File Coverage

blib/lib/Crypt/AuthEnc/OCB.pm

Criterion	Covered	Total	%
statement	12	15	80.0
branch			n/a
condition			n/a
subroutine	4	7	57.1
pod	1	2	50.0
total	17	24	70.8

line	stmt	sub	pod	time	code
1					package Crypt::AuthEnc::OCB;
2
3	4	4		183420	use strict;
	4			9
	4			129
4	4	4		26	use warnings;
	4			5
	4			653
5					our $VERSION = '0.089';
6
7					require Exporter; our @ISA = qw(Exporter); ### use Exporter 5.57 'import';
8					our %EXPORT_TAGS = ( all => [qw( ocb_encrypt_authenticate ocb_decrypt_verify )] );
9					our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
10					our @EXPORT = qw();
11
12	4	4		26	use Carp;
	4			4
	4			280
13					$Carp::Internal{(__PACKAGE__)}++;
14	4	4		1105	use CryptX;
	4			7
	4			514
15
16					# obsolete, only for backwards compatibility
17	0	0	0		sub aad_add { goto &adata_add }
18	0	0	1		sub blocksize { return 16 }
19
20	0	0			sub CLONE_SKIP { 1 } # prevent cloning
21
22					1;
23
24					=pod
25
26					=head1 NAME
27
28					Crypt::AuthEnc::OCB - Authenticated encryption in OCBv3 mode
29
30					=head1 SYNOPSIS
31
32					### OO interface
33					use Crypt::AuthEnc::OCB;
34
35					my $key = '...';
36					my $nonce = '...';
37					my $tag_len = 16;
38					my $expected_tag = '...';
39
40					# encrypt and authenticate
41					my $ae_enc = Crypt::AuthEnc::OCB->new("AES", $key, $nonce, $tag_len);
42					$ae_enc->adata_add('additional_authenticated_data1');
43					$ae_enc->adata_add('additional_authenticated_data2');
44					my $ct = $ae_enc->encrypt_add('data1');
45					$ct .= $ae_enc->encrypt_add('data2');
46					$ct .= $ae_enc->encrypt_add('data3');
47					$ct .= $ae_enc->encrypt_last('rest of data');
48					my $tag = $ae_enc->encrypt_done();
49
50					# decrypt and verify
51					my $ae_dec = Crypt::AuthEnc::OCB->new("AES", $key, $nonce, $tag_len);
52					$ae_dec->adata_add('additional_authenticated_data1');
53					$ae_dec->adata_add('additional_authenticated_data2');
54					my $pt = $ae_dec->decrypt_add('ciphertext1');
55					$pt .= $ae_dec->decrypt_add('ciphertext2');
56					$pt .= $ae_dec->decrypt_add('ciphertext3');
57					$pt .= $ae_dec->decrypt_last('rest of data');
58					my $computed_tag = $ae_dec->decrypt_done();
59					die "decrypt failed" unless $computed_tag eq $expected_tag;
60
61					#or
62					my $result = $ae_dec->decrypt_done($expected_tag); # 0 or 1
63
64					### functional interface
65					use Crypt::AuthEnc::OCB qw(ocb_encrypt_authenticate ocb_decrypt_verify);
66
67					my $key = '...';
68					my $nonce = '...';
69					my $adata = '...';
70					my $plaintext = '...';
71					my $tag_len = 16;
72
73					my ($ciphertext, $tag) = ocb_encrypt_authenticate('AES', $key, $nonce, $adata, $tag_len, $plaintext);
74					my $decrypted = ocb_decrypt_verify('AES', $key, $nonce, $adata, $ciphertext, $tag);
75
76					=head1 DESCRIPTION
77
78					This module implements OCB v3 according to
79					L.
80
81					This is a stateful API. Build one message by calling, in order:
82					C, optional C, zero or more C or C
83					calls for full blocks, one optional C or C for the
84					final partial block, then C or C.
85
86					Use a fresh object per message. When verifying, C
87					is the safer one-step form; C without arguments only returns
88					the calculated tag.
89					The first C / C call finalizes the object. After that,
90					further C, C, C, C,
91					C, C, and C calls croak.
92
93					=head1 EXPORT
94
95					Nothing is exported by default.
96
97					You can export selected functions:
98
99					use Crypt::AuthEnc::OCB qw(ocb_encrypt_authenticate ocb_decrypt_verify);
100
101					=head1 FUNCTIONS
102
103					=head2 ocb_encrypt_authenticate
104
105					my ($ciphertext, $tag) = ocb_encrypt_authenticate($cipher, $key, $nonce, $adata, $tag_len, $plaintext);
106
107					# $cipher .. [string] 'AES' or name of any other cipher with 16-byte block len
108					# $key ..... [binary string] AES key of proper length (128/192/256 bits)
109					# $nonce ... [binary string] unique nonce/salt (no need to keep it secret)
110					# $adata ... [binary string] additional authenticated data
111					# $tag_len . [integer] required length of output tag
112
113					Use tag lengths from 4 to 16 bytes. Out-of-range values passed to this
114					functional helper are normalized to 16.
115
116					=head2 ocb_decrypt_verify
117
118					my $plaintext = ocb_decrypt_verify($cipher, $key, $nonce, $adata, $ciphertext, $tag);
119					# on error returns undef
120
121					=head1 METHODS
122
123					Unless noted otherwise, assume C<$ae> is an existing AEAD object created via
124					C, for example:
125
126					my $ae = Crypt::AuthEnc::OCB->new($cipher, $key, $nonce);
127
128					=head2 new
129
130					my $ae = Crypt::AuthEnc::OCB->new($cipher, $key, $nonce, $tag_len);
131
132					# $cipher .. [string] 'AES' or name of any other cipher with 16-byte block len
133					# $key ..... [binary string] AES key of proper length (128/192/256 bits)
134					# $nonce ... [binary string] unique nonce/salt (no need to keep it secret)
135					# $tag_len . [integer] required length of output tag
136
137					=head2 adata_add
138
139					Can be called only before the first C, C,
140					C, or C.
141					Returns the object itself (for chaining).
142
143					$ae->adata_add($adata); #can be called multiple times
144
145					=head2 encrypt_add
146
147					Returns a binary string of ciphertext (raw bytes).
148
149					my $ciphertext = $ae->encrypt_add($data); # can be called multiple times
150
151					# note: \ must be a multiple of the block length (16 for AES)
152
153					=head2 encrypt_last
154
155					my $ciphertext = $ae->encrypt_last($data);
156
157					=head2 encrypt_done
158
159					Returns the authentication tag as a binary string (raw bytes).
160					This call finalizes the current message.
161
162					my $tag = $ae->encrypt_done(); # returns $tag value
163
164					=head2 decrypt_add
165
166					Returns a binary string of plaintext (raw bytes).
167
168					my $plaintext = $ae->decrypt_add($ciphertext); # can be called multiple times
169
170					# note: \ must be a multiple of the block length (16 for AES)
171
172					=head2 decrypt_last
173
174					my $plaintext = $ae->decrypt_last($data);
175
176					=head2 decrypt_done
177
178					Without argument returns the computed tag as a binary string. With C<$tag> argument returns C<1> (success) or C<0> (failure).
179					This call finalizes the current message.
180
181					my $tag = $ae->decrypt_done; # returns $tag value
182					#or
183					my $result = $ae->decrypt_done($tag); # returns 1 (success) or 0 (failure)
184
185					=head2 blocksize
186
187					my $bs = $ae->blocksize; # always returns 16
188
189					Returns the block size of the underlying cipher (always 16, since OCB requires
190					a 128-bit block cipher such as AES).
191
192					=head2 clone
193
194					Returns a copy of the AEAD object in its current state.
195
196					my $ae_new = $ae->clone;
197
198					=head1 SEE ALSO
199
200					=over
201
202					=item * L, L, L, L
203
204					=item * L
205
206					=item * L
207
208					=back
209
210					=cut