1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
/** -*-C-*-ish
Kaya standard library
Copyright (C) 2004, 2005 Edwin Brady
This file is distributed under the terms of the GNU Lesser General
Public Licence. See COPYING for licence.
*/
module Crypto;
import Builtins;
import Strings;
import Gcrypt;
import Binary;
import Prelude;
import Regex;
%include "crypto_glue.h";
%include "unistd.h";
//%include "crypt.h";
%imported "crypto_glue";
//%link "ssl";
//%link "crypto";
foreign "crypto_glue.o" {
// String doencode(Ptr vm,String str) = encode;
// String dodecode(Ptr vm,String str) = decode;
[Int] getKey() = getKey;
[Int] getIVec() = getIVec;
}
/*
globals {
[Int] key;
[Int] ivec;
}
*/
public Exception BadHash = Exception("Invalid hash on decryption",110);
/*
"Initialise application keys.
Called automatically on startup oof a webapp; programs must call it
explicitly."
public Void initKeys() {
key = getKey();
ivec = getIVec();
}
*/
"Encode a String using the Triple DES algorithm.
The value is encoded with the application's secret key, which is compiled
in automatically. The return value is base64 encoded and also includes
a hash which will be verified when the String is decoded."
public String encode(String msg)
{
h = openCipher(AES256, CBC);
setCipherKey(h,getKey);
setCipherIVec(h,getIVec);
// putStrLn(msg);
enc = encryptString(h,msg);
// putStrLn("Encoded: "+enc);
closeCipher(h);
hh = openHash(SHA1);
hashString(hh,msg);
msghash = Binary::base64Encode(getHash(hh));
// putStrLn("Hash: "+msghash);
closeHash(hh);
encoded = enc+","+msghash;
//marshal((enc,msghash),9);
// putStrLn(encoded);
return encoded;
//Strings::base64encode(encoded);
}
// old version:
// public String encode(String str) = doencode(getVM(),str);
"Decode a String using the Triple DES algorithm.
The input value must be base64 encoded and must have been produced by
the Crypto::encode function, with the same key. If decoding fails (due
to bad input) an Exception is thrown."
public String decode(String msgin)
{
strs = split(",",msgin);
msg = strs[0];
hash = strs[1];
// (String,String) todecode = unmarshal(Strings::base64decode(msgin),9);
// msg = todecode.fst;
// hash = todecode.snd;
h = openCipher(AES256, CBC);
setCipherKey(h,getKey);
setCipherIVec(h,getIVec);
dec = decryptString(h,msg);
// putStrLn("Decoded: "+dec);
closeCipher(h);
hh = openHash(SHA1);
hashString(hh,dec);
dechash = base64Encode(getHash(hh));
// putStrLn("Hash: "+dechash+" ("+(dechash==hash)+")");
if (dechash!=hash) {
// putStrLn(dechash+" "+hash);
// putStrLn(dec);
throw(BadHash);
}
closeHash(hh);
return dec;
}
"Generate a secure hash from a string.
Suitable for encrypting passwords, for example. Uses the SHA256 algorithm."
public String secureHash(String pwd)
{
h = openHash(SHA256);
hashString(h,pwd);
return base64Encode(getHash(h));
}
// old version
// public String decode(String str) = dodecode(getVM(),str);
|
