From tskogan at common-lisp.net  Sun Feb  4 20:58:00 2007
From: tskogan at common-lisp.net (tskogan)
Date: Sun,  4 Feb 2007 15:58:00 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/src
Message-ID: <20070204205800.C6C4B34000@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/src
In directory clnet:/tmp/cvs-serv23178

Modified Files:
	utilities.lisp 
Log Message:
Adding acopy and make-byte-array for octet arrays.


--- /project/crypticl/cvsroot/crypticl/src/utilities.lisp	2007/01/23 23:55:39	1.10
+++ /project/crypticl/cvsroot/crypticl/src/utilities.lisp	2007/02/04 20:58:00	1.11
@@ -159,8 +159,8 @@
 	    new-string (format nil "~A" (aref string i))))))))
 
 
-(defun octet-vector-copy (in &optional (start 0) (end (length in)) 
-				  out (out-start 0))
+(defun octet-vector-copy (in &optional (start 0) (end (length in))
+                                       out (out-start 0))
   "Returns copy of input vector or copies it into out at the given offset."
   (let ((size (- end start)))
     (unless out
@@ -168,6 +168,16 @@
     (dotimes (i size out)
       (setf (aref out (+ out-start i)) (aref in (+ start i))))))          
 
+
+(defun acopy (in &key (start 0) (size (length in))
+                      out (out-start 0))
+  "array copy"
+  (unless out
+    (setf out (make-byte-array size)))
+  (dotimes (i size out)
+    (setf (aref out (+ out-start i)) (aref in (+ start i)))))
+
+
 (defun concat (&rest args)
   "Concatenates strings and vectors. 
 WARNING! Will not work correctly if you mix strings and other vectors.
@@ -241,4 +251,6 @@
 the same platform."
   (map 'string #'code-char octet-vector))
 
-  
\ No newline at end of file
+
+(defun make-byte-array (size)  
+  (make-array size :element-type '(unsigned-byte 8) :initial-element 0))
\ No newline at end of file



From tskogan at common-lisp.net  Sun Feb  4 21:00:58 2007
From: tskogan at common-lisp.net (tskogan)
Date: Sun,  4 Feb 2007 16:00:58 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/src
Message-ID: <20070204210058.7982A36018@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/src
In directory clnet:/tmp/cvs-serv24872

Modified Files:
	random.lisp aes.lisp 
Log Message:
-Fix AES error with keys > 128 bits. 
-Use 256-bits in random. 
-Run Rinjdael test vectors from files on AES.


--- /project/crypticl/cvsroot/crypticl/src/random.lisp	2007/01/27 17:07:17	1.10
+++ /project/crypticl/cvsroot/crypticl/src/random.lisp	2007/02/04 21:00:58	1.11
@@ -44,16 +44,18 @@
 (defclass SecurePRNG-AES ()
   ((key 
     :accessor key
-    :initform #16(0))   ; TODO use 32 bytes (256 bits)  
+    :initform #32(0))
    (ctr 
     :accessor ctr
-    :initform #16(0)))  ; TODO use 32 bytes (256 bits)  
+    ;; NB! The counter size must be equal to the block size
+    ;; of the cipher, in this case AES with 128-bit/16 bytes block size.
+    :initform #16(0)))
   (:documentation "Cryptographically secure pseudo random number generator."))
 
 (defun make-SecurePRNG-AES ()
   "Constructor for the Secure-PRNG class. Assumes that X bits secret/seed is enough."
   (let ((obj (make-instance 'SecurePRNG-AES)))
-    (reseed obj (high-entropy-octets 16))))
+    (reseed obj (high-entropy-octets 32))))
 
 (defmethod reseed ((obj SecurePRNG-AES) new-seed)
   "Reseed with byte array of high entropy bits."
--- /project/crypticl/cvsroot/crypticl/src/aes.lisp	2007/01/27 17:07:17	1.10
+++ /project/crypticl/cvsroot/crypticl/src/aes.lisp	2007/02/04 21:00:58	1.11
@@ -5,25 +5,24 @@
 ;;;; Author: Taale Skogan
 ;;;; Distribution:  See the accompanying file LICENSE.
 
-;;To do:
-;;-how to get reference to 2D subarray of 3D array in encrypt and decrypt?
-
 #|
-Implements the FIPS 197 standard (AES) of Rijndael. The code is based on the reference implementation in [1] with some variable names from FIPS 197. The EBC and CBC is the only modes available. Anderson (2001) says about CBC that "..most commercial applications use this mode." (p. 98), but this mode has weaknesses (Kaufman et al, 2002) and the cryptograhic community  is still looking for better alternatives (Kaufman, 2002). Note the using the wrong mode may have serious security implications. Generally, ECB should not be used.
+Implements the FIPS 197 standard (AES) of Rijndael. The code is based on the
+reference implementation in [1] with some variable names from FIPS 197. 
 
-[1] Deamen,J. & Rijmen,V. 2002. "The Design of Rijndael - AES the Advanced Encryption Standard. Springer.
-[2] NIST 2001.Advanced Encryption Standard. FIPS Pub 197.
+TODO: The current version is very slow (too much consing). It needs a rewrite.
 
-*Anderson,R. 2001. Security Engineering. Wiley.
-*Kaufman, C., Perlman,R. & Speciner,M. 2002. Network Security - Private Communications in a Public World. Prentice Hall.
+[1] Deamen,J. & Rijmen,V. 2002. "The Design of Rijndael - AES the Advanced 
+Encryption Standard. Springer.
+[2] NIST 2001.Advanced Encryption Standard. FIPS Pub 197.
 
-AES uses 10,12 or 14 rounds. Note that the code uses a for-macro found in LCAPI_utilities.lisp
+AES uses 10,12 or 14 rounds.
 |# 
 
 (in-package crypticl)
 
 (defparameter NB 4
-  "Number of 32 bits words in the state = number of columns in state. Equals variable BC in the reference implementation.")
+  "'Num Bytes', the number of 32 bits words in the state = number of columns
+in state. Equals variable BC in the reference implementation.")
 
 (defparameter logtable
   #(  0   0  25   1  50   2  26 198  75 199  27 104  51 238 223   3
@@ -101,16 +100,6 @@
     23  43   4 126 186 119 214  38 225 105  20  99  85  33  12 125)
     "Inverse S-box.")
 
-
-
-(defparameter RC #(#x00 #x01 #x02 #x04 #x08 #x10 #x20 #x40 #x80
-		  #x1b #x36 #x6c #xd8 #xab #x4d #x9a #x2f
-		  #x5e #xbc #x63 #xc6 #x97 #x35 #x6a #xd4
-		  #xb3 #x7d #xfa #xef #xc5 #x91)
-  "Rijndael round constants used in key scheduling.")
-
-
-
 (defun mul (a b)
   "Multiply two elements of GF(256) by table lookup."
   (if (and (not (= a 0))
@@ -120,7 +109,6 @@
 			   255))
     0))
 
-
 (defun add-round-key (state round-key)
   "XOR state with round key. state and round-key is 4*NB matrices."
   (for (i 0 4)
@@ -129,16 +117,12 @@
 	      (logxor (aref state i j)
 		      (aref round-key i j))))))
 
-
 (defun sub-bytes (state s-box)
   "Substitute byte in input by corresponding byte in S box or inverse S box"
   (for (i 0 4)
        (for (j 0 NB)
 	    (setf (aref state i j) (aref s-box (aref state i j))))))
 
-
-
-
 (defun shift-rows (state do-encrypt)
   "Rotate rows in 4*NB state. If do-encrypt is true, rotate left, else rotate right (decryption)."
   (let ((tmp (make-array NB)))
@@ -158,7 +142,6 @@
 	     (for (k 0 NB)
 		  (setf (aref state i k) (aref tmp k)))))))
 
-
 (defun mix-columns (state)
   "Mix the four bytes in each column of the 4*NB matrix state"
   (let ((b (make-array  (list 4 NB))))
@@ -171,13 +154,8 @@
 		 (aref state (mod (+ i 2) 4) j)
 		 (aref state (mod (+ i 3) 4) j)))))
     
-    ;;Copy back
-    (for (i 0 4)
-	 (for (j 0 NB)
-	      (setf (aref state i j) (aref b i j))))))
+    (copy-array-2d state b 4 NB)))
 	
-    
-
 (defun inv-mix-columns (state)
   "Reverse of mix-columns"
   (let ((b (make-array  (list 4 NB))))
@@ -197,96 +175,164 @@
 			      
 
 (defun get-Nk (key-length)
-  "Get the Rijndael parameter Nk which is a function of the key length"
+  "Get the Rijndael parameter Nk which is a function of the key length.
+Either 4, 6 or 8 corresponding to key length 128, 192 and 256 respectively."
   (cond ((= key-length 16) 4)
 	((= key-length 24) 6)
 	((= key-length 32) 8)
 	(t (error "Invalid key length ~A" key-length))))
 
+(defun get-num-rounds (key-length)
+  "Find number of rounds for given key length (128, 192 or 256 bits)"
+  (cond ((= key-length 16) 10)
+	((= key-length 24) 12)
+	((= key-length 32) 14)
+	(t (error "Invalid key length ~A" key-length))))
+
 (defun change-key-format (key Nk)
   "Change format from byte array to 4*Nk array"
-  (let* ((new-key (make-array (list 4 Nk))))
-    (get-block new-key key 0)
+  (let ((new-key (make-array (list 4 Nk) :initial-element 0))
+        (offset 0))
+    (for (i 0 Nk)
+	 (for (j 0 4)
+	      (setf (aref new-key j i) (aref key offset))
+	      (incf offset)))
     new-key))
-  
 
-(defun aes-key-expansion (key)
-  "Rteturns the correct key expansion for the input key. Note that NB equals BC and Nk equals KC in the reference code in [1]. w is the resulting key expansion with dimensions ROUNDS+1 * 4 * NB 
+(defun get-block (block data offset)
+  "Get next 16 bytes block from octet-vector data starting at offset and write it to block using aes style (columns first order meaning that the first column is filled completely before the next.
+
+AES block size is always 128-bits/16 bytes.
+"
+  (let ((k offset))
+    (for (i 0 4)
+	 (for (j 0 4)
+	      (setf (aref block j i) (aref data k))
+	      (incf k)))))
+
+(defun foo ()
+  (let ((o (make-AES))
+        (key  (generate-key 'AES 256)))
+    (init-encrypt o key :iv #24(1))
+    (encrypt o #(0 1 2))))
+
+(defun copy-array-3d-fixed (dst src fixed row col)
+  "Copy from 3D fixed*row*col src to row*col dst array."
+  (for (i 0 row)
+       (for (j 0 col)
+	    (setf (aref dst i j) (aref src fixed i j)))))
+
+(defun sbox-byte (b)
+  "Apply sbox to a byte"  
+  (aref Sbox b))
+
+(defparameter Rcon #(#x8d #x01 #x02 #x04 #x08 #x10 #x20 #x40 #x80
+                     #x1b #x36 #x6c #xd8 #xab #x4d #x9a #x2f
+                     #x5e #xbc #x63 #xc6 #x97 #x35 #x6a #xd4
+                     #xb3 #x7d #xfa #xef #xc5 #x91)
+  "Rijndael round constants used in key scheduling.")
+
+(defun rot-word (word)
+  "Rotate word left one byte"
+  (let ((ret (make-byte-array 4)))
+    (dotimes (i 4 ret)
+      (setf (aref ret i) (aref word (mod (+ i 1) 4))))))
+
+(defun sub-word (word)
+  "Apply sbox to each byte"
+  (let ((ret (make-byte-array 4)))
+    (dotimes (i 4 ret)
+      (setf (aref ret i) (sbox-byte (aref word i))))))
+    
+(defun aes-key-expansion (key &key debug)
+  "Return the key expansion for a AES key. 
+
+Note that NB equals BC and Nk equals KC in the reference code in [1]. 
+w is the resulting key expansion with dimensions ROUNDS+1 * 4 * NB.
+
 Parameters:
--key is the original 128, 192 or 256 bits key. key is 4*Nk bits as byte array
--Nk is a function of the key length, either 4, 6 or 8 corresponding to key length 128, 192 and 256 respectively. 
--ROUNDS is the number of rounds, also a function of the key length."
-  (let* ((Nk (get-Nk (length key)))
-	 (ROUNDS (get-num-rounds (length key)))
-	 (tk (make-array (list 4 Nk)))
-	 (w (make-array (list (1+ ROUNDS) 4 NB)))
-	 (tmp 0)
-	 (RCpointer 1)
-	 (key (change-key-format key Nk)))
-    
-    (for (col 0 Nk)
-	 (for (row 0 4)
-	      (setf (aref tk row col) (aref key row col))))
-    
-    
-    ;;Copy key into first slot in round key
-    (for (col 0 Nk)
-	 (for (row 0 4)
-	      (setf (aref w (floor tmp NB) row (mod tmp NB)) (aref tk row col)))
-	 (incf tmp))
-    
-    
-    ;;Calculate as much round key material as we need. i counts 32 bits words.
-    (while (< tmp (* (1+ ROUNDS) NB))
-	   (for (i 0 4)
-		(setf (aref tk i 0) 
-		  (logxor
-		   (aref tk i 0)
-		   (aref Sbox (aref tk (mod (1+ i) 4) (1- Nk))))))
-	   
-	   (setf (aref tk 0 0) 
-	     (logxor
-	      (aref tk 0 0)
-	      (aref RC  RCpointer)))
-	   (incf RCpointer)
-	   
-	   (if (<= Nk 6)
-	       (for (j 1 Nk)
-		    (for (i 0 4)
-			 (setf (aref tk i j)
-			   (logxor 
-			    (aref tk i j)
-			    (aref tk i (1- j))))))
-	     
-	     (progn
-	       (for (j 1 4 )
-		    (for (i 0 4)
-			 (setf (aref tk i j)
-			   (logxor 
-			    (aref tk i j)
-			    (aref tk i (1- j))))))
-	       (for (i 0 4)
-		    (setf (aref tk i 4)
-		      (logxor
-		       (aref tk i 4)
-		       (aref Sbox (aref tk i 3)))))
-	       (for (j 5 Nk)
-		    (for (i 0 4)
-			 (setf (aref tk i j)
-			   (logxor 
-			    (aref tk i j)
-			    (aref tk i (1- j))))))))
-	     
-	   ;;Copy values to round key
-	   (for (col 0 Nk)
-		(for (row 0 4)
-		     (setf (aref w (floor tmp NB) row (mod tmp NB)) 
-		       (aref tk row col)))
-		(incf tmp)))
-    w))
+key: is the original 128, 192 or 256 bits key given as a byte array.
 
-	       
-	       
+Return:
+w:   the key expansion (make-array (list (1+ Nr) 4 NB))
+"
+  (let* ((key-size (length key))
+         (Nk (get-Nk key-size))
+	 (num-rounds (+ 1 (get-num-rounds key-size)))
+         (num-words (* NB num-rounds))
+         (num-bytes (* 4 num-words))         
+	 (prev (make-byte-array 4))    ; prev word
+	 (words (make-byte-array num-bytes))
+         i)                             ; current word
+
+    ;; Copy key into the first slot of the key expansion
+    (acopy key :out words)
+
+    (setf i Nk)
+    (while (< i num-words)
+      (when debug
+        (format t "i = ~A prev - sub - rcon xor - i-Nk ~%" i))
+      ;; Grab previous word in key expansion      
+      (acopy words :start (* (- i 1) 4) :size 4 :out prev)
+      (when debug
+        (format t " ~A" (hex prev)))
+      
+      (cond
+       ((= (mod i Nk) 0)
+        (setf prev (sub-word (rot-word prev)))
+        (when debug
+          (format t " ~A" (hex prev)))
+        ;; Apply round constant to first byte
+        (setf (aref prev 0) (logxor (aref prev 0)
+                                    (aref Rcon (/ i Nk))))
+        (when debug
+          (format t " ~A" (hex prev)))
+        )
+       
+       ((and (> Nk 6) (= (mod i Nk) 4))        
+        (setf prev (sub-word prev))
+        (when debug
+          (format t " ~A" (hex prev))
+          (format t " -------- ")))       ; no rcon
+       (t
+        (when debug
+          (format t " -------- ")       ; no sub
+          (format t " -------- "))))    ; no rcon  
+
+      (let ((i-Nk (get-word words (- i Nk))))
+        (when debug
+          (format t " ~A" (hex i-Nk)))
+        (xor-array prev i-Nk))
+      
+      (acopy prev :out words :out-start (* 4 i))
+      (when debug
+        (format t "  word ~,2R: ~A~%" i (hex-word words i)))
+      (incf i))
+
+    ;; Change format (XXX horribly inefficient!)
+    (let ((new (make-array (list num-rounds 4 NB)))
+          (offset 0))
+      (dotimes (slot num-rounds new)
+        (for (col 0 4)
+             (for (row 0 4)
+                  (setf (aref new slot row col) (aref words offset))
+                  (incf offset)))))))
+
+       
+(defun hex-word (words i)
+  (hex (get-word words i)))
+
+(defun get-word (words i)
+  (acopy words :start (* 4 i) :size 4))
+  
+(defun test-key-exp (&key key)
+  (let ((key (or key (hexo "2b7e151628aed2a6abf7158809cf4f3c")))
+        (256-key (hexo "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4"))
+        words)
+    (declare (ignore 256-key))
+    (setf words (aes-key-expansion key))    
+    (for (i 0 (/ (length words) 4))
+         (format t "word ~,2R: ~A~%" i (hex-word words i)))))
 	       
 (defun aes-encrypt-block (state round-key ROUNDS)
   "Encrypt one 128 bit block"
@@ -315,8 +361,6 @@
       (fill-rk ROUNDS)
       (add-round-key state rk))))
 
-
-
 (defun aes-decrypt-block (state round-key ROUNDS)
   "Decrypt one 128 bit block"
   ;;Hack to get sub-array. Terribly inefficient
@@ -346,19 +390,14 @@
       (fill-rk 0)
       (add-round-key state rk))))
 
-
-
-
 (defun aes-encrypt-octet-vector (data key mode &optional iv)
   "Wrapper for encryption."
   (aes-crypt-octet-vector data key mode t iv))
 
-
 (defun aes-decrypt-octet-vector (data key mode &optional iv)
   "Wrapper for decryption"
   (aes-crypt-octet-vector data key mode nil iv))
 
-
 (defun aes-crypt-octet-vector (data key mode doEncrypt &optional iv)
   "Encrypt data with key in given mode using an iv if necessary. Assumes data is a multiple of the block lenght (16 bytes = 128 bits).
 -mode: 'ecb'
@@ -383,9 +422,16 @@
   "data is the counter"
   (let ((encrypted-block (make-array '(4 4)))
         (offset 0))
-    (get-block encrypted-block data offset)
-    (aes-encrypt-block encrypted-block round-key num-rounds)
-    (copy-back-block encrypted-block data offset)))
+    
+    ;;    (format t "input bytes = ~A~%" (hex data))
+    (while (< offset (length data))
+      ;; Do one 16 bytes block at a time
+      (get-block encrypted-block data offset)
+      (aes-encrypt-block encrypted-block round-key num-rounds)
+      (copy-back-block encrypted-block data offset)
+      ;;      (format t "new bytes = ~A~%" (hex data))  
+      (setf offset (+ 16 offset)))
+    ))
 
 
 (defun aes-cbc-mode (data round-key num-rounds doEncrypt iv)
@@ -409,10 +455,10 @@
     (do* ((offset 0 (+ offset 16)))
 	((= offset len) (copy-back-block iv2 iv))
       (get-block block data offset)
-      (copy-array-2D tmp-block block 4 4) ;save block for use as next iv2

[270 lines skipped]



From tskogan at common-lisp.net  Sun Feb  4 21:12:58 2007
From: tskogan at common-lisp.net (tskogan)
Date: Sun,  4 Feb 2007 16:12:58 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/src
Message-ID: <20070204211258.C4CBC7E003@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/src
In directory clnet:/tmp/cvs-serv25425

Modified Files:
	aes.lisp 
Log Message:
Remove debug cruft.


--- /project/crypticl/cvsroot/crypticl/src/aes.lisp	2007/02/04 21:00:58	1.11
+++ /project/crypticl/cvsroot/crypticl/src/aes.lisp	2007/02/04 21:12:58	1.12
@@ -210,12 +210,6 @@
 	      (setf (aref block j i) (aref data k))
 	      (incf k)))))
 
-(defun foo ()
-  (let ((o (make-AES))
-        (key  (generate-key 'AES 256)))
-    (init-encrypt o key :iv #24(1))
-    (encrypt o #(0 1 2))))
-
 (defun copy-array-3d-fixed (dst src fixed row col)
   "Copy from 3D fixed*row*col src to row*col dst array."
   (for (i 0 row)
@@ -330,7 +324,7 @@
         (256-key (hexo "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4"))
         words)
     (declare (ignore 256-key))
-    (setf words (aes-key-expansion key))    
+    (setf words (aes-key-expansion key :debug t))    
     (for (i 0 (/ (length words) 4))
          (format t "word ~,2R: ~A~%" i (hex-word words i)))))
 	       
@@ -928,13 +922,19 @@
 
 (defun aes-test-cbc (key pt ct iv &optional count)
   "Input as hex strings"
-  (let ((KEY (hexo key))
-        (PT (hexo pt))
-        (CT (make-byte-array 16))
-        (CV (hexo iv)))                 ; chaining value
+  (let* ((KEY (hexo key))
+         (PT (hexo pt))
+         (CT (make-byte-array 16))
+         (CV (hexo iv))
+         ;; Don't compute round key more than once
+         (num-rounds (get-num-rounds (length KEY)))
+         (round-key (aes-key-expansion KEY)))
+    
     (dotimes (j 10000)
-      (xor-array PT CV)                 ; xor with iv
-      (aes-encrypt-octet-vector PT KEY 'ecb)
+      (xor-array PT CV)                 ; xor with iv      
+      (aes-ecb-mode PT round-key num-rounds t)
+      ;;(aes-encrypt-octet-vector PT KEY 'ecb)
+      
       ;; PT is now encrypted (= CT)
       (acopy PT :out CT)
       ;; next plaintext is previous cipher text which



From tskogan at common-lisp.net  Sun Feb  4 21:17:06 2007
From: tskogan at common-lisp.net (tskogan)
Date: Sun,  4 Feb 2007 16:17:06 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/doc
Message-ID: <20070204211706.357E37C009@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/doc
In directory clnet:/tmp/cvs-serv25812

Modified Files:
	TODO ChangeLog 
Log Message:
Update.


--- /project/crypticl/cvsroot/crypticl/doc/TODO	2007/01/27 17:07:17	1.7
+++ /project/crypticl/cvsroot/crypticl/doc/TODO	2007/02/04 21:17:05	1.8
@@ -1,10 +1,8 @@
 TODO list for Crypticl
 ======================
 
--bug in AES key	expansion for 256-bit keys, maybe others. More test
-cases needed.
 -more example applications to test and improve the api
 -SHA-512?
 -Document how to run the full test set (when porting to new platform).
 -only use hex and hexo, not the long versions.
-
+-put some of the longer test vectors in CVS.
--- /project/crypticl/cvsroot/crypticl/doc/ChangeLog	2007/01/24 21:45:12	1.16
+++ /project/crypticl/cvsroot/crypticl/doc/ChangeLog	2007/02/04 21:17:05	1.17
@@ -1,3 +1,8 @@
+04-02-2007 Taale Skogan
+	-Fix AES error with keys > 128 bits. 
+	-Use 256-bits in random. 
+	-Run Rinjdael test vectors from files on AES.	
+	
 24-01-2007 Taale Skogan
 	Replaced secure PRNG based on SHA-1 with 128 bits AES in counter
 	mode. Should be 256 bits, but seems to be a bug in AES key



From tskogan at common-lisp.net  Sat Feb 17 00:13:49 2007
From: tskogan at common-lisp.net (tskogan)
Date: Fri, 16 Feb 2007 19:13:49 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/doc
Message-ID: <20070217001349.12DDB5002C@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/doc
In directory clnet:/tmp/cvs-serv9995

Added Files:
	crypticl.pdf crypticl.lyx 
Log Message:
Lyx version of the user guide for release 0.2.



--- /project/crypticl/cvsroot/crypticl/doc/crypticl.pdf	2007/02/17 00:13:49	NONE
+++ /project/crypticl/cvsroot/crypticl/doc/crypticl.pdf	2007/02/17 00:13:49	1.1
%PDF-1.4
%????
21 0 obj
<< 
/Linearized 1 
/O 23 
/H [ 6102 571 ] 
/L 93115 
/E 84154 
/N 6 
/T 92577 
>> 
endobj
                                                          xref
21 284 
0000000016 00000 n
0000006029 00000 n
0000006673 00000 n
0000006828 00000 n
0000007021 00000 n
0000007311 00000 n
0000007674 00000 n
0000008059 00000 n
0000008438 00000 n
0000008647 00000 n
0000009031 00000 n
0000009467 00000 n
0000009628 00000 n
0000009915 00000 n
0000010183 00000 n
0000010365 00000 n
0000010617 00000 n
0000010946 00000 n
0000011196 00000 n
0000011451 00000 n
0000011660 00000 n
0000011977 00000 n
0000012233 00000 n
0000012558 00000 n
0000012809 00000 n
0000013220 00000 n
0000013397 00000 n
0000013642 00000 n
0000013972 00000 n
0000014229 00000 n
0000014553 00000 n
0000014879 00000 n
0000015132 00000 n
0000015442 00000 n
0000015636 00000 n
0000015949 00000 n
0000016143 00000 n
0000016360 00000 n
0000016575 00000 n
0000016840 00000 n
0000017063 00000 n
0000017369 00000 n
0000017624 00000 n
0000017935 00000 n
0000018184 00000 n
0000018611 00000 n
0000018922 00000 n
0000019183 00000 n
0000019484 00000 n
0000019749 00000 n
0000020014 00000 n
0000020279 00000 n
0000020508 00000 n
0000020765 00000 n
0000020934 00000 n
0000021267 00000 n
0000021544 00000 n
0000021876 00000 n
0000022136 00000 n
0000022355 00000 n
0000022609 00000 n
0000022783 00000 n
0000023007 00000 n
0000023205 00000 n
0000023474 00000 n
0000023779 00000 n
0000023980 00000 n
0000024288 00000 n
0000024575 00000 n
0000024980 00000 n
0000025318 00000 n
0000025730 00000 n
0000026010 00000 n
0000026246 00000 n
0000026544 00000 n
0000026833 00000 n
0000027197 00000 n
0000027530 00000 n
0000027736 00000 n
0000027992 00000 n
0000028427 00000 n
0000028766 00000 n
0000029200 00000 n
0000029487 00000 n
0000029851 00000 n
0000030021 00000 n
0000030487 00000 n
0000030796 00000 n
0000031011 00000 n
0000031366 00000 n
0000031629 00000 n
0000031895 00000 n
0000032215 00000 n
0000032408 00000 n
0000032735 00000 n
0000033010 00000 n
0000033261 00000 n
0000033434 00000 n
0000033596 00000 n
0000033805 00000 n
0000034119 00000 n
0000034146 00000 n
0000034642 00000 n
0000034973 00000 n
0000035400 00000 n
0000035744 00000 n
0000036063 00000 n
0000036239 00000 n
0000036492 00000 n
0000036823 00000 n
0000037022 00000 n
0000037430 00000 n
0000037715 00000 n
0000037933 00000 n
0000038167 00000 n
0000038489 00000 n
0000038836 00000 n
0000039131 00000 n
0000039313 00000 n
0000039544 00000 n
0000039841 00000 n
0000040142 00000 n
0000040624 00000 n
0000040836 00000 n
0000041039 00000 n
0000041316 00000 n
0000041665 00000 n
0000043010 00000 n
0000043287 00000 n
0000043602 00000 n
0000043849 00000 n
0000044097 00000 n
0000044352 00000 n
0000044634 00000 n
0000044905 00000 n
0000045235 00000 n
0000045497 00000 n
0000045699 00000 n
0000045963 00000 n
0000046284 00000 n
0000046485 00000 n
0000046647 00000 n
0000046821 00000 n
0000046986 00000 n
0000047185 00000 n
0000047495 00000 n
0000047792 00000 n
0000048065 00000 n
0000048353 00000 n
0000048613 00000 n
0000048824 00000 n
0000049095 00000 n
0000049366 00000 n
0000049590 00000 n
0000049815 00000 n
0000050075 00000 n
0000050898 00000 n
0000051290 00000 n
0000051544 00000 n
0000052035 00000 n
0000052302 00000 n
0000052612 00000 n
0000052806 00000 n
0000053114 00000 n
0000053415 00000 n
0000053685 00000 n
0000054006 00000 n
0000054386 00000 n
0000054669 00000 n
0000054930 00000 n
0000055197 00000 n
0000055463 00000 n
0000055730 00000 n
0000055904 00000 n
0000056218 00000 n
0000056444 00000 n
0000056778 00000 n
0000056994 00000 n
0000057171 00000 n
0000057443 00000 n
0000057694 00000 n
0000057918 00000 n
0000058138 00000 n
0000058401 00000 n
0000058618 00000 n
0000058940 00000 n
0000059203 00000 n
0000059398 00000 n
0000059629 00000 n
0000059909 00000 n
0000060181 00000 n
0000060416 00000 n
0000060645 00000 n
0000060903 00000 n
0000061134 00000 n
0000061392 00000 n
0000061615 00000 n
0000061875 00000 n
0000062110 00000 n
0000062431 00000 n
0000062662 00000 n
0000062932 00000 n
0000063172 00000 n
0000063359 00000 n
0000063632 00000 n
0000063837 00000 n
0000064075 00000 n
0000064329 00000 n
0000064645 00000 n
0000064931 00000 n
0000065183 00000 n
0000066118 00000 n
0000066372 00000 n
0000067035 00000 n
0000067467 00000 n
0000067781 00000 n
0000068058 00000 n
0000068364 00000 n
0000068641 00000 n
0000068853 00000 n
0000069131 00000 n
0000069387 00000 n
0000069690 00000 n
0000069986 00000 n
0000070254 00000 n
0000070422 00000 n
0000070599 00000 n
0000070825 00000 n
0000071017 00000 n
0000071278 00000 n
0000071589 00000 n
0000071828 00000 n
0000072011 00000 n
0000072276 00000 n
0000072547 00000 n
0000072816 00000 n
0000073107 00000 n
0000073279 00000 n
0000073486 00000 n
0000073773 00000 n
0000073990 00000 n
0000074253 00000 n
0000074518 00000 n
0000074714 00000 n
0000075025 00000 n
0000075329 00000 n
0000075586 00000 n
0000075854 00000 n
0000076123 00000 n
0000076387 00000 n
0000076687 00000 n
0000076906 00000 n
0000077099 00000 n
0000077354 00000 n
0000077605 00000 n
0000077854 00000 n
0000078030 00000 n
0000078316 00000 n
0000078542 00000 n
0000078750 00000 n
0000078994 00000 n
0000079190 00000 n
0000079365 00000 n
0000079625 00000 n
0000079863 00000 n
0000080032 00000 n
0000080282 00000 n
0000080534 00000 n
0000080745 00000 n
0000080954 00000 n
0000081203 00000 n
0000081376 00000 n
0000081584 00000 n
0000081774 00000 n
0000082290 00000 n
0000082604 00000 n
0000082631 00000 n
0000082792 00000 n
0000083038 00000 n
0000083244 00000 n
0000083492 00000 n
0000083662 00000 n
0000006102 00000 n
0000006651 00000 n
trailer
<<
/Size 305
/Info 16 0 R 
/Root 22 0 R 
/Prev 92567 
/ID[<5f766329d9a43ce0c98e16cb98673dbe><5f766329d9a43ce0c98e16cb98673dbe>]
>>
startxref
0
%%EOF
     
22 0 obj
<< 
/Pages 17 0 R 
/Type /Catalog 
/Metadata 20 0 R 
>> 
endobj
303 0 obj
<< /S 69 /Filter /FlateDecode /Length 304 0 R >> 
stream
H?b```f`????????A?

@l?j??v1?0?0? ?????L3??2??`??j?$??/hf?Yp_???D???i?.{??&?Yt?X?|hN<??;?;?(7W?<x??????a?b?G)v?/%?{<{?l:6?SV?+\?d????p?e&???4???Z]?g??s9??}2%X???	?bGjd?R8_?-???u??C???*O?87?p??x\\?@????]'?????????V?U9????PD??&???????l--- /project/crypticl/cvsroot/crypticl/doc/crypticl.lyx	2007/02/17 00:13:49	NONE
+++ /project/crypticl/cvsroot/crypticl/doc/crypticl.lyx	2007/02/17 00:13:49	1.1
#LyX 1.4.2 created this file. For more info see http://www.lyx.org/
\lyxformat 245
\begin_document
\begin_header
\textclass article
\begin_preamble
\usepackage{lmodern}
\end_preamble
\language english
\inputencoding auto
\fontscheme default
\graphics default
\paperfontsize default
\spacing single
\papersize default
\use_geometry false
\use_amsmath 1
\cite_engine basic
\use_bibtopic false
\paperorientation portrait
\secnumdepth 3
\tocdepth 3
\paragraph_separation indent
\defskip medskip
\quotes_language english
\papercolumns 1
\papersides 1
\paperpagestyle default
\tracking_changes false
\output_changes false
\end_header

\begin_body

\begin_layout Title
Programming with Crypticl 0.2
\end_layout

\begin_layout Author
T?le Skogan
\begin_inset Foot
status open

\begin_layout Standard
email: no.frisurf at tasko
\end_layout

\end_inset


\end_layout

\begin_layout Standard
\begin_inset LatexCommand \tableofcontents{}

\end_inset


\end_layout

\begin_layout Section
Introduction
\end_layout

\begin_layout Standard
This is a short introduction to the Crypticl cryptography library written
 in and for Common Lisp.
 This document focus on examples showing typical tasks.
 The unit tests for each algorithm is a further source of examples.
 To test the examples yourself load Crypticl and then change into the package
 with 
\family typewriter
in-package
\family default
:
\end_layout

\begin_layout LyX-Code
cl-user(2):(load "C:
\backslash

\backslash
crypticl
\backslash

\backslash
src
\backslash

\backslash
load.lisp")
\end_layout

\begin_layout LyX-Code
...
\end_layout

\begin_layout LyX-Code
cl-user(3): (in-package crypticl)
\end_layout

\begin_layout LyX-Code
#<The crypticl package>
\end_layout

\begin_layout LyX-Code
clc(5): 
\end_layout

\begin_layout Standard
The prompt has changed to 
\family typewriter
clc

[686 lines skipped]


From tskogan at common-lisp.net  Sat Feb 17 00:46:36 2007
From: tskogan at common-lisp.net (tskogan)
Date: Fri, 16 Feb 2007 19:46:36 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/doc
Message-ID: <20070217004636.156AE5305E@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/doc
In directory clnet:/tmp/cvs-serv16396

Modified Files:
	crypticl.pdf crypticl.lyx 
Log Message:
Corrections. Use other fonts to avoid bitmap font problem and ugly pdf.


Binary files /project/crypticl/cvsroot/crypticl/doc/crypticl.pdf	2007/02/17 00:13:48	1.1 and /project/crypticl/cvsroot/crypticl/doc/crypticl.pdf	2007/02/17 00:46:36	1.2 differ
--- /project/crypticl/cvsroot/crypticl/doc/crypticl.lyx	2007/02/17 00:13:49	1.1
+++ /project/crypticl/cvsroot/crypticl/doc/crypticl.lyx	2007/02/17 00:46:36	1.2
@@ -1,4 +1,4 @@
-#LyX 1.4.2 created this file. For more info see http://www.lyx.org/
+#LyX 1.4.4 created this file. For more info see http://www.lyx.org/
 \lyxformat 245
 \begin_document
 \begin_header
@@ -104,20 +104,35 @@
 \end_layout
 
 \begin_layout LyX-Code
-clc(5): 
+crypticl(5): 
 \end_layout
 
 \begin_layout Standard
-The prompt has changed to 
+The 
 \family typewriter
-clc
+crypticl
 \family default
-, a short nickname for the 
+ package also has a short nickname 
 \family typewriter
-crypticl
+clc
 \family default
- package.
- The examples use two utility functions, 
+ and you can use it instead of the full name:
+\end_layout
+
+\begin_layout LyX-Code
+cl-user(3): (in-package clc)
+\end_layout
+
+\begin_layout LyX-Code
+#<The crypticl package>
+\end_layout
+
+\begin_layout LyX-Code
+clc(5): 
+\end_layout
+
+\begin_layout Standard
+The examples use the two utility functions 
 \family typewriter
 hex
 \family default
@@ -125,12 +140,12 @@
 \family typewriter
 hexo
 \family default
-, to make binary output more readable.
+ to make binary output more readable.
  
 \family typewriter
 hex
 \family default
- takes an octet vector (byte vector) and returns a string representation
+ takes an octet vector (byte array) and returns a string representation
  in hex.
  
 \family typewriter
@@ -163,10 +178,10 @@
 \end_layout
 
 \begin_layout LyX-Code
-(new-instance 'SHA-256).
+(new-instance 'SHA-256)
 \end_layout
 
-\begin_layout LyX-Code
+\begin_layout Standard
 Compute SHA-1 hash of a byte vector:
 \end_layout
 
@@ -190,7 +205,7 @@
 "a9993e364706816aba3e25717850c26c9cd0d89d"
 \end_layout
 
-\begin_layout LyX-Code
+\begin_layout Standard
 Add bytes to the object multiple times and compute a hash at the end:
 \end_layout
 
@@ -268,7 +283,7 @@
 \end_layout
 
 \begin_layout LyX-Code
-(hex (sha1-on-octet-stream s)))
+                (hex (sha1-on-octet-stream s)))
 \end_layout
 
 \begin_layout LyX-Code



From tskogan at common-lisp.net  Sat Feb 17 00:54:50 2007
From: tskogan at common-lisp.net (tskogan)
Date: Fri, 16 Feb 2007 19:54:50 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/doc
Message-ID: <20070217005450.3846E5305E@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/doc
In directory clnet:/tmp/cvs-serv16905

Modified Files:
	crypticl.pdf 
Log Message:
Fix broken pdf.


Binary files /project/crypticl/cvsroot/crypticl/doc/crypticl.pdf	2007/02/17 00:46:36	1.2 and /project/crypticl/cvsroot/crypticl/doc/crypticl.pdf	2007/02/17 00:54:50	1.3 differ



From tskogan at common-lisp.net  Sat Feb 17 01:03:10 2007
From: tskogan at common-lisp.net (tskogan)
Date: Fri, 16 Feb 2007 20:03:10 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/doc/html
Message-ID: <20070217010310.89B7D53061@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/doc/html
In directory clnet:/tmp/cvs-serv19122

Modified Files:
	index.html 
Log Message:
Updated for 0.2 release.


--- /project/crypticl/cvsroot/crypticl/doc/html/index.html	2007/01/21 01:40:26	1.8
+++ /project/crypticl/cvsroot/crypticl/doc/html/index.html	2007/02/17 01:03:10	1.9
@@ -7,14 +7,24 @@
 <body>
  <div class="header">
   <h1>Crypticl</h1>
-  <h2>A Common Lisp cryptographic library</h2>
+  <h2>A Common Lisp cryptography library</h2>
  </div>
 
  <h3>Introduction</h3>
 
- <p>Crypticl is a library of cryptographic functions written in Common Lisp. The goal is to provide flexible, high level cryptographic abstractions on top of a kernel of core cryptographic primitives. The core currently includes AES, IDEA, MD5, SHA-1, SHA-256, DSA and RSA primitives. It is distributed under an MIT-style license.</p>
+ <p>Crypticl is a cryptography library written in Common Lisp. The goal is to provide flexible, high level cryptographic abstractions on top of a kernel of core cryptographic primitives. The core currently includes AES, IDEA, MD5, SHA-1, SHA-256, DSA and RSA primitives. It is distributed under an MIT-style license.</p>
 
-<p>The library will be limited to common, secure algorithms and not try to implement all available cryptographic algorithms. Hence AES is included and DES is not.
+<p>The library will be limited to common, secure algorithms and not try to
+implement all available cryptographic algorithms. Hence AES is included and
+DES is not.
+
+<p>Take a look at the <a href="crypticl.pdf">manual</a> for examples of how to
+use the library. The focus so far has been to find the right abstractions and
+define a good api. Optimization and rigerous testing has yet to be done. Thus
+it shouldn't be used in production code.
+
+<h3>Releases</h3>
+The current release is 0.2.
 
 <!--
  <h3>Mailing Lists</h3>
@@ -44,8 +54,9 @@
 
  <h3>Download</h3>
 
- <a href="crypticl-0.1.1.tar.gz">Crypticl 0.1</a><p>
- <a href="obol-0.1.1.tar.gz">Obol 0.1</a>, includes Crypticl.<p>
+ <a href="crypticl-0.2.0.tar.gz">crypticl-0.2.0.tar.gz</a> (current release).<p>
+ <a href="crypticl-0.1.1.tar.gz">crypticl-0.1.1.tar.gz</a><p>
+ <a href="obol-0.1.1.tar.gz">obol-0.1.1.tar.gz</a>, includes Crypticl.<p>
 
  <h3>CVS</h3>
 
@@ -56,7 +67,7 @@
 
 
    <div class="footer">
-     Taale Skogan 17. January 2007.
+     T?le Skogan 17. February 2007.
    </div>
    <!-- http://validator.w3.org/check/referer -->
  </body>



From tskogan at common-lisp.net  Sat Feb 17 01:08:58 2007
From: tskogan at common-lisp.net (tskogan)
Date: Fri, 16 Feb 2007 20:08:58 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/src
Message-ID: <20070217010858.D2F8D5411F@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/src
In directory clnet:/tmp/cvs-serv19611/src

Modified Files:
	utilities.lisp sha.lisp common.lisp 
Log Message:
Cleanup.Fix broken pdf.


--- /project/crypticl/cvsroot/crypticl/src/utilities.lisp	2007/02/04 20:58:00	1.11
+++ /project/crypticl/cvsroot/crypticl/src/utilities.lisp	2007/02/17 01:08:58	1.12
@@ -5,9 +5,6 @@
 ;;;; Author: Taale Skogan
 ;;;; Distribution:  See the accompanying file LICENSE.
 
-;;To do:
-;;-testvectors
-
 (in-package crypticl)
 
 
@@ -24,8 +21,6 @@
       ((>= ,var ,gstop))
        , at body)))
 
-
-
 (defun octet-vector-to-integer 
     (vector &optional (start 0) (end (length vector)))
   "Represents 8 bits byte string as integer. Assumes byte is 8 bits. Uses big endian format. Vector must be an array of bytes"
@@ -71,7 +66,6 @@
 	(coerce (ldb bytespec integer) '(unsigned-byte 8))))
     result))
 
-
 (defun int-as-octet-vector-add (ov n)
   "Add n to octet vector ov and keep size of octet vector."
   (integer-to-octet-vector (+ (octet-vector-to-integer ov) n) :vector ov))
@@ -101,9 +95,6 @@
 	(write-string (format nil "~2,'0X" x) str)
 	(incf count)))))
 	   
-     
-  
-
 (defun  hex-prepad-zero (ov size)
   "Size is minimum length in octets. NB! One octet = 2 hex litterals."
   (let* ((out (hex ov))
@@ -112,11 +103,6 @@
 	(concat (make-string (* 2 prefix-length) :initial-element #\0)
 		out)
       out)))
-    
- 
-
-;;;(defun byte-vector-to-hex-string (bv) "Legacy support. Will be removed"
-;;;  (octet-vector-to-hex-string bv))
 
 (defun hexo (str)
   (hex-string-to-octet-vector str))
@@ -144,8 +130,6 @@
 	  (parse-integer
 	   str :start str-offset :end (+ 1 str-offset) :radix 16))))))
 	  
-
-
 (defun insert-space (string)
   "Inserts a space between every 8th char in a string. Useful for pretty-printing a SHA-1 hash string."
   (let ((new-string ""))
@@ -158,7 +142,6 @@
 	  (concatenate 'string 
 	    new-string (format nil "~A" (aref string i))))))))
 
-
 (defun octet-vector-copy (in &optional (start 0) (end (length in))
                                        out (out-start 0))
   "Returns copy of input vector or copies it into out at the given offset."
@@ -187,15 +170,13 @@
    ((every #'vectorp args) (apply #'concatenate (cons 'vector args)))
    (t (error "Invalid types ~A" args))))
 
+
 (defun make-str (lst)
   "Construct a string from a list of string"
   (with-output-to-string (str)
     (dolist (s lst)
       (write-string s str))))
 
-
-;;;; String utilities
-
 (defun split-seq (seq pred &key (start 0) end key strict)
   "Return a list of subseq's of SEQ, split on predicate PRED.
 Start from START, end with END.  If STRICT is non-nil, collect
@@ -225,7 +206,6 @@
       (unless (equal (aref v1 i) (aref v2 i))
 	(return nil)))))
 
-
 (defun string-startswith (s prefix)
   "Return true if the string s starts with the given prefix"
   (let ((len (length prefix)))
@@ -251,6 +231,5 @@
 the same platform."
   (map 'string #'code-char octet-vector))
 
-
 (defun make-byte-array (size)  
   (make-array size :element-type '(unsigned-byte 8) :initial-element 0))
\ No newline at end of file
--- /project/crypticl/cvsroot/crypticl/src/sha.lisp	2007/01/20 15:46:59	1.11
+++ /project/crypticl/cvsroot/crypticl/src/sha.lisp	2007/02/17 01:08:58	1.12
@@ -389,25 +389,21 @@
     (dolist (x test-list (format t "OK."))
       (let ((in (first x))
 	    (ex (second x)))
-	(assert (string= (octet-vector-to-hex-string
-			  (sha-1-on-octet-vector in)) ex)()
+	(assert (string= (hex (sha-1-on-octet-vector in)) ex)()
 	  "sha-1 test for input string ~A~%" in)
 
 	(let ((obj (make-SHA-1)))
           ;; Test hash only.
-	  (assert (string= (octet-vector-to-hex-string
-			    (hash obj in)) ex) ()
+	  (assert (string= (hex (hash obj in)) ex) ()
 	    "sha-1 CLOS test for input string ~A~%" in)
           ;; Test add and hash.
 	  (update obj in)   
-	  (assert (string= (octet-vector-to-hex-string
-			    (hash obj)) ex) ()
+	  (assert (string= (hex (hash obj)) ex) ()
 	    "sha-1 CLOS update+hash test for input string ~A~%" in))))
 
     (when test-long
       (format t "Testing long vector. This may take some seconds...~%")
-      (assert (string= (octet-vector-to-hex-string
-			(sha-1-on-octet-vector #200000(2)))
+      (assert (string= (hex (sha-1-on-octet-vector #200000(2)))
 		       "f4c046625d9c6672e0356bbe0ed5cd93adfa924b") ()
 	"sha-1 test for long test vector 200000.")
       (format t "Done testing long vector.~%"))))
--- /project/crypticl/cvsroot/crypticl/src/common.lisp	2007/01/20 19:33:41	1.10
+++ /project/crypticl/cvsroot/crypticl/src/common.lisp	2007/02/17 01:08:58	1.11
@@ -1,15 +1,10 @@
 ;;;;-*-lisp-*-
 ;;;; The Crypticl cryptographic library.
 ;;;;
-;;;; Description: Common functionality.
+;;;; Description: Common functionality across cryptographic primitives.
 ;;;; Author: Taale Skogan
 ;;;; Distribution:  See the accompanying file LICENSE.
 
-;; TODO:
-;;-register constructors for byte-encoding constructors in the same way 
-;; as for normal constructors.
-;;-better spki string encoding with type.
-
 (in-package crypticl)
 
 (defun print-external-symbols ()



From tskogan at common-lisp.net  Sat Feb 17 01:19:22 2007
From: tskogan at common-lisp.net (tskogan)
Date: Fri, 16 Feb 2007 20:19:22 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/doc/html
Message-ID: <20070217011922.37B995538B@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/doc/html
In directory clnet:/tmp/cvs-serv20741

Modified Files:
	index.html 
Log Message:
fix typo.


--- /project/crypticl/cvsroot/crypticl/doc/html/index.html	2007/02/17 01:03:10	1.9
+++ /project/crypticl/cvsroot/crypticl/doc/html/index.html	2007/02/17 01:19:22	1.10
@@ -20,7 +20,7 @@
 
 <p>Take a look at the <a href="crypticl.pdf">manual</a> for examples of how to
 use the library. The focus so far has been to find the right abstractions and
-define a good api. Optimization and rigerous testing has yet to be done. Thus
+define a good api. Optimization and rigorous testing has yet to be done. Thus
 it shouldn't be used in production code.
 
 <h3>Releases</h3>



From tskogan at common-lisp.net  Sat Feb 17 01:31:46 2007
From: tskogan at common-lisp.net (tskogan)
Date: Fri, 16 Feb 2007 20:31:46 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/doc/html
Message-ID: <20070217013146.31BA959001@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/doc/html
In directory clnet:/tmp/cvs-serv23297

Modified Files:
	index.html 
Log Message:
Adding platforms section.


--- /project/crypticl/cvsroot/crypticl/doc/html/index.html	2007/02/17 01:19:22	1.10
+++ /project/crypticl/cvsroot/crypticl/doc/html/index.html	2007/02/17 01:31:46	1.11
@@ -20,8 +20,17 @@
 
 <p>Take a look at the <a href="crypticl.pdf">manual</a> for examples of how to
 use the library. The focus so far has been to find the right abstractions and
-define a good api. Optimization and rigorous testing has yet to be done. Thus
-it shouldn't be used in production code.
+define a good api. Optimization and rigorous testing has yet to be done and
+Crypticl should not be used in production code.
+
+<h3>Platforms</h3>
+Crypticl should work on most Commom Lisp implementations, but has so far only
+been tested on the following:
+<ul>
+<li>Allegro 6.2 Windows XP
+<li>Allegro CL 8.0 (June 14, 2006) Windows XP
+<li>SBCL 1.0.1 (December 26, 2006) Windows XP
+</ul>
 
 <h3>Releases</h3>
 The current release is 0.2.



From tskogan at common-lisp.net  Sat Feb 17 01:43:43 2007
From: tskogan at common-lisp.net (tskogan)
Date: Fri, 16 Feb 2007 20:43:43 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/doc
Message-ID: <20070217014343.2409263088@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/doc
In directory clnet:/tmp/cvs-serv25994

Modified Files:
	ChangeLog 
Log Message:
updated


--- /project/crypticl/cvsroot/crypticl/doc/ChangeLog	2007/02/04 21:17:05	1.17
+++ /project/crypticl/cvsroot/crypticl/doc/ChangeLog	2007/02/17 01:43:43	1.18
@@ -1,3 +1,7 @@
+--------------------------------- TAG 0.2.0 -------------------------------
+17-02-2007 Taale Skogan
+	Converted user guide to lyx and pdf.
+	
 04-02-2007 Taale Skogan
 	-Fix AES error with keys > 128 bits. 
 	-Use 256-bits in random. 



From tskogan at common-lisp.net  Sat Feb 17 12:38:19 2007
From: tskogan at common-lisp.net (tskogan)
Date: Sat, 17 Feb 2007 07:38:19 -0500 (EST)
Subject: [crypticl-cvs] CVS obol/src
Message-ID: <20070217123819.916482F055@common-lisp.net>

Update of /project/crypticl/cvsroot/obol/src
In directory clnet:/tmp/cvs-serv15698

Modified Files:
	lobo.lisp 
Log Message:
Upgrade to new SHA-1 name in crypticl 0.2.


--- /project/crypticl/cvsroot/obol/src/lobo.lisp	2005/10/02 14:17:55	1.2
+++ /project/crypticl/cvsroot/obol/src/lobo.lisp	2007/02/17 12:38:19	1.3
@@ -976,7 +976,7 @@
 	 (signer 
 	  (typecase key
 	    (clc:RSAPrivateKey
-	     (clc:new-instance "SHA1withRSA"))
+	     (clc:new-instance "SHA-1withRSA"))
 	    (t (clc:new-instance (clc:algorithm key)))))) 
     (f1 t "~&eval-sign: key=~A" key)
     (f1 t "~&eval-sign: data to sign=~A" var)
@@ -1000,7 +1000,7 @@
 	 (verifier
 	  (typecase key
 	    (clc:RSAPublicKey
-	     (clc:new-instance "SHA1withRSA"))
+	     (clc:new-instance "SHA-1withRSA"))
 	    (t (clc:new-instance (clc:algorithm key))))))
 	 
     ;; Transform signature to list form



From tskogan at common-lisp.net  Sat Feb 17 13:25:54 2007
From: tskogan at common-lisp.net (tskogan)
Date: Sat, 17 Feb 2007 08:25:54 -0500 (EST)
Subject: [crypticl-cvs] CVS obol/doc
Message-ID: <20070217132554.ED6B232041@common-lisp.net>

Update of /project/crypticl/cvsroot/obol/doc
In directory clnet:/tmp/cvs-serv28349

Modified Files:
	ChangeLog 
Log Message:
update


--- /project/crypticl/cvsroot/obol/doc/ChangeLog	2005/10/02 14:26:27	1.5
+++ /project/crypticl/cvsroot/obol/doc/ChangeLog	2007/02/17 13:25:54	1.6
@@ -1,4 +1,8 @@
----------------------------------  TAG 0.1.1  -------------------------------
+-------------------------------- TAG 0.1.2 --------------------------------
+17-02-2007 Taale Skogan<tasko at frisurf.no>
+	Update to use Crypticl 0.2.
+
+-------------------------------- TAG 0.1.1 --------------------------------
 02-10-2005 Taale Skogan<tasko at frisurf.no>
 	* prog/needham-schroeder-*.obol: Hardcoding channels so all three 
 	protocl principals can run in in the same Lobo runtime.



From tskogan at common-lisp.net  Sat Feb 17 13:34:55 2007
From: tskogan at common-lisp.net (tskogan)
Date: Sat, 17 Feb 2007 08:34:55 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/doc/html
Message-ID: <20070217133455.EF4E834020@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/doc/html
In directory clnet:/tmp/cvs-serv28871

Modified Files:
	index.html 
Log Message:
Link to obol 0.1.2.


--- /project/crypticl/cvsroot/crypticl/doc/html/index.html	2007/02/17 01:31:46	1.11
+++ /project/crypticl/cvsroot/crypticl/doc/html/index.html	2007/02/17 13:34:55	1.12
@@ -65,7 +65,9 @@
 
  <a href="crypticl-0.2.0.tar.gz">crypticl-0.2.0.tar.gz</a> (current release).<p>
  <a href="crypticl-0.1.1.tar.gz">crypticl-0.1.1.tar.gz</a><p>
- <a href="obol-0.1.1.tar.gz">obol-0.1.1.tar.gz</a>, includes Crypticl.<p>
+ <a href="obol-0.1.2.tar.gz">obol-0.1.2.tar.gz</a>, requires Crypticl 0.2 (not
+ included).<p>
+ <a href="obol-0.1.1.tar.gz">obol-0.1.1.tar.gz</a>, includes Crypticl 0.1.1.<p>
 
  <h3>CVS</h3>
 



From tskogan at common-lisp.net  Sat Feb 17 16:08:42 2007
From: tskogan at common-lisp.net (tskogan)
Date: Sat, 17 Feb 2007 11:08:42 -0500 (EST)
Subject: [crypticl-cvs] CVS crypticl/doc
Message-ID: <20070217160842.C20644E00F@common-lisp.net>

Update of /project/crypticl/cvsroot/crypticl/doc
In directory clnet:/tmp/cvs-serv23254

Modified Files:
	crypticl.pdf crypticl.lyx 
Log Message:
Adding section on random numbers.


Binary files /project/crypticl/cvsroot/crypticl/doc/crypticl.pdf	2007/02/17 00:54:50	1.3 and /project/crypticl/cvsroot/crypticl/doc/crypticl.pdf	2007/02/17 16:08:42	1.4 differ
--- /project/crypticl/cvsroot/crypticl/doc/crypticl.lyx	2007/02/17 00:46:36	1.2
+++ /project/crypticl/cvsroot/crypticl/doc/crypticl.lyx	2007/02/17 16:08:42	1.3
@@ -279,7 +279,7 @@
 \end_layout
 
 \begin_layout LyX-Code
-crypticl(31): (with-open-file (s "rsa.lisp") 
+crypticl(15): (with-open-file (s "rsa.lisp") 
 \end_layout
 
 \begin_layout LyX-Code
@@ -291,6 +291,79 @@
 \end_layout
 
 \begin_layout Section
+Random numbers
+\end_layout
+
+\begin_layout Standard
+Handling random numbers correctly is vital for almost all crypto primitives.
+ I recommend studying chapter 10 in 
+\begin_inset LatexCommand \cite{key-1}
+
+\end_inset
+
+ before using the random number api of Crypticl (or any crypto library for
+ that matter).
+ Two important factors are a cryptographically secure pseudorandom number
+ generator and a source of high entropy bits for seeding the generator.
+ Crypticl uses 256-bits AES in counter mode as the number generator (based
+ on the Fortuna design from 
+\begin_inset LatexCommand \cite{key-1}
+
+\end_inset
+
+).
+ The function 
+\family typewriter
+random-secure-octets
+\family default
+ returns an octet vector with random bits:
+\end_layout
+
+\begin_layout LyX-Code
+crypticl(16): (random-secure-octets 16)
+\end_layout
+
+\begin_layout LyX-Code
+#(146 37 34 245 50 193 238 169 54 139 ...)
+\end_layout
+
+\begin_layout Standard
+Before using any primitives involving keys or other random data you must
+ seed the pseudorandom number generator with high entropy bits.
+ On Linux the generator in Crypticl will seed itself using 
+\family typewriter
+/dev/random
+\family default
+, but on Windows you must seed the generator yourself with 256 bits of entropy
+ using the api call 
+\family typewriter
+reseed-secure-prng:
+\end_layout
+
+\begin_layout LyX-Code
+crypticl(17): (reseed-secure-prng seed)
+\end_layout
+
+\begin_layout LyX-Code
+#<SecurePRNG-AES @ #x209099f2>
+\end_layout
+
+\begin_layout Standard
+The seed must be an octet vector or a bignum.
+ Furthermore you may need to reseed the generator depending on how you use
+ it (see 
+\begin_inset LatexCommand \cite{key-1}
+
+\end_inset
+
+).
+ Note: The handling of entropy and reseeding is weak and brittle in the
+ current (0.2) version of Crypticl and it is very easy to compromise security
+ if you make a mistake.
+ So be extremely careful.
+\end_layout
+
+\begin_layout Section
 Symmetric key encryption
 \end_layout
 
@@ -810,5 +883,14 @@
 (8431410348096402792 8431410348096402792)
 \end_layout
 
+\begin_layout Bibliography
+
+\bibitem {key-1}
+Ferguson, Niels and Schneier, Bruce.
+ 2003.
+ Practical Cryptography.
+ Wiley.
+\end_layout
+
 \end_body
 \end_document