NAME

Crypt::PK::DSA - Public key cryptography based on DSA

SYNOPSIS

### OO interface

#Encryption: Alice
my $pub = Crypt::PK::DSA->new('Bob_pub_dsa1.der');
my $ct = $pub->encrypt("secret message");
#
#Encryption: Bob (received ciphertext $ct)
my $priv = Crypt::PK::DSA->new('Bob_priv_dsa1.der');
my $pt = $priv->decrypt($ct);

#Signature: Alice
my $priv = Crypt::PK::DSA->new('Alice_priv_dsa1.der');
my $sig = $priv->sign_message($message);
#
#Signature: Bob (received $message + $sig)
my $pub = Crypt::PK::DSA->new('Alice_pub_dsa1.der');
$pub->verify_message($sig, $message) or die "ERROR";

#Key generation
my $pk = Crypt::PK::DSA->new();
$pk->generate_key(30, 256);
my $private_der = $pk->export_key_der('private');
my $public_der = $pk->export_key_der('public');
my $private_pem = $pk->export_key_pem('private');
my $public_pem = $pk->export_key_pem('public');

### Functional interface

#Encryption: Alice
my $ct = dsa_encrypt('Bob_pub_dsa1.der', "secret message");
#Encryption: Bob (received ciphertext $ct)
my $pt = dsa_decrypt('Bob_priv_dsa1.der', $ct);

#Signature: Alice
my $sig = dsa_sign_message('Alice_priv_dsa1.der', $message);
#Signature: Bob (received $message + $sig)
dsa_verify_message('Alice_pub_dsa1.der', $sig, $message) or die "ERROR";

FUNCTIONS

dsa_encrypt

DSA based encryption as implemented by libtomcrypt. See method "encrypt" below.

my $ct = dsa_encrypt($pub_key_filename, $message);
#or
my $ct = dsa_encrypt(\$buffer_containing_pub_key, $message);
#or
my $ct = dsa_encrypt($pub_key_filename, $message, $hash_name);

#NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest

Encryption works similar to the Crypt::PK::ECC encryption whereas shared DSA key is computed, and the hash of the shared key XOR'ed against the plaintext forms the ciphertext.

dsa_decrypt

DSA based decryption as implemented by libtomcrypt. See method "decrypt" below.

my $pt = dsa_decrypt($priv_key_filename, $ciphertext);
#or
my $pt = dsa_decrypt(\$buffer_containing_priv_key, $ciphertext);

dsa_sign_message

Generate DSA signature. See method "sign_message" below.

my $sig = dsa_sign_message($priv_key_filename, $message);
#or
my $sig = dsa_sign_message(\$buffer_containing_priv_key, $message);
#or
my $sig = dsa_sign_message($priv_key, $message, $hash_name);

dsa_verify_message

Verify DSA signature. See method "verify_message" below.

dsa_verify_message($pub_key_filename, $signature, $message) or die "ERROR";
#or
dsa_verify_message(\$buffer_containing_pub_key, $signature, $message) or die "ERROR";
#or
dsa_verify_message($pub_key, $signature, $message, $hash_name) or die "ERROR";

dsa_sign_hash

Generate DSA signature. See method "sign_hash" below.

my $sig = dsa_sign_hash($priv_key_filename, $message_hash);
#or
my $sig = dsa_sign_hash(\$buffer_containing_priv_key, $message_hash);

dsa_verify_hash

Verify DSA signature. See method "verify_hash" below.

dsa_verify_hash($pub_key_filename, $signature, $message_hash) or die "ERROR";
#or
dsa_verify_hash(\$buffer_containing_pub_key, $signature, $message_hash) or die "ERROR";

METHODS

new

my $pk = Crypt::PK::DSA->new();
#or
my $pk = Crypt::PK::DSA->new($priv_or_pub_key_filename);
#or
my $pk = Crypt::PK::DSA->new(\$buffer_containing_priv_or_pub_key);

generate_key

Uses Yarrow-based cryptographically strong random number generator seeded with random data taken from /dev/random (UNIX) or CryptGenRandom (Win32).

$pk->generate_key($group_size, $modulus_size);
# $group_size  ... in bytes .. 15 < $group_size < 1024
# $modulus_size .. in bytes .. ($modulus_size - $group_size) < 512

### Bits of Security according to libtomcrypt documentation
# 80 bits   => generate_key(20, 128)
# 120 bits  => generate_key(30, 256)
# 140 bits  => generate_key(35, 384)
# 160 bits  => generate_key(40, 512)

### Sizes according section 4.2 of FIPS 186-4
# (L and N are the bit lengths of p and q respectively)
# L = 1024, N = 160 => generate_key(20, 128)
# L = 2048, N = 224 => generate_key(28, 256)
# L = 2048, N = 256 => generate_key(32, 256)
# L = 3072, N = 256 => generate_key(32, 384)

import_key

Loads private or public key in DER or PEM format (password protected keys are not supported).

$pk->import_key($filename);
#or
$pk->import_key(\$buffer_containing_key);

export_key_der

my $private_der = $pk->export_key_der('private');
#or
my $public_der = $pk->export_key_der('public');

export_key_pem

my $private_pem = $pk->export_key_pem('private');
#or
my $public_pem = $pk->export_key_pem('public');

encrypt

my $pk = Crypt::PK::DSA->new($pub_key_filename);
my $ct = $pk->encrypt($message);
#or
my $ct = $pk->encrypt($message, $hash_name);

#NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest

decrypt

my $pk = Crypt::PK::DSA->new($priv_key_filename);
my $pt = $pk->decrypt($ciphertext);

sign_message

my $pk = Crypt::PK::DSA->new($priv_key_filename);
my $signature = $priv->sign_message($message);
#or
my $signature = $priv->sign_message($message, $hash_name);

#NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest

verify_message

my $pk = Crypt::PK::DSA->new($pub_key_filename);
my $valid = $pub->verify_message($signature, $message)
#or
my $valid = $pub->verify_message($signature, $message, $hash_name);

#NOTE: $hash_name can be 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest

sign_hash

my $pk = Crypt::PK::DSA->new($priv_key_filename);
my $signature = $priv->sign_hash($message_hash);

verify_hash

my $pk = Crypt::PK::DSA->new($pub_key_filename);
my $valid = $pub->verify_hash($signature, $message_hash);

is_private

my $rv = $pk->is_private;
# 1 .. private key loaded
# 0 .. public key loaded
# undef .. no key loaded

size

my $size = $pk->size;
# returns key size in bytes or undef if no key loaded

key2hash

my $hash = $pk->key2hash;

# returns hash like this (or undef if no key loaded):
{
  type => 1,   # integer: 1 .. private, 0 .. public
  size => 256, # integer: key size in bytes
  # all the rest are hex strings
  p => "AAF839A764E04D80824B79FA1F0496C093...", #prime modulus
  q => "D05C4CB45F29D353442F1FEC43A6BE2BE8...", #prime divisor
  g => "847E8896D12C9BF18FE283AE7AD58ED7F3...", #generator of a subgroup of order q in GF(p)
  x => "6C801901AC74E2DC714D75A9F6969483CF...", #private key, random  0 < x < q
  y => "8F7604D77FA62C7539562458A63C7611B7...", #public key, where y = g^x mod p
}

To install CryptX, copy and paste the appropriate command in to your terminal.

cpanm

cpanm CryptX

CPAN shell

perl -MCPAN -e shell
install CryptX

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)