Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/fgasper/p5-crypt-perl

CPAN’s Crypt::Perl
https://github.com/fgasper/p5-crypt-perl

Last synced: 2 months ago
JSON representation

CPAN’s Crypt::Perl

Host: GitHub
URL: https://github.com/fgasper/p5-crypt-perl
Owner: FGasper
License: other
Created: 2016-12-10T18:48:15.000Z (about 8 years ago)
Default Branch: master
Last Pushed: 2024-06-03T14:14:04.000Z (7 months ago)
Last Synced: 2024-10-02T15:21:06.931Z (3 months ago)
Language: Perl
Size: 1.03 MB
Stars: 4
Watchers: 3
Forks: 4
Open Issues: 8
Metadata Files:
- Readme: README.md
- Changelog: Changes
- License: LICENSE

Awesome Lists containing this project

README

        # NAME

Crypt::Perl - Cryptography in pure Perl

# DESCRIPTION



    



Just as it sounds: cryptography with no non-core XS dependencies!

This is useful if you don’t have access to

other tools that do this work like [OpenSSL](http://openssl.org), [CryptX](https://metacpan.org/pod/CryptX),

etc. Of course, if you do have access to one of those tools, they may suit

your purpose better.

See submodules for usage examples of:

- Key generation

- Key parsing

- Signing & verification

- Encryption & decryption

- Import ([Crypt::Perl::PK](https://metacpan.org/pod/Crypt%3A%3APerl%3A%3APK)) from & export to [JSON Web Key](https://tools.ietf.org/html/rfc7517) format

- [JWK thumbprints](https://tools.ietf.org/html/rfc7638)

- Certificate Signing Request (PKCS #10) generation ([Crypt::Perl::PKCS10](https://metacpan.org/pod/Crypt%3A%3APerl%3A%3APKCS10))

- SSL/TLS certificate (X.509) generation ([Crypt::Perl::X509v3](https://metacpan.org/pod/Crypt%3A%3APerl%3A%3AX509v3)), including

a broad variety of extensions

# SUPPORTED PUBLIC KEY ALGORITHMS

- [RSA](https://metacpan.org/pod/Crypt%3A%3APerl%3A%3ARSA)

- [ECDSA](https://metacpan.org/pod/Crypt%3A%3APerl%3A%3AECDSA)

- [Ed25519](https://metacpan.org/pod/Crypt%3A%3APerl%3A%3AEd25519)

# SECURITY

Random number generation here comes from [Bytes::Random::Secure::Tiny](https://metacpan.org/pod/Bytes%3A%3ARandom%3A%3ASecure%3A%3ATiny).

See that module’s documentation for details of its reliability.

An extensive test suite is included that compares against

[OpenSSL](https://openssl.org) and

[LibTomCrypt](https://www.libtom.net/LibTomCrypt/) (i.e., [CryptX](https://metacpan.org/pod/CryptX)),

when available.

That said: **NO GUARANTEES!!!** It’s best to restrict use of this library

to contexts where more “visible” cryptography libraries like the ones

mentioned elsewhere here are unavailable.

And of course, [OpenSSL has not been trouble-free, either …](https://www.openssl.org/news/vulnerabilities.html)

Caveat emptor.

# HISTORICAL VULNERABILITIES

- [CVE-2020-13895](https://nvd.nist.gov/vuln/detail/CVE-2020-13895)

- [CVE-2020-17478](https://nvd.nist.gov/vuln/detail/CVE-2020-17478)

# SPEED

RSA key generation is slow—too slow, probably, unless you have

[Math::BigInt::GMP](https://metacpan.org/pod/Math%3A%3ABigInt%3A%3AGMP) or [Math::BigInt::Pari](https://metacpan.org/pod/Math%3A%3ABigInt%3A%3APari) (either of which requires XS).

It’s one application where pure-Perl cryptography just doesn’t seem

feasible. :-( Everything else, though, including all ECDSA and Ed25519

operations, should be fine even in pure Perl.

Note that this distribution’s test suite is also pretty slow without an

XS backend.

# TODO

There are TODO items listed in the submodules; the following are general

to the entire distribution.

- Document the exception system so that applications can use it.

- Add more tests, e.g., against [CryptX](https://metacpan.org/pod/CryptX).

- Some formal security audit would be nice.

- Make it faster :)

# ACKNOWLEDGEMENTS

Much of the logic here comes from Kenji Urushima’s [jsrsasign](https://github.com/kjur/jsrsasign).

Most of the tests depend on the near-ubiquitous [OpenSSL](http://openssl.org),

without which the Internet would be a very, very different reality from

what we know!

The Ed25519 logic is ported from [forge.js](https://github.com/digitalbazaar/forge/blob/master/lib/ed25519.js).

Deterministic ECDSA logic derived in part from

[python-ecdsa](https://github.com/ecdsa/python-ecdsa).

Other parts are ported from [LibTomCrypt](http://www.libtom.net).

Special thanks to Antonio de la Piedra for having submitted

multiple high-quality, in-depth bug reports.

# LICENSE

This library is licensed under the same license as Perl.

# AUTHOR

Felipe Gasper (FELIPE)