Let us see how to encrypt with Emacs?

Let us see how to encrypt with Emacs?

[Jean Louis]

I would like to make a simple function where I can encrypt strings
with Emacs. I did not find enough examples in Emacs Lisp manual:

 -- Function: gnutls-ciphers
     This function returns the alist of the GnuTLS ciphers.

     Each entry has a key which represents the cipher, followed by a
     plist with internal details about the algorithm.  The plist will
     have ‘:type gnutls-symmetric-cipher’ and also will have the keys
     ‘:cipher-aead-capable’ set to ‘nil’ or ‘t’ to indicate AEAD
     capability; and ‘:cipher-tagsize’ ‘:cipher-blocksize’
     ‘:cipher-keysize’ ‘:cipher-ivsize’ to indicate the size, in bytes,
     of the tag, block size of the resulting data, the key, and the IV
respectively.

(gnutls-ciphers) gives among other cipers this example:

(CHACHA20-64 :cipher-id 35 :type gnutls-symmetric-cipher
:cipher-aead-capable nil :cipher-tagsize 0 :cipher-blocksize 64
:cipher-keysize 32 :cipher-ivsize 16)

So let us say I wish to use CHACHA20-64 cipher.

 -- Function: gnutls-symmetric-encrypt cipher key iv input &optional
          aead_auth
     The CIPHER can be the whole plist from ‘gnutls-ciphers’, or just
     the symbol key, or a string with the name of that symbol.

     The KEY can be specified as a buffer or string or in other ways
     (*note Format of GnuTLS Cryptography Inputs::).  The KEY will be
     wiped after use if it’s a string.

     The IV and INPUT and the optional AEAD_AUTH can be specified as a
     buffer or string or in other ways (*note Format of GnuTLS
     Cryptography Inputs::).

     AEAD_AUTH is only checked with AEAD ciphers, that is, ciphers whose
     plist has ‘:cipher-aead-capable t’.  Otherwise it’s ignored.

     This function returns ‘nil’ on error, and signals a Lisp error if
     the CIPHER or KEY, IV, or INPUT are invalid, or if AEAD_AUTH was
     specified with an AEAD cipher and was invalid.

     On success, it returns a list of a binary string (the output) and
     the IV used.

As from:
(info "(elisp) Format of GnuTLS Cryptography Inputs") I am not
getting how to invoke function (iv-auto 16), does anybody knows
how to do that?

I was thinking something like this:

(gnutls-symmetric-encrypt "CHACHA20-64" "MyPassword987" (make-string 16 (random 100)) "Text to encrypt")

but error is:

(error "GnuTLS cipher CHACHA20-64/encrypt key length 13 is not equal to the required 32")

which is somehow clear, so maybe I could use the function `string-pad':

(gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) "Text to encrypt")

then I get error:

(error "GnuTLS cipher CHACHA20-64/encrypt input block length 15 is not a multiple of the required 64")

and try to remedy it with some result, that is vague, as text
longer than 64 I would not know how to chunk and what is expected
from me:

(gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) (string-pad "Text to encrypt" 64)) ⇒ ("woEB\351^[Q^[e\262\x026Hn\360\211\332g\336\331@\357\327\246n\326XL\344\334=\305\x1c\307\232\360\277\x01\301\253\215\3108\x15\202^['\a\232\301\234\373\234\364\344\276ws\355\x1d\x06YJQ" "****************")

(setq encrypted (gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) (string-pad "Text to encrypt" 64)))

And I can decrypt it:

(car (gnutls-symmetric-decrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (cadr encrypted) (car encrypted))) ⇒ "Text to encrypt                                                 "

but that is not well integrated for practical encryption as I
have to employ padding even for string to be encrypted, and
chunking of string to 64 bytes.

So I would like to use this input, but I do not understand and
cannot get example how to usei t, and I did review md5 and
secure-hash functions and still... I need help.

33.27.1 Format of GnuTLS Cryptography Inputs
--------------------------------------------

The inputs to GnuTLS cryptographic functions can be specified in several
ways, both as primitive Emacs Lisp types or as lists.

   The list form is currently similar to how ‘md5’ and ‘secure-hash’
operate.

‘BUFFER’
     Simply passing a buffer as input means the whole buffer should be
     used.

‘STRING’
     A string as input will be used directly.  It may be modified by the
     function (unlike most other Emacs Lisp functions) to reduce the
chance of exposing sensitive data after the function does its work.

I am trying to use list with STRING as following and that does not work:

(gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) '(STRING "Text to encrypt"))

I am just guessing that as explained in (info "(elisp) Format of
GnuTLS Cryptography Inputs") that such input with STRING in the
list would automaticall chunk the string how it is necessary.

I need confirmation on that as to construct more practical
function for my neeeds.


Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/

Re: Let us see how to encrypt with Emacs?

[Eli Zaretskii]

> Date: Fri, 09 Jul 2021 10:38:41 +0300
> From: Jean Louis <bugs@gnu.support>
> 
> (gnutls-symmetric-encrypt "CHACHA20-64" "MyPassword987" (make-string 16 (random 100)) "Text to encrypt")
> 
> but error is:
> 
> (error "GnuTLS cipher CHACHA20-64/encrypt key length 13 is not equal to the required 32")
> 
> which is somehow clear, so maybe I could use the function `string-pad':
> 
> (gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) "Text to encrypt")
> 
> then I get error:
> 
> (error "GnuTLS cipher CHACHA20-64/encrypt input block length 15 is not a multiple of the required 64")
> 
> and try to remedy it with some result, that is vague, as text
> longer than 64 I would not know how to chunk and what is expected
> from me:
> 
> (gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) (string-pad "Text to encrypt" 64)) ⇒ ("woEB\351^[Q^[e\262\x026Hn\360\211\332g\336\331@\357\327\246n\326XL\344\334=\305\x1c\307\232\360\277\x01\301\253\215\3108\x15\202^['\a\232\301\234\373\234\364\344\276ws\355\x1d\x06YJQ" "****************")
> 
> (setq encrypted (gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) (string-pad "Text to encrypt" 64)))
> 
> And I can decrypt it:
> 
> (car (gnutls-symmetric-decrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (cadr encrypted) (car encrypted))) ⇒ "Text to encrypt                                                 "
> 
> but that is not well integrated for practical encryption as I
> have to employ padding even for string to be encrypted, and
> chunking of string to 64 bytes.

No, you don't need to chunk, you just need to pad to a multiple of 64
bytes.

> So I would like to use this input, but I do not understand and
> cannot get example how to usei t, and I did review md5 and
> secure-hash functions and still... I need help.

What kind of help?  To use these functions, you need to learn about
the various ciphers and what they require.  This is something the
Emacs Lisp reference manual cannot teach you.

> ‘STRING’
>      A string as input will be used directly.  It may be modified by the
>      function (unlike most other Emacs Lisp functions) to reduce the
> chance of exposing sensitive data after the function does its work.
> 
> I am trying to use list with STRING as following and that does not work:
> 
> (gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) '(STRING "Text to encrypt"))

What do you mean by "does not work"?

Re: Let us see how to encrypt with Emacs?

[Jean Louis]

* Eli Zaretskii <eliz@gnu.org> [2021-07-09 13:40]:
> > (setq encrypted (gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) (string-pad "Text to encrypt" 64)))
> > 
> > And I can decrypt it:
> > 
> > (car (gnutls-symmetric-decrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (cadr encrypted) (car encrypted))) ⇒ "Text to encrypt                                                 "
> > 
> > but that is not well integrated for practical encryption as I
> > have to employ padding even for string to be encrypted, and
> > chunking of string to 64 bytes.
> 
> No, you don't need to chunk, you just need to pad to a multiple of 64
> bytes.

I guess something like this unless I am making an error:

(defun pad-to-multiple-bytes (string max)
  "Return string padded to multiple of MAX bytes."
  (let* ((bytes (string-bytes string))
	 (multiple (truncate (/ bytes max)))
	 (multiple (if (zerop multiple) max (* (1+ multiple) max))))
    (string-pad string multiple)))

> What kind of help?  To use these functions, you need to learn about
> the various ciphers and what they require.  This is something the
> Emacs Lisp reference manual cannot teach you.
> 
> > ‘STRING’
> >      A string as input will be used directly.  It may be modified by the
> >      function (unlike most other Emacs Lisp functions) to reduce the
> > chance of exposing sensitive data after the function does its work.
> > 
> > I am trying to use list with STRING as following and that does not work:
> > 
> > (gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) '(STRING "Text to encrypt"))
> 
> What do you mean by "does not work"?

I get invalid object argument: STRING so I do not understand how to use STRING there.


Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/

Re: Let us see how to encrypt with Emacs?

[tomas]

[-- Attachment #1: Type: text/plain, Size: 2112 bytes --]

On Fri, Jul 09, 2021 at 02:32:10PM +0300, Jean Louis wrote:
> * Eli Zaretskii <eliz@gnu.org> [2021-07-09 13:40]:

[...]

> > No, you don't need to chunk, you just need to pad to a multiple of 64
> > bytes.
> 
> I guess something like this unless I am making an error:
> 
> (defun pad-to-multiple-bytes (string max)
>   "Return string padded to multiple of MAX bytes."
>   (let* ((bytes (string-bytes string))
> 	 (multiple (truncate (/ bytes max)))
> 	 (multiple (if (zerop multiple) max (* (1+ multiple) max))))
>     (string-pad string multiple)))

small critiques

 - see the `ceiling' function: it does what you want (perhaps
   except at zero. I'm not sure you want to encrypt a zero
   bytes string at all, but this might get philosophical)
 - MAX is an unfortunate variable name for that. Chunksize,
   blocksize or some relative or abbrev might be better
 - Using twice the same var name in a (let* ...) looks
   confusing. To me, at least.

> > What kind of help?  To use these functions, you need to learn about
> > the various ciphers and what they require.  This is something the
> > Emacs Lisp reference manual cannot teach you.
> > 
> > > ‘STRING’
> > >      A string as input will be used directly.  It may be modified by the
> > >      function (unlike most other Emacs Lisp functions) to reduce the
> > > chance of exposing sensitive data after the function does its work.
> > > 
> > > I am trying to use list with STRING as following and that does not work:
> > > 
> > > (gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) '(STRING "Text to encrypt"))
> > 
> > What do you mean by "does not work"?
> 
> I get invalid object argument: STRING so I do not understand how to use STRING there.

No, no. The STRING in the manual is meta-syntactic. It's saying
that "when the arg is a string". You are providing a two-element
list. Try (warning: untested!):

  (gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) "Text to encrypt")

Cheers
 - t

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: Let us see how to encrypt with Emacs?

[Eli Zaretskii]

> Date: Fri, 9 Jul 2021 14:32:10 +0300
> From: Jean Louis <bugs@gnu.support>
> Cc: help-gnu-emacs@gnu.org
> 
> > > ‘STRING’
> > >      A string as input will be used directly.  It may be modified by the
> > >      function (unlike most other Emacs Lisp functions) to reduce the
> > > chance of exposing sensitive data after the function does its work.
> > > 
> > > I am trying to use list with STRING as following and that does not work:
> > > 
> > > (gnutls-symmetric-encrypt "CHACHA20-64" (string-pad "MyPassword987" 32) (make-string 16 (random 100)) '(STRING "Text to encrypt"))
> > 
> > What do you mean by "does not work"?
> 
> I get invalid object argument: STRING so I do not understand how to use STRING there.

You are misinterpreting what the manual shows.  STRING in upper-case
is a meta-syntactic variable, it means in actual usage you need to
_replace_ it with a Lisp string.  So just use "Text to encrypt",
without the rest.

Re: Let us see how to encrypt with Emacs?

[Jean Louis]

I am thinking to have it simpler for practical purposes, so here
is what I made now:

(defun pad-to-multiple-bytes (string max)
  "Return string padded to multiple of MAX bytes."
  (let* ((bytes (string-bytes string))
	 (multiple (truncate (/ bytes max)))
	 (multiple (if (zerop multiple) max (* (1+ multiple) max))))
    (string-pad string multiple)))

(defun rcd-encrypt-chacha20-64 (string password)
  "Encrypt STRING with PASSWORD by using CHACHA20-64 cipher."
  (let* ((key (pad-to-multiple-bytes password 32))
	 (iv (substring (gnutls-hash-digest "SHA512" password) 0 15))
	 (iv (pad-to-multiple-bytes iv 16))
	 (string (pad-to-multiple-bytes string 64)))
    (car (gnutls-symmetric-encrypt "CHACHA20-64" key iv string))))

(rcd-encrypt-chacha20-64 "Some text here" "123Mypassword123") ⇒ "\352\200\333\2460\246\330\x1c\211P\311\207\260m\211R\x0eD0\222\237\200K=\216\214\267\320p\273\x1a>,\x7fT\262 k\361\336;i\336I\325\x0fXi\200^[G\325\303\x01\x15\x7f\312\320\x17\254D\x1cg9"

(defun rcd-decrypt-chacha20-64 (encrypted-string password)
  "Decrypt ENCRYPTED-STRING with PASSWORD by using CHACHA20-64 cipher.

The return string will be trimmed."
  (let* ((key (pad-to-multiple-bytes password 32))
	 (iv (substring (gnutls-hash-digest "SHA512" password) 0 15))
	 (iv (pad-to-multiple-bytes iv 16))
	 (decrypted (gnutls-symmetric-decrypt "CHACHA20-64" key iv encrypted-string))
	 (decrypted (string-trim (car decrypted))))
    decrypted))

(rcd-decrypt-chacha20-64 (rcd-encrypt-chacha20-64 "Some text here" "123Mypassword123") "123Mypassword123") ⇒ "Some text here"

As that is more practical function.

And maybe making a more generic function would be helpful. 

For generci function I wonder if the function `gnutls-cipers'
really yields alist or not, I am not sure, but this below seem to
work:

(alist-get 'RC2-40 (gnutls-ciphers)) ⇒ (:cipher-id 17 :type gnutls-symmetric-cipher :cipher-aead-capable nil :cipher-tagsize 0 :cipher-blocksize 8 :cipher-keysize 5 :cipher-ivsize 8)

Then result yields basically plist:

(plist-get (alist-get 'RC2-40 (gnutls-ciphers)) :cipher-id) ⇒ 17

Then I have the generic function that will satisfy my needs:

(defun rcd-encrypt-decrypt (enc-dec password &optional decrypt cipher digest)
  "Encrypt or decrypt ENC-DEC wi PASSWORD.

Default cipher is CHACHA20-64 or CIPHER as defined by the
function `gnutls-ciphers'. 

Default digest is SHA512 or HASH as defined by the function
`gnutls-digests'.

Function encrypts by default, with DECRYPT being anything but
NIL, it will decrypt the ENC-DEC. "
  (let* ((cipher (or cipher "CHACHA20-64"))
	 (cipher-plist (alist-get cipher (gnutls-ciphers) nil nil 'string=))
	 (cipher-key-size (plist-get cipher-plist :cipher-keysize))
	 (key (pad-to-multiple-bytes password cipher-key-size))
	 (digest (or digest "SHA512"))
	 (hash (gnutls-hash-digest digest password))
	 (iv-size (plist-get cipher-plist :cipher-ivsize))
	 (iv (substring hash 0 iv-size))
	 (iv (string-pad iv iv-size))
	 (block-size (plist-get cipher-plist :cipher-blocksize))
	 (enc-dec (if decrypt enc-dec (pad-to-multiple-bytes enc-dec block-size))))
    (if decrypt
	(string-trim (car (gnutls-symmetric-decrypt cipher key iv enc-dec)))
      (car (gnutls-symmetric-encrypt cipher key iv enc-dec)))))

(rcd-encrypt-decrypt "My string here" "My password 123") ⇒ "\273/\322Xk_m@\372a\323\x1d\257\317\330\301\263\224\220\351\303>\241\245\a[\344\226\203;\f-\244\265\331\263\253\354\230\206\x05\3140\221\341\370\361&\333\317\357T?(\302#\206&\355\x01\x04\x01~\200"

(rcd-encrypt-decrypt (rcd-encrypt-decrypt "My string here" "My password 123") "My password 123" t) ⇒ "My string here"

Now I come to what I really need, that is to encrypt and encode by base64 method:

(defun rcd-encrypt-decrypt-base64 (enc-dec password &optional decrypt cipher digest no-line-break)
  "Use base64 encoding and decoding with encryption."
  (let* ((enc-dec (if decrypt (base64-decode-string enc-dec) enc-dec))
	 (enc-dec (rcd-encrypt-decrypt enc-dec password decrypt cipher digest))
	 (enc-dec (if decrypt enc-dec (base64-encode-string enc-dec no-line-break))))
    enc-dec))

(rcd-encrypt-decrypt-base64 "My string" "MyPassword987" nil nil nil t) ⇒ "XOxgVUXurXzqWP9y5pzs6IwjWafdG6sWcqVz13HzfYhnWLiDn3/yo8DuMnrTuIjCC9BEyAxqW7dmAt9h0bwKoA=="

(rcd-encrypt-decrypt-base64 "XOxgVUXurXzqWP9y5pzs6IwjWafdG6sWcqVz13HzfYhnWLiDn3/yo8DuMnrTuIjCC9BEyAxqW7dmAt9h0bwKoA==" "MyPassword987" t) ⇒ "My string"

As that I can pass to the URL for Double Opt-In purposes instead
revealing the information to the public. Then I can even put
whole Emacs hash into the URL:

(setq hash (make-hash-table))
(puthash "MID" 123 hash)
(puthash "EID" 98 hash)
(puthash "CID" 333 hash)
(puthash "redirect" "https://www.example.com" hash)

hash ⇒ #s(hash-table size 65 test eql rehash-size 1.5 rehash-threshold 0.8125 data ("MID" 123 "CID" 333 "EID" 98 "redirect" "https://www.example.com"))

(rcd-encrypt-decrypt-base64 (prin1-to-string hash) "MyPassword987" nil nil nil t) ⇒ "MuZoTlDvrD/5Gb0+o5y/odZmWbHIG/9TIfFzkiC/fdoiEPnQ13Kh6pqrMmvdrYiQTpgFm0RnD/80R4wpnvBOoKGtDWQnpv/5191ZzmNRmNDBDLJdG/f/Iv9VR0LmieP38cvWtZ3uxGWZdsaWCBhtsqDDYFrTS6mrPXmmyGE4hjedt3Z9E9cDOStlgiS+ynwwmlhNJf0Jga5848y/I+To2+zp3qw9Z+KiOhq+Vr2Mpm8/6zFQ9YxuDZNy9LWjJL/L"

And use that to subscribe users, unsubscribe and similar with
more safety that users will not abuse my system.


Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/

Re: Let us see how to encrypt with Emacs?

[Jean Louis]

* Eli Zaretskii <eliz@gnu.org> [2021-07-09 14:56]:
> You are misinterpreting what the manual shows.  STRING in upper-case
> is a meta-syntactic variable, it means in actual usage you need to
> _replace_ it with a Lisp string.  So just use "Text to encrypt",
> without the rest.

Aaa. That? OK I got confused with the wordings:

The inputs to GnuTLS cryptographic functions can be specified in several
ways, both as primitive Emacs Lisp types or as lists.

Re: Let us see how to encrypt with Emacs?

[Jean Louis]

* tomas@tuxteam.de <tomas@tuxteam.de> [2021-07-09 14:53]:
> On Fri, Jul 09, 2021 at 02:32:10PM +0300, Jean Louis wrote:
> > * Eli Zaretskii <eliz@gnu.org> [2021-07-09 13:40]:
> 
> [...]
> 
> > > No, you don't need to chunk, you just need to pad to a multiple of 64
> > > bytes.
> > 
> > I guess something like this unless I am making an error:
> > 
> > (defun pad-to-multiple-bytes (string max)
> >   "Return string padded to multiple of MAX bytes."
> >   (let* ((bytes (string-bytes string))
> > 	 (multiple (truncate (/ bytes max)))
> > 	 (multiple (if (zerop multiple) max (* (1+ multiple) max))))
> >     (string-pad string multiple)))
> 
> small critiques
> 
>  - see the `ceiling' function: it does what you want (perhaps
>    except at zero.

Thanks, now I know for that:

(defun pad-to-multiple-bytes (string length)
  "Return string padded to multiple of MAX bytes."
  (let* ((bytes (string-bytes string))
	 (multiple (* (ceiling bytes length) length)))
    (string-pad string multiple)))

> I'm not sure you want to encrypt a zero bytes string at all, but
> this might get philosophical)

There may be problems which I will never encounter practically. I know.

>  MAX is an unfortunate variable name for that.

Now is length.

-- 
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/

Re: Let us see how to encrypt with Emacs?

[tomas]

[-- Attachment #1: Type: text/plain, Size: 774 bytes --]

On Fri, Jul 09, 2021 at 03:35:21PM +0300, Jean Louis wrote:
> * tomas@tuxteam.de <tomas@tuxteam.de> [2021-07-09 14:53]:

[...]

> >  - see the `ceiling' function [...]

> Thanks, now I know for that:
> 
> (defun pad-to-multiple-bytes (string length)
>   "Return string padded to multiple of MAX bytes."
>   (let* ((bytes (string-bytes string))
> 	 (multiple (* (ceiling bytes length) length)))
>     (string-pad string multiple)))
> 
> > I'm not sure you want to encrypt a zero bytes string at all, but
> > this might get philosophical)
> 
> There may be problems which I will never encounter practically. I know.

:-)

> 
> >  MAX is an unfortunate variable name for that.
> 
> Now is length.

Not yet in the comment, though ;-)

Cheers
 - t

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: Let us see how to encrypt with Emacs?

[Eli Zaretskii]

> Date: Fri, 9 Jul 2021 15:28:36 +0300
> From: Jean Louis <bugs@gnu.support>
> Cc: help-gnu-emacs@gnu.org
> 
> * Eli Zaretskii <eliz@gnu.org> [2021-07-09 14:56]:
> > You are misinterpreting what the manual shows.  STRING in upper-case
> > is a meta-syntactic variable, it means in actual usage you need to
> > _replace_ it with a Lisp string.  So just use "Text to encrypt",
> > without the rest.
> 
> Aaa. That? OK I got confused with the wordings:
> 
> The inputs to GnuTLS cryptographic functions can be specified in several
> ways, both as primitive Emacs Lisp types or as lists.

"Lists" like the ones documented in "Format of GnuTLS Cryptography
Inputs", not just any arbitrary list.