Crypt-ECDH_ES
view release on metacpan - search on metacpan
view release on metacpan or search on metacpan
lib/Crypt/ECDH_ES.pm view on Meta::CPAN
my $pad_length = 16 - length($data) % 16;
my $padding = chr($pad_length) x $pad_length;
my $ciphertext = $cipher->encrypt($data . $padding, $iv);
my $mac = hmac_sha256($iv . $ciphertext, $sign_key);
return pack $format_unauthenticated, '', $public, $mac, $ciphertext;
}
sub ecdhes_decrypt {
my ($private_key, $packed_data) = @_;
my ($options, $public, $mac, $ciphertext) = unpack $format_unauthenticated, $packed_data;
croak 'Unknown options' if $options ne '';
my $shared = curve25519_shared_secret($private_key, $public);
my ($encrypt_key, $sign_key) = unpack 'a16 a16', sha256($shared);
my $iv = substr sha256($public), 0, 16;
croak 'MAC is incorrect' if hmac_sha256($iv . $ciphertext, $sign_key) ne $mac;
my $cipher = Crypt::Rijndael->new($encrypt_key, Crypt::Rijndael::MODE_CBC);
my $plaintext = $cipher->decrypt($ciphertext, $iv);
my $pad_length = ord substr $plaintext, -1;
substr($plaintext, -$pad_length, $pad_length, '') eq chr($pad_length) x $pad_length or croak 'Incorrectly padded';
return $plaintext;
}
my $format_authenticated = 'C/a C/a C/a C/a N/a';
sub ecdhes_encrypt_authenticated {
my ($public_key_other, $private_key_self, $data) = @_;
my $public_key_self = curve25519_public_key($private_key_self);
my $private_ephemeral = curve25519_secret_key(urandom(32));
my $ephemeral_public = curve25519_public_key($private_ephemeral);
my $primary_shared = curve25519_shared_secret($private_ephemeral, $public_key_other);
my ($primary_encrypt_key, $primary_iv) = unpack 'a16 a16', sha256($primary_shared);
my $primary_cipher = Crypt::Rijndael->new($primary_encrypt_key, Crypt::Rijndael::MODE_CBC);
my $encrypted_public_key = $primary_cipher->encrypt($public_key_self, $primary_iv);
my $secondary_shared = $primary_shared . curve25519_shared_secret($private_key_self, $public_key_other);
my ($secondary_encrypt_key, $sign_key) = unpack 'a16 a16', sha256($secondary_shared);
my $cipher = Crypt::Rijndael->new($secondary_encrypt_key, Crypt::Rijndael::MODE_CBC);
my $iv = substr sha256($ephemeral_public), 0, 16;
my $pad_length = 16 - length($data) % 16;
my $padding = chr($pad_length) x $pad_length;
my $ciphertext = $cipher->encrypt($data . $padding, $iv);
my $mac = hmac_sha256($iv . $ciphertext, $sign_key);
return pack $format_authenticated, "\x{1}", $ephemeral_public, $encrypted_public_key, $mac, $ciphertext;
}
sub ecdhes_decrypt_authenticated {
my ($private_key, $packed_data) = @_;
my ($options, $ephemeral_public, $encrypted_public_key, $mac, $ciphertext) = unpack $format_authenticated, $packed_data;
croak 'Unknown options' if $options ne "\x{1}";
my $primary_shared = curve25519_shared_secret($private_key, $ephemeral_public);
my ($primary_encrypt_key, $primary_iv) = unpack 'a16 a16', sha256($primary_shared);
my $primary_cipher = Crypt::Rijndael->new($primary_encrypt_key, Crypt::Rijndael::MODE_CBC);
my $public_key = $primary_cipher->decrypt($encrypted_public_key, $primary_iv);
my $secondary_shared = $primary_shared . curve25519_shared_secret($private_key, $public_key);
my ($secondary_encrypt_key, $sign_key) = unpack 'a16 a16', sha256($secondary_shared);
my $cipher = Crypt::Rijndael->new($secondary_encrypt_key, Crypt::Rijndael::MODE_CBC);
my $iv = substr sha256($ephemeral_public), 0, 16;
croak 'MAC is incorrect' if hmac_sha256($iv . $ciphertext, $sign_key) ne $mac;
my $plaintext = $cipher->decrypt($ciphertext, $iv);
my $pad_length = ord substr $plaintext, -1;
substr($plaintext, -$pad_length, $pad_length, '') eq chr($pad_length) x $pad_length or croak 'Incorrectly padded';
return ($plaintext, $public_key);
view release on metacpan - search on metacpan
( run in 1.219 second using v1.00-cache-2.02-grep-82fe00e-cpan-2cc899e4a130 )