Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Contact Us
Online Help
Domain Status
Man Pages

Virtual Servers

Topology Map

Server Agreement
Year 2038

USA Flag



Man Pages

Manual Reference Pages  -  CRYPT::OPENPGP::CERTIFICATE (3)

.ds Aq ’


Crypt::OpenPGP::Certificate - PGP Key certificate



    use Crypt::OpenPGP::Certificate;

    my $dsa_secret_key = Crypt::OpenPGP::Key::Secret->new( DSA );
    my $cert = Crypt::OpenPGP::Certificate->new(
        Key => $dsa_secret_key,
        Version => 4,
        Passphrase => foobar,
    my $serialized = $cert->save;

    # Unlock the locked certificate (using the passphrase from above)
    $cert->unlock( foobar );


Crypt::OpenPGP::Certificate encapsulates a PGP key certificate for any underlying public-key algorithm, for public and secret keys, and for master keys and subkeys. All of these scenarios are handled by the same Certificate class.

A Crypt::OpenPGP::Certificate object wraps around a Crypt::OpenPGP::Key object; the latter implements all public-key algorithm-specific functionality, while the certificate layer manages some meta-data about the key, as well as the mechanisms for locking and unlocking a secret key (using a passphrase).


Crypt::OpenPGP::Certificate->new( CW%arg )

Constructs a new PGP key certificate object and returns that object. If no arguments are provided in %arg, the certificate is empty; this is used in parse, for example, to construct an empty object, then fill it with the data in the buffer.

%arg can contain:
o Key

The public/secret key object, an object of type Crypt::OpenPGP::Key.

This argument is required (for a non-empty certificate).

o Version

The certificate packet version, as defined in the OpenPGP RFC. The two valid values are 3 and 4.

This argument is optional; if not provided the default is to produce version 4 certificates. You may wish to override this for compatibility with older versions of PGP.

o Subkey

A boolean flag: if true, indicates that this certificate is a subkey, not a master key.

This argument is optional; the default value is 0.

o Validity

The number of days that this certificate is valid. This argument only applies when creating a version 3 certificate; version 4 certificates hold this information in a signature.

This argument is optional; the default value is 0, which means that the certificate never expires.

o Passphrase

If you are creating a certificate for a secret key—indicated by whether or not the Key (above) is a secret key—you will need to lock it (that is, encrypt the secret part of the key). The string provided in Passphrase is used as the passphrase to lock the key.

This argument is required if the certificate holds a secret key.

o Cipher

Specifies the symmetric cipher to use when locking (encrypting) the secret part of a secret key. Valid values are any supported symmetric cipher names, which can be found in Crypt::OpenPGP::Cipher.

This argument is optional; if not specified, DES3 is used.


Serializes the Crypt::OpenPGP::Certificate object $cert into a string of octets, suitable for saving in a keyring file.


Given $buffer, a Crypt::OpenPGP::Buffer object holding (or with offset point to) a certificate packet, returns a new object of type Crypt::OpenPGP::Certificate, initialized with the data from the buffer.


Locks the secret key data by encrypting that data with $passphrase.

Returns true on success, undef on failure; in the case of failure call errstr to get the error message.


Uses the passphrase $passphrase to unlock (decrypt) the secret part of the key.

Returns true on success, undef on failure; in the case of failure call errstr to get the error message.


Returns the key fingerprint as an octet string.


Returns the key fingerprint as a hex string.


Returns the key fingerprint as a list of English words, where each word represents one octet from the fingerprint. See Crypt::OpenPGP::Words for more details about the encoding.


Returns the key ID.


Returns the key ID as a hex string.


Returns the algorithm-specific portion of the certificate, the public or secret key object (an object of type Crypt::OpenPGP::Key).


Returns a public version of the certificate, with a public key. If the certificate was already public, the same certificate is returned; if it was a secret certificate, a new Crypt::OpenPGP::Certificate object is created, and the secret key is made into a public version of the key.


Returns the version of the certificate (3 or 4).


Returns the creation date and time (in epoch time).


Returns the number of days that the certificate is valid for version 3 keys.


Returns true if the certificate holds a secret key, false otherwise.


Returns true if the certificate is locked, false otherwise.


Returns true if the certificate is a subkey, false otherwise.


Returns true if the public key algorithm for the certificate $cert can perform encryption/decryption, false otherwise.


Returns true if the public key algorithm for the certificate $cert can perform signing/verification, false otherwise.


Please see the Crypt::OpenPGP manpage for author, copyright, and license information.
Search for    or go to Top of page |  Section 3 |  Main Index

perl v5.20.3 CRYPT::OPENPGP::CERTIFICATE (3) 2009-12-11

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.