  int i;
+  
+  for ( i = len; i < AES_BLOCK_SIZE; i++ ) {
+    buf[i] = (i == len) ? 0x80 : 0x00;
+  }
+  
+}
+
+static unsigned char cmac_left_shift(unsigned char *out, unsigned char *in, unsigned char *overflow) {
+  
+  int i;
+
+  for (i = AES_BLOCK_SIZE - 1; i >= 0; i--) {
+    out[i] = (in[i] << 1) | (*overflow);
+    (*overflow) = CMAC_MSB(&in[i]);
+  }
+  
+  return;
+  
+}
+
+static void cmac_generate_sub_key(unsigned char *out, unsigned char *in) {
+  
+  int i; unsigned char overflow = 0;
+
+  cmac_left_shift(out, in, &overflow);
+  
+  if (overflow) {
+    out[AES_BLOCK_SIZE-1] ^= 0x87;
+  }
+  
+  return;
+}
+
+
+void cmac_encrypt (cmac_ctx *ctx, const unsigned char *msg, int msg_len, unsigned char *ct) {
+  
+  int n, i, k;
+  
+  unsigned char M[AES_BLOCK_SIZE];
+  unsigned char *cursor = (unsigned char *) msg;
+
+  memcpy(ct, zero_block, AES_BLOCK_SIZE);
+  memset(M, 0, AES_BLOCK_SIZE);
+  
+  n = (msg_len + (AES_BLOCK_SIZE - 1)) / AES_BLOCK_SIZE - 1;
+  k = (msg_len % AES_BLOCK_SIZE);
+  
+  for (i = 0; i < n; i++) {
+    cmac_xor(ct, cursor);
+    AES_ecb_encrypt(ct, ct, &ctx->cmac_key, AES_ENCRYPT);
+    cursor += AES_BLOCK_SIZE;
+  }
+  
+  if (k == 0) {
+    if (msg != NULL && msg_len != 0) {
+      memcpy(M, cursor, AES_BLOCK_SIZE);
+      cmac_xor(M, ctx->K1);
+    } else {
+      cmac_pad(M, 0); cmac_xor(M, ctx->K2);
+    }
+  } else {
+    memcpy(M, cursor, k);
+    cmac_pad(M, k); cmac_xor(M, ctx->K2);
+  }
+  
+  cmac_xor(ct, M);
+  
+  AES_ecb_encrypt(ct, ct, &ctx->cmac_key, AES_ENCRYPT);
+  
+  return;
+  
+}
+
+int cmac_init (cmac_ctx *ctx, const unsigned char *key, int key_len)
+{
+  
+  unsigned char L[AES_BLOCK_SIZE];
+  
+  memset((char *)ctx, 0, sizeof(cmac_ctx));
+  
+  AES_set_encrypt_key(key, 128, &ctx->cmac_key);
+  AES_ecb_encrypt(zero_block, L, &ctx->cmac_key, AES_ENCRYPT);
+  
+  cmac_generate_sub_key(ctx->K1, L);
+  cmac_generate_sub_key(ctx->K2, ctx->K1);
+
+  cmac_encrypt(ctx, zero_block, AES_BLOCK_SIZE, ctx->T);
+  
+  return 1;
+  
+}

data/ext/cmac/cmac.h

@@ -0,0 +1,23 @@
+#ifndef _CMAC_H_
+#define _CMAC_H_
+
+#include <openssl/aes.h>
+
+typedef struct _cmac_ctx {
+  unsigned char K1[AES_BLOCK_SIZE];
+  unsigned char K2[AES_BLOCK_SIZE];
+  unsigned char T[AES_BLOCK_SIZE];
+  AES_KEY cmac_key;
+} cmac_ctx;
+
+#define CMAC_MSB(x) (((x)[0] & 0x80)?1:0)
+
+static unsigned char zero_block[AES_BLOCK_SIZE] = {
+  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+};
+
+int cmac_init(cmac_ctx * ctx, const unsigned char * key, int key_len);
+void cmac_encrypt (cmac_ctx * ctx, const unsigned char * msg, int msg_len, unsigned char * ct);
+
+#endif

data/ext/cmac/extconf.rb

@@ -0,0 +1,6 @@
+require 'mkmf'
+
+dir_config('openssl')
+have_header("openssl/ssl.h")
+have_library("ssl", "SSLv23_method")
+create_makefile('cmac/wrapper')

data/ext/cmac/wrapper.c

@@ -0,0 +1,140 @@
+#include <ruby.h>
+#include "cmac.h"
+
+// Top-level objects for the native extension
+static VALUE cmac_rb;
+static VALUE cmac_rb_digest;
+
+/* 
+ * Initialize an CMAC::Digest object with a key.
+ * Performs basic length validation on the key.
+ */
+static VALUE cmac_rb_initialize(VALUE self, VALUE key) {
+ 
+  int keyLen;
+  
+  // Replace key value with key.to_str
+  StringValue(key);
+  
+  // Get the key length as an int.
+  keyLen = RSTRING_LEN(key);
+  
+  // Make sure key is not empty
+  if (keyLen == 0) {
+    rb_raise(rb_eArgError, "Key must be non-empty.");
+  }
+  
+  // Make sure key is acceptable size
+  if (keyLen != AES_BLOCK_SIZE) {
+    rb_raise(rb_eArgError, "Only 128-bit keys are supported.");
+  }
+  
+  // Set key as instance variable
+  rb_iv_set(self, "@key", key);
+  
+  return self;
+  
+}
+
+/*
+ * Get an cmac_ctx object for the current instance
+ * by fetching the @key instance variable, converting
+ * it to a byte array and feeding it into cmac_init.
+ *
+ * Returns 1 upon success, 0 upon failure.
+ */
+static int cmac_rb_get_ctx(VALUE self, cmac_ctx* ctx) {
+  
+  VALUE key; unsigned char* cKey; int cKeyLen;
+  
+  // Get the key instance variable
+  key = rb_iv_get(self, "@key");
+  
+  // Convert the key to a byte array
+  cKey = (unsigned char*) RSTRING_PTR(key);
+  cKeyLen = RSTRING_LEN(key);
+  
+  // Initialize the context with the key
+  if (cmac_init(ctx, cKey, cKeyLen * 8) < 0) {
+    return 0;
+  }
+  
+  // Return 1 upon successful initialization
+  return 1;
+  
+}
+
+/*
+ * Compute the digest of some plaintext
+ */
+static VALUE cmac_rb_update(VALUE self, VALUE plaintext) {
+  
+  // Holds the CMAC context object.
+  cmac_ctx ctx;
+  
+  // Input plaintext as byte array.
+  const unsigned char* cPlaintext;
+  
+  // Length of the input plaintext.
+  int cPlaintextLen;
+  
+  // Holds the CMAC ciphertext object.
+  unsigned char* cDigest;
+  
+  // Holds the length of the CMAC digest.
+  int cDigestLen;
+  
+  // Get the CMAC context based on the instance's key.
+  if (!cmac_rb_get_ctx(self, &ctx)) {
+    rb_raise(rb_eRuntimeError, "Could not get CMAC context");
+  }
+  
+  // Replace the plaintext with plaintext.to_str
+  StringValue(plaintext);
+  
+  // Convert the plaintext to a byte array.
+  cPlaintext = (const unsigned char*) RSTRING_PTR(plaintext);
+  cPlaintextLen = RSTRING_LEN(plaintext);
+  
+  // Allocate space for the ciphertext.
+  cDigestLen = sizeof(unsigned char) * AES_BLOCK_SIZE;
+  cDigest = (unsigned char*) malloc(cDigestLen);
+  
+  // Call aes_cmac with all parameters.
+  cmac_encrypt(&ctx, cPlaintext, cPlaintextLen, cDigest);
+  
+  // Return a new Ruby string with the resulting value.
+  return rb_str_new((const char*) cDigest, cDigestLen);
+  
+}
+
+/*
+ * Main wrapper for the CMAC Ruby native extension.
+ */
+void Init_wrapper(void) {
+  
+  // Define the top-level module
+	cmac_rb = rb_define_module("CMAC");
+	
+	// Define the cipher class
+	cmac_rb_digest = rb_define_class_under(cmac_rb, "Digest", rb_cObject);
+	
+	// Define the implemented methods.
+	rb_define_method(cmac_rb_digest, "initialize", cmac_rb_initialize, 1);
+	rb_define_method(cmac_rb_digest, "update", cmac_rb_update, 1);
+	
+  return;
+	
+}
+
+/*
+Debug helper method to print byte arrays in hex format.
+
+void print_hex(const char* header, const unsigned char *bytes, int len) {
+  
+  int i = 0; printf("\n%s (%d): ", header, len);
+  for (i = 0; i < len; ++i) printf("%x", bytes[i]);
+  printf("\n");
+  
+}
+*/

data/lib/cmac-rb.rb

@@ -0,0 +1,2 @@
+require 'cmac-rb/wrapper'
+require 'cmac-rb/version'

data/lib/cmac-rb/version.rb

@@ -0,0 +1,3 @@
+module CMAC
+  VERSION = '0.0.1'
+end

metadata

@@ -0,0 +1,84 @@
+--- !ruby/object:Gem::Specification
+name: cmac-rb
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Louis Mullie
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-04-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.12.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.12.0
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: ! ' Ruby C extension for the AES-CMAC keyed hash function. '
+email:
+- louis.mullie@gmail.com
+executables: []
+extensions:
+- ext/cmac/extconf.rb
+extra_rdoc_files: []
+files:
+- lib/cmac-rb/version.rb
+- lib/cmac-rb.rb
+- ext/cmac/cmac.c
+- ext/cmac/wrapper.c
+- ext/cmac/cmac.h
+- ext/cmac/extconf.rb
+homepage: https://github.com/cryodex/cmac-rb
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.25
+signing_key: 
+specification_version: 3
+summary: Ruby C extension for the AES-CMAC keyed hash function.
+test_files: []