Crypt::RSA - RSA public-key cryptosystem.
$Revision: 1.37 $ (Beta) $Date: 2001/04/17 19:48:37 $
my $rsa = new Crypt::RSA; my ($public, $private) = $rsa->keygen ( Identity => 'Lord Macbeth <macbeth@glamis.com>', Size => 2048, Password => 'A day so foul & fair', Verbosity => 1, ) or die $rsa->errstr(); my $cyphertext = $rsa->encrypt ( Message => $message, Key => $public Armour => 1, ) || die $rsa->errstr(); my $plaintext = $rsa->decrypt ( Cyphertext => $message, Key => $private Armour => 1, ) || die $rsa->errstr(); my $signature = $rsa->sign ( Message => $message, Key => $private ) || die $rsa->errstr(); my $verify = $rsa->verify ( Message => $message, Signature => $signature, Key => $public ) || die $rsa->errstr();
Crypt::RSA is a pure-perl, cleanroom implementation of the RSA public-key cryptosystem, written atop the blazingly fast number theory library PARI. As far as possible, Crypt::RSA conforms with PKCS #1, RSA Cryptography Specifications v2.1[13].
Crypt::RSA is structured as a bundle of modules that provide arbitrary length key pair generation, plaintext-aware encryption (OAEP) and digital signatures with appendix (PSS). Crypt::RSA provides a convenient, scheme-independent interface to the other modules in the bundle.
Constructor.
keygen() is a synonym for Crypt::RSA::Key::generate(). See Crypt::RSA::Key(3) manpage for usage details.
encrypt() performs RSA encryption on a string of arbitrary length with a public key using the encryption scheme bound to the object at creation. The default scheme is OAEP, implemented in Crypt::RSA::ES::OAEP(3). encrypt() returns cyphertext (a string) on success and a non-true value on failure. It takes a hash as argument with following keys:
An arbitrary length string to be encrypted.
Public key of the recipient, a Crypt::RSA::Key::Public object.
An optional boolean parameter that causes encrypt() to encode the cyphertext as a 6-bit clean ASCII message.
decrypt() performs RSA decryption with a private key using the encryption scheme bound to the object at creation. The default scheme is OAEP, implemented in Crypt::RSA::ES::OAEP(3). decrypt() returns plaintext on success and a non-true value on failure. It takes a hash as argument with following keys:
Encrypted text or arbitrary length.
Private key, a Crypt::RSA::Key::Private object.
Boolean parameter that specifies whether the Cyphertext is encoded in 6-bit ASCII.
sign() creates an RSA signature on a string with a private key using the signature scheme bound to the object at creation. The default scheme is PSS, implemented in Crypt::RSA::SS::PSS(3). sign() returns a signature on success and a non-true value on failure. It takes a hash as argument with following keys:
A string to be signed.
Private key of the sender, a Crypt::RSA::Key::Private object.
An optional boolean parameter that causes sign() to encode the signature as a 6-bit clean ASCII message.
verify() verifies an RSA signature with a public key using the signature scheme bound to the object at creation. The default scheme is PSS, implemented in Crypt::RSA::SS::PSS(3). verify() returns a true value on success and a non-true value on failure. It takes a hash as argument with following keys:
The original signed message, a string of arbitrary length.
Public key of the signer, a Crypt::RSA::Key::Public object.
Signature computed with sign(), a string.
Boolean parameter that specifies whether the Signature is encoded in 6-bit ASCII.
Apart from Crypt::RSA, the following modules are intended for application developer and end-user consumption:
RSA key pair generator.
RSA Public Key Management.
RSA Private Key Management.
Plaintext-aware encryption with RSA.
Probabilistic Signature Scheme based on RSA.
PKCS #1 v1.5 encryption scheme.
PKCS #1 v1.5 signature scheme.
All modules in the Crypt::RSA bundle use a common error handling method. When a method fails it returns a non-true value and sets $self->errstr to a string that explains the reason for the error. Private keys and plaintext representations passed to the method in question are wiped from memory.
Vipul Ved Prakash, <mail@vipul.net>
Thanks to Ilya Zakharevich for answering even the goofiest of my questions regarding Math::Pari with unwavering patience. Shizukesa on #perl for clueing me into the error handling method used in this module and a-mused for good advice.
Copyright (c) 2000-2001, Vipul Ved Prakash. All rights reserved. This code is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
Crypt::RSA::Primitives(3), Crypt::RSA::DataFormat(3), Crypt::RSA::Errorhandler(3), Crypt::RSA::Debug(3), Crypt::Primes(3), Crypt::Random(3), Crypt::CBC(3), Crypt::Blowfish(3), Tie::EncryptedHash(3), Convert::ASCII::Armour(3), Math::Pari(3), crypt-rsa-interoperability(3), crypt-rsa-interoperability-table(3).
pac@lists.vipul.net is a mailing list for discussing development of asymmetric cryptography modules in perl. Please send Crypt::RSA related communications directly to the list address. Subscription interface for pac is at http://lists.vipul.net/mailman/listinfo/pac/
(Chronologically sorted.)
1 POD Error
The following errors were encountered while parsing the POD:
=over without closing =back
To install Crypt::RSA, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Crypt::RSA
CPAN shell
perl -MCPAN -e shell install Crypt::RSA
For more information on module installation, please visit the detailed CPAN module installation guide.