GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  CRYPT::AUTHENC::EAX (3)

.ds Aq ’

NAME

Crypt::AuthEnc::EAX - Authenticated encryption in EAX mode

CONTENTS

SYNOPSIS



 ### example 1
 use Crypt::AuthEnc::EAX;

 # encrypt + authenticate
 my $ae = Crypt::AuthEnc::EAX->new("AES", $key, $nonce);
 $ae->header_add(headerdata part1);
 $ae->header_add(headerdata part2);
 $ct = $ae->encrypt_add(data1);
 $ct = $ae->encrypt_add(data2);
 $ct = $ae->encrypt_add(data3);
 $tag = $ae->encrypt_done();

 # decrypt + verify
 my $ae = Crypt::AuthEnc::EAX->new("AES", $key, $nonce);
 $ae->header_add(headerdata part1);
 $ae->header_add(headerdata part2);
 $pt = $ae->decrypt_add(ciphertext1);
 $pt = $ae->decrypt_add(ciphertext2);
 $pt = $ae->decrypt_add(ciphertext3);

 my $result = $ae->decrypt_done($tag);
 #or
 my $tag_dec = $ae->decrypt_done;
 die "TAG mismatch" unless $tag eq $tag_dec;

 ### example 2
 use Crypt::AuthEnc::EAX qw(eax_encrypt_authenticate eax_decrypt_verify);

 my ($ciphertext, $tag) = eax_encrypt_authenticate(AES, $key, $nonce, $header, $plaintext);
 my $plaintext = eax_decrypt_verify(AES, $key, $nonce, $header, $ciphertext, $tag);



DESCRIPTION

EAX is a mode that requires a cipher, CTR and OMAC support and provides encryption and authentication. It is initialized with a random nonce that can be shared publicly, a header which can be fixed and public, and a random secret symmetric key.

EXPORT

Nothing is exported by default.

You can export selected functions:



  use Crypt::AuthEnc::EAX qw(eax_encrypt_authenticate eax_decrypt_verify);



FUNCTIONS

    eax_encrypt_authenticate



 my ($ciphertext, $tag) = eax_encrypt_authenticate($cipher, $key, $nonce, $header, $plaintext);

 # $cipher .. AES or name of any other cipher with 16-byte block len
 # $key ..... AES key of proper length (128/192/256bits)
 # $nonce ... unique nonce/salt (no need to keep it secret)
 # $header .. meta-data you want to send with the message but not have encrypted



    eax_decrypt_verify



  my $plaintext = eax_decrypt_verify($cipher, $key, $nonce, $header, $ciphertext, $tag);

  # on error returns undef



METHODS

    new



 my $ae = Crypt::AuthEnc::EAX->new($cipher, $key, $nonce);
 #or
 my $ae = Crypt::AuthEnc::EAX->new($cipher, $key, $nonce, $header);

 # $cipher .. AES or name of any other cipher with 16-byte block len
 # $key ..... AES key of proper length (128/192/256bits)
 # $nonce ... unique nonce/salt (no need to keep it secret)
 # $header .. meta-data you want to send with the message but not have encrypted



    header_add



 $ae->header_add($header_data);                 #can be called multiple times



    encrypt_add



 $ciphertext = $ae->encrypt_add($data);         #can be called multiple times



    encrypt_done



 $tag = $ae->encrypt_done();



    decrypt_add



 $plaintext = $ae->decrypt_add($ciphertext);    #can be called multiple times



    decrypt_done



 my $result = $ae->decrypt_done($tag);  # returns 1 (success) or 0 (failure)
 #or
 my $tag = $ae->decrypt_done;           # returns $tag value



    clone



 my $ae_new = $ae->clone;



SEE ALSO

o CryptX, Crypt::Mode::CCM, Crypt::Mode::GCM, Crypt::Mode::OCB
o <https://en.wikipedia.org/wiki/EAX_mode>
Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 CRYPT::AUTHENC::EAX (3) 2016-01-25

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.