NAME

Crypt::PK::Ed25519 - Digital signature based on Ed25519

SYNOPSIS

METHODS

new

generate_key

Uses Yarrow-based cryptographically strong random number generator seeded with random data taken from /dev/random (UNIX) or CryptGenRandom (Win32).

$pk->generate_key;

import_key

Loads private or public key in DER or PEM format.

$pk->import_key($filename);
#or
$pk->import_key(\$buffer_containing_key);

Support for password protected PEM keys:

$pk->import_key($filename, $password);
#or
$pk->import_key(\$buffer_containing_key, $password);

Loading private or public keys form perl hash:

$pk->import_key($hashref);

# the $hashref is either a key exported via key2hash
$pk->import_key({
     curve => "ed25519",
     pub   => "A05D1AEA5830AC9A65CDFB384660D497E3697C46B419CF2CEC85DE8BD245459D",
     priv  => "45C109BA6FD24E8B67D23EFB6B92D99CD457E2137172C0D749FE2B5A0C142DAD",
});

# or a hash with items corresponding to JWK (JSON Web Key)
$pk->import_key({
      kty => "OKP",
      crv => "Ed25519",
      d   => "RcEJum_STotn0j77a5LZnNRX4hNxcsDXSf4rWgwULa0",
      x   => "oF0a6lgwrJplzfs4RmDUl-NpfEa0Gc8s7IXei9JFRZ0",
});

Supported key formats:

# all formats can be loaded from a file
my $pk = Crypt::PK::Ed25519->new($filename);

# or from a buffer containing the key
my $pk = Crypt::PK::Ed25519->new(\$buffer_with_key);

• Ed25519 private keys in PEM format

  -----BEGIN ED25519 PRIVATE KEY-----
  MC4CAQAwBQYDK2VwBCIEIEXBCbpv0k6LZ9I++2uS2ZzUV+ITcXLA10n+K1oMFC2t
  -----END ED25519 PRIVATE KEY-----

• Ed25519 private keys in password protected PEM format

  -----BEGIN ED25519 PRIVATE KEY-----
  Proc-Type: 4,ENCRYPTED
  DEK-Info: DES-CBC,6A64D756D49C1EFF
  
  8xQ7OyfQ10IITNEKcJGZA53Z1yk+NJQU7hrKqXwChZtgWNInhMBJRl9pozLKDSkH
  v7u6EOve8NY=
  -----END ED25519 PRIVATE KEY-----

• PKCS#8 private keys

  -----BEGIN PRIVATE KEY-----
  MC4CAQAwBQYDK2VwBCIEIEXBCbpv0k6LZ9I++2uS2ZzUV+ITcXLA10n+K1oMFC2t
  -----END PRIVATE KEY-----

• PKCS#8 encrypted private keys

  -----BEGIN ENCRYPTED PRIVATE KEY-----
  MIGHMEsGCSqGSIb3DQEFDTA+MCkGCSqGSIb3DQEFDDAcBAjPx9JkdpRH2QICCAAw
  DAYIKoZIhvcNAgkFADARBgUrDgMCBwQIWWieQojaWTcEOGj43SxqHUys4Eb2M27N
  AkhqpmhosOxKrpGi0L3h8m8ipHE8EwI94NeOMsjfVw60aJuCrssY5vKN
  -----END ENCRYPTED PRIVATE KEY-----

• Ed25519 public keys in PEM format

  -----BEGIN PUBLIC KEY-----
  MCowBQYDK2VwAyEAoF0a6lgwrJplzfs4RmDUl+NpfEa0Gc8s7IXei9JFRZ0=
  -----END PUBLIC KEY-----

• Ed25519 public key from X509 certificate

  -----BEGIN CERTIFICATE-----
  MIIBODCB66ADAgECAhRWDU9FZBBUZ7KTdX8f7Bco8jsoaTAFBgMrZXAwETEPMA0G
  A1UEAwwGQ3J5cHRYMCAXDTIwMDExOTEzMDIwMloYDzIyOTMxMTAyMTMwMjAyWjAR
  MQ8wDQYDVQQDDAZDcnlwdFgwKjAFBgMrZXADIQCgXRrqWDCsmmXN+zhGYNSX42l8
  RrQZzyzshd6L0kVFnaNTMFEwHQYDVR0OBBYEFHCGFtVibAxxWYyRt5wazMpqSZDV
  MB8GA1UdIwQYMBaAFHCGFtVibAxxWYyRt5wazMpqSZDVMA8GA1UdEwEB/wQFMAMB
  Af8wBQYDK2VwA0EAqG/+98smzqF/wmFX3zHXSaA67as202HnBJod1Tiurw1f+lr3
  BX6OMtsDpgRq9O77IF1Qyx/MdJEwwErczOIbAA==
  -----END CERTIFICATE-----

• SSH public Ed25519 keys

  ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL0XsiFcRDp6Hpsoak8OdiiBMJhM2UKszNTxoGS7dJ++

• SSH public Ed25519 keys (RFC-4716 format)

  ---- BEGIN SSH2 PUBLIC KEY ----
  Comment: "256-bit ED25519, converted from OpenSSH"
  AAAAC3NzaC1lZDI1NTE5AAAAIL0XsiFcRDp6Hpsoak8OdiiBMJhM2UKszNTxoGS7dJ++
  ---- END SSH2 PUBLIC KEY ----

• Ed25519 private keys in JSON Web Key (JWK) format

  See https://tools.ietf.org/html/rfc8037

  {
   "kty":"OKP",
   "crv":"Ed25519",
   "x":"oF0a6lgwrJplzfs4RmDUl-NpfEa0Gc8s7IXei9JFRZ0",
   "d":"RcEJum_STotn0j77a5LZnNRX4hNxcsDXSf4rWgwULa0",
  }

  BEWARE: For JWK support you need to have JSON::PP, JSON::XS or Cpanel::JSON::XS module.

• Ed25519 public keys in JSON Web Key (JWK) format

  {
   "kty":"OKP",
   "crv":"Ed25519",
   "x":"oF0a6lgwrJplzfs4RmDUl-NpfEa0Gc8s7IXei9JFRZ0",
  }

  BEWARE: For JWK support you need to have JSON::PP, JSON::XS or Cpanel::JSON::XS module.

import_key_raw

Import raw public/private key - can load raw key data exported by "export_key_raw".

$pk->import_key_raw($key, 'public');
$pk->import_key_raw($key, 'private');

export_key_der

my $private_der = $pk->export_key_der('private');
#or
my $public_der = $pk->export_key_der('public');

export_key_pem

my $private_pem = $pk->export_key_pem('private');
#or
my $public_pem = $pk->export_key_pem('public');

export_key_jwk

Exports public/private keys as a JSON Web Key (JWK).

my $private_json_text = $pk->export_key_jwk('private');
#or
my $public_json_text = $pk->export_key_jwk('public');

Also exports public/private keys as a perl HASH with JWK structure.

my $jwk_hash = $pk->export_key_jwk('private', 1);
#or
my $jwk_hash = $pk->export_key_jwk('public', 1);

BEWARE: For JWK support you need to have JSON::PP, JSON::XS or Cpanel::JSON::XS module.

export_key_raw

Export raw public/private key

my $private_bytes = $pk->export_key_raw('private');
#or
my $public_bytes = $pk->export_key_raw('public');

sign_message

my $signature = $priv->sign_message($message);

verify_message

my $valid = $pub->verify_message($signature, $message)

is_private

my $rv = $pk->is_private;
# 1 .. private key loaded
# 0 .. public key loaded
# undef .. no key loaded

key2hash

my $hash = $pk->key2hash;

# returns hash like this (or undef if no key loaded):
{
  curve => "ed25519",
  # raw public key as a hexadecimal string
  pub   => "A05D1AEA5830AC9A65CDFB384660D497E3697C46B419CF2CEC85DE8BD245459D",
  # raw private key as a hexadecimal string. undef if key is public only
  priv  => "45C109BA6FD24E8B67D23EFB6B92D99CD457E2137172C0D749FE2B5A0C142DAD",
}

SEE ALSO

• https://en.wikipedia.org/wiki/EdDSA#Ed25519

• https://en.wikipedia.org/wiki/Curve25519

• https://tools.ietf.org/html/rfc8032

cpanm CryptX

perl -MCPAN -e shell
install CryptX