├── README.md
└── resty
    └── ecb_mcrypt.lua


/README.md:
--------------------------------------------------------------------------------
 1 | 
 2 | some phper maybe find that the libraries in nginx-lua is not enough,
 3 | like aes mcrypt with ECB mode,
 4 | so  I create this.
 5 | 
 6 | like encrypt with PHP:
 7 | ```php
 8 | mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key,$text, MCRYPT_MODE_ECB );
 9 | ```
10 | 
11 | encrypt with lua:
12 | ```lua
13 | local data      =   'wait to be encrypted'
14 | local key       =   '01234567890123456' --length is 16
15 | local mc_ecb    = require("resty.ecb_mcrypt")
16 | local ecb       = mc_ecb:new();
17 | local enc_data  = ecb:encrypt(key,data );
18 | ngx.print(enc_data)
19 | --  you must use 'ngx.print' rather then 'ngx.say'
20 | -- while 'ngx.say' will append a '\n'  at the end of string
21 | ```
22 | 
23 | mean while,you will need to install libmcrypt,
24 | because the lua-aes will load  the libmcrypt with FFI,
25 | try to install libmcrypt
26 | ```
27 | yum install libmcrypt libmcrypt-devel
28 | ```
29 | 


--------------------------------------------------------------------------------
/resty/ecb_mcrypt.lua:
--------------------------------------------------------------------------------
  1 | --[[
  2 | 	12:24 2015/9/30	  lilien
  3 | 
  4 | ]]
  5 | local ffi = require 'ffi'
  6 | local ffi_new = ffi.new
  7 | local ffi_str = ffi.string
  8 | local ffi_copy = ffi.copy
  9 | local setmetatable = setmetatable
 10 | local _M = { }
 11 | local mt = { __index = _M }
 12 | 
 13 |  ffi.cdef[[
 14 | struct CRYPT_STREAM;
 15 | typedef struct CRYPT_STREAM *MCRYPT;
 16 | 
 17 | MCRYPT mcrypt_module_open(char *algorithm,
 18 |                           char *a_directory, char *mode,
 19 |                           char *m_directory);
 20 | 
 21 | int mcrypt_generic_init(const MCRYPT td, void *key, int lenofkey,
 22 |                         void *IV);
 23 | void free(void *ptr);
 24 | void mcrypt_free(void *ptr);
 25 | 
 26 | int mcrypt_enc_get_key_size(const MCRYPT td);
 27 | int mcrypt_enc_get_supported_key_sizes(const MCRYPT td, int* len);
 28 | 
 29 | int mcrypt_generic_deinit(const MCRYPT td);
 30 | int mcrypt_generic_end(const MCRYPT td);
 31 | int mdecrypt_generic(MCRYPT td, void *plaintext, int len);
 32 | int mcrypt_generic(MCRYPT td, void *plaintext, int len);
 33 | int mcrypt_module_close(MCRYPT td);
 34 | int mcrypt_enc_mode_has_iv(MCRYPT td);
 35 | int mcrypt_enc_get_iv_size(MCRYPT td);
 36 | int mcrypt_enc_is_block_mode(MCRYPT td);
 37 | int mcrypt_enc_get_block_size(MCRYPT td);
 38 | ]]
 39 | 
 40 | local mcrypt = ffi.load('libmcrypt.so.4')
 41 | 
 42 | _M.new = function (self)
 43 |     local cipher = 'rijndael-128'
 44 |     local mode = 'ecb'
 45 | 
 46 |     local c_cipher 	=	ffi_new("char[?]",#cipher+1, cipher)
 47 |     local c_mode 	=	ffi_new("char[4]", mode)
 48 | 
 49 |     local td = mcrypt.mcrypt_module_open(c_cipher, nil, c_mode, nil)
 50 |     return setmetatable( { _td = td }, mt )
 51 | end
 52 | 
 53 | 
 54 | _M.pass = function (self, key, raw,enc_or_dec)
 55 | 
 56 | 		local dencrypt	= enc_or_dec
 57 |     local iv_len = 8
 58 |     local cipher = 'rijndael-128'
 59 |     local mode = 'ecb'
 60 | 
 61 |     local c_cipher 	=	ffi_new("char[?]",#cipher+1, cipher)
 62 |     local c_mode 	=	ffi_new("char[4]", mode)
 63 | 		local td = mcrypt.mcrypt_module_open(c_cipher, nil, c_mode, nil)
 64 | 
 65 | 		if  td ==0  then
 66 | 			ngx.log(ngx.ERR , "mcrypt_module_open failed")
 67 | 			return nil
 68 | 		end
 69 | 
 70 |     local iv_key =	"1234567890123456";
 71 | 		local key_len=  #key;
 72 | 		local data_len=  #raw;
 73 | 
 74 | 		local block_size, max_key_length, use_key_length, i, count, iv_size;
 75 | 		--/* Checking for key-length */
 76 | 		max_key_length = mcrypt.mcrypt_enc_get_key_size(td);
 77 | 		if  key_len > max_key_length  then
 78 | 			ngx.log(ngx.ERR , "Size of key is too large for this algorithm key_len:",key_len,",max_key:",max_key_length)
 79 | 			return nil
 80 | 		end
 81 | 
 82 | 		count 	=	ffi_new("int[1]")
 83 | 		local key_size_tmp = mcrypt.mcrypt_enc_get_supported_key_sizes(td, count);
 84 | 		local key_length_sizes = ffi.cast("int *",key_size_tmp)
 85 | 
 86 | 		local key_s	=	nil;
 87 | 
 88 | 		if count[0] == 0 and key_length_sizes == nil then --/* all lengths 1 - k_l_s = OK */
 89 | 			use_key_length = key_len;
 90 | 			key_s = ffi_new("unsigned char[?]",use_key_length,key)
 91 | 		end
 92 | 
 93 | 	if  count[0] == 1 then
 94 | 		key_s = ffi_new("char[?]",key_length_sizes[0])
 95 | 		ffi.fill(key_s ,use_key_length,0);
 96 | 		ffi.copy(key_s, key, math.min(key_len, key_length_sizes[0]));
 97 | 		use_key_length = key_length_sizes[0];
 98 | 	 else
 99 | 		use_key_length = max_key_length;
100 | 
101 | 		for i=0,count[0]-1 do
102 | 			if  key_length_sizes[i] >= key_len and	key_length_sizes[i] < use_key_length then
103 | 				use_key_length = key_length_sizes[i];
104 | 			end
105 | 		end
106 | 		key_s = ffi_new("char[?]",use_key_length)
107 | 
108 | 		ffi.copy(key_s ,key, math.min(key_len,use_key_length));
109 | 	end
110 | 
111 | 
112 | 
113 | 	if key_length_sizes~=nil then
114 | 		mcrypt.mcrypt_free(key_length_sizes);
115 | 	end
116 | 
117 | 	local iv_s = nil;
118 | 	local  iv_size = mcrypt.mcrypt_enc_get_iv_size (td);
119 | 
120 | 	local has_iv = mcrypt.mcrypt_enc_mode_has_iv(td) ;
121 | 
122 | 
123 | 	local data_size	=	0;
124 | 	local block = mcrypt.mcrypt_enc_is_block_mode(td);
125 | 	if  block == 1 then
126 | 		block_size =	mcrypt.mcrypt_enc_get_block_size(td);
127 | 		data_size = math.floor(((data_len - 1) / block_size) + 1) * block_size;
128 | 
129 | 	else
130 | 		data_size = data_len;
131 | 	end
132 | 
133 | 
134 | 	local data_s = ffi_new("char[?]",data_size)
135 | 	ffi.fill(data_s ,data_size,0);
136 | 	ffi.copy(data_s ,raw ,data_len);
137 | 
138 | 	local ini_ret = mcrypt.mcrypt_generic_init(td, key_s, use_key_length, c_iv)
139 | 	if ini_ret < 0 then
140 | 		ngx.log(ngx.ERR , "Mcrypt initialisation failed");
141 | 		ngx.say(  ini_ret,"ini_ret initialisation failed");
142 | 		return nil
143 | 	end
144 | 
145 |  
146 | 
147 | 	if  dencrypt == 1 then
148 | 		mcrypt.mcrypt_generic(td, data_s, data_size);
149 | 	else
150 | 		mcrypt.mdecrypt_generic(td, data_s, data_size);
151 | 	end
152 | 
153 | 	local ret_str = ffi_str(data_s,data_size);
154 | 
155 | 	mcrypt.mcrypt_generic_end(td);
156 | 
157 | 
158 | 	return ret_str
159 | end
160 | 
161 | _M.encrypt = function (self, key, raw)
162 | 	return _M.pass(self, key, raw,1);
163 | end
164 | 
165 | _M.decrypt = function(self, key, raw)
166 | 	return _M.pass(self, key, raw,0);
167 | end
168 | 
169 | _M.close = function(self)
170 |     local td = self._td
171 |     if td then
172 |         mcrypt.mcrypt_module_close(td)
173 |      end
174 | end
175 | 
176 | return _M
177 | 


--------------------------------------------------------------------------------