1Convert::PEM::CBC(3) User Contributed Perl Documentation Convert::PEM::CBC(3)
2
3
4
6 Convert::PEM::CBC - Cipher Block Chaining Mode implementation
7
9 use Convert::PEM::CBC;
10 my $cbc = Convert::PEM::CBC->new(
11 Cipher => 'Crypt::DES_EDE3',
12 Passphrase => 'foo'
13 );
14
15 $cbc->encrypt($plaintext);
16
18 Convert::PEM::CBC implements the CBC (Cipher Block Chaining) mode for
19 encryption/decryption ciphers; the CBC is designed for compatability
20 with OpenSSL and may not be compatible with other implementations (such
21 as SSH).
22
24 $cbc = Convert::PEM::CBC->new(%args)
25
26 Creates a new Convert::PEM::CBC object and initializes it. Returns the
27 new object.
28
29 %args can contain:
30
31 * Cipher
32 Either the name of an encryption cipher class (eg. Crypt::DES), or
33 an object already blessed into such a class. The class must support
34 the keysize, blocksize, encrypt, and decrypt methods. If the value
35 is a blessed object, it is assumed that the object has already been
36 initialized with a key.
37
38 This argument is mandatory.
39
40 * Passphrase
41 A passphrase to encrypt/decrypt the content. This is different in
42 implementation from a key (Key), because it is assumed that a
43 passphrase comes directly from a user, and must be munged into the
44 correct form for a key. This "munging" is done by repeatedly com‐
45 puting an MD5 hash of the passphrase, the IV, and the existing
46 hash, until the generated key is longer than the keysize for the
47 cipher (Cipher).
48
49 Because of this "munging", this argument can be any length (even an
50 empty string).
51
52 If you give the Cipher argument an object, this argument is
53 ignored. If the Cipher argument is a cipher class, either this
54 argument or Key must be provided.
55
56 * Key
57 A raw key, to be passed directly to the new cipher object. Because
58 this is passed directly to the cipher itself, the length of the key
59 must be equal to or greater than the keysize for the Cipher.
60
61 As with the Passphrase argument, if you give the Cipher argument an
62 already-constructed cipher object, this argument is ignored. If the
63 Cipher argument is a cipher class, either this argument or
64 Passphrase must be provided.
65
66 * IV
67 The initialization vector for CBC mode.
68
69 This argument is optional; if not provided, a random IV will be
70 generated. Obviously, if you're decrypting data, you should provide
71 this argument, because your IV should match the IV used to encrypt
72 the data.
73
74 $cbc->encrypt($plaintext)
75
76 Encrypts the plaintext $plaintext using the underlying cipher implemen‐
77 tation in CBC mode, and returns the ciphertext.
78
79 If any errors occur, returns undef, and you should check the errstr
80 method to find out what went wrong.
81
82 $cbc->decrypt($ciphertext)
83
84 Decrypts the ciphertext $ciphertext using the underlying cipher imple‐
85 mentation in CBC mode, and returns the plaintext.
86
87 If any errors occur, returns undef, and you should check the errstr
88 method to find out what went wrong.
89
90 $cbc->iv
91
92 Returns the current initialization vector. One use for this might be to
93 grab the initial value of the IV if it's created randomly (ie. you
94 haven't provided an IV argument to new):
95
96 my $cbc = Convert::PEM::CBC->new( Cipher => $cipher );
97 my $iv = $cbc->iv; ## Generated randomly in 'new'.
98
99 Convert::PEM uses this to write the IV to the PEM file when encrypting,
100 so that it can be known when trying to decrypt the file.
101
102 $cbc->errstr
103
104 Returns the value of the last error that occurred. This should only be
105 considered meaningful when you've received undef from one of the func‐
106 tions above; in all other cases its relevance is undefined.
107
109 Please see the Convert::PEM manpage for author, copyright, and license
110 information.
111
112
113
114perl v5.8.8 2005-05-25 Convert::PEM::CBC(3)