polarssl 0.0.3 → 0.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +0 -8
- data/README.md +29 -0
- data/Rakefile +2 -2
- data/ext/polarssl/cipher.c +331 -0
- data/ext/polarssl/cipher.h +1 -0
- data/ext/polarssl/polarssl.c +3 -1
- data/ext/polarssl/ssl.c +0 -1
- data/lib/polarssl/version.rb +1 -1
- data/polarssl.gemspec +1 -1
- data/test/cipher_encryption_test.rb +74 -0
- metadata +6 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3151e14eaa1f68b05092381044fb9300f9ccb927
|
4
|
+
data.tar.gz: a0fa9aa7e512d809ee9b1b6340eca20f3b5721a7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9a9376f1667ad47a5f5797aced7ec84bc597b52d21c90393d644c27fd0879e515556511a510b86ddce3a8ad46291134fb2db13deeea8fb87f72973c1a5d03795
|
7
|
+
data.tar.gz: 957c21527e3ccb2d45b8cf285201e38573a69d93c8bf1eb49b40da24192d577d3dc9cee2fb632944ee821f120689ce3af89a2321f285972770f5057c525e79d9
|
data/.gitignore
CHANGED
data/README.md
CHANGED
@@ -20,6 +20,8 @@ gem install polarssl
|
|
20
20
|
|
21
21
|
## Usage
|
22
22
|
|
23
|
+
### Setting up a SSL connection
|
24
|
+
|
23
25
|
This gem provides a pretty low level interface to the native PolarSSL C library.
|
24
26
|
The core API aims to reflect the PolarSSL library as much as possible. See the
|
25
27
|
[full API documentation](http://michiels.github.io/polarssl-ruby/doc/) for all classes and methods.
|
@@ -55,6 +57,33 @@ socket.close
|
|
55
57
|
ssl.close
|
56
58
|
```
|
57
59
|
|
60
|
+
### Encrypting data
|
61
|
+
|
62
|
+
The `PolarSSL::Cipher` class lets you encrypt data with a wide range of
|
63
|
+
encryption standards like AES, Blowfish and DES.
|
64
|
+
|
65
|
+
This sample encrypts a given plaintext with AES128 in CTR mode:
|
66
|
+
|
67
|
+
```ruby
|
68
|
+
require 'polarssl'
|
69
|
+
require 'base64'
|
70
|
+
|
71
|
+
cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
72
|
+
|
73
|
+
my_iv = SecureRandom.random_bytes(16)
|
74
|
+
|
75
|
+
cipher.reset(my_iv)
|
76
|
+
cipher.setkey("my16bytekey23456", 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
77
|
+
cipher.update("some secret message I want to keep")
|
78
|
+
encrypted_data = cipher.finish
|
79
|
+
|
80
|
+
encoded_encrypted_data = Base64.encode64(encrypted_data)
|
81
|
+
encoded_iv = Base64.encode64(my_iv)
|
82
|
+
```
|
83
|
+
|
84
|
+
See the documentation for the `Cipher` class in the [API documentation](http://michiels.github.io/polarssl-ruby/doc)
|
85
|
+
for all the available options.
|
86
|
+
|
58
87
|
## Contributing
|
59
88
|
|
60
89
|
Install PolarSSL from source via https://polarssl.org/download or install it using your operating system. For example:
|
data/Rakefile
CHANGED
@@ -8,7 +8,7 @@ DLEXT = RbConfig::CONFIG['DLEXT']
|
|
8
8
|
|
9
9
|
CLEAN.include("ext/**/*{.o,.log,.#{DLEXT}}")
|
10
10
|
CLEAN.include("ext/**/Makefile")
|
11
|
-
CLEAN.include("doc
|
11
|
+
CLEAN.include("doc")
|
12
12
|
CLOBBER.include("lib/**/*.#{DLEXT}")
|
13
13
|
|
14
14
|
Rake::TestTask.new do |t|
|
@@ -18,7 +18,7 @@ end
|
|
18
18
|
|
19
19
|
task test: :compile
|
20
20
|
|
21
|
-
RDOC_FILES = FileList["RDOC_MAIN.rdoc", "ext/polarssl
|
21
|
+
RDOC_FILES = FileList["RDOC_MAIN.rdoc", "lib/**/*.rb", "ext/polarssl/polarssl.c", "ext/polarssl/*.c"]
|
22
22
|
|
23
23
|
RDoc::Task.new do |rd|
|
24
24
|
rd.rdoc_dir = "doc"
|
@@ -0,0 +1,331 @@
|
|
1
|
+
/*
|
2
|
+
* Wrapping code for the PolarSSL::Cipher class.
|
3
|
+
*
|
4
|
+
* Copyright (C) 2013 Michiel Sikkes
|
5
|
+
*
|
6
|
+
* This file is part of polarssl-ruby (http://github.com/michiels/polarssl-ruby)
|
7
|
+
*
|
8
|
+
* All rights reserved.
|
9
|
+
*
|
10
|
+
* This program is free software: you can redistribute it and/or modify
|
11
|
+
* it under the terms of the GNU Lesser General Public License as published by
|
12
|
+
* the Free Software Foundation, either version 3 of the License, or
|
13
|
+
* (at your option) any later version.
|
14
|
+
*
|
15
|
+
* This program is distributed in the hope that it will be useful,
|
16
|
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
17
|
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
18
|
+
* GNU Lesser General Public License for more details.
|
19
|
+
*
|
20
|
+
* You should have received a copy of the GNU Lesser General Public License
|
21
|
+
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
22
|
+
*/
|
23
|
+
|
24
|
+
#include "polarssl.h"
|
25
|
+
#include "polarssl/cipher.h"
|
26
|
+
#include "ruby.h"
|
27
|
+
|
28
|
+
VALUE rb_cipher_allocate();
|
29
|
+
VALUE rb_cipher_initialize();
|
30
|
+
VALUE rb_cipher_setkey();
|
31
|
+
VALUE rb_cipher_update();
|
32
|
+
VALUE rb_cipher_finish();
|
33
|
+
VALUE rb_cipher_reset();
|
34
|
+
void rb_cipher_free();
|
35
|
+
|
36
|
+
VALUE e_UnsupportedCipher;
|
37
|
+
VALUE e_BadInputData;
|
38
|
+
VALUE e_CipherError;
|
39
|
+
|
40
|
+
typedef struct
|
41
|
+
{
|
42
|
+
cipher_context_t *ctx;
|
43
|
+
unsigned char *output;
|
44
|
+
size_t olen;
|
45
|
+
size_t input_length;
|
46
|
+
} rb_cipher_t;
|
47
|
+
|
48
|
+
void Init_cipher(void)
|
49
|
+
{
|
50
|
+
/** Document-class: PolarSSL::Cipher
|
51
|
+
*
|
52
|
+
* This class lets you encrypt and decrypt data.
|
53
|
+
*
|
54
|
+
* == Example
|
55
|
+
*
|
56
|
+
* require 'polarssl'
|
57
|
+
* require 'base64'
|
58
|
+
*
|
59
|
+
* my_iv = SecureRandom.random_bytes(16)
|
60
|
+
*
|
61
|
+
* cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
62
|
+
* cipher.reset(my_iv)
|
63
|
+
* cipher.setkey("mykey", 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
64
|
+
* cipher.update("secret stuff I want encrypted")
|
65
|
+
* encrypted_data = cipher.finish()
|
66
|
+
*
|
67
|
+
* encoded_encrypted_data = Base64.encode64(encrypted_data)
|
68
|
+
* encoded_iv = Base64.encode64(my_iv)
|
69
|
+
*
|
70
|
+
* puts encoded_encrypted_data
|
71
|
+
* puts encoded_iv
|
72
|
+
*
|
73
|
+
* == When you get an exception
|
74
|
+
*
|
75
|
+
* When using the Cipher class, you might get an exception. Some
|
76
|
+
* exeptions return a PolarSSL error code, like PolarSSL::Cipher::Error.
|
77
|
+
*
|
78
|
+
* These error codes are directly passed on from the PolarSSL library
|
79
|
+
* and you can look up what they mean in the PolarSSL API documentation
|
80
|
+
* at: https://polarssl.org/api/.
|
81
|
+
*
|
82
|
+
* == Supported Cipher types:
|
83
|
+
*
|
84
|
+
* CAMELLIA-128-CBC
|
85
|
+
* CAMELLIA-192-CBC
|
86
|
+
* CAMELLIA-256-CBC
|
87
|
+
*
|
88
|
+
* CAMELLIA-128-CFB128
|
89
|
+
* CAMELLIA-192-CFB128
|
90
|
+
* CAMELLIA-256-CFB128
|
91
|
+
*
|
92
|
+
* CAMELLIA-128-CTR
|
93
|
+
* CAMELLIA-192-CTR
|
94
|
+
* CAMELLIA-256-CTR
|
95
|
+
*
|
96
|
+
* AES-128-CBC
|
97
|
+
* AES-192-CBC
|
98
|
+
* AES-256-CBC
|
99
|
+
*
|
100
|
+
* AES-128-CFB128
|
101
|
+
* AES-192-CFB128
|
102
|
+
* AES-256-CFB128
|
103
|
+
*
|
104
|
+
* AES-128-CTR
|
105
|
+
* AES-192-CTR
|
106
|
+
* AES-256-CTR
|
107
|
+
*
|
108
|
+
* DES-CBC
|
109
|
+
* DES-EDE-CBC
|
110
|
+
* DES-EDE3-CBC
|
111
|
+
*
|
112
|
+
* BLOWFISH-CBC
|
113
|
+
* BLOWFISH-CFB64
|
114
|
+
* BLOWFISH-CTR
|
115
|
+
*
|
116
|
+
* NULL
|
117
|
+
*
|
118
|
+
*/
|
119
|
+
VALUE cCipher = rb_define_class_under( rb_mPolarSSL, "Cipher", rb_path2class("Object") );
|
120
|
+
|
121
|
+
/* 1: Use cipher for encryption */
|
122
|
+
rb_define_const( cCipher, "OPERATION_ENCRYPT", INT2NUM(POLARSSL_ENCRYPT) );
|
123
|
+
|
124
|
+
/* 0: Use cipher for decryption */
|
125
|
+
rb_define_const( cCipher, "OPERATION_DECRYPT", INT2NUM(POLARSSL_DECRYPT) );
|
126
|
+
|
127
|
+
/* -1: Don't use cipher for anything */
|
128
|
+
rb_define_const( cCipher, "OPERATION_NONE", INT2NUM(POLARSSL_OPERATION_NONE) );
|
129
|
+
|
130
|
+
/* Document-class: PolarSSL::Cipher::UnsupportedCipher
|
131
|
+
* Raised when you do not pass a supported cipher type to PolarSSL::Cipher.new()
|
132
|
+
*/
|
133
|
+
e_UnsupportedCipher = rb_define_class_under( cCipher, "UnsupportedCipher", rb_eStandardError );
|
134
|
+
|
135
|
+
/* Document-class: PolarSSL::Cipher::BadInputData
|
136
|
+
* Raised when the input data for the cipher was incorrect. If you get
|
137
|
+
* this exception, please file a bug report.
|
138
|
+
*/
|
139
|
+
e_BadInputData = rb_define_class_under( cCipher, "BadInputData", rb_eStandardError );
|
140
|
+
|
141
|
+
/* Document-class: PolarSSL::Cipher::Error
|
142
|
+
* Raised when the PolarSSL library throws a certain Cipher error code
|
143
|
+
*/
|
144
|
+
e_CipherError = rb_define_class_under( cCipher, "Error", rb_eStandardError) ;
|
145
|
+
|
146
|
+
rb_define_alloc_func( cCipher, rb_cipher_allocate );
|
147
|
+
rb_define_method( cCipher, "initialize", rb_cipher_initialize, 1 );
|
148
|
+
rb_define_method( cCipher, "setkey", rb_cipher_setkey, 3 );
|
149
|
+
rb_define_method( cCipher, "update", rb_cipher_update, 1 );
|
150
|
+
rb_define_method( cCipher, "finish", rb_cipher_finish, 0 );
|
151
|
+
rb_define_method( cCipher, "reset", rb_cipher_reset, 1 );
|
152
|
+
}
|
153
|
+
|
154
|
+
VALUE rb_cipher_allocate( VALUE klass )
|
155
|
+
{
|
156
|
+
rb_cipher_t *rb_cipher;
|
157
|
+
|
158
|
+
rb_cipher = ALLOC( rb_cipher_t );
|
159
|
+
memset( rb_cipher, 0, sizeof( rb_cipher_t ) );
|
160
|
+
|
161
|
+
rb_cipher->olen = 0;
|
162
|
+
rb_cipher->input_length = 0;
|
163
|
+
|
164
|
+
rb_cipher->ctx = ALLOC( cipher_context_t );
|
165
|
+
memset( rb_cipher->ctx, 0, sizeof( cipher_context_t ) );
|
166
|
+
|
167
|
+
return Data_Wrap_Struct( klass, 0, rb_cipher_free, rb_cipher );
|
168
|
+
}
|
169
|
+
|
170
|
+
/*
|
171
|
+
* call-seq: new(cipher_type)
|
172
|
+
*
|
173
|
+
* Initializes a new Cipher object to encrypt data with. For supported cipher types,
|
174
|
+
* see: https://github.com/michiels/polarssl-ruby/wiki/Using-PolarSSL::Cipher
|
175
|
+
*
|
176
|
+
*/
|
177
|
+
VALUE rb_cipher_initialize( VALUE self, VALUE cipher_type )
|
178
|
+
{
|
179
|
+
rb_cipher_t *rb_cipher;
|
180
|
+
char *cipher_type_str;
|
181
|
+
const cipher_info_t *cipher_info;
|
182
|
+
int ret;
|
183
|
+
|
184
|
+
Check_Type( cipher_type, T_STRING );
|
185
|
+
|
186
|
+
cipher_type_str = StringValueCStr( cipher_type );
|
187
|
+
|
188
|
+
Data_Get_Struct( self, rb_cipher_t, rb_cipher );
|
189
|
+
|
190
|
+
cipher_info = cipher_info_from_string( cipher_type_str );
|
191
|
+
|
192
|
+
if (cipher_info == NULL)
|
193
|
+
{
|
194
|
+
rb_raise(e_UnsupportedCipher, "%s is not a supported cipher", cipher_type_str );
|
195
|
+
}
|
196
|
+
else
|
197
|
+
{
|
198
|
+
ret = cipher_init_ctx( rb_cipher->ctx, cipher_info );
|
199
|
+
if ( ret < 0 )
|
200
|
+
rb_raise( e_CipherError, "PolarSSL error: -0x%x", -ret );
|
201
|
+
}
|
202
|
+
|
203
|
+
return self;
|
204
|
+
}
|
205
|
+
|
206
|
+
/*
|
207
|
+
* call-seq: reset(initialization_vector)
|
208
|
+
*
|
209
|
+
* Sets or resets the initialization vector for the cipher. An initialization
|
210
|
+
* vector is used to "randomize" the output ciphertext so attackers cannot
|
211
|
+
* guess your data based on a partially decrypted data.
|
212
|
+
*
|
213
|
+
* This method needs to be called before you run the first #update.
|
214
|
+
*
|
215
|
+
* One option to generate a random initialization vector is by using
|
216
|
+
* SecureRandom.random_bytes. Store this initialization vector with the
|
217
|
+
* ciphertext and you'll easily able to decrypt the ciphertext.
|
218
|
+
*
|
219
|
+
*/
|
220
|
+
VALUE rb_cipher_reset( VALUE self, VALUE initialization_vector )
|
221
|
+
{
|
222
|
+
rb_cipher_t *rb_cipher;
|
223
|
+
unsigned char *iv;
|
224
|
+
int ret;
|
225
|
+
|
226
|
+
Check_Type( initialization_vector, T_STRING );
|
227
|
+
|
228
|
+
iv = (unsigned char *) StringValueCStr( initialization_vector );
|
229
|
+
|
230
|
+
Data_Get_Struct( self, rb_cipher_t, rb_cipher );
|
231
|
+
|
232
|
+
ret = cipher_reset( rb_cipher->ctx, iv );
|
233
|
+
|
234
|
+
if ( ret < 0 )
|
235
|
+
rb_raise( e_BadInputData, "Either the cipher type, key or initialization vector was not set." );
|
236
|
+
|
237
|
+
return Qtrue;
|
238
|
+
}
|
239
|
+
|
240
|
+
/*
|
241
|
+
* call-seq: setkey(key, key_length, operation)
|
242
|
+
*
|
243
|
+
* Sets the key to be used for encrypting/decrypting this cipher. The key, key_length and operation
|
244
|
+
* depend on which cipher you are using. For example, when using AES-128-CTR you would use something like:
|
245
|
+
*
|
246
|
+
* cipher = PolarSSL::Cipher.new('AES-128-CTR')
|
247
|
+
* cipher.setkey('mykey', 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
248
|
+
*
|
249
|
+
* for both encryping and decrypting your cipher.
|
250
|
+
*
|
251
|
+
*/
|
252
|
+
VALUE rb_cipher_setkey( VALUE self, VALUE key, VALUE key_length, VALUE operation )
|
253
|
+
{
|
254
|
+
rb_cipher_t *rb_cipher;
|
255
|
+
int ret;
|
256
|
+
|
257
|
+
Check_Type( key, T_STRING );
|
258
|
+
Check_Type( key_length, T_FIXNUM );
|
259
|
+
Check_Type( operation, T_FIXNUM );
|
260
|
+
|
261
|
+
Data_Get_Struct( self, rb_cipher_t, rb_cipher );
|
262
|
+
|
263
|
+
ret = cipher_setkey( rb_cipher->ctx, (const unsigned char *) StringValueCStr( key ), FIX2INT( key_length ), NUM2INT( operation ) );
|
264
|
+
|
265
|
+
if ( ret < 0 )
|
266
|
+
rb_raise( e_CipherError, "PolarSSL error: -0x%x", -ret );
|
267
|
+
|
268
|
+
return Qtrue;
|
269
|
+
}
|
270
|
+
|
271
|
+
/*
|
272
|
+
* call-seq: update(input)
|
273
|
+
*
|
274
|
+
* Adds input to your cipher.
|
275
|
+
*
|
276
|
+
*/
|
277
|
+
VALUE rb_cipher_update( VALUE self, VALUE rb_input )
|
278
|
+
{
|
279
|
+
rb_cipher_t *rb_cipher;
|
280
|
+
char *input;
|
281
|
+
int ret;
|
282
|
+
|
283
|
+
Check_Type( rb_input, T_STRING );
|
284
|
+
|
285
|
+
Data_Get_Struct( self, rb_cipher_t, rb_cipher );
|
286
|
+
|
287
|
+
StringValue( rb_input );
|
288
|
+
input = StringValuePtr( rb_input );
|
289
|
+
|
290
|
+
rb_cipher->input_length += RSTRING_LEN( rb_input );
|
291
|
+
|
292
|
+
/* Increases the output buffer so it results into the total input length so far. */
|
293
|
+
REALLOC_N(rb_cipher->output, unsigned char, rb_cipher->input_length);
|
294
|
+
|
295
|
+
ret = cipher_update( rb_cipher->ctx, (const unsigned char *) input, RSTRING_LEN( rb_input ), rb_cipher->output, &rb_cipher->olen );
|
296
|
+
|
297
|
+
if (ret < 0)
|
298
|
+
rb_raise( e_CipherError, "PolarSSL error: -0x%x", -ret );
|
299
|
+
|
300
|
+
return Qtrue;
|
301
|
+
}
|
302
|
+
|
303
|
+
/*
|
304
|
+
* call-seq: finish()
|
305
|
+
*
|
306
|
+
* Finishes encrypting the data added by one or multiple update() calls and returns the encrypted data.
|
307
|
+
*
|
308
|
+
*/
|
309
|
+
VALUE rb_cipher_finish( VALUE self )
|
310
|
+
{
|
311
|
+
rb_cipher_t *rb_cipher;
|
312
|
+
int ret;
|
313
|
+
|
314
|
+
Data_Get_Struct( self, rb_cipher_t, rb_cipher );
|
315
|
+
|
316
|
+
ret = cipher_finish( rb_cipher->ctx, rb_cipher->output, &rb_cipher->olen );
|
317
|
+
|
318
|
+
if (ret < 0)
|
319
|
+
rb_raise( e_CipherError, "PolarSSL error: -0x%x", -ret );
|
320
|
+
|
321
|
+
return rb_str_new( (const char *) rb_cipher->output, rb_cipher->input_length );
|
322
|
+
}
|
323
|
+
|
324
|
+
void rb_cipher_free( rb_cipher_t *rb_cipher )
|
325
|
+
{
|
326
|
+
|
327
|
+
if ( rb_cipher->ctx )
|
328
|
+
cipher_free_ctx(rb_cipher->ctx );
|
329
|
+
|
330
|
+
xfree( rb_cipher );
|
331
|
+
}
|
@@ -0,0 +1 @@
|
|
1
|
+
void Init_cipher();
|
data/ext/polarssl/polarssl.c
CHANGED
@@ -21,19 +21,21 @@
|
|
21
21
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
22
22
|
*/
|
23
23
|
|
24
|
-
|
25
24
|
#include "ruby.h"
|
26
25
|
#include "entropy.h"
|
27
26
|
#include "ctr_drbg.h"
|
28
27
|
#include "ssl.h"
|
28
|
+
#include "cipher.h"
|
29
29
|
|
30
30
|
VALUE rb_mPolarSSL;
|
31
31
|
|
32
32
|
void Init_polarssl()
|
33
33
|
{
|
34
|
+
/* The PolarSSL module */
|
34
35
|
rb_mPolarSSL = rb_define_module( "PolarSSL" );
|
35
36
|
|
36
37
|
Init_entropy( );
|
37
38
|
Init_ctr_drbg( );
|
38
39
|
Init_ssl( );
|
40
|
+
Init_cipher( );
|
39
41
|
}
|
data/ext/polarssl/ssl.c
CHANGED
data/lib/polarssl/version.rb
CHANGED
data/polarssl.gemspec
CHANGED
@@ -6,7 +6,7 @@ require 'polarssl/version'
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = 'polarssl'
|
8
8
|
s.version = PolarSSL::VERSION
|
9
|
-
s.date = '2013-
|
9
|
+
s.date = '2013-09-17'
|
10
10
|
s.summary = 'Use the PolarSSL cryptographic and SSL library in Ruby.'
|
11
11
|
s.description = 'A gem that lets you use the PolarSSL cryptography library with Ruby.'
|
12
12
|
s.authors = ['Michiel Sikkes']
|
@@ -0,0 +1,74 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
require 'base64'
|
3
|
+
require 'securerandom'
|
4
|
+
|
5
|
+
class CipherTest < MiniTest::Unit::TestCase
|
6
|
+
|
7
|
+
def test_aes_128_ctr_encrypt
|
8
|
+
# These are hex-formatted strings that come from NIST Special Publication 800-38A 2001 Edition:
|
9
|
+
# Recommendation for Block Cipher Modes of Operation, Methods and Techniques by Morris Dworkin.
|
10
|
+
key = hex_to_bin("2b7e151628aed2a6abf7158809cf4f3c")
|
11
|
+
iv = hex_to_bin("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff")
|
12
|
+
input = hex_to_bin("6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51")
|
13
|
+
should_encrypt_as = hex_to_bin("874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff")
|
14
|
+
|
15
|
+
cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
16
|
+
cipher.setkey(key, 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
17
|
+
cipher.reset(iv)
|
18
|
+
cipher.update(input)
|
19
|
+
encrypted = cipher.finish
|
20
|
+
|
21
|
+
assert_equal should_encrypt_as, encrypted
|
22
|
+
end
|
23
|
+
|
24
|
+
def test_aes_128_ctr_decrypt
|
25
|
+
key = hex_to_bin("2b7e151628aed2a6abf7158809cf4f3c")
|
26
|
+
iv = hex_to_bin("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff")
|
27
|
+
input = hex_to_bin("874d6191b620e3261bef6864990db6ce")
|
28
|
+
should_decrypt_as = hex_to_bin("6bc1bee22e409f96e93d7e117393172a")
|
29
|
+
|
30
|
+
cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
31
|
+
cipher.setkey(key, 128, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
32
|
+
cipher.reset(iv)
|
33
|
+
cipher.update(input)
|
34
|
+
decrypted = cipher.finish
|
35
|
+
|
36
|
+
assert_equal should_decrypt_as, decrypted
|
37
|
+
end
|
38
|
+
|
39
|
+
def test_unsupported_cipher
|
40
|
+
|
41
|
+
assert_raises PolarSSL::Cipher::UnsupportedCipher do
|
42
|
+
PolarSSL::Cipher.new("meh")
|
43
|
+
end
|
44
|
+
|
45
|
+
end
|
46
|
+
|
47
|
+
def test_initialization_vector_not_a_string
|
48
|
+
cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
49
|
+
|
50
|
+
assert_raises TypeError do
|
51
|
+
cipher.reset(nil)
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
def test_unsupported_key
|
56
|
+
|
57
|
+
assert_raises PolarSSL::Cipher::Error do
|
58
|
+
cipher = PolarSSL::Cipher.new("AES-128-CTR")
|
59
|
+
cipher.setkey("1234567890123456", 127, PolarSSL::Cipher::OPERATION_ENCRYPT)
|
60
|
+
end
|
61
|
+
|
62
|
+
end
|
63
|
+
|
64
|
+
private
|
65
|
+
|
66
|
+
def hex_to_bin(hex)
|
67
|
+
hex.scan(/../).map { |x| x.hex.chr }.join
|
68
|
+
end
|
69
|
+
|
70
|
+
def bin_to_hex(data)
|
71
|
+
data.each_byte.map { |b| b.to_s(16).join }
|
72
|
+
end
|
73
|
+
|
74
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: polarssl
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Michiel Sikkes
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2013-
|
11
|
+
date: 2013-09-17 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: A gem that lets you use the PolarSSL cryptography library with Ruby.
|
14
14
|
email: michiel.sikkes@gmail.com
|
@@ -27,6 +27,8 @@ files:
|
|
27
27
|
- RDOC_MAIN.rdoc
|
28
28
|
- README.md
|
29
29
|
- Rakefile
|
30
|
+
- ext/polarssl/cipher.c
|
31
|
+
- ext/polarssl/cipher.h
|
30
32
|
- ext/polarssl/ctr_drbg.c
|
31
33
|
- ext/polarssl/ctr_drbg.h
|
32
34
|
- ext/polarssl/entropy.c
|
@@ -41,6 +43,7 @@ files:
|
|
41
43
|
- lib/polarssl/version.rb
|
42
44
|
- polarssl-ruby.sublime-project
|
43
45
|
- polarssl.gemspec
|
46
|
+
- test/cipher_encryption_test.rb
|
44
47
|
- test/ctr_drbg_test.rb
|
45
48
|
- test/entropy_test.rb
|
46
49
|
- test/ssl_connection_test.rb
|
@@ -72,6 +75,7 @@ signing_key:
|
|
72
75
|
specification_version: 4
|
73
76
|
summary: Use the PolarSSL cryptographic and SSL library in Ruby.
|
74
77
|
test_files:
|
78
|
+
- test/cipher_encryption_test.rb
|
75
79
|
- test/ctr_drbg_test.rb
|
76
80
|
- test/entropy_test.rb
|
77
81
|
- test/ssl_connection_test.rb
|