RubyGems - openssl-cmac - Versions diffs - 1.0.0 → 2.0.2 - Mend

openssl-cmac 1.0.0 → 2.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 16491a689fe7f5d899159d3762cd7618f3150bc2a1ecede264731ef308a5d876
+  data.tar.gz: b4df90a8d51cdba9649101217df4978181a93ea680ac67c3b6cd0b15939e55e7
+SHA512:
+  metadata.gz: 0b26a6dd073ebdef048598ccec4a44ab0fe7510a785a5dc656cc28760dfa596b7f7e358abd3d1940709687dc1e4ad730348198a0bd9174df166636055715b2fc
+  data.tar.gz: 82292fbd9b159ca48b8062093c8a6c093960b52813717729a38648f880ad84c2b9843e91b5d42782e91ee51a38dd05288ea76b3bdbe4e8b4552667144a540d5b

data/.rubocop.yml ADDED Viewed

@@ -0,0 +1,12 @@
+ClassLength:
+  Max: 256
+MethodLength:
+  Max: 32
+CyclomaticComplexity:
+  Max: 8
+Documentation:
+  Enabled: false

data/.yardopts ADDED Viewed

@@ -0,0 +1,4 @@
+--no-private
+--protected
+lib/**/**/*.rb -
+LICENSE

data/Gemfile ADDED Viewed

@@ -0,0 +1,8 @@
+source 'https://rubygems.org'
+gem 'rake', '>=12.3.2'
+gem 'rdoc', '>=4.3.0'
+gem 'yard', '>=0.9.16'
+gem 'rubocop', '>=0.50.0'
+gem 'test-unit', '>=3.2.9'
+gem 'coveralls', '>=0.8.22'

data/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+Copyright (c) 2014, Maxim Chechel, Lars Schmertmann  <SmallLars@t-online.de>
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md ADDED Viewed

@@ -0,0 +1,43 @@
+[![Gem Version](https://badge.fury.io/rb/openssl-cmac.png)](http://badge.fury.io/rb/openssl-cmac)
+[![Dependency Status](https://gemnasium.com/SmallLars/openssl-cmac.png)](https://gemnasium.com/SmallLars/openssl-cmac)
+[![Build Status](https://travis-ci.org/SmallLars/openssl-cmac.png?branch=master)](https://travis-ci.org/SmallLars/openssl-cmac)
+[![Coverage Status](https://coveralls.io/repos/SmallLars/openssl-cmac/badge.png?branch=master)](https://coveralls.io/r/SmallLars/openssl-cmac)
+[![Code Climate](https://codeclimate.com/github/SmallLars/openssl-cmac.png)](https://codeclimate.com/github/SmallLars/openssl-cmac)
+[![Inline docs](http://inch-ci.org/github/smalllars/openssl-cmac.png)](http://inch-ci.org/github/smalllars/openssl-cmac)
+# openssl-cmac
+Ruby Gem for
+* [RFC 4493 - The AES-CMAC Algorithm](http://tools.ietf.org/html/rfc4493)
+* [RFC 4494 - The AES-CMAC-96 Algorithm and Its Use with IPsec](http://tools.ietf.org/html/rfc4494)
+* [RFC 4615 - The Advanced Encryption Standard-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for the Internet Key Exchange Protocol (IKE)](http://tools.ietf.org/html/rfc4615)
+## Installation
+Add this line to your application's Gemfile:
+    gem 'openssl-cmac'
+And then execute:
+    $ bundle
+Or install it yourself as:
+    $ gem install openssl-cmac
+## Usage
+Example 1:
+    require 'openssl/cmac'
+    mac = OpenSSL::CMAC.digest('AES', 'message', 'key')
+Example 2:
+    require 'openssl/cmac'
+    cmac = OpenSSL::CMAC.new('AES', 'key')
+    cmac.update('message chunk 1')
+    ...
+    cmac.update('message chunk n')
+    mac = cmac.digest

data/Rakefile ADDED Viewed

@@ -0,0 +1,31 @@
+require './lib/openssl/cmac/version'
+require "bundler/gem_tasks"
+require 'rake/testtask'
+task :default => :build
+desc "Run tests"
+Rake::TestTask.new do |t|
+  t.libs << 'test'
+end
+desc "Create documentation"
+task :doc do
+  sh "gem rdoc --rdoc openssl-cmac"
+  sh "yardoc"
+end
+desc "Uninstall and clean documentation"
+task :clean do
+  sh "gem uninstall openssl-cmac"
+  begin; sh "rm -R ./coverage"; rescue; end
+  begin; sh "rm -R ./.yardoc";  rescue; end
+  begin; sh "rm -R ./doc";      rescue; end
+end
+desc "Development Dependencies"
+task (:devinst) { sh "gem install --dev ./pkg/openssl-cmac-#{OpenSSL::CMAC::VERSION}.gem" }
+desc "Bundle install"
+task (:bundle) { sh "bundle install" }

data/lib/openssl/cmac/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module OpenSSL
+  class CMAC
+    VERSION = '2.0.2'
+  end
+end

data/lib/openssl/cmac.rb ADDED Viewed

@@ -0,0 +1,171 @@
+require 'openssl'
+module OpenSSL
+  # CMACError used for wrong parameter resonse.
+  class CMACError < StandardError
+  end
+  # Abstract from http://tools.ietf.org/html/rfc4493:
+  #
+  # The National Institute of Standards and Technology (NIST) has
+  # recently specified the Cipher-based Message Authentication Code
+  # (CMAC), which is equivalent to the One-Key CBC MAC1 (OMAC1) submitted
+  # by Iwata and Kurosawa.  This memo specifies an authentication
+  # algorithm based on CMAC with the 128-bit Advanced Encryption Standard
+  # (AES).  This new authentication algorithm is named AES-CMAC.  The
+  # purpose of this document is to make the AES-CMAC algorithm
+  # conveniently available to the Internet Community.
+  #
+  # http://tools.ietf.org/html/rfc4494
+  # reduces the length of the result from 16 to 12 Byte.
+  #
+  # http://tools.ietf.org/html/rfc4615
+  # allows to use variable key sizes.
+  class CMAC
+    # Searches for supported algorithms within OpenSSL
+    #
+    # @return [[String]] supported algorithms
+    def self.ciphers
+      @ciphers ||= OpenSSL::Cipher.ciphers.select { |c| c.match(/-128-CBC$/i) }.map { |e| e[0..-9].upcase }.uniq
+    end
+    # Returns the authentication code as a binary string. The cipher parameter
+    # must be an entry of OpenSSL::CMAC.ciphers.
+    #
+    # @param cipher [String] entry of OpenSSL::CMAC.ciphers
+    # @param key [String] binary key string
+    # @param data [String] binary data string
+    # @param length [Number] length of the authentication code
+    #
+    # @return [String] authentication code
+    def self.digest(cipher, key, data, length = 16)
+      CMAC.new(cipher, key).update(data).digest(length)
+    end
+    public
+    # Returns an instance of OpenSSL::CMAC set with the cipher algorithm and
+    # key to be used. The instance represents the initial state of the message
+    # authentication code before any data has been processed. To process data
+    # with it, use the instance method update with your data as an argument.
+    #
+    # @param cipher [String] entry of OpenSSL::CMAC.ciphers
+    # @param key [String] binary key string
+    #
+    # @return [Object] the new CMAC object
+    def initialize(cipher, key = '')
+      unless CMAC.ciphers.include?(cipher.upcase)
+        fail CMACError, "unsupported cipher algorithm (#{cipher})"
+      end
+      @keys = []
+      @buffer = ''.force_encoding('ASCII-8BIT')
+      @cipher = OpenSSL::Cipher.new("#{cipher.upcase}-128-CBC")
+      self.key = key unless key == ''
+    end
+    # Returns self as it was when it was first initialized with new key,
+    # with all processed data cleared from it.
+    #
+    # @param key [String] binary key string
+    #
+    # @return [Object] self with initial state and new key
+    def key=(key)
+      reset
+      key = CMAC.digest('AES', "\x00" * 16, key, 16) unless key.b.length == 16
+      @keys[0] = key.dup
+      @cipher.key = @keys[0]
+      cipher = OpenSSL::Cipher.new(@cipher.name)
+      cipher.encrypt
+      cipher.key = @keys[0]
+      k = (cipher.update("\x00" * 16) + cipher.final).bytes[0...16]
+      1.upto(2) do |i|
+        k = k.pack('C*').unpack('B*')[0]
+        msb = k.slice!(0)
+        k = [k, '0'].pack('B*').bytes
+        k[15] ^= 0x87 if msb == '1'
+        @keys[i] = k.dup
+      end
+      self
+    end
+    # Alias for: update
+    def <<(data)
+      update(data)
+    end
+    # Returns the block length of the used cipher algorithm.
+    #
+    # @return [Number] length of the used cipher algorithm
+    def block_length
+      16
+    end
+    # Returns the maximum length of the resulting digest.
+    #
+    # @return [Number] maximum length of the resulting digest
+    def digest_max_length
+      16
+    end
+    # Returns the name of the used authentication code algorithm.
+    #
+    # @return [String] name of the used authentication code algorithm
+    def name
+      "CMAC with #{@cipher.name[0..-9]}"
+    end
+    # Returns self as it was when it was first initialized,
+    # with all processed data cleared from it.
+    #
+    # @return [Object] self with initial state
+    def reset
+      @keys.clear
+      @buffer.clear
+      @cipher.reset unless @keys[0].nil?
+      @cipher.iv = "\x00" * 16
+      @cipher.encrypt
+      self
+    end
+    # Returns self updated with the message to be authenticated.
+    # Can be called repeatedly with chunks of the message.
+    #
+    # @param data [String] binary data string
+    #
+    # @return [Object] self with new state
+    def update(data)
+      fail CMACError, 'no key is set' if @keys[0].nil?
+      @buffer += data
+      @cipher.update(@buffer.slice!(0...16)) while @buffer.length > 16
+      self
+    end
+    # Returns the authentication code an instance represents as a binary string.
+    #
+    # @param length [Number] length of the authentication code
+    def digest(length = 16)
+      fail CMACError, 'no key is set' if @keys[0].nil?
+      fail CMACError, 'no key is set' unless length.between?(1, 16)
+      block = @buffer.bytes
+      @buffer.clear
+      k = @keys[block.length == 16 ? 1 : 2].dup
+      i = block.length.times { |t| k[t] ^= block[t] }
+      k[i] ^= 0x80 if i < 16
+      mac = @cipher.update(k.pack('C*')) + @cipher.final
+      @cipher.reset
+      @cipher.encrypt
+      @cipher.key = @keys[0]
+      @cipher.iv = "\x00" * 16
+      # Each block is 16-bytes and the last block will always be PKCS#7 padding
+      # which we want to discard.  Take the last block prior to the padding for
+      # the MAC.
+      mac[-32...(-32 + length)]
+    end
+  end
+end

data/test/test_cmac.rb ADDED Viewed

@@ -0,0 +1,167 @@
+require 'coveralls'
+Coveralls.wear!
+require 'test/unit'
+require 'openssl/cmac'
+# Testclass with Test Vectors from RFC's
+class CMACTest < Test::Unit::TestCase
+  # http://tools.ietf.org/html/rfc4493#section-4
+  KEY = ['2b7e151628aed2a6abf7158809cf4f3c'].pack('H*')
+  DATA = [[''].pack('H*'),
+          ['6bc1bee22e409f96e93d7e117393172a'].pack('H*'),
+          ['6bc1bee22e409f96e93d7e117393172a'\
+           'ae2d8a571e03ac9c9eb76fac45af8e51'\
+           '30c81c46a35ce411'].pack('H*'),
+          ['6bc1bee22e409f96e93d7e117393172a'\
+           'ae2d8a571e03ac9c9eb76fac45af8e51'\
+           '30c81c46a35ce411e5fbc1191a0a52ef'\
+           'f69f2445df4f9b17ad2b417be66c3710'].pack('H*')]
+  MAC = %w(bb1d6929e95937287fa37d129b756746
+           070a16b46b4d4144f79bdd9dd04a287c
+           dfa66747de9ae63030ca32611497c827
+           51f0bebf7e3b9d92fc49741779363cfe)
+  # http://tools.ietf.org/html/rfc4615#section-4
+  PRF_KEYS = [['000102030405060708090a0b0c0d0e0fedcb'].pack('H*'),
+              ['000102030405060708090a0b0c0d0e0f'].pack('H*'),
+              ['00010203040506070809'].pack('H*')]
+  PRF_DATA = ['000102030405060708090a0b0c0d0e0f10111213'].pack('H*')
+  PRF_OUTS = %w(84a348a4a45d235babfffc0d2b4da09a
+                980ae87b5f4c9c5214f5b6a8455e4c2d
+                290d9e112edb09ee141fcf64c0b72f3d)
+  def test_cmac_keys
+    cmac = OpenSSL::CMAC.new('AES')
+    cmac.key = KEY
+    check_keys(cmac)
+    cmac = OpenSSL::CMAC.new('AES', KEY)
+    check_keys(cmac)
+    assert(cmac.instance_variable_get(:@buffer).empty?, 'Wrong buffer')
+    cmac.update(DATA[2])
+    assert(cmac.instance_variable_get(:@buffer).length == 8, 'Wrong buffer')
+    cmac.update(DATA[2])
+    assert(cmac.instance_variable_get(:@buffer).length == 16, 'Wrong buffer')
+    cmac.reset
+    assert(cmac.instance_variable_get(:@keys)[0].nil?, 'Reset fail')
+    assert(cmac.instance_variable_get(:@keys)[1].nil?, 'Reset fail')
+    assert(cmac.instance_variable_get(:@keys)[2].nil?, 'Reset fail')
+    assert_equal('', cmac.instance_variable_get(:@buffer), 'Reset fail')
+    assert_raise(OpenSSL::CMACError) { cmac.update(DATA[2]) }
+    assert_raise(OpenSSL::CMACError) { cmac.digest }
+    cmac.key = KEY
+    check_keys(cmac)
+    m = cmac.update(DATA[2]).digest.unpack('H*')[0]
+    assert_equal(MAC[2], m)
+  end
+  def check_keys(cmac)
+    assert_equal(
+      '2b7e151628aed2a6abf7158809cf4f3c',
+      cmac.instance_variable_get(:@keys)[0].unpack('H*')[0],
+      'Key ERROR'
+    )
+    assert_equal(
+      'fbeed618357133667c85e08f7236a8de',
+      cmac.instance_variable_get(:@keys)[1].pack('C*').unpack('H*')[0],
+      'SubKey 1 ERROR'
+    )
+    assert_equal(
+      'f7ddac306ae266ccf90bc11ee46d513b',
+      cmac.instance_variable_get(:@keys)[2].pack('C*').unpack('H*')[0],
+      'SubKey 2 ERROR'
+    )
+  end
+  def test_cmac_vars
+    cmac = OpenSSL::CMAC.new('AES')
+    assert_equal(16, cmac.block_length)
+    assert_equal(16, cmac.digest_max_length)
+    assert_equal('CMAC with AES', cmac.name)
+  end
+  def test_cmac_update
+    for cipher in ['aes', 'AES']
+      # Test with 1 call of update and new CCM object for each test.
+      DATA.length.times do |i|
+        cmac = OpenSSL::CMAC.new(cipher, KEY)
+        m = cmac.update(DATA[i]).digest.unpack('H*')[0]
+        assert_equal(MAC[i], m, "Test: 1, Vector: #{i + 1}")
+      end
+      # Test with 1 call of update and same CCM object for each test.
+      # There is no reset, because it should be possible to calculate
+      # a new mac after digest without reset.
+      cmac = OpenSSL::CMAC.new(cipher, KEY)
+      DATA.length.times do |i|
+        m = cmac.update(DATA[i]).digest.unpack('H*')[0]
+        assert_equal(MAC[i], m, "Test: 2, Vector: #{i + 1}")
+      end
+      # Test with multiple calls of update and new CCM object for each test
+      1.upto(DATA.length - 1) do |i|
+        1.upto(17) do |c|
+          cmac = OpenSSL::CMAC.new(cipher, KEY)
+          DATA[i].bytes.each_slice(c) { |w| cmac.update(w.pack('C*')) }
+          m = cmac.digest.unpack('H*')[0]
+          assert_equal(MAC[i], m, "Test: 3, Vector: #{i + 1}, Tokenlen: #{c}")
+        end
+      end
+      # Test with multiple calls of update and same CCM object for each test
+      cmac = OpenSSL::CMAC.new(cipher, KEY)
+      1.upto(DATA.length - 1) do |i|
+        1.upto(17) do |c|
+          DATA[i].bytes.each_slice(c) { |w| cmac.update(w.pack('C*')) }
+          m = cmac.digest.unpack('H*')[0]
+          assert_equal(MAC[i], m, "Test: 4, Vector: #{i + 1}, Tokenlen: #{c}")
+        end
+      end
+    end
+    # Test for Operator <<
+    DATA[3].bytes.each_slice(5) { |w| cmac << w.pack('C*') }
+    m = cmac.digest.unpack('H*')[0]
+    assert_equal(MAC[3], m, 'Test: 5, Vector: 4, Tokenlen: 5')
+  end
+  def test_cmac_digest
+    for cipher in ['aes', 'AES']
+      cmac = OpenSSL::CMAC.new(cipher, KEY)
+      m = cmac.update(DATA[3]).digest.unpack('H*')[0]
+      assert_equal(MAC[3], m, 'Digest with no update')
+      cmac.update(DATA[3].b[0...20])
+      m = cmac.update(DATA[3].b[20...64]).digest.unpack('H*')[0]
+      assert_equal(MAC[3], m, 'Digest after update')
+      cmac.update(DATA[3])
+      m = cmac.update('').digest.unpack('H*')[0]
+      assert_equal(MAC[3], m, 'Empty digest')
+      DATA.length.times do |i|
+        m = OpenSSL::CMAC.digest(cipher, KEY, DATA[i]).unpack('H*')[0]
+        assert_equal(MAC[i], m, "Vector: #{i + 1}")
+        m = OpenSSL::CMAC.digest(cipher, KEY, DATA[i], 12).unpack('H*')[0]
+        assert_equal(24, m.length, "Vector: #{i + 1} - length")
+        assert_equal(MAC[i][0...24], m, "Vector: #{i + 1} - 12")
+      end
+    end
+  end
+  def test_cmac_prf
+    cmac = OpenSSL::CMAC.new('AES')
+    3.times do |i|
+      cmac.key = PRF_KEYS[i]
+      m = cmac.update(PRF_DATA).digest.unpack('H*')[0]
+      assert_equal(PRF_OUTS[i], m, "Vector: #{i + 1}")
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,46 +1,179 @@
 --- !ruby/object:Gem::Specification
 name: openssl-cmac
 version: !ruby/object:Gem::Version
-  version: 1.0.0
-  prerelease:
+  version: 2.0.2
 platform: ruby
 authors:
 - Maxim M. Chechel
-autorequire:
+- Lars Schmertmann
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-03-04 00:00:00.000000000 Z
-dependencies: []
-description: http://tools.ietf.org/html/rfc4493
-email: maximchick@gmail.com
+date: 2022-07-29 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 12.3.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 12.3.2
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.3.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.3.0
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.16
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.16
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.50'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.50.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.50'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.50.0
+- !ruby/object:Gem::Dependency
+  name: test-unit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.2.9
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.2.9
+- !ruby/object:Gem::Dependency
+  name: coveralls
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.8'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.8.22
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.8'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.8.22
+description: Ruby Gem for RFC 4493, 4494, 4615 - The AES-CMAC Algorithm
+email:
+- maximchick@gmail.com
+- SmallLars@t-online.de
 executables: []
 extensions: []
-extra_rdoc_files: []
+extra_rdoc_files:
+- README.md
+- LICENSE
 files:
-- lib/openssl_cmac.rb
-homepage: https://github.com/maximchick/openssl-cmac
+- ".rubocop.yml"
+- ".yardopts"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- lib/openssl/cmac.rb
+- lib/openssl/cmac/version.rb
+- test/test_cmac.rb
+homepage: https://github.com/smalllars/openssl-cmac
 licenses:
 - MIT
-post_install_message:
-rdoc_options: []
+metadata: {}
+post_install_message: Thanks for installing!
+rdoc_options:
+- "-x"
+- test/data_*
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 1.8.25
-signing_key:
-specification_version: 3
-summary: AES-CMAC algorithm implementation
-test_files: []
+rubygems_version: 3.3.15
+signing_key:
+specification_version: 4
+summary: RFC 4493, 4494, 4615 - CMAC
+test_files:
+- test/test_cmac.rb

data/lib/openssl_cmac.rb DELETED Viewed

@@ -1,69 +0,0 @@
-# This is an implementation of AES-CMAC Algorithm:
-# http://tools.ietf.org/html/rfc4493
-#
-# OpenSSL version > 1.0.1 already has a native implementation of CMAC
-# but there are no corresponding bindings in Ruby OpenSSL standard library
-require 'openssl'
-module OpenSSL
-  class CMAC
-    CONST_ZERO = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00".force_encoding('ASCII-8BIT')
-    CONST_RB = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x87]
-    # key - base 128 bit AES key
-    def initialize(key)
-      @key = key
-      @k1, @k2 = CMAC.gen_subkeys(@key)
-    end
-    def generate(data)
-      data8 = data.dup.force_encoding('ASCII-8BIT')
-      xor_key = @k1
-      unless data8.size > 0 && 0 == data8.size % 16
-        xor_key = @k2
-        padding = "\x80"
-        padding << "\x00" * (15 - data8.size % 16)
-        data8 << padding
-      end
-      data8[-16, 16].unpack('C*').each_with_index do |e, i|
-        data8[data8.size - 16 + i] = (e ^ xor_key[i]).chr
-      end
-      cipher = Cipher::AES.new(128, :CBC)
-      cipher.encrypt
-      cipher.key = @key
-      cipher.update(data8)[-16, 16]
-    end
-    def verify(data, cmac)
-      generate(data) == cmac
-    end
-    def self.gen_subkeys(key)
-      cipher = Cipher::AES.new(128, :ECB)
-      cipher.encrypt
-      cipher.key = key
-      k1 = (cipher.update(CONST_ZERO)).unpack('C*')
-      xor_flag = k1[0] >= 0x80
-      k2 = Array.new(16)
-      k1.each_with_index {|e, i|
-        lsb = i == 15 ? 0 : (k1[i+1] & 0x80) / 0x80
-        k1[i] = (k1[i] << 1) % 256 | lsb
-        k1[i] ^= CONST_RB[i] if xor_flag
-        lsb = i == 15 ? 0 : (k1[i+1] << 1 & 0x80) / 0x80
-        k2[i] = (k1[i] << 1) % 256 | lsb
-        k2[i] ^= CONST_RB[i] if k1[0] >= 0x80
-      }
-      [k1, k2]
-    end
-  end
-end