File Coverage

blib/lib/Crypt/AuthEnc/GCM.pm

Criterion	Covered	Total	%
statement	12	13	92.3
branch			n/a
condition			n/a
subroutine	4	5	80.0
pod			n/a
total	16	18	88.8

line	stmt	sub	time	code
1				package Crypt::AuthEnc::GCM;
2
3	4	4	383333	use strict;
	4		8
	4		145
4	4	4	88	use warnings;
	4		7
	4		1349
5				our $VERSION = '0.089';
6
7				require Exporter; our @ISA = qw(Exporter); ### use Exporter 5.57 'import';
8				our %EXPORT_TAGS = ( all => [qw( gcm_encrypt_authenticate gcm_decrypt_verify )] );
9				our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
10				our @EXPORT = qw();
11
12	4	4	28	use Carp;
	4		7
	4		311
13				$Carp::Internal{(__PACKAGE__)}++;
14	4	4	2357	use CryptX;
	4		10
	4		395
15
16	0	0		sub CLONE_SKIP { 1 } # prevent cloning
17
18				1;
19
20				=pod
21
22				=head1 NAME
23
24				Crypt::AuthEnc::GCM - Authenticated encryption in GCM mode
25
26				=head1 SYNOPSIS
27
28				### OO interface
29				use Crypt::AuthEnc::GCM;
30
31				my $key = '...';
32				my $iv = '...';
33				my $expected_tag = '...';
34
35				# encrypt and authenticate
36				my $ae_enc = Crypt::AuthEnc::GCM->new("AES", $key, $iv);
37				$ae_enc->adata_add('additional_authenticated_data1');
38				$ae_enc->adata_add('additional_authenticated_data2');
39				my $ct = $ae_enc->encrypt_add('data1');
40				$ct .= $ae_enc->encrypt_add('data2');
41				$ct .= $ae_enc->encrypt_add('data3');
42				my $tag = $ae_enc->encrypt_done();
43
44				# decrypt and verify
45				my $ae_dec = Crypt::AuthEnc::GCM->new("AES", $key, $iv);
46				$ae_dec->adata_add('additional_authenticated_data1');
47				$ae_dec->adata_add('additional_authenticated_data2');
48				my $pt = $ae_dec->decrypt_add('ciphertext1');
49				$pt .= $ae_dec->decrypt_add('ciphertext2');
50				$pt .= $ae_dec->decrypt_add('ciphertext3');
51				my $computed_tag = $ae_dec->decrypt_done();
52				die "decrypt failed" unless $computed_tag eq $expected_tag;
53
54				#or
55				my $result = $ae_dec->decrypt_done($expected_tag); # 0 or 1
56
57				### functional interface
58				use Crypt::AuthEnc::GCM qw(gcm_encrypt_authenticate gcm_decrypt_verify);
59
60				my $key = '...';
61				my $iv = '...';
62				my $adata = '...';
63				my $plaintext = '...';
64
65				my ($ciphertext, $tag) = gcm_encrypt_authenticate('AES', $key, $iv, $adata, $plaintext);
66				my $decrypted = gcm_decrypt_verify('AES', $key, $iv, $adata, $ciphertext, $tag);
67
68				=head1 DESCRIPTION
69
70				Galois/Counter Mode (GCM) - provides encryption and authentication.
71
72				Use a fresh object per message unless you intentionally reuse the same key via C.
73				The normal call order is: C, one or more C calls, optional C calls,
74				zero or more C / C calls, then C / C.
75				The first C / C call finalizes the object. After that,
76				further C, C, C, C, C,
77				and C calls croak until you call C.
78
79				If you construct with C, you must provide the IV via C before
80				adding authenticated data or payload data. After C, start a new message with the same
81				key by supplying the IV again, and re-add AAD if needed.
82
83				When verifying, C is the safer form. The no-argument form of
84				C only returns the computed tag.
85
86				=head1 EXPORT
87
88				Nothing is exported by default.
89
90				You can export selected functions:
91
92				use Crypt::AuthEnc::GCM qw(gcm_encrypt_authenticate gcm_decrypt_verify);
93
94				=head1 FUNCTIONS
95
96				=head2 gcm_encrypt_authenticate
97
98				my ($ciphertext, $tag) = gcm_encrypt_authenticate($cipher, $key, $iv, $adata, $plaintext);
99
100				# $cipher .. [string] 'AES' or name of any other cipher with 16-byte block len
101				# $key ..... [binary string] AES key of proper length (128/192/256 bits)
102				# $iv ...... [binary string] initialization vector
103				# $adata ... [binary string] additional authenticated data
104
105				=head2 gcm_decrypt_verify
106
107				my $plaintext = gcm_decrypt_verify($cipher, $key, $iv, $adata, $ciphertext, $tag);
108				# on error returns undef
109
110				=head1 METHODS
111
112				Unless noted otherwise, assume C<$ae> is an existing AEAD object created via
113				C, for example:
114
115				my $ae = Crypt::AuthEnc::GCM->new($cipher, $key, $iv);
116
117				=head2 new
118
119				my $ae = Crypt::AuthEnc::GCM->new($cipher, $key);
120				#or
121				my $ae = Crypt::AuthEnc::GCM->new($cipher, $key, $iv);
122
123				# $cipher .. [string] 'AES' or name of any other cipher
124				# $key ..... [binary string] encryption key of proper length
125				# $iv ...... [binary string] initialization vector (optional, you can set it later via iv_add method)
126
127				=head2 iv_add
128
129				Set initialization vector (IV). Multiple calls are concatenated to form the
130				full IV (the data is appended, not replaced). Returns the object itself.
131
132				$ae->iv_add($iv_data); # can be called multiple times before AAD/payload
133
134				Call C before the first C, C, or C. If you
135				reuse the object via C, provide the IV again for the new message.
136
137				=head2 adata_add
138
139				Add B.
140				Can be called B all C calls but before the first C or C.
141				Returns the object itself (for chaining).
142
143				$ae->adata_add($aad_data); # can be called multiple times
144
145				=head2 encrypt_add
146
147				Returns a binary string of ciphertext (raw bytes).
148
149				my $ciphertext = $ae->encrypt_add($data); # can be called multiple times
150
151				=head2 encrypt_done
152
153				Returns the authentication tag as a binary string (raw bytes).
154				This call finalizes the current message.
155
156				my $tag = $ae->encrypt_done(); # returns $tag value
157
158				=head2 decrypt_add
159
160				Returns a binary string of plaintext (raw bytes).
161
162				my $plaintext = $ae->decrypt_add($ciphertext); # can be called multiple times
163
164				=head2 decrypt_done
165
166				Without argument returns the computed tag as a binary string. With C<$tag> argument returns C<1> (success) or C<0> (failure).
167				This call finalizes the current message.
168
169				my $tag = $ae->decrypt_done; # returns $tag value
170				#or
171				my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure)
172
173				Use the C form for authentication checks. The no-argument form only
174				returns the computed tag.
175
176				=head2 reset
177
178				$ae->reset;
179
180				Start a new message with the same key. After C, call C again, then
181				C if needed, before processing payload data. C also clears the
182				finalized state set by C / C.
183
184				=head2 clone
185
186				Returns a copy of the AEAD object in its current state.
187
188				my $ae_new = $ae->clone;
189
190				=head1 SEE ALSO
191
192				=over
193
194				=item * L, L, L, L
195
196				=item * L
197
198				=item * L
199
200				=back
201
202				=cut