NAME

Crypt::Perl - Cryptography in Pure Perl

DESCRIPTION

Just as it sounds: cryptography with no non-core XS dependencies! This is useful if you don’t have access to other tools that do this work like OpenSSL, CryptX, etc. Of course, if you do have access to one of those tools, they may suit your purpose better.

See submodules for usage examples of:

Key generation
Key parsing
Signing & verification
Encryption & decryption
Import (Crypt::Perl::PK) from & export to JSON Web Key format
JWK thumbprints
Certificate Signing Request (PKCS #10) generation (Crypt::Perl::PKCS10)
SSL/TLS certificate (X.509) generation (Crypt::Perl::X509v3), including a broad variety of extensions

SUPPORTED PUBLIC KEY ENCRYPTION ALGORITHMS

RSA
ECDSA

SECURITY

Given the number of original tests in this distribution, I am reasonably confident that this code is as secure as the random number generation in Bytes::Random::Secure::Tiny can allow. The tests verify the logic here against OpenSSL, on which millions of applications rely every day.

That said: NO GUARANTEES!!! The tests here are original, but the production logic is ported from elsewhere. There has been no formal security review. I found at least one security flaw in one of the source libraries; there may be more.

Of course, OpenSSL has not been trouble-free, either!

Caveat emptor.

SPEED

RSA key generation is slow—too slow, probably, unless you have Math::BigInt::GMP or Math::BigInt::Pari (either of which requires XS). It’s one application where pure-Perl cryptography just doesn’t seem feasible. :-( Everything else, though, including all ECDSA operations, should be fine.

TODO

There are TODO items listed in the submodules; the following are general to the entire distribution.

Document the exception system so that applications can use it.
Add more tests, e.g., against CryptX.
Some formal security audit would be nice.
Make it faster :)

ACKNOWLEDGEMENTS

Much of the logic here comes from Kenji Urushima’s jsrsasign.

Most of the tests depend on the near-ubiquitous OpenSSL, without which the Internet would be a very, very different reality from what we know!

Other parts are ported from LibTomCrypt.

LICENSE

This library is licensed under the same license as Perl.

AUTHOR

Felipe Gasper (FELIPE)

To install Crypt::Perl, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Crypt::Perl

CPAN shell

perl -MCPAN -e shell
install Crypt::Perl

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)