World: r3wp

I use win-call/output in the Red testing framework - it works on 
both Win/XP and Win/7 under REBOL 2.7.8

the only downside is that it can't be run under Core.

The best what I get with e.g >> win-call/output "dir"  str: make 
string! 1024  is  either "The operation completed successfully." 
and then an empty file with the name "call-error-695.log" and following 
"A file can not be created if it already exists."
But this problem probably belongs to cheyene e.a. .groups,.

The biggest issue with CALL on different versions is whether you 
use a version that requires /SHOW, which was added in newer releases 
and causes some compatibility issues. If your process works without 
showing the window, it shouldn't much matter (unless you go waaaayyy 
back).

Folks, I'd like to use encryption, to encrypt some json records and 
deploy it to the browser and decrypt it using this algorithm at  
http://www.fourmilab.ch/javascrypt/javascrypt.html

to do this, I need to encrypt my json records using Rebol in the 
server using 'crypt scheme. Do you have a cookbook to do this?

I tried the recipe but it's giving invalid port. I have SDK, license 
file, but it's not working.

I'd like to encrypt json text using Rebol and AES encryption. And 
decrypt this using javascript. Do you have any idea how to do this 
using Rebol. I mean the AES encryption. I mean : txt: "blablablba" 
 key: #CEDEFF.. encrypt  txt key   ...  using AES rhinjael algorithm 
.. thanks

If I use  encloak, I really don't know how to decrypt this using 
javascript.

rondon,

you have to check that the choosen encryption scheme is compatible 
on both sides. at least SHA-1 / MD5 should work.

here you have some javasript routines:
	http://www.movable-type.co.uk/scripts/sha1.html
	http://pajhome.org.uk/crypt/md5/index.html

howto rebol:
http://www.rebol.com/docs/words/wchecksum.html


just send some test data and adjust the encryption scheme at the 
javasript side.

with luck, the rebol implementation is suitable for the routines 
above.

ps: please report which one works ;-)

Rondon, Rebol encryption is well described in this secure document 
http://www.rebol.com/how-to/encrypt.html#section-15

Which refers to http://www.rebol.org/view-script.r?script=crypt.r

I tried to do AES encryption but anything I encypted was not de-crpytable 
by standard tools

Graham, you probably just had the IV or padding wrong.

TomBon: hashing and encryption are not the same thing.

Gab, at the time I asked if anyone had any success in this ... and 
there was no one.

Hi Folks I tried the simple example

crypt: func [
    "Encrypts or decrypts data and returns the result."
    data [any-string!] "Data to encrypt or decrypt"
    akey [binary!] "The encryption key"
    /decrypt "Decrypt the data"
    /binary "Produce binary decryption result."
    /local port
][
    port: open [
        scheme: 'crypt
        direction: pick [encrypt decrypt] not decrypt
        key: akey
        padding: true
    ]
    insert port data
    update port
    data: copy port
    close port
    if all [decrypt not binary] [data: to-string data]
    data
]

A full function header is used so you can get help on the function 
later:

help crypt
The previous examples now become:

data: crypt "This is a string" #{1122334455667788}

probe crypt/decrypt data #{1122334455667788}

probe doesn't show "this is a string" but another sequence of characters

I think I'm gonna use this cybersafer script .

REBOL [
Title: "ARCFOUR and CipherSaber"
Date: 17-Jan-2004
File: %arcfour.r
Author: "Cal Dixon"

Purpose: {Provides encryption and decryption using the ARCFOUR algorithm}

Note: {this implementation can decrypt data at about 40KB/s on my 
1Ghz AMD Duron system with Rebol/View 1.2.10.3.1}
Library: [
level: 'advanced
platform: 'all
type: [function module protocol]
domain: [encryption scheme]
tested-under: [view 1.2.10.3.1 on [W2K] by "Cal"]
license: 'PD
support: none
]
]


;ARCFOUR specification: http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt

;CipherSabre specification: http://ciphersaber.gurus.com/faq.html#getrc4


arcfour-short: func [key [string! binary!] stream [binary! string!] 
/mix n /local state i j output swap addmod sz][

swap: func [a b s /local][ local: sz s a poke s a + 1 to-char sz 
s b poke s b + 1 to-char local ]
addmod: func [ a b ][ a + b // 256 ]
sz: func [ s a ][ pick s a + 1 ]

state: make binary! 256 repeat var 256 [ insert tail state to-char 
var - 1 ]

j: 0 loop any [ n 1 ] [ i: 0 loop 256 [ swap i j: addmod j add sz 
state i sz key i // length? key state i: i + 1] ]
i: j: 0 output: make binary! length? stream
repeat byte stream [
swap i: addmod i 1 j: addmod j sz state i state

insert tail output to-char xor~ byte to-char sz state addmod (sz 
state i) (sz state j)
]
clear state
return output
] 

make root-protocol [
addmod: addmod: func [ a b ][ a + b // 256 ]
sz: func [ s a ][ pick s a + 1 ]

swap: func [a b s /local][ local: sz s a poke s a + 1 to-char sz 
s b poke s b + 1 to-char local ]
ins: get in system/words 'insert
i: 0 j: 0
open: func [port][
port/state/tail: 2000
port/state/index: 0
port/state/flags: port/state/flags or port-flags

port/locals: context [ inbuffer: make binary! 40000 state: make binary! 
256]
use [key n i j] [
key: port/key
n: port/strength
repeat var 256 [ ins tail port/locals/state to-char var - 1 ]
j: 0 loop any [ n 1 ] [
i: 0 loop 256 [

swap i j: addmod j add sz port/locals/state i sz key i // length? 
key port/locals/state i: i + 1
]
]
]
i: j: 0
]
insert: func [port data][
system/words/insert tail port/locals/inbuffer data do []
]
copy: func [port /local output][
output: make binary! local: length? port/locals/inbuffer
loop local [

swap i: addmod i 1 j: addmod j sz port/locals/state i port/locals/state

ins tail output to-char sz port/locals/state addmod (sz port/locals/state 
i) (sz port/locals/state j)
]
local: xor~ output port/locals/inbuffer
clear port/locals/inbuffer
local
]

close: func [port][ clear port/locals/inbuffer clear port/locals/state 
clear port/url clear port/key]
port-flags: system/standard/port-flags/pass-thru
net-utils/net-install arcfour self 0
]

arcfour: func [key stream /mix n /local port][
port: open compose [scheme: 'arcfour key: (key) strength: (n)]
insert port stream
local: copy port
close port
return local
]


; CipherSaber is an ARCFOUR stream prepended with 10 bytes of random 
key data
ciphersaber: func [ key stream /v2 n ][

arcfour/mix join key copy/part stream 10 skip stream 10 either v2 
[ any [ n 42 ] ][ 1 ]
]

I've found this 2 scripts:

http://user1.matsumoto.ne.jp/~goma/js/blowfish.html

http://code.google.com/p/crypto-js/

I'm thinking to convert line by line. I really don't know it's not 
in the Rebol/Core. Years ago, it should have a market value to pay 
for it, but now,  I really don't know why Carl doesn't include this 
in Rebol/Core.

At least it must be for free in R3

Rondon, Using Rebol View 2.7.8.3.1 on Win/XP I ran your test and 
decrypt gives back "This is a string"

Mike, I'm using Rebol /Cmd, because when I call rebol/view at my 
isp, I receive an error of libX not found..

gab, right. e.g md5 for simple password security and rsa for dataflow. 
the javascript link above containing RSA functions too just to step 
in.

Graham: IIRC Maarten was able to use AES with REBOL and OpenSSL. 
I seem to remember that I had tried that and was successful as well. 
In any case, the only reason I can think of that would make it not 
work is a difference in the IV and padding.

Graham: I was able to implement TLS1.0 protocol configured to use 
the TLS_RSA_WITH_RC4_128_SHA cipher-suite. All the mentioned algorithms 
were calculated using the  build-in Rebol2 encryption functionality. 
I had no problems regarding the compatibility. I haven't tried the 
cipher-suite with the AES enctryption though but my guess it will 
work as well.

Cyphre: do you plan to release it in open source? Is your implementation 
client-side, server-side or both? It would be a great addition to 
Cheyenne to support SSL natively.

That's how imo SSL support should be implemented - not as an hardwired 
C implementation, but using Rebol crypto facilities, and being part 
of Core, not Command ...

Interesting ...

Ditto on what doc says

Doc: the code is in sort of "prototype state" and It was meant as 
possible implementation for R3 in future (once Carl put the encryption 
algorithms codebase into the R3/host-kit or someone write an extension 
for that).

I wrote it because I wanted to know if we could get rid of unnecesary 
C code that is currently in R2 to just handle the protocol logic 
while the performance of the crypto algorithms will remain in C. 
The current size is less than 20Kb of Rebol script code so IMO it 
could be useful and also easier maintainable way.

Currently it works in client-side mode only but there is already 
support for ASN.1 certificates also I tried to write the code so 
the server-side mode and other cipher-suites shouldn't be hard to 
add.

I plan to release the prototype to open public after some cleanup 
but if you want to waste some time with the current 'raw stuff' just 
post me privately and I'll send you a copy.

github?

ok, you can get it here: https://github.com/cyphre/tls-prototype

(use at your own risk ;))

Cool, thanks Cyphre! There's no license attached, you should at least 
add a MIT/BSD license in the header.

+1

Thanks Cyphre, _much_ appreciated.

Doc: license added.

Thanks. :-)