ruby-aes-normal 1.0

data/examples/encrypt_buffer.rb

@@ -0,0 +1,24 @@
+#!/usr/bin/env ruby
+
+require 'ruby-aes'
+require 'example_helper'
+
+class RubyAES_buffer
+
+    include RubyAES_helper
+
+    def initialize
+        setup
+        puts "Using #{@kl}-#{@mode} encryption/decryption"
+        pt = "The quick brown fox jumps over the lazy dog"
+        puts "Plaintext is: '#{pt}'"
+        puts "(a buffer will be padded so that its length will be a multiple of 16)"
+        ct = Aes.encrypt_buffer(@kl, @mode, @keys[@kl], @iv, pt)
+        puts "Ciphertext (unpacked) is: #{ct.unpack("H*").first}"
+        npt = Aes.decrypt_buffer(@kl, @mode, @keys[@kl], @iv, ct)
+        puts "Decrypted ciphertext is: '#{npt}'"
+        puts "(should be: '#{pt}')"
+    end
+
+end
+RubyAES_buffer.new

data/examples/encrypt_stream.rb

@@ -0,0 +1,39 @@
+#!/usr/bin/env ruby
+
+require 'ruby-aes'
+require 'example_helper'
+require 'fileutils'
+
+class RubyAES_stream
+
+    include RubyAES_helper
+
+    def initialize
+        setup
+        puts "Using #{@kl}-#{@mode} encryption/decryption"
+        file = "_ruby-aes_encrypt_stream_"
+
+        sin = File.open(file, "w+b")
+        sin.puts "The quick brown fox jumps over the lazy dog"
+        sin.rewind
+        sout = File.open("#{file}.aes", "w+b")
+        Aes.encrypt_stream(@kl, @mode, @keys[@kl], @iv, sin, sout)
+        sin.close
+        sout.close
+
+        sin = File.open("#{file}.aes", "rb")
+        sout = File.open("#{file}.plain", "w+b")
+        Aes.decrypt_stream(@kl, @mode, @keys[@kl], @iv, sin, sout)
+        sin.close
+        sout.close
+
+        if IO.read(file) == IO.read("#{file}.plain")
+            puts "The decrypted file is exactly the same as the original one"
+        else
+            puts "The decrypted file differs from the orginal one"
+        end
+        FileUtils.rm_f [ file, "#{file}.aes", "#{file}.plain" ]
+    end
+
+end
+RubyAES_stream.new

data/examples/example_helper.rb

@@ -0,0 +1,27 @@
+#!/usr/bin/env ruby
+
+module RubyAES_helper
+
+    KEY_LENGTH = [128,192,256].freeze
+    MODES = ['ECB','CBC','OFB','CFB'].freeze
+
+    def random_fill(n, buffer)
+        n.times do
+            buffer << rand(256).chr
+        end
+    end
+
+    def setup
+        @keys = {}
+        KEY_LENGTH.each do |kl|
+            @keys[kl] = ""
+            random_fill(kl/8, @keys[kl])
+        end
+
+        @iv = ""; random_fill(16, @iv)
+        @pt = ""; random_fill(64, @pt)
+        @kl = KEY_LENGTH[(rand * KEY_LENGTH.length).to_i]
+        @mode = MODES[(rand * MODES.length).to_i]
+    end
+
+end

data/lib/ruby-aes.rb

@@ -0,0 +1,162 @@
+=begin
+    This file is a part of ruby-aes <http://rubyforge.org/projects/ruby-aes>
+    Written by Alex Boussinet <alex.boussinet@gmail.com>
+
+==Valid modes are:
+    * ECB (Electronic Code Book)
+    * CBC (Cipher Block Chaining)
+    * OFB (Output Feedback)
+    * CFB (Cipher Feedback)
+
+==Valid key length:
+    * 128 bits
+    * 192 bits
+    * 256 bits
+
+==API calls:
+    Default key_length: 128
+    Default mode: 'ECB'
+    Default IV: 16 null chars ("00" * 16 in hex format)
+    Default key: 16 null chars ("00" * 16 in hex format)
+    Default input text: "PLAINTEXT"
+
+    Aes.check_key(key_string, key_length)
+    Aes.check_iv(iv_string)
+    Aes.check_kl(key_length)
+    Aes.check_mode(mode)
+    Aes.init(key_length, mode, key, iv)
+    Aes.encrypt_block(key_length, mode, key, iv, block) # no padding
+    Aes.decrypt_block(key_length, mode, key, iv, block) # no padding
+    Aes.encrypt_buffer(key_length, mode, key, iv, block) # padding
+    Aes.decrypt_buffer(key_length, mode, key, iv, block) # padding
+    Aes.encrypt_stream(key_length, mode, key, iv, sin, sout)
+    Aes.decrypt_stream(key_length, mode, key, iv, sin, sout)
+    Aes.bs() # block size for read operations (stream)
+    Aes.bs=(bs)
+=end
+
+module Aes
+
+    require 'ruby-aes/aes_alg'
+
+    @@aes = nil
+    @@bs = 4096
+
+    def Aes.bs(); return @@bs end
+    def Aes.bs=(bs); @@bs = bs.to_i; @@bs==0 ? 4096 : @@bs = @@bs - @@bs%16 end
+
+    def Aes.check_key(key_string, kl = 128)
+        kl = Aes.check_kl(kl)
+        k = key_string.length
+        raise "Bad key string or bad key length" if (k != kl/8) && (k != kl/4)
+        hex = (key_string =~ /[a-f0-9A-F]{#{k}}/) == 0 && (k == kl/4)
+        bin = ! hex
+        if ! (([32, 48, 64].include?(k) && hex) ||
+           ([16, 24, 32].include?(k) && bin))
+            raise "Bad key string"
+        end
+        hex ? [key_string].pack("H*") : key_string
+    end
+
+    def Aes.check_iv(iv_string)
+        k = iv_string.length
+        hex = (iv_string =~ /[a-f0-9A-F]{#{k}}/) == 0
+        bin = ! hex
+        if k == 32 && hex
+            return [iv_string].pack("H*")
+        elsif k == 16 && bin
+            return iv_string
+        else
+            raise "Bad IV string"
+        end
+    end
+
+    def Aes.check_mode (mode)
+        case mode
+        when 'ECB', 'CBC', 'OFB', 'CFB'
+        else raise "Bad cipher mode"
+        end
+        mode
+    end
+
+    def Aes.check_kl(key_length)
+        case key_length
+        when 128, 192, 256
+        else raise "Bad key length"
+        end
+        key_length
+    end
+
+    def Aes.init(keyl, mode, key, iv)
+        unless @@aes
+            @@aes = AesAlg.new(Aes.check_kl(keyl), Aes.check_mode(mode),
+                               Aes.check_key(key, keyl), iv ? Aes.check_iv(iv) : nil)
+        else
+            @@aes.init(Aes.check_kl(keyl), Aes.check_mode(mode),
+                       Aes.check_key(key, keyl), iv ? Aes.check_iv(iv) : nil)
+        end
+    end
+
+    def Aes.encrypt_block(keyl, mode, key, iv, block = "DEFAULT PLAINTXT")
+        raise "Bad Block size" if block.length < 16 || block.length > 16
+        Aes.init(keyl, mode, key, iv)
+        @@aes.encrypt_block(block)
+    end
+
+    def Aes.decrypt_block(keyl, mode, key, iv, block = "DEFAULT PLAINTXT")
+        Aes.init(keyl, mode, key, iv)
+        @@aes.decrypt_block(block)
+    end
+
+    def Aes.encrypt_buffer(keyl, mode, key, iv, buffer = "PLAINTEXT")
+        Aes.init(keyl, mode, key, iv)
+        @@aes.encrypt_buffer(buffer)
+    end
+
+    def Aes.decrypt_buffer(keyl, mode, key, iv, buffer = "DEFAULT PLAINTXT")
+        raise "Bad Block size" if buffer.length < 16
+        Aes.init(keyl, mode, key, iv)
+        @@aes.decrypt_buffer(buffer)
+    end
+
+    def Aes.encrypt_stream(keyl, mode, key, iv, sin = STDIN, sout = STDOUT)
+        Aes.init(keyl, mode, key, iv)
+        case sout
+        when String, Array, IO
+        else
+            raise "Bad output stream (String, Array, IO)"
+        end
+        case sin
+        when String
+            sout << @@aes.encrypt_buffer(sin)
+        when IO
+            while buf = sin.read(@@bs)
+                sout << ((buf.length % 16).zero? ? @@aes.encrypt_blocks(buf) :
+                         @@aes.encrypt_buffer(buf))
+            end
+        else
+            raise "Bad input stream (String, IO)"
+        end
+    end
+
+    def Aes.decrypt_stream(keyl, mode, key, iv, sin = STDIN, sout = STDOUT)
+        Aes.init(keyl, mode, key, iv)
+        case sout
+        when String, Array, IO
+        else
+            raise "Bad output stream (String, Array, IO)"
+        end
+        case sin
+        when String
+            sout << @@aes.decrypt_buffer(sin)
+        when IO
+            while buf = sin.read(@@bs)
+                sout << (sin.eof? ? @@aes.decrypt_buffer(buf) :
+                         @@aes.decrypt_blocks(buf))
+            end
+        else
+            raise "Bad input stream (String, IO)"
+        end
+    end
+
+end # end Aes

data/lib/ruby-aes/aes_alg.rb

@@ -0,0 +1,277 @@
+=begin
+    This file is a part of ruby-aes <http://rubyforge.org/projects/ruby-aes>
+    Written by Alex Boussinet <alex.boussinet@gmail.com>
+
+    ruby-aes (non-optimized version)
+    Adapted from the Rijndael Specifications (dfips-AES.pdf)
+=end
+
+require 'ruby-aes/aes_cons'
+
+class AesAlg
+    include AesCons
+
+    def subBytes
+        i = 0
+        @state.each_byte do |b|
+            @state[i] = S_BOX[b]
+            i+=1
+        end
+    end
+    protected :subBytes
+
+    def isubBytes
+        i = 0
+        @state.each_byte do |b|
+            @state[i] = IS_BOX[b]
+            i+=1
+        end
+    end
+    protected :isubBytes
+
+    def shiftRows
+        @state[1], @state[5], @state[9], @state[13] =
+            @state[5], @state[9], @state[13], @state[1]
+        @state[2], @state[6], @state[10], @state[14] =
+            @state[10], @state[14], @state[2], @state[6]
+        @state[3], @state[7], @state[11], @state[15] =
+            @state[15], @state[3], @state[7], @state[11]
+    end
+    protected :shiftRows
+
+    def ishiftRows
+        @state[1], @state[5], @state[9], @state[13] =
+            @state[13], @state[1], @state[5], @state[9]
+        @state[2], @state[6], @state[10], @state[14] =
+            @state[10], @state[14], @state[2], @state[6]
+        @state[3], @state[7], @state[11], @state[15] =
+            @state[7], @state[11], @state[15], @state[3]
+    end
+    protected :ishiftRows
+
+    def mixColumns
+        t = "\000" * 16
+        4.times do |c|
+            t[c*4] = G2X.at(@state[c*4]) ^ G3X.at(@state[1+c*4]) ^
+            @state[2+c*4] ^ @state[3+c*4]
+            t[1+c*4] = @state[c*4] ^ G2X.at(@state[1+c*4]) ^
+            G3X.at(@state[2+c*4]) ^ @state[3+c*4]
+            t[2+c*4] = @state[c*4] ^ @state[1+c*4] ^
+            G2X.at(@state[2+c*4]) ^ G3X.at(@state[3+c*4])
+            t[3+c*4] = G3X.at(@state[c*4]) ^ @state[1+c*4] ^
+            @state[2+c*4] ^ G2X.at(@state[3+c*4])
+        end
+        @state = t
+    end
+    protected :mixColumns
+
+    def imixColumns
+        t = "\000" * 16
+        4.times do |c|
+            t[c*4] = GEX.at(@state[c*4]) ^ GBX.at(@state[1+c*4]) ^
+            GDX.at(@state[2+c*4]) ^ G9X.at(@state[3+c*4])
+            t[1+c*4] = G9X.at(@state[c*4]) ^ GEX.at(@state[1+c*4]) ^
+            GBX.at(@state[2+c*4]) ^ GDX.at(@state[3+c*4])
+            t[2+c*4] = GDX.at(@state[c*4]) ^ G9X.at(@state[1+c*4]) ^
+            GEX.at(@state[2+c*4]) ^ GBX.at(@state[3+c*4])
+            t[3+c*4] = GBX.at(@state[c*4]) ^ GDX.at(@state[1+c*4]) ^
+            G9X.at(@state[2+c*4]) ^ GEX.at(@state[3+c*4])
+        end
+        @state = t
+    end
+    protected :imixColumns
+
+    def addRoundKey(n)
+        j = n*16
+        16.times do |i|
+            @state[i] ^= @w[i+j]
+        end
+    end
+    protected :addRoundKey
+
+    def key_expansion(key)
+        0.upto(@nk*4-1) do |i|
+            @w[i] = key[i]
+        end
+        @nk.upto(@nb*(@nr+1)-1) do |i|
+            j = i*4
+            k = j-(@nk*4)
+            t0, t1, t2, t3 = @w[j-4], @w[j-3], @w[j-2], @w[j-1]
+            if (i % @nk == 0)
+                t0, t1, t2, t3 =
+                    S_BOX[t1] ^ RCON[i/@nk - 1], S_BOX[t2], S_BOX[t3], S_BOX[t0]
+            elsif (@nk > 6) && (i % @nk == 4)
+                t0, t1, t2, t3 = S_BOX[t0], S_BOX[t1], S_BOX[t2], S_BOX[t3]
+            end
+            @w[j], @w[j+1], @w[j+2], @w[j+3] =
+                @w[k] ^ t0, @w[k+1] ^ t1, @w[k+2] ^ t2, @w[k+3] ^ t3
+        end
+    end
+    protected :key_expansion
+
+    def _encrypt_block
+        addRoundKey 0
+        1.upto(@nr) do |n|
+            subBytes
+            shiftRows
+            mixColumns unless n == @nr
+            addRoundKey n
+        end
+        @state
+    end
+    protected :_encrypt_block
+
+    def _decrypt_block
+        addRoundKey @nr
+        (@nr-1).downto(0) do |n|
+            ishiftRows
+            isubBytes
+            addRoundKey n
+            imixColumns unless n == 0
+        end
+        @state
+    end
+    protected :_decrypt_block
+
+    def xor(a,b)
+        c = ""
+        16.times do |i|
+            c << (a[i] ^ b[i]).chr
+        end
+        c
+    end
+    protected :xor
+
+    def encrypt_block(block)
+        @state = block.dup
+        case @mode
+        when 'ECB'
+            _encrypt_block
+        when 'CBC'
+            @state = xor(block, @iv)
+            @iv = _encrypt_block
+        when 'OFB'
+            @state = @iv.dup
+            @iv = _encrypt_block
+            xor(@iv, block)
+        when 'CFB'
+            @state = @iv.dup
+            @iv = xor(_encrypt_block, block)
+        end
+    end
+
+    def decrypt_block(block)
+        @state = block.dup
+        case @mode
+        when 'ECB'
+            _decrypt_block
+        when 'CBC'
+            o = xor(_decrypt_block, @iv)
+            @iv = block
+            o
+        when 'OFB'
+            @state = @iv.dup
+            @iv = _encrypt_block
+            xor(@iv, block)
+        when 'CFB'
+            @state = @iv.dup
+            o = xor(_encrypt_block, block)
+            @iv = block
+            o
+        end
+    end
+
+    def encrypt_blocks(buffer)
+        raise "Bad block length" unless (buffer.length % 16).zero?
+        ct = ""
+        block = ""
+        buffer.each_byte do |char|
+            block << char
+            if block.length == 16
+                ct << encrypt_block(block)
+                block = ""
+            end
+        end
+    end
+
+    def decrypt_blocks(buffer)
+        raise "Bad block length" unless (buffer.length % 16).zero?
+        pt = ""
+        block = ""
+        buffer.each_byte do |char|
+            block << char
+            if block.length == 16
+                pt << decrypt_block(block)
+                block = ""
+            end
+        end
+    end
+
+    def encrypt_buffer(buffer)
+        ct = ""
+        block = ""
+        buffer.each_byte do |char|
+            block << char
+            if block.length == 16
+                ct << encrypt_block(block)
+                block = ""
+            end
+        end
+        m = 16 - block.length % 16
+        ct << (m == 16 ? 0 : encrypt_block(block << m.chr * m))
+    end
+
+    def decrypt_buffer(buffer)
+        pt = ""
+        block = ""
+        buffer.each_byte do |char|
+            block << char
+            if block.length == 16
+                pt << decrypt_block(block)
+                block = ""
+            end
+        end
+        if block.length == 0
+            c = pt[-1]
+            c.chr * c == pt[-c..-1] ? pt[0..-(c+1)] : (raise "Bad Block Padding")
+        else
+            pt
+        end
+    end
+
+    def init(key_length, mode, key, iv = nil)
+        @iv = "\000" * 16
+        @iv = iv if iv
+        @nb = 4
+        @nk = 4
+        @nr = 10
+        @mode = 'ECB'
+        @state = nil
+        @w = []
+        case key_length
+        when 128
+            @nk = 4
+            @nr = 10
+        when 192
+            @nk = 6
+            @nr = 12
+        when 256
+            @nk = 8
+            @nr = 14
+        else
+            raise 'Bad Key length'
+        end
+        case mode
+        when 'ECB', 'CBC', 'OFB', 'CFB'
+            @mode = mode
+        else
+            raise 'Bad AES mode'
+        end
+        key_expansion key
+    end
+
+    def initialize(key_length, mode, key, iv = nil)
+        init(key_length, mode, key, iv)
+    end
+
+end # class aes