Homepage > Man Pages > Category > Subroutines

Homepage > Man Pages > Name > C# crypto

## man page of crypto

### crypto: Crypto Functions

Homepage > Man Pages > Name > C

## NAME

crypto-cryptoFunctions## DESCRIPTION

This module provides a set of cryptographic functions. References: * md5: The MD5 Message Digest Algorithm (RFC 1321) .br .br * sha: Secure Hash Standard (FIPS 180-2) .br .br * hmac: Keyed-Hashing for Message Authentication (RFC 2104) .br .br * des: Data Encryption Standard (FIPS 46-3) .br .br * aes: Advanced Encryption Standard (AES) (FIPS 197) .br .br * ecb, cbc, cfb, ofb: Recommendation for Block Cipher Modes of Operation (NIST SP 800-38A). .br .br * rsa: Recommendation for Block Cipher Modes of Operation (NIST 800-38A) .br .br * dss: Digital Signature Standard (FIPS 186-2) .br .br The above publications can be found at NIST publications, at IETF.Typesbyte() = 0 ... 255 ioelem() = byte() | binary() | iolist() iolist() = [ioelem()] Mpint() = <<ByteLen:32/integer-big, Bytes:ByteLen/binary>>## EXPORTS

start() -> okStarts the crypto server.stop() -> okStops the crypto server.info() -> [atom()]Provides the available crypto functions in terms of a list of atoms.info_lib() -> [{Name,VerNum,VerStr}]Types Name = binary() VerNum = integer() VerStr = binary() Provides the name and version of the libraries used by crypto.Nameis the name of the library.VerNumis the numeric version according to the library's own versioning scheme.VerStrcontains a text variant of the version. > info_lib(). [{<<"OpenSSL">>,9469983,<<"OpenSSL 0.9.8a 11 Oct 2005">>}]md5(Data) -> DigestTypes Data = iolist() | binary() Digest = binary() Computes anMD5message digest fromData, where the length of the digest is 128 bits (16 bytes).md5_init() -> ContextTypes Context = binary() Creates an MD5 context, to be used in subsequent calls tomd5_update/2.md5_update(Context, Data) -> NewContextTypes Data = iolist() | binary() Context = NewContext = binary() Updates an MD5ContextwithData, and returns aNewContext.md5_final(Context) -> DigestTypes Context = Digest = binary() Finishes the update of an MD5Contextand returns the computedMD5message digest.sha(Data) -> DigestTypes Data = iolist() | binary() Digest = binary() Computes anSHAmessage digest fromData, where the length of the digest is 160 bits (20 bytes).sha_init() -> ContextTypes Context = binary() Creates an SHA context, to be used in subsequent calls tosha_update/2.sha_update(Context, Data) -> NewContextTypes Data = iolist() | binary() Context = NewContext = binary() Updates an SHAContextwithData, and returns aNewContext.sha_final(Context) -> DigestTypes Context = Digest = binary() Finishes the update of an SHAContextand returns the computedSHAmessage digest.md5_mac(Key, Data) -> MacTypes Key = Data = iolist() | binary() Mac = binary() Computes anMD5 MACmessage authentification code fromKeyandData, where the the length of the Mac is 128 bits (16 bytes).md5_mac_96(Key, Data) -> MacTypes Key = Data = iolist() | binary() Mac = binary() Computes anMD5 MACmessage authentification code fromKeyandData, where the length of the Mac is 96 bits (12 bytes).sha_mac(Key, Data) -> MacTypes Key = Data = iolist() | binary() Mac = binary() Computes anSHA MACmessage authentification code fromKeyandData, where the length of the Mac is 160 bits (20 bytes).sha_mac_96(Key, Data) -> MacTypes Key = Data = iolist() | binary() Mac = binary() Computes anSHA MACmessage authentification code fromKeyandData, where the length of the Mac is 96 bits (12 bytes).des_cbc_encrypt(Key, IVec, Text) -> CipherTypes Key = Text = iolist() | binary() IVec = Cipher = binary() EncryptsTextaccording to DES in CBC mode.Textmust be a multiple of 64 bits (8 bytes).Keyis the DES key, andIVecis an arbitrary initializing vector. The lengths ofKeyandIVecmust be 64 bits (8 bytes).des_cbc_decrypt(Key, IVec, Cipher) -> TextTypes Key = Cipher = iolist() | binary() IVec = Text = binary() DecryptsCipheraccording to DES in CBC mode.Keyis the DES key, andIVecis an arbitrary initializing vector.KeyandIVecmust have the same values as those used when encrypting.Ciphermust be a multiple of 64 bits (8 bytes). The lengths ofKeyandIVecmust be 64 bits (8 bytes).des_cbc_ivec(Data) -> IVecTypes Data = iolist() | binary() IVec = binary() Returns theIVecto be used in a next iteration ofdes_cbc_[encrypt|decrypt].Datais the encrypted data from the previous iteration step.des3_cbc_encrypt(Key1, Key2, Key3, IVec, Text) -> CipherTypes Key1 =Key2 = Key3 Text = iolist() | binary() IVec = Cipher = binary() EncryptsTextaccording to DES3 in CBC mode.Textmust be a multiple of 64 bits (8 bytes).Key1,Key2,Key3, are the DES keys, andIVecis an arbitrary initializing vector. The lengths of each ofKey1,Key2,Key3andIVecmust be 64 bits (8 bytes).des3_cbc_decrypt(Key1, Key2, Key3, IVec, Cipher) -> TextTypes Key1 = Key2 = Key3 = Cipher = iolist() | binary() IVec = Text = binary() DecryptsCipheraccording to DES3 in CBC mode.Key1,Key2,Key3are the DES key, andIVecis an arbitrary initializing vector.Key1,Key2,Key3andIVecmust andIVecmust have the same values as those used when encrypting.Ciphermust be a multiple of 64 bits (8 bytes). The lengths ofKey1,Key2,Key3, andIVecmust be 64 bits (8 bytes).blowfish_cfb64_encrypt(Key, IVec, Text) -> CipherTypes Key = Text = iolist() | binary() IVec = Cipher = binary() EncryptsTextusing Blowfish in CFB mode with 64 bit feedback.Keyis the Blowfish key, andIVecis an arbitrary initializing vector. The length ofIVecmust be 64 bits (8 bytes).blowfish_cfb64_decrypt(Key, IVec, Text) -> CipherTypes Key = Text = iolist() | binary() IVec = Cipher = binary() DecryptsTextusing Blowfish in CFB mode with 64 bit feedback.Keyis the Blowfish key, andIVecis an arbitrary initializing vector. The length ofIVecmust be 64 bits (8 bytes).aes_cfb_128_encrypt(Key, IVec, Text) -> Cipher aes_cbc_128_encrypt(Key, IVec, Text) -> CipherTypes Key = Text = iolist() | binary() IVec = Cipher = binary() EncryptsTextaccording to AES in Cipher Feedback mode (CFB) or Cipher Block Chaining mode (CBC).Textmust be a multiple of 128 bits (16 bytes).Keyis the AES key, andIVecis an arbitrary initializing vector. The lengths ofKeyandIVecmust be 128 bits (16 bytes).aes_cfb_128_decrypt(Key, IVec, Cipher) -> Text aes_cbc_128_decrypt(Key, IVec, Cipher) -> TextTypes Key = Cipher = iolist() | binary() IVec = Text = binary() DecryptsCipheraccording to Cipher Feedback Mode (CFB) or Cipher Block Chaining mode (CBC).Keyis the AES key, andIVecis an arbitrary initializing vector.KeyandIVecmust have the same values as those used when encrypting.Ciphermust be a multiple of 128 bits (16 bytes). The lengths ofKeyandIVecmust be 128 bits (16 bytes).aes_cbc_ivec(Data) -> IVecTypes Data = iolist() | binary() IVec = binary() Returns theIVecto be used in a next iteration ofaes_cbc_*_[encrypt|decrypt].Datais the encrypted data from the previous iteration step.erlint(Mpint) -> N mpint(N) -> MpintTypes Mpint = binary() N = integer() Convert a binary multi-precision integerMpintto and from an erlang big integer. A multi-precision integer is a binary with the following form:<<ByteLen:32/integer, Bytes:ByteLen/binary>>where bothByteLenandBytesare big-endian. Mpints are used in some of the functions incryptoand are not translated in the API for performance reasons.rand_bytes(N) -> binary()Types N = integer() Generates N bytes randomly uniform 0..255, and returns the result in a binary. Uses thecryptolibrary pseudo-random number generator.rand_uniform(Lo, Hi) -> NTypes Lo, Hi, N = Mpint | integer() Mpint = binary() Generate a random numberN, Lo =< N < Hi.Uses thecryptolibrary pseudo-random number generator. The arguments (and result) can be either erlang integers or binary multi-precision integers.mod_exp(N, P, M) -> ResultTypes N, P, M, Result = Mpint Mpint = binary() This function performs the exponentiationN ^ P mod M, using thecryptolibrary.rsa_sign(Data, Key) -> Signature rsa_sign(DigestType, Data, Key) -> SignatureTypes Data = Mpint Key = [E, N, D] E, N, D = Mpint WhereEis the public exponent,Nis public modulus andDis the private exponent. DigestType = md5 | sha The defaultDigestTypeis sha. Mpint = binary() Signature = binary() Calculates aDigestTypedigest of theDataand creates a RSA signature with the private keyKeyof the digest.rsa_verify(Data, Signature, Key) -> Verified rsa_verify(DigestType, Data, Signature, Key) -> VerifiedTypes Verified = boolean() Data, Signature = Mpint Key = [E, N] E, N = Mpint WhereEis the public exponent andNis public modulus. DigestType = md5 | sha The defaultDigestTypeis sha. Mpint = binary() Calculates aDigestTypedigest of theDataand verifies that the digest matches the RSA signature using the signer's public keyKey.rsa_public_encrypt(PlainText, PublicKey, Padding) -> ChipherTextTypes PlainText = binary() PublicKey = [E, N] E, N = Mpint WhereEis the public exponent andNis public modulus. Padding = rsa_pkcs1_padding | rsa_pkcs1_oaep_padding | rsa_no_padding ChipherText = binary() Encrypts thePlainText(usually a session key) using thePublicKeyand returns the cipher. ThePaddingdecides what padding mode is used,rsa_pkcs1_paddingis PKCS #1 v1.5 currently the most used mode andrsa_pkcs1_oaep_paddingis EME- OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty encoding parameter. This mode is recommended for all new applications. The size of theMsgmust be less thanbyte_size(N)-11ifrsa_pkcs1_paddingis used,byte_size(N)-41ifrsa_pkcs1_oaep_paddingis used andbyte_size(N)ifrsa_no_paddingis used. Where byte_size(N) is the size part of anMpint-1.rsa_private_decrypt(ChipherText, PrivateKey, Padding) -> PlainTextTypes ChipherText = binary() PrivateKey = [E, N, D] E, N, D = Mpint WhereEis the public exponent,Nis public modulus andDis the private exponent. Padding = rsa_pkcs1_padding | rsa_pkcs1_oaep_padding | rsa_no_padding PlainText = binary() Decrypts theChipherText(usually a session key encrypted withrsa_public_encrypt/3) using thePrivateKeyand returns the message. ThePaddingis the padding mode that was used to encrypt the data, seersa_public_encrypt/3.rsa_private_encrypt(PlainText, PrivateKey, Padding) -> ChipherTextTypes PlainText = binary() PrivateKey = [E, N, D] E, N, D = Mpint WhereEis the public exponent,Nis public modulus andDis the private exponent. Padding = rsa_pkcs1_padding | rsa_no_padding ChipherText = binary() Encrypts thePlainTextusing thePrivateKeyand returns the cipher. ThePaddingdecides what padding mode is used,rsa_pkcs1_paddingis PKCS #1 v1.5 currently the most used mode. The size of theMsgmust be less thanbyte_size(N)-11ifrsa_pkcs1_paddingis used, andbyte_size(N)ifrsa_no_paddingis used. Where byte_size(N) is the size part of anMpint-1.rsa_public_decrypt(ChipherText, PublicKey, Padding) -> PlainTextTypes ChipherText = binary() PublicKey = [E, N] E, N = Mpint WhereEis the public exponent andNis public modulus Padding = rsa_pkcs1_padding | rsa_no_padding PlainText = binary() Decrypts theChipherText(encrypted withrsa_private_encrypt/3) using thePrivateKeyand returns the message. ThePaddingis the padding mode that was used to encrypt the data, seersa_private_encrypt/3.dss_sign(Data, Key) -> SignatureTypes Digest = Mpint Key = [P, Q, G, X] P, Q, G, X = Mpint WhereP,QandGare the dss parameters andXis the private key. Mpint = binary() Signature = binary() Calculates the sha digest of theDataand creates a DSS signature with the private keyKeyof the digest.dss_verify(Data, Signature, Key) -> VerifiedTypes Verified = boolean() Digest, Signature = Mpint Key = [P, Q, G, Y] P, Q, G, Y = Mpint WhereP,QandGare the dss parameters andYis the public key. Mpint = binary() Calculates the sha digest of theDataand verifies that the digest matches the DSS signature using the public keyKey.rc4_encrypt(Key, Data) -> ResultTypes Key, Data = iolist() | binary() Result = binary() Encrypts the data with RC4 symmetric stream encryption. Since it is symmetric, the same function is used for decryption.dh_generate_key(DHParams) -> {PublicKey,PrivateKey} dh_generate_key(PrivateKey, DHParams) -> {PublicKey,PrivateKey}Types DHParameters = [P, G] P, G = Mpint WherePis the shared prime number andGis the shared generator. PublicKey, PrivateKey = Mpint() Generates a Diffie-HellmanPublicKeyandPrivateKey(if not given).dh_compute_key(OthersPublicKey, MyPrivateKey, DHParams) -> SharedSecretTypes DHParameters = [P, G] P, G = Mpint WherePis the shared prime number andGis the shared generator. OthersPublicKey, MyPrivateKey = Mpint() SharedSecret = binary() Computes the shared secret from the private key and the other party's public key.exor(Data1, Data2) -> ResultTypes Data1, Data2 = iolist() | binary() Result = binary() Performs bit-wise XOR (exclusive or) on the data supplied.## DES IN CBC MODE

The Data Encryption Standard (DES) defines an algorithm for encrypting and decrypting an 8 byte quantity using an 8 byte key (actually only 56 bits of the key is used). When it comes to encrypting and decrypting blocks that are multiples of 8 bytes various modes are defined (NIST SP 800-38A). One of those modes is the Cipher Block Chaining (CBC) mode, where the encryption of an 8 byte segment depend not only of the contents of the segment itself, but also on the result of encrypting the previous segment: the encryption of the previous segment becomes the initializing vector of the encryption of the current segment. Thus the encryption of every segment depends on the encryption key (which is secret) and the encryption of the previous segment, except the first segment which has to be provided with an initial initializing vector. That vector could be chosen at random, or be a counter of some kind. It does not have to be secret. The following example is drawn from the old FIPS 81 standard (replaced by NIST SP 800-38A), where both the plain text and the resulting cipher text is settled. The following code fragment returns 'true'. Key = <<16#01,16#23,16#45,16#67,16#89,16#ab,16#cd,16#ef>>, IVec = <<16#12,16#34,16#56,16#78,16#90,16#ab,16#cd,16#ef>>, P = "Now is the time for all ", C = crypto:des_cbc_encrypt(Key, IVec, P), % Which is the same as P1 = "Now is t", P2 = "he time ", P3 = "for all ", C1 = crypto:des_cbc_encrypt(Key, IVec, P1), C2 = crypto:des_cbc_encrypt(Key, C1, P2), C3 = crypto:des_cbc_encrypt(Key, C2, P3), C = <<C1/binary, C2/binary, C3/binary>>, C = <<16#e5,16#c7,16#cd,16#de,16#87,16#2b,16#f2,16#7c, 16#43,16#e9,16#34,16#00,16#8c,16#38,16#9c,16#0f, 16#68,16#37,16#88,16#49,16#9a,16#7c,16#05,16#f6>>, <<"Now is the time for all ">> == crypto:des_cbc_decrypt(Key, IVec, C). The following is true for the DES CBC mode. For all decompositions P1 ++ P2 = P of a plain text message P (where the length of all quantities are multiples of 8 bytes), the encryption C of P is equal to C1 ++ C2, where C1 is obtained by encrypting P1 with Key and the initializing vector IVec, and where C2 is obtained by encrypting P2 with Key and the initializing vector last8(C1), where last(Binary) denotes the last 8 bytes of the binary Binary. Similarly, for all decompositions C1 ++ C2 = C of a cipher text message C (where the length of all quantities are multiples of 8 bytes), the decryption P of C is equal to P1 ++ P2, where P1 is obtained by decrypting C1 with Key and the initializing vector IVec, and where P2 is obtained by decrypting C2 with Key and the initializing vector last8(C1), where last8(Binary) is as above. For DES3 (which uses three 64 bit keys) the situation is the same. CRYPTO(3)

Copyright © 2011–2018 by topics-of-interest.com . All rights reserved. Hosted by all-inkl.

Contact · Imprint · Privacy

Page generated in 29.46ms.

holzspalter.name | www.daelim-forum.com | doomsdaydude.de