nufftk

module

v0.1.2 Latest Latest Go to latest Published: Nov 8, 2021 License: ISC

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

NUFF Toolkit: Bernstein's Cryptosystem

Multi purpose cross-platform cryptography tool for symmetric encryption, digital signature (EdDSA), shared key agreement (X25519), message authentication code (MAC), hash digest, hash-based message authentication code (HMAC) and PBKDF2 function for small or embedded systems.

Algorithms:

BLAKE2 Message digest algorithm with 128/256/512-bit hash value.
Chacha20Poly1305 Stream cipher with 256-bit key (AEAD mode)
Salsa20 Stream cipher with 256-bit key.
Ed25519/curve25519 Public key algorithm 256-bit
Poly1305 Message authentication code algorithm 128-bit
SipHash Message authentication code algorithm 128-bit

All by the same author except BLAKE2 (hash function based on Chacha20).

Hash Algorithms:

blake2b256 (key optative)
blake2b512 (key optative)
blake2s128 (key imperative)
blake2s256 (key optative)

Cryptographic Functions:

Symmetric Encryption/Decryption
Digital Signature (EdDSA)
Shared Key Agreement (ECDH)
Recusive Hash Digest + Check
MAC (Poly1305-based message authentication code)
HMAC (Hash-based message authentication code)
PBKDF2 (Password-based key derivation function 2)
TLS (Transport Layer Security)

Non-Cryptographic Functions:

Data sanitization method
Bin to Hex/Hex to Bin string conversion
Random Art Public key Fingerprint (ssh-keygen equivalent)

Usage:

 -check string
       Check hashsum file. (- for STDIN)
 -crypt string
       Encrypt/Decrypt with Chacha20 stream cipher AEAD mode.
 -derive
       Derive shared secret key.
 -digest string
       Target file/wildcard to generate hashsum list. (- for STDIN)
 -hex string
       Encode/Decode bin to hex and vice-versa
 -hmac
       BLAKE2 hash-based message authentication code.
 -host string
       Comma-separated hostnames and IPs. (for TLS) (default "localhost")
 -iter int
       Iterations. (for PBKDF2 and SHRED commands) (default 1)
 -key string
       Private/Public key, Secret key or Password.
 -keygen
       Generate ed25519 asymmetric keypair.
 -md string
       Message Digest algorithm. (default "blake2b256")
 -pbkdf2
       Password-based key derivation function.
 -pub string
       Remote's side Public key.
 -rand
       Generate random cryptographic key.
 -recursive
       Process directories recursively.
 -salt string
       Salt. (for PBKDF2)
 -shred string
       File/Path/Wildcard to apply data sanitization method.
 -sign
       Sign with Private key.
 -signature string
       Signature.
 -tcp string
       Encrypted TCP/IP Transfer Protocol. [dump|ip|send]
 -verbose
       Verbose mode. (for CHECK command)
 -verify
       Verify with Public key.

Examples:

Asymmetric Ed25519 keypair generation (for sign/verify):

./nufftk -keygen

Signature (EdDSA):

./nufftk -sign -key $PrivateKey < file.ext > sign.txt
sign=$(cat sign.txt)
./nufftk -verify -key $PublicKey -signature $sign < file.ext
echo $?

Asymmetric curve25519 keypair generation (for shared key derivation):

./nufftk -keygen -derive

Derive shared secret key (X25519):

./nufftk -derive -key $PrivateKey -pub $PublicKey

Symmetric encryption/decryption with Chacha20 stream cipher:

./nufftk -crypt enc -key $256bitkey < plaintext.ext > ciphertext.ext
./nufftk -crypt dec -key $256bitkey < ciphertext.ext > plaintext.ext

MAC (Poly1305-based message authentication code):

./nufftk -mac -key $SecretKey < file.ext

BLAKE2 hashsum (list):

./nufftk -digest "*.*" [-recursive] [-key $secretkey]

BLAKE2 hashsum (single):

./nufftk -digest - [-key $secretkey] < file.ext

BLAKE2-HMAC (hash-based message authentication code):

./nufftk -hmac -key $SecretKey < file.ext

PBKDF2 (password-based key derivation function 2):

./nufftk -pbkdf2 -key "pass" -iter 10000 -salt "salt"

Note:

The PBKDF2 function can be combined with the CRYPT and HMAC commands:

./nufftk -crypt -pbkdf2 -key "pass" < plaintext.ext > ciphertext.ext
./nufftk -hmac -pbkdf2 -key "pass" -iter 10000 -salt "salt" < file.ext

Shred (Data sanitization method, 25 iterations):

Prevents data recovery using standard recovery tools.

./nufftk -shred keypair.ini -iter 25

Bin to Hex/Hex to Bin:

echo somestring|./nufftk -hex enc
echo hexstring|./nufftk -hex dec

TCP/IP Dump/Send:

./nufftk -tcp ip > PublicIP.txt
./nufftk -tcp dump [-pub "8081"]
echo $Pubkey|./nufftk -tcp send [-pub "8081" -host "127.0.0.1"]

Random Art (Public Key Fingerprint):

./nufftk -key $pubkey
or
./nufftk -key - < PubKey.pem

License

This project is licensed under the ISC License.

Directories ¶

Path	Synopsis
cmd
nufftk

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL