纯Ruby实现的AES加解密算法

发布时间：2020-12-17 04:10:29 所属栏目：百科来源：网络整理

导读：今天PHP站长网 52php.cn把收集自互联网的代码分享给大家，仅供参考。 class Array def rot(offset=1) # rotate byte self[offset..-1]+self[0,offset] end def ^(otherArray) zip(otherArray).map { |pair| pair[0]^pair[

以下代码由PHP站长网 52php.cn收集自互联网

现在PHP站长网小编把它分享给大家，仅供参考

class Array
 def rot(offset=1)  # rotate byte
  self[offset..-1]+self[0,offset]
 end

 def ^(otherArray)
  zip(otherArray).map { |pair| pair[0]^pair[1] }
 end
end

class Fixnum
 def xtime    # GF(2^8) mulitiplication by x
  t=(self<<1) & 0xFF
  t^=0x1B if self[7]==1
  t
 end

 def fm(v)    # GF(2^8) mulitiplication
  r=0
  xm=self
  0.upto(7) {|b| r^=xm if v[b]==1; xm=xm.xtime; }
  r
 end
end
  
  
class Rijndael
 S=[
  0x63,0x7c,0x77,0x7b,0xf2,0x6b,0x6f,0xc5,0x30,0x01,0x67,0x2b,0xfe,0xd7,0xab,0x76,0xca,0x82,0xc9,0x7d,0xfa,0x59,0x47,0xf0,0xad,0xd4,0xa2,0xaf,0x9c,0xa4,0x72,0xc0,0xb7,0xfd,0x93,0x26,0x36,0x3f,0xf7,0xcc,0x34,0xa5,0xe5,0xf1,0x71,0xd8,0x31,0x15,0x04,0xc7,0x23,0xc3,0x18,0x96,0x05,0x9a,0x07,0x12,0x80,0xe2,0xeb,0x27,0xb2,0x75,0x09,0x83,0x2c,0x1a,0x1b,0x6e,0x5a,0xa0,0x52,0x3b,0xd6,0xb3,0x29,0xe3,0x2f,0x84,0x53,0xd1,0x00,0xed,0x20,0xfc,0xb1,0x5b,0x6a,0xcb,0xbe,0x39,0x4a,0x4c,0x58,0xcf,0xd0,0xef,0xaa,0xfb,0x43,0x4d,0x33,0x85,0x45,0xf9,0x02,0x7f,0x50,0x3c,0x9f,0xa8,0x51,0xa3,0x40,0x8f,0x92,0x9d,0x38,0xf5,0xbc,0xb6,0xda,0x21,0x10,0xff,0xf3,0xd2,0xcd,0x0c,0x13,0xec,0x5f,0x97,0x44,0x17,0xc4,0xa7,0x7e,0x3d,0x64,0x5d,0x19,0x73,0x60,0x81,0x4f,0xdc,0x22,0x2a,0x90,0x88,0x46,0xee,0xb8,0x14,0xde,0x5e,0x0b,0xdb,0xe0,0x32,0x3a,0x0a,0x49,0x06,0x24,0x5c,0xc2,0xd3,0xac,0x62,0x91,0x95,0xe4,0x79,0xe7,0xc8,0x37,0x6d,0x8d,0xd5,0x4e,0xa9,0x6c,0x56,0xf4,0xea,0x65,0x7a,0xae,0x08,0xba,0x78,0x25,0x2e,0x1c,0xa6,0xb4,0xc6,0xe8,0xdd,0x74,0x1f,0x4b,0xbd,0x8b,0x8a,0x70,0x3e,0xb5,0x66,0x48,0x03,0xf6,0x0e,0x61,0x35,0x57,0xb9,0x86,0xc1,0x1d,0x9e,0xe1,0xf8,0x98,0x11,0x69,0xd9,0x8e,0x94,0x9b,0x1e,0x87,0xe9,0xce,0x55,0x28,0xdf,0x8c,0xa1,0x89,0x0d,0xbf,0xe6,0x42,0x68,0x41,0x99,0x2d,0x0f,0xb0,0x54,0xbb,0x16
 ]

 I_S=[
  0x52,0x16,0x63,0x7d
 ]
 
 I_MixColPloy=[0xE,0xB,0xD,0x9]
 T=S.map {|byte| [byte,byte,byte.fm(3),byte.fm(2)]} 
 I_T=I_S.map {|byte| [byte.fm(0x9),byte.fm(0xD),byte.fm(0xB),byte.fm(0xE)]}

 Rcon=[[0x8d,0]]    # 8d.xtime=01
 1.upto(13) {|j| Rcon[j]=[Rcon[j-1][0].xtime,0]}

 def initialize(nb=4)
  raise "Illegal value for Nb." unless [4,6,8].include?(nb) 
  @nb=nb
 end

 def load_ek(key)    # load encrypt key
  @ek=keyExpansion(key)
 end

 def load_dk(key)    # load decrypt key
  @dk=keyExpansion(key)
  @dk[@nb..-5].each {|word| word[0..3]=invMixColumn(word)}
 end

 def invMixColumn(word)
  (0..3).map {|i|
   I_MixColPloy.zip(word.rot(i)).map{|pair| pair[0].fm(pair[1])}.inject{|a,b| a^b}
  }
 end

 def keyExpansion(key)
  # key is byte array
  nk=[4,8].find {|i| i*4==key.size} or raise "Illegal key length."
  nr=[@nb,nk].max+6
  w=[]
  (0..nk-1).each {|i| w[i]=key[4*i,4] }
  ([email?protected]*(nr+1)-1).each { |i|
   temp=w[i-1]
   if i%nk==0
    temp = temp.rot.map{|byte| S[byte]} ^ Rcon[i/nk]
   elsif nk>6 && i%nk==4
    temp = temp.map{|byte| S[byte]}
   end
   w[i]=w[i-nk]^temp
  }
  w
 end

 def invKeyExpansion(key)
  w=keyExpansion(key)
  w[1,-1].each {|word| invMixColumn(word)}
  w
 end

 def cipher(plaintext)
  raise "Invalid length of input data." if [email?protected]*4
  a=([email?protected]).map {|j| plaintext[j*4,4]}  # map plaintext onto state
  [email?protected]/4-1
  a^[email?protected][0,4]         # add round key
  1.upto(nr) { |round|
   [email?protected][round*4,4]
   e=[]
   0.upto(3) { |j|
    if round!=nr
     e[j]= T[a[j][0]].rot(3) ^ T[a[(j+1)%4][1]].rot(2) ^ T[a[(j+2)%4][2]].rot(1) ^ T[a[(j+3)%4][3]]
    else
     e[j]= [ S[a[j][0]],S[a[(j+1)%4][1]],S[a[(j+2)%4][2]],S[a[(j+3)%4][3]] ]
    end
   }
   a=e^k
  }
  a.flatten
 end

 def i_cipher(ciphertext)
  raise "Invalid length of input data." if [email?protected]*4
  a=([email?protected]).map {|j| ciphertext[j*4,4]}  # map ciphertext onto state
  [email?protected]/4-1
  [email?protected][nr*4,4]
  a^=k         # add round key
  (nr-1).downto(0) { |round|
   [email?protected][round*4,4]
   e=[]
   0.upto(3) { |j|
    if round!=0
     e[j]= I_T[a[j][0]].rot(3) ^ I_T[a[(j-1)%4][1]].rot(2) ^ I_T[a[(j-2)%4][2]].rot(1) ^ I_T[a[(j-3)%4][3]]
    else
     e[j]= [ I_S[a[j][0]],I_S[a[(j-1)%4][1]],I_S[a[(j-2)%4][2]],I_S[a[(j-3)%4][3]] ]
    end
   }
   a=e^k
  }
  a.flatten
 end
end

AES=Rijndael.new(4)   # Nb in AES is 4

# Example Vectors (FIPS-197 Appendix C)

plaintext=[0x00,0xff]
key=[0x00,0x0f]
AES.load_ek key
AES.load_dk key
ciphertext = AES.cipher plaintext
output = AES.i_cipher ciphertext
output==plaintext
key=[0x00,0x17] 
AES.load_ek key
AES.load_dk key
ciphertext = AES.cipher plaintext
output = AES.i_cipher ciphertext
output==plaintext
key=[0x00,0x1f]
AES.load_ek key
AES.load_dk key
ciphertext = AES.cipher plaintext
output = AES.i_cipher ciphertext
output==plaintext

以上内容由PHP站长网【52php.cn】收集整理供大家参考研究

如果以上内容对您有帮助，欢迎收藏、点赞、推荐、分享。

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!