Crypt-LE
view release on metacpan or search on metacpan
lib/Crypt/LE.pm view on Meta::CPAN
Returns: OK | READ_ERROR | LOAD_ERROR | INVALID_DATA.
=cut
sub load_account_key {
my ($self, $file) = @_;
$self->_reset_key;
my $key = $self->_file($file);
return $self->_status(READ_ERROR, "Key reading error.") unless $key;
eval {
$key = Crypt::OpenSSL::RSA->new_private_key($self->_convert($key, 'RSA PRIVATE KEY'));
};
return $self->_status(LOAD_ERROR, "Key loading error.") if $@;
return $self->_set_key($key, "Account key loaded.");
}
=head2 generate_account_key()
Generates a new private account key of the $keysize bits (4096 by default). The key is additionally validated for not being divisible by small primes.
Returns: OK | INVALID_DATA.
=cut
sub generate_account_key {
my $self = shift;
my ($pk, $err, $code) = _key();
return $self->_status(INVALID_DATA, $err||"Could not generate account key") unless $pk;
my $key = Crypt::OpenSSL::RSA->new_private_key(Net::SSLeay::PEM_get_string_PrivateKey($pk));
_free(k => $pk);
return $self->_set_key($key, "Account key generated.");
}
=head2 account_key()
Returns: A previously loaded or generated private key in PEM format or undef.
=cut
lib/Crypt/LE.pm view on Meta::CPAN
#====================================================================================================
sub _reset_key {
my $self = shift;
undef $self->{$_} for qw<key_params key pem jwk fingerprint>;
}
sub _set_key {
my $self = shift;
my ($key, $msg) = @_;
my $pem = $key->get_private_key_string;
my ($n, $e) = $key->get_key_parameters;
return $self->_status(INVALID_DATA, "Key modulus is divisible by a small prime and will be rejected.") if $self->_is_divisible($n);
$key->use_pkcs1_padding;
$key->use_sha256_hash;
$self->{key_params} = { n => $n, e => $e };
$self->{key} = $key;
$self->{pem} = $pem;
$self->{jwk} = $self->_jwk();
$self->{fingerprint} = encode_base64url(sha256($j->encode($self->{jwk})));
if ($self->{autodir}) {
( run in 0.239 second using v1.01-cache-2.11-cpan-a5abf4f5562 )