Crypt::GCrypt(3pm) | User Contributed Perl Documentation | Crypt::GCrypt(3pm) |

use Crypt::GCrypt; my $cipher = Crypt::GCrypt->new( type => 'cipher', algorithm => 'aes', mode => 'cbc' ); $cipher->start('encrypting'); $cipher->setkey('my secret key'); $cipher->setiv('my init vector'); my $ciphertext = $cipher->encrypt('plaintext'); $ciphertext .= $cipher->finish; my $plaintext = $cipher->decrypt($ciphertext); $plaintext .= $cipher->finish;

if (Crypt::GCrypt::cipher_algo_available('aes')) { # do stuff with aes }

my $cipher = Crypt::GCrypt->new( type => 'cipher', algorithm => 'aes', mode => 'cbc' );The

- algorithm
- This may be one of the following:

**3des**- Triple-DES with 3 Keys as EDE. The key size of this algorithm is 168 but you have to pass 192 bits because the most significant bits of each byte are ignored.

**aes**- AES (Rijndael) with a 128 bit key.

**aes192**- AES (Rijndael) with a 192 bit key.

**aes256**- AES (Rijndael) with a 256 bit key.

**blowfish**- The blowfish algorithm. The current implementation allows only for a key size of 128 bits (and thus is not compatible with Crypt::Blowfish).

**cast5**- CAST128-5 block cipher algorithm. The key size is 128 bits.

**des**- Standard DES with a 56 bit key. You need to pass 64 bit but the high bits of each byte are ignored. Note, that this is a weak algorithm which can be broken in reasonable time using a brute force approach.

**twofish**- The Twofish algorithm with a 256 bit key.

**twofish128**- The Twofish algorithm with a 128 bit key.

**arcfour**- An algorithm which is 100% compatible with RSA Inc.'s RC4 algorithm. Note that this is a stream cipher and must be used very carefully to avoid a couple of weaknesses.

- mode
- This is a string specifying one of the following encryption/decryption modes:

**stream**- only available for stream ciphers

**ecb**- doesn't use an IV, encrypts each block independently

**cbc**- the current ciphertext block is encryption of current plaintext block xor-ed with last ciphertext block

**cfb**- the current ciphertext block is the current plaintext block xor-ed with the current keystream block, which is the encryption of the last ciphertext block

**ofb**- the current ciphertext block is the current plaintext block xor-ed with the current keystream block, which is the encryption of the last keystream block

- padding
- When the last block of plaintext is shorter than the block size, it must be padded before encryption. Padding should permit a safe unpadding after decryption. Crypt::GCrypt currently supports two methods:

**standard**- This is also known as PKCS#5 padding, as it's binary safe. The string is padded with the number of bytes that should be truncated. It's compatible with Crypt::CBC.

**null**- Only for text strings. The block will be padded with null bytes (00). If the last block is a full block and blocksize is 8, a block of "0000000000000000" will be appended.

**none**- By setting the padding method to "none",
Crypt::GCrypt will only accept a multiple of blklen as input for "
*encrypt()*".

- secure
- If this option is set to a true value, all data associated with this cipher will be put into non-swappable storage, if possible.

- enable_sync
- Enable the CFB sync operation.

$cipher->start('encrypting'); $cipher->start('decrypting');This method must be called before any call to

$cipher->setkey('my secret key');Encryption and decryption operations will use this key until a different one is set. If your key is shorter than the cipher's keylen (see the "keylen" method) it will be zero-padded, if it is longer it will be truncated.

$cipher->setiv('my iv');Set the initialisation vector for the next encrypt/decrypt operation. If

$ciphertext = $cipher->encrypt($plaintext);This method encrypts

$ciphertext .= $cipher->finish; $plaintext .= $cipher->finish;The CBC algorithm must buffer data blocks internally until there are even multiples of the encryption algorithm's blocksize (typically 8 or 16 bytes). After the last call to

$plaintext = $cipher->decrypt($ciphertext);The counterpart to encrypt, decrypt takes a

print "Key length is " . $cipher->keylen();Returns the number of bytes of keying material this cipher needs.

print "Block size is " . $cipher->blklen();As their name implies, block ciphers operate on blocks of data. This method returns the size of this blocks in bytes for this particular cipher. For stream ciphers 1 is returned, since this implementation does not feed less than a byte into the cipher.

$cipher->sync();Apply the CFB sync operation.

if (Crypt::GCrypt::digest_algo_available('sha256')) { # do stuff with sha256 }

my $digest = Crypt::GCrypt->new( type => 'digest', algorithm => 'sha256', );The

- algorithm
- Depending on your available version of gcrypt, this can be
one of the following hash algorithms. Note that some gcrypt installations
do not implement certain algorithms (see
*digest_algo_available()*).

**md4**

**md5**

**ripemd160**

**sha1**

**sha224**

**sha256**

**sha384**

**sha512**

**tiger192**

**whirlpool**

- secure
- If this option is set to a true value, all data associated with this digest will be put into non-swappable storage, if possible.

- hmac
- If the digest is expected to be used as a keyed-Hash Message Authentication Code (HMAC), supply the key with this argument. It is good practice to ensure that the key is at least as long as the digest used.

my $len = $digest->digest_length();Returns the length in bytes of the digest produced by this algorithm.

$digest->write($data);Feeds data into the hash context. Once you have called

my $md = $digest->read();Completes the digest and return the resultant string. You can call this multiple times, and it will return the same information. Once a digest object has been

2017-07-22 | perl v5.26.0 |