Filter-Crypto
view release on metacpan or search on metacpan
Makefile.PL view on Meta::CPAN
}
#===============================================================================
# MAKEMAKER OVERRIDES
#===============================================================================
# Method to temporarily remove the list of sub-directories when creating the
# (top-level) "test" target since our sub-directories have no tests of their
# own. This saves the bother of cd'ing into them and avoids the alarming "No
# tests defined..." message when running the top-level "test" target. (The
# sub-directories' Makefiles still have their own "test" targets, though, so
# anyone manually cd'ing into them and running those "test" targets will get the
# message about there being no tests.)
#
# This method is based on code taken from the MY::test() method in the top-level
# Makefile.PL script in the Tk distribution (version 804.032).
sub MY::test {
my($self, %args) = @_;
my $dir = delete $self->{DIR};
my $str = $self->MM::test(%args);
$self->{DIR} = $dir;
return $str;
}
#===============================================================================
# PRIVATE CLASS
#===============================================================================
{
package Filter::Crypto::_ConfigureBuild;
use Carp qw(croak);
use Config qw(%Config);
use Cwd qw(abs_path);
use ExtUtils::MakeMaker qw(prompt);
use Fcntl;
use File::Basename qw(basename dirname);
use File::Copy qw(copy);
use File::Spec::Functions qw(canonpath catdir catfile curdir
file_name_is_absolute path updir);
use Getopt::Long qw(GetOptions);
use Pod::Usage qw(pod2usage);
use Text::Wrap qw(wrap);
use constant CIPHER_NAME_DES => 'DES';
use constant CIPHER_NAME_DES_EDE => 'DES_EDE';
use constant CIPHER_NAME_DES_EDE3 => 'DES_EDE3';
use constant CIPHER_NAME_RC4 => 'RC4';
use constant CIPHER_NAME_IDEA => 'IDEA';
use constant CIPHER_NAME_RC2 => 'RC2';
use constant CIPHER_NAME_DESX => 'DESX';
use constant CIPHER_NAME_BLOWFISH => 'Blowfish';
use constant CIPHER_NAME_NULL => 'Null';
use constant CIPHER_NAME_RC5 => 'RC5';
use constant CIPHER_NAME_CAST5 => 'CAST5';
use constant CIPHER_NAME_AES => 'AES';
use constant CIPHER_MODE_ECB => 'ECB';
use constant CIPHER_MODE_CBC => 'CBC';
use constant CIPHER_MODE_CFB => 'CFB';
use constant CIPHER_MODE_OFB => 'OFB';
use constant CIPHER_KEY_GIVEN_PSWD => 1;
use constant CIPHER_KEY_RANDOM_PSWD => 2;
use constant CIPHER_KEY_GIVEN => 3;
use constant CIPHER_KEY_RANDOM => 4;
use constant RAND_OPTION_STR => 'rand';
use constant RAND_PSWD_LEN => 32;
use constant RNG_PERL_RAND => 'Perl';
use constant RNG_CRYPT_RANDOM => 'Crypt::Random';
use constant RNG_MATH_RANDOM => 'Math::Random';
use constant RNG_OPENSSL_RAND => 'OpenSSL';
use constant CIPHER_CONFIG_FILENAME => 'CipherConfig.h';
use constant BUILD_OPTION_BOTH => 'both';
use constant BUILD_OPTION_CRYPTFILE => 'CryptFile';
use constant BUILD_OPTION_DECRYPT => 'Decrypt';
#-------------------------------------------------------------------------------
# CLASS INITIALIZATION
#-------------------------------------------------------------------------------
our($VERSION, $YEAR, $Show_Found_Var_Indent);
BEGIN {
$VERSION = $main::VERSION;
$YEAR = $main::YEAR;
# Define indentation for show_found_var() method.
$Show_Found_Var_Indent = 37;
# Define protected accessor/mutator methods.
foreach my $prop (qw(
define inc libs opts
prefix_dir inc_dir ver_num ver_str lib_dir lib_name bin_file
cipher_name cipher_func cipher_needs_iv key_len rc2_key_bits rc5_rounds
pswd key))
{
no strict 'refs'; ## no critic (TestingAndDebugging::ProhibitNoStrict)
*$prop = sub {
use strict 'refs';
my $self = shift;
$self->{$prop} = shift if @_;
return $self->{$prop};
};
}
}
#-------------------------------------------------------------------------------
# PUBLIC API
#-------------------------------------------------------------------------------
sub new {
return bless {}, shift;
}
Makefile.PL view on Meta::CPAN
if (not exists $disabled{RC5}) {
push @cipher_names, (
[ CIPHER_NAME_RC5, 'RC5 block cipher' ]
);
}
if (not exists $disabled{CAST}) {
push @cipher_names, (
[ CIPHER_NAME_CAST5, 'CAST5 block cipher' ]
);
}
# The AES cipher was added in OpenSSL 0.9.7.
if (not exists $disabled{AES} and $ver_num >= 90700) {
push @cipher_names, (
[ CIPHER_NAME_AES, 'AES block cipher' ]
);
}
my $cipher_name = $self->opts()->{'cipher-name'};
if (defined $cipher_name) {
my %lc_cipher_names = map { lc $_->[0] => 1 } @cipher_names;
if (exists $lc_cipher_names{lc $cipher_name}) {
$self->show_found_var('Using specified cipher name', $cipher_name);
}
else {
$self->exit_with_error(113,
"No such cipher name '%s'", $cipher_name
);
}
}
else {
my $message = 'Cipher algorithms available:';
my $question = 'Which cipher algorithm do you want to use?';
my $default;
if (not exists $disabled{DES} and $ver_num < 90700) {
$default = CIPHER_NAME_DES_EDE3;
}
elsif (not exists $disabled{AES} and $ver_num >= 90700) {
$default = CIPHER_NAME_AES;
}
else {
$default = $cipher_names[$#cipher_names][0];
}
$cipher_name = $self->prompt_list(
$message, \@cipher_names, $question, $default
);
}
print "\n";
$self->cipher_name($cipher_name);
}
sub query_cipher_mode {
my $self = shift;
my @cipher_modes = (
[ CIPHER_MODE_ECB, 'ECB (Electronic Codebook Mode)' ],
[ CIPHER_MODE_CBC, 'CBC (Cipher Block Chaining Mode)' ],
[ CIPHER_MODE_CFB, 'CFB (64-Bit Cipher Feedback Mode)' ],
[ CIPHER_MODE_OFB, 'OFB (64-Bit Output Feedback Mode)' ]
);
my $cipher_mode = $self->opts()->{'cipher-mode'};
if (defined $cipher_mode) {
my %lc_cipher_modes = map { lc $_->[0] => $_->[0] } @cipher_modes;
if (exists $lc_cipher_modes{lc $cipher_mode}) {
$self->show_found_var('Using specified cipher mode', $cipher_mode);
$cipher_mode = $lc_cipher_modes{lc $cipher_mode};
}
else {
$self->exit_with_error(114,
"No such cipher mode '%s'", $cipher_mode
);
}
}
else {
my $message = 'Modes of operation available:';
my $question = 'Which mode of operation do you want to use?';
my $default = CIPHER_MODE_CBC;
$cipher_mode = $self->prompt_list(
$message, \@cipher_modes, $question, $default
);
}
print "\n";
return $cipher_mode;
}
sub query_key_len {
my $self = shift;
my %args = @_;
my $validate;
if (exists $args{-fixed}) {
$validate = sub { $_[0] eq $args{-fixed} };
}
elsif (exists $args{-valid}) {
my %valid = map { $_ => 1 } @{$args{-valid}};
$validate = sub { exists $valid{$_[0]} };
}
else {
my $int_pat = qr/^(?:0|[1-9](?:\d+)?)$/o;
# Minimum key size is clearly 0 bytes if it is not otherwise set
# already. Restrict the maximum key size to some sensible value if it
# is not set already: we do not want to allow the user to enter an
# arbitrarily large integer.
$args{-min} = 0 unless exists $args{-min};
$args{-max} = 1024 unless exists $args{-max};
$validate = sub {
$_[0] =~ $int_pat and $_[0] >= $args{-min} and $_[0] <= $args{-max}
};
}
my $key_len = $self->opts()->{'key-len'};
my $key = $self->opts()->{key};
if (defined $key_len) {
if ($validate->($key_len)) {
$self->show_found_var('Using specified key length', $key_len);
}
else {
$self->exit_with_error(115, "Invalid key length '%d'", $key_len);
}
}
elsif (defined $key and $key ne RAND_OPTION_STR) {
$key_len = length($key) / 2;
if ($validate->($key_len)) {
$self->show_found_var('Using inferred key length', $key_len);
}
else {
$self->exit_with_error(116, "Invalid length key (%d)", $key_len);
}
}
elsif (exists $args{-fixed}) {
$key_len = $args{-fixed};
$self->show_found_var('Using fixed key length', $key_len);
}
else {
my $message = "This is a variable key length algorithm.\n";
Makefile.PL view on Meta::CPAN
);
}
return unpack 'H*', $octets;
}
sub query_rng {
my $self = shift;
my @rngs = (
[ RNG_PERL_RAND, "Perl's built-in rand() function" ]
);
if (eval { require Crypt::Random }) {
push @rngs, (
[ RNG_CRYPT_RANDOM, 'Crypt::Random' ]
);
}
if (eval { require Math::Random }) {
push @rngs, (
[ RNG_MATH_RANDOM, 'Math::Random' ]
);
}
push @rngs, (
[ RNG_OPENSSL_RAND, "OpenSSL's rand command" ]
);
my $rng = $self->opts()->{rng};
if (defined $rng) {
my %lc_rngs = map { lc $_->[0] => $_->[0] } @rngs;
if (exists $lc_rngs{lc $rng}) {
$self->show_found_var('Using specified RNG', $rng);
$rng = $lc_rngs{lc $rng};
}
else {
$self->exit_with_error(129,
"Invalid random number generator '%s'", $rng
);
}
}
else {
my $message = 'Random number generators:';
my $question = 'Which RNG do you want to use?';
my $default = $rngs[$#rngs][0];
$rng = $self->prompt_list(
$message, \@rngs, $question, $default
);
}
return $rng;
}
sub configure_des_cipher {
my $self = shift;
my %cipher_funcs = (
CIPHER_MODE_ECB, 'EVP_des_ecb()',
CIPHER_MODE_CBC, 'EVP_des_cbc()',
CIPHER_MODE_CFB, 'EVP_des_cfb()',
CIPHER_MODE_OFB, 'EVP_des_ofb()'
);
my $cipher_mode = $self->query_cipher_mode();
$self->cipher_func($cipher_funcs{$cipher_mode});
$self->cipher_needs_iv(1);
# The DES cipher can only use an 8 byte key (of which only 7 bytes are
# actually used by the algorithm): see FIPS PUB 46-3.
$self->query_key_len(-fixed => 8);
}
sub configure_des_ede_cipher {
my $self = shift;
my $ver_num = $self->ver_num();
my %cipher_funcs = (
CIPHER_MODE_ECB, ($ver_num < 90700
? 'EVP_des_ede()' : 'EVP_des_ede_ecb()'),
CIPHER_MODE_CBC, 'EVP_des_ede_cbc()',
CIPHER_MODE_CFB, 'EVP_des_ede_cfb()',
CIPHER_MODE_OFB, 'EVP_des_ede_ofb()'
);
my $cipher_mode = $self->query_cipher_mode();
$self->cipher_func($cipher_funcs{$cipher_mode});
$self->cipher_needs_iv(1);
# The DES-EDE cipher is two-key triple-DES (i.e. in which an encrypt
# operation is encrypt with key 1, decrypt with key 2, encrypt with key 1),
# and therefore requires a key length equivalent to two DES keys, i.e. 16
# bytes (of which only 14 are used).
$self->query_key_len(-fixed => 16);
}
sub configure_des_ede3_cipher {
my $self = shift;
my $ver_num = $self->ver_num();
my %cipher_funcs = (
CIPHER_MODE_ECB, ($ver_num < 90700
? 'EVP_des_ede3()' : 'EVP_des_ede3_ecb()'),
CIPHER_MODE_CBC, 'EVP_des_ede3_cbc()',
CIPHER_MODE_CFB, 'EVP_des_ede3_cfb()',
CIPHER_MODE_OFB, 'EVP_des_ede3_ofb()'
);
my $cipher_mode = $self->query_cipher_mode();
$self->cipher_func($cipher_funcs{$cipher_mode});
$self->cipher_needs_iv(1);
# The DES-EDE3 cipher is three-key triple-DES (i.e. in which an encrypt
# operation is encrypt with key 1, decrypt with key 2, encrypt with key 3),
# and therefore requires a key length equivalent to two DES keys, i.e. 24
# bytes (of which only 21 are used).
$self->query_key_len(-fixed => 24);
}
sub configure_rc4_cipher {
my $self = shift;
$self->cipher_func('EVP_rc4()');
$self->cipher_needs_iv(0);
# The RC4 cipher can use any key length: see rc4.doc in old SSLeay
# distributions.
$self->query_key_len(-min => 1, -default => 16);
}
sub configure_idea_cipher {
my $self = shift;
my %cipher_funcs = (
CIPHER_MODE_ECB, 'EVP_idea_ecb()',
CIPHER_MODE_CBC, 'EVP_idea_cbc()',
CIPHER_MODE_CFB, 'EVP_idea_cfb()',
CIPHER_MODE_OFB, 'EVP_idea_ofb()'
);
my $cipher_mode = $self->query_cipher_mode();
$self->cipher_func($cipher_funcs{$cipher_mode});
$self->cipher_needs_iv(1);
# The IDEA cipher can only use a 16 byte key: see idea.doc in old SSLeay
# distributions.
$self->query_key_len(-fixed => 16);
}
sub configure_rc2_cipher {
my $self = shift;
my %cipher_funcs = (
CIPHER_MODE_ECB, 'EVP_rc2_ecb()',
CIPHER_MODE_CBC, 'EVP_rc2_cbc()',
CIPHER_MODE_CFB, 'EVP_rc2_cfb()',
CIPHER_MODE_OFB, 'EVP_rc2_ofb()'
);
my $cipher_mode = $self->query_cipher_mode();
$self->cipher_func($cipher_funcs{$cipher_mode});
$self->cipher_needs_iv(1);
# The RC2 cipher can use any key length from 1 to 128 bytes: see RFC 2268.
$self->query_key_len(-min => 1, -max => 128, -default => 16);
# The RC2 cipher also has a parameter called "effective key bits".
$self->query_rc2_key_bits();
}
sub configure_desx_cipher {
my $self = shift;
$self->cipher_func('EVP_desx_cbc()');
$self->cipher_needs_iv(1);
# The DESX cipher can only use a 24 byte key: see des.pod in recent OpenSSL
# distributions.
$self->query_key_len(-fixed => 24);
}
sub configure_blowfish_cipher {
my $self = shift;
my %cipher_funcs = (
CIPHER_MODE_ECB, 'EVP_bf_ecb()',
CIPHER_MODE_CBC, 'EVP_bf_cbc()',
CIPHER_MODE_CFB, 'EVP_bf_cfb()',
CIPHER_MODE_OFB, 'EVP_bf_ofb()'
);
my $cipher_mode = $self->query_cipher_mode();
$self->cipher_func($cipher_funcs{$cipher_mode});
$self->cipher_needs_iv(1);
# The Blowfish cipher can use any key length up to 72 bytes: see
# blowfish.doc in old SSLeay distributions.
$self->query_key_len(-min => 1, -max => 72, -default => 16);
}
sub configure_null_cipher {
my $self = shift;
$self->cipher_func('EVP_enc_null()');
$self->cipher_needs_iv(0);
# The null cipher does not require a key: it does nothing.
$self->query_key_len(-fixed => 0);
}
sub configure_rc5_cipher {
my $self = shift;
my %cipher_funcs = (
CIPHER_MODE_ECB, 'EVP_rc5_32_12_16_ecb()',
CIPHER_MODE_CBC, 'EVP_rc5_32_12_16_cbc()',
CIPHER_MODE_CFB, 'EVP_rc5_32_12_16_cfb()',
CIPHER_MODE_OFB, 'EVP_rc5_32_12_16_ofb()'
);
my $cipher_mode = $self->query_cipher_mode();
$self->cipher_func($cipher_funcs{$cipher_mode});
$self->cipher_needs_iv(1);
# The RC5 cipher can use any key length from 0 to 255 bytes: see RFC 2040.
$self->query_key_len(-min => 0, -max => 255, -default => 16);
# The RC5 cipher also has a parameter called "number of rounds".
$self->query_rc5_rounds();
}
sub configure_cast5_cipher {
my $self = shift;
my %cipher_funcs = (
CIPHER_MODE_ECB, 'EVP_cast5_ecb()',
CIPHER_MODE_CBC, 'EVP_cast5_cbc()',
CIPHER_MODE_CFB, 'EVP_cast5_cfb()',
CIPHER_MODE_OFB, 'EVP_cast5_ofb()'
);
my $cipher_mode = $self->query_cipher_mode();
$self->cipher_func($cipher_funcs{$cipher_mode});
$self->cipher_needs_iv(1);
# The CAST5 cipher can use any key length from 5 to 16 bytes: see RFC 2144.
$self->query_key_len(-min => 5, -max => 16, -default => 16);
}
sub configure_aes_cipher {
my $self = shift;
my %cipher_funcs = (
CIPHER_MODE_ECB, 'EVP_aes_ecb()',
CIPHER_MODE_CBC, 'EVP_aes_cbc()',
CIPHER_MODE_CFB, 'EVP_aes_cfb()',
CIPHER_MODE_OFB, 'EVP_aes_ofb()'
);
my $cipher_mode = $self->query_cipher_mode();
my $cipher_func = $cipher_funcs{$cipher_mode};
# The AES cipher can only use a 16, 24 or 32 byte key: see FIPS PUB 197. Do
# not offer the choice of 24 or 32 byte keys for 0.9.7 because they do not
# seem to work. I do not know why, and the problem does not seem to occur
# with debug OpenSSL builds, which does not make it very easy to find out
# why.
my $ver_num = $self->ver_num();
if ($ver_num == 90700) {
$self->query_key_len(-fixed => 16);
}
else {
$self->query_key_len(-valid => [16, 24, 32], -default => 32);
}
my $key_len_bits = $self->key_len() * 8;
$cipher_func =~ s/_aes_/_aes_${key_len_bits}_/;
$self->cipher_func($cipher_func);
$self->cipher_needs_iv(1);
}
sub write_cipher_config {
my $self = shift;
open my $cfg_fh, '>', CIPHER_CONFIG_FILENAME or
$self->exit_with_error(130,
"Could not open configuration file '%s' for writing: %s",
CIPHER_CONFIG_FILENAME, $!
);
my $prefix_dir = $self->prefix_dir();
my $ver_str = $self->ver_str();
print $cfg_fh <<"EOT";
/*============================================================================
*
* @{[CIPHER_CONFIG_FILENAME]}
*
* DESCRIPTION
* Cipher configuration file for Filter::Crypto modules.
*
* DO NOT EDIT THIS FILE!
*
* This file is written by Makefile.PL from its command-line option values
* and/or default values. Any changes made here will be lost the next time
* Makefile.PL is run.
*
* Created at @{[scalar localtime]} by Perl version $], installed as
* $^X
*
* Configured against OpenSSL version $ver_str, installed under
* $prefix_dir
*
*============================================================================*/
EOT
Makefile.PL view on Meta::CPAN
=item B<--defaults>
Specify that the default value indicated below of each option that is not
specified by the relevant command-line option will be used instead of prompting
the user for a response.
=item B<-d E<lt>dirE<gt>>, B<--prefix-dir=E<lt>dirE<gt>>
Specify the OpenSSL or SSLeay prefix directory. This is used to determine the
include and library directories.
By default, B<Makefile.PL> will look for an B<openssl> or B<ssleay> binary
executable and determine the prefix directory from that. Failing that, the
default prefix directory as specified in the latest OpenSSL's own F<INSTALL>
file will be assumed, namely F</usr/local/ssl>, or F<C:\openssl> on "native"
(i.e. non-Cygwin) Windows platforms.
=item B<-c E<lt>fileE<gt>>, B<--cipher-config=E<lt>fileE<gt>>
Specify the cipher configuration file with which to build. This should be a
file written by a previous run of B<Makefile.PL> containing the answers to all
the cipher configuration questions, which therefore will not be asked this time.
Any cipher configuration options specified along with this option will be
ignored.
This is useful if you ever need to rebuild this distribution using the same
configuration as was used on a previous occasion, for example, if you are
setting up two separate Perl installations, one containing the
Filter::Crypto::CryptFile module and another containing only the
Filter::Crypto::Decrypt module, as described under the B<--build> option above.
=item B<-n E<lt>nameE<gt>>, B<--cipher-name=E<lt>nameE<gt>>
Specify the name of the cipher algorithm to use. The ciphers available will be
a subset of the following (depending on which version of OpenSSL or SSLeay you
are using and whether any of them were disabled when it was built):
DES (A block cipher with fixed key length)
DES_EDE (A block cipher with fixed key length)
DES_EDE3 (A block cipher with fixed key length)
RC4 (A stream cipher with variable key length)
IDEA (A block cipher with fixed key length)
RC2 (A block cipher with variable key length)
DESX (A block cipher with fixed key length)
Blowfish (A block cipher with variable key length)
Null (The null cipher with zero key length)
RC5 (A block cipher with variable key length)
CAST5 (A block cipher with variable key length)
AES (A block cipher with variable key length)
The default cipher is AES if it is available, or else DES_EDE3 if that is
available, or else whichever one nearest the end of the list above is available.
=item B<-m E<lt>modeE<gt>>, B<--cipher-mode=E<lt>modeE<gt>>
Specify the mode of operation if a block cipher was chosen above. The following
modes are available:
ECB (Electronic Codebook Mode)
CBC (Cipher Block Chaining Mode)
CFB (64-Bit Cipher Feedback Mode)
OFB (64-Bit Output Feedback Mode)
The CBC mode is used by default.
This option is ignored for the DESX block cipher (which is only available in CBC
mode) and for the stream cipher(s) and the null cipher.
=item B<-p {E<lt>pswdE<gt>|rand}>, B<--pswd={E<lt>pswdE<gt>|rand}>
Specify the password from which to derive the key used for the encryption or
decryption. (This is known as "password-based encryption" (PBE).) The special
value "rand" means that a 32-byte password will be randomly generated using the
random number generator specified by the B<--rng> option.
The key will be derived using the PBKDF2 algorithm defined in PKCS#5 v2.0 (which
is also available as RFC2898). An 8-byte random salt and 2048 iterations are
used. A random initialization vector (IV) is also generated if required. When
encrypting, both the salt and IV are prepended to the ciphertext so that they
may be recovered for use when decrypting.
Alternatively, the key may be specified directly (or randomly generated) using
the B<--key> option below. If both options are given then B<--pswd> is used and
B<--key> is silently ignored.
Note that password-based encryption is preferable to using a fixed key if you
are going to be encrypting many files because the key used in the PBE scheme
will be different for each file that you encrypt because it is derived afresh
for each file using a new random salt. (This, of course, is exactly the point
of the salt.) Using the same key repeatedly is vulnerable to "dictionary
attacks", particularly if part of the files being encrypted is known or
predictable, for example, a header section like that used at the top of the
source files in this distribution.
A randomly generated password is used by default.
=item B<-k {E<lt>keyE<gt>|rand}>, B<--key={E<lt>keyE<gt>|rand}>
Specify the key if anything other than the null cipher was chosen above. The
special value "rand" means that a key of the appropriate length will be randomly
generated using the random number generator specified by the B<--rng> option.
If a key length is also specified using the B<--key-len> option below, or if you
have chosen a fixed key length cipher, then the length of any key specified here
must match the relevant key length.
An N-byte key must be specified as a string of 2*N hexadecimal digits where each
pair of such digits represents one byte of the key (with the high nybble first).
This is the format produced by Perl's built-in C<unpack()> function with the 'H'
template character, i.e.
$hexdigits = unpack 'H*', $bytes;
The key specified (or randomly generated) by this option is used directly
without being processed by any key derivation algorithm. For password-based
encryption, use the B<--pswd> option above. If both options are given then
B<--pswd> is used and B<--key> is silently ignored.
Note that password-based encryption is preferable to using a fixed key if you
are going to be encrypting many files. See the description of the B<--pswd>
option above for an explanation.
A randomly generated password [sic] is used by default.
=item B<-r E<lt>rngE<gt>>, B<--rng=E<lt>rngE<gt>>
Makefile.PL view on Meta::CPAN
header file, is not in a format that is recognized.
=item Warning: Ignoring Cygwin OpenSSL binary '%s' on Win32
(W) The main OpenSSL binary executable found in the PATH when trying to locate
the OpenSSL to use turned out to be a Cygwin binary, which is of no use with the
Win32 perl that is being used and will therefore be ignored.
=back
=head1 EXAMPLES
=over 4
=item [UNIX] You have installed OpenSSL in F</usr/local>
Type
perl Makefile.PL -d /usr/local
The OpenSSL include and library directories F</usr/local/include> and
F</usr/local/lib> respectively will be used. The user will be prompted for the
answers to other configuration questions.
=item [Win32] You have built OpenSSL in F<C:\Temp\openssl-0.9.7e>
Type
perl Makefile.PL -d C:\Temp\openssl-0.9.7e
The OpenSSL include and library directories F<C:\Temp\openssl-0.9.7e\inc32> and
F<C:\Temp\openssl-0.9.7e\out32dll> respectively will be used: these are detected
automatically in the absence of F<include\> and F<lib\> sub-directories on
"native" Windows platforms. The user will be prompted for the answers to other
configuration questions.
=item You want to run B<Makefile.PL> non-interactively
If you are happy with the default values of each option then just type
perl Makefile.PL --defaults
If you want to override the default value of one or more options but accept the
default values for the rest then you can do so, e.g.
perl Makefile.PL --defaults -n DES
This will use the DES cipher instead of the default AES (or DES_EDE3) cipher,
but is otherwise a default configuration with no questions asked.
Note that this style of accepting all default values except for specifically
overridden ones applies equally well to the prefix directory option, so creating
a default configuration with a non-standard OpenSSL installation location can be
easily handled, e.g.
perl Makefile.PL --defaults -d /usr/local
Alternatively, you can explicitly provide values for every option that would
otherwise cause an interactive prompt to be given, e.g.
perl Makefile.PL -b both -n AES -m CBC -l 32 -p rand -r openssl -i y
This will use the AES cipher in CBC mode with a 32-byte key derived from a
password randomly generated by B<openssl>; the B<crypt_file> script will be
installed. If the OpenSSL or SSLeay prefix directory is not in one of the
locations in which it can be found automatically by B<Makefile.PL> then use the
B<-d> option as shown in the previous examples too.
=back
=head1 ENVIRONMENT
Any standard ExtUtils::MakeMaker environment variables may be used, namely:
=over 4
=item PERL_MM_OPT
Specify ExtUtils::MakeMaker command-line arguments to be prepended to the list
of command-line arguments before its argument processing takes place.
Note that as far as quoting and escaping is concerned, the environment variable
value is not interpreted in the same way as the Bourne shell would interpret the
corresponding command-line. Instead, it is simply split on whitespace before
being processed.
Also, bear in mind the caveat regarding the use of ExtUtils::MakeMaker command-
line arguments under L<"ARGUMENTS"> above.
=item PERL_MM_USE_DEFAULT
If set to a true value then the default value (indicated under L<"OPTIONS">
above) of each option that is not specified on the command-line will be used
instead of prompting the user for a response.
=back
=head1 SEE ALSO
The F<INSTALL> file;
L<ExtUtils::MakeMaker>.
=head1 ACKNOWLEDGEMENTS
The C<MY::test()> override method is based on code taken from that in the
top-level B<Makefile.PL> script in the Tk distribution (version 804.032),
written by Nick Ing-Simmons.
The C<can_run()> method in the Filter::Crypto::_ConfigureBuild class is based on
code taken from the C<can_run()> method in the standard library module IPC::Cmd
(version 0.92), written by Jos Boumans and currently maintained by Chris
Williams.
The C<use_default_response()> and C<isa_tty()> methods in the
Filter::Crypto::_ConfigureBuild class are based on code taken from the
C<prompt()> function in the standard library module ExtUtils::MakeMaker (version
6.92), written by Andy Dougherty, Andreas Koenig and Tim Bunce, and currently
maintained by Michael G Schwern.
=head1 AUTHOR
Steve Hay E<lt>L<shay@cpan.org|mailto:shay@cpan.org>E<gt>.
( run in 0.673 second using v1.01-cache-2.11-cpan-e1769b4cff6 )