1Crypt::PK::DH(3) User Contributed Perl Documentation Crypt::PK::DH(3)
2
6 Crypt::PK::DH - Public key cryptography based on Diffie-Hellman
7
9 ### OO interface
10 #Shared secret
12 my $priv = Crypt::PK::DH->new('Alice_priv_dh1.key');
13 my $pub = Crypt::PK::DH->new('Bob_pub_dh1.key');
14 my $shared_secret = $priv->shared_secret($pub);
15 #Key generation
17 my $pk = Crypt::PK::DH->new();
18 $pk->generate_key(128);
19 my $private = $pk->export_key('private');
20 my $public = $pk->export_key('public');
21 or
23 my $pk = Crypt::PK::DH->new();
25 $pk->generate_key('ike2048');
26 my $private = $pk->export_key('private');
27 my $public = $pk->export_key('public');
28 or
30 my $pk = Crypt::PK::DH->new();
32 $pk->generate_key({ p => $p, g => $g });
33 my $private = $pk->export_key('private');
34 my $public = $pk->export_key('public');
35 ### Functional interface
37 #Shared secret
39 my $shared_secret = dh_shared_secret('Alice_priv_dh1.key', 'Bob_pub_dh1.key');
40
42 new
43 my $pk = Crypt::PK::DH->new();
44 #or
45 my $pk = Crypt::PK::DH->new($priv_or_pub_key_filename);
46 #or
47 my $pk = Crypt::PK::DH->new(\$buffer_containing_priv_or_pub_key);
48 generate_key
50 Uses Yarrow-based cryptographically strong random number generator
51 seeded with random data taken from "/dev/random" (UNIX) or
52 "CryptGenRandom" (Win32).
53 $pk->generate_key($groupsize);
55 ### $groupsize (in bytes) corresponds to DH parameters (p, g) predefined by libtomcrypt
56 # 96 => DH-768
57 # 128 => DH-1024
58 # 192 => DH-1536
59 # 256 => DH-2048
60 # 384 => DH-3072
61 # 512 => DH-4096
62 # 768 => DH-6144
63 # 1024 => DH-8192
64 The following variants are available since CryptX-0.032
66 $pk->generate_key($groupname)
68 ### $groupname corresponds to values defined in RFC7296 and RFC3526
69 # 'ike768' => 768-bit MODP (Group 1)
70 # 'ike1024' => 1024-bit MODP (Group 2)
71 # 'ike1536' => 1536-bit MODP (Group 5)
72 # 'ike2048' => 2048-bit MODP (Group 14)
73 # 'ike3072' => 3072-bit MODP (Group 15)
74 # 'ike4096' => 4096-bit MODP (Group 16)
75 # 'ike6144' => 6144-bit MODP (Group 17)
76 # 'ike8192' => 8192-bit MODP (Group 18)
77 $pk->generate_key($param_hash)
79 # $param_hash is { g => $g, p => $p }
80 # where $g is the generator (base) in a hex string and $p is the prime in a hex string
81 $pk->generate_key(\$dh_param)
83 # $dh_param is the content of DER or PEM file with DH parameters
84 # e.g. openssl dhparam 2048
85 import_key
87 Loads private or public key (exported by "export_key").
88 $pk->import_key($filename);
90 #or
91 $pk->import_key(\$buffer_containing_key);
92 import_key_raw
94 Since: CryptX-0.032
95 $pk->import_key_raw($raw_bytes, $type, $params)
97 ### $raw_bytes is a binary string containing the key
98 ### $type is either 'private' or 'public'
99 ### $param is either a name ('ike2038') or hash containing the p,g values { g=>$g, p=>$p }
100 ### in hex strings
101 export_key
103 BEWARE: DH key format change - since v0.049 it is compatible with
104 libtomcrypt 1.18.
105 my $private = $pk->export_key('private');
107 #or
108 my $public = $pk->export_key('public');
109 export_key_raw
111 Since: CryptX-0.032
112 $raw_bytes = $dh->export_key_raw('public')
114 #or
115 $raw_bytes = $dh->export_key_raw('private')
116 shared_secret
118 # Alice having her priv key $pk and Bob's public key $pkb
119 my $pk = Crypt::PK::DH->new($priv_key_filename);
120 my $pkb = Crypt::PK::DH->new($pub_key_filename);
121 my $shared_secret = $pk->shared_secret($pkb);
122 # Bob having his priv key $pk and Alice's public key $pka
124 my $pk = Crypt::PK::DH->new($priv_key_filename);
125 my $pka = Crypt::PK::DH->new($pub_key_filename);
126 my $shared_secret = $pk->shared_secret($pka); # same value as computed by Alice
127 is_private
129 my $rv = $pk->is_private;
130 # 1 .. private key loaded
131 # 0 .. public key loaded
132 # undef .. no key loaded
133 size
135 my $size = $pk->size;
136 # returns key size in bytes or undef if no key loaded
137 key2hash
139 my $hash = $pk->key2hash;
140 # returns hash like this (or undef if no key loaded):
142 {
143 type => 0, # integer: 1 .. private, 0 .. public
144 size => 256, # integer: key size in bytes
145 x => "FBC1062F73B9A17BB8473A2F5A074911FA7F20D28FB...", #private key
146 y => "AB9AAA40774D3CD476B52F82E7EE2D8A8D40CD88BF4...", #public key
147 g => "2", # generator/base
148 p => "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80D...", # prime
149 }
150 params2hash
152 Since: CryptX-0.032
153 my $params = $pk->params2hash;
155 # returns hash like this (or undef if no key loaded):
157 {
158 g => "2", # generator/base
159 p => "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80D...", # prime
160 }
161
163 dh_shared_secret
164 DH based shared secret generation. See method "shared_secret" below.
165 #on Alice side
167 my $shared_secret = dh_shared_secret('Alice_priv_dh1.key', 'Bob_pub_dh1.key');
168 #on Bob side
170 my $shared_secret = dh_shared_secret('Bob_priv_dh1.key', 'Alice_pub_dh1.key');
171
173 The following functions/methods were removed in removed in v0.049:
174 encrypt
176 decrypt
177 sign_message
178 verify_message
179 sign_hash
180 verify_hash
181 dh_encrypt
183 dh_decrypt
184 dh_sign_message
185 dh_verify_message
186 dh_sign_hash
187 dh_verify_hash
188
190 • <https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange>
191perl v5.38.0 2023-10-04 Crypt::PK::DH(3)