fast-aes 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +11 -8
- data/ext/fast_aes.c +9 -9
- data/spec/fast_aes_spec.rb +29 -2
- metadata +12 -5
data/README.rdoc
CHANGED
@@ -12,7 +12,7 @@ The algorithm itself was extracted from work by Christophe Devine for the open s
|
|
12
12
|
Well, I've tried to make the code as simple and straightforward as
|
13
13
|
possible; I also used a few basic tricks, like loop unrolling.
|
14
14
|
|
15
|
-
|
15
|
+
This gem supports the most important features of AES, specifically:
|
16
16
|
|
17
17
|
* 128, 192, and 256-bit ciphers
|
18
18
|
* Cipher Block Chaining (CBC) mode only
|
@@ -27,7 +27,7 @@ Bottom line, this gem works. Fast.
|
|
27
27
|
|
28
28
|
I couldn't find any that worked worth a crap. The {ruby-aes}[http://rubyforge.org/projects/ruby-aes/]
|
29
29
|
project has Ruby 1.9 bugs that have been open over _two_ _years_ now, {crypt/rijndael}[http://crypt.rubyforge.org/rijndael.html]
|
30
|
-
doesn't work on Ruby 1.9 and is
|
30
|
+
doesn't work on Ruby 1.9 and is slooow (as it's written in Ruby), and some people even report getting
|
31
31
|
{inconsistent encryption results from other libraries}[http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/228214].
|
32
32
|
|
33
33
|
So I grabbed some C reference code, wrapped a Ruby interface around it, and voíla.
|
@@ -36,7 +36,6 @@ C'mon people, it's not that hard. It's called Google. In my day, you had to ac
|
|
36
36
|
|
37
37
|
== Installation
|
38
38
|
|
39
|
-
gem install gemcutter
|
40
39
|
gem install fast-aes
|
41
40
|
|
42
41
|
== Example
|
@@ -46,7 +45,7 @@ Simple encryption/decryption:
|
|
46
45
|
require 'fast-aes'
|
47
46
|
|
48
47
|
# key can be 128, 192, or 256 bits
|
49
|
-
key = '
|
48
|
+
key = '42#3b%c$dxyT,7a5=+5fUI3fa7352&^:'
|
50
49
|
|
51
50
|
aes = FastAES.new(key)
|
52
51
|
|
@@ -68,15 +67,19 @@ In that case, if you need security, SSL is the obvious choice (and the right one
|
|
68
67
|
But there will probably come a time, padawan, when you need a couple backend servers to talk -
|
69
68
|
maybe job servers, or an admin port, or whatever. Maybe even a simple chat server.
|
70
69
|
|
71
|
-
You can
|
72
|
-
|
73
|
-
alternative
|
70
|
+
You can setup SSL certificates for this if you want it to be time-consuming to maintain.
|
71
|
+
Or you can directly use an encryption algorithm, such as AES. Setting up an SSH tunnel is another
|
72
|
+
good alternative, if you control both systems. I think it's easier to configure encryption keys
|
73
|
+
as part of your application, rather than having to mess with each individual system, but that's me.
|
74
|
+
|
75
|
+
For more information on how SSL/AES/RC4/TLS all interact,
|
76
|
+
{read this article on SSL and AES}[http://luxsci.com/blog/256-bit-aes-encryption-for-ssl-and-tls-maximal-security.html]
|
74
77
|
|
75
78
|
=== AES vs Other Encryption Standards
|
76
79
|
|
77
80
|
There are a bizillion (literally!) different encryption standards out there. If you have
|
78
81
|
a PhD, and can't find a job, writing an encryption algorithm is a good thing to put on your resume -
|
79
|
-
on
|
82
|
+
on the outside chance that someone will hire you and use it. If you don't possess the talent to
|
80
83
|
write an encryption standard, you can spend hours trying to crack one - for similar reasons. As a
|
81
84
|
result, of the many encryption alternatives, most are either (a) cracked or (b) covered by patents.
|
82
85
|
|
data/ext/fast_aes.c
CHANGED
@@ -200,7 +200,6 @@ VALUE fast_aes_decrypt(
|
|
200
200
|
char* pDataIn = StringValuePtr(buffer);
|
201
201
|
int uiNumBytesIn = RSTRING_LEN(buffer);
|
202
202
|
char* pDataOut = malloc((uiNumBytesIn + 15) & -16); /* auto-malloc min size in 16-byte increments */
|
203
|
-
pDataOut = malloc(uiNumBytesIn + 15);
|
204
203
|
|
205
204
|
unsigned char *pRead, *pWrite;
|
206
205
|
pRead = (unsigned char*)pDataIn;
|
@@ -223,7 +222,7 @@ VALUE fast_aes_decrypt(
|
|
223
222
|
|
224
223
|
/*//////////////////////////////////////////////////////////////////////////
|
225
224
|
////////////////////////////////////////////////////////////////////////////
|
226
|
-
// Perform block
|
225
|
+
// Perform block decrypts 16 bytes at a time while we still have at least
|
227
226
|
// 16 bytes of input remaining.
|
228
227
|
*/
|
229
228
|
while( uiNumBytesIn >= 16 )
|
@@ -236,10 +235,8 @@ VALUE fast_aes_decrypt(
|
|
236
235
|
|
237
236
|
/*//////////////////////////////////////////////////////////////////////////
|
238
237
|
////////////////////////////////////////////////////////////////////////////
|
239
|
-
// Have to catch any straggling bytes that are left after
|
240
|
-
// 16-byte blocks.
|
241
|
-
// loose-cannon rjc couldn't figure out despite being a "genius". He needs
|
242
|
-
// a punch in the junk, I swear to god.
|
238
|
+
// Have to catch any straggling bytes that are left after decrypting the
|
239
|
+
// 16-byte blocks.
|
243
240
|
*/
|
244
241
|
if( uiNumBytesIn > 0 )
|
245
242
|
{
|
@@ -250,9 +247,12 @@ VALUE fast_aes_decrypt(
|
|
250
247
|
puiNumBytesOut += 16;
|
251
248
|
}
|
252
249
|
|
253
|
-
|
254
|
-
|
255
|
-
|
250
|
+
/*//////////////////////////////////////////////////////////////////////////
|
251
|
+
////////////////////////////////////////////////////////////////////////////
|
252
|
+
// Strip trailing zeros, simple but effective. This is something fucking
|
253
|
+
// loose-cannon rjc couldn't figure out despite being a "genius". He needs
|
254
|
+
// a punch in the junk, I swear to god.
|
255
|
+
*/
|
256
256
|
while (puiNumBytesOut > 0) {
|
257
257
|
if (pDataOut[puiNumBytesOut - 1] != 0) break;
|
258
258
|
puiNumBytesOut -= 1;
|
data/spec/fast_aes_spec.rb
CHANGED
@@ -14,6 +14,17 @@ describe 'FastAES' do
|
|
14
14
|
require 'fast-aes'
|
15
15
|
end
|
16
16
|
|
17
|
+
it "should run the README duh" do
|
18
|
+
require 'fast-aes'
|
19
|
+
|
20
|
+
# key can be 128, 192, or 256 bits
|
21
|
+
key = '42#3b%c$dxyT,7a5=+5fUI3fa7352&^:'
|
22
|
+
aes = FastAES.new(key)
|
23
|
+
text = "Hey there, how are you?"
|
24
|
+
data = aes.encrypt(text)
|
25
|
+
aes.decrypt(data).should == text # "Hey there, how are you?"
|
26
|
+
end
|
27
|
+
|
17
28
|
it "should accept 128, 192, and 256-bit keys" do
|
18
29
|
[128, 192, 256].each do |bits|
|
19
30
|
key = 'a' * (bits/8)
|
@@ -21,6 +32,12 @@ describe 'FastAES' do
|
|
21
32
|
aes.key.should == key
|
22
33
|
end
|
23
34
|
end
|
35
|
+
|
36
|
+
it "should raise an exception is the key isn't in the accepted range" do
|
37
|
+
lambda{FastAES.new('key')}.should raise_error # 24-bit
|
38
|
+
lambda{FastAES.new('keykeyke')}.should raise_error # 64-bit
|
39
|
+
lambda{FastAES.new('keykeykeykeykeykeykeykeykeykeykey')}.should raise_error # 264-bit
|
40
|
+
end
|
24
41
|
|
25
42
|
it "should encrypt and decrypt messages (what a concept)" do
|
26
43
|
phrases = [
|
@@ -44,5 +61,15 @@ describe 'FastAES' do
|
|
44
61
|
end
|
45
62
|
end
|
46
63
|
|
47
|
-
|
48
|
-
|
64
|
+
it "should have a different encoding based on the key length" do
|
65
|
+
aes_1 = FastAES.new '12345678901234567890123456789012'
|
66
|
+
aes_2 = FastAES.new '123456789012345678901234'
|
67
|
+
aes_3 = FastAES.new '1234567890123456'
|
68
|
+
text = "So long and thanks for all the fish"
|
69
|
+
secret_1, secret_2, secret_3 = aes_1.encrypt(text), aes_2.encrypt(text), aes_3.encrypt(text)
|
70
|
+
[secret_1, secret_2, secret_3].each do |secret|
|
71
|
+
([secret_1, secret_2, secret_3] - [secret]).each{|message| message.should_not == secret}
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,12 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fast-aes
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
|
4
|
+
prerelease: false
|
5
|
+
segments:
|
6
|
+
- 0
|
7
|
+
- 1
|
8
|
+
- 1
|
9
|
+
version: 0.1.1
|
5
10
|
platform: ruby
|
6
11
|
authors:
|
7
12
|
- Nate Wiger
|
@@ -9,7 +14,7 @@ autorequire:
|
|
9
14
|
bindir: bin
|
10
15
|
cert_chain: []
|
11
16
|
|
12
|
-
date: 2010-
|
17
|
+
date: 2010-03-17 00:00:00 -07:00
|
13
18
|
default_executable:
|
14
19
|
dependencies: []
|
15
20
|
|
@@ -44,18 +49,20 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
44
49
|
requirements:
|
45
50
|
- - ">="
|
46
51
|
- !ruby/object:Gem::Version
|
52
|
+
segments:
|
53
|
+
- 0
|
47
54
|
version: "0"
|
48
|
-
version:
|
49
55
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
50
56
|
requirements:
|
51
57
|
- - ">="
|
52
58
|
- !ruby/object:Gem::Version
|
59
|
+
segments:
|
60
|
+
- 0
|
53
61
|
version: "0"
|
54
|
-
version:
|
55
62
|
requirements: []
|
56
63
|
|
57
64
|
rubyforge_project: fast-aes
|
58
|
-
rubygems_version: 1.3.
|
65
|
+
rubygems_version: 1.3.6
|
59
66
|
signing_key:
|
60
67
|
specification_version: 3
|
61
68
|
summary: Fast AES implementation in C. Works with Ruby 1.8 and 1.9
|