view release on metacpan or search on metacpan
lib/Crypt/JWT.pm view on Meta::CPAN
else {
# handle also: Crypt::OpenSSL::RSA, Crypt::X509, Crypt::OpenSSL::X509
my $str;
if (ref($key) eq 'Crypt::OpenSSL::RSA') {
# https://metacpan.org/pod/Crypt::OpenSSL::RSA
$str = $key->is_private ? $key->get_private_key_string : $key->get_public_key_string;
}
elsif (ref($key) =~ /^Crypt::(X509|OpenSSL::X509)$/) {
# https://metacpan.org/pod/Crypt::X509
# https://metacpan.org/pod/Crypt::OpenSSL::X509
$str = $key->pubkey;
lib/Crypt/JWT.pm view on Meta::CPAN
#instance of Crypt::PK::RSA
my $data = decode_jwt(token=>$t, key=>Crypt::PK::RSA->new('keyfile.pem'));
my $data = decode_jwt(token=>$t, key=>Crypt::PK::RSA->new(\$pem_key_string));
#instance of Crypt::OpenSSL::RSA
my $data = decode_jwt(token=>$t, key=>Crypt::OpenSSL::RSA->new_private_key($pem_key_string));
#instance of Crypt::X509 (public key only)
my $data = decode_jwt(token=>$t, key=>Crypt::X509->new(cert=>$cert));
#instance of Crypt::OpenSSL::X509 (public key only)
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/LE.pm view on Meta::CPAN
my ($self, $file) = @_;
$self->_reset_key;
my $key = $self->_file($file);
return $self->_status(READ_ERROR, "Key reading error.") unless $key;
eval {
$key = Crypt::OpenSSL::RSA->new_private_key($self->_convert($key, 'RSA PRIVATE KEY'));
};
return $self->_status(LOAD_ERROR, "Key loading error.") if $@;
return $self->_set_key($key, "Account key loaded.");
}
lib/Crypt/LE.pm view on Meta::CPAN
sub generate_account_key {
my $self = shift;
my ($pk, $err, $code) = _key();
return $self->_status(INVALID_DATA, $err||"Could not generate account key") unless $pk;
my $key = Crypt::OpenSSL::RSA->new_private_key(Net::SSLeay::PEM_get_string_PrivateKey($pk));
_free(k => $pk);
return $self->_set_key($key, "Account key generated.");
}
=head2 account_key()
lib/Crypt/LE.pm view on Meta::CPAN
}
sub _set_key {
my $self = shift;
my ($key, $msg) = @_;
my $pem = $key->get_private_key_string;
my ($n, $e) = $key->get_key_parameters;
return $self->_status(INVALID_DATA, "Key modulus is divisible by a small prime and will be rejected.") if $self->_is_divisible($n);
$key->use_pkcs1_padding;
$key->use_sha256_hash;
$self->{key_params} = { n => $n, e => $e };
view all matches for this distribution
view release on metacpan or search on metacpan
}
BIO_free(b);
}
else {
//we got an engine
if(!(key = ENGINE_load_private_key(config->handle->configuration->engine, key_str, NULL, NULL))) {
scep_log(config->handle, ERROR, "Loading private key from engine failed");
create_err_msg(config, NULL);
}
}
return key;
view all matches for this distribution
view release on metacpan or search on metacpan
t/compat_pqclean.t view on Meta::CPAN
# followed by the raw Falcon-512 signature of hash256(sign_data)
my $sign_hex = "813961c32c0fcc6132c89b74f34894091d4d598c53d284597e7fcf2bace22a41460fb99436f82c151b73836a237a164acde34ff0080eee10be36bcc8545168c22d99deca8d0e25c8e7732f51c419679e05c19670c8497a9760670e3b07f88ad2f850abe77243c0d495f5bf9265a5d887af8da87057...
# The private key from the test contains both private (1281 bytes) and public (897 bytes) key
# We only need the public key (last 897 bytes) for verification
my $private_key_wif = "2Ha9HXWeaemt4enETPZ8WJnH8GqJg1DvbUdoj6g8mLrKZu6aF94UT93nr3VrcaVSyUcFagmrg6SPPGazuPJPKyw4SoFxEjQxMJKzSi3Pawb8NC2cW69eBzaxMU1H7qrKPkGJ7Nmkb4hbxgLdGGHVhyHgshq4nrvAy8v8C5JvYmoSC9bN6cSL7DAk3gxLYyJWtcN5M6U7JpnFTFuW7PSNMD3hzJQomGgaxwL...
# Decode the WIF-encoded private key (base58check)
use Math::BigInt;
my @B58_CHARS = split //, '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
t/compat_pqclean.t view on Meta::CPAN
}
return $bytes;
}
# Decode private key from WIF format
my $raw = decode_base58($private_key_wif);
# WIF format: version_byte(1) + payload + checksum(4)
# Strip version byte and checksum
my $pk_data = substr($raw, 1, length($raw) - 5);
# pk_data should be 2178 bytes (1281 private + 897 public)
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/MatrixSSL3.pm view on Meta::CPAN
# based on the requested hostname
# virtual host 0 (also referred in the code as SNI entry 0)
{
'hostname' => 'hostname', # regular expression for matching the hostname
'cert' => '/path/to/certificate;/path/to/CA-chain', # KEY - certificate (the CA-chain is optional)
'key' => '/path/to/private_key', # KEY - private key
'DH_param' => /path/to/DH_params', # KEY - file containing the DH parameter used with DH ciphers
'session_ticket_keys' => { # session tickets setup
'id' => '1234567890123456', # KEY - TLS session tickets - 16 bytes unique identifier
'encrypt_key' => '12345678901234567890123456789012', # KEY - TLS session tickets - 128/256 bit encryption key
'hash_key' => '12345678901234567890123456789012', # KEY - TLS session tickets - 256 bit hash key
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Net/NSS/SSL.pm view on Meta::CPAN
=item listen ( $queue_length : integer )
Listens for connections on the socket. The optional argument I<$queue_length> is the maximum length of the queue of
pending connections. Defaults to 10.
=item configure_as_server ( $certificate : Crypt::NSS::Certificate, $private_key : Crypt::NSS::PrivateKey )
Configures a listening socket with the information needed to handshake as a SSL server.
=item accept ( ) : Net::NSS::SSL
=item accept ( $timeout : integer ) : Net::NSS::SSL
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/Nettle/RSA.pm view on Meta::CPAN
Create a new public key from the modulus and the exponent of the
public key. (see DATA REPRESENTATIONS below for how to format $n and
$e)
=head2 new_private_key($d, $p, $q)
Create a new private key from the private exponent and the two prime
factors. (see DATA REPRESENTATIONS below for how to format $d, $p and
$q)
lib/Crypt/Nettle/RSA.pm view on Meta::CPAN
=head2 rsa_sign($digest_algo, $data)
Return a packed binary string that is the key's signature over $data.
my $sig = $private_key->rsa_sign('sha1', 'This is a test message');
printf('Signature: 0x%s\n', unpack('H*', $sig));
Returns undefined if there was an error.
=head2 rsa_verify($digest_algo, $data, $signature)
lib/Crypt/Nettle/RSA.pm view on Meta::CPAN
Returns 0 if the signature did not check out.
Return undefined if there was an error.
my $ret = $private_key->rsa_verify('sha1', 'This is a test message', $sig);
printf('Signature: %s\n', (defined($ret) ? ($ret ? 'OK' : 'BAD') : 'ERROR'));
=head2 rsa_sign_hash_context($hash_ctx)
=head2 rsa_verify_hash_context($hash_ctx, $signature)
lib/Crypt/Nettle/RSA.pm view on Meta::CPAN
memory. Here's signing:
my $hash = Crypt::Nettle::Hash->new('sha1');
$hash->update($data);
# ... more update()s ...
my $sig = $private_key->rsa_sign_hash_context($hash);
And verifying:
my $hash = Crypt::Nettle::Hash->new('sha1');
$hash->update($data);
lib/Crypt/Nettle/RSA.pm view on Meta::CPAN
my $hash = Crypt::Nettle::Hash->new('sha1');
$hash->update($data);
# ... more update()s ...
my $digest = $hash->digest();
my $sig = $private_key->rsa_sign_digest('sha1', $digest);
And verifying:
my $hash = Crypt::Nettle::Hash->new('sha1');
$hash->update($data);
view all matches for this distribution
view release on metacpan or search on metacpan
t/02.derive_key_pair.t view on Meta::CPAN
my $hash_name = 'SHA256';
my $expand_message_func = \&expand_message_xmd;
my $ec_key_r = derive_key_pair($group_name, $seed, $info, "DeriveKeyPair".$context_string, $hash_name, $expand_message_func);
#my $skS_bn = $skS->get0_private_key();
is($ec_key_r->{priv_bn}->to_hex(), 'E7DB44B7F7495298770AF98417FDEEC6C8299562325E9330A79EEBF3D2A1A765', 'derive_key_pair');
done_testing;
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/OPRF.pm view on Meta::CPAN
#my $pkS_point = $ec_key_r->{pub_point};
#my $skS_key = Crypt::OpenSSL::EC::EC_KEY::new();
#$skS_key->set_group($group);
#$skS_key->set_private_key($skS);
#my $pkS_point = Crypt::OpenSSL::EC::EC_KEY::get0_public_key($skS_key);
#my $pkS_key = Crypt::OpenSSL::EC::EC_KEY::new();
#Crypt::OpenSSL::EC::EC_KEY::set_group($pkS_key, $group);
#Crypt::OpenSSL::EC::EC_KEY::set_public_key($pkS_key, $pkS_point);
view all matches for this distribution
view release on metacpan or search on metacpan
crypt-otr.h view on Meta::CPAN
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define PRIVKEY_FILE_NAME "otr.private_key"
#define STORE_FILE_NAME "otr.fingerprints"
// max message size
const unsigned int CRYPT_OTR_MAX_SIZE = 65535;
view all matches for this distribution
view release on metacpan or search on metacpan
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &priv_bn);
if(priv_bn==NULL){
EVP_PKEY_get_raw_private_key(pkey, NULL, &priv_len);
priv = OPENSSL_malloc(priv_len);
EVP_PKEY_get_raw_private_key(pkey, priv, &priv_len);
priv_bn = BN_bin2bn(priv, priv_len, NULL);
OPENSSL_free(priv);
}
nid = OBJ_sn2nid(group_name);
priv = OPENSSL_hexstr2buf(priv_hex, &priv_len);
if(priv){
pkey = EVP_PKEY_new_raw_private_key(nid, NULL, priv, priv_len);
}else{
ctx = EVP_PKEY_CTX_new_id(nid, NULL);
if(ctx){
EVP_PKEY_keygen_init(ctx);
EVP_PKEY_keygen(ctx, &pkey);
view all matches for this distribution
view release on metacpan or search on metacpan
BaseFunc.xs view on Meta::CPAN
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &priv_bn);
if(priv_bn==NULL){
EVP_PKEY_get_raw_private_key(pkey, NULL, &priv_len);
priv = OPENSSL_malloc(priv_len);
EVP_PKEY_get_raw_private_key(pkey, priv, &priv_len);
priv_bn = BN_bin2bn(priv, priv_len, NULL);
OPENSSL_free(priv);
}
BaseFunc.xs view on Meta::CPAN
nid = OBJ_sn2nid(group_name);
priv = OPENSSL_hexstr2buf(priv_hex, &priv_len);
if(priv){
pkey = EVP_PKEY_new_raw_private_key(nid, NULL, priv, priv_len);
}else{
ctx = EVP_PKEY_CTX_new_id(nid, NULL);
if(ctx){
EVP_PKEY_keygen_init(ctx);
EVP_PKEY_keygen(ctx, &pkey);
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/OpenSSL/CA.pm view on Meta::CPAN
my $dn = Crypt::OpenSSL::CA::X509_NAME->new
(C => "fr", CN => "test");
my $privkey = Crypt::OpenSSL::CA::PrivateKey
->parse($pem_private_key, -password => "secret");
my $pubkey = $privkey->get_public_key;
my $x509 = Crypt::OpenSSL::CA::X509->new($pubkey);
$x509->set_serial("0xdeadbeef");
$x509->set_subject_DN($dn);
lib/Crypt/OpenSSL/CA.pm view on Meta::CPAN
memcpy(buf, password, pwlength);
return pwlength;
}
/* Ditto, but using the ui_method API. Callback invoked by
ENGINE_load_private_key when parsing an engine-based
private key */
/* UNIMPLEMENTED */
static
SV* _parse(char *class, const char* pemkey, SV* svpass,
lib/Crypt/OpenSSL/CA.pm view on Meta::CPAN
}
/* UNIMPLEMENTED: must parse from memory not file; must coerce
that wonky ui_method stuff into * passing C<pass> to the
engine */
/* pkey = (EVP_PKEY *)ENGINE_load_private_key
(e, file, ui_method, (void *) pass); */
} else {
keybio = BIO_new_mem_buf((void *) pemkey, -1);
if (keybio == NULL) {
croak("BIO_new failed");
lib/Crypt/OpenSSL/CA.pm view on Meta::CPAN
=cut
subtest "synopsis" => sub {
my $synopsis = My::Tests::Below->pod_code_snippet("synopsis");
$synopsis = <<'PREAMBLE' . $synopsis;
my $pem_private_key = $test_keys_plaintext{rsa1024};
PREAMBLE
eval $synopsis; die $@ if $@;
pass;
};
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/OpenSSL/Cloner.pm view on Meta::CPAN
sub _gen_new_ca {
my ($self,$dn_hash) = @_;
my $rsa = Crypt::OpenSSL::RSA->generate_key($PREFERRED_KEYLENGTH);
my $privkey = Crypt::OpenSSL::CA::PrivateKey->parse(
$rsa->get_private_key_string
);
my $ca = Crypt::OpenSSL::CA::X509->new($privkey->get_public_key);
my $dn = Crypt::OpenSSL::CA::X509_NAME->new(%$dn_hash);
my $keyid = $privkey->get_public_key->get_openssl_keyid();
die "Need Distinguished Name for CA" if !$dn_hash;
lib/Crypt/OpenSSL/Cloner.pm view on Meta::CPAN
#$ca->set_extension("keyUsage" =>
# "digitalSignature, nonRepudiation,".
# "keyEncipherment, dataEncipherment, keyAgreement,".
# "keyCertSign, cRLSign");
my $crt_text = $ca->sign($privkey, $PREFERRED_ALG);
return [$ca,$privkey,$crt_text,$rsa->get_private_key_string];
}
sub new {
my ($cls,%opts) = @_;
my $self = {};
lib/Crypt/OpenSSL/Cloner.pm view on Meta::CPAN
}
sub clone_cert {
my ($self,$pem,$domain_name) = @_;
my $keystr = Crypt::OpenSSL::RSA->generate_key(1024)->get_private_key_string();
my $privkey = Crypt::OpenSSL::CA::PrivateKey->parse($keystr);
my $new_cert = Crypt::OpenSSL::CA::X509->new($privkey->get_public_key);
my $alt_name_string = ($domain_name) ? "DNS:$domain_name" : "";
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/OpenSSL/Common.pm view on Meta::CPAN
# A missing C::O::RSA method
sub Crypt::OpenSSL::RSA::new_from_file {
my($proto, $file) = @_;
open(my $pkfh, '<', $file) or die "Can't open key file: $!\n";
local $/ = undef;
return $proto->new_private_key(<$pkfh>);
}
require XSLoader;
XSLoader::load('Crypt::OpenSSL::Common', $VERSION);
lib/Crypt/OpenSSL/Common.pm view on Meta::CPAN
The first time that your program uses this module, the OpenSSL is properly initialized.
This initialization loads from the library all the available cryptographic algorithms.
The main visible effect is that some other APIs can now automatically recognize them.
For example, the Crypt::OpenSSL::RSA's new_private_key class method now can handle
I<encrypted> private keys in the same way the C API does, ie. prompting the user for
the I<pass phrase> used to protect the private key.
This initialization can't be properly done in any one of the individual modules.
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/OpenSSL/EC.pm view on Meta::CPAN
key EC_KEY object
group EC_GROUP to use in the EC_KEY object (note: the EC_KEY
object will use an own copy of the EC_GROUP).
return 1 on success and 0 if an error occurred.
=item Crypt::OpenSSL::EC::EC_KEY::set_private_key($key, $prv);
Sets the private key of a EC_KEY object.
key EC_KEY object
prv BIGNUM with the private key (note: the EC_KEY object
will use an own copy of the BIGNUM).
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/OpenSSL/PKCS10.pm view on Meta::CPAN
sub new_from_rsa {
my $self = shift;
my $rsa = shift;
my ($options) = shift || ();
my $priv = $rsa->get_private_key_string();
$self->_new_from_rsa($rsa, $priv, \%{$options});
}
sub new {
lib/Crypt/OpenSSL/PKCS10.pm view on Meta::CPAN
thus you can't use latter object anymore. Avoid this:
my $rsa = Crypt::OpenSSL::RSA->generate_key(512);
my $req = Crypt::OpenSSL::PKCS10->new_from_rsa($rsa);
undef $req;
print $rsa->get_private_key_string();
=head1 SEE ALSO
C<Crypt::OpenSSL::RSA>, C<Crypt::OpenSSL::X509>.
view all matches for this distribution
view release on metacpan or search on metacpan
my $pass = "your password";
my $pkcs12 = Crypt::OpenSSL::PKCS12->new_from_file('cert.p12');
print $pkcs12->certificate($pass);
print $pkcs12->private_key($pass);
if ($pkcs12->mac_ok($pass)) {
...
# Creating a file
=item * ca_certificate( [C<$pass>] )
Get the Base64 representation of the CA certificate chain.
=item * private_key( [C<$pass>] )
Get the Base64 representation of the private key.
=item * as_string( [C<$pass>] )
view all matches for this distribution
view release on metacpan or search on metacpan
croak "unrecognized key format: expected PEM-encoded key (starting with '-----BEGIN') "
. "or DER-encoded key (binary ASN.1 data)";
}
}
sub new_private_key {
my ( $proto, $p_key_string, @rest ) = @_;
croak "unrecognized key format: expected PEM-encoded key (starting with '-----BEGIN') "
. "or DER-encoded key (binary ASN.1 data)"
unless defined $p_key_string && length($p_key_string) > 0;
if ( $p_key_string =~ /^-----/ ) {
return $proto->_new_private_key_pem($p_key_string, @rest);
}
elsif ( substr($p_key_string, 0, 1) eq "\x30" ) {
# ASN.1 SEQUENCE tag detected â likely DER-encoded private key.
return $proto->_new_private_key_der($p_key_string, @rest);
}
else {
croak "unrecognized key format: expected PEM-encoded key (starting with '-----BEGIN') "
. "or DER-encoded key (binary ASN.1 data)";
}
Crypt::OpenSSL::Random::random_seed($good_entropy);
Crypt::OpenSSL::RSA->import_random_seed();
$rsa_pub = Crypt::OpenSSL::RSA->new_public_key($key_string);
$ciphertext = $rsa->encrypt($plaintext);
$rsa_priv = Crypt::OpenSSL::RSA->new_private_key($key_string);
$plaintext = $rsa->decrypt($ciphertext);
$rsa = Crypt::OpenSSL::RSA->generate_key(1024); # or
$rsa = Crypt::OpenSSL::RSA->generate_key(1024, $prime);
print "private key is:\n", $rsa->get_private_key_string();
print "public key (in PKCS1 format) is:\n",
$rsa->get_public_key_string();
print "public key (in X509 format) is:\n",
$rsa->get_public_key_x509_string();
C<use_xxx_padding> methods.
Note, PKCS1_OAEP can only be used for encryption. Call
C<use_pkcs1_pss_padding> or C<use_pkcs1_padding> prior to signing operations.
=item new_private_key
Create a new C<Crypt::OpenSSL::RSA> object by loading a private key in
from a string containing either PEM or DER encoding of the key.
For PEM keys, the string should include the C<-----BEGIN...-----> and
-----BEGIN PUBLIC KEY------
-----END PUBLIC KEY------
and is the format that is produced by running C<openssl rsa -pubout>.
=item get_private_key_string
Return the Base64/DER-encoded PKCS1 representation of the private
key. This string has
header and footer lines:
The cipher algorithm used to protect the private key. Default to
'des3'.
=back
=item get_private_key_pkcs8_string
Return the Base64/DER-encoded PKCS#8 representation of the private
key. This string has header and footer lines:
-----BEGIN PRIVATE KEY-----
This is the format produced by C<openssl pkey -outform PEM>, and is
the private-key counterpart of C<get_public_key_x509_string>.
Accepts the same optional passphrase and cipher-name parameters as
C<get_private_key_string>.
=item encrypt
Encrypt a binary "string" using the public (portion of the) key.
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/OpenSSL/SignCSR.pm view on Meta::CPAN
=head1 SYNOPSIS
use Crypt::OpenSSL::SignCSR;
my $signer = Crypt::OpenSSL::SignCSR->new(
$private_key_pem
{ # OPTIONAL
days => $days, # Number of days for the certificate
digest => $digest, # Signature digest default (SHA256)
format => $format, # Output format "text", "pem" (default) or "der"
});
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/OpenSSL3/PKey.pm view on Meta::CPAN
version 0.010
=head1 SYNOPSIS
my $file = Crypt::OpenSSL3::BIO->new_file('priv.key', 'r');
my $key = Crypt::OpenSSL3::Pkey->read_pem_private_key($file);
my $ctx = Crypt::OpenSSL3::PKey::Context->new($key);
$ctx->sign_init;
my $signature = $ctx->sign($data);
lib/Crypt/OpenSSL3/PKey.pm view on Meta::CPAN
=head1 METHODS
=head2 new
=head2 new_raw_private_key
=head2 new_raw_public_key
=head2 read_der_private_key
=head2 read_der_public_key
=head2 read_pem_private_key
=head2 read_pem_public_key
=head2 write_der_private_key
=head2 write_der_public_key
=head2 write_pem_private_key
=head2 write_pem_public_key
=head2 decode_der_public_key
=head2 decode_der_private_key
=head2 encode_der_public_key
=head2 encode_der_private_key
=head2 can_sign
=head2 digestsign_supports_digest
lib/Crypt/OpenSSL3/PKey.pm view on Meta::CPAN
=head2 get_octet_string_param
=head2 get_param
=head2 get_raw_private_key
=head2 get_raw_public_key
=head2 get_security_bits
view all matches for this distribution
view release on metacpan or search on metacpan
t/lib/CommonTest.pm view on Meta::CPAN
return run command => $openssl_cmd, verbose => $ENV{TEST_DEBUG};
}
sub openssl_decrypt {
my ($self, $private_key_file, $encrypted_data, $mech) = @_;
my $openssl_cmd =
[$self->_openssl, 'rsautl', '-decrypt', '-inkey', $private_key_file];
if ($mech eq 'RSA_PKCS') {
push @$openssl_cmd, '-pkcs';
} elsif ($mech eq 'RSA_PKCS_OAEP') {
push @$openssl_cmd, '-oaep';
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/Perl/PKCS10.pm view on Meta::CPAN
=head1 SYNOPSIS
my $pkcs10 = Crypt::Perl::PKCS10->new(
key => $private_key_obj,
subject => [
commonName => 'foo.com',
localityName => 'somewhere',
#...
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/Protocol/OPRF.pm view on Meta::CPAN
#my $pkS_point = $ec_key_r->{pub_point};
#my $skS_key = Crypt::OpenSSL::EC::EC_KEY::new();
#$skS_key->set_group($group);
#$skS_key->set_private_key($skS);
#my $pkS_point = Crypt::OpenSSL::EC::EC_KEY::get0_public_key($skS_key);
#my $pkS_key = Crypt::OpenSSL::EC::EC_KEY::new();
#Crypt::OpenSSL::EC::EC_KEY::set_group($pkS_key, $group);
#Crypt::OpenSSL::EC::EC_KEY::set_public_key($pkS_key, $pkS_point);
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/RFC8188.pm view on Meta::CPAN
my $MAX_RECORD_SIZE = (2 ** 31) - 1;
# $dh will always be public key data - decode_base64url if necessary
sub derive_key {
my ($mode, $salt, $key, $private_key, $dh, $auth_secret) = @_;
die "Salt must be 16 octets\n" unless $salt and length $salt == 16;
my ($context, $secret) = ("");
if ($dh) {
die "DH requires a private_key\n" unless $private_key;
my $pubkey = Crypt::PK::ECC->new->import_key_raw($dh, 'P-256');
my $encoded = $private_key->export_key_raw('public');
my ($sender_pub_key, $receiver_pub_key) = ($mode eq "encrypt")
? ($encoded, $dh) : ($dh, $encoded);
$context = "WebPush: info\x00" . $receiver_pub_key . $sender_pub_key;
$secret = $private_key->shared_secret($pubkey);
} else {
$secret = $key;
}
die "Unable to determine the secret\n" unless $secret;
my $keyinfo = "Content-Encoding: aes128gcm\x00";
lib/Crypt/RFC8188.pm view on Meta::CPAN
);
}
sub ece_encrypt_aes128gcm {
my (
$content, $salt, $key, $private_key, $dh, $auth_secret, $keyid, $rs,
) = @_;
$salt ||= random_bytes(16);
$rs ||= 4096;
die "Too much content\n" if $rs > $MAX_RECORD_SIZE;
my ($key_, $nonce_) = derive_key(
'encrypt', $salt, $key, $private_key, $dh, $auth_secret,
);
my $overhead = 17;
die "Record size too small\n" if $rs <= $overhead;
my $end = length $content;
my $chunk_size = $rs - $overhead;
lib/Crypt/RFC8188.pm view on Meta::CPAN
((($i + $chunk_size) >= $end) ? "\x02" : "\x01")
;
$result .= $data . $tag;
$counter++;
}
if (!$keyid and $private_key) {
$keyid = $private_key->export_key_raw('public');
} else {
$keyid = encode('UTF-8', $keyid || '', Encode::FB_CROAK | Encode::LEAVE_SRC);
}
die "keyid is too long\n" if length($keyid) > 255;
$salt . pack('L> C', $rs, length $keyid) . $keyid . $result;
}
sub ece_decrypt_aes128gcm {
my (
# no salt, keyid, rs as encoded in header
$content, $key, $private_key, $dh, $auth_secret,
) = @_;
my $id_len = unpack 'C', substr $content, 20, 1;
my $salt = substr $content, 0, 16;
my $rs = unpack 'L>', substr $content, 16, 4;
my $overhead = 17;
die "Record size too small\n" if $rs <= $overhead;
my $keyid = substr $content, 21, $id_len;
$content = substr $content, 21 + $id_len;
if ($private_key and !$dh) {
$dh = $keyid;
} else {
$keyid = decode('UTF-8', $keyid || '', Encode::FB_CROAK | Encode::LEAVE_SRC);
}
my ($key_, $nonce_) = derive_key(
'decrypt', $salt, $key, $private_key, $dh, $auth_secret,
);
my $chunk_size = $rs;
my $result = "";
my $counter = 0;
my $end = length $content;
lib/Crypt/RFC8188.pm view on Meta::CPAN
=head1 SYNOPSIS
use Crypt::RFC8188 qw(ece_encrypt_aes128gcm ece_decrypt_aes128gcm);
my $ciphertext = ece_encrypt_aes128gcm(
$plaintext, $salt, $key, $private_key, $dh, $auth_secret, $keyid, $rs,
);
my $plaintext = ece_decrypt_aes128gcm(
# no salt, keyid, rs as encoded in header
$ciphertext, $key, $private_key, $dh, $auth_secret,
);
=head1 DESCRIPTION
This module implements RFC 8188, the HTTP Encrypted Content Encoding
lib/Crypt/RFC8188.pm view on Meta::CPAN
=head3 $key
A secret key to be exchanged by other means.
=head3 $private_key
The private key of a L<Crypt::PK::ECC> Prime 256 ECDSA key.
=head3 $dh
lib/Crypt/RFC8188.pm view on Meta::CPAN
The plain text.
=head3 $key
=head3 $private_key
=head3 $dh
=head3 $auth_secret
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/RSA/Parse.pm view on Meta::CPAN
=head1 SYNOPSIS
#General-purpose, native RSA or PKCS8 (DER or PEM)
my $public_rsa = Crypt::RSA::Parse::public($key_str);
my $private_rsa = Crypt::RSA::Parse::private($private_key_str);
$public_rsa->exponent(); #alias E()
$public_rsa->modulus(); #isa Math::BigInt, alias N()
$public_rsa->size(); #i.e., the modulus length in bits
view all matches for this distribution
view release on metacpan or search on metacpan
}
#endif
return modexp( plain, e, m );
}
vlong private_key::decrypt( const vlong& cipher )
{
// Calculate values for performing decryption
// These could be cached, but the calculation is quite fast
vlong d = modinv( e, (p-(vlong)1)*(q-(vlong)1) );
vlong u = modinv( p, q );
}
void private_key::MakeMeStr(char * me_str)
{
vlong_pair_2_str (me_str,m,e);
}
void private_key::MakePqStr(char * me_str)
{
vlong_pair_2_str (me_str,p,q);
}
void private_key::MakePq (const char *me_str)
{
str_2_vlong_pair (me_str,p,q);
{
m = p*q;
e = 50001; // must be odd since p-1 and q-1 are even
view all matches for this distribution
view release on metacpan or search on metacpan
SMimeEngine.xs view on Meta::CPAN
destroy_ui_method();
sprintf(errstring, "Error to load engine: %s (%s)", engine_name, libeng_file);
return 1;
}
if( !(pkey = ENGINE_load_private_key(eng, key_file, ui_method, NULL)) ){
destroy_ui_method();
ENGINE_cleanup();
sprintf(errstring, "Error to load private key file: %s", key_file);
return 1;
}
SMimeEngine.xs view on Meta::CPAN
}
// load key
if( eng ){
// ENGINE HW
if( !(pkey = ENGINE_load_private_key(eng, prk, ui_method, NULL)) ){
destroy_ui_method();
ENGINE_cleanup();
sprintf(errstring, "Error to load private key file: %s", prk);
return 1;
}
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Net/SSL.pm view on Meta::CPAN
}
}
# if both configs are set, then verify them
if ($count == 2) {
if (! $ctx->check_private_key) {
croak("Private key and certificate do not match");
}
}
$count; # number of successful cert loads/checks
view all matches for this distribution
view release on metacpan or search on metacpan
lib/Crypt/PK/RSA.pm view on Meta::CPAN
=head1 SYNOPSIS
### OO interface
my $message = 'hello world';
my $private_key = Crypt::PK::RSA->new();
$private_key->generate_key(256, 65537);
my $public_der = $private_key->export_key_der('public');
my $public_key = Crypt::PK::RSA->new(\$public_der);
my $ciphertext = $public_key->encrypt($message);
my $plaintext = $private_key->decrypt($ciphertext);
my $signature = $private_key->sign_message($message, 'SHA256');
$public_key->verify_message($signature, $message, 'SHA256') or die "ERROR";
my $private_der = $private_key->export_key_der('private');
my $private_pem = $private_key->export_key_pem('private');
my $public_pem = $public_key->export_key_pem('public');
=head1 DESCRIPTION
The module provides a full featured RSA implementation.
view all matches for this distribution