This is an implementation of AES (Rijndael) for Ruby. It is
implemented in "C" for speed. It is basically a port of my twofish-py
Python module, using Rijndael rather than TwoFish, but I removed
everything except ECB and CFB-128 encryption modes. This AES routine
should be considerably faster than the demo code that someone
whipped up in Ruby. 

To compile, do 'ruby extconf.rb' then 'make' and 'make install'.

See the file 'aes-example.rb' for an example of how to use. 

See the file CHANGES for changes since last release.

Run program "aes-test.rb" while in the same directory as test vectors
file "aes-ecb-tbl.txt" to test whether it complies with the AES
standard for ECB mode. Note that aes-ecb-tbl.txt is derived from the
AES test vectors files (mostly cut and paste and slight rearrangement
where needed to keep the test program from burping), but is not the
same as any single file in the "real" AES test vectors zip
archive. Proper operation can be verified by putting a bogus test
value somewhere (e.g., changing one of the plain text or cryptotext or
key values in a copy of one of the entries).

I will be testing CFB-128 mode shortly, as soon as I can dig up the
test vectors from the "Modes of Operation" document. 

Note that for CFB-128 mode, you must use the same salt to decrypt that
you used to encrypt, and that you must NEVER encrypt two messages with
the same salt and key (otherwise it is the same as encrypting two
different messages with the same one-time-pad -- if the attacker knows
the contents of the second message, he can use that info to decrypt
the first message). In reality, the easiest way to mostly guarantee
this is to use a random 128-bit salt value for each session. (perhaps
read 16 bytes from /dev/urandom on Linux or FreeBSD). See
file 'modexp.rb' for a random number generator (once you've done
a 'require' on this, '16.random' will give you a 16-byte random number).

My eventual goal is a version of drb (Distributed Ruby) that I call
edrb (Encrypted Distributed Ruby) that encrypts the session. I will
write the key manager shortly, that's why I wrote a modular
exponentiation function in modexp.rb (so that I could do
Diffie-Hellman, the simplest key exchange mechanism). I could use
OpenSSL, but OpenSSL is a big chunk of real estate. All Diffie-Hellman
needs is a modexp function and a random number generator, it doesn't
need all those primality tests. I tried doing the primality tests in
Ruby, but they were excrutiatingly slow.

Anyhow, that's it for now. Hopefully I'll have real documentation soon.
BTW, this took a whole 4 hours to convert over from Python, and another
2 hours of debugging to make it work right... enjoy!

-Eric Lee Green <eric@badtux.org>
