File Coverage

blib/lib/Crypt/AuthEnc/EAX.pm
Criterion Covered Total %
statement 13 15 86.6
branch n/a
condition n/a
subroutine 5 7 71.4
pod 0 2 0.0
total 18 24 75.0


line stmt bran cond sub pod time code
1             package Crypt::AuthEnc::EAX;
2              
3 3     3   140820 use strict;
  3         23  
  3         115  
4 3     3   29 use warnings;
  3         6  
  3         395  
5             our $VERSION = '0.080_001';
6              
7             require Exporter; our @ISA = qw(Exporter); ### use Exporter 5.57 'import';
8             our %EXPORT_TAGS = ( all => [qw( eax_encrypt_authenticate eax_decrypt_verify )] );
9             our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
10             our @EXPORT = qw();
11              
12 3     3   23 use Carp;
  3         6  
  3         243  
13             $Carp::Internal{(__PACKAGE__)}++;
14 3     3   798 use CryptX;
  3         15  
  3         338  
15              
16             # obsolete, only for backwards compatibility
17 23     23 0 38196 sub header_add { goto &adata_add }
18 0     0 0   sub aad_add { goto &adata_add }
19              
20 0     0     sub CLONE_SKIP { 1 } # prevent cloning
21              
22             1;
23              
24             =pod
25              
26             =head1 NAME
27              
28             Crypt::AuthEnc::EAX - Authenticated encryption in EAX mode
29              
30             =head1 SYNOPSIS
31              
32             ### OO interface
33             use Crypt::AuthEnc::EAX;
34              
35             # encrypt and authenticate
36             my $ae = Crypt::AuthEnc::EAX->new("AES", $key, $iv);
37             $ae->adata_add('additional_authenticated_data1');
38             $ae->adata_add('additional_authenticated_data2');
39             my $ct = $ae->encrypt_add('data1');
40             $ct .= $ae->encrypt_add('data2');
41             $ct .= $ae->encrypt_add('data3');
42             my $tag = $ae->encrypt_done();
43              
44             # decrypt and verify
45             my $ae = Crypt::AuthEnc::EAX->new("AES", $key, $iv);
46             $ae->adata_add('additional_authenticated_data1');
47             $ae->adata_add('additional_authenticated_data2');
48             my $pt = $ae->decrypt_add('ciphertext1');
49             $pt .= $ae->decrypt_add('ciphertext2');
50             $pt .= $ae->decrypt_add('ciphertext3');
51             my $tag = $ae->decrypt_done();
52             die "decrypt failed" unless $tag eq $expected_tag;
53              
54             #or
55             my $result = $ae->decrypt_done($expected_tag); # 0 or 1
56              
57             ### functional interface
58             use Crypt::AuthEnc::EAX qw(eax_encrypt_authenticate eax_decrypt_verify);
59              
60             my ($ciphertext, $tag) = eax_encrypt_authenticate('AES', $key, $iv, $adata, $plaintext);
61             my $plaintext = eax_decrypt_verify('AES', $key, $iv, $adata, $ciphertext, $tag);
62              
63             =head1 DESCRIPTION
64              
65             EAX is a mode that requires a cipher, CTR and OMAC support and provides encryption and authentication.
66             It is initialized with a random IV that can be shared publicly, additional authenticated data which can
67             be fixed and public, and a random secret symmetric key.
68              
69             =head1 EXPORT
70              
71             Nothing is exported by default.
72              
73             You can export selected functions:
74              
75             use Crypt::AuthEnc::EAX qw(eax_encrypt_authenticate eax_decrypt_verify);
76              
77             =head1 FUNCTIONS
78              
79             =head2 eax_encrypt_authenticate
80              
81             my ($ciphertext, $tag) = eax_encrypt_authenticate($cipher, $key, $iv, $adata, $plaintext);
82              
83             # $cipher .. 'AES' or name of any other cipher with 16-byte block len
84             # $key ..... AES key of proper length (128/192/256bits)
85             # $iv ...... unique initialization vector (no need to keep it secret)
86             # $adata ... additional authenticated data
87              
88             =head2 eax_decrypt_verify
89              
90             my $plaintext = eax_decrypt_verify($cipher, $key, $iv, $adata, $ciphertext, $tag);
91             # on error returns undef
92              
93             =head1 METHODS
94              
95             =head2 new
96              
97             my $ae = Crypt::AuthEnc::EAX->new($cipher, $key, $iv);
98             #or
99             my $ae = Crypt::AuthEnc::EAX->new($cipher, $key, $iv, $adata);
100              
101             # $cipher .. 'AES' or name of any other cipher with 16-byte block len
102             # $key ..... AES key of proper length (128/192/256bits)
103             # $iv ...... unique initialization vector (no need to keep it secret)
104             # $adata ... additional authenticated data (optional)
105              
106             =head2 adata_add
107              
108             $ae->adata_add($adata); # can be called multiple times
109              
110             =head2 encrypt_add
111              
112             $ciphertext = $ae->encrypt_add($data); # can be called multiple times
113              
114             =head2 encrypt_done
115              
116             $tag = $ae->encrypt_done(); # returns $tag value
117              
118             =head2 decrypt_add
119              
120             $plaintext = $ae->decrypt_add($ciphertext); # can be called multiple times
121              
122             =head2 decrypt_done
123              
124             my $tag = $ae->decrypt_done; # returns $tag value
125             #or
126             my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure)
127              
128             =head2 clone
129              
130             my $ae_new = $ae->clone;
131              
132             =head1 SEE ALSO
133              
134             =over
135              
136             =item * L, L, L, L
137              
138             =item * L
139              
140             =back
141              
142             =cut