Skip to content

Latest commit

 

History

History
1803 lines (1606 loc) · 80.2 KB

encryptjanet.org

File metadata and controls

1803 lines (1606 loc) · 80.2 KB

SHA-256

Plain text input

(use botan)
(print (hex-encode (:final (:update (hash/new "SHA-256") TEXT))))

Plain 2 text input

(use botan)
(let [hash (hash/new "SHA-256")]
  (:update hash TEXT1)
  (:update hash TEXT2)
  (print (hex-encode (:final hash))))

Plain text and Hex input

(use botan)
(let [hash (hash/new "SHA-256")]
  (:update hash TEXT)
  (:update hash (hex-decode HEX))
  (print (hex-encode (:final hash))))

Hex input

(use botan)
(print (hex-encode (:final (:update (hash/new "SHA-256") (hex-decode INPUT)))))

Hex 2 input

(use botan)
(let [hash (hash/new "SHA-256")]
  (:update hash (hex-decode HEX1))
  (:update hash (hex-decode HEX2))
  (print (hex-encode (:final hash))))

Plain text repeat

(use botan)
(let [hash (hash/new "SHA-256")]
  (for i 0 REPEAT_COUNT (:update hash TEXT))
  (print (hex-encode (:final hash))))

Hex repeat

(use botan)
(let [hash (hash/new "SHA-256")]
  (for i 0 REPEAT_COUNT (:update hash (hex-decode INPUT)))
  (print (hex-encode (:final hash))))

MAC

HMAC-256 hex input

(use botan)
(let [hmac (mac/new "HMAC(SHA-256)")]
  (:update (:set-key hmac (hex-decode KEY)) (hex-decode MSG))
  (print (hex-encode (:final hmac))))

HMAC-256 text input

(use botan)
(let [hmac (mac/new "HMAC(SHA-256)")]
  (:update (:set-key hmac KEY) MSG)
  (print (hex-encode (:final hmac))))

HMAC-512 hex input

(use botan)
(let [hmac (mac/new "HMAC(SHA-512)")]
  (:update (:set-key hmac (hex-decode KEY)) (hex-decode MSG))
  (print (hex-encode (:final hmac))))

HMAC-512 text input

(use botan)
(let [mac (mac/new "HMAC(SHA-512)")]
  (:update (:set-key mac KEY) MSG)
  (print (hex-encode (:final mac))))

AES-128 CMAC

(use botan)
(let [mac (mac/new "CMAC(AES-128)")]
  (:update (:set-key mac (hex-decode KEY)) (hex-decode DATA))
  (print "TAG: " (hex-encode (:final mac))))

AES-128 GMAC

(use botan)
(let [mac (mac/new "GMAC(AES-128)")]
  (:set-key mac (hex-decode KEY))
  (:set-nonce mac (hex-decode NONCE))
  (:update mac (hex-decode DATA))
  (print "TAG: " (hex-encode (:final mac))))

AES-192 GMAC

(use botan)
(let [mac (mac/new "GMAC(AES-192)")]
  (:set-key mac (hex-decode KEY))
  (:set-nonce mac (hex-decode NONCE))
  (:update mac (hex-decode DATA))
  (print "TAG: " (hex-encode (:final mac))))

AES-256 GMAC

(use botan)
(let [mac (mac/new "GMAC(AES-256)")]
  (:set-key mac (hex-decode KEY))
  (:set-nonce mac (hex-decode NONCE))
  (:update mac (hex-decode DATA))
  (print "TAG: " (hex-encode (:final mac))))

ARIA-128 GMAC

(use botan)
(let [mac (mac/new "GMAC(ARIA-128)")]
  (:set-key mac (hex-decode KEY))
  (:set-nonce mac (hex-decode NONCE))
  (:update mac (hex-decode DATA))
  (print "TAG: " (hex-encode (:final mac))))

ARIA-192 GMAC

(use botan)
(let [mac (mac/new "GMAC(ARIA-192)")]
  (:set-key mac (hex-decode KEY))
  (:set-nonce mac (hex-decode NONCE))
  (:update mac (hex-decode DATA))
  (print "TAG: " (hex-encode (:final mac))))

ARIA-256 GMAC

(use botan)
(let [mac (mac/new "GMAC(ARIA-256)")]
  (:set-key mac (hex-decode KEY))
  (:set-nonce mac (hex-decode NONCE))
  (:update mac (hex-decode DATA))
  (print "TAG: " (hex-encode (:final mac))))

AES

AES-128

Encrypt

(use botan)
(let [bc (block-cipher/new "AES-128")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:encrypt bc (hex-decode TEXT)))))

Decrypt

(use botan)
(let [bc (block-cipher/new "AES-128")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:decrypt bc (hex-decode ENCRYPTED)))))

AES-192

Encrypt

(use botan)
(let [bc (block-cipher/new "AES-192")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:encrypt bc (hex-decode TEXT)))))

Decrypt

(use botan)
(let [bc (block-cipher/new "AES-192")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:decrypt bc (hex-decode ENCRYPTED)))))

AES-256

Encrypt

(use botan)
(let [bc (block-cipher/new "AES-256")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:encrypt bc (hex-decode TEXT)))))

Decrypt

(use botan)
(let [sc (cipher/new "AES-192/GCM" :decrypt)]
  (:set-key sc (hex-decode KEY))
  (:set-associated-data sc (hex-decode AAD))
  (:start sc (hex-decode IV))
  (print (hex-encode (:finish sc (hex-decode (string ENCRYPTED INPUT_TAG))))))

Decrypt

(use botan)
(let [sc (cipher/new "AES-256/GCM" :decrypt)]
  (:set-key sc (hex-decode KEY))
  (:set-associated-data sc (hex-decode AAD))
  (:start sc (hex-decode IV))
  (print (hex-encode (:finish sc (hex-decode (string ENCRYPTED INPUT_TAG))))))

Decrypt to text string

(use botan)
(let [sc (cipher/new "AES-256/GCM" :decrypt)]
  (:set-key sc (hex-decode KEY))
  (:set-associated-data sc (hex-decode AAD))
  (:start sc (hex-decode IV))
  (print (:finish sc (hex-decode (string ENCRYPTED INPUT_TAG)))))

NIST AES key wrapper (RFC3394)

Wrap

(use botan)
(print (hex-encode (nist-key-wrap (hex-decode KEK) (hex-decode KEY))))

ARIA

ARIA-128

Encrypt

(use botan)
(let [bc (block-cipher/new "ARIA-128")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:encrypt bc (hex-decode TEXT)))))

Decrypt

(use botan)
(let [bc (block-cipher/new "ARIA-128")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:decrypt bc (hex-decode ENCRYPTED)))))

ARIA-192

Encrypt

(use botan)
(let [bc (block-cipher/new "ARIA-192")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:encrypt bc (hex-decode TEXT)))))

Decrypt

(use botan)
(let [bc (block-cipher/new "ARIA-192")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:decrypt bc (hex-decode ENCRYPTED)))))

ARIA-256

Encrypt

(use botan)
(let [bc (block-cipher/new "ARIA-256")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:encrypt bc (hex-decode TEXT)))))

Decrypt

(use botan)
(let [sc (cipher/new "ARIA-192/GCM" :decrypt)]
  (:set-key sc (hex-decode KEY))
  (:set-associated-data sc (hex-decode AAD))
  (:start sc (hex-decode IV))
  (print (hex-encode (:finish sc (hex-decode (string ENCRYPTED INPUT_TAG))))))

Decrypt

(use botan)
(let [sc (cipher/new "ARIA-256/GCM" :decrypt)]
  (:set-key sc (hex-decode KEY))
  (:set-associated-data sc (hex-decode AAD))
  (:start sc (hex-decode IV))
  (print (hex-encode (:finish sc (hex-decode (string ENCRYPTED INPUT_TAG))))))

Decrypt to text string

(use botan)
(let [sc (cipher/new "ARIA-256/GCM" :decrypt)]
  (:set-key sc (hex-decode KEY))
  (:set-associated-data sc (hex-decode AAD))
  (:start sc (hex-decode IV))
  (print (:finish sc (hex-decode (string ENCRYPTED INPUT_TAG)))))

DES

DES

Encrypt

(use botan)
(let [bc (block-cipher/new "DES")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:encrypt bc (hex-decode TEXT)))))

Decrypt

(use botan)
(let [bc (block-cipher/new "DES")]
  (:set-key bc (hex-decode KEY))
  (print (hex-encode (:decrypt bc (hex-decode ENCRYPTED)))))

DES-CBC NoPadding

Encrypt

(use botan)
(let [sc (cipher/new "DES/CBC/NoPadding" :encrypt)]
  (:set-key sc (hex-decode KEY))
  (:start sc (hex-decode IV))
  (print (hex-encode (:finish sc (hex-decode TEXT)))))

ECDH

Random key - Create sessionkey

(use botan)
(let [prikey1 (privkey/new "ECDH" "secp256r1")
      prikey2 (privkey/new "ECDH" "secp256r1")
      pubkey1 (:get-pubkey prikey1)
      pubkey2 (:get-pubkey prikey2)
      prikey1-val (:to-bin (:get-field prikey1 "x"))
      prikey2-val (:to-bin (:get-field prikey2 "x"))
      pubkey1-val (:get-public-point pubkey1)
      pubkey2-val (:get-public-point pubkey2)
      pk-ka1 (pk-key-agreement/new prikey1 "KDF2(SHA-256)")
      pk-ka2 (pk-key-agreement/new prikey2 "KDF2(SHA-256)")
      salt (:get (rng/new) 64)
      agreekey1 (:agree pk-ka1 pubkey2-val salt)
      agreekey2 (:agree pk-ka2 pubkey1-val salt)
     ]
  (print "prikeyA: " (hex-encode prikey1-val))
  (print "prikeyB: " (hex-encode prikey2-val))
  (print "pubkeyA: " (hex-encode pubkey1-val))
  (print "pubkeyB: " (hex-encode pubkey2-val))
  (print "agreekeyA: " (hex-encode agreekey1))
  (print "agreekeyB: " (hex-encode agreekey2)))

Existing key(Hex) - Create sessionkey (Public key can be omitted)

(use botan)
(let [prikey1-mpi (mpi/from-hex-str A_PRIVATE_KEY)
      prikey2-mpi (mpi/from-hex-str B_PRIVATE_KEY)

      pubkey1-mpi-x (mpi/from-hex-str (string/slice A_PUBLIC_KEY 2 (+ 2 (/ (- (length A_PUBLIC_KEY) 2) 2))))
      pubkey1-mpi-y (mpi/from-hex-str (string/slice A_PUBLIC_KEY (+ 2 (/ (- (length A_PUBLIC_KEY) 2) 2))))

      pubkey2-mpi-x (mpi/from-hex-str (string/slice B_PUBLIC_KEY 2 (+ 2 (/ (- (length B_PUBLIC_KEY) 2) 2))))
      pubkey2-mpi-y (mpi/from-hex-str (string/slice B_PUBLIC_KEY (+ 2 (/ (- (length B_PUBLIC_KEY) 2) 2))))

      prikey1 (privkey/load-ecdh "secp256r1" prikey1-mpi)
      prikey2 (privkey/load-ecdh "secp256r1" prikey2-mpi)

      pubkey1 (pubkey/load-ecdh "secp256r1" pubkey1-mpi-x pubkey1-mpi-y)
      pubkey2 (pubkey/load-ecdh "secp256r1" pubkey2-mpi-x pubkey2-mpi-y)

      pubkey1-from-pri (:get-pubkey prikey1)
      pubkey2-from-pri (:get-pubkey prikey2)

      pk-ka (pk-key-agreement/new prikey1 "Raw")
      agreekey (:agree pk-ka (:get-public-point pubkey2) "")]
  (assert (= (:get-public-point pubkey1) (:get-public-point pubkey1-from-pri)))
  (assert (= (:get-public-point pubkey2) (:get-public-point pubkey2-from-pri)))

  (print "prikeyA: " (hex-encode (:to-bin prikey1-mpi)))
  (print "prikeyB: " (hex-encode (:to-bin prikey2-mpi)))
  (print "pubkeyA: " (hex-encode (:get-public-point pubkey1)))
  (print "pubkeyB: " (hex-encode (:get-public-point pubkey2)))
  (print "agreekey: " (hex-encode agreekey)))

Existing key(Big Int) - Create sessionkey

(use botan)
(let [prikey1-hex (hex-encode (:to-bin (mpi/from-str A_PRIVATE_KEY)))
      prikey2-hex (hex-encode (:to-bin (mpi/from-str B_PRIVATE_KEY)))
      pubkey1-hex (hex-encode (:to-bin (mpi/from-str A_PUBLIC_KEY)))
      pubkey2-hex (hex-encode (:to-bin (mpi/from-str B_PUBLIC_KEY)))

      prikey1-mpi (mpi/from-str A_PRIVATE_KEY)
      prikey2-mpi (mpi/from-str B_PRIVATE_KEY)

      pubkey1-mpi-x (mpi/from-hex-str (string/slice pubkey1-hex 2 (+ 2 (/ (- (length pubkey1-hex) 2) 2))))
      pubkey1-mpi-y (mpi/from-hex-str (string/slice pubkey1-hex (+ 2 (/ (- (length pubkey1-hex) 2) 2))))

      pubkey2-mpi-x (mpi/from-hex-str (string/slice pubkey2-hex 2 (+ 2 (/ (- (length pubkey2-hex) 2) 2))))
      pubkey2-mpi-y (mpi/from-hex-str (string/slice pubkey2-hex (+ 2 (/ (- (length pubkey2-hex) 2) 2))))

      prikey1 (privkey/load-ecdh "secp256r1" prikey1-mpi)
      prikey2 (privkey/load-ecdh "secp256r1" prikey2-mpi)

      pubkey1 (pubkey/load-ecdh "secp256r1" pubkey1-mpi-x pubkey1-mpi-y)
      pubkey2 (pubkey/load-ecdh "secp256r1" pubkey2-mpi-x pubkey2-mpi-y)

      pubkey1-from-pri (:get-pubkey prikey1)
      pubkey2-from-pri (:get-pubkey prikey2)

      pk-ka (pk-key-agreement/new prikey1 "Raw")
      agreekey (:agree pk-ka (:get-public-point pubkey2) "")]
  (assert (= (:get-public-point pubkey1) (:get-public-point pubkey1-from-pri)))
  (assert (= (:get-public-point pubkey2) (:get-public-point pubkey2-from-pri)))

  (print "prikeyA: " (hex-encode (:to-bin prikey1-mpi)))
  (print "prikeyB: " (hex-encode (:to-bin prikey2-mpi)))
  (print "pubkeyA: " (hex-encode (:get-public-point pubkey1)))
  (print "pubkeyB: " (hex-encode (:get-public-point pubkey2)))
  (print "agreekey: " (hex-encode agreekey)))

Existing key(Hex) - Create sessionkey with PriKey A, PubKey B

(use botan)
(let [prikey1-mpi (mpi/from-hex-str A_PRIVATE_KEY)

      pubkey2-mpi-x (mpi/from-hex-str (string/slice B_PUBLIC_KEY 2 (+ 2 (/ (- (length B_PUBLIC_KEY) 2) 2))))
      pubkey2-mpi-y (mpi/from-hex-str (string/slice B_PUBLIC_KEY (+ 2 (/ (- (length B_PUBLIC_KEY) 2) 2))))

      prikey1 (privkey/load-ecdh "secp256r1" prikey1-mpi)
      pubkey2 (pubkey/load-ecdh "secp256r1" pubkey2-mpi-x pubkey2-mpi-y)

      pk-ka (pk-key-agreement/new prikey1 "Raw")
      agreekey (:agree pk-ka (:get-public-point pubkey2) "")]
  (print "prikeyA: " (hex-encode (:to-bin prikey1-mpi)))
  (print "pubkeyB: " (hex-encode (:get-public-point pubkey2)))
  (print "agreekey: " (hex-encode agreekey)))

ECDSA

Random key - Create signature - TEXT input

(use botan)
(let [prikey1 (privkey/new "ECDSA" "secp256r1")
      prikey2 (privkey/new "ECDSA" "secp256r1")

      pubkey1 (:get-pubkey prikey1)
      pubkey2 (:get-pubkey prikey2)

      pk-sig (pk-sign/new prikey1 "EMSA1(SHA-256)")
      pk-veri (pk-verify/new pubkey1 "EMSA1(SHA-256)")

      text TEXT
      signature (:finish (:update pk-sig text))
      sig-verify (:finish (:update pk-veri text) signature)]
  (print "prikeyA:   " (hex-encode (:to-bin (:get-field prikey1 "x"))))
  (print "prikeyB:   " (hex-encode (:to-bin (:get-field prikey2 "x"))))
  (print "pubkeyA:   " (hex-encode (:get-public-point pubkey1)))
  (print "pubkeyB:   " (hex-encode (:get-public-point pubkey2)))
  (print "input:     " text)
  (print "signature: " (hex-encode signature))
  (print "valid?:    " sig-verify))

Random key - Create signature - HEX input

(use botan)
(let [prikey1 (privkey/new "ECDSA" "secp256r1")
      prikey2 (privkey/new "ECDSA" "secp256r1")

      pubkey1 (:get-pubkey prikey1)
      pubkey2 (:get-pubkey prikey2)

      pk-sig (pk-sign/new prikey1 "EMSA1(SHA-256)")
      pk-veri (pk-verify/new pubkey1 "EMSA1(SHA-256)")

      text (hex-decode TEXT)
      signature (:finish (:update pk-sig text))
      sig-verify (:finish (:update pk-veri text) signature)]
  (print "prikeyA:   " (hex-encode (:to-bin (:get-field prikey1 "x"))))
  (print "prikeyB:   " (hex-encode (:to-bin (:get-field prikey2 "x"))))
  (print "pubkeyA:   " (hex-encode (:get-public-point pubkey1)))
  (print "pubkeyB:   " (hex-encode (:get-public-point pubkey2)))
  (print "input:     " (hex-encode text))
  (print "signature: " (hex-encode signature))
  (print "valid?:    " sig-verify))

Existing key - Create signature TEXT input

(use botan)
(let [prikey1 (privkey/load-ecdsa "secp256r1" (mpi/from-hex-str PRIVATE_KEY))

      pk-sig (pk-sign/new prikey1 "EMSA1(SHA-256)")

      text TEXT
      signature (:finish (:update pk-sig text))]
  (print "prikey:    " (hex-encode (:to-bin (:get-field prikey1 "x"))))
  (print "input:     " (hex-encode text))
  (print "signature: " (hex-encode signature)))

Existing key - Create signature HEX input

(use botan)
(let [prikey1 (privkey/load-ecdsa "secp256r1" (mpi/from-hex-str PRIVATE_KEY))

      pk-sig (pk-sign/new prikey1 "EMSA1(SHA-256)")

      text (hex-decode TEXT)
      signature (:finish (:update pk-sig text))]
  (print "prikey:    " (hex-encode (:to-bin (:get-field prikey1 "x"))))
  (print "input:     " (hex-encode text))
  (print "signature: " (hex-encode signature)))

Existing key - Signature check - TEXT input

(use botan)
(let [pubkey1-mpi-x (mpi/from-hex-str (string/slice PUBLIC_KEY 2 (+ 2 (/ (- (length PUBLIC_KEY) 2) 2))))
      pubkey1-mpi-y (mpi/from-hex-str (string/slice PUBLIC_KEY (+ 2 (/ (- (length PUBLIC_KEY) 2) 2))))

      pubkey1 (pubkey/load-ecdsa "secp256r1" pubkey1-mpi-x pubkey1-mpi-y)

      pk-veri (pk-verify/new pubkey1 "EMSA1(SHA-256)")

      text TEXT
      sig-verify (:finish (:update pk-veri text) (hex-decode SIGNATURE))]
  (print "valid?: " sig-verify))

KDF

SP-800-108 KDF

SP-800-108-Counter

(use botan)
(print
 (hex-encode
  (kdf "SP800-108-Counter(CMAC(AES-128))"
       KEY_LEN (hex-decode KI) (hex-decode SALT) (hex-decode LABEL))))

HKDF - HEX passphrase

(use botan)
(print
 (hex-encode
  (kdf "HKDF(HMAC(SHA-256))"
   KEY_LEN (hex-decode PASSPHRASE) (hex-decode SALT) (hex-decode INFO))))

PBKDF2

PBKDF2 - Text passphrase

(use botan)
(let [[salt iter psk]
      (pbkdf "PBKDF2(SHA-256)"
             PASSPHRASE KEY_LEN ITERATION (hex-decode SALT))]
  (print (hex-encode psk)))

PBKDF2 - HEX passphrase

(use botan)
(let [[salt iter psk]
      (pbkdf "PBKDF2(SHA-256)"
             (hex-decode PASSPHRASE) KEY_LEN ITERATION (hex-decode SALT))]
  (print (hex-encode psk)))

RSA

Demo

(use botan)
(let [prikey (privkey/new "RSA" "2048")
      pubkey (:get-pubkey prikey)]
  (print "Prikey: " (hex-encode (:to-der prikey)))
  (print "Pubkey: " (hex-encode (:to-der pubkey))))

Encrypt

(use botan)
(let [prikey (privkey/load-rsa (mpi/from-hex-str VAL_P) (mpi/from-hex-str VAL_Q) (mpi/from-hex-str VAL_E))
      pubkey (:get-pubkey prikey)
      pk-enc (pk-encrypt/new pubkey  "OAEP(SHA-256)")
      encrypted (pk-encrypt/encrypt pk-enc (hex-decode HEX_M))]
  (print "Prikey: " (hex-encode (:to-der prikey)))
  (print "Pubkey: " (hex-encode (:to-der pubkey)))
  (print "Enc:    " (hex-encode encrypted)))

Decrypt

(use botan)
(let [prikey (privkey/load-rsa (mpi/from-hex-str VAL_P) (mpi/from-hex-str VAL_Q) (mpi/from-hex-str VAL_E))
      pk-dec (pk-decrypt/new prikey  "OAEP(SHA-256)")
      plain (pk-decrypt/decrypt pk-dec (hex-decode ENC_M))]
  (print "Prikey: " (hex-encode (:to-der prikey)))
  (print "Dec:    " (hex-encode plain)))

Sign

(use botan)
(let [prikey (privkey/load-rsa (mpi/from-hex-str VAL_P) (mpi/from-hex-str VAL_Q) (mpi/from-hex-str VAL_E))
      pk-sig (pk-sign/new prikey "PSS(SHA-256)")
      signature (:finish (:update pk-sig (hex-decode HEX_M)))]
  (print "Prikey:    " (hex-encode (:to-der prikey)))
  (print "Signature: " (hex-encode signature)))

Verify

(use botan)
(let [prikey (privkey/load-rsa (mpi/from-hex-str VAL_P) (mpi/from-hex-str VAL_Q) (mpi/from-hex-str VAL_E))
      pubkey (:get-pubkey prikey)
      pk-veri (pk-verify/new pubkey "PSS(SHA-256)")
      valid (:finish (:update pk-veri (hex-decode HEX_M)) (hex-decode SIGN))]
  (print "Prikey: " (hex-encode (:to-der prikey)))
  (print "Pubkey: " (hex-encode (:to-der pubkey)))
  (print "Valid?: " valid))