diff --git a/src/taoensso/tempel.clj b/src/taoensso/tempel.clj index 0395162..127fba3 100644 --- a/src/taoensso/tempel.clj +++ b/src/taoensso/tempel.clj @@ -26,13 +26,12 @@ (comment (remove-ns 'taoensso.tempel) - (:public (enc/interns-overview))) + (:api (enc/interns-overview))) (enc/assert-min-encore-version [3 68 0]) ;;;; TODO -;; - Confirm: would 512-bit (64 byte) keys be possible? -;; - Move bytes API to encore? (For use by Carmine, Nippy, etc.) +;; - Move bytes API + tests to encore? (For use by Carmine, Nippy, etc.) ;; - General review: API, impln, tests ;; - Initial README and Wiki content (see sketch IMPORT_DOCS.md) ;; - Extra (generative?) tests? @@ -123,7 +122,7 @@ ;;;; Config (enc/defonce default-keypair-creator_ - "Default stateful KeyPair generator with options: + "Default stateful `KeyPair` generator with options: {:buffer-len 16, :n-threads [:perc 10]}" (delay (impl/keypair-creator {:buffer-len 16, :n-threads [:perc 10]}))) @@ -169,7 +168,7 @@ `:hash-algo` ∈ #{:md5 :sha-1 *:sha-256 :sha-512} Hash algorithm used for internal HMACs, etc. - Default: `:sha-256`, and there's usually no good reason to change this. + Default: `:sha-256`, there's usually no good reason to change this. `:pbkdf-algo` ∈ #{*:scrypt-r8p1-v1 :pbkdf2-hmac-sha-256-v1} Algorithm to use for password-based key stretching. @@ -244,7 +243,7 @@ default-config) -(defn get-config "Implementation detail" [opts] (conj (or *config* {}) opts)) +(defn ^:no-doc get-config "Implementation detail" [opts] (enc/fast-merge *config* opts)) (comment (get-config {})) ;;;; Public data @@ -341,8 +340,8 @@ :ba-aad ?ba-aad)) (enc/unexpected-arg! env-kid - :expected :envelope-with-public-data - :context `public-data))))) + {:expected :envelope-with-public-data + :context `public-data}))))) (defn- public-data-test [ba-tempel-output] @@ -369,8 +368,8 @@ :cnt (bytes/utf8-?ba->str ?ba-cnt)) (enc/unexpected-arg! return-kind - :expected #{:ba-content :ba-aad :as-map} - :context context))) + {:expected #{:ba-content :ba-aad :as-map} + :context context}))) (defn encrypt-with-password "Uses a symmetric cipher to encrypt the given byte[] content and return @@ -758,10 +757,10 @@ (return-val env-kid return ba-cnt nil)) (enc/unexpected-arg! env-kid - :context `decrypt-with-1-keypair - :expected - {:encrypted-with-1-keypair-hybrid-v1 - :encrypted-with-1-keypair-simple-v1}))))) + {:context `decrypt-with-1-keypair + :expected + #{:encrypted-with-1-keypair-hybrid-v1 + :encrypted-with-1-keypair-simple-v1}}))))) (comment (let [kc (keychain) diff --git a/src/taoensso/tempel/bytes.clj b/src/taoensso/tempel/bytes.clj index 852d068..23e1085 100644 --- a/src/taoensso/tempel/bytes.clj +++ b/src/taoensso/tempel/bytes.clj @@ -15,7 +15,7 @@ (comment (remove-ns 'taoensso.tempel.bytes) - (:public (enc/interns-overview))) + (:api (enc/interns-overview))) ;;;; Aliases @@ -205,8 +205,8 @@ (seqable? x) (byte-array x) :else (enc/unexpected-arg! x - :context `as-ba - :expected '#{byte-array string char-array int seqable})))) + {:context `as-ba + :expected '#{byte-array string char-array int seqable}})))) (comment (vec (as-ba 16 "hello"))) @@ -238,8 +238,8 @@ (bytes? x) (.toCharArray ^String (utf8-ba->str x)) :else (enc/unexpected-arg! x - :context `as-ca - :expected '#{char-array string byte-array}))) + {:context `as-ca + :expected '#{char-array string byte-array}}))) ;;;; Byte streams diff --git a/src/taoensso/tempel/df.clj b/src/taoensso/tempel/df.clj index c1ba862..9573523 100644 --- a/src/taoensso/tempel/df.clj +++ b/src/taoensso/tempel/df.clj @@ -12,7 +12,7 @@ (comment (remove-ns 'taoensso.tempel.df) - (:public (enc/interns-overview))) + (:api (enc/interns-overview))) ;;;; IDs ;; - `kid` => keyword id, used to uniquely identify some algo/kit/etc. diff --git a/src/taoensso/tempel/impl.clj b/src/taoensso/tempel/impl.clj index ac7e678..d8f7978 100644 --- a/src/taoensso/tempel/impl.clj +++ b/src/taoensso/tempel/impl.clj @@ -15,7 +15,7 @@ (comment (remove-ns 'taoensso.tempel.impl) - (:public (enc/interns-overview))) + (:api (enc/interns-overview))) ;;;; IDs ;; @@ -130,8 +130,8 @@ :sha-256 @md-sha-256_ :sha-512 @md-sha-512_ (enc/unexpected-arg! hash-algo - :expected #{:md5 :sha-1 :sha-256 :sha-512} - :context `as-message-digest)))) + {:expected #{:md5 :sha-1 :sha-256 :sha-512} + :context `as-message-digest})))) (let [ba0 (byte-array 0)] (defn hash-ba-concat @@ -191,8 +191,8 @@ :sha-256 @hmac-sha-256_ :sha-512 @hmac-sha-512_ (enc/unexpected-arg! hash-algo - :expected #{:md5 :sha-1 :sha-256 :sha-512} - :context `as-hmac)))) + {:expected #{:md5 :sha-1 :sha-256 :sha-512} + :context `as-hmac})))) (defn hmac "Returns HMAC of given byte[] secret and byte[] ?content. @@ -236,8 +236,8 @@ :aes-gcm @cipher-aes-gcm_ :aes-cbc @cipher-aes-cbc_ (enc/unexpected-arg! sym-cipher-algo - :expected #{:aes-gcm :aes-cbc} - :context `as-symmetric-cipher)))) + {:expected #{:aes-gcm :aes-cbc} + :context `as-symmetric-cipher})))) (defprotocol ISymmetricCipherKit "Private protocol, lowest level symmetric API. Zero enveloping." @@ -345,23 +345,23 @@ :aes-cbc-256-v1-deprecated sck-aes-cbc-256-v1-deprecated (enc/unexpected-arg! sym-cipher-algo - :expected expected - :context `as-symmetric-cipher-kit)) + {:expected expected + :context `as-symmetric-cipher-kit})) (enc/satisfies! ISymmetricCipherKit sym-cipher-algo - :expected expected - :context `as-symmetric-cipher-kit)))) + {:expected expected + :context `as-symmetric-cipher-kit})))) ;;;; Asymmetric crypto (defn- key-algo-unknown! [x context] (enc/unexpected-arg! x - :context context - :expected - #{:symmetric - :rsa :rsa- - :dh :dh- - :ec :ec-})) + {:context context + :expected + #{:symmetric + :rsa :rsa- + :dh :dh- + :ec :ec-}})) (defn key-algo-info "Returns ?{:keys [kf-algo ka-algo sig-algo cipher-algo, asymmetric? symmetric? wild?]}. @@ -465,7 +465,7 @@ :ec-secp521r1 (.initialize kpg (java.security.spec.ECGenParameterSpec. "secp521r1") sr) ; NIST-P-521 (enc/unexpected-arg! algo-params - :expected #{:ec-secp256-r1})) + {:expected #{:ec-secp256-r1}})) :else (.initialize kpg ^java.security.spec.AlgorithmParameterSpec algo-params sr)) @@ -501,8 +501,8 @@ :ec-secp521r1 (kpg-get "EC" :ec-secp521r1) (enc/unexpected-arg! key-algo - :expected #{:rsa- :dh- :ec-} - :context `as-keypair-generator)))) + {:expected #{:rsa- :dh- :ec-} + :context `as-keypair-generator})))) (defn ^:public keypair-create "Generates and returns a new `java.security.KeyPair` for given @@ -703,8 +703,8 @@ (:ec :ec-secp256r1 :ec-secp384r1 :ec-secp521r1) @kf-ec_ (enc/unexpected-arg! key-algo - :expected #{:rsa :rsa- :dh :dh- :ec :ec-} - :context `as-key-factory)))) + {:expected #{:rsa :rsa- :dh :dh- :ec :ec-} + :context `as-key-factory})))) (let [decode-prv (fn [^java.security.KeyFactory kf ba-prv] (.generatePrivate kf (java.security.spec.PKCS8EncodedKeySpec. ba-prv))) decode-pub (fn [^java.security.KeyFactory kf ba-pub] (.generatePublic kf (java.security.spec.X509EncodedKeySpec. ba-pub)))] @@ -806,8 +806,8 @@ (case asym-cipher-algo :rsa-oaep-sha-256-mgf1 @cipher-rsa-oaep-sha-256-mgf1_ (enc/unexpected-arg! asym-cipher-algo - :expected #{:rsa-oaep-sha-256-mgf1} - :context `as-asymmetric-cipher)))) + {:expected #{:rsa-oaep-sha-256-mgf1} + :context `as-asymmetric-cipher})))) (defn encrypt-asymmetric "Takes `asym-cipher-algo` ∈ #{:rsa-oaep-sha-256-mgf1}. @@ -856,8 +856,8 @@ :dh @ka-dh_ :ecdh @ka-ecdh_ (enc/unexpected-arg! ka-algo - :expected #{:dh :ecdh} - :context `as-key-agreement)))) + {:expected #{:dh :ecdh} + :context `as-key-agreement})))) (defn key-shared-create "Returns the shared key generated by the given key agreement @@ -894,8 +894,8 @@ :sha-256-ecdsa @sig-sha-256-ecdsa_ :sha-512-ecdsa @sig-sha-512-ecdsa_ (enc/unexpected-arg! sig-algo - :expected #{:sha--rsa :sha--ecdsa} - :context `as-signature)))) + {:expected #{:sha--rsa :sha--ecdsa} + :context `as-signature})))) (defn signature-create "Returns the signature created by signing the given content with the diff --git a/src/taoensso/tempel/keys.clj b/src/taoensso/tempel/keys.clj index a01839f..f8cd746 100644 --- a/src/taoensso/tempel/keys.clj +++ b/src/taoensso/tempel/keys.clj @@ -10,7 +10,7 @@ (comment (remove-ns 'taoensso.tempel.keys) - (:public (enc/interns-overview))) + (:api (enc/interns-overview))) (enc/declare-remote taoensso.tempel/get-config @@ -41,7 +41,7 @@ :sym {:key-type :sym, :key-algo key-algo, :symmetric? true, :key-sym key-cnt} :prv {:key-type :prv, :key-algo key-algo, :asymmetric? true, :private? true, :key-prv key-cnt} :pub {:key-type :pub, :key-algo key-algo, :asymmetric? true, :public? true, :key-pub key-cnt} - (enc/unexpected-arg! key-type :expected #{:sym :pub :prv})) + (enc/unexpected-arg! key-type {:expected #{:sym :pub :prv}})) (enc/assoc-some {:key-cnt key-cnt} :key-id ?key-id)))) @@ -115,8 +115,8 @@ :else (fail! (ex-info "Unexpected `ChainKey` :key-sym type" {:expected 'bytes, :actual (type x-key)}))) (enc/unexpected-arg! key-type - :expected #{:prv :pub :sym} - :context `-chainkey))))) + {:expected #{:prv :pub :sym} + :context `-chainkey}))))) (comment [(-chainkey :sym :symmetric nil nil (impl/rand-ba 32)) @@ -256,8 +256,8 @@ :key-id @auto-key-id_) (enc/unexpected-arg! return - :expected #{:keychain :as-map} - :context `keychain-add-symmetric-key)))) + {:expected #{:keychain :as-map} + :context `keychain-add-symmetric-key})))) (comment (keychain-add-symmetric-key (keychain) :random {:return :as-map})) @@ -320,8 +320,8 @@ :key-id @auto-key-id_) (enc/unexpected-arg! return - :expected #{:keychain :as-map} - :context `keychain-add-asymmetric-keypair)))) + {:expected #{:keychain :as-map} + :context `keychain-add-asymmetric-keypair})))) (comment (keychain-add-asymmetric-keypair (keychain) (impl/keypair-create :rsa-1024))) @@ -547,7 +547,7 @@ )) (enc/unexpected-arg! mode - :expected #{:ba-kc-prv :ba-kc-pub})) + {:expected #{:ba-kc-prv :ba-kc-pub}})) mkc (reduce-kv @@ -615,7 +615,7 @@ :prv [:key-prv (impl/as-key-prv key-algo nil key-ba)] :pub [:key-pub (impl/as-key-pub key-algo nil key-ba)] (enc/unexpected-arg! key-type - :expected #{:sym :prv :pub})) + {:expected #{:sym :prv :pub}})) ckey (ChainKey. (have key-type) (have key-algo) nil key-id key-cnt)] {:key-algo key-algo, :priority priority, key-at ckey}))] @@ -1056,8 +1056,8 @@ :cnt (bytes/utf8-?ba->str ?ba-ucnt)) (enc/unexpected-arg! return - :expected #{:keychain :ba-content :ba-aad :as-map} - :context `keychain-decrypt))))))))))) + {:expected #{:keychain :ba-content :ba-aad :as-map} + :context `keychain-decrypt}))))))))))) (comment (keychain-decrypt (keychain-encrypt (keychain) "pwd") "pwd")) diff --git a/src/taoensso/tempel/pbkdf.clj b/src/taoensso/tempel/pbkdf.clj index 39bc839..b8ddf9c 100644 --- a/src/taoensso/tempel/pbkdf.clj +++ b/src/taoensso/tempel/pbkdf.clj @@ -9,7 +9,7 @@ (comment (remove-ns 'taoensso.tempel.pbkdf) - (:public (enc/interns-overview))) + (:api (enc/interns-overview))) ;; Other options incl.: ;; - HKDF Ref. , etc. ; RFC 5869 @@ -62,8 +62,8 @@ (case algo-skf :hmac-sha-256 @skf-pbkdf2-hmac-sha-256_ (enc/unexpected-arg! algo-skf - :expected #{:hmac-sha-256} - :context `as-secret-key-factory-pbkdf2)))) + {:expected #{:hmac-sha-256} + :context `as-secret-key-factory-pbkdf2})))) (defn- pbkdf-pbkdf2 "Password-Based Key Derivation Function as per @@ -169,12 +169,12 @@ :pbkdf2-hmac-sha-256-v1 kit-pbkdf2-hmac-sha-256-v1 :sha-512-v1-deprecated kit-sha-512-v1-deprecated (enc/unexpected-arg! pbkdf-algo - :expected expected - :context `as-pbkdf-kit)) + {:expected expected + :context `as-pbkdf-kit})) (enc/satisfies! IPBKDFKit pbkdf-algo - :expected expected - :context `as-pbkdf-kit)))) + {:expected expected + :context `as-pbkdf-kit})))) (comment (as-pbkdf-kit pbkdf-kit-best-available)) @@ -326,10 +326,10 @@ (:ref-5000-msecs :r5000) (get ref-nwfs :r10) (:ref-max :rmax) rmax (enc/unexpected-arg! nwf - :context `pbkdf-nwf-parse - :expected - #{:ref-10-msecs :ref-50-msecs :ref-100-msecs :ref-200-msecs - :ref-500-msecs :ref-1000-msecs :ref-2000-msecs :ref-5000-msecs})) + {:context `pbkdf-nwf-parse + :expected + #{:ref-10-msecs :ref-50-msecs :ref-100-msecs :ref-200-msecs + :ref-500-msecs :ref-1000-msecs :ref-2000-msecs :ref-5000-msecs}})) nwf))] (if (or (< nwf ^long rmin) (> nwf ^long rmax))