121 lines
3.2 KiB
Clojure
121 lines
3.2 KiB
Clojure
(ns crypto
|
|
"Erlang :crypto module — cryptographic functions.
|
|
|
|
In CljElixir: (crypto/hash :sha256 data), (crypto/strong-rand-bytes 16), etc.
|
|
Wraps OpenSSL for hashing, encryption, and random number generation.")
|
|
|
|
(defn hash
|
|
"Computes a hash digest.
|
|
(crypto/hash :sha256 \"hello\") ;=> <<binary hash>>
|
|
Algorithms: :md5, :sha, :sha224, :sha256, :sha384, :sha512, :sha3-256, etc."
|
|
[type data])
|
|
|
|
(defn mac
|
|
"Computes a Message Authentication Code.
|
|
(crypto/mac :hmac :sha256 key data)"
|
|
([type sub-type key data])
|
|
([type sub-type key data mac-length]))
|
|
|
|
(defn hash-init
|
|
"Initializes incremental hashing.
|
|
(crypto/hash-init :sha256)"
|
|
[type])
|
|
|
|
(defn hash-update
|
|
"Updates incremental hash with more data.
|
|
(crypto/hash-update state data)"
|
|
[state data])
|
|
|
|
(defn hash-final
|
|
"Finalizes incremental hash. Returns the digest."
|
|
[state])
|
|
|
|
(defn strong-rand-bytes
|
|
"Generates `n` cryptographically strong random bytes.
|
|
(crypto/strong-rand-bytes 16) ;=> <<16 random bytes>>"
|
|
[n])
|
|
|
|
(defn crypto-one-time
|
|
"One-shot symmetric encryption/decryption.
|
|
(crypto/crypto-one-time :aes-256-ctr key iv data true) ;=> encrypted"
|
|
([cipher key iv data encrypt-flag])
|
|
([cipher key data encrypt-flag]))
|
|
|
|
(defn crypto-one-time-aead
|
|
"One-shot AEAD encryption/decryption (e.g., AES-GCM).
|
|
(crypto/crypto-one-time-aead :aes-256-gcm key iv data aad true)"
|
|
([cipher key iv data aad encrypt-flag])
|
|
([cipher key iv data aad tag-length encrypt-flag]))
|
|
|
|
(defn crypto-init
|
|
"Initializes streaming encryption/decryption.
|
|
3-arity: (crypto/crypto-init cipher key encrypt-flag)
|
|
4-arity: (crypto/crypto-init cipher key iv encrypt-flag-or-opts)"
|
|
([cipher key encrypt-flag])
|
|
([cipher key iv encrypt-flag-or-opts]))
|
|
|
|
(defn crypto-update
|
|
"Updates streaming encryption with more data."
|
|
[state data])
|
|
|
|
(defn crypto-final
|
|
"Finalizes streaming encryption."
|
|
[state])
|
|
|
|
(defn sign
|
|
"Creates a digital signature.
|
|
(crypto/sign :rsa :sha256 data private-key)"
|
|
([algorithm digest-type data key])
|
|
([algorithm digest-type data key opts]))
|
|
|
|
(defn verify
|
|
"Verifies a digital signature.
|
|
(crypto/verify :rsa :sha256 data signature public-key)"
|
|
([algorithm digest-type data signature key])
|
|
([algorithm digest-type data signature key opts]))
|
|
|
|
(defn generate-key
|
|
"Generates a key pair.
|
|
(crypto/generate-key :ecdh :secp256r1)"
|
|
([type params])
|
|
([type params private-key]))
|
|
|
|
(defn compute-key
|
|
"Computes shared secret from key exchange."
|
|
([type others-public-key my-private-key params])
|
|
([type others-public-key my-private-key shared-info params]))
|
|
|
|
(defn supports
|
|
"Returns lists of supported algorithms.
|
|
(crypto/supports) ;=> [{:ciphers [...]}, {:hashs [...]}, ...]"
|
|
([])
|
|
([category]))
|
|
|
|
(defn hash-info
|
|
"Returns information about a hash algorithm."
|
|
[type])
|
|
|
|
(defn cipher-info
|
|
"Returns information about a cipher."
|
|
[cipher])
|
|
|
|
(defn ec-curves
|
|
"Returns supported elliptic curves."
|
|
[])
|
|
|
|
(defn rand-seed
|
|
"Seeds the random number generator.
|
|
(crypto/rand-seed seed)"
|
|
([seed])
|
|
([alg-or-state seed]))
|
|
|
|
(defn rand-uniform
|
|
"Returns a random integer in 1..n.
|
|
(crypto/rand-uniform 100) ;=> 42"
|
|
[n])
|
|
|
|
(defn exor
|
|
"XORs two equal-length binaries.
|
|
(crypto/exor bin1 bin2)"
|
|
[bin1 bin2])
|