view release on metacpan or  search on metacpan

Nettle.xs  view on Meta::CPAN

  const struct nettle_cipher * ciphertype;
  int is_encrypt;
  enum cnc_cipher_mode mode;
  void* cipher_context;
  void* chain_state;
};
typedef struct Crypt_Nettle_Cipher_s *Crypt_Nettle_Cipher;

struct Crypt_Nettle_RSA_s {
  struct rsa_public_key * public_key;
  struct rsa_private_key * private_key;
};
typedef struct Crypt_Nettle_RSA_s *Crypt_Nettle_RSA;

typedef int(*_cnrsa_sign_func)(const struct rsa_private_key*, void*, mpz_t);
typedef int(*_cnrsa_verify_func)(const struct rsa_public_key*, void*, const mpz_t);

struct cnrsa_hash {
   const struct nettle_hash * hash;
   _cnrsa_sign_func sign;
   int (*sign_digest)(const struct rsa_private_key*, const uint8_t*, mpz_t);
   _cnrsa_verify_func verify;
   int (*verify_digest)(const struct rsa_public_key*, const uint8_t*, const mpz_t);
};

const struct cnrsa_hash 
_cnrsa_hashes_available[] = {
  { &nettle_md5, (_cnrsa_sign_func)rsa_md5_sign, rsa_md5_sign_digest, (_cnrsa_verify_func)rsa_md5_verify, rsa_md5_verify_digest },
  { &nettle_sha1, (_cnrsa_sign_func)rsa_sha1_sign, rsa_sha1_sign_digest, (_cnrsa_verify_func)rsa_sha1_verify, rsa_sha1_verify_digest },
  { &nettle_sha256, (_cnrsa_sign_func)rsa_sha256_sign, rsa_sha256_sign_digest, (_cnrsa_verify_func)rsa_sha256_verify, rsa_sha256_verify_digest },
  { &nettle_sha512, (_cnrsa_sign_func)rsa_sha512_sign, rsa_sha512_sign_digest, (_cnrsa_verify_func)rsa_sha512_verify, rsa_sha512_verify_digest }

lib/Crypt/Nettle/RSA.pm  view on Meta::CPAN

 my @algos = Crypt::Nettle::RSA::hashes_available();

=head1 KEY CREATION

=head2 new_public_key($n, $e)

Create a new public key from the modulus and the exponent of the
public key. (see DATA REPRESENTATIONS below for how to format $n and
$e)

=head2 new_private_key($d, $p, $q)

Create a new private key from the private exponent and the two prime
factors. (see DATA REPRESENTATIONS below for how to format $d, $p and
$q)

=head2 generate_keypair($yarrow, $bits, $e = 65537)

Create a new private key of size $bits from a well-seeded random
number generator (see Crypt::Nettle::Yarrow).  You can select the
exponent manually via $e, though the default is probably fine.


=head1 KEY USE

=head2 rsa_sign($digest_algo, $data)

Return a packed binary string that is the key's signature over $data.

 my $sig = $private_key->rsa_sign('sha1', 'This is a test message');
 printf('Signature: 0x%s\n', unpack('H*', $sig));

Returns undefined if there was an error.

=head2 rsa_verify($digest_algo, $data, $signature)

Returns 1 if this public key was the author of $signature over $data.

Returns 0 if the signature did not check out.

Return undefined if there was an error.

 my $ret = $private_key->rsa_verify('sha1', 'This is a test message', $sig);
 printf('Signature: %s\n', (defined($ret) ? ($ret ? 'OK' : 'BAD') : 'ERROR'));

=head2 rsa_sign_hash_context($hash_ctx)

=head2 rsa_verify_hash_context($hash_ctx, $signature)

These functions let you pass a Crypt::Nettle::Digest object for RSA
signature/verification instead of needing to keep the entire $data in
memory.  Here's signing:

 my $hash = Crypt::Nettle::Hash->new('sha1');
 $hash->update($data);
 # ... more update()s ...
 my $sig = $private_key->rsa_sign_hash_context($hash);

And verifying:

 my $hash = Crypt::Nettle::Hash->new('sha1');
 $hash->update($data);
 # ... more update()s ...
 my $ok = $public_key->rsa_verify_hash_context($hash, $sig);

Note that the $hash_ctx will be re-initialized after calling either of
these functions.  If you don't want that to happen, consider passing