156 | 156 |
### OO interface
|
157 | 157 |
|
158 | 158 |
#Encryption: Alice
|
159 | |
my $pub = Crypt::PK::DH->new('Bob_pub_dh1.der');
|
|
159 |
my $pub = Crypt::PK::DH->new('Bob_pub_dh1.key');
|
160 | 160 |
my $ct = $pub->encrypt("secret message");
|
161 | 161 |
#
|
162 | 162 |
#Encryption: Bob (received ciphertext $ct)
|
163 | |
my $priv = Crypt::PK::DH->new('Bob_priv_dh1.der');
|
|
163 |
my $priv = Crypt::PK::DH->new('Bob_priv_dh1.key');
|
164 | 164 |
my $pt = $priv->decrypt($ct);
|
165 | 165 |
|
166 | 166 |
#Signature: Alice
|
167 | |
my $priv = Crypt::PK::DH->new('Alice_priv_dh1.der');
|
|
167 |
my $priv = Crypt::PK::DH->new('Alice_priv_dh1.key');
|
168 | 168 |
my $sig = $priv->sign_message($message);
|
169 | 169 |
#
|
170 | 170 |
#Signature: Bob (received $message + $sig)
|
171 | |
my $pub = Crypt::PK::DH->new('Alice_pub_dh1.der');
|
|
171 |
my $pub = Crypt::PK::DH->new('Alice_pub_dh1.key');
|
172 | 172 |
$pub->verify_message($sig, $message) or die "ERROR";
|
173 | 173 |
|
174 | 174 |
#Shared secret
|
175 | |
my $priv = Crypt::PK::DH->new('Alice_priv_dh1.der');
|
176 | |
my $pub = Crypt::PK::DH->new('Bob_pub_dh1.der');
|
|
175 |
my $priv = Crypt::PK::DH->new('Alice_priv_dh1.key');
|
|
176 |
my $pub = Crypt::PK::DH->new('Bob_pub_dh1.key');
|
177 | 177 |
my $shared_secret = $priv->shared_secret($pub);
|
178 | 178 |
|
179 | 179 |
#Key generation
|
|
185 | 185 |
### Functional interface
|
186 | 186 |
|
187 | 187 |
#Encryption: Alice
|
188 | |
my $ct = dh_encrypt('Bob_pub_dh1.der', "secret message");
|
|
188 |
my $ct = dh_encrypt('Bob_pub_dh1.key', "secret message");
|
189 | 189 |
#Encryption: Bob (received ciphertext $ct)
|
190 | |
my $pt = dh_decrypt('Bob_priv_dh1.der', $ct);
|
|
190 |
my $pt = dh_decrypt('Bob_priv_dh1.key', $ct);
|
191 | 191 |
|
192 | 192 |
#Signature: Alice
|
193 | |
my $sig = dh_sign_message('Alice_priv_dh1.der', $message);
|
|
193 |
my $sig = dh_sign_message('Alice_priv_dh1.key', $message);
|
194 | 194 |
#Signature: Bob (received $message + $sig)
|
195 | |
dh_verify_message('Alice_pub_dh1.der', $sig, $message) or die "ERROR";
|
|
195 |
dh_verify_message('Alice_pub_dh1.key', $sig, $message) or die "ERROR";
|
196 | 196 |
|
197 | 197 |
#Shared secret
|
198 | |
my $shared_secret = dh_shared_secret('Alice_priv_dh1.der', 'Bob_pub_dh1.der');
|
|
198 |
my $shared_secret = dh_shared_secret('Alice_priv_dh1.key', 'Bob_pub_dh1.key');
|
199 | 199 |
|
200 | 200 |
=head1 FUNCTIONS
|
201 | 201 |
|
202 | 202 |
=head2 dh_encrypt
|
203 | 203 |
|
204 | |
DH based encryption. See method L</encrypt> below.
|
|
204 |
DH based encryption as implemented by libtomcrypt. See method L</encrypt> below.
|
205 | 205 |
|
206 | 206 |
my $ct = dh_encrypt($pub_key_filename, $message);
|
207 | 207 |
#or
|
208 | 208 |
my $ct = dh_encrypt(\$buffer_containing_pub_key, $message);
|
|
209 |
#or
|
|
210 |
my $ct = dh_encrypt($pub_key_filename, $message, $hash_name);
|
209 | 211 |
|
210 | 212 |
=head2 dh_decrypt
|
211 | 213 |
|
212 | |
DH based decryption. See method L</decrypt> below.
|
|
214 |
DH based decryption as implemented by libtomcrypt. See method L</decrypt> below.
|
213 | 215 |
|
214 | 216 |
my $pt = dh_decrypt($priv_key_filename, $ciphertext);
|
215 | 217 |
#or
|
|
217 | 219 |
|
218 | 220 |
=head2 dh_sign_message
|
219 | 221 |
|
220 | |
Generate DH signature. See method L</sign_message> below.
|
|
222 |
Generate DH signature as implemented by libtomcrypt. See method L</sign_message> below.
|
221 | 223 |
|
222 | 224 |
my $sig = dh_sign_message($priv_key_filename, $message);
|
223 | 225 |
#or
|
|
227 | 229 |
|
228 | 230 |
=head2 dh_verify_message
|
229 | 231 |
|
230 | |
Verify DH signature. See method L</verify_message> below.
|
|
232 |
Verify DH signature as implemented by libtomcrypt. See method L</verify_message> below.
|
231 | 233 |
|
232 | 234 |
dh_verify_message($pub_key_filename, $signature, $message) or die "ERROR";
|
233 | 235 |
#or
|
|
237 | 239 |
|
238 | 240 |
=head2 dh_sign_hash
|
239 | 241 |
|
240 | |
Generate DH signature. See method L</sign_hash> below.
|
|
242 |
Generate DH signature as implemented by libtomcrypt. See method L</sign_hash> below.
|
241 | 243 |
|
242 | 244 |
my $sig = dh_sign_hash($priv_key_filename, $message_hash);
|
243 | 245 |
#or
|
|
245 | 247 |
|
246 | 248 |
=head2 dh_verify_hash
|
247 | 249 |
|
248 | |
Verify DH signature. See method L</verify_hash> below.
|
|
250 |
Verify DH signature as implemented by libtomcrypt. See method L</verify_hash> below.
|
249 | 251 |
|
250 | 252 |
dh_verify_hash($pub_key_filename, $signature, $message_hash) or die "ERROR";
|
251 | 253 |
#or
|
|
255 | 257 |
|
256 | 258 |
DH based shared secret generation. See method L</shared_secret> below.
|
257 | 259 |
|
258 | |
my $shared_secret = dh_shared_secret('Alice_priv_dh1.der', 'Bob_pub_dh1.der');
|
|
260 |
#on Alice side
|
|
261 |
my $shared_secret = dh_shared_secret('Alice_priv_dh1.key', 'Bob_pub_dh1.key');
|
|
262 |
|
|
263 |
#on Bob side
|
|
264 |
my $shared_secret = dh_shared_secret('Bob_priv_dh1.key', 'Alice_pub_dh1.key');
|
259 | 265 |
|
260 | 266 |
=head1 METHODS
|
261 | 267 |
|
|
273 | 279 |
random data taken from C</dev/random> (UNIX) or C<CryptGenRandom> (Win32).
|
274 | 280 |
|
275 | 281 |
$pk->generate_key($keysize);
|
276 | |
# $keysize:
|
|
282 |
### $keysize (in bytes) corresponds to DH params (p, g) predefined by libtomcrypt
|
277 | 283 |
# 96 => DH-768
|
278 | 284 |
# 128 => DH-1024
|
279 | 285 |
# 160 => DH-1280
|
|
300 | 306 |
|
301 | 307 |
my $pk = Crypt::PK::DH->new($pub_key_filename);
|
302 | 308 |
my $ct = $pk->encrypt($message);
|
|
309 |
#or
|
|
310 |
my $ct = $pk->encrypt($message, $hash_name);
|
|
311 |
|
|
312 |
#NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by L<Crypt::Digest>
|
303 | 313 |
|
304 | 314 |
=head2 decrypt
|
305 | 315 |
|