Ironclad
Ironclad is a Common Lisp Cryptography package; several block encryption algorithms and hash functions are included with the initial release. Its initial impetus was to unify several of the cryptographic packages for Common Lisp (such as the MD5 and SHA1 implementations floating around), but it aims at providing a cryptographic toolkit similar in scope to something like OpenSSL or Crypto++.

  • Supported ciphers: AES, DES, 3DES, Blowfish, Twofish, RC5, RC6, Arcfour (RC4)
  • Supported hash functions: MD4, MD5, SHA1, SHA256, Tiger, Adler32, CRC32 (also supports tree hashes)
  • RFC 2104 HMACs and RFC 4493 CMACs
  • Public key schemes: DSA signing and verification
  • Key derivation functions: PBKDF1, PBKDF2 (RFC 2898)

The Ironclad homepage and package documentation can be found at:

http://method-combination.net/lisp/ironclad/

Ironclad can be downloaded from:

ASDF-install package (obsolete) http://www.method-combination.net/lisp/files/ironclad.tar.gz

An ASDF package-definition file is included, and the current release should be ASDF-installable.

The SHA-1 and SHA-256 hash functions do not work under CLISP versions earlier than 2.34. Please upgrade your CLISP installation. (The failures are related to CLISP's handling of (LOOP ... FINALLY ...).)

Ironclad is distributed under a liberal X11/MIT-like license.

Debian package

Ironclad has been packaged for Debian. You can just apt-get install it.

The latest Debian package sources can be found among the CL-Debian repositories.

Note however that the Debian package lacks some cryptographic algorithms, removed due to patent issues. More information here.

Using Ironclad

Tell us how you are using Ironclad:

  • To encrypt passwords for a web site, for that I created the following function:
(<span style="color: #a020f0;">defun</span> <span style="color: #0000ff;">hash-password</span> (password)
  (ironclad:byte-array-to-hex-string 
   (ironclad:digest-sequence 
    <span style="color: #7a378b;">:sha256</span> 
    (ironclad:ascii-string-to-byte-array password))))

  • Very simple example of encrypting and decrypting a message using the blowfish algorithm :
  • (push <span style="color: #8b2252;">"/home/mcarter/ironclad_0.20.1/"</span> asdf:*central-registry*) <span style="color: #b22222;">;</span><span style="color: #b22222;">or something similar
    </span>(asdf:oos 'asdf:load-op 'ironclad)
    
    (<span style="color: #a020f0;">defun</span> <span style="color: #0000ff;">cipher-example</span> (message password)
      (<span style="color: #a020f0;">let*</span> ((iv (ironclad:ascii-string-to-byte-array password)) 
             (cipher (ironclad:make-cipher <span style="color: #7a378b;">:blowfish</span>  <span style="color: #7a378b;">:mode</span> <span style="color: #7a378b;">:ecb</span>  <span style="color: #7a378b;">:key</span> iv)))
        (setf message (ironclad:ascii-string-to-byte-array message))
        (format t <span style="color: #8b2252;">"original message as bytes:~A~%"</span> message)
        (ironclad:encrypt-in-place cipher message)   
        (format t <span style="color: #8b2252;">"encrypted message as bytes:~A~%"</span> message)
        (ironclad:decrypt-in-place cipher message)
        <span style="color: #b22222;">;; </span><span style="color: #b22222;">convert the message back to a string
    </span>    (setf message (coerce message 'list))
        (setf message (mapcar #'code-char message))
        (setf message (coerce message 'string))
        (format t <span style="color: #8b2252;">"your original message was:*~A*~%"</span> message)))
    
    * (cipher-example <span style="color: #8b2252;">"ironclad is a way of encrypting and decrypting messages"</span> <span style="color: #8b2252;">"my password"</span>)
    
    original message as bytes:#(105 114 111 110 99 108 97 100 32 105 115 32 97 32
                                  119 97 121 32 111 102 32 101 110 99 114 121 112
                                  116 105 110 103 32 97 110 100 32 100 101 99 114
                                  121 112 116 105 110 103 32 109 101 115 115 97 103
                                  101 115)
    encrypted message as bytes:#(206 106 66 158 68 233 4 198 157 196 72 39 13 110
                                 140 102 0 27 7 177 80 46 144 203 187 69 89 95 208
                                 51 206 149 172 158 127 210 90 210 19 240 224 252
                                 137 13 19 206 188 20 101 115 115 97 103 101 115)
    your original message was:*ironclad is a way of encrypting and decrypting messages*
    NIL

  • A more functional (hopefully simpler) example

  • (<a href="http://www.quicklisp.org/beta/">ql:quickload</a> <span style="color: #7a378b;">:ironclad</span>)
    (<span style="color: #a020f0;">defun</span> <span style="color: #0000ff;">get-cipher</span> (key) (ironclad:make-cipher <span style="color: #7a378b;">:blowfish</span> <span style="color: #7a378b;">:mode</span> <span style="color: #7a378b;">:ecb</span> <span style="color: #7a378b;">:key</span> (ironclad:ascii-string-to-byte-array key)))
    
    (<span style="color: #a020f0;">defun</span> <span style="color: #0000ff;">encrypt</span> (plaintext key)
      (<span style="color: #a020f0;">let</span> ((cipher (get-cipher key))
            (msg (ironclad:ascii-string-to-byte-array plaintext)))
        (ironclad:encrypt-in-place cipher msg)
        (ironclad:octets-to-integer msg)))
    
    (<span style="color: #a020f0;">defun</span> <span style="color: #0000ff;">decrypt</span> (ciphertext-int key)
      (<span style="color: #a020f0;">let</span> ((cipher (get-cipher key))
            (msg (ironclad:integer-to-octets ciphertext-int)))
        (ironclad:decrypt-in-place cipher msg)
        (coerce (mapcar #'code-char (coerce msg 'list)) 'string)))
    
    * (<span style="color: #a020f0;">defvar</span> <span style="color: #a0522d;">test</span> (encrypt <span style="color: #8b2252;">"A simple test message"</span> <span style="color: #8b2252;">"pass"</span>))
    TEST
    
    * test
    369463901797626567104213850270827601164336028018533
    
    * (decrypt test <span style="color: #8b2252;">"pass"</span>)
    <span style="color: #8b2252;">"A simple test message"</span>