prottk

command module
v0.0.0-...-6041d74 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 1, 2022 License: ISC Imports: 49 Imported by: 0

README

🇧🇷 BR-PROT Toolkit (Prototype 1521)

ISC License GoDoc Go Report Card

Out Bolsonaro!

Multi-purpose cross-platform cryptography tool for symmetric encryption, cipher-based message authentication code (CMAC), recursive hash digest, hash-based message authentication code (HMAC), HMAC-based key derivation function (HKDF), password-based key derivation function (PBKDF2), shared key agreement (ECDH), digital signature (ECDSA) and TLS 1.2 for small or embedded systems.

Padrão Brasileiro (Security Suite)

Public Key Algorithms:
  • BN 256/512-bit (Paulo Barreto & Michael Naehrig) (Default)
  • SM9 (BN 256-bit variant) (Chinese Academy of Sciences)
  • Brainpool 256/512-bit
  • ECDSA (Secp256r1 and Secp521r1 for TLS)
Block Ciphers:
  • Anubis (128-bit) (Paulo Barreto & Vincent Rijmen) (Default)
  • Rijndael 128/192/256-bit (Joan Daemen & Vincent Rijmen)
Modes of Operation for Block Ciphers
  • EAX: Encrypt-Authenticate-Translate (AEAD) (Default)
  • GCM: Galois/Counter Mode (AEAD)
  • OCB: Offset CodeBook (AEAD)
  • CFB8: Cipher Feedback 8-bit
  • CTR: Counter
  • OFB: Output Feedback
Hash Digests:
  • Keccak Legacy 256/512-bit (Joan Daemen)
  • RIPEMD 128/256-bit
  • SHA2 256/512-bit
  • SHA3 256/512-bit (Joan Daemen)
  • Whirlpool (512-bit) (Paulo Barreto & Vincent Rijmen) (default)
MAC Algorithm:

Features

  • Cryptographic Functions:

    • Symmetric Encryption + AEAD Modes
    • Digital Signature (ECDSA)
    • Recursive Hash Digest + Check
    • Shared key agreement (ECDH)
    • CMAC (Cipher-based message authentication code)
    • PMAC (Parallelizable message authentication code)
    • HMAC (Hash-based message authentication code)
    • HKDF (HMAC-based key derivation function)
    • PBKDF2 (Password-based key derivation function)
    • TLS 1.2 (Transport Layer Security)
  • Non-Cryptographic Functions:

    • Data sanitization method
    • Bin to Hex/Hex to Bin string conversion
    • Random Art (Public key Fingerprint)

Usage

 -algorithm string
       Public key algorithm: brainpool256r1, fp256bn. (default "fp256bn")
 -bits int
       Key length: 128, 192 or 256. (for RAND and PBKDF2) (default 128)
 -check string
       Check hashsum file. ('-' for STDIN)
 -cipher string
       Symmetric algorithm: Rijndael or Anubis. (default "anubis")
 -crypt string
       Encrypt/Decrypt with block ciphers.
 -digest string
       Target file/wildcard to generate hashsum list. ('-' for STDIN)
 -hex string
       Encode binary string to hex format and vice-versa.
 -hkdf
       HMAC-based key derivation function with a given output bit length.
 -info string
       Associated data, additional info. (for HKDF and AEAD encryption)
 -iter int
       Iterations. (for PBKDF2 and SHRED commands) (default 1)
 -iv string
       Initialization vector. (for non-AEAD symmetric encryption)
 -key string
       Private/Public key, Secret key or Password.
 -mac string
       Compute Hash-based/Cipher-based message authentication code.
 -md string
       Hash algorithm: SHA2, SHA3 or Whirlpool. (default "whirlpool")
 -mode string
       Mode of operation: GCM, OCB, CFB8, CTR or OFB. (default "EAX")
 -pbkdf2
       Password-based key derivation function.
 -pkey string
       Generate keypair, Derive shared secret, Sign and Verify.
 -pub string
       Remote's side Public key/remote's side Public IP.
 -rand
       Generate random cryptographic key.
 -recursive
       Process directories recursively.
 -salt string
       Salt. (for PBKDF2)
 -shred string
       Files/Path/Wildcard to apply data sanitization method.
 -signature string
       Signature. (for signature verification only)
 -tcp string
       Encrypted TCP/IP Transfer Protocol. [dump|listen|ip|send|dial]

Examples

Asymmetric EC keypair generation:
./prottk -pkey generate
./prottk -pkey text -key $prvkey
Shared key agreement:
./prottk -pkey derive -key $prvkey -pub $pubkey 
Digital signature:
./prottk -pkey sign -key $prvkey < file.ext > sign.txt
sign=$(cat sign.txt)
./prottk -verify -key $pubkey -signature $sign < file.ext
echo $?
Symmetric key generation:
./prottk -rand [-bits 128]
Encryption/decryption with Anubis block cipher:
./prottk -crypt enc -key $128bitkey < plaintext.ext > ciphertext.ext
./prottk -crypt dec -key $128bitkey < ciphertext.ext > plaintext.ext
HMAC:
./prottk -mac hmac -key $128bitkey < file.ext
./prottk -mac hmac -key $128bitkey -signature $hmac < file.ext
CMAC/PMAC:
./prottk -mac cmac -key $64bitkey < file.ext
./prottk -mac cmac -key $64bitkey -signature $128bitmac < file.ext
Chaskey MAC:
./prottk -mac chaskey -key $64bitkey < file.ext
./prottk -mac chaskey -key $64bitkey -signature $128bitmac < file.ext
HKDF (HMAC-based key derivation function 128-bit output):
./prottk -hkdf [-bits 128] -key "IKM" -info "AD" -salt "salt"
PBKDF2 (password-based key derivation function 2):
./prottk -pbkdf2 -key "pass" -iter 10000 -salt "salt"
Note:

PBKDF2 function can be combined with the CRYPT, HMAC commands:

./prottk -crypt enc -pbkdf2 -key "pass" < plaintext.ext > ciphertext.ext
./prottk -mac hmac -pbkdf2 -key "pass" -salt "salt" -iter 10000 < file.ext
Shred (Data sanitization method, 25 iterations):
./prottk -shred "keypair.ini" -iter 25
Bin to Hex/Hex to Bin:
./prottk -hex enc < File.ext > File.hex
./prottk -hex dec < File.hex > File.ext
./prottk -hex dump < File.ext
TLS Layer (TCP/IP):
./prottk -tcp ip > PubIP.txt
./prottk -tcp dump [-pub "8081"] > Token.jwt
./prottk -tcp send [-pub "127.0.0.1:8081"] < Token.jwt

./prottk -tcp listen [-pub "8081"]
./prottk -tcp dial [-pub "127.0.0.1:8081"]
Random Art (Public Key Fingerprint):
./prottk -key $pubkey
./prottk -key - < Pubkey.txt

License

This project is licensed under the ISC License.

Documentation

The Go Gopher

There is no documentation for this package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL