File Coverage

blib/lib/Crypt/AuthEnc/ChaCha20Poly1305.pm

Criterion	Covered	Total	%
statement	12	13	92.3
branch			n/a
condition			n/a
subroutine	4	5	80.0
pod			n/a
total	16	18	88.8

line	stmt	sub	time	code
1				package Crypt::AuthEnc::ChaCha20Poly1305;
2
3	4	4	134784	use strict;
	4		8
	4		145
4	4	4	17	use warnings;
	4		5
	4		557
5				our $VERSION = '0.089';
6
7				require Exporter; our @ISA = qw(Exporter); ### use Exporter 5.57 'import';
8				our %EXPORT_TAGS = ( all => [qw( chacha20poly1305_encrypt_authenticate chacha20poly1305_decrypt_verify )] );
9				our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
10				our @EXPORT = qw();
11
12	4	4	26	use Carp;
	4		17
	4		357
13				$Carp::Internal{(__PACKAGE__)}++;
14	4	4	1002	use CryptX;
	4		8
	4		333
15
16	0	0		sub CLONE_SKIP { 1 } # prevent cloning
17
18				1;
19
20				=pod
21
22				=head1 NAME
23
24				Crypt::AuthEnc::ChaCha20Poly1305 - Authenticated encryption in ChaCha20-Poly1305 mode
25
26				=head1 SYNOPSIS
27
28				### OO interface
29				use Crypt::AuthEnc::ChaCha20Poly1305;
30
31				my $key = '...';
32				my $nonce = '...';
33				my $expected_tag = '...';
34
35				# encrypt and authenticate
36				my $ae_enc = Crypt::AuthEnc::ChaCha20Poly1305->new($key, $nonce);
37				$ae_enc->adata_add('additional_authenticated_data1');
38				$ae_enc->adata_add('additional_authenticated_data2');
39				my $ct = $ae_enc->encrypt_add('data1');
40				$ct .= $ae_enc->encrypt_add('data2');
41				$ct .= $ae_enc->encrypt_add('data3');
42				my $tag = $ae_enc->encrypt_done();
43
44				# decrypt and verify
45				my $ae_dec = Crypt::AuthEnc::ChaCha20Poly1305->new($key, $nonce);
46				$ae_dec->adata_add('additional_authenticated_data1');
47				$ae_dec->adata_add('additional_authenticated_data2');
48				my $pt = $ae_dec->decrypt_add('ciphertext1');
49				$pt .= $ae_dec->decrypt_add('ciphertext2');
50				$pt .= $ae_dec->decrypt_add('ciphertext3');
51				my $computed_tag = $ae_dec->decrypt_done();
52				die "decrypt failed" unless $computed_tag eq $expected_tag;
53
54				#or
55				my $result = $ae_dec->decrypt_done($expected_tag); # 0 or 1
56
57				### functional interface
58				use Crypt::AuthEnc::ChaCha20Poly1305 qw(chacha20poly1305_encrypt_authenticate chacha20poly1305_decrypt_verify);
59
60				my $key = '...';
61				my $nonce = '...';
62				my $adata = '...';
63				my $plaintext = '...';
64
65				my ($ciphertext, $tag) = chacha20poly1305_encrypt_authenticate($key, $nonce, $adata, $plaintext);
66				my $decrypted = chacha20poly1305_decrypt_verify($key, $nonce, $adata, $ciphertext, $tag);
67
68				=head1 DESCRIPTION
69
70				Provides authenticated encryption with ChaCha20-Poly1305 as defined in
71				L.
72
73				This is a stateful API. Build one message by calling, in order:
74				C or C, optional C, zero or more C or
75				C calls, then C or C.
76
77				Use a fresh object per message. If you construct with C you must
78				call C before adding AAD or processing plaintext/ciphertext.
79				When verifying, C is the safer one-step form;
80				C without arguments only returns the calculated tag.
81				The first C / C call finalizes the object. After that,
82				further C, C, C, C,
83				C, C, and C calls croak.
84
85				=head1 EXPORT
86
87				Nothing is exported by default.
88
89				You can export selected functions:
90
91				use Crypt::AuthEnc::ChaCha20Poly1305 qw(chacha20poly1305_encrypt_authenticate chacha20poly1305_decrypt_verify);
92
93				=head1 FUNCTIONS
94
95				=head2 chacha20poly1305_encrypt_authenticate
96
97				my ($ciphertext, $tag) = chacha20poly1305_encrypt_authenticate($key, $nonce, $adata, $plaintext);
98
99				# $key ..... [binary string] key of proper length (128 or 256 bits / 16 or 32 bytes)
100				# $nonce ... [binary string] nonce (64 or 96 bits / 8 or 12 bytes)
101				# $adata ... [binary string] additional authenticated data (optional)
102
103				=head2 chacha20poly1305_decrypt_verify
104
105				my $plaintext = chacha20poly1305_decrypt_verify($key, $nonce, $adata, $ciphertext, $tag);
106				# on error returns undef
107
108				=head1 METHODS
109
110				Unless noted otherwise, assume C<$ae> is an existing AEAD object created via
111				C, for example:
112
113				my $ae = Crypt::AuthEnc::ChaCha20Poly1305->new($key, $nonce);
114
115				=head2 new
116
117				my $ae = Crypt::AuthEnc::ChaCha20Poly1305->new($key, $nonce);
118				#or
119				my $ae = Crypt::AuthEnc::ChaCha20Poly1305->new($key);
120
121				# $key ..... [binary string] encryption key of proper length (128 or 256 bits / 16 or 32 bytes)
122				# $nonce ... [binary string] nonce (64 or 96 bits / 8 or 12 bytes)
123
124				=head2 adata_add
125
126				Add B.
127				Can be called only before the first C or C.
128				Returns the object itself (for chaining).
129
130				$ae->adata_add($aad_data); # can be called multiple times
131
132				=head2 encrypt_add
133
134				Returns a binary string of ciphertext (raw bytes).
135
136				my $ciphertext = $ae->encrypt_add($data); # can be called multiple times
137
138				=head2 encrypt_done
139
140				Returns the authentication tag as a binary string (raw bytes).
141				This call finalizes the current message.
142
143				my $tag = $ae->encrypt_done(); # returns $tag value
144
145				=head2 decrypt_add
146
147				Returns a binary string of plaintext (raw bytes).
148
149				my $plaintext = $ae->decrypt_add($ciphertext); # can be called multiple times
150
151				=head2 decrypt_done
152
153				Without argument returns the computed tag as a binary string. With C<$tag> argument returns C<1> (success) or C<0> (failure).
154				This call finalizes the current message.
155
156				my $tag = $ae->decrypt_done; # returns $tag value
157				#or
158				my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure)
159
160				=head2 set_iv
161
162				my $ae = Crypt::AuthEnc::ChaCha20Poly1305->new($key)->set_iv($nonce);
163				# $nonce ... [binary string] nonce (64 or 96 bits / 8 or 12 bytes)
164
165				Call C before the first C, C, or C
166				for a message.
167
168				=head2 set_iv_rfc7905
169
170				See L.
171
172				my $ae = Crypt::AuthEnc::ChaCha20Poly1305->new($key)->set_iv_rfc7905($nonce, $seqnum);
173				# $nonce ... [binary string] nonce (96 bits / 12 bytes)
174				# $seqnum .. [integer] 64-bit integer (sequence number)
175
176				=head2 clone
177
178				Returns a copy of the AEAD object in its current state.
179
180				my $ae_new = $ae->clone;
181
182				=head1 SEE ALSO
183
184				=over
185
186				=item * L, L, L, L, L, L
187
188				=item * L
189
190				=back
191
192				=cut