fast-aes 0.1.0 → 0.1.1

data/README.rdoc

@@ -12,7 +12,7 @@ The algorithm itself was extracted from work by Christophe Devine for the open s
     Well, I've tried to make the code as simple and straightforward as 
     possible; I also used a few basic tricks, like loop unrolling. 
 
-Since this library wraps the sbd implementation, it supports a subset of AES, specifically:
+This gem supports the most important features of AES, specifically:
 
 * 128, 192, and 256-bit ciphers
 * Cipher Block Chaining (CBC) mode only
@@ -27,7 +27,7 @@ Bottom line, this gem works.  Fast.
 
 I couldn't find any that worked worth a crap.  The {ruby-aes}[http://rubyforge.org/projects/ruby-aes/]
 project has Ruby 1.9 bugs that have been open over _two_ _years_ now, {crypt/rijndael}[http://crypt.rubyforge.org/rijndael.html]
-doesn't work on Ruby 1.9 and is *SLOOOOOOW* (as it's written in Ruby), and some people even report getting
+doesn't work on Ruby 1.9 and is slooow (as it's written in Ruby), and some people even report getting
 {inconsistent encryption results from other libraries}[http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/228214].
 
 So I grabbed some C reference code, wrapped a Ruby interface around it, and voíla.
@@ -36,7 +36,6 @@ C'mon people, it's not that hard.  It's called Google.  In my day, you had to ac
 
 == Installation
 
-  gem install gemcutter
   gem install fast-aes
 
 == Example
@@ -46,7 +45,7 @@ Simple encryption/decryption:
   require 'fast-aes'
 
   # key can be 128, 192, or 256 bits
-  key = '424b3b5c4d454c7a51376748255d7b7156585f543f776243227352746f' 
+  key = '42#3b%c$dxyT,7a5=+5fUI3fa7352&^:'
 
   aes = FastAES.new(key)
 
@@ -68,15 +67,19 @@ In that case, if you need security, SSL is the obvious choice (and the right one
 But there will probably come a time, padawan, when you need a couple backend servers to talk -
 maybe job servers, or an admin port, or whatever.  Maybe even a simple chat server.
 
-You can use SSL for this if you want it to be time-consuming to setup, painful to maintain, and
-slow. Or you can use a different algorithm, such as AES.  Setting up an SSH tunnel is another good
-alternative (although AES is faster, and setup is slightly easier).
+You can setup SSL certificates for this if you want it to be time-consuming to maintain.
+Or you can directly use an encryption algorithm, such as AES.  Setting up an SSH tunnel is another
+good alternative, if you control both systems.  I think it's easier to configure encryption keys
+as part of your application, rather than having to mess with each individual system, but that's me.
+
+For more information on how SSL/AES/RC4/TLS all interact,
+{read this article on SSL and AES}[http://luxsci.com/blog/256-bit-aes-encryption-for-ssl-and-tls-maximal-security.html]
 
 === AES vs Other Encryption Standards
 
 There are a bizillion (literally!) different encryption standards out there.  If you have
 a PhD, and can't find a job, writing an encryption algorithm is a good thing to put on your resume -
-on that outside chance that someone will hire you and use it.  If you don't possess the talent to
+on the outside chance that someone will hire you and use it.  If you don't possess the talent to
 write an encryption standard, you can spend hours trying to crack one - for similar reasons.  As a
 result, of the many encryption alternatives, most are either (a) cracked or (b) covered by patents.
 

data/ext/fast_aes.c

@@ -200,7 +200,6 @@ VALUE fast_aes_decrypt(
     char* pDataIn = StringValuePtr(buffer);
     int uiNumBytesIn = RSTRING_LEN(buffer);
     char* pDataOut = malloc((uiNumBytesIn + 15) & -16);  /* auto-malloc min size in 16-byte increments */
-    pDataOut = malloc(uiNumBytesIn + 15);
 
     unsigned char *pRead, *pWrite;
     pRead  = (unsigned char*)pDataIn;
@@ -223,7 +222,7 @@ VALUE fast_aes_decrypt(
 
     /*//////////////////////////////////////////////////////////////////////////
     ////////////////////////////////////////////////////////////////////////////
-    //  Perform block decodes 16 bytes at a time while we still have at least
+    //  Perform block decrypts 16 bytes at a time while we still have at least
     //  16 bytes of input remaining.
     */
     while( uiNumBytesIn >= 16 )
@@ -236,10 +235,8 @@ VALUE fast_aes_decrypt(
 
     /*//////////////////////////////////////////////////////////////////////////
     ////////////////////////////////////////////////////////////////////////////
-    //  Have to catch any straggling bytes that are left after decoding the
-    //  16-byte blocks.  Strip trailing zeros, which is something fucking
-    //  loose-cannon rjc couldn't figure out despite being a "genius".  He needs
-    //  a punch in the junk, I swear to god.
+    //  Have to catch any straggling bytes that are left after decrypting the
+    //  16-byte blocks.
     */
     if( uiNumBytesIn > 0 )
     {
@@ -250,9 +247,12 @@ VALUE fast_aes_decrypt(
         puiNumBytesOut += 16;
     }
 
-    /* Strip zeros, simple but effective.  RJC can suck my kawck.
-     * "Senior."  LOL.  You're fired.
-     */
+    /*//////////////////////////////////////////////////////////////////////////
+    ////////////////////////////////////////////////////////////////////////////
+    // Strip trailing zeros, simple but effective.  This is something fucking
+		// loose-cannon rjc couldn't figure out despite being a "genius".  He needs
+		// a punch in the junk, I swear to god.
+    */
     while (puiNumBytesOut > 0) {
         if (pDataOut[puiNumBytesOut - 1] != 0) break;
         puiNumBytesOut -= 1;

data/spec/fast_aes_spec.rb

@@ -14,6 +14,17 @@ describe 'FastAES' do
     require 'fast-aes'
   end
 
+  it "should run the README duh" do
+    require 'fast-aes'
+
+    # key can be 128, 192, or 256 bits
+    key = '42#3b%c$dxyT,7a5=+5fUI3fa7352&^:'
+    aes = FastAES.new(key)
+    text = "Hey there, how are you?"
+    data = aes.encrypt(text)
+    aes.decrypt(data).should == text   # "Hey there, how are you?"
+  end
+
   it "should accept 128, 192, and 256-bit keys" do
     [128, 192, 256].each do |bits|
       key = 'a' * (bits/8)
@@ -21,6 +32,12 @@ describe 'FastAES' do
       aes.key.should == key
     end
   end
+  
+  it "should raise an exception is the key isn't in the accepted range" do
+    lambda{FastAES.new('key')}.should raise_error  # 24-bit
+    lambda{FastAES.new('keykeyke')}.should raise_error # 64-bit
+    lambda{FastAES.new('keykeykeykeykeykeykeykeykeykeykey')}.should raise_error # 264-bit
+  end
 
   it "should encrypt and decrypt messages (what a concept)" do
     phrases = [
@@ -44,5 +61,15 @@ describe 'FastAES' do
     end
   end
   
-end
-
+  it "should have a different encoding based on the key length" do
+    aes_1 = FastAES.new '12345678901234567890123456789012'
+    aes_2 = FastAES.new '123456789012345678901234'
+    aes_3 = FastAES.new '1234567890123456'
+    text  = "So long and thanks for all the fish"
+    secret_1, secret_2, secret_3 = aes_1.encrypt(text), aes_2.encrypt(text), aes_3.encrypt(text)
+    [secret_1, secret_2, secret_3].each do |secret|
+      ([secret_1, secret_2, secret_3] - [secret]).each{|message| message.should_not == secret}
+    end
+  end
+  
+end

metadata

@@ -1,7 +1,12 @@
 --- !ruby/object:Gem::Specification 
 name: fast-aes
 version: !ruby/object:Gem::Version 
-  version: 0.1.0
+  prerelease: false
+  segments: 
+  - 0
+  - 1
+  - 1
+  version: 0.1.1
 platform: ruby
 authors: 
 - Nate Wiger
@@ -9,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-01-20 00:00:00 -08:00
+date: 2010-03-17 00:00:00 -07:00
 default_executable: 
 dependencies: []
 
@@ -44,18 +49,20 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      segments: 
+      - 0
       version: "0"
-  version: 
 required_rubygems_version: !ruby/object:Gem::Requirement 
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      segments: 
+      - 0
       version: "0"
-  version: 
 requirements: []
 
 rubyforge_project: fast-aes
-rubygems_version: 1.3.5
+rubygems_version: 1.3.6
 signing_key: 
 specification_version: 3
 summary: Fast AES implementation in C.  Works with Ruby 1.8 and 1.9