Just as it sounds: cryptography with no non-core XS dependencies!
This is useful if you don’t have access to
other tools that do this work like OpenSSL, CryptX,
etc. Of course, if you do have access to one of those tools, they may suit
your purpose better.
Given the number of original tests in this distribution, I am reasonably
confident that this code is as secure as the random number generation in
Bytes::Random::Secure::Tiny can allow. The tests verify the logic here
against OpenSSL, on which millions of applications rely every day.
That said: NO GUARANTEES!!! The tests here are original, but the
production logic is ported from elsewhere. There has been no formal security
review. I found at least one security flaw
in one of the source libraries; there may be more.
RSA key generation is slow—too slow, probably, unless you have
Math::BigInt::GMP or Math::BigInt::Pari (either of which requires XS).
It’s one application where pure-Perl cryptography just doesn’t seem
feasible. :-( Everything else, though, including all ECDSA and Ed25519
operations, should be fine.
Note that this distribution’s test suite is pretty slow without an
XS backend.
TODO
There are TODO items listed in the submodules; the following are general
to the entire distribution.
Document the exception system so that applications can use it.