Edit ``Ironclad''

Ironclad is a Common Lisp *(Cryptography) package; several block encryption algorithms and hash functions are included with the initial release.  Its initial impetus was to unify several of the cryptographic packages for Common Lisp (such as the _(MD5) and _(SHA1) implementations floating around), but it aims at providing a cryptographic toolkit similar in scope to something like OpenSSL or Crypto++.

<ul>
<li>Supported ciphers: AES, DES, 3DES, Blowfish, Twofish, RC5, RC6, Arcfour (RC4)
<li>Supported hash functions: MD4, MD5, SHA1, SHA256, Tiger, Adler32, CRC32 (also supports tree hashes)
<li>*(RFC) <a href="http://www.ietf.org/rfc/rfc2104.txt">2104</a> HMACs and *(RFC) <a href="http://www.ietf.org/rfc/rfc4493.txt">4493</a> CMACs
<li>Public key schemes: DSA signing and verification
<li>Key derivation functions: PBKDF1, PBKDF2 (RFC 2898)
</ul>

The Ironclad homepage and package documentation can be found at:

<a href="http://method-combination.net/lisp/ironclad/">http://method-combination.net/lisp/ironclad/</a>

Ironclad can be downloaded from:

:(package "http://www.method-combination.net/lisp/files/ironclad.tar.gz")

An ASDF package-definition file is included, and the current release should be ASDF-installable.

The SHA-1 and SHA-256 hash functions do not work under _(CLISP) versions earlier than 2.34.  Please upgrade your _(CLISP) installation.  (The failures are related to _(CLISP)'s handling of (LOOP ... FINALLY ...).)

Ironclad is distributed under a liberal X11/MIT-like license.

<h2>Debian package</h2>

Ironclad has been <a href="http://packages.debian.org/sid/lisp/cl-ironclad">packaged for Debian</a>. You can just apt-get install it.

The latest Debian package sources can be found among the <a href="http://cl-debian.alioth.debian.org/cgi-bin/darcsweb.cgi">CL-Debian repositories</a>.

Note however that the Debian package lacks some cryptographic algorithms, removed due to patent issues. More information <a href="http://cl-debian.alioth.debian.org/repository/alceste/ironclad/debian/README.Debian">here</a>.

<h2>Using Ironclad</h2>

Tell us how you are using Ironclad:

<ul>
<li> To encrypt passwords for a web site, for that I created the following function:
<pre>(defun hash-password (password)
 (ironclad:byte-array-to-hex-string 
 (ironclad:digest-sequence 
 :sha256 
 (ironclad:ascii-string-to-byte-array password))))</pre>
</li>

<li> Very simple example of encrypting and decrypting a message using the blowfish algorithm :
<pre>(push "/home/mcarter/ironclad_0.20.1/" asdf:*central-registry*) ;or something similar
(asdf:oos 'asdf:load-op 'ironclad)

(defun cipher-example (message password)
 (let* ((iv (ironclad:ascii-string-to-byte-array password)) 
 (cipher (ironclad:make-cipher :blowfish :mode :ecb :key iv)))
 (setf message (ironclad:ascii-string-to-byte-array message))
 (format t "original message as bytes:~A~%" message)
 (ironclad:encrypt-in-place cipher message) 
 (format t "encrypted message as bytes:~A~%" message)
 (ironclad:decrypt-in-place cipher message)
 ;; convert the message back to a string
 (setf message (coerce message 'list))
 (setf message (mapcar #'code-char message))
 (setf message (coerce message 'string))
 (format t "your original message was:*~A*~%" message)))

* (cipher-example "ironclad is a way of encrypting and decrypting messages" "my password")

original message as bytes:#(105 114 111 110 99 108 97 100 32 105 115 32 97 32
 119 97 121 32 111 102 32 101 110 99 114 121 112
 116 105 110 103 32 97 110 100 32 100 101 99 114
 121 112 116 105 110 103 32 109 101 115 115 97 103
 101 115)
encrypted message as bytes:#(206 106 66 158 68 233 4 198 157 196 72 39 13 110
 140 102 0 27 7 177 80 46 144 203 187 69 89 95 208
 51 206 149 172 158 127 210 90 210 19 240 224 252
 137 13 19 206 188 20 101 115 115 97 103 101 115)
your original message was:*ironclad is a way of encrypting and decrypting messages*
NIL</pre>

<li> A more functional (hopefully simpler) example

<pre>(<a href="http://www.quicklisp.org/beta/">ql:quickload</a> :ironclad)
(defun get-cipher (key) (ironclad:make-cipher :blowfish :mode :ecb :key (ironclad:ascii-string-to-byte-array key)))

(defun encrypt (plaintext key)
 (let ((cipher (get-cipher key))
 (msg (ironclad:ascii-string-to-byte-array plaintext)))
 (ironclad:encrypt-in-place cipher msg)
 (ironclad:octets-to-integer msg)))

(defun decrypt (ciphertext-int key)
 (let ((cipher (get-cipher key))
 (msg (ironclad:integer-to-octets ciphertext-int)))
 (ironclad:decrypt-in-place cipher msg)
 (coerce (mapcar #'code-char (coerce msg 'list)) 'string)))

* (defvar test (encrypt "A simple test message" "pass"))
TEST

* test
369463901797626567104213850270827601164336028018533

* (decrypt test "pass")
"A simple test message"</pre>
</ul>

Please supply your name and a summary of changes for the Recent Changes page. If you are making a minor alteration to a page you recently edited, you can avoid making another Recent Changes entry by leaving the Summary box blank
Summary of changes:
Captcha (enter the word "lisp" here):
Your name:
Check this box to fill in your name automatically next time (uses a cookie)

Please note: other readers will see your changes immediately, but external search engines will continue to see the old version for another 24 hours. Spamming this site to improve your PageRank is therefore a particularly fruitless activity.

CLiki pages can be edited by anyone at any time. Imagine a fearsomely comprehensive disclaimer of liability. Now fear, comprehensively