Coverage report: /home/ellis/comp/ext/ironclad/src/package.lisp

Kind	Covered	All	%
expression	23	56	41.1
branch	3	8	37.5

Key

Not instrumented

Conditionalized out

Executed

Not executed

Both branches taken

One branch taken

Neither branch taken

1

;;;; package.lisp --- Ironclad Packages

2

(cl:defpackage :ironclad

3

(:use :cl)

4

(:nicknames :crypto)

5

(:export

6

;; referencing multiple-octet values in an octet vector (SETF-able)

7

#:ub16ref/be #:ub16ref/le #:ub32ref/be #:ub32ref/le #:ub64ref/le #:ub64ref/be

8

9

;; hash functions

10

#:digest-sequence #:digest-stream #:digest-file

11

#:make-digest #:copy-digest #:update-digest #:produce-digest

12

13

;; MACs

14

#:make-mac #:update-mac #:produce-mac

15

16

;;; Deprecated MAC functions

17

;; HMACs

18

#:make-hmac #:update-hmac #:hmac-digest

19

;; CMACs

20

#:make-cmac #:update-cmac #:cmac-digest

21

;; Skein-MAC

22

#:make-skein-mac #:update-skein-mac #:skein-mac-digest

23

;; Poly1305

24

#:make-poly1305 #:update-poly1305 #:poly1305-digest

25

;; Blake2-MAC

26

#:make-blake2-mac #:update-blake2-mac #:blake2-mac-digest

27

;; Blake2s-MAC

28

#:make-blake2s-mac #:update-blake2s-mac #:blake2s-mac-digest

29

30

;; introspection

31

#:cipher-supported-p #:list-all-ciphers

32

#:digest-supported-p #:list-all-digests

33

#:mac-supported-p #:list-all-macs

34

#:mode-supported-p #:list-all-modes

35

#:block-length #:digest-length #:key-lengths

36

#:keystream-position

37

#:authenticated-encryption-mode-supported-p

38

#:list-all-authenticated-encryption-modes

39

40

;; high-level block cipher operators

41

#:make-cipher #:encrypt #:decrypt #:encrypt-in-place #:decrypt-in-place

42

43

;; arguments to (MAKE-CIPHER ... :MODE X)

44

#:ecb #:cbc #:ctr #:ofb #:cfb #:stream

45

46

;; block cipher padding

47

#:pkcs7 #:ansi-x923 #:iso-7816-4

48

49

;; authenticated encryption

50

#:make-authenticated-encryption-mode

51

#:process-associated-data

52

#:produce-tag

53

#:gcm #:etm #:eax

54

55

;; KDFs

56

#:list-all-kdfs

57

#:pbkdf1 #:pbkdf2 #:hmac-kdf #:scrypt-kdf #:argon2i #:argon2d #:argon2id

58

#:bcrypt #:bcrypt-pbkdf

59

#:make-kdf #:derive-key

60

61

;; KDF convenience functions

62

#:make-random-salt #:pbkdf2-hash-password

63

#:pbkdf2-hash-password-to-combined-string

64

#:pbkdf2-check-password

65

66

;; public-key encryption operations

67

#:list-all-key-pair-kinds

68

#:make-public-key #:destructure-public-key

69

#:make-private-key #:destructure-private-key

70

#:generate-key-pair

71

#:make-signature #:destructure-signature

72

#:make-message #:destructure-message

73

#:generate-signature-nonce

74

#:sign-message #:verify-signature

75

#:encrypt-message #:decrypt-message

76

#:diffie-hellman

77

78

;; public-key encryption/signature padding

79

#:oaep-encode #:oaep-decode #:pss-encode #:pss-verify

80

81

;; elliptic curve operations

82

#:ec-point-on-curve-p #:ec-point-equal

83

#:ec-double #:ec-add #:ec-scalar-mult #:ec-scalar-inv

84

#:ec-make-point #:ec-destructure-point

85

#:ec-encode-scalar #:ec-decode-scalar

86

#:ec-encode-point #:ec-decode-point

87

88

;; elliptic curve points

89

#:curve25519-point #:curve448-point

90

#:ed25519-point #:ed448-point

91

#:secp256k1-point #:secp256r1-point

92

#:secp384r1-point #:secp521r1-point

93

94

;; public/private keys

95

#:curve25519-public-key #:curve25519-private-key

96

#:curve448-public-key #:curve448-private-key

97

#:dsa-public-key #:dsa-private-key

98

#:ed25519-public-key #:ed25519-private-key

99

#:ed448-public-key #:ed448-private-key

100

#:elgamal-public-key #:elgamal-private-key

101

#:rsa-public-key #:rsa-private-key

102

#:secp256k1-public-key #:secp256k1-private-key

103

#:secp256r1-public-key #:secp256r1-private-key

104

#:secp384r1-public-key #:secp384r1-private-key

105

#:secp521r1-public-key #:secp521r1-private-key

106

107

;; public-key slot readers

108

#:dsa-key-p #:dsa-key-q #:dsa-key-g #:dsa-key-y #:dsa-key-x

109

#:elgamal-key-p #:elgamal-key-g #:elgamal-key-y #:elgamal-key-x

110

#:rsa-key-modulus #:rsa-key-exponent #:rsa-key-prime-p #:rsa-key-prime-q

111

#:ed25519-key-x #:ed25519-key-y

112

#:ed448-key-x #:ed448-key-y

113

#:curve25519-key-x #:curve25519-key-y

114

#:curve448-key-x #:curve448-key-y

115

#:secp256k1-key-x #:secp256k1-key-y

116

#:secp256r1-key-x #:secp256r1-key-y

117

#:secp384r1-key-x #:secp384r1-key-y

118

#:secp521r1-key-x #:secp521r1-key-y

119

120

;; pseudo-random number generators

121

#:list-all-prngs #:make-prng #:random-data #:read-os-random-seed

122

#:read-seed #:write-seed #:random-bits #:*prng* #:strong-random #:prng-reseed

123

124

;; default OS PRNG

125

#:os-prng

126

127

;; Fortuna PRNG

128

#:fortuna-prng #:add-random-event

129

130

;; Fortuna generator

131

#:fortuna-generator

132

133

;; cryptographic math

134

#:*number-of-miller-rabin-tests*

135

#:generate-prime #:prime-p #:generate-prime-in-range #:egcd

136

#:generate-safe-prime #:find-generator

137

138

;; conditions

139

#:ironclad-error #:initialization-vector-not-supplied

140

#:invalid-initialization-vector #:invalid-key-length

141

#:unsupported-cipher #:unsupported-mode #:unsupported-padding

142

#:unsupported-digest

143

#:unsupported-kdf #:unsupported-scrypt-cost-factors

144

#:unsupported-argon2-parameters

145

#:insufficient-buffer-space #:invalid-padding

146

#:key-not-supplied #:unsupported-mac

147

#:invalid-mac-parameter #:invalid-signature-length

148

#:invalid-message-length #:missing-key-parameter

149

#:missing-message-parameter #:missing-signature-parameter

150

#:incompatible-keys #:invalid-curve-point

151

#:invalid-public-key-length #:oaep-decoding-error

152

#:unsupported-authenticated-encryption-mode

153

#:bad-authentication-tag

154

155

;; utilities

156

#:byte-array-to-hex-string #:hex-string-to-byte-array

157

#:ascii-string-to-byte-array

158

#:octets-to-integer #:integer-to-octets

159

#:expt-mod #:expt-mod/unsafe

160

#:constant-time-equal

161

162

;; streams

163

#:make-octet-input-stream #:make-octet-output-stream

164

#:with-octet-input-stream #:with-octet-output-stream

165

#:get-output-stream-octets

166

#:make-digesting-stream

167

#:execute-with-digesting-stream #:with-digesting-stream

168

#:execute-with-digesting-text-stream #:with-digesting-text-stream

169

#:make-encrypting-stream #:make-decrypting-stream

170

#:with-encrypting-stream #:with-decrypting-stream

171

#:make-authenticating-stream #:with-authenticating-stream)

172

;; supported digests

173

(:export #:whirlpool #:md2 #:md4 #:md5 #:adler32 #:crc24 #:crc32 #:crc32c

174

#:tiger #:sha1 #:sha224 #:sha256 #:sha384 #:sha512

175

#:tree-hash #:make-tiger-tree-hash #:ripemd-128 #:ripemd-160

176

#:skein256 #:skein256/128 #:skein256/160 #:skein256/224

177

#:skein512 #:skein512/128 #:skein512/160 #:skein512/224

178

#:skein512/256 #:skein512/384

179

#:skein1024 #:skein1024/384 #:skein1024/512

180

#:sha3 #:sha3/384 #:sha3/256 #:sha3/224

181

#:shake128 #:shake256

182

#:keccak #:keccak/384 #:keccak/256 #:keccak/224

183

#:groestl #:groestl/384 #:groestl/256 #:groestl/224

184

#:blake2 #:blake2/384 #:blake2/256 #:blake2/160

185

#:blake2s #:blake2s/224 #:blake2s/160 #:blake2s/128

186

#:jh #:jh/384 #:jh/256 #:jh/224

187

#:streebog #:streebog/256

188

#:kupyna #:kupyna/256

189

#:sm3)

190

;; supported macs

191

(:export #:blake2-mac #:blake2s-mac #:cmac #:hmac #:poly1305 #:skein-mac

192

#:gmac #:siphash)

193

;; supported block ciphers

194

(:export #:blowfish #:tea #:xtea #:square #:rc2 #:rc5 #:rc6 #:des #:3des

195

#:aes #:twofish #:cast5 #:idea #:misty1 #:xor

196

#:threefish256 #:threefish512 #:threefish1024

197

#:serpent #:camellia #:seed #:aria #:kuznyechik

198

#:kalyna128 #:kalyna256 #:kalyna512

199

#:sm4)

200

;; supported stream ciphers

201

(:export #:arcfour

202

#:salsa20 #:salsa20/12 #:salsa20/8

203

#:xsalsa20 #:xsalsa20/12 #:xsalsa20/8

204

#:chacha #:chacha/12 #:chacha/8

205

#:xchacha #:xchacha/12 #:xchacha/8

206

#:sosemanuk))

207

208

(in-package :crypto)

209

210

;;; easy-to-type readmacro for creating s-boxes and the like

211

(defun array-reader (stream subchar arg)

212

(declare (ignore subchar))

213

(let ((array-data (read stream nil stream nil))

214

(array-element-type `(unsigned-byte ,arg)))

215

;; FIXME: need to make this work for multi-dimensional arrays

216

`(make-array ,(length array-data) :element-type ',array-element-type

217

:initial-contents ',array-data)))

218

219

(defparameter *ironclad-readtable*

220

(let ((readtable (copy-readtable nil)))

221

(set-dispatch-macro-character #\# #\@ #'array-reader readtable)

222

readtable))

223

224

(defmacro in-ironclad-readtable ()

225

`(eval-when (:compile-toplevel :load-toplevel :execute)

226

(setq *readtable* *ironclad-readtable*)))

227

228

(defun ironclad-implementation-features ()

229

(list* sb-c:*backend-byte-order*

230

(if (= sb-vm:n-word-bits 32)

231

:32-bit

232

:64-bit)

233

:ironclad-fast-mod32-arithmetic

234

(cond ((member :x86-64 *features*)

235

(list* :ironclad-fast-mod64-arithmetic

236

(let ((sym (find-symbol "EA" :sb-vm)))

237

(when (and sym (fboundp sym))

238

'(:ironclad-sb-vm-ea)))))

239

((member :arm64 *features*)

240

'(:ironclad-fast-mod64-arithmetic)))))

241

242

(dolist (f (ironclad-implementation-features))

243

(pushnew f *features*))

244

245

;; Enable assembly optimizations, unless we are either in ECL using only the

246

;; bytecode compiler or in an older version of CCL.

247

(pushnew :ironclad-assembly *features*)