1ECB(3) User Contributed Perl Documentation ECB(3)
2
6 Crypt::ECB - Use block ciphers using ECB mode
7
9 Use Crypt::ECB OO style
10 use Crypt::ECB;
12 $ecb = Crypt::ECB->new;
14 $ecb->cipher('Blowfish');
15 $ecb->key('some_key');
16 $enc = $ecb->encrypt("Some data.");
18 print $ecb->decrypt($enc);
19 or use the function style interface
21 use Crypt::ECB qw(encrypt decrypt encrypt_hex decrypt_hex);
23 $ciphertext = encrypt($key, 'Blowfish', "Some data");
25 $plaintext = decrypt($key, 'Blowfish', $ciphertext);
26 $hexcode = encrypt_hex($key, $cipher, $plaintext);
28 $plain = decrypt_hex($key, $cipher, $hexcode);
29
31 This module is a Perl-only implementation of the ECB mode. In
32 combination with a block cipher such as Blowfish, DES, IDEA or
33 Rijndael, you can encrypt and decrypt messages of arbitrarily long
34 length. Though for security reasons other modes than ECB such as CBC
35 should be preferred. See textbooks on cryptography if you want to know
36 why.
37 The functionality of the module can be accessed via OO methods or via
39 standard function calls. Remember that some block cipher module like
40 for example Crypt::Blowfish has to be installed. The syntax of
41 Crypt::ECB follows that of Crypt::CBC.
42
44 new()
45 $ecb = Crypt::ECB->new(
46 -cipher => $cipher,
47 -key => $key,
48 -padding => 'oneandzeroes',
49 -keysize => 8, # use to override cipher's default
50 -blocksize => 8, # use to override cipher's default
51 );
52 or
54 $ecb = Crypt::ECB->new({
56 cipher => $cipher,
57 key => $key,
58 padding => 'oneandzeroes',
59 keysize => 8, # use to override cipher's default
60 blocksize => 8, # use to override cipher's default
61 });
62 or (only key and cipher can be passed this way)
64 $ecb = Crypt::ECB->new($key, 'Blowfish');
66 $ecb = Crypt::ECB->new($key); # DES is assumed
67 The following options are recognized: cipher, key, keysize, blocksize
69 and padding. Options can be passed like in Crypt::CBC. All options can
70 be read and also be changed via corresponding methods afterwards.
71 If called without parameters you have to call at least key() and
73 cipher() before you can start crypting.
74 cipher(), module(), key()
76 $ecb = Crypt::ECB->new;
77 $ecb->cipher('Blowfish');
78 $ecb->key('some_key');
79 print $ecb->cipher; # Blowfish
81 print $ecb->module; # Crypt::Blowfish
82 print $ecb->key; # some_key
83 or
85 my $ecb = Crypt::ECB->new;
87 my $xtea = Crypt::XTEA->new($key, 32, little_endian => 1);
88 $ecb->cipher($xtea);
89 cipher() sets the block cipher to be used. It tries to load the
91 corresponding module. If an error occurs, it dies with some errmessage.
92 Otherwise it returns the cipher name. Free packages available for Perl
93 are for example Blowfish, DES, IDEA or Rijndael. If called without
94 parameter it just returns the name of the cipher.
95 cipher() also accepts a pre-existing object from a suitable block
97 cipher module. This is useful e.g. for cipher modules such as
98 Crypt::XTEA which need additional parameters.
99 module() returns the perl package containing the block cipher which has
101 been specified using cipher().
102 key() sets the key if given a parameter. It always returns the key.
104 Note that most block ciphers require keys of definite length. For
105 example DES expects an eight byte key.
106 keysize(), blocksize()
108 $ecb = Crypt::ECB->new;
109 $ecb->cipher('Blowfish');
110 $keysize = $ecb->keysize;
112 $blocksize = $ecb->blocksize;
113 These methods can be used to retrieve keysize and blocksize as reported
115 from the block cipher chosen.
116 They can be used as well to override the values that are reported from
118 the cipher module. Of course that doesn't make sense unless the block
119 cipher used supports the new values. E.g. Crypt::Rijndael works with
120 16, 24 and 32 byte keys.
121 padding()
123 $ecb->padding('oneandzeroes');
124 my $custom_padding = sub { ... };
126 $ecb->padding($custom_padding);
127 padding() sets the way how data is padded up to a multiple of the
129 cipher's blocksize. Until now the following methods are implemented:
130 'standard', 'zeroes', 'oneandzeroes', 'rijndael_compat', 'space',
131 'null' and 'none'. If the padding style is not set explicitly,
132 'standard' is used.
133 'standard' (default) (binary safe)
135 The PKCS#5 / PKCS#7 method (RFC 5652): Pads with the number of bytes
136 that should be truncated. So, if blocksize is 8, then "0A0B0C" will
137 be padded with five "05"s, resulting in "0A0B0C0505050505". If the
138 message is already a multiple of the cipher's block size, then another
139 whole block is appended.
140 'zeroes' (binary safe)
142 This is a variant of the standard method. It pads with null bytes, except
143 the last byte equals the number of padding bytes. So, if the blocksize is
144 8, then "0A0B0C" will be padded to "0A0B0C0000000005". If the message is
145 already a multiple of the cipher's block size, then another whole block
146 is appended.
147 'oneandzeroes' (binary safe)
149 Pads with "80" followed by as many "00"s as necessary to fill the block,
150 in other words a 1 bit followed by 0s. If the message already is a
151 multiple of the cipher's block size, then another whole block is
152 appended.
153 'rijndael_compat' (binary safe)
155 Similar to oneandzeroes, except that no padding is performed if the
156 message already is already a multiple of the cipher's block size. This is
157 provided for compatibility with Crypt::Rijndael.
158 'null'
160 Pads with as many null bytes as necessary to fill the block. If the
161 message is already a multiple of the cipher's block size, then another
162 whole block is appended.
163 ATTENTION: Can truncate more characters than it should (if the original
164 message ended with one or more null bytes).
165 'space'
167 Pads with as many space characters as necessary to fill the block.
168 If the message is already a multiple of the cipher's block size, unlike
169 the other methods NO block is appended.
170 ATTENTION: Can truncate more characters than it should (if the original
171 message ended with one or more space characters).
172 'none'
174 No padding added by Crypt::ECB. You then have to take care of correct
175 padding and truncating yourself.
176 You can also use a custom padding function. To do this, create a
178 function that is called like:
179 $padded_block = function($block, $blocksize, $direction);
181 and tell Crypt::ECB to use your function:
183 $ecb->padding(\&function);
185 $block is the current block of data, $blocksize is the size to pad to,
187 $direction is "e" for encrypting and "d" for decrypting, and
188 $padded_block is the result after padding or truncation. When
189 encrypting, the function should always return a string of $blocksize
190 length, and when decrypting, it can expect the string coming in to be
191 of that length.
192 start(), mode(), crypt(), finish()
194 $ecb->start('encrypt');
195 $enc .= $ecb->crypt($_) foreach (@lines);
196 $enc .= $ecb->finish;
197 $ecb->start('decrypt');
199 print $ecb->mode;
200 start() sets the crypting mode, checks if all required variables like
202 key and cipher are set, then initializes the block cipher specified.
203 Allowed parameters are any words starting either with 'e' or 'd'. The
204 method returns the current mode.
205 mode() is called without parameters and just returns the current mode.
207 crypt() processes the data given as argument. If called without
209 argument $_ is processed. The method returns the processed data.
210 Cipher and key have to be set in order to be able to process data. If
211 some of these are missing or start() was not called before, the method
212 dies.
213 After having sent all data to be processed to crypt() you have to call
215 finish() in order to flush data that's left in the buffer.
216 encrypt(), decrypt(), encrypt_hex(), decrypt_hex()
218 $enc = $ecb->encrypt($data);
219 print $ecb->decrypt($enc);
220 $hexenc = $ecb->encrypt_hex($data);
222 print $ecb->decrypt_hex($hexenc);
223 encrypt() and decrypt() are convenience methods which call start(),
225 crypt() and finish() for you.
226 encrypt_hex() and decrypt_hex() are convenience functions that operate
228 on ciphertext in a hexadecimal representation. These functions can be
229 useful if, for example, you wish to place the encrypted information
230 into an e-mail message, web page or URL.
231
233 For convenience en- or decrypting can also be done by calling ordinary
234 functions. The functions are: encrypt(), decrypt(), encrypt_hex(),
235 decrypt_hex().
236 encrypt(), decrypt(), encrypt_hex(), decrypt_hex()
238 use Crypt::ECB qw(encrypt decrypt encrypt_hex decrypt_hex);
239 $ciphertext = encrypt($key, $cipher, $plaintext, $padstyle);
241 $plaintext = decrypt($key, $cipher, $ciphertext, $padstyle);
242 $ciphertext = encrypt_hex($key, $cipher, $plaintext, $padstyle);
244 $plaintext = decrypt_hex($key, $cipher, $ciphertext, $padstyle);
245 encrypt() and decrypt() process the provided text and return either the
247 corresponding ciphertext (encrypt) or plaintext (decrypt). Data and
248 padstyle are optional. If the padding style is omitted, 'standard' is
249 assumed. If data is omitted, $_ is used.
250 encrypt_hex() and decrypt_hex() operate on ciphertext in a hexadecimal
252 representation, just like the methods with the same name, see above.
253 Otherwise usage is the same as for encrypt() and decrypt().
254
256 None that I know of. Please report if you find any.
257
259 Implement 'random' padding, see
260 http://www.di-mgt.com.au/cryptopad.html.
261 A taint check on the key like Crypt::CBC does could be added.
263
265 Crypt-ECB is Copyright (C) 2000, 2005, 2008, 2016 by Christoph Appel.
266 This module is distributed using the same terms as Perl itself. It is
268 free software; you can redistribute it and/or modify it under the terms
269 of either:
270 a) the GNU General Public License as published by the Free Software
272 Foundation; either version 1, or (at your option) any later version, or
273 b) the "Artistic License".
275
277 Christoph Appel (see ECB.pm for email address)
278
280 perl(1), Crypt::DES(3), Crypt::IDEA(3), Crypt::CBC(3)
281perl v5.32.1 2021-01-27 ECB(3)