ruby-mcrypt 0.1.1

data/ruby-mcrypt.gemspec

@@ -0,0 +1,147 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{ruby-mcrypt}
+  s.version = "0.1.1"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Philip Garrett"]
+  s.date = %q{2010-08-23}
+  s.description = %q{= Mcrypt - libmcrypt bindings for Ruby
+
+Mcrypt provides Ruby-language bindings for libmcrypt(3), a
+symmetric cryptography library. {Libmcrypt}[http://mcrypt.sourceforge.net/]
+supports lots of different ciphers and encryption modes.
+
+== You will need
+
+* A working Ruby installation (>= 1.8.6 or 1.9)
+* A working libmcrypt installation (2.5.x or 2.6.x, tested with 2.5.8)
+* A sane build environment
+
+== Installation
+
+Install the gem:
+  gem install ruby-mcrypt --test -- --with-mcrypt-dir=/path/to/mcrypt/prefix
+
+If you want to run the longer test suite, do this instead:
+  MCRYPT_TEST_BRUTE=1 \
+  gem install ruby-mcrypt --test -- --with-mcrypt-dir=/path/to/mcrypt/prefix
+
+Put this in your code:
+  require 'rubygems'
+  require 'mcrypt'
+
+Or in Rails' environment.rb:
+  gem "ruby-mcrypt", :lib => "mcrypt"
+
+== Usage
+
+  crypto = Mcrypt.new(:twofish, :cbc, MY_KEY, MY_IV, :pkcs)
+
+  # encryption and decryption in one step
+  ciphertext = crypto.encrypt(plaintext)
+  plaintext  = crypto.decrypt(ciphertext)
+
+  # encrypt in smaller steps
+  while chunk = $stdin.read(4096)
+    $stdout << crypto.encrypt_more(chunk)
+  end
+  $stdout << crypto.encrypt_finish
+
+  # or decrypt:
+  while chunk = $stdin.read(4096)
+    $stdout << crypto.decrypt_more(chunk)
+  end
+  $stdout << crypto.decrypt_finish
+
+== Known Issues
+
+* Test coverage is lacking.
+
+If you find any bugs, please let the author know.
+
+== Wish List
+
+* IO-like behavior, e.g. crypto.open($stdin) { |stream| ... }
+
+== Author
+
+* Philip Garrett <philgarr at gmail.com>
+
+== Copyright and License
+
+Copyright (c) 2009-2010 Philip Garrett.
+
+Permission is hereby granted, free of charge, to any person obtaining a
+copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be included
+in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+}
+  s.email = %q{philgarr@gmail.com}
+  s.extensions = ["ext/extconf.rb"]
+  s.extra_rdoc_files = [
+    "README.rdoc"
+  ]
+  s.files = [
+    ".gitignore",
+     "Manifest",
+     "README.rdoc",
+     "Rakefile",
+     "VERSION",
+     "ext/.gitignore",
+     "ext/extconf.rb",
+     "ext/mcrypt_wrapper.c",
+     "lib/.gitignore",
+     "lib/mcrypt.rb",
+     "ruby-mcrypt.gemspec",
+     "test/generate/.gitignore",
+     "test/generate/Makefile",
+     "test/generate/generate_testcases.c",
+     "test/helper.rb",
+     "test/test_basics.rb",
+     "test/test_brute.rb",
+     "test/test_reciprocity.rb"
+  ]
+  s.homepage = %q{http://github.com/kingpong/ruby-mcrypt}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.required_ruby_version = Gem::Requirement.new(">= 1.8.6")
+  s.requirements = ["libmcrypt (2.5.x or 2.6.x, tested with 2.5.8)"]
+  s.rubygems_version = %q{1.3.7}
+  s.summary = %q{Ruby bindings for libmcrypt}
+  s.test_files = [
+    "test/helper.rb",
+     "test/test_basics.rb",
+     "test/test_brute.rb",
+     "test/test_reciprocity.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end
+

data/test/generate/.gitignore

@@ -0,0 +1,3 @@
+generate_testcases
+generate_testcases.o
+generate_testcases.dSYM

data/test/generate/Makefile

@@ -0,0 +1,11 @@
+
+LOADLIBES=-lmcrypt
+CFLAGS=-O2
+
+CPPFLAGS=-I/opt/local/include
+LDFLAGS=-L/opt/local/lib
+
+generate_testcases: generate_testcases.c
+
+memcheck: generate_testcases
+	valgrind --leak-check=yes ./generate_testcases > /dev/null

data/test/generate/generate_testcases.c

@@ -0,0 +1,389 @@
+/*
+ * generate_testcases.c
+ *
+ * Generates a list of known-good inputs/outputs to be compared against the
+ * output of ruby-mcrypt.
+ *
+ * Copyright (c) 2009 Philip Garrett.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+ * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <mcrypt.h>
+
+typedef enum { PADDING_NONE, PADDING_PKCS7, PADDING_ZEROS } padding_t;
+const char *padding_name(padding_t padding);
+
+unsigned char *gen_rand_data(unsigned int len);
+char *dump_value(void *buffer, int len);
+
+void dump_testcase(char *algo, char *mode);
+void dump_testcase_keysize(MCRYPT td, int key_size);
+void dump_testcase_block(MCRYPT td, unsigned char *key, int key_size,
+                         unsigned char *iv, int iv_size, int block_size,
+                         padding_t padding);
+
+int *list_key_sizes(MCRYPT td);
+
+static char testing_algo[128];
+static char testing_mode[128];
+
+int main() {
+    char **algos, **modes;
+    int n_algos, n_modes,
+        i_algo,  i_mode;
+
+    /* get consistent output even though it's "random" */
+    srand48(1153616166L);
+
+    algos = mcrypt_list_algorithms(NULL, &n_algos);
+    if (algos == NULL) {
+        fprintf(stderr, "Unable to list algorithms.\n");
+        exit(1);
+    }
+
+    modes = mcrypt_list_modes(NULL, &n_modes);
+    if (modes == NULL) {
+        fprintf(stderr, "Unable to list modes.\n");
+        exit(1);
+    }
+
+    for (i_algo = 0; i_algo < n_algos; i_algo++) {
+        for (i_mode = 0; i_mode < n_modes; i_mode++) {
+            dump_testcase(algos[i_algo],modes[i_mode]);
+        }
+    }
+
+    mcrypt_free_p(algos, n_algos);
+    mcrypt_free_p(modes, n_modes);
+
+    return 0;
+}
+
+void dump_testcase(char *algo, char *mode) {
+    MCRYPT td;
+    int *key_sizes, *cur_size;
+
+    /* globalize this for easier access below */
+    strcpy(testing_algo, algo);
+    strcpy(testing_mode, mode);
+
+    td = mcrypt_module_open(algo, NULL, mode, NULL);
+    if (td == MCRYPT_FAILED) {
+        /* assume that this algorithm just doesn't support this mode */
+        return;
+    }
+
+    cur_size = key_sizes = list_key_sizes(td);
+    if (key_sizes == NULL) {
+        return;
+    }
+
+    while (*cur_size != 0) {
+        dump_testcase_keysize(td, *cur_size);
+        cur_size++;
+    }
+    free(key_sizes);
+
+    mcrypt_module_close(td);
+}
+
+void dump_testcase_keysize(MCRYPT td, int key_size) {
+    unsigned char *key, *iv = NULL;
+    int iv_size, block_size;
+    int mc_ret;
+    padding_t padding;
+
+    key = gen_rand_data(key_size);
+
+    iv_size = mcrypt_enc_get_iv_size(td);
+    if (iv_size != 0) {
+        iv = gen_rand_data(iv_size);
+    }
+
+    /*
+     * Generate a test case for these plaintext sizes:
+     *
+     *  * empty:              test behavior of padding on empty blocks
+     *  * 5-byte:             odd, and smaller than any block size
+     *  * block_size - 1:     edge case
+     *  * block_size:         generally guaranteed to work
+     *  * block_size * 2 - 1: multiblock edge case
+     *  * block_size * 3:     more multiblock
+     */
+    block_size = mcrypt_enc_get_block_size(td);
+
+    padding = mcrypt_enc_is_block_mode(td) ? PADDING_PKCS7 : PADDING_NONE;
+
+    for (; padding <= PADDING_ZEROS; padding++) {
+        dump_testcase_block(td, key, key_size, iv, iv_size, 0, padding);
+        dump_testcase_block(td, key, key_size, iv, iv_size, 5, padding);
+        dump_testcase_block(td, key, key_size, iv, iv_size, block_size - 1,
+                            padding);
+        dump_testcase_block(td, key, key_size, iv, iv_size, block_size,
+                            padding);
+        dump_testcase_block(td, key, key_size, iv, iv_size,
+                            block_size * 2 - 1, padding);
+        dump_testcase_block(td, key, key_size, iv, iv_size, block_size * 3,
+                            padding);
+    }
+
+    free(key);
+    if (iv) free(iv);
+
+    return;
+}
+
+void dump_testcase_block(MCRYPT td, unsigned char *key, int key_size,
+                         unsigned char *iv, int iv_size, int data_size,
+                         padding_t padding) {
+    int mc_ret;
+    int is_block, block_size, block_overlap, block_fill;
+    int i;
+    unsigned char *plaintext, *ciphertext;
+
+    mc_ret = mcrypt_generic_init(td, (void *)key, key_size, (void *)iv);
+    if (mc_ret < 0) {
+        mcrypt_perror(mc_ret);
+        return;
+    }
+
+    plaintext = gen_rand_data(data_size);
+    if (plaintext == NULL) {
+        return;
+    }
+
+    is_block = mcrypt_enc_is_block_mode(td);
+    if (is_block) {
+        block_size = mcrypt_enc_get_block_size(td);
+        block_overlap = data_size % block_size;
+        block_fill = block_size - block_overlap;
+        if (padding == PADDING_NONE) {
+            /* do nothing */
+        }
+        else if (padding == PADDING_PKCS7) {
+            if (block_fill == 0) {
+                /* ALWAYS add padding */
+                block_fill = block_size;
+            }
+            plaintext = (unsigned char *)realloc(plaintext,
+                                                 data_size + block_fill);
+            for (i = 0; i < block_fill; i++) {
+                plaintext[data_size+i] = block_fill;
+            }
+            data_size = data_size + block_fill;
+            if ((data_size % block_size) != 0) {
+                fprintf(stderr, "bad data size!\n");
+                exit(1);
+            }
+        }
+        else if (padding == PADDING_ZEROS) {
+            if (block_overlap != 0) {
+                plaintext = (unsigned char *)realloc(plaintext,
+                                                     data_size + block_fill);
+                for (i = 0; i < block_fill; i++) {
+                    plaintext[data_size+i] = '\0';
+                }
+                data_size = data_size + block_fill;
+            }
+        }
+        else {
+            fprintf(stderr, "bad error\n");
+            exit(1);
+        }
+    }
+
+    ciphertext = malloc(data_size);
+    if (ciphertext == NULL) {
+        fprintf(stderr, "Out of memory\n");
+        return;
+    }
+
+    memcpy( (void *)ciphertext, (void *)plaintext, data_size);
+
+    mc_ret = mcrypt_generic(td, ciphertext, data_size);
+    if (mc_ret == 0) {
+        char *enc_key, *enc_iv, *enc_pt, *enc_ct;
+        enc_key = dump_value( (void *)key, key_size );
+        enc_iv  = dump_value( (void *)iv, iv_size );
+        enc_pt  = dump_value( (void *)plaintext, data_size );
+        enc_ct  = dump_value( (void *)ciphertext, data_size );
+
+        printf("algo=%s,mode=%s,key=%s,iv=%s,padding=%s,pt=%s,ct=%s\n",
+               testing_algo, testing_mode, enc_key, enc_iv,
+               padding_name(padding), enc_pt, enc_ct);
+
+        free(enc_key);
+        free(enc_iv);
+        free(enc_pt);
+        free(enc_ct);
+    }
+
+    free(plaintext);
+    free(ciphertext);
+
+    mc_ret = mcrypt_generic_deinit(td);
+    if (mc_ret < 0) {
+        fprintf(stderr, "Error %d during deinit of %s in %s mode"
+                " (%d-byte key)\n", mc_ret, testing_algo, testing_mode, key_size);
+        return;
+    }
+}
+
+/*
+ * padding_name(padding)
+ *
+ * Returns the string name for the padding type.
+ *
+ */
+
+const char *padding_name(padding_t padding) {
+    switch(padding) {
+        case PADDING_NONE:  return "none";
+        case PADDING_PKCS7: return "pkcs";
+        case PADDING_ZEROS: return "zeros";
+        default:            fprintf(stderr, "Invalid padding type\n");
+                            exit(1);
+    }
+}
+
+
+/*
+ * list_key_sizes(td)
+ *
+ * Returns a pointer to an array of integer key sizes for the mcrypt
+ * handle.  This returns the actual list, as opposed to
+ * mcrypt_enc_get_supported_key_sizes which sometimes just returns a
+ * formula to create the list.
+ *
+ * The list is terminated with a zero.
+ *
+ */
+int *list_key_sizes(MCRYPT td) {
+    int *list;
+    int *key_sizes, n_key_sizes, i;
+
+    key_sizes = mcrypt_enc_get_supported_key_sizes(td, &n_key_sizes);
+
+    if (!key_sizes && !n_key_sizes) {
+        int max_size = mcrypt_enc_get_key_size(td);
+        list = malloc( (max_size + 1) * sizeof(int) );
+        if (!list) {
+            fprintf(stderr, "Out of memory\n");
+            return NULL;
+        }
+
+        for (i = 0; i < max_size; i++) {
+            list[i] = i;
+        }
+        list[max_size] = 0;
+    }
+    else {
+        list = malloc( (n_key_sizes + 1) * sizeof(int) );
+        if (!list) {
+            fprintf(stderr, "Out of memory\n");
+            return NULL;
+        }
+
+        for (i = 0; i < n_key_sizes; i++) {
+            list[i] = key_sizes[i];
+        }
+        list[n_key_sizes] = 0;
+        
+        free(key_sizes);
+    }
+
+    return list;
+}
+
+
+/*
+ * gen_rand_data(len)
+ *
+ * Returns a random key of byte length len. You need to free it when
+ * you're done with it.
+ *
+ * This isn't truly random but it doesn't have to be as it's just
+ * generating test cases.
+ *
+ */
+unsigned char *gen_rand_data(unsigned int len) {
+    unsigned char *key, *p;
+    unsigned int i;
+
+    p = key = malloc(len);
+    if (key == NULL) {
+        return NULL;
+    }
+
+    for (i = 0; i < len; i++) {
+        *p++ = (unsigned char)(255L * drand48());
+    }
+
+    return key;
+}
+
+
+/*
+ * dump_value(void *buffer, int len)
+ *
+ * Returns a string containing the buffer's contents encoded as
+ * two-character hexadecimal bytes separated by spaces.
+ *
+ * Free it when you're done.
+ *
+ */
+
+char *dump_value(void *buffer, int len) {
+    char *enc, *p;
+    unsigned char *buf;
+    int i;
+    const char hex_digits[] = { '0','1','2','3','4','5','6','7','8','9',
+                                'a','b','c','d','e','f' };
+
+    buf = (unsigned char *)buffer;
+
+    if (len == 0) {
+        return strdup("");
+    }
+
+    p = enc = malloc(len * 3);
+    if (enc == NULL) {
+        return NULL;
+    }
+
+    *p = '\0';
+
+    for(i = 0; i < len; i++) {
+        if (i != 0) {
+            (*p++) = ' ';
+        }
+        (*p++) = hex_digits[buf[i] >> 4];
+        (*p++) = hex_digits[buf[i] & 0xF];
+    }
+    (*p++) = '\0';
+
+    return enc;
+}
+