Projects

Crypto++

Crypto++ Library is a free C++ class library of cryptographic schemes. It includes classes for many cryptographic functions including DES, Triple DES, Blowfish, MD? and SHA*.

XySSL

[UPDATE 2008-12-31] As of now, XySSL is no longer maintained by Christophe Devine. The current project manager is Paul Bakker, and the new site can be accessed at: http://polarssl.org/ XySSL is an open-source cryptographic library for embedded systems. It provides standard crypto block: AES ... [More] , SHA-1, X.509, etc. as well as higher lever protocols: SSL v3 and TLS v1. XySSL has been ported on a number of architectures, including ARM, PowerPC, MIPS, and Motorola 68000. Its already small memory footprint can be easily reduced to 50k for a basic SSL client or server, by modifying a single .h configuration file. XySSL is currently used in several open-source (GPL) and closed-source projects, such as Adobe's flash player. [Less]

PolarSSL

PolarSSL is a light-weight open-source cryptographic library for embedded systems. Its designed to be: - Low profile - Self contained - Easy to inspect and audit - Easy to implement - Very modular - Easily expandable It provides standard crypto block: AES, Camellia ... [More] , SHA-1, SHA-2, X.509, etc. as well as higher lever protocols: SSL v3 and TLS v1.0 and v1.1. PolarSSL has been ported on a number of architectures, including ARM, PowerPC, MIPS, and Motorola 68000. Its already small memory footprint can be easily reduced to 50k for a basic SSL client or server, by modifying a single .h configuration file. PolarSSL is currently used in several open-source (GPL) and closed-source projects, such as Adobe's flash player. PolarSSL is the official fork of the former XySSL project [Less]

GtkHash

A GTK+ utility for computing message digests or checksums. Currently supported hash functions include MD5, MD6, SHA1, SHA256, SHA512, RIPEMD, TIGER and WHIRLPOOL.

luaxyssl

This is just a lua binding to the small, portable xyssl library in order to provide SSL functionalities in lua. It needs luasocket for the socket creation (bind, accept, connect etc). In other words, it is a "SSL filter" for an existing socket(or pipe including stdin/stdout say ... [More] launching from inetd). ===version 0.2=== (04/11/2007) now support xyssl 0.7 and xyssl 0.8 now support building on Windows using VC(including VC 8) source tarball can be found in the download area Windows binaries can be found in the download area(compatible with lua binaries 5.1) the source code of xyssl 0.7 and xyssl 0.8 can also be found in the download area ===version 0.1=== (04/11/2007) plug replacement of lua socket read/write(through the associated bufferio.lua) COPAS compatible(see httpd-co.lua) binding for cipher AES(ECB, CBC, CFB) and RC4 binding for MD5/SHA1 and assoicated HMAC binding for a fast crypto grade HAVEGE pseudo random generator more information about lua can be found at http://www.lua.org more information about xyssl can be found at http://xyssl.org [Less]

crypto-js

Crypto-JS is a growing collection of standard and secure cryptographic algorithms implemented in JavaScript using best practices and patterns. They are fast, and they have a consistent and simple interface. Discussion GroupQuick-start ... [More] GuideMD5SHA-1SHA-256AESRabbitMARC4HMACHMAC-MD5HMAC-SHA1HMAC-SHA256PBKDF2Utilities Discussion GroupShare your praises and criticims at the Crypto-JS discussion group. http://groups.google.com/group/crypto-js/topics Quick-start GuideMD5MD5 is a widely used hash function. It's been used in a variety of security applications and is also commonly used to check the integrity of files. Though, MD5 is not collision resistant, and it isn't suitable for applications like SSL certificates or digital signatures that rely on this property. var digest = Crypto.MD5("Message"); var digestBytes = Crypto.MD5("Message", { asBytes: true }); var digestString = Crypto.MD5("Message", { asString: true }); SHA-1The SHA hash functions were designed by the National Security Agency (NSA). SHA-1 is the most established of the existing SHA hash functions, and it's used in a variety of security applications and protocols. Though, SHA-1's collision resistance has been weakening as new attacks are discovered or improved. var digest = Crypto.SHA1("Message"); var digestBytes = Crypto.SHA1("Message", { asBytes: true }); var digestString = Crypto.SHA1("Message", { asString: true }); SHA-256SHA-256 is one of the three variants in the SHA-2 set. It isn't as widely used as SHA-1, though it appears to provide much better security. var digest = Crypto.SHA256("Message"); var digestBytes = Crypto.SHA256("Message", { asBytes: true }); var digestString = Crypto.SHA256("Message", { asString: true }); AESThe Advanced Encryption Standard (AES) is a U.S. Federal Information Processing Standard (FIPS). It was selected after a 5-year process where 15 competing designs were evaluated. var crypted = Crypto.AES.encrypt("Message", "Secret Passphrase"); var plain = Crypto.AES.decrypt(crypted, "Secret Passphrase"); RabbitRabbit is a high-performance stream cipher and a finalist in the eSTREAM Portfolio. It is one of the four designs selected after a 3 1/2-year process where 22 designs were evaluated. var crypted = Crypto.Rabbit.encrypt("Message", "Secret Passphrase"); var plain = Crypto.Rabbit.decrypt(crypted, "Secret Passphrase"); MARC4MARC4 (Modified Allegedly RC4) is based on RC4, a widely-used stream cipher. RC4 is used in popular protocols such as SSL and WEP. But though it's remarkable for its simplicity and speed, it has weaknesses. Crypto-JS provides a modified version that corrects these weaknesses, but the algorithm's history still doesn't inspire confidence in its security. var crypted = Crypto.MARC4.encrypt("Message", "Secret Passphrase"); var plain = Crypto.MARC4.decrypt(crypted, "Secret Passphrase"); HMACKeyed-hash message authentication codes (HMAC) is a mechanism for message authentication using cryptographic hash functions. HMAC can be used in combination with any iterated cryptographic hash function. HMAC-MD5 var hmac = Crypto.HMAC(Crypto.MD5, "Message", "Secret Passphrase"); var hmacBytes = Crypto.HMAC(Crypto.MD5, "Message", "Secret Passphrase", { asBytes: true }); var hmacString = Crypto.HMAC(Crypto.MD5, "Message", "Secret Passphrase", { asString: true }); HMAC-SHA1 var hmac = Crypto.HMAC(Crypto.SHA1, "Message", "Secret Passphrase"); var hmacBytes = Crypto.HMAC(Crypto.SHA1, "Message", "Secret Passphrase", { asBytes: true }); var hmacString = Crypto.HMAC(Crypto.SHA1, "Message", "Secret Passphrase", { asString: true }); HMAC-SHA256 var hmac = Crypto.HMAC(Crypto.SHA256, "Message", "Secret Passphrase"); var hmacBytes = Crypto.HMAC(Crypto.SHA256, "Message", "Secret Passphrase", { asBytes: true }); var hmacString = Crypto.HMAC(Crypto.SHA256, "Message", "Secret Passphrase", { asString: true }); PBKDF2PBKDF2 is a password-based key derivation function. In many applications of cryptography, user security is ultimately dependent on a password. And because a password usually cannot be used directly as a cryptographic key, some processing is required. A salt in password-based cryptography provides a large set of keys for any given password. An iteration count has traditionally served the purpose of increasing the cost of producing keys from a password, thereby also increasing the difficulty of attack. var salt = Crypto.charenc.Binary.bytesToString(Crypto.util.randomBytes(16)); var key128bit = Crypto.PBKDF2("Secret Passphrase", salt, 16); var key256bit = Crypto.PBKDF2("Secret Passphrase", salt, 32); var key512bit = Crypto.PBKDF2("Secret Passphrase", salt, 64); var key512bit1000 = Crypto.PBKDF2("Secret Passphrase", salt, 64, { iterations: 1000 }); Utilities var helloBytes = Crypto.charenc.Binary.stringToBytes("Hello, World!"); var helloString = Crypto.charenc.Binary.bytesToString(helloBytes); var utf8Bytes = Crypto.charenc.UTF8.stringToBytes("България"); var unicodeString = Crypto.charenc.UTF8.bytesToString(utf8Bytes); var helloHex = Crypto.util.bytesToHex(helloBytes); var helloBytes = Crypto.util.hexToBytes(helloHex); var helloBase64 = Crypto.util.bytesToBase64(helloBytes); var helloBytes = Crypto.util.base64ToBytes(helloBase64); [Less]

cryptorecoverer

Crypto is an open source java-based MD5 hash recoverer originally in production at the end of 2008 and continuing until the present. Why use Crypto? Simple enough: Crypto knows that word lists alone will not always find the necessary collision to produce a given string, and thus it tries a variety ... [More] of common modifications and permutations of a string to try to induce a result (e.g. hello -> h3llo -> HELLO -> ... h3llo39). It is because of this intelligent colliding that Crypto manages to have such a high success rate comparative to similar programs. Also, the ease of inserting hashes of different types and a multitude of other handy features (like autosaving any cracked hashes to save computing time later) make Crypto decidedly the program to use for MD5 hash recovering. [Less]

TropicSSL

TropicSSL is an unofficial fork of PolarSSL/XySSL, keeping the BSD-licensed code stream.