Your README severely understates the severity of the insecurity of this code. Chosen plaintext attacks against ECB mode can completely recover encrypted data:
Furthermore this gem (poorly) duplicates functionality that's already present in Ruby's OpenSSL library. You've created your own nonstandard padding mode which provides no interoperability with other crypto libraries.
There are no practical applications of this gem that aren't better serviced by OpenSSL and it's extremely easy to use in an insecure manner. Please retire it.
I'm not a Ruby user, but I found the C code useful for other stuff we are doing related to MongoDB.
I agree EBC should never be used on a professional setting, it's simply too vulnerable.
So, for the author of this gem, if you want, here you are: https://github.com/Convey-Compliance/mongo-c-driver/blob/master/src/ZLib_AES_Filter.c ( see method Zlib_AES_PreProcessChunk() and Zlib_AES_PostProcessChunk() on how to decrypt using CBC )
The link shows how I wrote the piece to do CBC, it's VERY simple and there's no reason not to use it on any serious encryption routine.
I'm not claiming the code I shared can't be optimized, but rather just to show the mechanics of CBC are not complicated and make AES encrypted streams of data much more difficult to crack.
You need to be careful with CBC as well. CBC does not provide authenticated encryption and is therefore vulnerable to things like a padding oracle attack.
I am 👍 on what @tarcieri said. The gem is extremely dangerous (although so is OpenSSL::Cipher) however there are other gems which take a dependency on fast-aes. A good first step would be to expand the warning in the README by moving it to the top.
Thanks all. I have updated the README to recommend other options, and I have also added an annoying message when you do FastAES.new that tells people to switch to other gems.
The fast-aes gem is insecure and not recommended. Please switch over to Ruby OpenSSL.