twofish 1.0.4 → 1.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.rdoc +0 -5
- data/lib/twofish.rb +4 -3
- data/lib/twofish/mode.rb +1 -1
- data/lib/twofish/padding.rb +11 -1
- data/test/test_twofish.rb +27 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a9160fa2fe6f0007b1e73557465ba662b23e3949
|
4
|
+
data.tar.gz: 7baca819819c90a0f0322966d56198fad0bc1cf5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: eec83be529fbc82970ec9d2c3ccbe19e156058d850f596237254c7dbefa18e5c478415c9d9351c6e0f8e0bc3bfa3f00f73bf617020c12e6fcc56f23f1bbb03ab
|
7
|
+
data.tar.gz: bd3f3529f3093bc3020a728775383dca129b5496f459b4d375aca6467959dd0654d6f4d375a4bd816ff0f04f7c6419942e8a4ef95252a8d778d59dc6458ec8c2
|
data/README.rdoc
CHANGED
@@ -112,11 +112,6 @@ Ruby >=1.9 introduces string encodings. The current workaround uses
|
|
112
112
|
#ord and #chr but this is not very satisfactory: it would be preferable
|
113
113
|
to move to byte arrays throughout.
|
114
114
|
|
115
|
-
The only padding mechanisms implemented are "none", zero byte, and
|
116
|
-
ISO 10126-2. PKCS#5/7 padding is not implemented. Zero byte padding
|
117
|
-
has a well-known failure mode: if the plaintext terminates in null bytes
|
118
|
-
then these may be erroneously removed when un-padding is performed.
|
119
|
-
|
120
115
|
Possible implementation-dependent timing attacks (Bignum promotion,
|
121
116
|
#pack(), ...).
|
122
117
|
|
data/lib/twofish.rb
CHANGED
@@ -301,7 +301,7 @@ class Twofish
|
|
301
301
|
# hash as follows:
|
302
302
|
# :mode => :ecb (default) or :cbc
|
303
303
|
# :iv => optional 16 byte initialization vector (randomly generated if not supplied)
|
304
|
-
# :padding => :none (default), :zero_byte or :
|
304
|
+
# :padding => :none (default), :zero_byte, :iso10126_2 or :pkcs7
|
305
305
|
def initialize(key_string, opts={})
|
306
306
|
|
307
307
|
self.mode = opts[:mode] # use setter for validation
|
@@ -456,7 +456,8 @@ class Twofish
|
|
456
456
|
|
457
457
|
# Set the padding scheme for the (CBC mode) cipher
|
458
458
|
# (Padding::NONE == :none, Padding::ZERO_BYTE ==
|
459
|
-
# :zero_byte, Padding::ISO10126_2 == :iso10126_2
|
459
|
+
# :zero_byte, Padding::ISO10126_2 == :iso10126_2,
|
460
|
+
# Padding::PKCS7 == :pkcs7).
|
460
461
|
def padding=(scheme)
|
461
462
|
@padding = Padding.validate(scheme)
|
462
463
|
end
|
@@ -1094,7 +1095,7 @@ private
|
|
1094
1095
|
|
1095
1096
|
end
|
1096
1097
|
|
1097
|
-
[
|
1098
|
+
[b >> 24, b >> 16 & 0xff, b >> 8 & 0xff, b & 0xff]
|
1098
1099
|
end
|
1099
1100
|
|
1100
1101
|
# Generates a random initialization vector of the given length.
|
data/lib/twofish/mode.rb
CHANGED
data/lib/twofish/padding.rb
CHANGED
@@ -20,8 +20,11 @@ class Twofish
|
|
20
20
|
# Use ISO 10126-2 padding.
|
21
21
|
ISO10126_2 = :iso10126_2
|
22
22
|
|
23
|
+
# Use PKCS7 byte padding.
|
24
|
+
PKCS7 = :pkcs7
|
25
|
+
|
23
26
|
# Array of all known paddings.
|
24
|
-
ALL = [
|
27
|
+
ALL = [NONE, ZERO_BYTE, ISO10126_2, PKCS7]
|
25
28
|
|
26
29
|
# Default padding (none).
|
27
30
|
DEFAULT = NONE
|
@@ -60,6 +63,9 @@ class Twofish
|
|
60
63
|
# The last byte specify the total pad byte size
|
61
64
|
bytes << number_of_pad_bytes
|
62
65
|
plaintext << bytes.pack("C*")
|
66
|
+
when PKCS7
|
67
|
+
padding_length = (block_size - remainder - 1) % block_size + 1
|
68
|
+
plaintext << [padding_length].pack('C*') * padding_length
|
63
69
|
end
|
64
70
|
end
|
65
71
|
|
@@ -79,6 +85,10 @@ class Twofish
|
|
79
85
|
when ISO10126_2
|
80
86
|
number_of_pad_bytes = plaintext.bytes.to_a[plaintext.length-1]
|
81
87
|
plaintext[0, (plaintext.length - number_of_pad_bytes)]
|
88
|
+
when PKCS7
|
89
|
+
# the padding length equals to the codepoint of the last char
|
90
|
+
padding_length = plaintext[-1..-1].unpack('C*')[0]
|
91
|
+
plaintext[0..(-1 * (padding_length + 1))]
|
82
92
|
end
|
83
93
|
end
|
84
94
|
end
|
data/test/test_twofish.rb
CHANGED
@@ -288,6 +288,17 @@ class TestPadding < TestBasics
|
|
288
288
|
assert_equal(:iso10126_2, tf.padding)
|
289
289
|
end
|
290
290
|
|
291
|
+
def test_cipher_pkcs7_padding
|
292
|
+
tf = Twofish.new(NULL_KEY_16_BYTES)
|
293
|
+
tf.padding = :pkcs7
|
294
|
+
assert_equal(:pkcs7, tf.padding)
|
295
|
+
end
|
296
|
+
|
297
|
+
def test_cipher_pkcs7_padding_constructor
|
298
|
+
tf = Twofish.new(NULL_KEY_16_BYTES, :padding => :pkcs7)
|
299
|
+
assert_equal(:pkcs7, tf.padding)
|
300
|
+
end
|
301
|
+
|
291
302
|
def test_cipher_unknown_padding
|
292
303
|
tf = Twofish.new(NULL_KEY_16_BYTES)
|
293
304
|
assert_raise ArgumentError do
|
@@ -335,7 +346,7 @@ class TestPadding < TestBasics
|
|
335
346
|
end
|
336
347
|
|
337
348
|
def test_unpad_iso10126_2
|
338
|
-
bytes = Array.new(10 - 1) {rand(256)}
|
349
|
+
bytes = Array.new(10 - 1) { rand(256) }
|
339
350
|
bytes << 10
|
340
351
|
assert_equal(TO_PAD, Twofish::Padding::unpad(TO_PAD+bytes.pack("C*"), BLOCK_SIZE, :iso10126_2))
|
341
352
|
end
|
@@ -348,4 +359,19 @@ class TestPadding < TestBasics
|
|
348
359
|
assert_equal(to_pad, Twofish::Padding::unpad(padded_text, BLOCK_SIZE, :iso10126_2))
|
349
360
|
end
|
350
361
|
|
362
|
+
def test_pad_unpad_pkcs7
|
363
|
+
# message containing BLOCK_SIZE bytes
|
364
|
+
m = 'abcdefghijklmnop'
|
365
|
+
(1..BLOCK_SIZE).each do |length|
|
366
|
+
# message containing length bytes (1 <= length <= BLOCK_SIZE)
|
367
|
+
to_pad = m[0..(length - 1)]
|
368
|
+
# pad
|
369
|
+
padded_text = Twofish::Padding::pad(to_pad, BLOCK_SIZE, :pkcs7)
|
370
|
+
padding_length = BLOCK_SIZE - (length % BLOCK_SIZE)
|
371
|
+
assert_equal(to_pad + (padding_length.chr * padding_length), padded_text)
|
372
|
+
# unpad
|
373
|
+
assert_equal(to_pad, Twofish::Padding::unpad(padded_text, BLOCK_SIZE, :pkcs7))
|
374
|
+
end
|
375
|
+
end
|
376
|
+
|
351
377
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: twofish
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Martin Carpenter
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2014-05-22 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Twofish symmetric cipher in pure Ruby with ECB and CBC cipher modes derived
|
14
14
|
from an original Perl implementation by Guido Flohr
|