ece 0.1.3 → 0.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/ece/ece.rb +37 -29
- data/lib/ece/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7e1fb33decb622db3f5afe9babc71844cf80052b
|
|
4
|
+
data.tar.gz: a48163908a122bff9c578d7515e11adcac2b360b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 604a8af64ea4237efb9b55387d5042bbe25313efd1eec799da24f7cd6791fac6b4b6c058581cb7ba2beb885d148dc44ffac48a822dd868ce7941e315e63adb1a
|
|
7
|
+
data.tar.gz: 31a175ab89e98b8843e9e1c5d8062b4c0453862df991c65b6886f83c13d4d9fb7a1a84972905045568dbb6fb63289269e91d1b67abbabff43038d7e0709037fc
|
data/lib/ece/ece.rb
CHANGED
|
@@ -15,7 +15,7 @@ class ECE
|
|
|
15
15
|
OpenSSL::HMAC.digest(digest, key, input)
|
|
16
16
|
end
|
|
17
17
|
|
|
18
|
-
def self.hkdf_extract(salt, ikm)
|
|
18
|
+
def self.hkdf_extract(salt, ikm) #ikm stays for input keying material
|
|
19
19
|
hmac_hash(salt,ikm)
|
|
20
20
|
end
|
|
21
21
|
|
|
@@ -31,23 +31,16 @@ class ECE
|
|
|
31
31
|
output = nonce.dup
|
|
32
32
|
integer = nonce[-6..-1].unpack('B*')[0].to_i(2) #taking last 6 bytes, treating as integer
|
|
33
33
|
x = ((integer ^ counter) & 0xffffff) + ((((integer / 0x1000000) ^ (counter / 0x1000000)) & 0xffffff) * 0x1000000)
|
|
34
|
-
|
|
35
|
-
output
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
def self.encrypt_record(params, counter, buffer, pad=0)
|
|
39
|
-
raise "Key must be #{KEY_LENGTH} bytes long" unless params[:key].length == KEY_LENGTH
|
|
40
|
-
gcm = OpenSSL::Cipher.new('aes-128-gcm')
|
|
41
|
-
gcm.encrypt
|
|
42
|
-
gcm.key = params[:key]
|
|
43
|
-
gcm.iv = generate_nonce(params[:nonce], counter)
|
|
44
|
-
enc = gcm.update("\x00"+buffer) + gcm.final + gcm.auth_tag #enc = gcm.update("\x00"*pad+buffer)+gcm.final + gcm.auth_tag padding is not fully implemented for now
|
|
45
|
-
enc
|
|
34
|
+
bytestring = x.to_s(16).length < 12 ? "0"*(12-x.to_s(16).length)+x.to_s(16) : x.to_s(16) #it's for correct handling of cases when generated integer is less than 6 bytes
|
|
35
|
+
output[-6..-1] = [bytestring].pack('H*') #without it packing would produce less than 6 bytes
|
|
36
|
+
output #I didn't find pack directive for such usage, so there is a such solution
|
|
46
37
|
end
|
|
47
38
|
|
|
48
39
|
def self.encrypt(data, params)
|
|
49
40
|
key = extract_key(params)
|
|
50
|
-
rs =
|
|
41
|
+
rs = params[:rs] ? params [:rs] : 4096
|
|
42
|
+
raise "The rs parameter must be greater than 1." if rs <= 1
|
|
43
|
+
rs -=1 #this ensures encrypted data cannot be truncated
|
|
51
44
|
result = ""
|
|
52
45
|
counter = 0
|
|
53
46
|
(0..data.length).step(rs) do |i|
|
|
@@ -58,23 +51,12 @@ class ECE
|
|
|
58
51
|
result
|
|
59
52
|
end
|
|
60
53
|
|
|
61
|
-
def self.decrypt_record(params, counter, buffer, pad=0)
|
|
62
|
-
raise "Key must be #{KEY_LENGTH} bytes long" unless params[:key].length == KEY_LENGTH
|
|
63
|
-
gcm = OpenSSL::Cipher.new('aes-128-gcm')
|
|
64
|
-
gcm.decrypt
|
|
65
|
-
gcm.key = params[:key]
|
|
66
|
-
gcm.iv = generate_nonce(params[:nonce], counter)
|
|
67
|
-
gcm.auth_tag = buffer[-TAG_LENGTH..-1]
|
|
68
|
-
decrypted = gcm.update(buffer[0..-TAG_LENGTH-1]) + gcm.final
|
|
69
|
-
#padding = decrypted[0] -- this would be used once variable record-size is implemented
|
|
70
|
-
#padding_length = decrypted[0].unpack("C")
|
|
71
|
-
#raise Err unless padding = "\x00"*padding_length
|
|
72
|
-
decrypted[1..-1]
|
|
73
|
-
end
|
|
74
|
-
|
|
75
54
|
def self.decrypt(data, params)
|
|
76
55
|
key = extract_key(params)
|
|
77
|
-
rs =
|
|
56
|
+
rs = params[:rs] ? params [:rs] : 4096
|
|
57
|
+
raise "The rs parameter must be greater than 1." if rs <= 1
|
|
58
|
+
rs += 16
|
|
59
|
+
raise "Message is truncated" if data.length % rs == 0
|
|
78
60
|
result = ""
|
|
79
61
|
counter = 0
|
|
80
62
|
(0..data.length).step(rs) do |i|
|
|
@@ -85,4 +67,30 @@ class ECE
|
|
|
85
67
|
result
|
|
86
68
|
end
|
|
87
69
|
|
|
70
|
+
def self.decrypt_record(params, counter, buffer, pad=0)
|
|
71
|
+
gcm = OpenSSL::Cipher.new('aes-128-gcm')
|
|
72
|
+
gcm.decrypt
|
|
73
|
+
gcm.key = params[:key]
|
|
74
|
+
gcm.iv = generate_nonce(params[:nonce], counter)
|
|
75
|
+
raise "Block is too small" if buffer.length <= TAG_LENGTH+1
|
|
76
|
+
gcm.auth_tag = buffer[-TAG_LENGTH..-1]
|
|
77
|
+
decrypted = gcm.update(buffer[0..-TAG_LENGTH-1]) + gcm.final
|
|
78
|
+
padding_length = decrypted[0].unpack("C")[0]
|
|
79
|
+
raise "Padding is too big" if padding_length+1 > decrypted.length
|
|
80
|
+
padding = decrypted[1..padding_length]
|
|
81
|
+
raise "Wrong padding" unless padding = "\x00"*padding_length
|
|
82
|
+
decrypted[1..-1]
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
def self.encrypt_record(params, counter, buffer, pad=0)
|
|
86
|
+
gcm = OpenSSL::Cipher.new('aes-128-gcm')
|
|
87
|
+
gcm.encrypt
|
|
88
|
+
gcm.key = params[:key]
|
|
89
|
+
gcm.iv = generate_nonce(params[:nonce], counter)
|
|
90
|
+
gcm.auth_data = ""
|
|
91
|
+
enc = gcm.update("\x00"+buffer) + gcm.final + gcm.auth_tag #enc = gcm.update("\x00"*pad+buffer)+gcm.final + gcm.auth_tag padding is not fully implemented for now
|
|
92
|
+
enc
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
|
|
88
96
|
end
|
data/lib/ece/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ece
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Alexander Shevtsov
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-12-
|
|
11
|
+
date: 2015-12-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|