- SUPPORTED PUBLIC KEY ENCRYPTION ALGORITHMS
Crypt::Perl - Cryptography in Pure Perl
Just as it sounds: cryptography with no non-core XS dependencies! This is useful if you don’t have access to other tools that do this work like OpenSSL, CryptX, etc. Of course, if you do have access to one of those tools, they may suit your purpose better.
See submodules for usage examples of:
Signing & verification
Encryption & decryption
Certificate Signing Request (CSR) generation (PKCS #10), using RSA or ECDSA (Crypt::Perl::PKCS10)
NO GUARANTEES!!! So far this is just my own effort—and a port of existing (likely also un-audited) logic at that. There has been no formal security review. I did find one security problem in one of the source libraries; there may well be more.
That said, I am reasonably confident that this is a “good enough” effort for the intended circumstance (i.e., no access to other tools). Patches are always welcome! :)
Most operations here are reasonably quick, but certain ones (e.g., RSA key generation) are pretty slow. Depending on your use case, this may or may not be workable for you. It will always, of course, be slower than C-based implementations like OpenSSL or LibTomCrypt. This code does take advantage of XS-based backends for modules like Math::BigInt and Bytes::Random::Secure::Tiny where available.
There are TODO items listed in the submodules; the following are general to the entire distribution.
Security audit. A check against OpenSSL or LibTomCrypt would be awesome. I find OpenSSL overly confusing to read, and I didn’t think to check LibTomCrypt until I had solved the major problems.
Document the exception system so that applications can use it.
Add more tests.
Make it faster :)
Much of the logic here comes from Kenji Urushima’s jsrsasign.
Most of the tests depend on the near-ubiquitous OpenSSL, without which the Internet would be a very, very different reality from what we know!
This library is licensed under the same license as Perl.
Felipe Gasper (FELIPE)