Xojo Conferences
XDCApr2018DenverUSA
MBSSep2018MunichEurope

MBS Xojo Encryption Kit 1.0

CommonCryptoMB module:

Module CommonCryptoMB
Const CC_MD2_DIGEST_LENGTH = 16
Const CC_MD4_DIGEST_LENGTH = 16
Const CC_MD5_DIGEST_LENGTH = 16
Const CC_SHA1_DIGEST_LENGTH = 20
Const CC_SHA224_DIGEST_LENGTH = 28
Const CC_SHA256_DIGEST_LENGTH = 32
Const CC_SHA384_DIGEST_LENGTH = 48
Const CC_SHA512_DIGEST_LENGTH = 64
Const kCCAlignmentError = -4303
Const kCCBufferTooSmall = -4301
Const kCCDecodeError = -4304
Const kCCMemoryFailure = -4302
Const kCCOptionECBMode = 2
Const kCCOptionPKCS7Padding = 1
Const kCCOverflow = -4306
Const kCCParamError = -4300
Const kCCRNGFailure = -4307
Const kCCSuccess = 0
Const kCCUnimplemented = -4305
Const 9/0 = /usr/lib/system/libcommonCrypto.dylib
Const 1/0 = System.framework
Const kLibrary =
Enum CryptBlockSize kCCBlockSizeAES128 = 16 kCCBlockSizeDES = 8 kCCBlockSize3DES = 8 kCCBlockSizeCAST = 8 kCCBlockSizeRC2 = 8 kCCBlockSizeBlowfish = 8 End Enum
Enum CryptKeySize kCCKeySizeAES128 = 16 kCCKeySizeAES192 = 24 kCCKeySizeAES256 = 256 kCCKeySizeDES = 8 kCCKeySize3DES = 24 kCCKeySizeMinCAST = 5 kCCKeySizeMaxCAST = 16 kCCKeySizeMinRC4 = 1 kCCKeySizeMaxRC4 = 512 kCCKeySizeMinRC2 = 1 kCCKeySizeMaxRC2 = 128 kCCKeySizeMinBlowfish = 8 kCCKeySizeMaxBlowfish = 56 End Enum
Enum CryptoAlgorithm AES128 = 0 AES = 0 DES = 1 ThreeDES = 2 CAST = 3 RC4 = 4 RC2 = 5 Blowfish = 6 End Enum
Enum CryptoMode kCCModeECB = 1 kCCModeCBC = 2 kCCModeCFB = 3 kCCModeCTR = 4 kCCModeF8 = 5 kCCModeLRW = 6 kCCModeOFB = 7 kCCModeXTS = 8 kCCModeRC4 = 9 kCCModeCFB8 = 10 End Enum
Enum CryptoOperation Encrypt = 0 Decrypt = 1 End Enum
Enum CryptoPadding No = 0 PKCS7 = 1 End Enum
Enum HMacAlgorithm SHA1 = 0 MD5 = 1 SHA256 = 2 SHA384 = 3 SHA512 = 4 SHA224 = 5 End Enum
Enum Hashes MD2 = 2 MD4 = 4 MD5 = 5 SHA1 = 1 SHA224 = 224 SHA384 = 384 SHA256 = 256 SHA512 = 512 End Enum
Enum PseudoRandomAlgorithm SHA1 = 1 SHA224 = 2 SHA256 = 3 SHA384 = 4 SHA512 = 5 End Enum
Enum WrappingAlgorithm AES = 1 End Enum
Protected Function CalibratePBKDF2(passwordLength as Integer, SaltLength as Integer, algorithm as PseudoRandomAlgorithm, msec as Integer = 1000) As Integer // Determine the number of PRF rounds to use for a specific delay on the current platform. // // algorithm Currently only PBKDF2 is available via kCCPBKDF2 // passwordLen The length of the text password in bytes. // saltLen The length of the salt in bytes. // prf The Pseudo Random Algorithm to use for the derivation iterations. // derivedKeyLen The expected length of the derived key in bytes. // msec The targetted duration we want to achieve for a key derivation with these parameters. // // the number of iterations to use for the desired processing time. End
Protected Function Crypt(Operation as CryptoOperation, Algorithm as CryptoAlgorithm, Options as Integer, key as MemoryBlock, Data as MemoryBlock, IV as MemoryBlock = nil) As MemoryBlock End
Protected Function Crypt(Operation as CryptoOperation, Algorithm as CryptoAlgorithm, Options as Integer, key as xojo.core.MemoryBlock, Data as xojo.core.MemoryBlock, IV as xojo.core.MemoryBlock = nil) As xojo.core.MemoryBlock End
Protected Function EncodeHex(data as xojo.Core.MemoryBlock) As text // encodes MemoryBlock as text End
Protected Function HMAC(HashType as HMacAlgorithm, Key as MemoryBlock, Data as MemoryBlock) As MemoryBlock // Stateless, one-shot HMAC function. // Returns hash as memoryblock End
Protected Function HMAC(HashType as HMacAlgorithm, Key as String, Data as string) As MemoryBlock // Stateless, one-shot HMAC function. // Returns hash as memoryblock // convert string in current encoding to MemoryBlock End
Protected Function HMAC(HashType as HMacAlgorithm, Key as Text, Data as text) As xojo.Core.MemoryBlock // Stateless, one-shot HMAC function. // Returns hash as memoryblock End
Protected Function HMAC(HashType as HMacAlgorithm, Key as Xojo.Core.MemoryBlock, Data as xojo.Core.MemoryBlock) As xojo.Core.MemoryBlock // Stateless, one-shot HMAC function. // Returns hash as memoryblock End
Protected Function HMacHashSize(h as HMacAlgorithm) As integer // size of hash in bytes End
Protected Function Hash(HashType as Hashes, Data as MemoryBlock) As MemoryBlock // one shot hash function // calculates hash for given data End
Protected Function Hash(HashType as Hashes, Data as string) As MemoryBlock // one shot hash function // calculates hash for given data // convert string in current encoding to MemoryBlock End
Protected Function Hash(HashType as Hashes, Data as text) As xojo.Core.MemoryBlock // one shot hash function // calculates hash for given data End
Protected Function Hash(HashType as Hashes, Data as xojo.Core.MemoryBlock) As xojo.Core.MemoryBlock // one shot hash function // calculates hash for given data End
Protected Function KeyDerivationPBKDF2(password as MemoryBlock, salt as MemoryBlock, algorithm as PseudoRandomAlgorithm, rounds as Integer) As MemoryBlock // Derive a key from a text password/passphrase // // algorithm Currently only PBKDF2 is available via kCCPBKDF2 // password The text password used as input to the derivation function. The actual octets present in this string will be used with no additional processing. It's extremely important that the same encoding and normalization be used each time this routine is called if the same key is expected to be derived. // salt The salt byte values used as input to the derivation function. // prf The Pseudo Random Algorithm to use for the derivation iterations. // rounds The number of rounds of the Pseudo Random Algorithm to use. // // The following values are used to designate the PRF: // // * PseudoRandomAlgorithm.SHA1 // * PseudoRandomAlgorithm.SHA224 // * PseudoRandomAlgorithm.SHA256 // * PseudoRandomAlgorithm.SHA384 // * PseudoRandomAlgorithm.SHA512 // // Raises exception with Parameter error in case of bad values for the password, salt, and unwrapped key pointers as well as a bad value for the prf function. // // PS: Maybe before putting password or salt here, push them through hash function first? End
Protected Function KeyDerivationPBKDF2(password as xojo.core.MemoryBlock, salt as xojo.core.MemoryBlock, algorithm as PseudoRandomAlgorithm, rounds as Integer) As xojo.core.MemoryBlock // Derive a key from a text password/passphrase // // algorithm Currently only PBKDF2 is available via kCCPBKDF2 // password The text password used as input to the derivation function. The actual octets present in this string will be used with no additional processing. It's extremely important that the same encoding and normalization be used each time this routine is called if the same key is expected to be derived. // salt The salt byte values used as input to the derivation function. // prf The Pseudo Random Algorithm to use for the derivation iterations. // rounds The number of rounds of the Pseudo Random Algorithm to use. // // The following values are used to designate the PRF: // // * PseudoRandomAlgorithm.SHA1 // * PseudoRandomAlgorithm.SHA224 // * PseudoRandomAlgorithm.SHA256 // * PseudoRandomAlgorithm.SHA384 // * PseudoRandomAlgorithm.SHA512 // // Raises exception with Parameter error in case of bad values for the password, salt, and unwrapped key pointers as well as a bad value for the prf function. // // PS: Maybe before putting password or salt here, push them through hash function first? End
Protected Function SymmetricKeyUnwrap(algorithm as WrappingAlgorithm, IV as MemoryBlock, kek as MemoryBlock, wrappedKey as MemoryBlock) As MemoryBlock // Unwrap a symmetric key with a Key Encryption Key (KEK). // // algorithm Currently only AES Keywrapping (rfc3394) is available via WrappingAlgorithm.AES // iv The initialization value to be used. rfc3394_iv1 is available as a constant for the standard IV to use. // kek The Key Encryption Key to be used to unwrap the raw key. // wrappedKey The wrapped key bytes. // // The algorithm chosen is determined by the algorithm parameter and the size of the key being wrapped (ie aes128 for 128 bit keys). // // May raise CommonCryptoExceptionMB with BufferTooSmall indicates insufficent space in the rawKey buffer. // ParamError can result from bad values for the kek, rawKey, and wrappedKey key pointers. End
Protected Function SymmetricKeyUnwrap(algorithm as WrappingAlgorithm, IV as xojo.Core.MemoryBlock, kek as xojo.Core.MemoryBlock, wrappedKey as xojo.core.MemoryBlock) As xojo.core.MemoryBlock // Unwrap a symmetric key with a Key Encryption Key (KEK). // // algorithm Currently only AES Keywrapping (rfc3394) is available via WrappingAlgorithm.AES // iv The initialization value to be used. rfc3394_iv1 is available as a constant for the standard IV to use. // kek The Key Encryption Key to be used to unwrap the raw key. // wrappedKey The wrapped key bytes. // // The algorithm chosen is determined by the algorithm parameter and the size of the key being wrapped (ie aes128 for 128 bit keys). // // May raise CommonCryptoExceptionMB with BufferTooSmall indicates insufficent space in the rawKey buffer. // ParamError can result from bad values for the kek, rawKey, and wrappedKey key pointers. End
Protected Function SymmetricKeyWrap(algorithm as WrappingAlgorithm, IV as MemoryBlock, kek as MemoryBlock, rawKey as MemoryBlock) As MemoryBlock // Wrap a symmetric key with a Key Encryption Key (KEK). // // algorithm Currently only AES Keywrapping (rfc3394) is available via WrappingAlgorithm.AES // iv The initialization value to be used. rfc3394iv1 is available as a constant for the standard IV to use. // kek The Key Encryption Key to be used to wrap the raw key. // rawKey The raw key bytes to be wrapped. // // Returns the wrapped key as memoryblock. // // Can raise CommonCryptoExceptionMB with BufferTooSmall indicates insufficent space in the wrappedKey buffer. // ParamError can result from bad values for the kek, rawKey, and wrappedKey key pointers. End
Protected Function SymmetricKeyWrap(algorithm as WrappingAlgorithm, IV as xojo.Core.MemoryBlock, kek as xojo.Core.MemoryBlock, rawKey as xojo.core.MemoryBlock) As xojo.core.MemoryBlock // Wrap a symmetric key with a Key Encryption Key (KEK). // // algorithm Currently only AES Keywrapping (rfc3394) is available via WrappingAlgorithm.AES // iv The initialization value to be used. rfc3394iv1 is available as a constant for the standard IV to use. // kek The Key Encryption Key to be used to wrap the raw key. // rawKey The raw key bytes to be wrapped. // // Returns the wrapped key as memoryblock. // // Can raise CommonCryptoExceptionMB with BufferTooSmall indicates insufficent space in the wrappedKey buffer. // ParamError can result from bad values for the kek, rawKey, and wrappedKey key pointers. End
Protected Sub TestRandom() // test random function End
Protected Sub checkResult(e as Int32) // raises exception in case something went wrong End
Protected Function generateBytes1(count as integer) As xojo.core.MemoryBlock // Return random bytes in a buffer allocated by the caller. // The PRNG returns cryptographically strong random bits suitable for use as cryptographic keys, IVs, nonces etc. // count Number of random bytes to return. // Returns MemoryBlock with data or raises exception // available in Mac OS X 10.10 or iOS 8.0 End
Protected Function generateBytes2(count as integer) As MemoryBlock // Return random bytes in a buffer allocated by the caller. // The PRNG returns cryptographically strong random bits suitable for use as cryptographic keys, IVs, nonces etc. // count Number of random bytes to return. // Returns MemoryBlock with data or raises exception // available in Mac OS X 10.10 or iOS 8.0 End
Protected Function rfc3394iv1() As xojo.Core.MemoryBlock // returns RFC 3394 Initial Vector // new framework End
Protected Function rfc3394iv2() As MemoryBlock // returns RFC 3394 Initial Vector // old framework End
Protected Sub test() End
Protected Sub testCrypt() // test encryption End
Protected Sub testHMAC() // test hmac functions End
Protected Sub testHash() // test hash functions End
Protected Sub testKeyGen() // test key derivation End
Protected Sub testKeyWrap() End
Note Info
Note License
End Module




Links
MBS Xojo Plugins