1Crypt::AuthEnc::OCB(3)User Contributed Perl DocumentationCrypt::AuthEnc::OCB(3)
2
3
4
6 Crypt::AuthEnc::OCB - Authenticated encryption in OCBv3 mode
7
9 ### OO interface
10 use Crypt::AuthEnc::OCB;
11
12 # encrypt and authenticate
13 my $ae = Crypt::AuthEnc::OCB->new("AES", $key, $nonce, $tag_len);
14 $ae->adata_add('additional_authenticated_data1');
15 $ae->adata_add('additional_authenticated_data2');
16 $ct = $ae->encrypt_add('data1');
17 $ct = $ae->encrypt_add('data2');
18 $ct = $ae->encrypt_add('data3');
19 $ct = $ae->encrypt_last('rest of data');
20 ($ct,$tag) = $ae->encrypt_done();
21
22 # decrypt and verify
23 my $ae = Crypt::AuthEnc::OCB->new("AES", $key, $nonce, $tag_len);
24 $ae->adata_add('additional_authenticated_data1');
25 $ae->adata_add('additional_authenticated_data2');
26 $pt = $ae->decrypt_add('ciphertext1');
27 $pt = $ae->decrypt_add('ciphertext2');
28 $pt = $ae->decrypt_add('ciphertext3');
29 $pt = $ae->decrypt_last('rest of data');
30 ($pt,$tag) = $ae->decrypt_done();
31
32 ### functional interface
33 use Crypt::AuthEnc::OCB qw(ocb_encrypt_authenticate ocb_decrypt_verify);
34
35 my ($ciphertext, $tag) = ocb_encrypt_authenticate('AES', $key, $nonce, $adata, $tag_len, $plaintext);
36 my $plaintext = ocb_decrypt_verify('AES', $key, $nonce, $adata, $ciphertext, $tag);
37
39 This module implements OCB v3 according to
40 <https://tools.ietf.org/html/rfc7253>
41
43 Nothing is exported by default.
44
45 You can export selected functions:
46
47 use Crypt::AuthEnc::OCB qw(ocb_encrypt_authenticate ocb_decrypt_verify);
48
50 ocb_encrypt_authenticate
51 my ($ciphertext, $tag) = ocb_encrypt_authenticate($cipher, $key, $nonce, $adata, $tag_len, $plaintext);
52
53 # $cipher .. 'AES' or name of any other cipher with 16-byte block len
54 # $key ..... AES key of proper length (128/192/256bits)
55 # $nonce ... unique nonce/salt (no need to keep it secret)
56 # $adata ... additional authenticated data
57 # $tag_len . required length of output tag
58
59 ocb_decrypt_verify
60 my $plaintext = ocb_decrypt_verify($cipher, $key, $nonce, $adata, $ciphertext, $tag);
61
62 # on error returns undef
63
65 new
66 my $ae = Crypt::AuthEnc::OCB->new($cipher, $key, $nonce, $tag_len);
67
68 # $cipher .. 'AES' or name of any other cipher with 16-byte block len
69 # $key ..... AES key of proper length (128/192/256bits)
70 # $nonce ... unique nonce/salt (no need to keep it secret)
71 # $tag_len . required length of output tag
72
73 adata_add
74 $ae->adata_add($adata); #can be called multiple times
75
76 encrypt_add
77 $ciphertext = $ae->encrypt_add($data); #can be called multiple times
78
79 #BEWARE: size of $data has to be multiple of blocklen (16 for AES)
80
81 encrypt_last
82 $ciphertext = $ae->encrypt_last($data);
83
84 encrypt_done
85 $tag = $ae->encrypt_done();
86
87 decrypt_add
88 $plaintext = $ae->decrypt_add($ciphertext); #can be called multiple times
89
90 #BEWARE: size of $ciphertext has to be multiple of blocklen (16 for AES)
91
92 encrypt_last
93 $plaintext = $ae->decrypt_last($data);
94
95 decrypt_done
96 my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure)
97 #or
98 my $tag = $ae->decrypt_done; # returns $tag value
99
100 clone
101 my $ae_new = $ae->clone;
102
104 · CryptX, Crypt::AuthEnc::CCM, Crypt::AuthEnc::GCM,
105 Crypt::AuthEnc::EAX
106
107 · <https://en.wikipedia.org/wiki/OCB_mode>
108
109 · <https://tools.ietf.org/html/rfc7253>
110
111
112
113perl v5.30.1 2020-01-29 Crypt::AuthEnc::OCB(3)