somesocks / lua-lockbox Goto Github PK
View Code? Open in Web Editor NEWA collection of cryptographic primitives written in pure Lua
License: MIT License
A collection of cryptographic primitives written in pure Lua
License: MIT License
http://www.lua.org/manual/5.2/manual.html#8.2:
Function
table.maxn
is deprecated. Write it in Lua if you really need it.
As you can see here in Travis log, it fails on this when running on Lua 5.3.
Hello,
It should be nice to include the salsa20 support into lockbox.
If someone have time to do it... else I will do it... one day :D
Regards,
We may better improve tests if we use busted framework for unit testing. This would basically mean rewrite all tests with it but as a result it will be much cleaner IMHO. What people think about it?
The data encryped by lua-lockbox(ecb,pkcs7) can not be decryped by java(ecb,pkcs5),error message is :javax.crypto.BadPaddingException: Given final block not properly padded;
It seems a padding error
Hi
I’m trying to replace some proprietary modules with something open-source, and was wondering which ones could lockbox replace for me. Below are the modules/functions current called in the code I’m using..
lmcore.strtohex(decrypted)
lmcore.hextostr('15C95AC2B08AA7EB4E228F811E34D04FA54BA7DCAC9879FA8ACDA3FC244F3854', true)
aes_cbc:decrypt(encdec.base64dec(data))
aes_cbc:encrypt(payload)
encdec.hmacsha256(ciphertext, hmac_key, true)
encdec.base64enc(ciphertext .. sig)
I’ve got a replacement for the base64 one from here - http://lua-users.org/wiki/BaseSixtyFour
I want to build a framework for MtProto, the communucation protocol used by Telegram, and this library is the most promising in regards to including all the encryption mechanism I need. However AES IGE is missing. Any chance you will implement this as well?
I'd like to request the option to use RSA public key scheme which would be compatible with python cryptography library.
I'm currently developing an app in which the client needs to be programmed in Lua and the server in python, the server is using the cryptography lib and the client needs to safely communicate with the server through RSA scheme.
Any plans on adding an Elliptic Curve Digital Signature Algorithm such as Secp256k1? Or any other public key algorithms?
"Several weak or broken primitives are implemented in this library, for research or legacy reasons."
pbkdf is secure ?
Hi!
I have prepared some code to fix issue #7 (lua linting problems)
how could I make a PR?
Many thanks
Evgeny
Luacheck is very useful to prevent some mistakes.
$ luacheck lockbox/
Checking lockbox//cipher/aes128.lua 11 warnings
lockbox//cipher/aes128.lua:1:7: unused variable Stream
lockbox//cipher/aes128.lua:5:7: unused variable Math
lockbox//cipher/aes128.lua:8:7: unused variable AND
lockbox//cipher/aes128.lua:9:7: unused variable OR
lockbox//cipher/aes128.lua:10:7: unused variable NOT
lockbox//cipher/aes128.lua:12:7: unused variable LROT
lockbox//cipher/aes128.lua:13:7: unused variable RROT
lockbox//cipher/aes128.lua:14:7: unused variable LSHIFT
lockbox//cipher/aes128.lua:15:7: unused variable RSHIFT
lockbox//cipher/aes128.lua:289:8: variable key was previously defined as an argument on line 287
lockbox//cipher/aes128.lua:359:8: variable key was previously defined as an argument on line 357
Checking lockbox//cipher/aes192.lua 11 warnings
lockbox//cipher/aes192.lua:1:7: unused variable Stream
lockbox//cipher/aes192.lua:5:7: unused variable Math
lockbox//cipher/aes192.lua:8:7: unused variable AND
lockbox//cipher/aes192.lua:9:7: unused variable OR
lockbox//cipher/aes192.lua:10:7: unused variable NOT
lockbox//cipher/aes192.lua:12:7: unused variable LROT
lockbox//cipher/aes192.lua:13:7: unused variable RROT
lockbox//cipher/aes192.lua:14:7: unused variable LSHIFT
lockbox//cipher/aes192.lua:15:7: unused variable RSHIFT
lockbox//cipher/aes192.lua:311:8: variable key was previously defined as an argument on line 309
lockbox//cipher/aes192.lua:393:8: variable key was previously defined as an argument on line 391
Checking lockbox//cipher/aes256.lua 11 warnings
lockbox//cipher/aes256.lua:1:7: unused variable Stream
lockbox//cipher/aes256.lua:5:7: unused variable Math
lockbox//cipher/aes256.lua:8:7: unused variable AND
lockbox//cipher/aes256.lua:9:7: unused variable OR
lockbox//cipher/aes256.lua:10:7: unused variable NOT
lockbox//cipher/aes256.lua:12:7: unused variable LROT
lockbox//cipher/aes256.lua:13:7: unused variable RROT
lockbox//cipher/aes256.lua:14:7: unused variable LSHIFT
lockbox//cipher/aes256.lua:15:7: unused variable RSHIFT
lockbox//cipher/aes256.lua:324:8: variable key was previously defined as an argument on line 322
lockbox//cipher/aes256.lua:418:8: variable key was previously defined as an argument on line 416
Checking lockbox//cipher/des.lua 47 warnings
lockbox//cipher/des.lua:3:7: unused variable Stream
lockbox//cipher/des.lua:12:7: unused variable NOT
lockbox//cipher/des.lua:14:7: unused variable LROT
lockbox//cipher/des.lua:15:7: unused variable RROT
lockbox//cipher/des.lua:80:7: unused variable SIND1
lockbox//cipher/des.lua:81:7: unused variable SIND2
lockbox//cipher/des.lua:82:7: unused variable SIND3
lockbox//cipher/des.lua:83:7: unused variable SIND4
lockbox//cipher/des.lua:84:7: unused variable SIND5
lockbox//cipher/des.lua:85:7: unused variable SIND6
lockbox//cipher/des.lua:86:7: unused variable SIND7
lockbox//cipher/des.lua:87:7: unused variable SIND8
lockbox//cipher/des.lua:137:6: unused loop variable k
lockbox//cipher/des.lua:154:8: unused loop variable v
lockbox//cipher/des.lua:173:8: unused loop variable v
lockbox//cipher/des.lua:338:8: unused loop variable v
lockbox//cipher/des.lua:342:8: unused loop variable v
lockbox//cipher/des.lua:346:8: unused loop variable v
lockbox//cipher/des.lua:350:8: unused loop variable v
lockbox//cipher/des.lua:354:8: unused loop variable v
lockbox//cipher/des.lua:358:8: unused loop variable v
lockbox//cipher/des.lua:362:8: unused loop variable v
lockbox//cipher/des.lua:366:8: unused loop variable v
lockbox//cipher/des.lua:370:8: unused loop variable v
lockbox//cipher/des.lua:374:8: unused loop variable v
lockbox//cipher/des.lua:378:8: unused loop variable v
lockbox//cipher/des.lua:382:8: unused loop variable v
lockbox//cipher/des.lua:386:8: unused loop variable v
lockbox//cipher/des.lua:390:8: unused loop variable v
lockbox//cipher/des.lua:394:8: unused loop variable v
lockbox//cipher/des.lua:398:8: unused loop variable v
lockbox//cipher/des.lua:440:8: unused loop variable v
lockbox//cipher/des.lua:444:8: unused loop variable v
lockbox//cipher/des.lua:448:8: unused loop variable v
lockbox//cipher/des.lua:452:8: unused loop variable v
lockbox//cipher/des.lua:456:8: unused loop variable v
lockbox//cipher/des.lua:460:8: unused loop variable v
lockbox//cipher/des.lua:464:8: unused loop variable v
lockbox//cipher/des.lua:468:8: unused loop variable v
lockbox//cipher/des.lua:472:8: unused loop variable v
lockbox//cipher/des.lua:476:8: unused loop variable v
lockbox//cipher/des.lua:480:8: unused loop variable v
lockbox//cipher/des.lua:484:8: unused loop variable v
lockbox//cipher/des.lua:488:8: unused loop variable v
lockbox//cipher/des.lua:492:8: unused loop variable v
lockbox//cipher/des.lua:496:8: unused loop variable v
lockbox//cipher/des.lua:500:8: unused loop variable v
Checking lockbox//cipher/des3.lua OK
Checking lockbox//cipher/mode/cbc.lua 6 warnings
lockbox//cipher/mode/cbc.lua:5:7: unused variable String
lockbox//cipher/mode/cbc.lua:6:7: unused variable Bit
lockbox//cipher/mode/cbc.lua:65:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/cbc.lua:66:17: accessing undefined variable paddingStream
lockbox//cipher/mode/cbc.lua:144:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/cbc.lua:145:17: accessing undefined variable paddingStream
Checking lockbox//cipher/mode/cfb.lua 6 warnings
lockbox//cipher/mode/cfb.lua:5:7: unused variable String
lockbox//cipher/mode/cfb.lua:6:7: unused variable Bit
lockbox//cipher/mode/cfb.lua:66:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/cfb.lua:67:17: accessing undefined variable paddingStream
lockbox//cipher/mode/cfb.lua:144:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/cfb.lua:145:17: accessing undefined variable paddingStream
Checking lockbox//cipher/mode/ctr.lua 11 warnings
lockbox//cipher/mode/ctr.lua:5:7: unused variable String
lockbox//cipher/mode/ctr.lua:10:7: unused variable NOT
lockbox//cipher/mode/ctr.lua:11:7: unused variable XOR
lockbox//cipher/mode/ctr.lua:12:7: unused variable LROT
lockbox//cipher/mode/ctr.lua:13:7: unused variable RROT
lockbox//cipher/mode/ctr.lua:18:7: unused function bytes2word
lockbox//cipher/mode/ctr.lua:26:7: unused function word2bytes
lockbox//cipher/mode/ctr.lua:132:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/ctr.lua:133:17: accessing undefined variable paddingStream
lockbox//cipher/mode/ctr.lua:249:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/ctr.lua:250:17: accessing undefined variable paddingStream
Checking lockbox//cipher/mode/ecb.lua 6 warnings
lockbox//cipher/mode/ecb.lua:7:7: unused variable String
lockbox//cipher/mode/ecb.lua:8:7: unused variable Bit
lockbox//cipher/mode/ecb.lua:60:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/ecb.lua:61:17: accessing undefined variable paddingStream
lockbox//cipher/mode/ecb.lua:130:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/ecb.lua:131:17: accessing undefined variable paddingStream
Checking lockbox//cipher/mode/ofb.lua 6 warnings
lockbox//cipher/mode/ofb.lua:5:7: unused variable String
lockbox//cipher/mode/ofb.lua:6:7: unused variable Bit
lockbox//cipher/mode/ofb.lua:66:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/ofb.lua:67:17: accessing undefined variable paddingStream
lockbox//cipher/mode/ofb.lua:144:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/ofb.lua:145:17: accessing undefined variable paddingStream
Checking lockbox//cipher/mode/pcbc.lua 6 warnings
lockbox//cipher/mode/pcbc.lua:5:7: unused variable String
lockbox//cipher/mode/pcbc.lua:6:7: unused variable Bit
lockbox//cipher/mode/pcbc.lua:66:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/pcbc.lua:67:17: accessing undefined variable paddingStream
lockbox//cipher/mode/pcbc.lua:144:3: setting non-standard global variable paddingStream
lockbox//cipher/mode/pcbc.lua:145:17: accessing undefined variable paddingStream
Checking lockbox//cipher/tea.lua 9 warnings
lockbox//cipher/tea.lua:3:7: unused variable Stream
lockbox//cipher/tea.lua:4:7: unused variable Array
lockbox//cipher/tea.lua:6:7: unused variable String
lockbox//cipher/tea.lua:8:7: unused variable Math
lockbox//cipher/tea.lua:12:7: unused variable NOT
lockbox//cipher/tea.lua:14:7: unused variable LROT
lockbox//cipher/tea.lua:15:7: unused variable RROT
lockbox//cipher/tea.lua:55:6: unused loop variable i
lockbox//cipher/tea.lua:91:6: unused loop variable i
Checking lockbox//cipher/xtea.lua 9 warnings
lockbox//cipher/xtea.lua:3:7: unused variable Stream
lockbox//cipher/xtea.lua:4:7: unused variable Array
lockbox//cipher/xtea.lua:6:7: unused variable String
lockbox//cipher/xtea.lua:8:7: unused variable Math
lockbox//cipher/xtea.lua:12:7: unused variable NOT
lockbox//cipher/xtea.lua:14:7: unused variable LROT
lockbox//cipher/xtea.lua:15:7: unused variable RROT
lockbox//cipher/xtea.lua:56:6: unused loop variable i
lockbox//cipher/xtea.lua:91:6: unused loop variable i
Checking lockbox//digest/md2.lua 8 warnings
lockbox//digest/md2.lua:25:7: unused variable AND
lockbox//digest/md2.lua:26:7: unused variable OR
lockbox//digest/md2.lua:27:7: unused variable NOT
lockbox//digest/md2.lua:29:7: unused variable LROT
lockbox//digest/md2.lua:30:7: unused variable RROT
lockbox//digest/md2.lua:31:7: unused variable LSHIFT
lockbox//digest/md2.lua:32:7: unused variable RSHIFT
lockbox//digest/md2.lua:43:8: variable L is never accessed
Checking lockbox//digest/md4.lua 4 warnings
lockbox//digest/md4.lua:8:7: unused variable SHIFT
lockbox//digest/md4.lua:12:7: unused variable WORD
lockbox//digest/md4.lua:21:7: unused variable RROT
lockbox//digest/md4.lua:43:7: unused function bytes2dword
Checking lockbox//digest/md5.lua 2 warnings
lockbox//digest/md5.lua:35:7: unused variable RROT
lockbox//digest/md5.lua:57:7: unused function bytes2dword
Checking lockbox//digest/ripemd128.lua 2 warnings
lockbox//digest/ripemd128.lua:13:7: unused variable RROT
lockbox//digest/ripemd128.lua:35:7: unused function bytes2dword
Checking lockbox//digest/ripemd160.lua 2 warnings
lockbox//digest/ripemd160.lua:13:7: unused variable RROT
lockbox//digest/ripemd160.lua:35:7: unused function bytes2dword
Checking lockbox//digest/sha1.lua 2 warnings
lockbox//digest/sha1.lua:13:7: unused variable RROT
lockbox//digest/sha1.lua:35:7: unused function bytes2dword
Checking lockbox//digest/sha2_224.lua 2 warnings
lockbox//digest/sha2_224.lua:20:7: unused variable LROT
lockbox//digest/sha2_224.lua:43:7: unused function bytes2dword
Checking lockbox//digest/sha2_256.lua 2 warnings
lockbox//digest/sha2_256.lua:20:7: unused variable LROT
lockbox//digest/sha2_256.lua:43:7: unused function bytes2dword
Checking lockbox//init.lua OK
Checking lockbox//kdf/pbkdf2.lua 7 warnings
lockbox//kdf/pbkdf2.lua:2:7: unused variable String
lockbox//kdf/pbkdf2.lua:9:7: unused variable NOT
lockbox//kdf/pbkdf2.lua:10:7: unused variable XOR
lockbox//kdf/pbkdf2.lua:11:7: unused variable LROT
lockbox//kdf/pbkdf2.lua:12:7: unused variable RROT
lockbox//kdf/pbkdf2.lua:34:7: unused function bytes2dword
lockbox//kdf/pbkdf2.lua:40:7: unused function dword2bytes
Checking lockbox//mac/hmac.lua 1 warning
lockbox//mac/hmac.lua:2:7: unused variable String
Checking lockbox//padding/ansix923.lua 1 warning
lockbox//padding/ansix923.lua:1:7: unused variable Stream
Checking lockbox//padding/isoiec7816.lua 1 warning
lockbox//padding/isoiec7816.lua:1:7: unused variable Stream
Checking lockbox//padding/pkcs7.lua 1 warning
lockbox//padding/pkcs7.lua:1:7: unused variable Stream
Checking lockbox//padding/zero.lua 1 warning
lockbox//padding/zero.lua:1:7: unused variable Stream
Checking lockbox//util/array.lua 3 warnings
lockbox//util/array.lua:75:16: accessing undefined variable Queue
lockbox//util/array.lua:140:8: variable i was previously defined on line 131
lockbox//util/array.lua:141:8: variable byte was previously defined on line 132
Checking lockbox//util/base64.lua 3 warnings
lockbox//util/base64.lua:10:7: unused variable XOR
lockbox//util/base64.lua:11:7: unused variable LROT
lockbox//util/base64.lua:12:7: unused variable RROT
Checking lockbox//util/bit.lua 1 warning
lockbox//util/bit.lua:2:8: accessing uninitialized variable ok
Checking lockbox//util/queue.lua OK
Checking lockbox//util/stream.lua OK
Total: 182 warnings / 0 errors in 33 files
There's some refactors, improvements and optimizations I'd like to contribute to upstream. Also looking to implement sha2_384 and sha2_512 to complement lockbox as well as fixing up and merging in tst's Salsa20 implementation.
lockbox/padding/pkcs7.lua
openssl:
str = abcabcabcqweqweq1234567890123456
key = abcabcabcqweqweq
aes:
<\�V�m�=�V�P�_㧼3��> yj���9�:�z5��rF�|92 ��2V
base64:
PFyEVsRtlT2wVqJQpV/jp7wzp/U+DHlq4g/zOc86zno1AP26cgBG33w5Mg3nEzJW
lockbox:
str = abcabcabcqweqweq1234567890123456
key = abcabcabcqweqweq
aes:
<\�V�m�=�V�P�_㧼3��> yj���9�:�z
base64:
PFyEVsRtlT2wVqJQpV/jp7wzp/U+DHlq4g/zOc86zno=
16的整数不匹配,补位正常,只有整数异常
Hello,
Is it possible to add support for Lua v5.1 so I can 'luarocks install' for v5.1?
There is an error about require("lockbox").insecure() in ecb.lua,sha1....
i can't find lockbox.lua or any other lib.
why require("lockbox").insecure()?
i'm using lua 5.1.4
Any plans to add GCM-mode for AES128 for example?
If no, explain to me how to do it and I'll do it!
Can you add the travis build status to the readme.md? I can update the file and submit it as a PR but you'll still have to enable the CI build in travis under your account to display properly.
Any plans to add SHA3 to the lockbox? There is a version 5.3 implementation sample available in this repo:
https://github.com/philanc/plc/blob/master/sha3.lua
And I saw a couple of year old implementation in 5.2 on Lua distribution list.
Could you please release this module on LuaRocks?
it is my eg:
local iv = Array.fromHex("545e7a772453377d5e29405941615125");
local key = Array.fromHex(String.lower(res));
local plaintext = Array.fromHex("f69f2445df4f9b17ad2b417be66c3710");
local ciphertext = Base64.toArray("L0zArIO+yh3ILdCIXUm91VgP5VAPJjto+KjN3DKKPlA=");
local padding = ZeroPadding;
local decipher = decipher()
.setKey(key)
.setBlockCipher(AES128Cipher)
.setPadding(padding);
local plainOutput = decipher
.init()
.update(Stream.fromArray(iv))
.update(Stream.fromArray(ciphertext))
.finish()
.asHex();
plainOutput is 87B1AD89AC65AB0CDD97C981EC810B9410101010101010101010101010101010,actually i want the result is 87B1AD89AC65AB0CDD97C981EC810B941
what can i do?
Would you mind if I released this library (not the whole library) as a workshop addon for a game - namely Garry's Mod? Giving you 99% credit of course (requires a bit of modification so it works with the game) and if you have a Steam account I'd add you as an author
Hi
I’ve finally found some time to focus on this, with the goal to use lockbox to replace some Lua functions/libraries I don’t have access to.
The commands are as follows.
Encrypt
local aes_cbc, err = aes:new(key, nil, aes.cipher(128, 'cbc'), { iv = iv }, nil , 1)
local ciphertext = aes_cbc:encrypt(payload)
Decrypt
local aes_cbc, err = aes:new(key, nil, aes.cipher(128, 'cbc'), { iv = iv }, nil, 0)
local decrypted = aes_cbc:decrypt(data)
I’m still learning Lua so this is a bit of a stretch to me, but looking at the test, would the encrypt be something like the following?.
local String = require("string");
local Array = require("lockbox.util.array");
local Stream = require("lockbox.util.stream");
local CBCMode = require("lockbox.cipher.mode.cbc");
local ZeroPadding = require("lockbox.padding.zero");
local AES128Cipher = require("lockbox.cipher.aes128");
local mypayload = "TBC"
local mykey = "????????"
local myiv = "TBC"
local myciphertext = "????????"
local testVectors = {
cipher = CBCMode.Cipher,
decipher = CBCMode.Decipher,
key = Array.fromHex(mykey),
iv = Array.fromHex(myiv),
plaintext = Array.fromHex(mypayload),
ciphertext = Array.fromHex(myciphertext),
padding = ZeroPadding
}
for _, v in pairs(testVectors) do
local cipher = v.cipher()
.setKey(v.key)
.setBlockCipher(AES128Cipher)
.setPadding(v.padding);
local cipherOutput = cipher
.init()
.update(Stream.fromArray(v.iv))
.update(Stream.fromArray(v.plaintext))
.finish()
.asHex();
local decipher = v.decipher()
.setKey(v.key)
.setBlockCipher(AES128Cipher)
.setPadding(v.padding);
local plainOutput = decipher
.init()
.update(Stream.fromArray(v.iv))
.update(Stream.fromArray(v.ciphertext))
.finish()
.asHex();
assert(cipherOutput == Array.toHex(v.ciphertext)
, String.format("cipher failed! expected(%s) got(%s)", Array.toHex(v.ciphertext), cipherOutput));
assert(plainOutput == Array.toHex(v.plaintext)
, String.format("decipher failed! expected(%s) got(%s)", Array.toHex(v.plaintext), plainOutput));
end
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.