ruby-aes-cext 1.0

data/ext/ruby-aes/aes_gencons.rb

@@ -0,0 +1,118 @@
+#!/usr/bin/env ruby
+
+=begin
+    This file is a part of ruby-aes <http://rubyforge.org/projects/ruby-aes>
+    Written by Alex Boussinet <alex.boussinet@gmail.com>
+
+    This script generates the constant arrays needed by ruby-aes
+=end
+
+module AesCons
+
+    ALOG = []
+    LOG = []
+    j = 1
+    256.times do |i|
+        ALOG[i] = ALOG[i+255] = j
+        LOG[j] = i
+        j = (j ^ (j << 1) ^ (j & 0x80 != 0 ? 0x01b : 0)) & 0xff
+    end
+    LOG[1] = 0
+
+    def self.mul(a, b)
+        (a.zero? || b.zero?) ? 0 : ALOG[LOG[a] + LOG[b]]
+    end
+
+    RCON = []
+    j = 1
+    10.times do |i|
+        RCON[i] = j << 24 & 0xff000000
+        j = mul(2, j)
+    end
+
+    S = []
+    Si = []
+    256.times do |i|
+        x = (i != 0) ? ALOG[255 - LOG[i]] : 0
+        x ^= (x << 1) ^ (x << 2) ^ (x << 3) ^ (x << 4)
+        x = 0x63 ^ (x ^ (x >> 8))
+        S[i] = x & 0xff
+        Si[x & 0xff] = i
+    end
+
+    def self.mul4(a, b)
+        return 0 if (a.zero?)
+        a = LOG[a & 0xFF]
+        a0 = (b[0] != 0) ? ALOG[(a + LOG[b[0] & 0xff]) % 255] & 0xff : 0
+        a1 = (b[1] != 0) ? ALOG[(a + LOG[b[1] & 0xff]) % 255] & 0xff : 0
+        a2 = (b[2] != 0) ? ALOG[(a + LOG[b[2] & 0xff]) % 255] & 0xff : 0
+        a3 = (b[3] != 0) ? ALOG[(a + LOG[b[3] & 0xff]) % 255] & 0xff : 0
+        return a0 << 24 | a1 << 16 | a2 << 8 | a3
+    end
+
+    G = [
+        [2, 1, 1, 3],[3, 2, 1, 1],[1, 3, 2, 1],[1, 1, 3, 2],
+        [0, 0, 0, 1],[0, 0, 1, 0],[0, 1, 0, 0],[1, 0, 0, 0]
+    ]
+    Gi = [
+        [14, 9, 13, 11], [11, 14, 9, 13], [13, 11, 14, 9],[9, 13, 11, 14],
+        [0, 0, 0, 1],[0, 0, 1, 0],[0, 1, 0, 0],[1, 0, 0, 0]
+    ]
+    Te0, Te1, Te2, Te3 = [], [], [], []
+    S0, S1, S2, S3 = [], [], [], []
+    Td0, Td1, Td2, Td3 = [], [], [], []
+    Si0, Si1, Si2, Si3 = [], [], [], []
+    256.times do |t|
+        s = S[t]
+        Te0[t] = mul4(s, G[0])
+        Te1[t] = mul4(s, G[1])
+        Te2[t] = mul4(s, G[2])
+        Te3[t] = mul4(s, G[3])
+        S0[t]  = mul4(s, G[4])
+        S1[t]  = mul4(s, G[5])
+        S2[t]  = mul4(s, G[6])
+        S3[t]  = mul4(s, G[7])
+        s = Si[t]
+        Td0[t] = mul4(s, Gi[0])
+        Td1[t] = mul4(s, Gi[1])
+        Td2[t] = mul4(s, Gi[2])
+        Td3[t] = mul4(s, Gi[3])
+        Si0[t] = mul4(s, Gi[4])
+        Si1[t] = mul4(s, Gi[5])
+        Si2[t] = mul4(s, Gi[6])
+        Si3[t] = mul4(s, Gi[7])
+    end
+
+    File.open("aes_cons.h" , "w+") do |f|
+        f.write <<-STOP
+/*
+ *  This file is a part of ruby-aes <http://rubyforge.org/projects/ruby-aes>
+ *  Written by Alex Boussinet <alex.boussinet@gmail.com>
+ *
+ *  aes_cons.h - AES Constant Arrays for ruby-aes
+ */
+
+#ifndef __AES_CONS__
+#define __AES_CONS__
+
+STOP
+        ["RCON", "Te0", "Te1", "Te2", "Te3", "S0", "S1", "S2", "S3",
+            "Td0", "Td1", "Td2", "Td3", "Si0", "Si1", "Si2", "Si3"].each do |x|
+            f.write "uint    " + x + "[] = {\n"
+            line = " " * 4
+            module_eval(x).each do |y|
+                z = "0x%08x" % y
+                line << ", " if line.length > 4
+                if (line.length + z.length) > 79
+                    f.write line.chop + "\n"
+                    line = " " * 4
+                end
+                line << z
+            end
+            f.write line unless line.length == 4
+            f.write "\n};\n\n"
+            end
+        f.write "#endif\n"
+    end
+
+end # AesCons

data/ext/ruby-aes/extconf.rb

@@ -0,0 +1,7 @@
+require 'mkmf'
+
+dir_config('aes_alg')
+have_library('c', 'main')
+have_header('aes_cons.h')
+
+create_makefile('aes_alg')

data/lib/ruby-aes.rb

@@ -0,0 +1,162 @@
+=begin
+    This file is a part of ruby-aes <http://rubyforge.org/projects/ruby-aes>
+    Written by Alex Boussinet <alex.boussinet@gmail.com>
+
+==Valid modes are:
+    * ECB (Electronic Code Book)
+    * CBC (Cipher Block Chaining)
+    * OFB (Output Feedback)
+    * CFB (Cipher Feedback)
+
+==Valid key length:
+    * 128 bits
+    * 192 bits
+    * 256 bits
+
+==API calls:
+    Default key_length: 128
+    Default mode: 'ECB'
+    Default IV: 16 null chars ("00" * 16 in hex format)
+    Default key: 16 null chars ("00" * 16 in hex format)
+    Default input text: "PLAINTEXT"
+
+    Aes.check_key(key_string, key_length)
+    Aes.check_iv(iv_string)
+    Aes.check_kl(key_length)
+    Aes.check_mode(mode)
+    Aes.init(key_length, mode, key, iv)
+    Aes.encrypt_block(key_length, mode, key, iv, block) # no padding
+    Aes.decrypt_block(key_length, mode, key, iv, block) # no padding
+    Aes.encrypt_buffer(key_length, mode, key, iv, block) # padding
+    Aes.decrypt_buffer(key_length, mode, key, iv, block) # padding
+    Aes.encrypt_stream(key_length, mode, key, iv, sin, sout)
+    Aes.decrypt_stream(key_length, mode, key, iv, sin, sout)
+    Aes.bs() # block size for read operations (stream)
+    Aes.bs=(bs)
+=end
+
+module Aes
+
+    require 'ruby-aes/aes_alg'
+
+    @@aes = nil
+    @@bs = 4096
+
+    def Aes.bs(); return @@bs end
+    def Aes.bs=(bs); @@bs = bs.to_i; @@bs==0 ? 4096 : @@bs = @@bs - @@bs%16 end
+
+    def Aes.check_key(key_string, kl = 128)
+        kl = Aes.check_kl(kl)
+        k = key_string.length
+        raise "Bad key string or bad key length" if (k != kl/8) && (k != kl/4)
+        hex = (key_string =~ /[a-f0-9A-F]{#{k}}/) == 0 && (k == kl/4)
+        bin = ! hex
+        if ! (([32, 48, 64].include?(k) && hex) ||
+           ([16, 24, 32].include?(k) && bin))
+            raise "Bad key string"
+        end
+        hex ? [key_string].pack("H*") : key_string
+    end
+
+    def Aes.check_iv(iv_string)
+        k = iv_string.length
+        hex = (iv_string =~ /[a-f0-9A-F]{#{k}}/) == 0
+        bin = ! hex
+        if k == 32 && hex
+            return [iv_string].pack("H*")
+        elsif k == 16 && bin
+            return iv_string
+        else
+            raise "Bad IV string"
+        end
+    end
+
+    def Aes.check_mode (mode)
+        case mode
+        when 'ECB', 'CBC', 'OFB', 'CFB'
+        else raise "Bad cipher mode"
+        end
+        mode
+    end
+
+    def Aes.check_kl(key_length)
+        case key_length
+        when 128, 192, 256
+        else raise "Bad key length"
+        end
+        key_length
+    end
+
+    def Aes.init(keyl, mode, key, iv)
+        unless @@aes
+            @@aes = AesAlg.new(Aes.check_kl(keyl), Aes.check_mode(mode),
+                               Aes.check_key(key, keyl), iv ? Aes.check_iv(iv) : nil)
+        else
+            @@aes.init(Aes.check_kl(keyl), Aes.check_mode(mode),
+                       Aes.check_key(key, keyl), iv ? Aes.check_iv(iv) : nil)
+        end
+    end
+
+    def Aes.encrypt_block(keyl, mode, key, iv, block = "DEFAULT PLAINTXT")
+        raise "Bad Block size" if block.length < 16 || block.length > 16
+        Aes.init(keyl, mode, key, iv)
+        @@aes.encrypt_block(block)
+    end
+
+    def Aes.decrypt_block(keyl, mode, key, iv, block = "DEFAULT PLAINTXT")
+        Aes.init(keyl, mode, key, iv)
+        @@aes.decrypt_block(block)
+    end
+
+    def Aes.encrypt_buffer(keyl, mode, key, iv, buffer = "PLAINTEXT")
+        Aes.init(keyl, mode, key, iv)
+        @@aes.encrypt_buffer(buffer)
+    end
+
+    def Aes.decrypt_buffer(keyl, mode, key, iv, buffer = "DEFAULT PLAINTXT")
+        raise "Bad Block size" if buffer.length < 16
+        Aes.init(keyl, mode, key, iv)
+        @@aes.decrypt_buffer(buffer)
+    end
+
+    def Aes.encrypt_stream(keyl, mode, key, iv, sin = STDIN, sout = STDOUT)
+        Aes.init(keyl, mode, key, iv)
+        case sout
+        when String, Array, IO
+        else
+            raise "Bad output stream (String, Array, IO)"
+        end
+        case sin
+        when String
+            sout << @@aes.encrypt_buffer(sin)
+        when IO
+            while buf = sin.read(@@bs)
+                sout << ((buf.length % 16).zero? ? @@aes.encrypt_blocks(buf) :
+                         @@aes.encrypt_buffer(buf))
+            end
+        else
+            raise "Bad input stream (String, IO)"
+        end
+    end
+
+    def Aes.decrypt_stream(keyl, mode, key, iv, sin = STDIN, sout = STDOUT)
+        Aes.init(keyl, mode, key, iv)
+        case sout
+        when String, Array, IO
+        else
+            raise "Bad output stream (String, Array, IO)"
+        end
+        case sin
+        when String
+            sout << @@aes.decrypt_buffer(sin)
+        when IO
+            while buf = sin.read(@@bs)
+                sout << (sin.eof? ? @@aes.decrypt_buffer(buf) :
+                         @@aes.decrypt_blocks(buf))
+            end
+        else
+            raise "Bad input stream (String, IO)"
+        end
+    end
+
+end # end Aes

data/test/KAT_MCT/aes_kat_mct.rb

@@ -0,0 +1,386 @@
+#!/usr/bin/env ruby
+
+=begin
+ This file is a part of ruby-aes <http://rubyforge.org/projects/ruby-aes>
+ Written by Alex Boussinet <alex.boussinet@gmail.com>
+
+ KAT Tests and MCT tests according to katmct.pdf file.
+ <http://csrc.nist.gov/encryption/aes/katmct/katmct.htm>
+ See rijndael-vals.zip
+=end
+
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+def cbc_decrypt_mct(output)
+  output.write <<EOT
+
+=========================
+
+FILENAME: "cbc_d_m.txt"
+
+Cipher Block Chaining (CBC) Mode - DECRYPTION
+Monte Carlo Test
+
+Algorithm Name: Rijndael
+
+==========
+
+EOT
+  [128, 192, 256].each { |kl|
+    output.write "KEYSIZE=#{kl}\n\n"
+    key = "0" * (kl/4)
+    ct = iv = "0" * 32
+    opt = pt = nil
+    400.times { |i|
+      output.write "I=#{i}\nKEY=#{key}\nIV=#{iv}\nCT=#{ct}\n"
+      10000.times { |j|
+	opt = pt
+	pt = Aes.decrypt_block(kl, 'ECB', key, iv,
+				[ct].pack("H*")).unpack("H*")[0]
+	pt = "%032X" % (pt.hex ^ iv.hex)
+	iv = ct
+	ct = pt
+      }
+      case kl
+      when 128
+	npt = pt
+      when 192, 256
+	x = -(kl/4-32)
+	npt = opt[x..-1] + pt
+      end
+      key = "%0#{kl/4}X" % (key.hex ^ npt.hex)
+      output.write "PT=#{pt}\n\n"
+    }
+    output.write "=========================\n\n"
+  }
+end
+
+def cbc_encrypt_mct(output)
+  output.write <<EOT
+
+=========================
+
+FILENAME: "cbc_e_m.txt"
+
+Cipher Block Chaining (CBC) Mode - ENCRYPTION
+Monte Carlo Test
+
+Algorithm Name: Rijndael
+
+==========
+
+EOT
+  [128, 192, 256].each { |kl|
+    output.write "KEYSIZE=#{kl}\n\n"
+    key = "0" * (kl/4)
+    pt = iv = "0" * 32
+    oct = ct = nil
+    400.times { |i|
+      output.write "I=#{i}\nKEY=#{key}\nIV=#{iv}\nPT=#{pt}\n"
+      10000.times { |j|
+	oct = ct
+	pt = "%032X" % (pt.hex ^ iv.hex)
+	ct = Aes.encrypt_block(kl, 'ECB', key, iv,
+				[pt].pack("H*")).unpack("H*")[0]
+	if j == 0 then pt = iv else pt = oct end
+	iv = ct
+      }
+      case kl
+      when 128
+	nct = ct
+      when 192, 256
+	x = -(kl/4-32)
+	nct = oct[x..-1] + ct
+      end
+      key = "%0#{kl/4}X" % (key.hex ^ nct.hex)
+      output.write "CT=#{ct}\n\n"
+    }
+    output.write "=========================\n\n"
+  }
+end
+
+def ecb_decrypt_mct(output)
+  output.write <<EOT
+
+=========================
+
+FILENAME: "ecb_d_m.txt"
+
+Electronic Codebook (ECB) Mode - DECRYPTION
+Monte Carlo Test
+
+Algorithm Name: Rijndael
+
+=========================
+
+EOT
+  [128, 192, 256].each { |kl|
+    output.write "KEYSIZE=#{kl}\n\n"
+    key = "0" * (kl/4)
+    ct = "0" * 32
+    opt = pt = nil
+    400.times { |i|
+      output.write "I=#{i}\nKEY=#{key}\nCT=#{ct}\n"
+      10000.times { |j|
+	opt = pt
+	pt = Aes.decrypt_block(kl, 'ECB', key, nil,
+				[ct].pack("H*")).unpack("H*")[0]
+	ct = pt
+      }
+      case kl
+      when 128
+	npt = pt
+      when 192, 256
+	x = -(kl/4-32)
+	npt = opt[x..-1] + pt
+      end
+      key = "%0#{kl/4}X" % (key.hex ^ npt.hex)
+      ct = pt
+      output.write "PT=#{pt}\n\n"
+    }
+    output.write "=========================\n\n"
+  }
+end
+
+def ecb_encrypt_mct(output)
+  output.write <<EOT
+
+=========================
+
+FILENAME: "ecb_e_m.txt"
+
+Electronic Codebook (ECB) Mode - ENCRYPTION
+Monte Carlo Test
+
+Algorithm Name: Rijndael
+
+=========================
+
+EOT
+  [128, 192, 256].each { |kl|
+    output.write "KEYSIZE=#{kl}\n\n"
+    key = "0" * (kl/4)
+    pt = "0" * 32
+    oct = ct = nil
+    400.times { |i|
+      output.write "I=#{i}\nKEY=#{key}\nPT=#{pt}\n"
+      10000.times { |j|
+	oct = ct
+	ct = Aes.encrypt_block(kl, 'ECB', key, nil,
+				[pt].pack("H*")).unpack("H*")[0]
+	pt = ct
+      }
+      case kl
+      when 128
+	nct = ct
+      when 192, 256
+	x = -(kl/4-32)
+	nct = oct[x..-1] + ct
+      end
+      key = "%0#{kl/4}X" % (key.hex ^ nct.hex)
+      pt = ct
+      output.write "CT=#{ct}\n\n"
+    }
+    output.write "=========================\n\n"
+  }
+end
+
+def ecb_iv(output)
+  output.write <<EOT
+
+=========================
+
+FILENAME: "ecb_iv.txt"
+
+Electronic Codebook (ECB) Mode
+Intermediate Value Known Answer Tests
+
+Algorithm Name: Rijndael
+
+==========
+
+EOT
+  if (AesAlg.respond_to? :c_extension)
+      @output.write <<EOT
+Not Implemented
+
+==========
+
+EOT
+  else
+      $output = output
+      AesAlg.class_eval do
+          alias :encrypt_block_original :_encrypt_block
+          alias :decrypt_original_block :_decrypt_block
+          def _encrypt_block
+              addRoundKey 0
+              1.upto(@nr) { |n|
+                  subBytes
+                  shiftRows
+                  mixColumns unless n == @nr
+                  addRoundKey n
+                  $output.puts "CT#{n}=#{@state.unpack("H*")[0]}" unless (@nr-n).zero?
+              }
+              @state
+          end
+          def _decrypt_block
+              addRoundKey @nr
+              (@nr-1).downto(0) { |n|
+                  ishiftRows
+                  isubBytes
+                  $output.puts "PT#{@nr-n}=#{@state.unpack("H*")[0]}" unless n.zero?
+                  addRoundKey n
+                  imixColumns unless n == 0
+              }
+              @state
+          end
+      end
+      [128, 192, 256].each { |kl|
+          output.write "KEYSIZE=#{kl}\n"
+          key = ""
+          (kl/8).times do |n| key << n.chr end
+          output.write "KEY=#{key.unpack("H*")[0]}\n\n"
+          output.write "Intermediate Ciphertext Values (Encryption)\n\n"
+          pt = ""
+          16.times do |n| pt << n.chr end
+          output.write "PT=#{pt.unpack("H*")[0]}\n"
+          ct = Aes.encrypt_block(kl, 'ECB', key, nil, pt)
+          output.write "CT=#{ct.unpack("H*")[0]}\n\n"
+
+          output.write "Intermediate Ciphertext Values (Decryption)\n\n"
+          output.write "CT=#{ct.unpack("H*")[0]}\n"
+          npt = Aes.decrypt_block(kl, 'ECB', key, nil, ct)
+          output.write "PT=#{npt.unpack("H*")[0]}\n\n"
+
+          output.write "==========\n\n"
+      }
+      AesAlg.class_eval do
+          alias :_block_encrypt :encrypt_block_original
+          alias :_block_decrypt :decrypt_block_original
+      end
+  end
+end
+
+def ecb_tbl(output)
+  output.write <<EOT
+
+=========================
+
+FILENAME: "ecb_tbl.txt"
+
+Electronic Codebook (ECB) Mode
+Tables Known Answer Tests
+
+Algorithm Name: Rijndael
+Tables tested: S, Si, LOG, ALOG, RCON, Te0-4 Td0-4
+
+==========
+
+EOT
+  [128, 192, 256].each { |kl|
+    output.write "KEYSIZE=#{kl}\n\n"
+    File.open("table.#{kl}", "r") { |f|
+      begin
+	1.upto(64) { |i|
+	  key, *pt = f.readline.split(" ")
+	  pt = pt.join
+	  ct = Aes.encrypt_block(kl, 'ECB', key, nil, [pt].pack("H*"))
+	  output.write "I=#{i}\nKEY=#{key}\nPT=#{pt}\nCT=#{ct.unpack("H*")[0]}\n\n"
+	}
+	65.upto(128) { |i|
+	  key, *ct = f.readline.split(" ")
+	  ct = ct.join
+	  pt = Aes.encrypt_block(kl, 'ECB', key, nil, [ct].pack("H*"))
+	  output.write "I=#{i}\nKEY=#{key}\nPT=#{pt.unpack("H*")[0]}\nCT=#{ct}\n\n"
+	}
+      rescue
+	raise "Bad Table File"
+      end
+    }
+    output.write "==========\n\n"
+  }
+end
+
+def ecb_vt(output)
+  output.write <<EOT
+
+=========================
+
+FILENAME: "ecb_vt.txt"
+
+Electronic Codebook (ECB) Mode
+Variable Text Known Answer Tests
+
+Algorithm Name: Rijndael
+
+==========
+
+EOT
+  [128, 192, 256].each { |kl|
+    key = "0" * (kl/4)
+    output.write "KEYSIZE=#{kl}\n\nKEY=#{key}\n\n"
+    (127).downto(0) { |b|
+      i = 128 - b
+      pt = "%032X" % (1 << b)
+      ct = Aes.encrypt_block(kl, 'ECB', key, nil, [pt].pack("H*"))
+      output.write "I=#{i}\nPT=#{pt}\nCT=#{ct.unpack("H*")[0]}\n\n"
+    }
+    output.write "==========\n\n"
+  }
+end
+
+def ecb_vk(output)
+  pt = "00000000000000000000000000000000"
+  output.write <<EOT
+
+=========================
+
+FILENAME: "ecb_vk.txt"
+
+Electronic Codebook (ECB) Mode
+Variable Key Known Answer Tests
+
+Algorithm Name: Rijndael
+
+==========
+EOT
+  [128, 192, 256].each { |kl|
+    output.write "KEYSIZE=#{kl}\n\nPT=#{pt}\n\n"
+    (kl-1).downto(0) { |b|
+      i = kl - b
+      key = "%0#{kl/4}X" % (1 << b)
+      ct = Aes.encrypt_block(kl, 'ECB', key, nil, [pt].pack("H*"))
+      output.write "I=#{i}\nKEY=#{key}\nCT=#{ct.unpack("H*")[0]}\n\n"
+    }
+    output.write "==========\n\n"
+  }
+end
+
+def kat_tests
+  puts "Writing ecb_vk.txt..."
+  File.open("ecb_vk.txt") { |f| ecb_vk f }
+  puts "Writing ecb_vt.txt..."
+  File.open("ecb_vt.txt") { |f| ecb_vt f }
+  puts "Writing ecb_tbl.txt..."
+  File.open("ecb_tbl.txt") { |f| ecb_tbl f }
+  puts "Writing ecb_iv.txt..."
+  File.open("ecb_iv.txt") { |f| ecb_iv f }
+end
+
+def mct_tests
+  puts "Writing ecb_e_m.txt..."
+  File.open("ecb_e_m.txt") { |f| ecb_encrypt_mct f }
+  puts "Writing ecb_d_m.txt..."
+  File.open("ecb_d_m.txt") { |f| ecb_decrypt_mct f }
+  puts "Writing cbc_e_m.txt..."
+  File.open("cbc_e_m.txt") { |f| cbc_encrypt_mct f }
+  puts "Writing cbc_d_m.txt..."
+  File.open("cbc_d_m.txt") { |f| cbc_decrypt_mct f }
+end
+
+if __FILE__ == $0
+  puts "Performing KAT Tests..."
+  kat_tests
+  puts "Performing MCT Tests... VERY time consuming !"
+  mct_tests
+end