Cryptkit is a Tcl binding to the Cryptlib security toolkit.
From the Cryptlib web site - "The Cryptlib security toolkit is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. The high-level interface provides anyone with the ability to add strong security capabilities to an application in as little as half an hour, without needing to know any of the low-level details that make the encryption or authentication work. Because of this, cryptlib dramatically reduces the cost involved in adding security to new or existing applications." [L1 ]
Cryptkit brings these benefits to Tcl.
This first release provides an API that closely matches the Cryptlib C API (to remain consistent with the existing documentation). The next release will have a more "Tclish" API.
Downloads
Cryptkit was written by Steve Landers [L6 ] and was made possible through the financial support of Eolas Technologies Inc. Cryptkit is distributed under a Tcl BSD style license, as documented in the license.terms file in the distribution.
MDD: Great job Steve!
Example - test cipher
proc testCipher {cryptAlgo keySize algoName} { # Create context with random IV (if it needs one) and a key derived # from a password using a salt and iteration count to hinder guessing # attacks cryptCreateContext encContext CRYPT_UNUSED $cryptAlgo cryptSetAttribute $encContext CRYPT_CTXINFO_KEYSIZE $keySize cryptSetAttribute $encContext CRYPT_CTXINFO_KEYING_ITERATIONS 10000 cryptSetAttributeString $encContext CRYPT_CTXINFO_KEYING_SALT "salt1234" cryptSetAttributeString $encContext CRYPT_CTXINFO_KEYING_VALUE "password123" # Encrypt 10 MB of text set text [binary format a[expr {10 * 1024 * 1024}] \0] set startTime [clock seconds] cryptEncrypt $encContext $text set endTime [clock seconds] puts "$cryptAlgo 10 Mb in [expr {$endTime - $startTime}] seconds" cryptDestroyContext $encContext } cryptInit cryptAddRandom NULL CRYPT_RANDOM_SLOWPOLL testCipher CRYPT_ALGO_HMAC_SHA 32 "HMAC-SHA1 Processed" testCipher CRYPT_ALGO_RC4 16 "RC4 Encrypted" testCipher CRYPT_ALGO_AES 16 "AES-128 CBC Encrypted" testCipher CRYPT_ALGO_AES 32 "AES-256 CBC Encrypted" testCipher CRYPT_ALGO_3DES 24 "3DES CBC Encrypted" cryptEnd
Implementation
Cryptkit is implemented using Critcl and uses the new criticl::cdefines feature that was implemented to meet the needs of Cryptkit. Critcl::cdefines allows C #defines and enums to be mapped from C into a Tcl namespace.
For example, cryptkit.tcl uses the following to map Cryptlib symbols (i.e. #defines and enums) into the cryptkit namespace
# map Cryptlib #defines and enums into the current namespace critcl::cdefines CRYPT_* [namespace current] # other defines critcl::cdefines { NULL TRUE FALSE TCL_OK TCL_ERROR } [namespace current]