Module crypto.skcipher
Low-level Lua interface to the Linux Kernel Crypto API for symmetric-key ciphers (SKCIPHER).
This module provides a new function to create SKCIPHER transform objects, which can then be used for encryption and decryption with various block cipher algorithms and modes.
Class SKCIPHER
| skcipher:blocksize () | Gets the block size of the SKCIPHER transform. |
| skcipher:decrypt (iv, ciphertext) | Decrypts ciphertext using the SKCIPHER transform. |
| skcipher:encrypt (iv, plaintext) | Encrypts plaintext using the SKCIPHER transform. |
| skcipher:ivsize () | Gets the required initialization vector (IV) size for the SKCIPHER transform. |
| skcipher:setkey (key) | Sets the encryption key for the SKCIPHER transform. |
skcipher
| new (algname) | Creates a new SKCIPHER transform (TFM) object. |
Class SKCIPHER
SKCIPHER Object methods.
These methods are available on SKCIPHER TFM objects created by
crypto_skcipher.new().
- skcipher:blocksize ()
-
Gets the block size of the SKCIPHER transform.
Data processed by encrypt/decrypt should typically be a multiple of this size,
depending on the cipher mode.
Returns:
-
integer
The block size in bytes.
- skcipher:decrypt (iv, ciphertext)
-
Decrypts ciphertext using the SKCIPHER transform.
The IV must match the one used during encryption.
Ciphertext length should be appropriate for the cipher mode.
Parameters:
- iv
string
The Initialization Vector. Its length must match
ivsize(). - ciphertext string The data to decrypt.
Returns:
-
string
The plaintext.
Raises:
Error on decryption failure, incorrect IV length, or allocation issues. - iv
string
The Initialization Vector. Its length must match
- skcipher:encrypt (iv, plaintext)
-
Encrypts plaintext using the SKCIPHER transform.
The IV (nonce) must be unique for each encryption operation with the same key for most modes.
Plaintext length should be appropriate for the cipher mode (e.g., multiple of blocksize).
Parameters:
- iv
string
The Initialization Vector. Its length must match
ivsize(). - plaintext string The data to encrypt.
Returns:
-
string
The ciphertext.
Raises:
Error on encryption failure, incorrect IV length, or allocation issues. - iv
string
The Initialization Vector. Its length must match
- skcipher:ivsize ()
-
Gets the required initialization vector (IV) size for the SKCIPHER transform.
Returns:
-
integer
The IV size in bytes.
- skcipher:setkey (key)
-
Sets the encryption key for the SKCIPHER transform.
Parameters:
- key string The encryption key.
Raises:
Error if setting the key fails (e.g., invalid key length for the algorithm).
skcipher
- new (algname)
-
Creates a new SKCIPHER transform (TFM) object.
This is the constructor function for the
crypto_skciphermodule.Parameters:
- algname string The name of the skcipher algorithm (e.g., "cbc(aes)", "ctr(aes)").
Returns:
-
skcipher
The new SKCIPHER TFM object.
Raises:
Error if the TFM object or kernel request cannot be allocated/initialized.Usage:
local skcipher = require("crypto.skcipher") local cipher = skcipher.new("cbc(aes)")