.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" ======================================================================== .\" .IX Title "Crypt::Perl::ECDSA::PrivateKey 3" .TH Crypt::Perl::ECDSA::PrivateKey 3 "2020-09-24" "perl v5.30.3" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" Crypt::Perl::ECDSA::PrivateKey \- object representation of ECDSA private key .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 2 \& #Use Generate.pm or Parse.pm rather \& #than instantiating this class directly. \& \& #This works even if the object came from a key file that doesn’t \& #contain the curve name. \& $prkey\->get_curve_name(); \& \& if ($payload > ($prkey\->max_sign_bits() / 8)) { \& die "Payload too long!"; \& } \& \& #$payload is probably a hash (e.g., SHA\-256) of your original message. \& my $sig = $prkey\->sign($payload); \& \& #For JSON Web Algorithms (JWT et al.), cf. RFC 7518 page 8 \& #This will also apply the appropriate SHA algorithm before signing. \& my $sig_jwa = $prkey\->sign_jwa($payload); \& \& $prkey\->verify($payload, $sig) or die "Invalid signature!"; \& $prkey\->verify_jwa($payload, $sig_jwa) or die "Invalid signature!"; \& \& #Corresponding “der” methods exist as well. \& my $cn_pem = $prkey\->to_pem_with_curve_name(); \& my $expc_pem = $prkey\->to_pem_with_explicit_curve(); \& \& #\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- \& \& my $pbkey = $prkey\->get_public_key(); \& \& #\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- \& \& #Includes “kty”, “crv”, “x”, “y”, and (for private) “d”. \& #Add in whatever else your application needs afterward. \& # \& #These will die() if you try to run it with a curve that \& #doesn’t have a known JWK “crv” value. \& # \& my $prv_jwk = $prkey\->get_struct_for_private_jwk(); \& my $pub_jwk = $prkey\->get_struct_for_public_jwk(); \& \& #Useful for JWTs \& my $jwt_alg = $pbkey\->get_jwa_alg(); .Ve .SH "DISCUSSION" .IX Header "DISCUSSION" The \s-1SYNOPSIS\s0 above should be illustration enough of how to use this class. .SH "SECURITY" .IX Header "SECURITY" The security advantages of elliptic-curve cryptography (\s-1ECC\s0) are a matter of some controversy. While the math itself is apparently bulletproof, there are varying opinions about the integrity of the various curves that are recommended for \s-1ECC.\s0 Some believe that some curves contain “backdoors” that would allow \&\s-1NIST\s0 to sniff a transmission. .PP That said, \s-1RSA\s0 will eventually no longer be viable: as the keys get bigger, the security advantage of increasing their size diminishes. .SH "TODO" .IX Header "TODO" This minimal set of functionality can be augmented as feature requests come in. Patches are welcome—particularly with tests!