NAME

Crypt::RSA::ES::OAEP - Plaintext-aware encryption with RSA.

SYNOPSIS

    my $oaep = new Crypt::RSA::ES::OAEP; 

    my $ct = $oaep->encrypt( Key => $key, Message => $message ) || 
                die $oaep->errstr; 

    my $pt = $oaep->decrypt( Key => $key, Cyphertext => $ct )   || 
                die $oaep->errstr; 

DESCRIPTION

This module implements Optimal Asymmetric Encryption, a plaintext-aware encryption scheme based on RSA. The notion of plaintext-aware implies it's computationally infeasible to obtain full or partial information about a message from a cyphertext, and computationally infeasible to generate a valid cyphertext without knowing the corresponding message. Plaintext-aware schemes, such as OAEP, are semantically secure, non-malleable and secure against chosen-ciphertext attack. For more information on OAEP and plaintext-aware encryption, see [3], [9] & [13].

METHODS

new()

Constructor.

version()

Returns the version number of the module.

encrypt()

Encrypts a string with a public key and returns the encrypted string on success. encrypt() takes a hash argument with the following mandatory keys:

Message

A string to be encrypted. The length of this string should not exceed k-42 octets, where k is the octet length of the RSA modulus. If Message is longer than k-42, the method will fail and set $self->errstr to "Message too long." This means the key must be at least _336_ bits long if you are to use OAEP.

Key

Public key of the recipient, a Crypt::RSA::Key::Public object.

decrypt()

Decrypts cyphertext with a private key and returns plaintext on success. $self->errstr is set to "Decryption Error." or appropriate error on failure. decrypt() takes a hash argument with the following mandatory keys:

Cyphertext

A string encrypted with encrypt(). The length of the cyphertext must be k octets, where k is the length of the RSA modulus.

Key

Private key of the receiver, a Crypt::RSA::Key::Private object.

Version

Version of the module that was used for creating the Cyphertext. This is an optional argument. When present, decrypt() will ensure before proceeding that the installed version of the module can successfully decrypt the Cyphertext.

ERROR HANDLING

See ERROR HANDLING in Crypt::RSA(3) manpage.

BIBLIOGRAPHY

See BIBLIOGRAPHY in Crypt::RSA(3) manpage.

AUTHOR

Vipul Ved Prakash, <mail@vipul.net>

SEE ALSO

Crypt::RSA(3), Crypt::RSA::Primitives(3), Crypt::RSA::Keys(3), Crypt::RSA::SSA::PSS(3)