NAME

Crypt::Perl::ECDSA - Elliptic curve cryptography in pure Perl

SYNOPSIS

my $pub_key1 = Crypt::Perl::ECDSA::Parse::public($pem_or_der);
my $prv_key1 = Crypt::Perl::ECDSA::Parse::private($pem_or_der);

#----------------------------------------------------------------------

my $prkey_by_name = Crypt::Perl::ECDSA::Generate::by_name('secp521r1');

#Probably only useful for trying out a custom curve?
my $prkey_by_curve = Crypt::Perl::ECDSA::Generate::by_explicit_curve(
    {
        p => ..., #isa Crypt::Perl::BigInt
        a => ..., #isa Crypt::Perl::BigInt
        b => ..., #isa Crypt::Perl::BigInt
        n => ..., #isa Crypt::Perl::BigInt
        h => ..., #isa Crypt::Perl::BigInt
        gx => ..., #isa Crypt::Perl::BigInt
        gy => ..., #isa Crypt::Perl::BigInt
    },
);

my $der = $prkey->to_der_with_curve_name();

my $der2 = $prkey->to_der_with_explicit_curve_name();

#----------------------------------------------------------------------

my $msg = 'My message';

my $hash = Digest::SHA::sha256($msg);

my $sig = $private->sign($hash);

die 'Wut' if !$private->verify($hash, $sig);

die 'Wut' if !$public->verify($hash, $sig);

DISCUSSION

See the documentation for Crypt::Perl::ECDSA::PublicKey and Crypt::Perl::ECDSA::PrivateKey for discussions of what these interfaces can do.

SECURITY

The security advantages of elliptic-curve cryptography (ECC) are a matter of some controversy. While the math itself is apparently bulletproof, there are varying opinions about the integrity of the various curves that are recommended for ECC. Some believe that some curves contain “backdoors” that would allow NIST to sniff a transmission. For more information, look at http://safecurves.cr.yp.to.

That said, RSA will eventually no longer be viable: as RSA keys get bigger, the security advantage of increasing their size diminishes.

Crypt::Perl “has no opinion” regarding which curves you use; it ships all of the prime-field curves that (OpenSSL) includes and works with any of them. You can try out custom curves as well.

TODO

Functionality can be augmented as feature requests come in. Patches are welcome—particularly with tests!

In particular, it would be great to support characteristic-two curves, though almost everything seems to expect the prime-field variety. (OpenSSL is the only implementation I know of that supports characteristic-two.)

ACKNOWLEDGEMENTS

The ECDSA logic here is ported from Kenji Urushima’s jsrsasign.

Curve data is copied from OpenSSL. (See the script included in the distribution.)

To install Crypt::Perl, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Crypt::Perl

CPAN shell

perl -MCPAN -e shell
install Crypt::Perl

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)