SYNOPSIS

Use Crypt::ECB \s-1OO\s0 style

  use Crypt::ECB;

  $crypt = Crypt::ECB->new;
  $crypt->padding(PADDING_AUTO);
  $crypt->cipher('Blowfish') || die $crypt->errstring;
  $crypt->key('some_key');

  $enc = $crypt->encrypt("Some data.");
  print $crypt->decrypt($enc);

or use the function style interface

use Crypt::ECB qw(encrypt decrypt encrypt_hex decrypt_hex);

$ciphertext = encrypt($key, 'Blowfish', "Some data", PADDING_AUTO); $plaintext = decrypt($key, 'Blowfish', $ciphertext, PADDING_AUTO);

$hexcode = encrypt_hex($key, $cipher, $plaintext); $plain = decrypt_hex($key, $cipher, $hexcode);

DESCRIPTION

This module is a Perl-only implementation of the \s-1ECB\s0 mode. In combination with a block cipher such as \s-1DES\s0, \s-1IDEA\s0 or Blowfish, you can encrypt and decrypt messages of arbitrarily long length. Though for security reasons other modes than \s-1ECB\s0 such as \s-1CBC\s0 should be preferred. See textbooks on cryptography if you want to know why.

The functionality of the module can be accessed via \s-1OO\s0 methods or via standard function calls. Remember that some crypting module like for example Blowfish has to be installed. The syntax follows that of Crypt::CBC.

METHODS

\fInew()\fP, \fIkey()\fP, \fIcipher()\fP, \fIpadding()\fP

$crypt = Crypt::ECB->new; $crypt->key('Some_key'); $crypt->cipher('Blowfish') || die $crypt->errstring; $crypt->padding(PADDING_AUTO);

print $crypt->key; print $crypt->cipher; print $crypt->padding;

$crypt = Crypt::ECB->new('Some_key','Blowfish'); $crypt->cipher || die "'Blowfish' wasn't loaded for some reason.";

new() initializes the variables it uses. Optional parameters are key and cipher. If called without parameters you have to call key() and cipher() before you can start crypting. If called with key but without cipher, for compatibility with Crypt::CBC '\s-1DES\s0' is assumed.

key() sets the key if given a parameter. It always returns the key. Note that some crypting modules require keys of definite length. For example the Crypt::Blowfish module expects an eight byte key.

cipher() sets the block cipher to be used if given a parameter. It tries to load the corresponding module. If an error occurs, it returns 0 and sets $crypt->{Errstring}. Otherwise it returns the cipher name. Free packages available for Perl are for example Blowfish, \s-1DES\s0 or \s-1IDEA\s0. If called without parameter it just returns the name of the cipher.

padding() sets the way how data is padded up to a multiple of the cipher's blocksize. Until now two ways are implemented: When set to \s-1PADDING_NONE\s0, no padding is done. You then have to take care of correct padding (and truncating) yourself. When set to \s-1PADDING_AUTO\s0, the \s-1ECB\s0 module handles padding (and truncating when decrypting) the same way Crypt::CBC does.

By default the padding style is set to \s-1PADDING_NONE\s0. This means if you don't bother and your data has not the correct length, the module will complain and therefore force you to think about what you really want.

\fIstart()\fP, \fImode()\fP, \fIcrypt()\fP, \fIfinish()\fP

$crypt->start('encrypt') || die $crypt->errstring; $enc .= $crypt->crypt($_) foreach (@lines); $enc .= $crypt->finish;

$crypt->start('decrypt'); print $crypt->mode;

start() sets the crypting mode and checks if all required variables like key and cipher are set. Allowed parameters are any words starting either with 'e' or 'd'. The Method returns the mode which is set or 0 if an error occurred.

mode() is called without parameters and just returns the mode which is set.

crypt() processes the data given as argument. If called without argument $_ is processed. The method returns the processed data. Cipher and key have to be set in order to be able to process data. If some of these are missing or start() was not called before, the method dies.

After having sent all data to be processed to crypt() you have to call finish() in order to flush data that's left in the buffer.

\fIcaching()\fP

$crypt->caching(1); # caching on $crypt->caching(0); # caching off

print $crypt->caching;

The caching mode is returned. If given an argument caching mode is set. Caching is on if caching() evaluates true, otherwise caching is off. By default caching is on.

What is this caching? The Crypt::ECB module communicates with the cipher module via some object. Creating the cipher object takes some time for the cipher module has to do some initialization. Now caching means that the same cipher object is used until caching is turned off or the key or the cipher module are changed. If caching is off, a new cipher object is created is created each time crypt() or finish() are called and destroyed at the end of these methods. Crypting using caching is much faster than without caching.

\fIencrypt()\fP, \fIdecrypt()\fP, \fIencrypt_hex()\fP, \fIdecrypt_hex()\fP

$enc = $crypt->encrypt($data); print $crypt->decrypt($enc);

$hexenc = $crypt->encrypt_hex($data); print $crypt->decrypt_hex($hexenc);

encrypt() and decrypt() are convenience methods which call start(), crypt() and finish() for you.

encrypt_hex() and decrypt_hex() are convenience functions that operate on ciphertext in a hexadecimal representation. They are exactly equivalent to

$hexenc = join('',unpack('H*',$crypt->encrypt($data))); print $crypt->decrypt(pack('H*',$hexenc));

These functions can be useful if, for example, you wish to place the encrypted information into an e-mail message, Web page or \s-1URL\s0.

\fIerrstring()\fP

print $crypt->errstring;

Some methods like cipher() or start() return 0 if an error occurs. You can then retrieve a more detailed error message by calling $crypt->errstring.

VARIABLES

Variables which could be of interest to the outside world are:

$crypt->{Key}, $crypt->{Cipher}, $crypt->{Module}, $crypt->{Keysize}, $crypt->{Blocksize}, $crypt->{Mode}, $crypt->{Caching}, $crypt->{Padding}, $crypt->{Errstring}.

The variables should not be set directly, use instead the above described methods. Reading should not pose a problem.

CONSTANTS

The two constants naming the padding styles are exported by default:

PADDING_NONE => 0 PADDING_AUTO => 1

FUNCTIONS

For convenience en- or decrypting can also be done by calling ordinary functions. The functions are: encrypt(), decrypt(), encrypt_hex, decrypt_hex. The module is smart enough to recognize whether these functions are called in an \s-1OO\s0 context or not.

\fIencrypt()\fP, \fIdecrypt()\fP, \fIencrypt_hex()\fP, \fIdecrypt_hex()\fP

$ciphertext = encrypt($key, $cipher, $plaintext, PADDING_AUTO); $plaintext = decrypt($key, $cipher, $ciphertext, PADDING_AUTO);

$ciphertext = encrypt_hex($key, $cipher, $plaintext, PADDING_AUTO); $plaintext = decrypt_hex($key, $cipher, $ciphertext, PADDING_AUTO);

encrypt() and decrypt() process the provided text and return either the corresponding ciphertext (encrypt) or plaintext (decrypt). Data and padstyle are optional, but remember that by default no padding is done. If data is omitted, $_ is assumed.

encrypt_hex() and decrypt_hex() operate on ciphertext in a hexadecimal representation. Otherwise usage is the same as for encrypt() and decrypt().

BUGS

None that I know of.

TODO

The other block cipher modes \s-1CBC\s0, \s-1CFB\s0 and \s-1OFB\s0 could be implemented.

Convenience encrypt and decrypt functions utilizing base64 encoding could be added.

COPYING

This program is free software; you can redistribute it and/or modify it under the terms of the \s-1GNU\s0 General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but \s-1WITHOUT\s0 \s-1ANY\s0 \s-1WARRANTY\s0; without even the implied warranty of \s-1MERCHANTABILITY\s0 or \s-1FITNESS\s0 \s-1FOR\s0 A \s-1PARTICULAR\s0 \s-1PURPOSE\s0. See the \s-1GNU\s0 General Public License for more details.

You should have received a copy of the \s-1GNU\s0 General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, \s-1MA\s0 02111-1307, \s-1USA\s0.

AUTHOR

Christoph Appel (see \s-1ECB\s0.pm for email address)

RELATED TO Crypt::ECB…

perl\|(1), Crypt::DES\|(3), Crypt::IDEA\|(3), Crypt::CBC\|(3)