Practical Cryptography Engineering
==================================
This repository contains some practical code examples of using the following cryptography libraries:
* [libsodium](https://github.com/jedisct1/libsodium)
* A modern, portable, easy to use crypto library written in C with a small number of high quality primitives
* Focuses on making it easy to use cryptography correctly
* [mbedTLS](https://github.com/ARMmbed/mbedtls)
* An ultra-portable crypto library written in C which should build anywhere
* Provides a wide range of the most common cryptographic primitives and associated infrastructure
* [cryptography](https://github.com/pyca/cryptography)
* Python's "standard" cryptographic library which is a wrapper around [OpenSSL](https://www.openssl.org)
* Provides almost all cryptographic primitives you would want in Python
* [PyNaCl](https://github.com/pyca/pynacl)
* Python bindings for libsodium (very partial wrapper around libsodium)
* Provides a few nice cryptographic primitives not currently available in the cryptography module
File Contents
=============
Build-related and Miscellaneous
-------------------------------
* CMakeLists.txt
* CMake file for building the mbedTLS C code projects
* mbedtls
* Directory containing the mbedTLS C code
* sodium
* Directory containing libsodium examples, headers, and Windows pre-compiled library
* See the Readme.md in this directory for more info on these examples
Symmetric Encryption
--------------------
These code examples use an [AES](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) block cipher with a 256-bit
key in [Galois Counter Mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode) (GCM). The C code examples use the
mbedTLS library, while the Python examples use the cryptography module.
* aes_gcm.c
* Simple self-contained C code example of using AES-256 in Galois Counter Mode (GCM) using hard-coded everything
* aes_gcm_cryptography.py
* Simple self-contained Python code example identical to the above
* aesgcm_file.c
* C code example of file-based AES-256 GCM, works with aesgcm_file.py
* Takes arguments on command line and produces output to file
* aesgcm_file.py
* Python code example of file-based AES-256 GCM, works with aesgcm_file.c
The following example uses the PyNaCl wrapper around libsodium along with the **SecretBox** authenticated
encryption API.
* nacl_symmetric_gen.py
* Generates a random 256-bit (32-byte) secret symmetric key and saves it to a file
* Then uses it to encrypt a fixed message and verify that it can decrypt it and get the same message
Key Exchange
------------
These code examples use an Elliptic-curve Diffie-Hellman [ECDH](https://en.wikipedia.org/wiki/Elliptic-curve_Diffie–Hellman)
key agreement protocol to establish a shared secret over an insecure channel. The C code examples use the mbedTLS
library, while the Python examples use the cryptography module.
* ecdh.c
* Elliptic Curve Diffie-Hellman key exchange C code example
* ecdh.py
* Elliptic Curve Diffie-Hellman key exchange Python code example
Key Derivation
--------------
These code examples demonstrate how to use a Key Derivation Function [KDF](https://en.wikipedia.org/wiki/Key_derivation_function)
to derive one or more shared keys from a shared secret.
* kdf.c
* Key Derivation Function (KDF) C code example
* kdf.py
* Key Derivation Function (KDF) Python code example
Digital Signatures
------------------
These examples use the PyNaCl wrapper around libsodium to support public-key digital signatures using the Ed25519 algorithm.
* nacl_genkey.py
* Generates a random ed25519 SigningKey/VerifyingKey key pair for use with a digital signature system
* nacl_sign.py
* Uses PyNaCl to sign a message using ed25519 digital signature algorithm
* nacl_verify.py
* Uses PyNaCl to verify an ed25519 signature for a given message
These examples use RSA-PSS digital signatures. The C code examples use the mbedTLS library, while the Python examples
use the cryptography module.
* rsa_signature.c
* RSA Signature C code example
* rsa_signature.py
* RSA Signature Python code example
Building
========
libsodium C examples
--------------------
The [libsodium](https://download.libsodium.org/doc/) C code examples are all in the **sodium** directory and can be
built using the [Cmake](https://cmake.org) cross-platform build tool along with your platform default C compiler
installed on Windows, macOS, or Linux.
The first stage of building is the same on all platforms:
```bash
cd sodium
rm -rf build
mkdir build
cd build
cmake ..
```
The second stage of building is platform dependent and will create the following executable files:
* hello_sodium
* nacl_keygen
* nacl_sign
* nacl_verify
* symmetric_decrypt
* symmetric_encrypt
* symmetric_keygen
* test_ed25519
* test_pynacl_compatibility
### Linux or macOS
```bash
make
```
This produces the executable files directly in the **build** directory.
### Windows
```bash
devenv hello_sodium.sln /build Debug
```
This creates the executable files under the **build\Debug** directory.
Python examples
---------------
The Python examples are located in the root directory and should work with Python 3.4 or newer. The Python examples
require a mix of the following Python packages:
* [cryptography](https://cryptography.io/en/latest/) - high-level wrapper around [OpenSSL](https://www.openssl.org)
* [pynacl](https://pynacl.readthedocs.io/en/stable/) - Python binding to [libsodium](https://libsodium.org)
* [colorama](https://github.com/tartley/colorama) - cross-platform colored terminal text
The required dependencies can easily be installed using [Pipenv](https://github.com/pypa/pipenv):
```shell script
pipenv install
```
Then a shell using the underlying virtual environment can be entered with:
```shell script
pipenv shell
```
Inside that Pipenv shell, any of the examples can be ran directly. e.g.:
```shell script
python ./aes_gcm_cryptography.py
```
The Python examples are intended to interoperate with either the libsodium or mbedTLS C code examples. Thus encryption
or signing can be done in C and decryption or verifying can be done in Python or vice versa.
mbedtls C examples
------------------
The [mbedTLS](https://github.com/ARMmbed/mbedtls) C code examples are located in the root directory and build mbedTLS
from source from the **mbedtls** directory.
Build requires CMake and platform default C compiler installed and works on both Windows, macOS, and Linux.
The first stage of building is the same on all platforms:
```bash
rm -rf build
mkdir build
cd build
cmake ..
```
The second stage of building is platform dependent ...
### Linux or macOS
```bash
make
```
This produces the following executable files directly in the **build** directory:
* aes_gcm
* aesgcm_file
* ecdh
* kdf
* rsa_signature
### Windows
```bash
devenv mbed_AES.sln /build Debug
```
This creates the following executable files under the **build\Debug** directory:
* aes_gcm.exe
* aesgcm_file.exe
* ecdh.exe
* kdf.exe
* rsa_signature.exe
Where to learn more about cryptography
======================================
Books
-----
* [Cryptography Engineering](https://www.amazon.com/Cryptography-Engineering-Principles-Practical-Applications/dp/0470474246)
by Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno
* Extremely well written and easy to understand
* Focuses on the practical aspects that often result in weak crypto when used incorrectly
* Discusses how to build an entire cryptographic system from the ground up
* [Understanding Cryptography](https://www.amazon.com/Understanding-Cryptography-Textbook-Students-Practitioners/dp/3642041000)
by Christof Paar, Jan Pelzl, and Bart Preneel
* Amazing book which makes it relatively easy to teach yourself cryptography
* [Website](http://www.crypto-textbook.com)
* YouTube lecture [videos](https:
没有合适的资源?快使用搜索试试~ 我知道了~
使用libsodium和mbedtlsC库以及Python密码学和PyNaCl模块的密码学代码示例.zip
共246个文件
h:135个
c:87个
py:11个
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 163 浏览量
2023-03-26
23:57:10
上传
评论
收藏 974KB ZIP 举报
温馨提示
使用libsodium和mbedtlsC库以及Python密码学和PyNaCl模块的密码学代码示例.zip
资源推荐
资源详情
资源评论
收起资源包目录
使用libsodium和mbedtlsC库以及Python密码学和PyNaCl模块的密码学代码示例.zip (246个子文件)
ssl_tls.c 252KB
ssl_srv.c 138KB
ssl_cli.c 116KB
ssl_ciphersuites.c 80KB
x509_crt.c 69KB
ecp.c 66KB
bignum.c 57KB
rsa.c 55KB
ecp_curves.c 51KB
aes.c 49KB
pkparse.c 38KB
ecjpake.c 37KB
error.c 36KB
cipher_wrap.c 35KB
camellia.c 34KB
cmac.c 32KB
des.c 31KB
gcm.c 30KB
x509.c 29KB
cipher.c 26KB
blowfish.c 25KB
oid.c 25KB
version_features.c 23KB
certs.c 21KB
x509_crl.c 19KB
memory_buffer_alloc.c 19KB
aesni.c 18KB
entropy.c 18KB
ctr_drbg.c 17KB
dhm.c 16KB
hmac_drbg.c 16KB
sha512.c 16KB
x509write_crt.c 15KB
net_sockets.c 15KB
pkwrite.c 14KB
pk_wrap.c 14KB
aesgcm_file.c 14KB
ripemd160.c 13KB
sha256.c 13KB
pem.c 13KB
ssl_ticket.c 13KB
ecdsa.c 13KB
timing.c 13KB
md_wrap.c 13KB
ccm.c 13KB
ecdh.c 13KB
md.c 12KB
pkcs5.c 11KB
sha1.c 11KB
x509_create.c 11KB
md5.c 11KB
x509_csr.c 11KB
debug.c 11KB
pkcs12.c 11KB
asn1write.c 11KB
pk.c 10KB
md4.c 10KB
asn1parse.c 9KB
havege.c 9KB
platform.c 9KB
x509write_csr.c 8KB
nacl_encrypt_file.c 8KB
ecdh_read_server_pub_write_client_pub.c 8KB
ssl_cache.c 8KB
md2.c 8KB
nacl_decrypt_file.c 8KB
base64.c 8KB
rsa_sign.c 8KB
xtea.c 7KB
ssl_cookie.c 7KB
kdf.c 7KB
ecdh.c 7KB
nacl_sign.c 7KB
aes_gcm.c 7KB
entropy_poll.c 7KB
pkcs11.c 6KB
nacl_verify.c 6KB
nacl_symmetric_gen.c 6KB
rsa_verify.c 6KB
nacl_genkey.c 5KB
padlock.c 5KB
arc4.c 5KB
threading.c 4KB
ed25519_sodium_pynacl.c 4KB
nacl_ed25519.c 3KB
version.c 1KB
hello_sodium.c 1KB
Findsodium.cmake 10KB
.gitignore 545B
.gitignore 29B
compat-1.3.h 126KB
ssl.h 112KB
config.h 83KB
bn_mul.h 34KB
oid.h 29KB
rsa.h 28KB
cipher.h 26KB
x509_crt.h 26KB
check_config.h 26KB
bignum.h 26KB
共 246 条
- 1
- 2
- 3
资源评论
快撑死的鱼
- 粉丝: 1w+
- 资源: 9154
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功