mbedtls 0.1.0.beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,21 @@
1
+ -----BEGIN CERTIFICATE-----
2
+ MIIDijCCAnKgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMRcwFQYDVQQDDA5taWNo
3
+ aWVsLnNpa2tlczEVMBMGCgmSJomT8ixkARkWBWdtYWlsMRMwEQYKCZImiZPyLGQB
4
+ GRYDY29tMB4XDTE0MTIyNDEyNTQzM1oXDTE1MTIyNDEyNTQzM1owRTEXMBUGA1UE
5
+ AwwObWljaGllbC5zaWtrZXMxFTATBgoJkiaJk/IsZAEZFgVnbWFpbDETMBEGCgmS
6
+ JomT8ixkARkWA2NvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJXr
7
+ ZzV/gU/XPk6hhBs/iSn+HYGLHYnaEtVkNliKZKWLr7arKGM5pneM9rub8VaA9iKE
8
+ N2swxHngobSDouYBJcxlQabCWx8htD4nSlOXWTfFeR78jhfYS2VyysQ0dnHSjE9c
9
+ KXa8EHcg0YNPpWqWoGemb4iJENnqcGGLY67RBhkHsWj5BJO84e4hS8vsUYyAiAbV
10
+ 3nO5+5EmnkWQB2fVDTL3tjY1yOdzfyvaIifwt9aKVwY0YPORIlm9RI4wtQRv9NFq
11
+ ONyougmLd5vVWp6jO1+9O6TxayzDccJLGuGB6Tw94BQo3o50yoLZew44A7VT3XC2
12
+ LQg3n8Pzuow9MtTRrC0CAwEAAaOBhDCBgTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIE
13
+ sDAdBgNVHQ4EFgQUbb9Rb7oi1MDVYRSgxiQ33szdVCswIwYDVR0RBBwwGoEYbWlj
14
+ aGllbC5zaWtrZXNAZ21haWwuY29tMCMGA1UdEgQcMBqBGG1pY2hpZWwuc2lra2Vz
15
+ QGdtYWlsLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEABVgqI2u309QC/Dgpas1eefZ5
16
+ ihSC1O8VE+5sKd+VZ3COciOAL5me1EcmHdpp+SXZv54E4IPMkLJIaeRhLN+3BzhB
17
+ +FxZuMOFHsaRFrYJhvyiZ1YaA30Rrv7Ac2Z9b19+++mKVSwwoMfTCYUHbNX1e8gy
18
+ 50GjXI5RjqXz8goJnASe1sx12Dm6Hi5fWZxdnIJIU4EJGqSyfEQNDcOOILRvihdp
19
+ +MPuiRlaQjfZy/soMMERP/wuGpw6Ce94ITJ56wjQgl3YhqQPoE76KgRu4b4YwKhx
20
+ H7APPQD4vksmpWYDCN7llFs/nPaYM6lkxy7bcHRQxaA/km9IF+0iwbhv9mDdDQ==
21
+ -----END CERTIFICATE-----
@@ -0,0 +1 @@
1
+ 16f1f680d86e64df6de9651add83f111ee053ec370f4e676b1510376b9d3b02da878d2d129928e8d45522a99cdf02e543089bac55d32bd6a1ac9329b74605fca
@@ -0,0 +1,360 @@
1
+ /*
2
+ * Wrapping code for the PolarSSL::Cipher class.
3
+ *
4
+ * Copyright (C) 2013 Michiel Sikkes
5
+ *
6
+ * This file is part of polarssl-ruby (http://github.com/michiels/polarssl-ruby)
7
+ *
8
+ * All rights reserved.
9
+ *
10
+ * This program is free software: you can redistribute it and/or modify
11
+ * it under the terms of the GNU Lesser General Public License as published by
12
+ * the Free Software Foundation, either version 3 of the License, or
13
+ * (at your option) any later version.
14
+ *
15
+ * This program is distributed in the hope that it will be useful,
16
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
17
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18
+ * GNU Lesser General Public License for more details.
19
+ *
20
+ * You should have received a copy of the GNU Lesser General Public License
21
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
22
+ */
23
+
24
+ #include "polarssl.h"
25
+ #include "polarssl/cipher.h"
26
+ #include "ruby.h"
27
+
28
+ VALUE rb_cipher_allocate();
29
+ VALUE rb_cipher_initialize();
30
+ VALUE rb_cipher_setkey();
31
+ VALUE rb_cipher_update();
32
+ VALUE rb_cipher_finish();
33
+ VALUE rb_cipher_set_iv();
34
+ VALUE rb_cipher_reset();
35
+ void rb_cipher_free();
36
+
37
+ VALUE e_UnsupportedCipher;
38
+ VALUE e_BadInputData;
39
+ VALUE e_CipherError;
40
+
41
+ typedef struct
42
+ {
43
+ cipher_context_t *ctx;
44
+ unsigned char *output;
45
+ size_t olen;
46
+ size_t input_length;
47
+ } rb_cipher_t;
48
+
49
+ void Init_cipher(void)
50
+ {
51
+ /** Document-class: PolarSSL::Cipher
52
+ *
53
+ * This class lets you encrypt and decrypt data.
54
+ *
55
+ * == Example
56
+ *
57
+ * require 'polarssl'
58
+ * require 'base64'
59
+ *
60
+ * my_iv = SecureRandom.random_bytes(16)
61
+ *
62
+ * cipher = PolarSSL::Cipher.new("AES-128-CTR")
63
+ * cipher.set_iv(my_iv, 16)
64
+ * cipher.setkey("mykey", 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
65
+ * cipher.update("secret stuff I want encrypted")
66
+ * encrypted_data = cipher.finish()
67
+ *
68
+ * encoded_encrypted_data = Base64.encode64(encrypted_data)
69
+ * encoded_iv = Base64.encode64(my_iv)
70
+ *
71
+ * puts encoded_encrypted_data
72
+ * puts encoded_iv
73
+ *
74
+ * == When you get an exception
75
+ *
76
+ * When using the Cipher class, you might get an exception. Some
77
+ * exeptions return a PolarSSL error code, like PolarSSL::Cipher::Error.
78
+ *
79
+ * These error codes are directly passed on from the PolarSSL library
80
+ * and you can look up what they mean in the PolarSSL API documentation
81
+ * at: https://polarssl.org/api/.
82
+ *
83
+ * == Supported Cipher types:
84
+ *
85
+ * CAMELLIA-128-CBC
86
+ * CAMELLIA-192-CBC
87
+ * CAMELLIA-256-CBC
88
+ *
89
+ * CAMELLIA-128-CFB128
90
+ * CAMELLIA-192-CFB128
91
+ * CAMELLIA-256-CFB128
92
+ *
93
+ * CAMELLIA-128-CTR
94
+ * CAMELLIA-192-CTR
95
+ * CAMELLIA-256-CTR
96
+ *
97
+ * AES-128-CBC
98
+ * AES-192-CBC
99
+ * AES-256-CBC
100
+ *
101
+ * AES-128-CFB128
102
+ * AES-192-CFB128
103
+ * AES-256-CFB128
104
+ *
105
+ * AES-128-CTR
106
+ * AES-192-CTR
107
+ * AES-256-CTR
108
+ *
109
+ * DES-CBC
110
+ * DES-EDE-CBC
111
+ * DES-EDE3-CBC
112
+ *
113
+ * BLOWFISH-CBC
114
+ * BLOWFISH-CFB64
115
+ * BLOWFISH-CTR
116
+ *
117
+ * NULL
118
+ *
119
+ */
120
+ VALUE cCipher = rb_define_class_under( rb_mPolarSSL, "Cipher", rb_path2class("Object") );
121
+
122
+ /* 1: Use cipher for encryption */
123
+ rb_define_const( cCipher, "OPERATION_ENCRYPT", INT2NUM(POLARSSL_ENCRYPT) );
124
+
125
+ /* 0: Use cipher for decryption */
126
+ rb_define_const( cCipher, "OPERATION_DECRYPT", INT2NUM(POLARSSL_DECRYPT) );
127
+
128
+ /* -1: Don't use cipher for anything */
129
+ rb_define_const( cCipher, "OPERATION_NONE", INT2NUM(POLARSSL_OPERATION_NONE) );
130
+
131
+ /* Document-class: PolarSSL::Cipher::UnsupportedCipher
132
+ * Raised when you do not pass a supported cipher type to PolarSSL::Cipher.new()
133
+ */
134
+ e_UnsupportedCipher = rb_define_class_under( cCipher, "UnsupportedCipher", rb_eStandardError );
135
+
136
+ /* Document-class: PolarSSL::Cipher::BadInputData
137
+ * Raised when the input data for the cipher was incorrect. If you get
138
+ * this exception, please file a bug report.
139
+ */
140
+ e_BadInputData = rb_define_class_under( cCipher, "BadInputData", rb_eStandardError );
141
+
142
+ /* Document-class: PolarSSL::Cipher::Error
143
+ * Raised when the PolarSSL library throws a certain Cipher error code
144
+ */
145
+ e_CipherError = rb_define_class_under( cCipher, "Error", rb_eStandardError) ;
146
+
147
+ rb_define_alloc_func( cCipher, rb_cipher_allocate );
148
+ rb_define_method( cCipher, "initialize", rb_cipher_initialize, 1 );
149
+ rb_define_method( cCipher, "setkey", rb_cipher_setkey, 3 );
150
+ rb_define_method( cCipher, "update", rb_cipher_update, 1 );
151
+ rb_define_method( cCipher, "finish", rb_cipher_finish, 0 );
152
+ rb_define_method( cCipher, "set_iv", rb_cipher_set_iv, 2 );
153
+ rb_define_method( cCipher, "reset", rb_cipher_reset, 0 );
154
+ }
155
+
156
+ VALUE rb_cipher_allocate( VALUE klass )
157
+ {
158
+ rb_cipher_t *rb_cipher;
159
+
160
+ rb_cipher = ALLOC( rb_cipher_t );
161
+ memset( rb_cipher, 0, sizeof( rb_cipher_t ) );
162
+
163
+ rb_cipher->olen = 0;
164
+ rb_cipher->input_length = 0;
165
+
166
+ rb_cipher->ctx = ALLOC( cipher_context_t );
167
+ memset( rb_cipher->ctx, 0, sizeof( cipher_context_t ) );
168
+
169
+ return Data_Wrap_Struct( klass, 0, rb_cipher_free, rb_cipher );
170
+ }
171
+
172
+ /*
173
+ * call-seq: new(cipher_type)
174
+ *
175
+ * Initializes a new Cipher object to encrypt data with.
176
+ *
177
+ * cipher = PolarSSL::Cipher.new('AES-128-CTR')
178
+ *
179
+ * For supported cipher types,
180
+ * see: https://github.com/michiels/polarssl-ruby/wiki/Using-PolarSSL::Cipher
181
+ *
182
+ */
183
+ VALUE rb_cipher_initialize( VALUE self, VALUE cipher_type )
184
+ {
185
+ rb_cipher_t *rb_cipher;
186
+ char *cipher_type_str;
187
+ const cipher_info_t *cipher_info;
188
+ int ret;
189
+
190
+ Check_Type( cipher_type, T_STRING );
191
+
192
+ cipher_type_str = StringValueCStr( cipher_type );
193
+
194
+ Data_Get_Struct( self, rb_cipher_t, rb_cipher );
195
+
196
+ cipher_info = cipher_info_from_string( cipher_type_str );
197
+
198
+ if (cipher_info == NULL)
199
+ {
200
+ rb_raise(e_UnsupportedCipher, "%s is not a supported cipher", cipher_type_str );
201
+ }
202
+ else
203
+ {
204
+ ret = cipher_init_ctx( rb_cipher->ctx, cipher_info );
205
+ if ( ret < 0 )
206
+ rb_raise( e_CipherError, "PolarSSL error: -0x%x", -ret );
207
+ }
208
+
209
+ return self;
210
+ }
211
+
212
+ /*
213
+ * call-seq: set_iv(iv_val, iv_len_val)
214
+ *
215
+ * Sets the initialization vector for the cipher. An initialization
216
+ * vector is used to "randomize" the output ciphertext so attackers cannot
217
+ * guess your data based on a partially decrypted data.
218
+ *
219
+ * cipher.set_iv("16byteiv12345678", 16)
220
+ *
221
+ * One option to generate a random initialization vector is by using
222
+ * SecureRandom.random_bytes. Store this initialization vector with the
223
+ * ciphertext and you'll easily able to decrypt the ciphertext.
224
+ *
225
+ */
226
+ VALUE rb_cipher_set_iv( VALUE self, VALUE iv_val, VALUE iv_len_val )
227
+ {
228
+ int ret = 0;
229
+ rb_cipher_t *rb_cipher;
230
+ unsigned char *iv;
231
+ size_t iv_len;
232
+
233
+ Data_Get_Struct( self, rb_cipher_t, rb_cipher );
234
+ Check_Type( iv_val, T_STRING );
235
+ iv = (unsigned char *) StringValuePtr( iv_val );
236
+ Check_Type( iv_len_val, T_FIXNUM );
237
+ iv_len = FIX2INT( iv_len_val );
238
+
239
+ if ( ( ret = cipher_set_iv( rb_cipher->ctx, iv, iv_len ) ) != 0 )
240
+ rb_raise( e_CipherError, "Failed to set IV. PolarSSL error: -0x%x", -ret );
241
+
242
+ return Qtrue;
243
+ }
244
+
245
+ /*
246
+ * call-seq: reset
247
+ *
248
+ * Reset the cipher context and buffers.
249
+ *
250
+ * cipher.reset()
251
+ *
252
+ */
253
+ VALUE rb_cipher_reset( VALUE self )
254
+ {
255
+ int ret;
256
+ rb_cipher_t *rb_cipher;
257
+
258
+ Data_Get_Struct( self, rb_cipher_t, rb_cipher );
259
+
260
+ if ( ( ret = cipher_reset( rb_cipher->ctx ) ) != 0 )
261
+ rb_raise( e_CipherError, "Failed to reset cipher. PolarSSL error: -0x%x", -ret );
262
+
263
+ return Qtrue;
264
+ }
265
+
266
+ /*
267
+ * call-seq: setkey(key, key_length, operation)
268
+ *
269
+ * Sets the key to be used for encrypting/decrypting this cipher. The key, key_length and operation
270
+ * depend on which cipher you are using. For example, when using AES-128-CTR you would use something like:
271
+ *
272
+ * cipher.setkey('my16bytekey12345', 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
273
+ *
274
+ * for both encryping and decrypting your cipher.
275
+ *
276
+ */
277
+ VALUE rb_cipher_setkey( VALUE self, VALUE key, VALUE key_length, VALUE operation )
278
+ {
279
+ rb_cipher_t *rb_cipher;
280
+ int ret;
281
+
282
+ Check_Type( key, T_STRING );
283
+ Check_Type( key_length, T_FIXNUM );
284
+ Check_Type( operation, T_FIXNUM );
285
+
286
+ Data_Get_Struct( self, rb_cipher_t, rb_cipher );
287
+
288
+ ret = cipher_setkey( rb_cipher->ctx, (const unsigned char *) StringValueCStr( key ), FIX2INT( key_length ), NUM2INT( operation ) );
289
+
290
+ if ( ret < 0 )
291
+ rb_raise( e_CipherError, "PolarSSL error: -0x%x", -ret );
292
+
293
+ return Qtrue;
294
+ }
295
+
296
+ /*
297
+ * call-seq: update(input)
298
+ *
299
+ * Adds input to your cipher.
300
+ *
301
+ * cipher.update("Some message I want to encrypt")
302
+ *
303
+ */
304
+ VALUE rb_cipher_update( VALUE self, VALUE rb_input )
305
+ {
306
+ rb_cipher_t *rb_cipher;
307
+ char *input;
308
+ int ret;
309
+
310
+ Check_Type( rb_input, T_STRING );
311
+
312
+ Data_Get_Struct( self, rb_cipher_t, rb_cipher );
313
+
314
+ StringValue( rb_input );
315
+ input = StringValuePtr( rb_input );
316
+
317
+ rb_cipher->input_length += RSTRING_LEN( rb_input );
318
+
319
+ /* Increases the output buffer so it results into the total input length so far. */
320
+ REALLOC_N(rb_cipher->output, unsigned char, rb_cipher->input_length);
321
+
322
+ ret = cipher_update( rb_cipher->ctx, (const unsigned char *) input, RSTRING_LEN( rb_input ), rb_cipher->output, &rb_cipher->olen );
323
+
324
+ if (ret < 0)
325
+ rb_raise( e_CipherError, "PolarSSL error: -0x%x", -ret );
326
+
327
+ return Qtrue;
328
+ }
329
+
330
+ /*
331
+ * call-seq: finish()
332
+ *
333
+ * Finishes encrypting the data added by one or multiple update() calls and returns the encrypted data.
334
+ *
335
+ * encrypted_ciphertext = cipher.finish()
336
+ *
337
+ */
338
+ VALUE rb_cipher_finish( VALUE self )
339
+ {
340
+ rb_cipher_t *rb_cipher;
341
+ int ret;
342
+
343
+ Data_Get_Struct( self, rb_cipher_t, rb_cipher );
344
+
345
+ ret = cipher_finish( rb_cipher->ctx, rb_cipher->output, &rb_cipher->olen );
346
+
347
+ if (ret < 0)
348
+ rb_raise( e_CipherError, "PolarSSL error: -0x%x", -ret );
349
+
350
+ return rb_str_new( (const char *) rb_cipher->output, rb_cipher->input_length );
351
+ }
352
+
353
+ void rb_cipher_free( rb_cipher_t *rb_cipher )
354
+ {
355
+
356
+ if ( rb_cipher->ctx )
357
+ cipher_free_ctx(rb_cipher->ctx );
358
+
359
+ xfree( rb_cipher );
360
+ }
@@ -0,0 +1 @@
1
+ void Init_cipher();
@@ -0,0 +1,80 @@
1
+ /*
2
+ * Wrapping code for the PolarSSL::CtrDrbg class.
3
+ *
4
+ * Copyright (C) 2013 Michiel Sikkes
5
+ *
6
+ * This file is part of polarssl-ruby (http://github.com/michiels/polarssl-ruby)
7
+ *
8
+ * All rights reserved.
9
+ *
10
+ * This program is free software: you can redistribute it and/or modify
11
+ * it under the terms of the GNU Lesser General Public License as published by
12
+ * the Free Software Foundation, either version 3 of the License, or
13
+ * (at your option) any later version.
14
+ *
15
+ * This program is distributed in the hope that it will be useful,
16
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
17
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18
+ * GNU Lesser General Public License for more details.
19
+ *
20
+ * You should have received a copy of the GNU Lesser General Public License
21
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
22
+ */
23
+
24
+ #include "polarssl.h"
25
+ #include "polarssl/ctr_drbg.h"
26
+ #include "polarssl/entropy.h"
27
+
28
+ static VALUE e_EntropySourceFailed;
29
+
30
+ static VALUE R_ctr_drbg_allocate();
31
+ static VALUE R_ctr_drbg_initialize();
32
+ static VALUE R_ctr_drbg_self_test();
33
+
34
+ void Init_ctr_drbg()
35
+ {
36
+ VALUE cCtrDrbg = rb_define_class_under( rb_mPolarSSL, "CtrDrbg", rb_cObject );
37
+
38
+ rb_define_singleton_method( cCtrDrbg, "self_test", R_ctr_drbg_self_test, 0 );
39
+
40
+ rb_define_alloc_func( cCtrDrbg, R_ctr_drbg_allocate );
41
+ rb_define_method( cCtrDrbg, "initialize", R_ctr_drbg_initialize, 1 );
42
+ }
43
+
44
+ static VALUE R_ctr_drbg_allocate( VALUE klass )
45
+ {
46
+ ctr_drbg_context *ctr_drbg;
47
+
48
+ return Data_Make_Struct( klass, ctr_drbg_context, 0, -1, ctr_drbg );
49
+ }
50
+
51
+ static VALUE R_ctr_drbg_initialize( VALUE self, VALUE entropy )
52
+ {
53
+ entropy_context *entropy_p;
54
+ ctr_drbg_context *ctr_drbg;
55
+ int ret;
56
+
57
+ Data_Get_Struct( self, ctr_drbg_context, ctr_drbg );
58
+ Data_Get_Struct( entropy, entropy_context, entropy_p );
59
+
60
+ ret = ctr_drbg_init( ctr_drbg, entropy_func, entropy_p, NULL, 0 );
61
+
62
+ if( ret == POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED )
63
+ rb_raise( e_EntropySourceFailed, "Could not initialize entropy source" );
64
+
65
+ return self;
66
+ }
67
+
68
+ static VALUE R_ctr_drbg_self_test( VALUE klass )
69
+ {
70
+ VALUE ret;
71
+
72
+ if ( ctr_drbg_self_test( 1 ) == 0 )
73
+ {
74
+ ret = Qtrue;
75
+ } else {
76
+ ret = Qfalse;
77
+ }
78
+
79
+ return ret;
80
+ }