1Crypt::PK::Ed25519(3) User Contributed Perl DocumentationCrypt::PK::Ed25519(3)
2
6 Crypt::PK::Ed25519 - Digital signature based on Ed25519
7
9 use Crypt::PK::Ed25519;
10 #Signature: Alice
12 my $priv = Crypt::PK::Ed25519->new('Alice_priv_ed25519.der');
13 my $sig = $priv->sign_message($message);
14 #Signature: Bob (received $message + $sig)
16 my $pub = Crypt::PK::Ed25519->new('Alice_pub_ed25519.der');
17 $pub->verify_message($sig, $message) or die "ERROR";
18 #Load key
20 my $pk = Crypt::PK::Ed25519->new;
21 my $pk_hex = "A05D1AEA5830AC9A65CDFB384660D497E3697C46B419CF2CEC85DE8BD245459D";
22 $pk->import_key_raw(pack("H*", $pk_hex), "public");
23 my $sk = Crypt::PK::Ed25519->new;
24 my $sk_hex = "45C109BA6FD24E8B67D23EFB6B92D99CD457E2137172C0D749FE2B5A0C142DAD";
25 $sk->import_key_raw(pack("H*", $sk_hex), "private");
26 #Key generation
28 my $pk = Crypt::PK::Ed25519->new->generate_key;
29 my $private_der = $pk->export_key_der('private');
30 my $public_der = $pk->export_key_der('public');
31 my $private_pem = $pk->export_key_pem('private');
32 my $public_pem = $pk->export_key_pem('public');
33 my $private_raw = $pk->export_key_raw('private');
34 my $public_raw = $pk->export_key_raw('public');
35 my $private_jwk = $pk->export_key_jwk('private');
36 my $public_jwk = $pk->export_key_jwk('public');
37
39 Since: CryptX-0.067
40
42 new
43 my $pk = Crypt::PK::Ed25519->new();
44 #or
45 my $pk = Crypt::PK::Ed25519->new($priv_or_pub_key_filename);
46 #or
47 my $pk = Crypt::PK::Ed25519->new(\$buffer_containing_priv_or_pub_key);
48 Support for password protected PEM keys
50 my $pk = Crypt::PK::Ed25519->new($priv_pem_key_filename, $password);
52 #or
53 my $pk = Crypt::PK::Ed25519->new(\$buffer_containing_priv_pem_key, $password);
54 generate_key
56 Uses Yarrow-based cryptographically strong random number generator
57 seeded with random data taken from "/dev/random" (UNIX) or
58 "CryptGenRandom" (Win32).
59 $pk->generate_key;
61 import_key
63 Loads private or public key in DER or PEM format.
64 $pk->import_key($filename);
66 #or
67 $pk->import_key(\$buffer_containing_key);
68 Support for password protected PEM keys:
70 $pk->import_key($filename, $password);
72 #or
73 $pk->import_key(\$buffer_containing_key, $password);
74 Loading private or public keys form perl hash:
76 $pk->import_key($hashref);
78 # the $hashref is either a key exported via key2hash
80 $pk->import_key({
81 curve => "ed25519",
82 pub => "A05D1AEA5830AC9A65CDFB384660D497E3697C46B419CF2CEC85DE8BD245459D",
83 priv => "45C109BA6FD24E8B67D23EFB6B92D99CD457E2137172C0D749FE2B5A0C142DAD",
84 });
85 # or a hash with items corresponding to JWK (JSON Web Key)
87 $pk->import_key({
88 kty => "OKP",
89 crv => "Ed25519",
90 d => "RcEJum_STotn0j77a5LZnNRX4hNxcsDXSf4rWgwULa0",
91 x => "oF0a6lgwrJplzfs4RmDUl-NpfEa0Gc8s7IXei9JFRZ0",
92 });
93 Supported key formats:
95 # all formats can be loaded from a file
97 my $pk = Crypt::PK::Ed25519->new($filename);
98 # or from a buffer containing the key
100 my $pk = Crypt::PK::Ed25519->new(\$buffer_with_key);
101 • Ed25519 private keys in PEM format
103 -----BEGIN ED25519 PRIVATE KEY-----
105 MC4CAQAwBQYDK2VwBCIEIEXBCbpv0k6LZ9I++2uS2ZzUV+ITcXLA10n+K1oMFC2t
106 -----END ED25519 PRIVATE KEY-----
107 • Ed25519 private keys in password protected PEM format
109 -----BEGIN ED25519 PRIVATE KEY-----
111 Proc-Type: 4,ENCRYPTED
112 DEK-Info: DES-CBC,6A64D756D49C1EFF
113 8xQ7OyfQ10IITNEKcJGZA53Z1yk+NJQU7hrKqXwChZtgWNInhMBJRl9pozLKDSkH
115 v7u6EOve8NY=
116 -----END ED25519 PRIVATE KEY-----
117 • PKCS#8 private keys
119 -----BEGIN PRIVATE KEY-----
121 MC4CAQAwBQYDK2VwBCIEIEXBCbpv0k6LZ9I++2uS2ZzUV+ITcXLA10n+K1oMFC2t
122 -----END PRIVATE KEY-----
123 • PKCS#8 encrypted private keys
125 -----BEGIN ENCRYPTED PRIVATE KEY-----
127 MIGHMEsGCSqGSIb3DQEFDTA+MCkGCSqGSIb3DQEFDDAcBAjPx9JkdpRH2QICCAAw
128 DAYIKoZIhvcNAgkFADARBgUrDgMCBwQIWWieQojaWTcEOGj43SxqHUys4Eb2M27N
129 AkhqpmhosOxKrpGi0L3h8m8ipHE8EwI94NeOMsjfVw60aJuCrssY5vKN
130 -----END ENCRYPTED PRIVATE KEY-----
131 • Ed25519 public keys in PEM format
133 -----BEGIN PUBLIC KEY-----
135 MCowBQYDK2VwAyEAoF0a6lgwrJplzfs4RmDUl+NpfEa0Gc8s7IXei9JFRZ0=
136 -----END PUBLIC KEY-----
137 • Ed25519 public key from X509 certificate
139 -----BEGIN CERTIFICATE-----
141 MIIBODCB66ADAgECAhRWDU9FZBBUZ7KTdX8f7Bco8jsoaTAFBgMrZXAwETEPMA0G
142 A1UEAwwGQ3J5cHRYMCAXDTIwMDExOTEzMDIwMloYDzIyOTMxMTAyMTMwMjAyWjAR
143 MQ8wDQYDVQQDDAZDcnlwdFgwKjAFBgMrZXADIQCgXRrqWDCsmmXN+zhGYNSX42l8
144 RrQZzyzshd6L0kVFnaNTMFEwHQYDVR0OBBYEFHCGFtVibAxxWYyRt5wazMpqSZDV
145 MB8GA1UdIwQYMBaAFHCGFtVibAxxWYyRt5wazMpqSZDVMA8GA1UdEwEB/wQFMAMB
146 Af8wBQYDK2VwA0EAqG/+98smzqF/wmFX3zHXSaA67as202HnBJod1Tiurw1f+lr3
147 BX6OMtsDpgRq9O77IF1Qyx/MdJEwwErczOIbAA==
148 -----END CERTIFICATE-----
149 • SSH public Ed25519 keys
151 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL0XsiFcRDp6Hpsoak8OdiiBMJhM2UKszNTxoGS7dJ++
153 • SSH public Ed25519 keys (RFC-4716 format)
155 ---- BEGIN SSH2 PUBLIC KEY ----
157 Comment: "256-bit ED25519, converted from OpenSSH"
158 AAAAC3NzaC1lZDI1NTE5AAAAIL0XsiFcRDp6Hpsoak8OdiiBMJhM2UKszNTxoGS7dJ++
159 ---- END SSH2 PUBLIC KEY ----
160 • Ed25519 private keys in JSON Web Key (JWK) format
162 See <https://tools.ietf.org/html/rfc8037>
164 {
166 "kty":"OKP",
167 "crv":"Ed25519",
168 "x":"oF0a6lgwrJplzfs4RmDUl-NpfEa0Gc8s7IXei9JFRZ0",
169 "d":"RcEJum_STotn0j77a5LZnNRX4hNxcsDXSf4rWgwULa0",
170 }
171 BEWARE: For JWK support you need to have JSON module installed.
173 • Ed25519 public keys in JSON Web Key (JWK) format
175 {
177 "kty":"OKP",
178 "crv":"Ed25519",
179 "x":"oF0a6lgwrJplzfs4RmDUl-NpfEa0Gc8s7IXei9JFRZ0",
180 }
181 BEWARE: For JWK support you need to have JSON module installed.
183 import_key_raw
185 Import raw public/private key - can load raw key data exported by
186 "export_key_raw".
187 $pk->import_key_raw($key, 'public');
189 $pk->import_key_raw($key, 'private');
190 export_key_der
192 my $private_der = $pk->export_key_der('private');
193 #or
194 my $public_der = $pk->export_key_der('public');
195 export_key_pem
197 my $private_pem = $pk->export_key_pem('private');
198 #or
199 my $public_pem = $pk->export_key_pem('public');
200 Support for password protected PEM keys
202 my $private_pem = $pk->export_key_pem('private', $password);
204 #or
205 my $private_pem = $pk->export_key_pem('private', $password, $cipher);
206 # supported ciphers: 'DES-CBC'
208 # 'DES-EDE3-CBC'
209 # 'SEED-CBC'
210 # 'CAMELLIA-128-CBC'
211 # 'CAMELLIA-192-CBC'
212 # 'CAMELLIA-256-CBC'
213 # 'AES-128-CBC'
214 # 'AES-192-CBC'
215 # 'AES-256-CBC' (DEFAULT)
216 export_key_jwk
218 Exports public/private keys as a JSON Web Key (JWK).
219 my $private_json_text = $pk->export_key_jwk('private');
221 #or
222 my $public_json_text = $pk->export_key_jwk('public');
223 Also exports public/private keys as a perl HASH with JWK structure.
225 my $jwk_hash = $pk->export_key_jwk('private', 1);
227 #or
228 my $jwk_hash = $pk->export_key_jwk('public', 1);
229 BEWARE: For JWK support you need to have JSON module installed.
231 export_key_raw
233 Export raw public/private key
234 my $private_bytes = $pk->export_key_raw('private');
236 #or
237 my $public_bytes = $pk->export_key_raw('public');
238 sign_message
240 my $signature = $priv->sign_message($message);
241 verify_message
243 my $valid = $pub->verify_message($signature, $message)
244 is_private
246 my $rv = $pk->is_private;
247 # 1 .. private key loaded
248 # 0 .. public key loaded
249 # undef .. no key loaded
250 key2hash
252 my $hash = $pk->key2hash;
253 # returns hash like this (or undef if no key loaded):
255 {
256 curve => "ed25519",
257 # raw public key as a hexadecimal string
258 pub => "A05D1AEA5830AC9A65CDFB384660D497E3697C46B419CF2CEC85DE8BD245459D",
259 # raw private key as a hexadecimal string. undef if key is public only
260 priv => "45C109BA6FD24E8B67D23EFB6B92D99CD457E2137172C0D749FE2B5A0C142DAD",
261 }
262
264 • <https://en.wikipedia.org/wiki/EdDSA#Ed25519>
265 • <https://en.wikipedia.org/wiki/Curve25519>
267 • <https://tools.ietf.org/html/rfc8032>
269perl v5.36.0 2022-07-22 Crypt::PK::Ed25519(3)