NAME
Crypt::GCrypt - Perl interface to the GNU Cryptographic library
SYNOPSIS
use Crypt::GCrypt;
$cipher = GCrypt::Cipher->new(
type => 'cipher',
algorithm => 'aes',
mode => 'cbc'
);
$cipher->setkey('my secret key');
$cipher->setiv('my init vector');
$ciphertext = $cipher->encrypt('plaintext');
$plaintext = $cipher->decrypt($ciphertext);
ABSTRACT
Crypt::GCrypt provides an object interface to the C libgcrypt library. It currently supports symmetric encryption, while asymmetric encryption is being worked on.
SYMMETRIC CRYPTOGRAPHY
In order to encrypt/decrypt your data using a symmetric cipher you first have to build a Crypt::GCrypt object:
$cipher = GCrypt::Cipher->new(
type => 'cipher',
algorithm => 'aes',
mode => 'cbc'
);
The type argument must be "cipher" and the algorithm is required. See below for a description of available algorithms and other initialization parameters:
- algorithm
-
This may be one of the following:
- 3des
-
(Triple DES, 112 bit key)
- aes
-
(The Advanced Encryption Standard, a.k.a. Rijndael, 128 bit key)
- aes192
-
(AES with 192 bit key)
- aes256
-
(AES with 256 bit key)
- blowfish
- cast5
- des
-
(Date Encryption Standard, 56 bit key, not very secure as it's too short)
- twofish
-
(Successor of Blowfish, 256 bit key)
- arcfour
-
(Stream cipher)
- mode
-
This is a string specifying one of the following encryption/decryption modes:
- stream
-
only available for stream ciphers
- ecb
-
doesn't use an IV, encrypts each block independently
- cbc
-
the current ciphertext block is encryption of current plaintext block xor-ed with last ciphertext block
- cfb
-
the current ciphertext block is the current plaintext block xor-ed with the current keystream block, which is the encryption of the last ciphertext block
- ofb
-
the current ciphertext block is the current plaintext block xor-ed with the current keystream block, which is the encryption of the last keystream block
If no mode is specified cbc is selected for block ciphers, and stream for stream ciphers. Between blocks the previous one is stored in the IV.
- secure
-
All data associated with this cipher will be put into non-swappable storage, if possible.
- enable_sync
-
Enable the CFB sync operation.
Once you've got your cipher object the following methods are available:
- $cipher->setkey(KEY)
-
Encryption and decryption operations will use KEY until a different one is set. If KEY is shorter than the cipher's keylen (see the
keylen
method) it will be zero-padded, if it is longer it will be truncated. - $cipher->setiv([IV])
-
Set the initialisation vector to IV for the next encrypt/decrypt operation. If IV is missing a "standard" IV of all zero is used. The same IV is set in newly created cipher objects.
- $cipher->encrypt(PLAINTEXT)
-
This method encrypts PLAINTEXT with $cipher, returning the corresponding ciphertext. Null byte padding is automatically appended if PLAINTEXT's length is not evenly divisible by $cipher's block size.
- $cipher->decrypt(CIPHERTEXT)
-
The counterpart to encrypt, decrypt takes a CIPHERTEXT and produces the original plaintext (given that the right key was used, of course).
- $cipher->keylen()
-
Returns the number of bytes of keying material this cipher needs.
- $cipher->blklen()
-
As their name implies, block ciphers operate on blocks of data. This method returns the size of this blocks in bytes for this particular cipher. For stream ciphers
1
is returned, since this implementation does not support feeding less than a byte into the cipher. - $cipher->sync()
-
Apply the CFB sync operation.
AVAILABILITY
Latest versions can be downloaded from CPAN. You are very welcome to write mail to the author (aar@cpan.org) with your contributions, comments, suggestions, bug reports or complaints.
AUTHOR
Alessandro Ranellucci <aar@cpan.org>
COPYRIGHT AND LICENSE
Copyright (c) 2005 Alessandro Ranellucci. Crypt::GCrypt is free software, you may redistribute it and/or modify it under the same terms as Perl itself.
ACKNOWLEDGEMENTS
This module is partially inspired by the GCrypt.pm bindings made by Robert Bihlmeyer in 2002.
DISCLAIMER
This software is provided by the copyright holders and contributors ``as is'' and any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall the regents or contributors be liable for any direct, indirect, incidental, special, exemplary, or consequential damages (including, but not limited to, procurement of substitute goods or services; loss of use, data, or profits; or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use of this software, even if advised of the possibility of such damage.
1 POD Error
The following errors were encountered while parsing the POD:
- Around line 203:
You forgot a '=back' before '=head1'