/ 
CryptX-0.088_005
⭐ Starred 36 / Crypt::PK::Ed448

NAME

Crypt::PK::Ed448 - Digital signature based on Ed448

SYNOPSIS

use Crypt::PK::Ed448;

my $message = 'hello world';
my $signer = Crypt::PK::Ed448->new->generate_key;
my $signature = $signer->sign_message($message);

my $public_der = $signer->export_key_der('public');
my $verifier = Crypt::PK::Ed448->new(\$public_der);
$verifier->verify_message($signature, $message) or die "ERROR";

my $pk = Crypt::PK::Ed448->new;
$pk->import_key_raw(
  pack("H*", "1b0055aad3b239a0fa1ed1ea8023151a5791d0bb556435299da6cf1aaa272d858b0238822654bc15f64adbab97f1bb9ec848d72cd8ad856800"),
  "public",
);

my $sk = Crypt::PK::Ed448->new;
$sk->import_key_raw(
  pack("H*", "f82bd65291965de46d87c7447863924e8efb8da36993618a784cd3b69a6d66e61cdc0a48a31e66bd8e81e4d77cedc311aa0f72a322ef3e4fad"),
  "private",
);

DESCRIPTION

Since: CryptX-0.089

METHODS

new

my $source = Crypt::PK::Ed448->new();
$source->generate_key;

my $public_der = $source->export_key_der('public');
my $pub = Crypt::PK::Ed448->new(\$public_der);

my $private_pem = $source->export_key_pem('private', 'secret', 'AES-256-CBC');
my $priv = Crypt::PK::Ed448->new(\$private_pem, 'secret');

Passing $filename or \$buffer to new is equivalent: both forms immediately import the key material into the new object.

generate_key

Returns the object itself (for chaining).

$pk->generate_key;

import_key

Loads Ed448 private or public keys from DER, PEM, PKCS#8, X.509 certificates, SubjectPublicKeyInfo, or JWK.

my $source = Crypt::PK::Ed448->new();
$source->generate_key;

my $public_der = $source->export_key_der('public');
my $pub = Crypt::PK::Ed448->new();
$pub->import_key(\$public_der);
my $private_pem = $source->export_key_pem('private', 'secret', 'AES-256-CBC');
my $priv = Crypt::PK::Ed448->new();
$priv->import_key(\$private_pem, 'secret');
$pk->import_key({
  curve => "ed448",
  pub   => "1B0055AAD3B239A0FA1ED1EA8023151A5791D0BB556435299DA6CF1AAA272D858B0238822654BC15F64ADBAB97F1BB9EC848D72CD8AD856800",
  priv  => "F82BD65291965DE46D87C7447863924E8EFB8DA36993618A784CD3B69A6D66E61CDC0A48A31E66BD8E81E4D77CEDC311AA0F72A322EF3E4FAD",
});
$pk->import_key({
  kty => "OKP",
  crv => "Ed448",
  d   => "-CvWUpGWXeRth8dEeGOSTo77jaNpk2GKeEzTtpptZuYc3ApIox5mvY6B5Nd87cMRqg9yoyLvPk-t",
  x   => "GwBVqtOyOaD6HtHqgCMVGleR0LtVZDUpnabPGqonLYWLAjiCJlS8FfZK26uX8bueyEjXLNithWgA",
});

The same method also accepts filenames instead of buffers.

import_key_raw

Import raw public/private key bytes.

$pk->import_key_raw($key, 'public');
$pk->import_key_raw($key, 'private');

The raw key must be exactly 57 bytes long.

export_key_der

Returns the key as a binary DER-encoded string.

my $der = $pk->export_key_der('private');
my $der = $pk->export_key_der('public');

export_key_pem

Returns the key as a PEM-encoded string (ASCII).

my $pem = $pk->export_key_pem('private');
my $pem = $pk->export_key_pem('public');
my $pem = $pk->export_key_pem('private', $password, 'AES-256-CBC');

export_key_jwk

Returns a JSON string, or a hashref if the optional second argument is true.

my $json = $pk->export_key_jwk('private');
my $hash = $pk->export_key_jwk('public', 1);

export_key_raw

Returns the raw key as a binary string.

my $raw = $pk->export_key_raw('private');
my $raw = $pk->export_key_raw('public');

sign_message

Returns the signature as a binary string. Ed448 uses a fixed hash internally (SHAKE256); unlike RSA or ECDSA there is no $hash_name parameter.

my $signature = $priv->sign_message($message);

verify_message

Returns 1 if the signature is valid, 0 otherwise.

my $valid = $pub->verify_message($signature, $message);

sign_message_ctx

Signs a message using Ed448ctx (RFC 8032 Section 5.2), which includes a mandatory context string (at most 255 bytes). The context string makes the signature domain-separated: the same key signing the same message with a different context produces a different (and incompatible) signature.

Note: In contrast to Ed25519, plain Ed448 ("sign_message") is formally defined with an empty context string, so Ed448 and Ed448ctx with an empty context produce the same signature.

my $signature = $priv->sign_message_ctx($message, $context);

verify_message_ctx

Verifies a signature produced by "sign_message_ctx".

my $valid = $pub->verify_message_ctx($signature, $message, $context);

sign_message_ph

Signs a message using Ed448ph (RFC 8032 Section 5.2), the "pre-hashed" variant. The message is first hashed with SHAKE256 internally before signing. This is useful when signing very large messages or when only a hash of the message is available. An optional context string (at most 255 bytes) can be provided; it defaults to the empty string if omitted.

my $signature = $priv->sign_message_ph($message);
my $signature = $priv->sign_message_ph($message, $context);

verify_message_ph

Verifies a signature produced by "sign_message_ph".

my $valid = $pub->verify_message_ph($signature, $message);
my $valid = $pub->verify_message_ph($signature, $message, $context);

is_private

my $rv = $pk->is_private;

key2hash

Returns a hashref with the key components, or undef if no key is loaded.

my $hash = $pk->key2hash;

Returns a hash like:

{
  curve => "ed448",
  pub   => "1B0055AAD3B239A0FA1ED1EA8023151A5791D0BB556435299DA6CF1AAA272D858B0238822654BC15F64ADBAB97F1BB9EC848D72CD8AD856800",
  priv  => "F82BD65291965DE46D87C7447863924E8EFB8DA36993618A784CD3B69A6D66E61CDC0A48A31E66BD8E81E4D77CEDC311AA0F72A322EF3E4FAD",
}

OpenSSL interoperability

# Generate a key with OpenSSL
# openssl genpkey -algorithm ed448 -out ed448_priv.pem
# openssl pkey -in ed448_priv.pem -pubout -out ed448_pub.pem

# Load the OpenSSL-generated key in CryptX
use Crypt::PK::Ed448;
my $priv = Crypt::PK::Ed448->new("ed448_priv.pem");
my $pub  = Crypt::PK::Ed448->new("ed448_pub.pem");

# Sign in CryptX, verify with OpenSSL
my $message = "hello";
my $signature = $priv->sign_message($message);

# Export CryptX key for OpenSSL
my $pem = $priv->export_key_pem('private');
# then: openssl pkey -in priv.pem -text -noout

SEE ALSO