Class: CMAC

Inherits:

Object

• Object
• CMAC

Defined in:

lib/cmac.rb,
lib/cmac/version.rb

Constant Summary

Exception =

Class.new(StandardError)

ZeroBlock =

"\0" * 16

ConstantBlock =

("\0" * 15) + "\x87"

VERSION =

'0.3.0'

Instance Method Summary

• #_derive_key(key) ⇒ Object
• #_encrypt_block(key, block) ⇒ Object
• #_generate_subkeys(key) ⇒ Object
• #_leftshift(input) ⇒ Object
• #_needs_padding?(message) ⇒ Boolean
• #_next_key(key) ⇒ Object
• #_pad_message(message) ⇒ Object
• #_secure_compare?(a, b) ⇒ Boolean
• #_xor(a, b) ⇒ Object
• #initialize(key) ⇒ CMAC constructor

  A new instance of CMAC.

• #inspect ⇒ Object
• #sign(message, truncate = 16) ⇒ Object (also: #encrypt)
• #valid_message?(tag, message) ⇒ Boolean

Constructor Details

#initialize(key) ⇒ CMAC

Returns a new instance of CMAC.

# File 'lib/cmac.rb', line 10

def initialize(key)
  @key = _derive_key(key.b)
  @key1, @key2 = _generate_subkeys(@key)
end

Instance Method Details

#_derive_key(key) ⇒ Object

# File 'lib/cmac.rb', line 54

def _derive_key(key)
  if key.length == 16
    key
  else
    cmac = CMAC.new(ZeroBlock)
    cmac.encrypt(key)
  end
end

#_encrypt_block(key, block) ⇒ Object

# File 'lib/cmac.rb', line 63

def _encrypt_block(key, block)
  cipher = OpenSSL::Cipher.new('AES-128-ECB')
  cipher.encrypt
  cipher.padding = 0
  cipher.key = key
  cipher.update(block) + cipher.final
end

#_generate_subkeys(key) ⇒ Object

# File 'lib/cmac.rb', line 71

def _generate_subkeys(key)
  key0 = _encrypt_block(key, ZeroBlock)
  key1 = _next_key(key0)
  key2 = _next_key(key1)
  [key1, key2]
end

#_leftshift(input) ⇒ Object

# File 'lib/cmac.rb', line 90

def _leftshift(input)
  overflow = 0
  words = input.unpack('N4').reverse
  words = words.map do |word|
    new_word = (word << 1) & 0xFFFFFFFF
    new_word |= overflow
    overflow = (word & 0x80000000) >= 0x80000000 ? 1 : 0
    new_word
  end
  words.reverse.pack('N4')
end

#_needs_padding?(message) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/cmac.rb', line 78

def _needs_padding?(message)
  message.length == 0 || message.length % 16 != 0
end

#_next_key(key) ⇒ Object

# File 'lib/cmac.rb', line 82

def _next_key(key)
  if key[0].ord < 0x80
    _leftshift(key)
  else
    _xor(_leftshift(key), ConstantBlock)
  end
end

#_pad_message(message) ⇒ Object

# File 'lib/cmac.rb', line 102

def _pad_message(message)
  padded_length = message.length + 16 - (message.length % 16)
  message = message + "\x80".b
  message.ljust(padded_length, "\0")
end

#_secure_compare?(a, b) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/cmac.rb', line 108

def _secure_compare?(a, b)
  return false unless a.bytesize == b.bytesize

  bytes = a.unpack("C#{a.bytesize}")

  result = 0
  b.each_byte do |byte|
    result |= byte ^ bytes.shift
  end
  result == 0
end

#_xor(a, b) ⇒ Object

# File 'lib/cmac.rb', line 120

def _xor(a, b)
  a = a.b
  b = b.b

  output = ''
  length = [a.length, b.length].min
  length.times do |i|
    output << (a[i].ord ^ b[i].ord).chr
  end
  output
end

#inspect ⇒ Object

# File 'lib/cmac.rb', line 15

def inspect
  "#<CMAC:0x#{object_id.to_s(16)}>"
end

#sign(message, truncate = 16) ⇒ Object Also known as: encrypt

Raises:

• (CMAC::Exception)

# File 'lib/cmac.rb', line 19

def sign(message, truncate = 16)
  raise CMAC::Exception.new('Tag cannot be greater than maximum (16 bytes)') if truncate > 16
  raise CMAC::Exception.new('Tag cannot be less than minimum (8 bytes)') if truncate < 8

  message = message.b

  if _needs_padding?(message)
    message = _pad_message(message)
    final_block = @key2
  else
    final_block = @key1
  end

  last_ciphertext = ZeroBlock
  count = message.length / 16
  range = Range.new(0, count - 1)
  blocks = range.map { |i| message.slice(16 * i, 16) }
  blocks.each_with_index do |block, i|
    if i == range.last
      block = _xor(final_block, block)
    end

    block = _xor(block, last_ciphertext)
    last_ciphertext = _encrypt_block(@key, block)
  end

  last_ciphertext.slice(0, truncate)
end

#valid_message?(tag, message) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/cmac.rb', line 49

def valid_message?(tag, message)
  other_tag = sign(message)
  _secure_compare?(tag, other_tag)
end