crypt19-rb 1.2.1

data/lib/crypt/noise.rb

@@ -0,0 +1,92 @@
+# add_noise - take a message and intersperse noise to make a new noisy message of given byte-length
+# remove_noise - take a noisy message and extract the message
+
+module Crypt
+  module Noise
+
+    def add_noise(new_length)
+      message = self
+      usable_noisy_message_length = new_length / 9 * 8
+      bitmap_size = new_length / 9
+      remaining_bytes = new_length - usable_noisy_message_length - bitmap_size
+      if (message.length > usable_noisy_message_length)
+        minimumnew_length = (message.length / 8.0).ceil * 9
+        puts "For a clear text of #{message.length} bytes, the minimum obscured length"
+        puts "is #{minimumnew_length} bytes which allows for no noise in the message."
+        puts "You should choose an obscured length of at least double the clear text"
+        puts "length, such as #{message.length / 8 * 32} bytes"
+        raise "Insufficient length for noisy message"
+      end
+      bitmap = []
+      usable_noisy_message_length.times { bitmap << false }
+      srand(Time.now.to_i)
+      positions_selected = 0
+      while (positions_selected < message.length)
+        position_taken = rand(usable_noisy_message_length)
+        if bitmap[position_taken]
+          next
+        else
+          bitmap[position_taken] = true
+          positions_selected = positions_selected.next
+        end
+      end
+
+      noisy_message = ""
+      0.upto(bitmap_size-1) { |byte|
+        c = 0
+        0.upto(7) { |bit|
+          c = c + (1<<bit) if bitmap[byte * 8 + bit]
+        }
+        noisy_message << c.chr
+      }
+      pos_in_message = 0
+      0.upto(usable_noisy_message_length-1) { |pos|
+        if bitmap[pos]
+          meaningful_byte = message[pos_in_message]
+          noisy_message << meaningful_byte
+          pos_in_message = pos_in_message.next
+        else
+          noise_byte = rand(256).chr
+          noisy_message << noise_byte
+        end
+      }
+      remaining_bytes.times {
+          noise_byte = rand(256).chr
+          noisy_message << noise_byte
+      }
+      return(noisy_message)
+    end
+
+
+    def remove_noise
+      noisy_message = self
+      bitmap_size = noisy_message.length / 9
+      actual_message_length =  bitmap_size * 8
+
+      actual_message_start = bitmap_size
+      actual_message_finish = bitmap_size + actual_message_length - 1
+      actual_message = noisy_message[actual_message_start..actual_message_finish]
+
+      bitmap = []
+      0.upto(bitmap_size - 1) { |byte|
+        c = noisy_message[byte]
+        0.upto(7) { |bit|
+          bitmap[byte * 8 + bit] = (c[bit] == 1)
+        }
+      }
+      clear_message = ""
+      0.upto(actual_message_length) { |pos|
+        meaningful = bitmap[pos]
+        if meaningful
+          clear_message << actual_message[pos]
+        end
+      }
+      return(clear_message)
+    end
+
+  end
+end
+
+class String
+  include Crypt::Noise
+end

data/lib/crypt/rc6.rb

@@ -0,0 +1,73 @@
+#  RC6 symmetric key block cipher
+#  RC6 is a patented encryption algorithm (U.S. Patent 5,724,428 and U.S. Patent 5,835,600)
+#  Ported by Alexey Lapitsky <lex.public@gmail.com> (2009)
+
+require 'crypt/cbc'
+
+module Crypt
+  class RC6
+    include Crypt::CBC
+
+    def block_size
+      return 16
+    end
+
+    def lrotate(d,s)
+      d = d & 0xffffffff
+      ((d)<<(s&(31))) | ((d)>>(32-(s&(31))))
+    end
+    def rrotate(d,s)
+      d = d & 0xffffffff
+      ((d)>>(s&(31))) | ((d)<<(32-(s&(31))))
+    end
+
+    def initialize(key)
+      @rounds, @sbox, @key = 20, [0xB7E15163], []
+      key = key.bytes.to_a if key.class == String
+      raise("Wrong key length") unless [32,24,16].include?(key.size)
+      (key.size-1).downto(0){|i| @key[i/4] = ((@key[i/4]||0) << 8) + key[i]}
+
+      (@rounds * 2 + 3).times{|i| @sbox << (@sbox.last + 0x9E3779B9 & 0xffffffff)}
+      a = b = i = j = 0
+      (3 * (2 * @rounds + 4)).times do
+        a = @sbox[i] = lrotate(@sbox[i] + a + b, 3)
+        b = @key[j] = lrotate(@key[j] + a + b, a + b)
+        i = (i + 1).divmod(2 * @rounds + 4).last
+        j = (j + 1).divmod(@key.size).last
+      end
+    end
+
+    def encrypt_block(data)
+      a, b, c, d = *data.unpack('N*')
+      b += @sbox[0]
+      d += @sbox[1]
+      1.upto @rounds do |i|
+        t = lrotate((b * (2 * b + 1)), 5)
+        u = lrotate((d * (2 * d + 1)), 5)
+        a = lrotate((a ^ t), u) + @sbox[2 * i]
+        c = lrotate((c ^ u), t) + @sbox[2 * i + 1]
+        a, b, c, d  =  b, c, d, a
+      end
+      a += @sbox[2 * @rounds + 2]
+      c += @sbox[2 * @rounds + 3]
+      [a, b, c, d].map{|i| i & 0xffffffff}.pack('N*')
+    end
+
+    def decrypt_block(data)
+      a, b, c, d = *data.unpack('N*')
+      c -= @sbox[2 * @rounds + 3]
+      a -= @sbox[2 * @rounds + 2]
+      @rounds.downto 1 do |i|
+        a, b, c, d = d, a, b, c
+        u = lrotate((d * (2 * d + 1)), 5)
+        t = lrotate((b * (2 * b + 1)), 5)
+        c = rrotate((c - @sbox[2 * i + 1]), t) ^ u
+        a = rrotate((a - @sbox[2 * i]), u) ^ t
+      end
+      d -= @sbox[1]
+      b -= @sbox[0]
+      [a, b, c, d].map{|i| i & 0xffffffff}.pack('N*')
+    end
+
+  end
+end

data/lib/crypt/rijndael-tables.rb

@@ -0,0 +1,115 @@
+module Crypt
+  module RijndaelTables
+
+    LogTable = [
+      0,   0,  25,   1,  50,   2,  26, 198,  75, 199,  27, 104,  51, 238, 223,   3,
+    100,   4, 224,  14,  52, 141, 129, 239,  76, 113,   8, 200, 248, 105,  28, 193,
+    125, 194,  29, 181, 249, 185,  39, 106,  77, 228, 166, 114, 154, 201,   9, 120,
+    101,  47, 138,   5,  33,  15, 225,  36,  18, 240, 130,  69,  53, 147, 218, 142,
+    150, 143, 219, 189,  54, 208, 206, 148,  19,  92, 210, 241,  64,  70, 131,  56,
+    102, 221, 253,  48, 191,   6, 139,  98, 179,  37, 226, 152,  34, 136, 145,  16,
+    126, 110,  72, 195, 163, 182,  30,  66,  58, 107,  40,  84, 250, 133,  61, 186,
+     43, 121,  10,  21, 155, 159,  94, 202,  78, 212, 172, 229, 243, 115, 167,  87,
+    175,  88, 168,  80, 244, 234, 214, 116,  79, 174, 233, 213, 231, 230, 173, 232,
+     44, 215, 117, 122, 235,  22,  11, 245,  89, 203,  95, 176, 156, 169,  81, 160,
+    127,  12, 246, 111,  23, 196,  73, 236, 216,  67,  31,  45, 164, 118, 123, 183,
+    204, 187,  62,  90, 251,  96, 177, 134,  59,  82, 161, 108, 170,  85,  41, 157,
+    151, 178, 135, 144,  97, 190, 220, 252, 188, 149, 207, 205,  55,  63,  91, 209,
+     83,  57, 132,  60,  65, 162, 109,  71,  20,  42, 158,  93,  86, 242, 211, 171,
+     68,  17, 146, 217,  35,  32,  46, 137, 180, 124, 184,  38, 119, 153, 227, 165,
+    103,  74, 237, 222, 197,  49, 254,  24,  13,  99, 140, 128, 192, 247, 112,   7
+    ]
+
+    AlogTable = [
+      1,   3,   5,  15,  17,  51,  85, 255,  26,  46, 114, 150, 161, 248,  19,  53,
+     95, 225,  56,  72, 216, 115, 149, 164, 247,   2,   6,  10,  30,  34, 102, 170,
+    229,  52,  92, 228,  55,  89, 235,  38, 106, 190, 217, 112, 144, 171, 230,  49,
+     83, 245,   4,  12,  20,  60,  68, 204,  79, 209, 104, 184, 211, 110, 178, 205,
+     76, 212, 103, 169, 224,  59,  77, 215,  98, 166, 241,   8,  24,  40, 120, 136,
+    131, 158, 185, 208, 107, 189, 220, 127, 129, 152, 179, 206,  73, 219, 118, 154,
+    181, 196,  87, 249,  16,  48,  80, 240,  11,  29,  39, 105, 187, 214,  97, 163,
+    254,  25,  43, 125, 135, 146, 173, 236,  47, 113, 147, 174, 233,  32,  96, 160,
+    251,  22,  58,  78, 210, 109, 183, 194,  93, 231,  50,  86, 250,  21,  63,  65,
+    195,  94, 226,  61,  71, 201,  64, 192,  91, 237,  44, 116, 156, 191, 218, 117,
+    159, 186, 213, 100, 172, 239,  42, 126, 130, 157, 188, 223, 122, 142, 137, 128,
+    155, 182, 193,  88, 232,  35, 101, 175, 234,  37, 111, 177, 200,  67, 197,  84,
+    252,  31,  33,  99, 165, 244,   7,   9,  27,  45, 119, 153, 176, 203,  70, 202,
+     69, 207,  74, 222, 121, 139, 134, 145, 168, 227,  62,  66, 198,  81, 243,  14,
+     18,  54,  90, 238,  41, 123, 141, 140, 143, 138, 133, 148, 167, 242,  13,  23,
+     57,  75, 221, 124, 132, 151, 162, 253,  28,  36, 108, 180, 199,  82, 246,   1
+    ]
+
+    S = [
+     99, 124, 119, 123, 242, 107, 111, 197,  48,   1, 103,  43, 254, 215, 171, 118,
+    202, 130, 201, 125, 250,  89,  71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
+    183, 253, 147,  38,  54,  63, 247, 204,  52, 165, 229, 241, 113, 216,  49,  21,
+      4, 199,  35, 195,  24, 150,   5, 154,   7,  18, 128, 226, 235,  39, 178, 117,
+      9, 131,  44,  26,  27, 110,  90, 160,  82,  59, 214, 179,  41, 227,  47, 132,
+     83, 209,   0, 237,  32, 252, 177,  91, 106, 203, 190,  57,  74,  76,  88, 207,
+    208, 239, 170, 251,  67,  77,  51, 133,  69, 249,   2, 127,  80,  60, 159, 168,
+     81, 163,  64, 143, 146, 157,  56, 245, 188, 182, 218,  33,  16, 255, 243, 210,
+    205,  12,  19, 236,  95, 151,  68,  23, 196, 167, 126,  61, 100,  93,  25, 115,
+     96, 129,  79, 220,  34,  42, 144, 136,  70, 238, 184,  20, 222,  94,  11, 219,
+    224,  50,  58,  10,  73,   6,  36,  92, 194, 211, 172,  98, 145, 149, 228, 121,
+    231, 200,  55, 109, 141, 213,  78, 169, 108,  86, 244, 234, 101, 122, 174,   8,
+    186, 120,  37,  46,  28, 166, 180, 198, 232, 221, 116,  31,  75, 189, 139, 138,
+    112,  62, 181, 102,  72,   3, 246,  14,  97,  53,  87, 185, 134, 193,  29, 158,
+    225, 248, 152,  17, 105, 217, 142, 148, 155,  30, 135, 233, 206,  85,  40, 223,
+    140, 161, 137,  13, 191, 230,  66, 104,  65, 153,  45,  15, 176,  84, 187,  22
+    ]
+
+    Si = [
+     82,   9, 106, 213,  48,  54, 165,  56, 191,  64, 163, 158, 129, 243, 215, 251,
+    124, 227,  57, 130, 155,  47, 255, 135,  52, 142,  67,  68, 196, 222, 233, 203,
+     84, 123, 148,  50, 166, 194,  35,  61, 238,  76, 149,  11,  66, 250, 195,  78,
+      8,  46, 161, 102,  40, 217,  36, 178, 118,  91, 162,  73, 109, 139, 209,  37,
+    114, 248, 246, 100, 134, 104, 152,  22, 212, 164,  92, 204,  93, 101, 182, 146,
+    108, 112,  72,  80, 253, 237, 185, 218,  94,  21,  70,  87, 167, 141, 157, 132,
+    144, 216, 171,   0, 140, 188, 211,  10, 247, 228,  88,   5, 184, 179,  69,   6,
+    208,  44,  30, 143, 202,  63,  15,   2, 193, 175, 189,   3,   1,  19, 138, 107,
+     58, 145,  17,  65,  79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115,
+    150, 172, 116,  34, 231, 173,  53, 133, 226, 249,  55, 232,  28, 117, 223, 110,
+     71, 241,  26, 113,  29,  41, 197, 137, 111, 183,  98,  14, 170,  24, 190,  27,
+    252,  86,  62,  75, 198, 210, 121,  32, 154, 219, 192, 254, 120, 205,  90, 244,
+     31, 221, 168,  51, 136,   7, 199,  49, 177,  18,  16,  89,  39, 128, 236,  95,
+     96,  81, 127, 169,  25, 181,  74,  13,  45, 229, 122, 159, 147, 201, 156, 239,
+    160, 224,  59,  77, 174,  42, 245, 176, 200, 235, 187,  60, 131,  83, 153,  97,
+     23,  43,   4, 126, 186, 119, 214,  38, 225, 105,  20,  99,  85,  33,  12, 125,
+    ]
+
+    IG = [
+    [0x0e, 0x09, 0x0d, 0x0b],
+    [0x0b, 0x0e, 0x09, 0x0d],
+    [0x0d, 0x0b, 0x0e, 0x09],
+    [0x09, 0x0d, 0x0b, 0x0e]
+    ]
+
+    Rcon = [
+      0x01, 0x02, 0x04, 0x08, 0x10, 0x20,
+      0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8,
+      0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc,
+      0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4,
+      0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91
+    ]
+
+    Shifts = [
+      [
+         [0, 0],
+         [1, 3],
+         [2, 2],
+         [3, 1]
+      ], [
+         [0, 0],
+         [1, 5],
+         [2, 4],
+         [3, 3]
+      ], [
+         [0, 0],
+         [1, 7],
+         [3, 5],
+         [4, 4]
+      ]
+    ]
+
+  end
+end

data/lib/crypt/rijndael.rb

@@ -0,0 +1,267 @@
+# Adapted from the reference C implementation:
+#   rijndael-alg-ref.c   v2.2   March 2002
+#   Reference ANSI C code by Paulo Barreto and Vincent Rijmen
+
+require 'crypt/cbc'
+require 'crypt/rijndael-tables'
+require 'crypt/bytes-compat'
+
+module Crypt
+  class Rijndael
+
+    include Crypt::CBC
+    include Crypt::RijndaelTables
+
+
+    def initialize(user_key, key_bits = 256, block_bits = 128)
+      case key_bits
+        when 128
+          @key_words = 4
+        when 192
+          @key_words = 6
+        when 256
+          @key_words = 8
+        else raise "The key must be 128, 192, or 256 bits long."
+      end
+
+      case (key_bits >= block_bits) ? key_bits : block_bits
+        when 128
+          @rounds = 10
+        when 192
+          @rounds = 12
+        when 256
+          @rounds = 14
+        else raise "The key and block sizes must be 128, 192, or 256 bits long."
+      end
+
+      case block_bits
+        when 128
+          @block_size = 16
+          @block_words = 4
+          @shift_index = 0
+        when 192
+          @block_size = 24
+          @block_words = 6
+          @shift_index = 1
+        when 256
+          @block_size = 32
+          @block_words = 8
+          @shift_index = 2
+        else raise "The block size must be 128, 192, or 256 bits long."
+      end
+
+      uk = user_key.unpack('C'*user_key.length)
+      max_useful_size_of_user_key = (key_bits/8)
+      uk = uk[0..max_useful_size_of_user_key-1]    # truncate
+      padding = 0
+      if (user_key.length < key_bits/8)
+        shortfall_in_user_key = (key_bits/8 - user_key.length)
+        shortfall_in_user_key.times { uk << padding }
+      end
+      @key = [[], [], [], []]
+      0.upto(uk.length-1) { |pos|
+        @key[pos % 4][pos / 4] = uk[pos]
+      }
+      @round_keys = generate_key_schedule(@key, key_bits, block_bits)
+    end
+
+
+    def block_size
+      return(@block_size) # needed for CBC
+    end
+
+
+    def mul(a, b)
+      if ((a ==0) | (b == 0))
+        result = 0
+      else
+        result = AlogTable[(LogTable[a] + LogTable[b]) % 255]
+      end
+      return(result)
+    end
+
+
+    def add_round_key(block_array, round_key)
+    0.upto(3) { |i|
+      0.upto(@block_words) { |j|
+        block_array[i][j] ^= round_key[i][j]
+      }
+    }
+    return(block_array)
+    end
+
+
+    def shift_rows(block_array, direction)
+      tmp = []
+      1.upto(3) { |i|  # row zero remains unchanged
+        0.upto(@block_words-1) { |j|
+          tmp[j] = block_array[i][(j + Shifts[@shift_index][i][direction]) % @block_words]
+        }
+        0.upto(@block_words-1) { |j|
+          block_array[i][j] = tmp[j]
+        }
+      }
+      return(block_array)
+    end
+
+
+    def substitution(block_array, sBox)
+      # replace every byte of the input with the byte at that position in the S-box
+      0.upto(3) { |i|
+        0.upto(@block_words-1) { |j|
+          block_array[i][j] = sBox[block_array[i][j]]
+        }
+      }
+      return(block_array)
+    end
+
+
+    def mix_columns(block_array)
+      mixed = [[], [], [], []]
+      0.upto(@block_words-1) { |j|
+        0.upto(3) { |i|
+          mixed[i][j] = mul(2,block_array[i][j]) ^
+            mul(3,block_array[(i + 1) % 4][j]) ^
+            block_array[(i + 2) % 4][j] ^
+            block_array[(i + 3) % 4][j]
+        }
+      }
+      return(mixed)
+    end
+
+
+    def inverse_mix_columns(block_array)
+      unmixed = [[], [], [], []]
+      0.upto(@block_words-1) { |j|
+        0.upto(3) { |i|
+          unmixed[i][j] = mul(0xe, block_array[i][j]) ^
+            mul(0xb, block_array[(i + 1) % 4][j]) ^
+            mul(0xd, block_array[(i + 2) % 4][j]) ^
+            mul(0x9, block_array[(i + 3) % 4][j])
+        }
+      }
+       return(unmixed)
+    end
+
+
+    def generate_key_schedule(k, key_bits, block_bits)
+      tk = k[0..3][0..@key_words-1]  # using slice to get a copy instead of a reference
+      key_sched = []
+      (@rounds + 1).times { key_sched << [[], [], [], []] }
+      t = 0
+      j = 0
+      while ((j < @key_words) && (t < (@rounds+1)*@block_words))
+        0.upto(3) { |i|
+          key_sched[t / @block_words][i][t % @block_words] = tk[i][j]
+        }
+        j += 1
+        t += 1
+      end
+      # while not enough round key material collected, calculate new values
+      rcon_index = 0
+      while (t < (@rounds+1)*@block_words)
+        0.upto(3) { |i|
+          tk[i][0] ^= S[tk[(i + 1) % 4][@key_words - 1]]
+        }
+        tk[0][0] ^= Rcon[rcon_index]
+        rcon_index = rcon_index.next
+        if (@key_words != 8)
+          1.upto(@key_words - 1) { |j|
+            0.upto(3) { |i|
+              tk[i][j] ^= tk[i][j-1];
+            }
+          }
+        else
+          1.upto(@key_words/2 - 1) { |j|
+            0.upto(3) { |i|
+              tk[i][j] ^= tk[i][j-1]
+            }
+          }
+          0.upto(3) { |i|
+            tk[i][@key_words/2] ^= S[tk[i][@key_words/2 - 1]]
+          }
+          (@key_words/2 + 1).upto(@key_words - 1) { |j|
+            0.upto(3) { |i|
+              tk[i][j] ^= tk[i][j-1]
+            }
+          }
+        end
+        j = 0
+        while ((j < @key_words) && (t < (@rounds+1) * @block_words))
+          0.upto(3) { |i|
+            key_sched[t / @block_words][i][t % @block_words] = tk[i][j]
+          }
+          j += 1
+          t += 1
+        end
+      end
+      return(key_sched)
+    end
+
+
+    def encrypt_byte_array(block_array)
+      block_array = add_round_key(block_array, @round_keys[0])
+      1.upto(@rounds - 1) { |round|
+        block_array = substitution(block_array, S)
+        block_array = shift_rows(block_array, 0)
+        block_array = mix_columns(block_array)
+        block_array = add_round_key(block_array, @round_keys[round])
+      }
+      # special round without mix_columns
+      block_array = substitution(block_array,S)
+      block_array = shift_rows(block_array,0)
+      block_array = add_round_key(block_array, @round_keys[@rounds])
+      return(block_array)
+    end
+
+
+    def encrypt_block(block)
+      raise "block must be #{@block_size} bytes long" if (block.length() != @block_size)
+      block_array = [[], [], [], []]
+      block_bytes = block.bytes.to_a
+      0.upto(@block_size - 1) { |pos|
+        block_array[pos % 4][pos / 4] = block_bytes[pos]
+      }
+      encrypted_block = encrypt_byte_array(block_array)
+      encrypted = ""
+      0.upto(@block_size - 1) { |pos|
+        encrypted << encrypted_block[pos % 4][pos / 4]
+      }
+      return(encrypted)
+    end
+
+
+    def decrypt_byte_array(block_array)
+      # first special round without inverse_mix_columns
+      # add_round_key is an involution - applying it a second time returns the original result
+      block_array = add_round_key(block_array, @round_keys[@rounds])
+      block_array = substitution(block_array,Si)   # using inverse S-box
+      block_array = shift_rows(block_array,1)
+      (@rounds-1).downto(1) { |round|
+        block_array = add_round_key(block_array, @round_keys[round])
+        block_array = inverse_mix_columns(block_array)
+        block_array = substitution(block_array, Si)
+        block_array = shift_rows(block_array, 1)
+      }
+      block_array = add_round_key(block_array, @round_keys[0])
+      return(block_array)
+    end
+
+
+    def decrypt_block(block)
+      raise "block must be #{@block_size} bytes long" if (block.length() != @block_size)
+      block_array = [[], [], [], []]
+      block_bytes = block.bytes.to_a
+      0.upto(@block_size - 1) { |pos|
+        block_array[pos % 4][pos / 4] = block_bytes[pos]
+      }
+      decrypted_block = decrypt_byte_array(block_array)
+      decrypted = ""
+      0.upto(@block_size - 1) { |pos|
+        decrypted << decrypted_block[pos % 4][pos / 4]
+      }
+      return(decrypted)
+    end
+
+  end
+end