Crypt::PK::DH - Public key cryptography based on Diffie-Hellman
### OO interface #Encryption: Alice my $pub = Crypt::PK::DH->new('Bob_pub_dh1.key'); my $ct = $pub->encrypt("secret message"); # #Encryption: Bob (received ciphertext $ct) my $priv = Crypt::PK::DH->new('Bob_priv_dh1.key'); my $pt = $priv->decrypt($ct); #Signature: Alice my $priv = Crypt::PK::DH->new('Alice_priv_dh1.key'); my $sig = $priv->sign_message($message); # #Signature: Bob (received $message + $sig) my $pub = Crypt::PK::DH->new('Alice_pub_dh1.key'); $pub->verify_message($sig, $message) or die "ERROR"; #Shared secret my $priv = Crypt::PK::DH->new('Alice_priv_dh1.key'); my $pub = Crypt::PK::DH->new('Bob_pub_dh1.key'); my $shared_secret = $priv->shared_secret($pub); #Key generation my $pk = Crypt::PK::DH->new(); $pk->generate_key(128); my $private = $pk->export_key('private'); my $public = $pk->export_key('public'); ### Functional interface #Encryption: Alice my $ct = dh_encrypt('Bob_pub_dh1.key', "secret message"); #Encryption: Bob (received ciphertext $ct) my $pt = dh_decrypt('Bob_priv_dh1.key', $ct); #Signature: Alice my $sig = dh_sign_message('Alice_priv_dh1.key', $message); #Signature: Bob (received $message + $sig) dh_verify_message('Alice_pub_dh1.key', $sig, $message) or die "ERROR"; #Shared secret my $shared_secret = dh_shared_secret('Alice_priv_dh1.key', 'Bob_pub_dh1.key');
DH based encryption as implemented by libtomcrypt. See method "encrypt" below.
my $ct = dh_encrypt($pub_key_filename, $message); #or my $ct = dh_encrypt(\$buffer_containing_pub_key, $message); #or my $ct = dh_encrypt($pub_key_filename, $message, $hash_name);
DH based decryption as implemented by libtomcrypt. See method "decrypt" below.
my $pt = dh_decrypt($priv_key_filename, $ciphertext); #or my $pt = dh_decrypt(\$buffer_containing_priv_key, $ciphertext);
Generate DH signature as implemented by libtomcrypt. See method "sign_message" below.
my $sig = dh_sign_message($priv_key_filename, $message); #or my $sig = dh_sign_message(\$buffer_containing_priv_key, $message); #or my $sig = dh_sign_message($priv_key, $message, $hash_name);
Verify DH signature as implemented by libtomcrypt. See method "verify_message" below.
dh_verify_message($pub_key_filename, $signature, $message) or die "ERROR"; #or dh_verify_message(\$buffer_containing_pub_key, $signature, $message) or die "ERROR"; #or dh_verify_message($pub_key, $signature, $message, $hash_name) or die "ERROR";
Generate DH signature as implemented by libtomcrypt. See method "sign_hash" below.
my $sig = dh_sign_hash($priv_key_filename, $message_hash); #or my $sig = dh_sign_hash(\$buffer_containing_priv_key, $message_hash);
Verify DH signature as implemented by libtomcrypt. See method "verify_hash" below.
dh_verify_hash($pub_key_filename, $signature, $message_hash) or die "ERROR"; #or dh_verify_hash(\$buffer_containing_pub_key, $signature, $message_hash) or die "ERROR";
DH based shared secret generation. See method "shared_secret" below.
#on Alice side my $shared_secret = dh_shared_secret('Alice_priv_dh1.key', 'Bob_pub_dh1.key'); #on Bob side my $shared_secret = dh_shared_secret('Bob_priv_dh1.key', 'Alice_pub_dh1.key');
my $pk = Crypt::PK::DH->new(); #or my $pk = Crypt::PK::DH->new($priv_or_pub_key_filename); #or my $pk = Crypt::PK::DH->new(\$buffer_containing_priv_or_pub_key);
Uses Yarrow-based cryptographically strong random number generator seeded with random data taken from /dev/random (UNIX) or CryptGenRandom (Win32).
/dev/random
CryptGenRandom
$pk->generate_key($keysize); ### $keysize (in bytes) corresponds to DH params (p, g) predefined by libtomcrypt # 96 => DH-768 # 128 => DH-1024 # 160 => DH-1280 # 192 => DH-1536 # 224 => DH-1792 # 256 => DH-2048 # 320 => DH-2560 # 384 => DH-3072 # 512 => DH-4096
$pk->import_key($filename); #or $pk->import_key(\$buffer_containing_key);
my $private = $pk->export_key('private'); #or my $public = $pk->export_key('public');
my $pk = Crypt::PK::DH->new($pub_key_filename); my $ct = $pk->encrypt($message); #or my $ct = $pk->encrypt($message, $hash_name); #NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by L<Crypt::Digest>
my $pk = Crypt::PK::DH->new($priv_key_filename); my $pt = $pk->decrypt($ciphertext);
my $pk = Crypt::PK::DH->new($priv_key_filename); my $signature = $priv->sign_message($message); #or my $signature = $priv->sign_message($message, $hash_name); #NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by L<Crypt::Digest>
my $pk = Crypt::PK::DH->new($pub_key_filename); my $valid = $pub->verify_message($signature, $message) #or my $valid = $pub->verify_message($signature, $message, $hash_name); #NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by L<Crypt::Digest>
my $pk = Crypt::PK::DH->new($priv_key_filename); my $signature = $priv->sign_hash($message_hash);
my $pk = Crypt::PK::DH->new($pub_key_filename); my $valid = $pub->verify_hash($signature, $message_hash);
# Alice having her priv key $pk and Bob's public key $pkb my $pk = Crypt::PK::DH->new($priv_key_filename); my $pkb = Crypt::PK::DH->new($pub_key_filename); my $shared_secret = $pk->shared_secret($pkb); # Bob having his priv key $pk and Alice's public key $pka my $pk = Crypt::PK::DH->new($priv_key_filename); my $pka = Crypt::PK::DH->new($pub_key_filename); my $shared_secret = $pk->shared_secret($pka); # same value as computed by Alice
my $rv = $pk->is_private; # 1 .. private key loaded # 0 .. public key loaded # undef .. no key loaded
my $size = $pk->is_private; # returns key size in bytes or undef if no key loaded
my $hash = $pk->key2hash; # returns hash like this (or undef if no key loaded): { type => 0, size => 256, name => "DH-2048", x => "FBC1062F73B9A17BB8473A2F5A074911FA7F20D28FB...", y => "AB9AAA40774D3CD476B52F82E7EE2D8A8D40CD88BF4...", }
To install CryptX, copy and paste the appropriate command in to your terminal.
cpanm
cpanm CryptX
CPAN shell
perl -MCPAN -e shell install CryptX
For more information on module installation, please visit the detailed CPAN module installation guide.