.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.35)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
.    if \nF \{\
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{\
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "Crypt::Perl 3"
.TH Crypt::Perl 3 "2020-09-28" "perl v5.30.3" "User Contributed Perl Documentation"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
Crypt::Perl \- Cryptography in pure Perl
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Just as it sounds: cryptography with no non-core \s-1XS\s0 dependencies!
This is useful if you don’t have access to
other tools that do this work like OpenSSL <http://openssl.org>, CryptX,
etc. Of course, if you do have access to one of those tools, they may suit
your purpose better.
.PP
See submodules for usage examples of:
.IP "\(bu" 4
Key generation
.IP "\(bu" 4
Key parsing
.IP "\(bu" 4
Signing & verification
.IP "\(bu" 4
Encryption & decryption
.IP "\(bu" 4
Import (Crypt::Perl::PK) from & export to \s-1JSON\s0 Web Key <https://tools.ietf.org/html/rfc7517> format
.IP "\(bu" 4
\&\s-1JWK\s0 thumbprints <https://tools.ietf.org/html/rfc7638>
.IP "\(bu" 4
Certificate Signing Request (\s-1PKCS\s0 #10) generation (Crypt::Perl::PKCS10)
.IP "\(bu" 4
\&\s-1SSL/TLS\s0 certificate (X.509) generation (Crypt::Perl::X509v3), including
a broad variety of extensions
.SH "SUPPORTED PUBLIC KEY ALGORITHMS"
.IX Header "SUPPORTED PUBLIC KEY ALGORITHMS"
.IP "\(bu" 4
\&\s-1RSA\s0
.IP "\(bu" 4
\&\s-1ECDSA\s0
.IP "\(bu" 4
Ed25519
.SH "SECURITY"
.IX Header "SECURITY"
Random number generation here comes from Bytes::Random::Secure::Tiny.
See that module’s documentation for details of its reliability.
.PP
An extensive test suite is included that compares against
OpenSSL <https://openssl.org> and
LibTomCrypt <https://www.libtom.net/LibTomCrypt/> (i.e., CryptX),
when available.
.PP
That said: \fB\s-1NO GUARANTEES\s0!!!\fR It’s best to restrict use of this library
to contexts where more “visible” cryptography libraries like the ones
mentioned elsewhere here are unavailable.
.PP
And of course, OpenSSL has not been trouble-free, either … <https://www.openssl.org/news/vulnerabilities.html>
.PP
Caveat emptor.
.SH "HISTORICAL VULNERABILITIES"
.IX Header "HISTORICAL VULNERABILITIES"
.IP "\(bu" 4
\&\s-1CVE\-2020\-13895\s0 <https://nvd.nist.gov/vuln/detail/CVE-2020-13895>
.IP "\(bu" 4
\&\s-1CVE\-2020\-17478\s0 <https://nvd.nist.gov/vuln/detail/CVE-2020-17478>
.SH "SPEED"
.IX Header "SPEED"
\&\s-1RSA\s0 key generation is slow—too slow, probably, unless you have
Math::BigInt::GMP or Math::BigInt::Pari (either of which requires \s-1XS\s0).
It’s one application where pure-Perl cryptography just doesn’t seem
feasible. :\-( Everything else, though, including all \s-1ECDSA\s0 and Ed25519
operations, should be fine even in pure Perl.
.PP
Note that this distribution’s test suite is also pretty slow without an
\&\s-1XS\s0 backend.
.SH "TODO"
.IX Header "TODO"
There are \s-1TODO\s0 items listed in the submodules; the following are general
to the entire distribution.
.IP "\(bu" 4
Document the exception system so that applications can use it.
.IP "\(bu" 4
Add more tests, e.g., against CryptX.
.IP "\(bu" 4
Some formal security audit would be nice.
.IP "\(bu" 4
Make it faster :)
.SH "ACKNOWLEDGEMENTS"
.IX Header "ACKNOWLEDGEMENTS"
Much of the logic here comes from Kenji Urushima’s jsrsasign <https://github.com/kjur/jsrsasign>.
.PP
Most of the tests depend on the near-ubiquitous OpenSSL <http://openssl.org>,
without which the Internet would be a very, very different reality from
what we know!
.PP
The Ed25519 logic is ported from forge.js <https://github.com/digitalbazaar/forge/blob/master/lib/ed25519.js>.
.PP
Deterministic \s-1ECDSA\s0 logic derived in part from
python-ecdsa <https://github.com/ecdsa/python-ecdsa>.
.PP
Other parts are ported from LibTomCrypt <http://www.libtom.net>.
.PP
Special thanks to Antonio de la Piedra for having submitted
multiple high-quality, in-depth bug reports.
.SH "LICENSE"
.IX Header "LICENSE"
This library is licensed under the same license as Perl.
.SH "AUTHOR"
.IX Header "AUTHOR"
Felipe Gasper (\s-1FELIPE\s0)