GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  CRYPT::AUTHENC::OCB (3)

.ds Aq ’

NAME

Crypt::AuthEnc::OCB - Authenticated encryption in OCBv3 mode

CONTENTS

SYNOPSIS



 ### OO interface
 use Crypt::AuthEnc::OCB;

 my $ae = Crypt::AuthEnc::OCB->new("AES", $key, $nonce);
 $ae->adata_add(aad1);
 $ae->adata_add(aad2);
 $ct = $ae->encrypt_add($data1);
 $ct = $ae->encrypt_add($data2);
 $ct = $ae->encrypt_add($data3);
 $ct = $ae->encrypt_last(rest of data);
 ($ct,$tag) = $ae->encrypt_done();

 my $ae = Crypt::AuthEnc::OCB->new("AES", $key, $nonce);
 $ae->adata_add(aad1);
 $ae->adata_add(aad2);
 $pt = $ae->decrypt_add($data1);
 $pt = $ae->decrypt_add($data2);
 $pt = $ae->decrypt_add($data3);
 $pt = $ae->decrypt_last(rest of data);
 ($pt,$tag) = $ae->decrypt_done();

 ### functional interface
 use Crypt::AuthEnc::OCB qw(ocb_encrypt_authenticate ocb_decrypt_verify);

 my ($ciphertext, $tag) = ocb_encrypt_authenticate(AES, $key, $nonce, $aad, $plaintext);
 my $plaintext = ocb_decrypt_verify(AES, $key, $nonce, $aad, $ciphertext, $tag);



DESCRIPTION

This module implements OCB version 3 according http://datatracker.ietf.org/doc/draft-irtf-cfrg-ocb/

EXPORT

Nothing is exported by default.

You can export selected functions:



  use Crypt::AuthEnc::OCB qw(ocb_encrypt_authenticate ocb_decrypt_verify);



FUNCTIONS

    ocb_encrypt_authenticate



 my ($ciphertext, $tag) = ocb_encrypt_authenticate($cipher, $key, $nonce, $aad, $plaintext);

 # $cipher .. AES or name of any other cipher with 16-byte block len
 # $key ..... AES key of proper length (128/192/256bits)
 # $nonce ... unique nonce/salt (no need to keep it secret)
 # $aad ..... meta-data you want to send with the message but not have encrypted



    ocb_decrypt_verify



  my $plaintext = ocb_decrypt_verify($cipher, $key, $nonce, $aad, $ciphertext, $tag);

  # on error returns undef



METHODS

    new



 my $ae = Crypt::AuthEnc::OCB->new($cipher, $key, $nonce);

 # $cipher .. AES or name of any other cipher with 16-byte block len
 # $key ..... AES key of proper length (128/192/256bits)
 # $nonce ... unique nonce/salt (no need to keep it secret)



    adata_add



 $ae->adata_add($aad);                          #can be called multiple times



    encrypt_add



 $ciphertext = $ae->encrypt_add($data);         #can be called multiple times

 #BEWARE: size of $data has to be multiple of blocklen (16 for AES)



    encrypt_last



 $ciphertext = $ae->encrypt_last($data);



    encrypt_done



 $tag = $ae->encrypt_done();



    decrypt_add



 $plaintext = $ae->decrypt_add($ciphertext);    #can be called multiple times

 #BEWARE: size of $ciphertext has to be multiple of blocklen (16 for AES)



    encrypt_last



 $plaintext = $ae->decrypt_last($data);



    decrypt_done



 my $result = $ae->decrypt_done($tag);  # returns 1 (success) or 0 (failure)
 #or
 my $tag = $ae->decrypt_done;           # returns $tag value



    clone



 my $ae_new = $ae->clone;



SEE ALSO

o CryptX, Crypt::Mode::CCM, Crypt::Mode::GCM, Crypt::Mode::EAX
o <https://en.wikipedia.org/wiki/OCB_mode>
Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 CRYPT::AUTHENC::OCB (3) 2016-01-25

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.