Zenroom

• Index

Contents

• Functions

Modules

• OCTET
• HASH
• AES
• ECDH
• ECP
• String
• Table
• INSPECT
• ZEN
• BIG

Examples

• keygen.lua
• crypt-to-multi.lua

Module HASH

Cryptographic hash functions

An hash is also known as 'message digest', 'digital fingerprint', 'digest' or 'checksum'.

HASH objects can be generated from a number of implemented algorithms: sha256 and sha512 are stable and pass NIST vector tests. There are also sha384, sha3_256 and sha3_512 with experimental implementations that aren't passing NIST vector tests.

objects are instantiated using HASH:new and then provide the method HASH:process that takes an input OCTET and then returns another fixed-size octet that is uniquely matched to the original data. The process is not reversible (the original data cannot be retrieved from an hash).

Info:

• Copyright: Dyne.org foundation 2017-2019
• License: AGPLv3
• Author: Denis "Jaromil" Roio

Functions

new (string)	Create a new hash object of a selected algorithm (sha256 or sha512).
hash:process (data)	Hash an octet into a new octet.
keyring:hmac (key, data)	Compute the HMAC of a message using a key.
keyring:kdf2 (hash, key)	Key Derivation Function (KDF2).
keyring:pbkdf2 (key, salt, iterations, length)	Password Based Key Derivation Function (PBKDF2).

Functions

new (string)

Create a new hash object of a selected algorithm (sha256 or sha512). The resulting object can then process any OCTET into its hashed equivalent. (string)

Parameters:

• string indicating the type of hash algorithm

Returns:

a new hash object ready to process data.

See also:

process

hash:process (data)

Hash an octet into a new octet. Use the configured hash function to hash an octet string and return a new one containing its hash. (data)

Parameters:

• data octet containing the data to be hashed

Returns:

a new octet containing the hash of the data

keyring:hmac (key, data)

Compute the HMAC of a message using a key. This method takes any data and any key material to comput an HMAC of the same length of the hash bytes of the keyring. This function works in accordance with RFC2104. (key, data)

Parameters:

• key an octet containing the key to compute the HMAC
• data an octet containing the message to compute the HMAC

Returns:

a new octet containing the computed HMAC or false on failure

keyring:kdf2 (hash, key)

Key Derivation Function (KDF2). Key derivation is used to strengthen keys against bruteforcing: they impose a number of costly computations to be iterated on the key. This function generates a new key from an existing key applying an octet of key derivation parameters. (key)

Parameters:

• hash initialized HASH or ECDH object
• key octet of the key to be transformed

Returns:

a new octet containing the derived key

keyring:pbkdf2 (key, salt, iterations, length)

Password Based Key Derivation Function (PBKDF2). This function generates a new key from an existing key applying a salt and number of iterations. (key, salt, iterations, length)

Parameters:

• key octet of the key to be transformed
• salt octet containing a salt to be used in transformation
• iterations [opt=1000] number of iterations to be applied
• length [opt=key length] integer indicating the new length (default same as input key)

Returns:

a new octet containing the derived key

See also:

keyring:kdf2