369 lines
8.7 KiB
Lua
369 lines
8.7 KiB
Lua
local crypto = {}
|
|
|
|
-- ======================================================================
|
|
-- ENCODING / DECODING
|
|
-- ======================================================================
|
|
|
|
function crypto.base64_encode(data)
|
|
local result, err = moonshark.base64_encode(data)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
function crypto.base64_decode(data)
|
|
local result, err = moonshark.base64_decode(data)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
function crypto.base64_url_encode(data)
|
|
local result, err = moonshark.base64_url_encode(data)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
function crypto.base64_url_decode(data)
|
|
local result, err = moonshark.base64_url_decode(data)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
function crypto.hex_encode(data)
|
|
local result, err = moonshark.hex_encode(data)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
function crypto.hex_decode(data)
|
|
local result, err = moonshark.hex_decode(data)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
-- ======================================================================
|
|
-- HASHING FUNCTIONS
|
|
-- ======================================================================
|
|
|
|
function crypto.md5(data)
|
|
local result, err = moonshark.md5_hash(data)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
function crypto.sha1(data)
|
|
local result, err = moonshark.sha1_hash(data)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
function crypto.sha256(data)
|
|
local result, err = moonshark.sha256_hash(data)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
function crypto.sha512(data)
|
|
local result, err = moonshark.sha512_hash(data)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
-- Hash file contents
|
|
function crypto.hash_file(path, algorithm)
|
|
algorithm = algorithm or "sha256"
|
|
|
|
if not moonshark.file_exists(path) then
|
|
error("File not found: " .. path)
|
|
end
|
|
|
|
local content = moonshark.file_read(path)
|
|
if not content then
|
|
error("Failed to read file: " .. path)
|
|
end
|
|
|
|
if algorithm == "md5" then
|
|
return crypto.md5(content)
|
|
elseif algorithm == "sha1" then
|
|
return crypto.sha1(content)
|
|
elseif algorithm == "sha256" then
|
|
return crypto.sha256(content)
|
|
elseif algorithm == "sha512" then
|
|
return crypto.sha512(content)
|
|
else
|
|
error("Unsupported hash algorithm: " .. algorithm)
|
|
end
|
|
end
|
|
|
|
-- ======================================================================
|
|
-- HMAC FUNCTIONS
|
|
-- ======================================================================
|
|
|
|
function crypto.hmac_sha1(message, key)
|
|
local result, err = moonshark.hmac_sha1(message, key)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
function crypto.hmac_sha256(message, key)
|
|
local result, err = moonshark.hmac_sha256(message, key)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
-- ======================================================================
|
|
-- UUID FUNCTIONS
|
|
-- ======================================================================
|
|
|
|
function crypto.uuid()
|
|
return moonshark.uuid_generate()
|
|
end
|
|
|
|
function crypto.uuid_v4()
|
|
return moonshark.uuid_generate_v4()
|
|
end
|
|
|
|
function crypto.is_uuid(str)
|
|
return moonshark.uuid_validate(str)
|
|
end
|
|
|
|
-- ======================================================================
|
|
-- RANDOM GENERATORS
|
|
-- ======================================================================
|
|
|
|
function crypto.random_bytes(length)
|
|
local result, err = moonshark.random_bytes(length)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
function crypto.random_hex(length)
|
|
local result, err = moonshark.random_hex(length)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
function crypto.random_string(length, charset)
|
|
local result, err = moonshark.random_string(length, charset)
|
|
if not result then
|
|
error(err)
|
|
end
|
|
return result
|
|
end
|
|
|
|
-- Generate random alphanumeric string
|
|
function crypto.random_alphanumeric(length)
|
|
return crypto.random_string(length, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
|
|
end
|
|
|
|
-- Generate random password with mixed characters
|
|
function crypto.random_password(length, include_symbols)
|
|
length = length or 12
|
|
local charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
|
|
|
|
if include_symbols then
|
|
charset = charset .. "!@#$%^&*()_+-=[]{}|;:,.<>?"
|
|
end
|
|
|
|
return crypto.random_string(length, charset)
|
|
end
|
|
|
|
-- Generate cryptographically secure token
|
|
function crypto.token(length)
|
|
length = length or 32
|
|
return crypto.random_hex(length)
|
|
end
|
|
|
|
-- ======================================================================
|
|
-- UTILITY FUNCTIONS
|
|
-- ======================================================================
|
|
|
|
function crypto.secure_compare(a, b)
|
|
return moonshark.secure_compare(a, b)
|
|
end
|
|
|
|
-- Generate checksum for data integrity
|
|
function crypto.checksum(data, algorithm)
|
|
algorithm = algorithm or "sha256"
|
|
return crypto.hash_file and crypto[algorithm] and crypto[algorithm](data) or error("Invalid algorithm")
|
|
end
|
|
|
|
-- Verify data against checksum
|
|
function crypto.verify_checksum(data, expected, algorithm)
|
|
algorithm = algorithm or "sha256"
|
|
local actual = crypto[algorithm](data)
|
|
return crypto.secure_compare(actual, expected)
|
|
end
|
|
|
|
-- Simple encryption using XOR (not cryptographically secure)
|
|
function crypto.xor_encrypt(data, key)
|
|
local result = {}
|
|
local key_len = #key
|
|
|
|
for i = 1, #data do
|
|
local data_byte = string.byte(data, i)
|
|
local key_byte = string.byte(key, ((i - 1) % key_len) + 1)
|
|
table.insert(result, string.char(bit32 and bit32.bxor(data_byte, key_byte) or bit.bxor(data_byte, key_byte)))
|
|
end
|
|
|
|
return table.concat(result)
|
|
end
|
|
|
|
-- XOR decryption (same as encryption)
|
|
function crypto.xor_decrypt(data, key)
|
|
return crypto.xor_encrypt(data, key)
|
|
end
|
|
|
|
-- Generate hash chain for proof of work
|
|
function crypto.hash_chain(data, iterations, algorithm)
|
|
iterations = iterations or 1000
|
|
algorithm = algorithm or "sha256"
|
|
|
|
local result = data
|
|
for i = 1, iterations do
|
|
result = crypto[algorithm](result)
|
|
end
|
|
return result
|
|
end
|
|
|
|
-- Key derivation using PBKDF2-like approach (simplified)
|
|
function crypto.derive_key(password, salt, iterations, algorithm)
|
|
iterations = iterations or 10000
|
|
algorithm = algorithm or "sha256"
|
|
salt = salt or crypto.random_hex(16)
|
|
|
|
local derived = password .. salt
|
|
for i = 1, iterations do
|
|
derived = crypto[algorithm](derived)
|
|
end
|
|
|
|
return derived, salt
|
|
end
|
|
|
|
-- Generate nonce (number used once)
|
|
function crypto.nonce(length)
|
|
length = length or 16
|
|
return crypto.random_hex(length)
|
|
end
|
|
|
|
-- Create message authentication code
|
|
function crypto.mac(message, key, algorithm)
|
|
algorithm = algorithm or "sha256"
|
|
return crypto["hmac_" .. algorithm](message, key)
|
|
end
|
|
|
|
-- Verify message authentication code
|
|
function crypto.verify_mac(message, key, mac, algorithm)
|
|
algorithm = algorithm or "sha256"
|
|
local expected = crypto.mac(message, key, algorithm)
|
|
return crypto.secure_compare(expected, mac)
|
|
end
|
|
|
|
-- ======================================================================
|
|
-- CONVENIENCE FUNCTIONS
|
|
-- ======================================================================
|
|
|
|
-- One-shot encoding chain
|
|
function crypto.encode_chain(data, formats)
|
|
formats = formats or {"base64"}
|
|
local result = data
|
|
|
|
for _, format in ipairs(formats) do
|
|
if format == "base64" then
|
|
result = crypto.base64_encode(result)
|
|
elseif format == "base64url" then
|
|
result = crypto.base64_url_encode(result)
|
|
elseif format == "hex" then
|
|
result = crypto.hex_encode(result)
|
|
else
|
|
error("Unknown encoding format: " .. format)
|
|
end
|
|
end
|
|
|
|
return result
|
|
end
|
|
|
|
-- One-shot decoding chain (reverse order)
|
|
function crypto.decode_chain(data, formats)
|
|
formats = formats or {"base64"}
|
|
local result = data
|
|
|
|
-- Reverse the formats for decoding
|
|
for i = #formats, 1, -1 do
|
|
local format = formats[i]
|
|
if format == "base64" then
|
|
result = crypto.base64_decode(result)
|
|
elseif format == "base64url" then
|
|
result = crypto.base64_url_decode(result)
|
|
elseif format == "hex" then
|
|
result = crypto.hex_decode(result)
|
|
else
|
|
error("Unknown decoding format: " .. format)
|
|
end
|
|
end
|
|
|
|
return result
|
|
end
|
|
|
|
-- Hash multiple inputs
|
|
function crypto.hash_multiple(inputs, algorithm)
|
|
algorithm = algorithm or "sha256"
|
|
local combined = table.concat(inputs, "")
|
|
return crypto[algorithm](combined)
|
|
end
|
|
|
|
-- Create fingerprint from table data
|
|
function crypto.fingerprint(data, algorithm)
|
|
algorithm = algorithm or "sha256"
|
|
return crypto[algorithm](json.encode(data))
|
|
end
|
|
|
|
-- Simple data integrity check
|
|
function crypto.integrity_check(data)
|
|
return {
|
|
data = data,
|
|
hash = crypto.sha256(data),
|
|
timestamp = os.time(),
|
|
uuid = crypto.uuid()
|
|
}
|
|
end
|
|
|
|
-- Verify integrity check
|
|
function crypto.verify_integrity(check)
|
|
if not check.data or not check.hash then
|
|
return false
|
|
end
|
|
|
|
local expected = crypto.sha256(check.data)
|
|
return crypto.secure_compare(expected, check.hash)
|
|
end
|
|
|
|
return crypto
|