encrypted 0.0.1

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in encrypted.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,24 @@
+Copyright 2005-2011 Jim Driscoll.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/README.md

@@ -0,0 +1,31 @@
+# Encrypted
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'encrypted'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install encrypted
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it ( https://github.com/getaasciesh/encrypted/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/encrypted.gemspec

@@ -0,0 +1,23 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'encrypted/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "encrypted"
+  spec.version       = Encrypted::VERSION
+  spec.authors       = ["asish bhattarai"]
+  spec.email         = ["getaasciesh@hotmail.com"]
+  spec.summary       = %q{Rijndael encryption with cbc.}
+  spec.description   = %q{Rijndael encryption with cbc. More Coming soon.}
+  spec.homepage      = "https://github.com/getaasciesh/encrypted"
+  spec.license       = "LICENCE.txt"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.6"
+  spec.add_development_dependency "rake", "~> 10.0"
+end

data/encrypted.iml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="RUBY_MODULE" version="4">
+  <component name="CompassSettings">
+    <option name="compassSupportEnabled" value="true" />
+  </component>
+  <component name="FacetManager">
+    <facet type="gem" name="Ruby Gem">
+      <configuration>
+        <option name="GEM_APP_ROOT_PATH" value="$MODULE_DIR$" />
+        <option name="GEM_APP_TEST_PATH" value="$MODULE_DIR$/test" />
+        <option name="GEM_APP_LIB_PATH" value="$MODULE_DIR$/lib" />
+      </configuration>
+    </facet>
+  </component>
+  <component name="NewModuleRootManager" inherit-compiler-output="true">
+    <exclude-output />
+    <content url="file://$MODULE_DIR$">
+      <sourceFolder url="file://$MODULE_DIR$/test" isTestSource="true" />
+    </content>
+    <orderEntry type="jdk" jdkName="ruby-2.0.0-p451" jdkType="RUBY_SDK" />
+    <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="library" scope="PROVIDED" name="rake (v10.3.2, ruby-2.0.0-p451) [gem]" level="application" />
+  </component>
+</module>
+

data/lib/encrypted.rb

@@ -0,0 +1,6 @@
+require "encrypted/version"
+require "encrypted/rijndael"
+require "encrypted/cbc"
+module Encrypted
+
+end

data/lib/encrypted/bytestream.rb

@@ -0,0 +1,71 @@
+module Encrypted
+  class ByteStream < String
+=begin rdoc
+A subclass of String with a single purpose: to provide the ^ (XOR) operator, for encryption purposes.
+=end
+
+=begin rdoc
+Returned values are still of class Encrypted::ByteStream, and are of the same length as the longer value. Note that this means that:
+a=Encrypted::ByteStream.new("a")
+bb=Encrypted::ByteStream.new("b")
+a^bb^bb
+
+...does not equal "a" but rather "a\000", so this should be used with caution except where you have equal-size strings in mind.
+=end
+    def ^(string)
+        max_length=if(self.length > string.length)
+            self.length
+        else
+            string.length
+        end
+        my_bytes=self.unpack("C*")
+        other_bytes=string.unpack("C*")
+        out_bytes=Array.new
+        0.upto(max_length-1) do
+            |i|
+            out_bytes[i]=(my_bytes[i]||0)^(other_bytes[i]||0)
+        end
+        self.class.new(out_bytes.pack("C*"))
+    end
+    def +(string)
+        my_dwords=self.unpack("N*")
+        other_dwords=string.unpack("N*")
+        max_length=if(my_dwords.length > other_dwords.length)
+            my_dwords.length
+        else
+            other_dwords.length
+        end
+        out_dwords=Array.new
+        0.upto(max_length-1) do
+            |i|
+            out_dwords[i]=(my_dwords[i]||0)+(other_dwords[i]||0)&0xffffffff
+        end
+        self.class.new(out_dwords.pack("N*"))
+    end
+    Use_getbyte = "".respond_to?(:getbyte)
+    def byte_at(position, new_value=nil)
+      if(new_value)
+        self[position, 1]=[new_value].pack("C")
+      elsif(Use_getbyte)
+        self.getbyte(position)
+      else
+        self.slice(position)
+      end
+    end
+    @@strict_mode = false
+    def self.strict_mode=(new_mode)
+      @@strict_mode=new_mode
+    end
+    def [](anything, whatever=nil)
+      if(whatever)
+        super(anything, whatever)
+      elsif(not anything.is_a? Numeric)
+        super(anything)
+      elsif(@@strict_mode)
+        raise "Ambiguous, you must use #byte_at instead"
+      else
+        STDERR.puts "Ambiguous usage of [], please use #byte_at"
+      end
+    end
+  end
+end

data/lib/encrypted/cbc.rb

@@ -0,0 +1,73 @@
+unless(defined? Encrypted::ByteStream)
+  require "bytestream"
+end
+module Encrypted
+    class CBC
+      # YARV (1.9) compat
+      Use_getbyte = "".respond_to?(:getbyte)
+
+        def CBC.pad_pkcs5(string, to_length) #:nodoc:
+            diff= to_length - (string.length % to_length)
+            string+=[diff].pack("C") * diff
+            return string
+        end
+        
+        def CBC.unpad_pkcs5(string) #:nodoc:
+            return unless string.length > 0
+            
+            if(Use_getbyte) # 1.9 returns a string from []
+              pad_len = string.getbyte(-1)
+            else
+              pad_len = string[-1]
+            end
+            unless(string.slice!(-pad_len .. -1) == [pad_len].pack("C") * pad_len)
+                raise "Unpad failure: trailing junk found"
+            end
+            return string
+        end
+        
+        def initialize(cipher)
+            @cipher=cipher
+        end
+        def encrypt(iv, plaintext)
+            block_size=iv.length
+                    
+            last_block_e=Encrypted::ByteStream.new(iv)
+            
+            plaintext=CBC.pad_pkcs5(plaintext, iv.length)
+            r_data="-" * plaintext.length
+            
+            j=0
+            pt_l = plaintext.length
+            while(j<pt_l)
+                last_block_e[0,block_size]=@cipher.encrypt(last_block_e^plaintext[j, block_size])
+                r_data[j, block_size]=last_block_e
+                j+=block_size
+            end
+            return r_data
+        end
+        def decrypt(iv, ciphertext)
+            block_size=iv.length
+        
+            last_block_e=Encrypted::ByteStream.new(iv)
+
+            unless(ciphertext.length % block_size==0)
+                raise "Bad IV: doesn't match ciphertext length"
+            end
+            
+            r_data="-" * ciphertext.length
+            j=0
+            ct_l = ciphertext.length
+            current_block = "-" * block_size
+            while(j<ct_l)
+                current_block=ciphertext[j, block_size]
+
+                r_data[j, block_size]=last_block_e^@cipher.decrypt(current_block)
+                last_block_e[0,block_size]=current_block
+                j+=block_size
+            end
+            r_data=CBC.unpad_pkcs5(r_data)
+            return r_data
+        end
+    end
+end

data/lib/encrypted/rijndael.rb

@@ -0,0 +1,163 @@
+unless(defined? Encrypted::ByteStream)
+	require 'bytestream'
+  Encrypted::ByteStream.strict_mode = true
+end
+# This is to help testing
+unless(defined? Encrypted::Rijndael::Core)
+	require "rijndael/core"
+end
+
+module Encrypted
+=begin rdoc
+Encrypted::Rijndael allows you to encrypt single blocks of data using the encrypt() and decrypt() methods
+below.
+
+You probably want to use some kind of CBC module with this.
+=end
+    class Rijndael
+
+    
+        
+        @@valid_blocksizes_bytes=[16, 24, 32]
+        @@valid_keysizes_bytes=[16, 24, 32]
+
+=begin rdoc
+The new() function here takes only one argument: the key to use, as a String (or similar). Valid lengths
+are 16, 24 or 32 bytes, and you should ensure that this value is sufficiently random. Most people will
+choose 16-byte (128-bit) keys, but a longer key will take longer to crack if security is of unusually
+high importance for you.
+=end
+        def initialize(new_key)
+ 						self.key = new_key
+						@current_block_length = nil # This makes it easier to adjust in #block=
+        end
+
+				attr_reader :key
+
+				# If you want to, you can assign a new key to an existing object.
+				def key=(new_key)
+					raise "Invalid key length: #{new_key.length}" unless(self.class.key_sizes_supported.find {|size| size==new_key.length})
+					@key = new_key
+					@key_words=@key.length/4
+					@expanded_key = nil
+					@round_count = nil
+				end
+				def expand_key #:nodoc:
+						return @expanded_key if(@expanded_key)
+						@expanded_key=(@key_words>6)? Core.expand_key_gt6(key, @block_words):
+								Core.expand_key_le6(key, @block_words)
+						return @expanded_key
+				end
+				protected :expand_key
+
+				attr_reader :block
+				def block=(new_block) #:nodoc:
+					if(new_block.length != @current_block_length) then
+						raise "Invalid block size: #{new_block.length}" unless(block_sizes_supported.find { |size| size==new_block.length })
+						@current_block_length = new_block.length
+						@block_words = @current_block_length / 4
+						@expanded_key = nil
+						@round_count = nil
+					end
+					@block = new_block
+				end
+				protected :block=, :block, :key
+
+				# If you want to probe for supported block sizes, by all means use this method. It'll raise
+				# if the value isn't supported.
+				#
+				# Don't use this: #block_sizes_supported is better.
+        def blocksize=(block_size_bytes)
+						self.block = "\x00" * block_size_bytes
+						self
+        end
+
+				# This lets you know how big a block is currently being used.
+				# There's probably no point using this.
+        def blocksize
+            return @block_words*4
+        end
+
+				# Provides a list of block sizes (bytes) which are supported
+				def self.block_sizes_supported
+					@@valid_blocksizes_bytes
+				end
+
+				# Provides a list of key sizes (bytes) which are supported
+				def self.key_sizes_supported
+					@@valid_keysizes_bytes
+				end
+        
+				# This just calls the class' .block_sizes_supported method for you.
+				def block_sizes_supported
+					self.class.block_sizes_supported
+				end
+        
+        
+        def round_count #:nodoc:
+						return @round_count if @round_count
+						@round_count = Core.round_count(@block_words, @key_words)
+        end
+        
+
+protected :round_count
+        
+=begin rdoc
+Your main entry point. You must provide an input string of a valid length - if not, it'll +raise+.
+Valid lengths are 16, 24 or 32 bytes, and it will pick the block size based on the length of the input.
+
+The output is a Encrypted::ByteStream object, which is to say more-or-less a String.
+=end
+        def encrypt(plaintext)
+						self.block = plaintext
+
+            rounds=round_count
+            expanded_key=expand_key
+            
+            blockl_b=@block_words*4
+            #puts "m #{block.length}"
+            tmp_block=Core.round0(block, expanded_key[0])
+						tmp_block = Core.roundn_times(tmp_block, expanded_key, rounds, :forward)
+            return Core.roundl(tmp_block, expanded_key[rounds])
+        end
+        
+=begin rdoc
+Your other main entry point. You must provide an input string of a valid length - if not, it'll +raise+.
+Valid lengths are 16, 24 or 32 bytes, and it will pick the block size based on the length of the input.
+Of course, if the string to decrypt is of invalid length then you've got other problems...
+
+The output is a Encrypted::ByteStream object, which is to say more-or-less a String.
+=end
+        def decrypt(ciphertext)
+						self.block = ciphertext
+            rounds=round_count
+            expanded_key=expand_key
+            
+            blockl_b=@block_words*4
+            tmp_block=Core.inv_roundl(block, expanded_key[rounds])
+						tmp_block = Core.roundn_times(tmp_block, expanded_key, rounds, :reverse)
+            decrypted=Core.round0(tmp_block, expanded_key[0])
+            #p "decrypted: #{decrypted}" if $VERBOSE
+            return decrypted
+        end
+    end
+
+=begin rdoc
+This is exactly the same as Encrypted::Rijndael except that the only allowed block size is 128-bit (16 bytes
+), which affects possible IV (for CBC and other block-chaining algorithms) and plaintext block lengths.
+
+Given the effort that went into standardising on AES, you may well want to use this instead of 
+Encrypted::Rijndael for encryption if you're interoperating with another party. Of course, you *can* safely
+use Encrypted::Rijndael for decryption in that circumstance.
+
+The spec for this is in an US government standards document named FIPS-197. Google for it.
+=end
+    class AES < Rijndael
+        AES_BLOCKSIZE_BYTES=16
+
+				# Only one block size is supported for real AES: 16 bytes.
+				def self.block_sizes_supported
+					[AES_BLOCKSIZE_BYTES]
+				end
+    end
+end

data/lib/encrypted/rijndael/core.rb

@@ -0,0 +1,430 @@
+class Encrypted
+    class Rijndael
+        class Core
+            @@rounds_by_block_size={
+                4=>10,
+                6=>12,
+                8=>14
+            }
+            
+            def self.round_count(block_words, key_words) #:nodoc:
+                biggest_words=if(block_words > key_words)
+                    block_words
+                else
+                    key_words
+                end
+                @@rounds_by_block_size[biggest_words]
+            end
+            def self.round_constants(block_words, key_words) #:nodoc:
+                @@round_constants ||= {}
+                @@round_constants[block_words] ||= {}
+                unless(@@round_constants[block_words][key_words]) then
+                  temp_v=1
+                  p_round_constant=[0,1].map {|i| [i, 0, 0, 0].pack("C*")}
+                  
+                  p_round_constant+=
+                  (2 .. (block_words * (round_count(block_words, key_words) + 1)/key_words).to_i).to_a.map {
+                      #0x1000000<<($_-1)
+                      [(temp_v=Core.dot(02,temp_v)),0,0,0].pack("C*")
+                  }
+                  @@round_constants[block_words][key_words] = p_round_constant
+                end
+                @@round_constants[block_words][key_words]
+            end
+            def self.expand_key_le6(key, block_words) #:nodoc
+              # For short (128-bit, 192-bit) keys this is used to expand the key to blocklen*(rounds+1) bits
+                
+                #expanded_key=key;
+                ek_words=key.unpack("N*").map {|number| Encrypted::ByteStream.new([number].pack("N"))}
+            
+                key_words = key.length / 4
+                p_round_constant = round_constants(block_words, key_words)
+            
+                rounds=round_count(block_words, key_words)
+                
+                (key_words .. block_words * (rounds + 1)-1).each do
+                    |i|
+
+                    p_temp=ek_words[i-1]
+                    
+                    
+                    if(i % key_words == 0) 
+                        
+                            t_byte=p_temp.byte_at(0)
+                            p_temp[0 .. 2]=p_temp[1 .. 3]
+                            p_temp.byte_at(3, t_byte)
+                        
+                        # tr would be great here again.
+                        p_temp=Encrypted::ByteStream.new(Core.sbox_block(p_temp))
+                        p_temp^=p_round_constant[(i/key_words).to_i]
+                    end
+                    ek_words[i]=p_temp^ek_words[i-key_words]
+                    i+=1
+                end
+                #puts ek_words.to_s
+                expanded_key=Array(rounds+1)
+                (0 .. rounds).each do
+                    |round|
+                    expanded_key[round]=Encrypted::ByteStream.new(ek_words[round*block_words, block_words].join(""))
+                end
+                return expanded_key; 
+            end
+                    
+            def self.expand_key_gt6(key, block_words) #:nodoc:
+              # For long (256-bit) keys this is used to expand the key to blocklen*(rounds+1) bits
+                
+                #expanded_key=key
+                ek_words=key.unpack("N*").map {|number| Encrypted::ByteStream.new([number].pack("N"))}
+            
+                key_words = key.length / 4
+                p_round_constant = round_constants(block_words, key_words)
+
+                rounds=round_count(block_words, key_words)
+
+                (key_words .. block_words * (rounds + 1)-1).each do 
+                    |i|
+
+                    p_temp=ek_words[i-1]
+                    if(i % key_words == 0) 
+                        
+                            t_byte=p_temp.byte_at(0)
+                            p_temp[0 .. 2]=p_temp[1 .. 3]
+                            p_temp.byte_at(3, t_byte)
+            
+                        # tr would be great here again.
+                        p_temp=Encrypted::ByteStream.new(Core.sbox_block(p_temp))
+                        p_temp^=p_round_constant[(i/key_words).to_i]
+                      
+                    elsif(i % key_words == 4) 
+                        p_temp=Core.sbox_block(p_temp)
+                    end
+                    ek_words[i]=ek_words[i-key_words]^p_temp
+                end
+                expanded_key=Array(rounds+1)
+                (0 .. rounds).each do
+                    |round|
+                    expanded_key[round]=Encrypted::ByteStream.new(ek_words[round*block_words, block_words].join(""))
+                end
+                return expanded_key;
+            end
+
+            def self.roundn_times(block, expanded_key, rounds, direction) #:nodoc:
+              case(direction)
+              when :forward then
+                (1 .. rounds-1).each do 
+                  |current_round|
+                  block=Core.roundn(block, expanded_key[current_round])
+                end
+              when :reverse then
+                (1 .. rounds-1).to_a.reverse.each do 
+                    |current_round|
+                    block=Core.inv_roundn(block, expanded_key[current_round])
+                end
+              else
+                raise "Unsupported round direction"
+              end
+              block
+            end
+            def self.roundn(input, round_key) #:nodoc:
+                block_words = input.length / 4
+                row_len=block_words;
+            
+                input=sbox_block(input)
+                input=shift_rows(input)       
+                # Tune this - jim
+                input=mix_column(input)
+                
+                return round0(input, round_key)
+            end
+            
+            def self.inv_roundn(input, round_key) #:nodoc:
+                block_words = input.length / 4
+                
+                input=round0(input, round_key)
+                row_len=block_words
+                input=inv_mix_column(input)
+
+                
+                input=inv_shift_rows(input)
+                # convert to use tr for the s-box ?
+                input=inv_sbox_block(input)
+                
+                return input
+            end
+            
+            def self.roundl(input, round_key) #:nodoc:
+                # convert to use tr for the s-box
+
+                input=sbox_block(input)
+                input=shift_rows(input)
+                return round0(input, round_key)
+            end
+            
+            def self.inv_roundl(input, round_key) #:nodoc:
+                # convert to use tr for the s-box
+                input=round0(input, round_key)
+                input=inv_sbox_block(input)
+                input=inv_shift_rows(input)
+                #input=bytes_n.pack("C*")  
+                return input
+            end
+
+
+            def self.round0(input, round_key) #:nodoc:
+                return round_key^input;
+            end
+            def self.make_shiftrow_map  #:nodoc:
+              shift_for_block_len={
+                4=>[0,1,2,3],
+                6=>[0,1,2,3],
+                8=>[0,1,3,4],
+              }
+                @@inv_shiftrow_map=(0 .. 0xff).map {Array.new}
+                @@shiftrow_map=(0 .. 0xff).map {Array.new}  
+                shift_for_block_len.keys.each do
+                    |block_len|
+                    row_len=block_len;
+                    state_b=(0 .. (row_len*4)-1).to_a;
+                    col_len=4;
+                    c=shift_for_block_len[block_len];
+                    (0 .. c.length-1).each do
+                        |row_n| 
+                        # Grab the lossage first
+                        next unless c[row_n] > 0;
+                        d1=Array.new
+                        d2=Array.new
+                        (row_len-c[row_n] .. row_len-1).map {|col| row_n+col_len*col}.each do
+                            |offset|
+                            d1+=state_b[offset,1]
+                        end 
+                        (0 .. row_len-c[row_n]-1).map {|col| row_n+col_len*col}.each do
+                            |offset|
+                            d2+=state_b[offset,1]
+                        end  
+                        
+                  (0 .. row_len-1).map {|col| row_n+col_len*col}.each do
+                            |offset|
+                            state_b[offset]=d1.shift||d2.shift
+                        end
+                    end
+                    @@inv_shiftrow_map[block_len]=state_b;
+                    (0 .. state_b.length-1).each do
+                        |offset|
+                        @@shiftrow_map[block_len][state_b[offset]]=offset;
+                    end
+                end
+            end
+            
+            make_shiftrow_map
+
+            def self.shift_rows(state_b) #:nodoc:
+              row_len=state_b.length/4
+              
+              state_o=@@shiftrow_map[row_len].map do
+                |offset|
+                state_b.byte_at(offset)
+              end
+              return Encrypted::ByteStream.new(state_o.pack("C*"))
+            end
+            
+            def self.inv_shift_rows(state_b) #:nodoc:
+              col_len=4;
+              row_len=state_b.length/4;
+              
+                state_o=@@inv_shiftrow_map[row_len].map do
+                    |offset|
+                    state_b.byte_at(offset)
+                end
+                return Encrypted::ByteStream.new(state_o.pack("C*"))
+            end
+            
+
+            POLYNOMIAL_SPACE=0x11b
+            COLUMN_SIZE=4
+
+            def self.sbox_block(input)
+                return Encrypted::ByteStream.new(input.unpack("C*").map do
+                    |byte| 
+                    @@sbox[byte]
+                end.pack("C*"))
+            end
+    
+            def self.inv_sbox_block(input)
+                return Encrypted::ByteStream.new(input.unpack("C*").map do
+                    |byte| 
+                    @@inv_sbox[byte]
+                end.pack("C*"))
+            end
+                    
+            def self.mix_column(col)
+                block_words=col.length/COLUMN_SIZE
+                r_col=Array.new
+                (0 .. (block_words-1)).each {
+                    |current_word|
+                    r_col+=[
+                    (@@dot_cache[02][col.byte_at((current_word*4)+0)] ^ 
+                        @@dot_cache[03][col.byte_at((current_word*4)+1)] ^ 
+                            col.byte_at((current_word*4)+2) ^ 
+                                col.byte_at((current_word*4)+3) ),
+                    ( col.byte_at((current_word*4)+0) ^ 
+                        @@dot_cache[02][col.byte_at((current_word*4)+1)] ^ 
+                            @@dot_cache[03][col.byte_at((current_word*4)+2)] ^ 
+                                col.byte_at((current_word*4)+3) ),
+                    ( col.byte_at((current_word*4)+0) ^ 
+                        col.byte_at((current_word*4)+1) ^ 
+                            @@dot_cache[02][col.byte_at((current_word*4)+2)] ^ 
+                                @@dot_cache[03][col.byte_at((current_word*4)+3)]),
+                    (@@dot_cache[03][col.byte_at((current_word*4)+0)] ^ 
+                        col.byte_at((current_word*4)+1) ^ 
+                            col.byte_at((current_word*4)+2) ^ 
+                                @@dot_cache[02][col.byte_at((current_word*4)+3)])]
+                }
+                return Encrypted::ByteStream.new(r_col.pack("C*"))
+            end
+            
+            # The inverse of the above
+            
+            def self.inv_mix_column(col)
+                block_words=col.length/COLUMN_SIZE
+                r_col=Array.new
+                (0 .. (block_words-1)).each { |current_block|
+                    r_col+=[
+                    (@@dot_cache[0x0e][col.byte_at((current_block*4)+0)] ^ 
+                        @@dot_cache[0x0b][col.byte_at((current_block*4)+1)] ^ 
+                            @@dot_cache[0x0d][col.byte_at((current_block*4)+2)] ^ 
+                                @@dot_cache[0x09][col.byte_at((current_block*4)+3)]),
+                    (@@dot_cache[0x09][col.byte_at((current_block*4)+0)] ^ 
+                        @@dot_cache[0x0e][col.byte_at((current_block*4)+1)] ^ 
+                            @@dot_cache[0x0b][col.byte_at((current_block*4)+2)] ^ 
+                                @@dot_cache[0x0d][col.byte_at((current_block*4)+3)]),
+                    (@@dot_cache[0x0d][col.byte_at((current_block*4)+0)] ^ 
+                        @@dot_cache[0x09][col.byte_at((current_block*4)+1)] ^ 
+                            @@dot_cache[0x0e][col.byte_at((current_block*4)+2)] ^ 
+                                @@dot_cache[0x0b][col.byte_at((current_block*4)+3)]),
+                    (@@dot_cache[0x0b][col.byte_at((current_block*4)+0)] ^ 
+                        @@dot_cache[0x0d][col.byte_at((current_block*4)+1)] ^ 
+                            @@dot_cache[0x09][col.byte_at((current_block*4)+2)] ^ 
+                                @@dot_cache[0x0e][col.byte_at((current_block*4)+3)])
+                ]}     
+                return Encrypted::ByteStream.new(r_col.pack("C*"))
+            end
+                
+            def self.xtime(a)
+                a*=2
+                if( a & 0x100 > 0 )
+                    a^=0x1b
+                end
+                a&=0xff
+                return a
+            end            
+            
+            def self.dot(a, b)
+                return 0 unless(a > 0 and b > 0)
+                
+                result=0
+                tv=a
+                (0 .. 7).each do
+                    |i|
+                    if(b & (1<<i) > 0)
+                        result^=tv
+                    end
+                    tv=xtime(tv)
+                end
+                return result
+            end
+            
+
+            # _Not_ the same as dot()
+            # Multiplies a by b. In polynomial space. Without capping the value.
+            def self.mul(a, b)
+                result=0
+                tv=a
+                (0 .. 7).each do
+                    |i|
+                    if(b & (1<<i) > 0)
+                        result^=tv
+                    end
+                    tv<<=1
+                end
+                return result
+            end
+            
+            # The inverse of mul() above.
+            
+            def self.div(a, b)
+                acc=a
+                tv=b
+                result=0
+                (0 .. 7).to_a.reverse.each do
+                    | i |
+                    tv=b<<i
+    
+                    if( (tv&~acc) < acc  or (acc^tv) <= (1<<i))
+                        result|=(1<<i)
+                        acc^=tv
+                    end
+                end
+                return result
+            end
+
+            # 8-bit number in, 8-bit number out
+            def self.mult_inverse(num)
+                return 0 unless num > 0
+                remainder=[POLYNOMIAL_SPACE, num]
+                auxiliary=[0,1]
+            
+                if(remainder[1]==1)
+                   return 1
+                end
+                i=2
+                while remainder[i-1]!=1
+                    quotient=div(remainder[i-2], remainder[i-1])
+                    multiplied=mul(remainder[i-1], quotient)
+                    
+                    remainder[i]=remainder[i-2]^multiplied
+                    auxiliary[i]=mul(quotient,auxiliary[i-1]) ^ auxiliary[i-2]
+                    if (i>10)
+                        raise "BUG: Multiplicative inverse should never exceed 10 iterations"
+                    end
+                    i+=1
+                end
+                return auxiliary[i-1]
+            end
+
+            def self.sbox(b)
+                c=0x63
+                b=mult_inverse(b)
+                result=b
+                (1 .. 4).each do
+                    |i|
+                    b_t=((b<<i)&0xff)|(b>>(8-i))
+                    result^=b_t
+                end
+                return result^c
+            end
+
+            # Startup caching follows
+            
+            unless(defined? @@all_cached)
+                @@sbox=(0 .. 255).to_a.map { |input| sbox(input)}
+                @@inv_sbox=Array.new(256)
+                (0 .. 255).each do
+                    |input| 
+                    @@inv_sbox[@@sbox[input]]=input
+                end
+                @@dot_cache=(0 .. 0xf).map {Array.new(256)}
+                [0x2, 0x3, 0x9, 0xb, 0xd, 0xe].each do 
+                    # These are the only numbers we need.
+                    |a|
+                    (0 .. 0xff).each do
+                        |b|
+                        @@dot_cache[a][b]=dot(a, b)
+                    end
+                end
+                @@all_cached=1
+            end
+
+        end
+        
+    end
+end