diff --git a/codo/LICENSE.html b/codo/LICENSE.html deleted file mode 100644 index 62296ea..0000000 --- a/codo/LICENSE.html +++ /dev/null @@ -1,156 +0,0 @@ - - -
- -- Quickly fuzzy find classes, mixins, methods, file: -
-- In frame mode you can toggle the list naviation frame on the left side: -
-- You can focus a list in frame mode or toggle a tab in frameless mode: -
-- You can focus and blur the search input: -
-- In frameless mode you can close the list tab: -
-- Quickly fuzzy find classes, mixins, methods, file: -
-- In frame mode you can toggle the list naviation frame on the left side: -
-- You can focus a list in frame mode or toggle a tab in frameless mode: -
-- You can focus and blur the search input: -
-- In frameless mode you can close the list tab: -
-A CommonJS module for symmetric key encryption of smallish secrets
npm install triplesec
-{encrypt, decrypt} = require 'triplesec'
-
-key = new Buffer 'top-secret-pw'
-pt0 = new Buffer 'the secret!'
-pt1 = new Buffer pt0
-encrypt { key, data : pt1 }, (err, ciphertext) ->
- decrypt { key, data : ciphertext }, (err, pt2) ->
- console.log "Right back the start! #{pt0} is #{pt2}"
-The most expensive part of TripleSec is to derive keys from your -given passphrase. This is intentionally so to make it more expensive -to crack your password in the case that your ciphertext is stolen. -However, you can spread this expense over multiple encryptions -if you plan to be encrypting more than once:
{Encryptor, Decryptor} = require 'triplesec'
-
-key = new Buffer 'top-secret-pw'
-enc = new Encryptor { key }
-dec = new Decryptor { key }
-pt0 = new Buffer 'the secret!'
-pt1 = new Buffer pt0
-pt2 = new Buffer pt0
-enc.run { data : pt1 }, (err, ct1) ->
- enc.run { data : pt2 }, (err, ct2) ->
- dec.run { data : ct1 }, (err, pt3) ->
- dec.run { data : ct2 }, (err, pt4) ->
- console.log "Right back the start! #{pt0} is #{pt3} is #{pt4}"
If you want to resalt derived keys with every encryption, you should explicitly -ask for that. Otherwise, salt will be reused to speed up encryption -(and decryption).
enc.run { data : pt1 }, (err, ct1) ->
- enc.resalt {}, () ->
- enc.run { data : pt2 }, (err, ct2) ->
-+ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+t |
Defined in: | +src/drbg.iced | +
This is a better interface to the DRBG, since it will politely call you +back when it's ready, rather than impolitely throwing an exception +if you've called it inappropriately. This interface is recommended.
+
+ #
+(void)
+constructor(gen_seed, hmac)
+
+
+ #
+(void)
+generate(n, cb)
+
+
Generate n bytes of random data, and callback when it's ready. +Calls back with a WordArray of random data.
++ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+Defined in: | +src/aes.iced | +
Inherits: | ++ BlockCipher + | +
An implementation of standard AES, forked from +Jeff Mott's CryptoJS. +See Wikipedia +for a high-level overview, and FIPS 197 +for more information on the standard.
Here, we have implemented AES-256, which takes a 256-bit key, block input +of 128-bits, and outputs blocks of 128-bits.
+AES
+
+ AES
+
+ AES
+
+ AES
+
+ + #encryptBlock +
+ +
+ #
+(void)
+constructor(key)
+
+
Create a new AES encryption engine
+
+ #
+(void)
+encryptBlock(M, offset = 0)
+
+
Encrypt one AES-block of input ciphertext in place. Replace the +plaintext with the output ciphertext.
This is a lower-level function that should not be called directly, but only by +higher-level routines.
+
+ #
+(void)
+decryptBlock(M, offset = 0)
+
+
Decrypt one AES-block of input ciphertext in place. Replace the +ciphertext with the output plaintext.
This is a lower-level function that should not be called directly, but only by +higher-level routines.
+
+ #
+(void)
+scrub()
+
+
Zero-out all internal state that's sensitive.
++ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+Defined in: | +src/enc.iced | +
A base class for the Encryptor and Decryptor classes. +Handles a lot of the particulars of signing, key generation, +and encryption/decryption.
+key
and the randomly-generated salt.
+
+
+
+ #
+(void)
+constructor({key, version})
+
+
+ #
+(void)
+kdf({salt, extra_keymaterial, progress_hook}, cb)
+
+
Run the KDF function specified by our current version,
+to yield the encryption and signing keys, given the
+input key
and the randomly-generated salt.
+ #
+(void)
+set_key(key)
+
+
Set or change the key on this encryptor, causing a scrubbing of the +old state if it was previously set.
+
+ #
+(void)
+sign({input, key, salt, progress_hook}, cb)
+
+
Sign with HMAC-SHA512-SHA-3
+
+ #
+(void)
+run_salsa20({input, key, iv, output_iv, progress_hook}, cb)
+
+
Run SALSA20, output (IV || ciphertext)
+
+ #
+(void)
+run_twofish({input, key, iv, progress_hook}, cb)
+
+
Run Twofish, output (IV || ciphertext).
+
+ #
+(void)
+run_aes({input, key, iv, progress_hook}, cb)
+
+
Run AES, output (IV || ciphertext).
+
+ #
+(void)
+scrub()
+
+
Scrub all internal state that may be sensitive. Use it after you're done +with the Encryptor.
+
+ #
+(void)
+clone_derived_keys()
+
+
Clone a copy that can survive a scrubbing
++ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+Defined in: | +src/algbase.iced | +
+ #
+(void)
+constructor(key)
+
+
+ #
+(void)
+encryptBlock(M, offset)
+
+
+ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+Defined in: | +src/algbase.iced | +
Abstract buffered block algorithm template.
The property blockSize must be implemented in a concrete subtype.
_minBufferSize The number of blocks that should be kept unprocessed in the buffer. Default: 0
++ Hasher +
+0
+
+
+ #
+(void)
+constructor()
+
+
Does little other than eset/initialize internal state.
+
+ #
+(void)
+reset()
+
+
Resets this block algorithm's data buffer to its initial state.
+
+ #
+(void)
+_append(data)
+
+
Adds new data to this block algorithm's buffer.
+ bufferedBlockAlgorithm._append(wordArray);
+
+ #
+(WordArray)
+_process(doFlush)
+
+
Processes available data blocks.
This method invokes _doProcessBlock(offset), which must be implemented +by a concrete subtype.
+processedData = bufferedBlockAlgorithm._process();
+processedData = bufferedBlockAlgorithm._process(!!'flush');
+
+ #
+(void)
+copy_to(out)
+
+
Copy the contents of the algorithm base to the given target +object (of the same class). Used in cloning.
+
+ #
+(Object)
+clone()
+
+
Creates a copy of this object.
++ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+Defined in: | +src/salsa20.iced | +
Inherits: | ++ StreamCipher + | +
+ #encryptBlock + #encrypt + #bulk_encrypt +
+ +
+ #
+(void)
+constructor({key, iv})
+
+
+ #
+(void)
+scrub()
+
+
+ #
+(void)
+get_pad()
+
+
+ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+Defined in: | +src/combine.iced | +
A base class for HMAC-combiners.
+
+ #
+(void)
+constructor()
+
+
Construct a new HMAC-combiner
+
+ #
+(CombineBase)
+reset()
+
+
Reset the inner hashers, thereby resetting the combined HMAC.
+
+ #
+(CombineBase)
+update(w)
+
+
Update both hashers with the given input
+
+ #
+(CombineBase)
+scrub()
+
+
Scrub all internal state (including the keys) of both HMACs.
+
+ #
+(CombineBase)
+finalize(w)
+
+
Finalize the cominbed hashers, and do the actual combining.
++ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+Defined in: | +src/combine.iced | +
Inherits: | ++ CombineBase + | +
The concatenation HMAC combiner. Good when you are shooting for +collision-resistance.
++ #reset + #update + #scrub + #finalize +
+ +
+ .
+(void)
+get_output_size()
+
+
The default output size if you use the default arguments, +which is HMAC(SHA512) || HMAC(SHA3).
+
+ .
+(WordArray)
+sign({key, input})
+
+
Sign an input with the given key using this technique.
+
+ .
+(void)
+bulk_sign(args, cb)
+
+
Sign using the bulk async callback-based interface.
+
+ #
+(void)
+constructor(key, klasses = [SHA512, KECCAK])
+
+
Construct a new Concat-combiner
+
+ #
+(Number)
+get_output_size()
+
+
Gets the output size of this combination, which can only be known +once this Combiner has been allocated. Call this if you're not +using the default Class parameters (SHA512 + SHA3).
++ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+Defined in: | +src/ctr.iced | +
A counter class that takes a vector of integers and increments +by 1 repeatedly, with proper carry
+0xffffffff
+
+
+ #
+(void)
+constructor({value, len})
+
+
+ #
+(Counter)
+inc()
+
+
Increment the counter by 1, with proper carry
+
+ #
+(Counter)
+inc_le()
+
+
increment little-endian style, meaning, increment the leftmost byte +first, and then go left-to-right
+
+ #
+(WordArray)
+get()
+
+
Get the underlying value, borrowing the reference
+
+ #
+(WordArray)
+copy()
+
+
Copy the underlying value, cloning the WordArray
++ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+Defined in: | +src/drbg.iced | +
Implements an HMAC_DRBG (NIST SP 800-90A) based on HMAC_SHA512 +Supports security strengths up to 256 bits. +Parameters are based on recommendations provided by Appendix D of NIST SP 800-90A. +Implementation ported from: https://github.com/fpgaminer/python-hmac-drbg
+
+ #
+(void)
+constructor(entropy, personalization_string, hmac_func)
+
+
Seed the DRBG with sufficient entropy -- 384 bits for initial seed, +and 256 for a reseed.
+
+ #
+(void)
+reseed(entropy)
+
+
Reseed the DRBG with yet more entropy.
+
+ #
+(WordArray)
+generate(num_bytes)
+
+
Generate bytes from the DRBG. Upper limit is 7500/8 bytes.
++ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+Defined in: | +src/dec.iced | +
Inherits: | ++ Base + | +
The Decryptor class is the high-level access to the TripleSec decryption +system.
++ #kdf + #set_key + #sign + #run_salsa20 + #run_twofish + #run_aes + #scrub + #clone_derived_keys +
+ +
+ #
+(void)
+constructor({key, enc})
+
+
key that was used for encryption! If not, we'll get a signature failure.
+
+ #
+(void)
+run({data, progress_hook}, cb)
+
+
The top-level entry into the Decryptor object. Call this method
+with an incoming ciphertext, and it will decrypt it or produce an error.
+If you are decrypting a many ciphertexts with the same <key,salt>
+pairs, it makes sense to allocate a Decryptor object and keep calling
+run
on it with different ciphertexts --- this will save the expense
+of running PBKDF2 over and over again.
On success, cb
will be fired with (null,res)
, where res
+is a Buffer
object containing the plaintext. On error,
+cb
will be fired with (err,null)
, where err
is an Error
object.
+ #
+(void)
+clone()
+
+
Clone a copy of this object that can survive scrubbing
++ Quickly fuzzy find classes, mixins, methods, file: +
++ Control the navigation frame: +
++ You can focus and blur the search input: +
+- Quickly fuzzy find classes, mixins, methods, file: -
-- In frame mode you can toggle the list naviation frame on the left side: -
-- You can focus a list in frame mode or toggle a tab in frameless mode: -
-- You can focus and blur the search input: -
-- In frameless mode you can close the list tab: -
-The high-level Encryption engine for TripleSec. You should allocate one +
The high-level Encryption engine for TripleSec. You should allocate one
instance of this object for each secret key you are dealing with. Reusing
the same Encryptor object will allow you to avoid rerunning PBKDF2 with
each encryption. If you want to use new salt with every encryption,
-you can call resalt
as needed. The run
method is called to
-run the encryption engine.
Here is an example of multiple encryptions with salt reuse, in CoffeeScript:
key = new Buffer "pitying web andiron impacts bought"
+you can call resalt
as needed. The run
method is called to
+run the encryption engine.Here is an example of multiple encryptions with salt reuse, in CoffeeScript:
key = new Buffer "pitying web andiron impacts bought"
data = new Buffer "this is my secret data"
-eng = new Encryptor { key }
+eng = new Encryptor { key }
eng.run { data }, (err, res) ->
console.log "Ciphertext 1: " + res.toString('hex')
data = Buffer.concat data, new Buffer " which just got bigger"
eng.run { data }, (err, res) ->
- console.log "Ciphertext 2: " + res.toString('hex')
Or equivalently in JavaScript:
var key = new Buffer("pitying web andiron impacts bought");
+ console.log "Ciphertext 2: " + res.toString('hex')
Or equivalently in JavaScript:
var key = new Buffer("pitying web andiron impacts bought");
var data = new Buffer("this is my secret data");
var eng = new Encryptor({ key : key });
eng.run({ data : data }, function (err, res) {
@@ -144,9 +63,9 @@ Encryptor
The high-level Encryption engine for TripleSec. You should
console.log("Ciphertext 2: " + res.toString('hex'));
});
});
In the previous two examples, the same salt was used for both ciphertexts.
-To resalt (and regenerate encryption keys):
key = new Buffer "pitying web andiron impacts bought"
+To resalt (and regenerate encryption keys):key = new Buffer "pitying web andiron impacts bought"
data = new Buffer "this is my secret data"
-eng = new Encryptor { key }
+eng = new Encryptor { key }
eng.run { data }, (err, res) ->
console.log "Ciphertext 1: " + res.toString('hex')
data = Buffer.concat data, new Buffer " which just got bigger"
@@ -161,58 +80,66 @@ Instance Method Summary
-
-
- - (void) constructor({key, rng, version})
+
+ #
+(void)
+resalt({salt, extra_keymaterial, progress_hook}, cb)
- Constructor
-
+ Regenerate the salt.
-
-
- - (void) resalt({salt, extra_keymaterial, progress_hook}, cb)
+
+ #
+(void)
+run({data, salt, extra_keymaterial, progress_hook}, cb)
- Regenerate the salt.
+ The main point of entry into the TripleSec Encryption system.
-
-
- - (void) run({data, salt, extra_keymaterial, progress_hook}, cb)
+
+ #
+(void)
+clone()
- The main point of entry into the TripleSec Encryption system.
+ Clone a copy of this object that can survive scrubbing
Inherited Method Summary
+
+ Methods inherited from
+ Base
+
+
+ #kdf
+ #set_key
+ #sign
+ #run_salsa20
+ #run_twofish
+ #run_aes
+ #scrub
+ #clone_derived_keys
+
-
- Methods inherited from
- Base
-
-
- #constructor,
- #kdf,
- #set_key,
- #sign,
- #run_salsa20,
- #run_twofish,
- #run_aes,
- #scrub
-
Constructor Details
-
- - (void) constructor({key, rng, version})
+
+ #
+(void)
+constructor({key, rng, version})
+
@@ -248,14 +181,16 @@ Parameters:
Instance Method Details
-
- - (void) resalt({salt, extra_keymaterial, progress_hook}, cb)
+
+ #
+(void)
+resalt({salt, extra_keymaterial, progress_hook}, cb)
+
Regenerate the salt. Reinitialize the keys. You have to do this
once, but if you don't do it again, you'll just wind up using the
-same salt.
and can be passed in. If not provided, then we
-
+same salt.and can be passed in. If not provided, then we
-
- - (void) run({data, salt, extra_keymaterial, progress_hook}, cb)
+
+ #
+(void)
+run({data, salt, extra_keymaterial, progress_hook}, cb)
+
- The main point of entry into the TripleSec Encryption system. The
+
The main point of entry into the TripleSec Encryption system. The
steps of the algorithm are:
-- Encrypt PT with Salsa20
-- Encrypt the result of 1 with 2Fish-256-CTR
-- Encrypt the result of 2 with AES-256-CTR
-MAC with (HMAC-SHA512 || HMAC-SHA3)
and can be passed in. If not provided, then we
+
Encrypt PT with Salsa20
+Encrypt the result of 1 with 2Fish-256-CTR
+Encrypt the result of 2 with AES-256-CTR
+MAC with (HMAC-SHA512 || HMAC-SHA3)
and can be passed in. If not provided, then we
along with the crypto keys (default : 0)
@@ -308,7 +252,9 @@ Parameters:
data
- (Buffer)
+ (
+ Buffer
+ )
—
the data to encrypt
@@ -316,23 +262,29 @@ Parameters:
salt
- (Buffer)
+ (
+ Buffer
+ )
—
- The optional salt to provide, if it's deterministic
+ The optional salt to provide, if it's deterministic
progress_hook
- (Function)
+ (
+ Function
+ )
—
- Call this to update the U/I about progress
+ Call this to update the U/I about progress
extra_keymaterial
- (number)
+ (
+ number
+ )
—
The number of extra bytes to generate
@@ -340,29 +292,101 @@ Parameters:
cb
- (callback)
+ (
+ callback
+ )
—
- With an (err,res) pair, res is the buffer with the encrypted data
+ With an (err,res) pair, res is the buffer with the encrypted data
+
+
+
+
+ #
+(void)
+clone()
+
+
+
+ Clone a copy of this object that can survive scrubbing
+
+
+
+
+
+
+
+
+
+ Quickly fuzzy find classes, mixins, methods, file:
+
+
+ -
+ T
+ Open fuzzy finder dialog
+
+
+
+ Control the navigation frame:
+
+
+ -
+ L
+ Toggle list view
+
+ -
+ C
+ Show class list
+
+ -
+ I
+ Show mixin list
+
+ -
+ F
+ Show file list
+
+ -
+ M
+ Show method list
+
+ -
+ E
+ Show extras list
+
+
+
+ You can focus and blur the search input:
+
+
+ -
+ S
+ Focus search input
+
+ -
+ Esc
+ Blur search input
+
+