.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" ======================================================================== .\" .IX Title "Crypt::PK::RSA 3pm" .TH Crypt::PK::RSA 3pm "2018-12-01" "perl v5.28.1" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" Crypt::PK::RSA \- Public key cryptography based on RSA .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& ### OO interface \& \& #Encryption: Alice \& my $pub = Crypt::PK::RSA\->new(\*(AqBob_pub_rsa1.der\*(Aq); \& my $ct = $pub\->encrypt("secret message"); \& # \& #Encryption: Bob (received ciphertext $ct) \& my $priv = Crypt::PK::RSA\->new(\*(AqBob_priv_rsa1.der\*(Aq); \& my $pt = $priv\->decrypt($ct); \& \& #Signature: Alice \& my $priv = Crypt::PK::RSA\->new(\*(AqAlice_priv_rsa1.der\*(Aq); \& my $sig = $priv\->sign_message($message); \& # \& #Signature: Bob (received $message + $sig) \& my $pub = Crypt::PK::RSA\->new(\*(AqAlice_pub_rsa1.der\*(Aq); \& $pub\->verify_message($sig, $message) or die "ERROR"; \& \& #Key generation \& my $pk = Crypt::PK::RSA\->new(); \& $pk\->generate_key(256, 65537); \& my $private_der = $pk\->export_key_der(\*(Aqprivate\*(Aq); \& my $public_der = $pk\->export_key_der(\*(Aqpublic\*(Aq); \& my $private_pem = $pk\->export_key_pem(\*(Aqprivate\*(Aq); \& my $public_pem = $pk\->export_key_pem(\*(Aqpublic\*(Aq); \& \& ### Functional interface \& \& #Encryption: Alice \& my $ct = rsa_encrypt(\*(AqBob_pub_rsa1.der\*(Aq, "secret message"); \& #Encryption: Bob (received ciphertext $ct) \& my $pt = rsa_decrypt(\*(AqBob_priv_rsa1.der\*(Aq, $ct); \& \& #Signature: Alice \& my $sig = rsa_sign_message(\*(AqAlice_priv_rsa1.der\*(Aq, $message); \& #Signature: Bob (received $message + $sig) \& rsa_verify_message(\*(AqAlice_pub_rsa1.der\*(Aq, $sig, $message) or die "ERROR"; .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" The module provides a full featured \s-1RSA\s0 implementation. .SH "METHODS" .IX Header "METHODS" .SS "new" .IX Subsection "new" .Vb 5 \& my $pk = Crypt::PK::RSA\->new(); \& #or \& my $pk = Crypt::PK::RSA\->new($priv_or_pub_key_filename); \& #or \& my $pk = Crypt::PK::RSA\->new(\e$buffer_containing_priv_or_pub_key); .Ve .PP Support for password protected \s-1PEM\s0 keys .PP .Vb 3 \& my $pk = Crypt::PK::RSA\->new($priv_pem_key_filename, $password); \& #or \& my $pk = Crypt::PK::RSA\->new(\e$buffer_containing_priv_pem_key, $password); .Ve .SS "generate_key" .IX Subsection "generate_key" Uses Yarrow-based cryptographically strong random number generator seeded with random data taken from \f(CW\*(C`/dev/random\*(C'\fR (\s-1UNIX\s0) or \f(CW\*(C`CryptGenRandom\*(C'\fR (Win32). .PP .Vb 3 \& $pk\->generate_key($size, $e); \& # $size .. key size: 128\-512 bytes (DEFAULT is 256) \& # $e ..... exponent: 3, 17, 257 or 65537 (DEFAULT is 65537) .Ve .SS "import_key" .IX Subsection "import_key" Loads private or public key in \s-1DER\s0 or \s-1PEM\s0 format. .PP .Vb 3 \& $pk\->import_key($priv_or_pub_key_filename); \& #or \& $pk\->import_key(\e$buffer_containing_priv_or_pub_key); .Ve .PP Support for password protected \s-1PEM\s0 keys .PP .Vb 3 \& $pk\->import_key($pem_filename, $password); \& #or \& $pk\->import_key(\e$buffer_containing_pem_key, $password); .Ve .PP Loading private or public keys form perl hash: .PP .Vb 1 \& $pk\->import_key($hashref); \& \& # the $hashref is either a key exported via key2hash \& $pk\->import_key({ \& e => "10001", #public exponent \& d => "9ED5C3D3F866E06957CA0E9478A273C39BBDA4EEAC5B...", #private exponent \& N => "D0A5CCCAE03DF9C2F5C4C8C0CE840D62CDE279990DC6...", #modulus \& p => "D3EF0028FFAB508E2773C659E428A80FB0E9211346B4...", #p factor of N \& q => "FC07E46B163CAB6A83B8E467D169534B2077DCDEECAE...", #q factor of N \& qP => "88C6D406F833DF73C8B734548E0385261AD51F4187CF...", #1/q mod p CRT param \& dP => "486F142FEF0A1F53269AC43D2EE4D263E2841B60DA36...", #d mod (p \- 1) CRT param \& dQ => "4597284B2968B72C4212DB7E8F24360B987B80514DA9...", #d mod (q \- 1) CRT param \& }); \& \& # or a hash with items corresponding to JWK (JSON Web Key) \& $pk\->import_key({ \& { \& kty => "RSA", \& n => "0vx7agoebGcQSuuPiLJXZpt...eZu0fM4lFd2NcRwr3XPksINHaQ\-G_xBniIqbw0Ls1jF44\-csFCur\-kEgU8awapJzKnqDKgw", \& e => "AQAB", \& d => "X4cTteJY_gn4FYPsXB8rdXi...FLN5EEaG6RoVH\-HLKD9Mdx5ooGURknhnrRwUkC7h5fJLMWbFAKLWY2v7B6NqSzUvx0_YSf", \& p => "83i\-7IvMGXoMXCskv73TKr8...Z27zvoj6pbUQyLPBQxtPnwD20\-60eTmD2ujMt5PoMrm8RmNhVWtjjMmMjOpSicFHjXOuVI", \& q => "3dfOR9cuYq\-0S\-mkFLzgItg...q3hWeMuG0ouqnb3obLyuqjVZQ1dIrdgTnCdYzBcOW5r37AFXjift_NGiovonzhKpoVVS78", \& dp => "G4sPXkc6Ya9y8oJW9_ILj4...zi_H7TkS8x5SdX3oE0oiYwxIiemTAu0UOa5pgFGyJ4c8t2VF40XRugKTP8akhFo5tA77Qe", \& dq => "s9lAH9fggBsoFR8Oac2R_E...T2kGOhvIllTE1efA6huUvMfBcpn8lqW6vzzYY5SSF7pMd_agI3G8IbpBUb0JiraRNUfLhc", \& qi => "GyM_p6JrXySiz1toFgKbWV...4ypu9bMWx3QJBfm0FoYzUIZEVEcOqwmRN81oDAaaBk0KWGDjJHDdDmFW3AN7I\-pux_mHZG", \& }); .Ve .PP Supported key formats: .PP .Vb 2 \& # all formats can be loaded from a file \& my $pk = Crypt::PK::RSA\->new($filename); \& \& # or from a buffer containing the key \& my $pk = Crypt::PK::RSA\->new(\e$buffer_with_key); .Ve .IP "\(bu" 4 \&\s-1RSA\s0 public keys .Sp .Vb 6 \& \-\-\-\-\-BEGIN PUBLIC KEY\-\-\-\-\- \& MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHlYKg9DeHB3/dY1D9WCyJTnl5 \& vEzAXpUOL9tDtdPUl96brIbbdMLooO1hKjsq98kLs1q4vOn/pxvzk0BRwhiu7Vvb \& VUjAn/2HHDDL0U1utqqlMJhaffeLI3HEq5o/lSMFY7sSkZU/E4YX1yqAN0SE7xfK \& B2uzcNq60sMIfp6siQIDAQAB \& \-\-\-\-\-END PUBLIC KEY\-\-\-\-\- .Ve .IP "\(bu" 4 \&\s-1RSA\s0 private keys .Sp .Vb 10 \& \-\-\-\-\-BEGIN RSA PRIVATE KEY\-\-\-\-\- \& MIICXQIBAAKBgQDHlYKg9DeHB3/dY1D9WCyJTnl5vEzAXpUOL9tDtdPUl96brIbb \& dMLooO1hKjsq98kLs1q4vOn/pxvzk0BRwhiu7VvbVUjAn/2HHDDL0U1utqqlMJha \& ffeLI3HEq5o/lSMFY7sSkZU/E4YX1yqAN0SE7xfKB2uzcNq60sMIfp6siQIDAQAB \& AoGBAI5+GgNcGQDYw9uF+t7FwxZM5sGZRJrbbEPyuvL+sDxKKW6voKCyHi4EJzaF \& 9jRZMDqgVJcsmUwjPPuMGBHHJ+MI5Zb3L0jbZkyx8u+U5gf88oy9eZmfGOjmHcMB \& oCgzyoLmJETuyADg2onLanuY3jggFb3tq/jimKjO8xM2R6zhAkEA7uXWWyJI9cCN \& zrVt5R5v6oosjZ4r5VILGMqBRLrzfTvH+WDMK6Rl/2MHE+YDeLajzunaM8qY2456 \& GTYEXQsIdQJBANXfMEtXocSdPtoVj3ME8Do/0r+ApgTdcDPCwXOzkmkEJW/UFMSn \& b8CYF5G6sZQN9L5z3s2nvi55PaFV8Q0LMUUCQBh9GvIQm6YFbQPpeTBpZFOIgnSp \& 6BoDxPtvlryy5U7LF/6qO4OlwIbjYdBaXbS8FCKbujBg7jZjboSzEtNu1BkCQDGT \& w0Yz0jQZn3A+fzpScr2N/fSWheWqz0+wXdfMUKw3YdZCe236wlUK7KvDc1a2xX1A \& ru1NbTCoujikC3TSm2ECQQDKQshchJlZJmFv9vCFQlGCA/EX+4406xvOOiixbPYC \& pIB4Ee2cmvEdAqSaOjrvgs5zvaCCFBO0MecPStCAxUX6 \& \-\-\-\-\-END RSA PRIVATE KEY\-\-\-\-\- .Ve .IP "\(bu" 4 \&\s-1RSA\s0 private keys in password protected \s-1PEM\s0 format .Sp .Vb 3 \& \-\-\-\-\-BEGIN RSA PRIVATE KEY\-\-\-\-\- \& Proc\-Type: 4,ENCRYPTED \& DEK\-Info: DES\-EDE3\-CBC,4D697440FF5AEF18 \& \& C09H49Gn99o8b8O2r4+Hqao4r3udvC+QSSfsk20sXatyuZSEmbhyqKAB+13NRj+3 \& KIsRTqnL9VkeibIGgLHuekOFKAqeSVZ0PmR4bGWEFxUPAYUvg9N9pIa6hGtNZG+y \& TEpOAfFITb1pbHQhp3j8y7qmKc5kY5LrZSFE8WwA24NTG773E07wJgRxKDkXNGOl \& kki6oYArNEps0DdtHFxzgdRg0+yaotXuFJRuC5V4YzKGG/oSRcgYyXKTwCndb3xt \& aHgI2WprQAPg+qOpLABzoi7bEjCqbHWrwkvnAngylbim2Uyvw1e1xKnzlgIHU7pv \& e/J+s00pTItfqW1IpY2mh4C9nkfkfVKBKaAv7jO0s6aPySATqsdlrzv2kpF6Ub4J \& kgaZDOfZ4K3qkyAYVLWcQeDqg4glv9Ah2J05bTm4qrIMmthYnThyQlGvcjUfCMXs \& 0t+mEQbsRY7xKt0o6HzzvQlJ+JsFlLORoslAubJX9iLqpEdnlrj1lD9bo6uIClZ5 \& 5+aoLcAyz1D4OsauuP5i8VFu+Is+QG4SN/vHVuArjkqi3VpLwSAjNDY+KWbq042l \& CqlM2mwm6FIGUZQFxiLHJD7WDmk1xmae++m+XG9CEDTfrUQ5v+l0O6BTrl80XUfU \& w3gzAWbSjz3UK0FpKeABVFPE9fjNP9fTcS6qL5YJWBPflwxCAbVgsBOW4bOMpDGK \& BJDQTeShWn4BlYCe/vgThI9ERdgZhRz4NcFeDgVA/CqQzVqptvz4PSqH46fqUN2n \& 4PtJgKE5cASYUBuAjlD71FecSVVM/OTzL1uxYzXBilzvVn2vSHgo9g== \& \-\-\-\-\-END RSA PRIVATE KEY\-\-\-\-\- .Ve .IP "\(bu" 4 PKCS#8 encoded private keys .Sp .Vb 10 \& \-\-\-\-\-BEGIN PRIVATE KEY\-\-\-\-\- \& MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANPN17xW4EkH5PXG \& 1i/i3rE1EXFcCHyxmz95VRBDs1p3MuYf9mxntbfYAmuzS3KrRWh3IyX/Eh80N/v9 \& OXPlwZbVqSTX+L3pCEJtRtsWn0zmswGThjMZiwle0oWuap63L35F1QN8EDaSPSBC \& yGELNRr6rwVYq0w5b+LOcaCZ+/H1AgMBAAECgYEApfu3aGpww+rC3HUhX0+ckyTy \& cXLdV9LbxidwqRlVEb0+DyfXNucjelp2sy5EHy3na9GJovo8mmWSxhCRGKliRkQ6 \& XgrEMZdCSaWI2AazuHAGlUJRFEVkvdla3AuBAn6y0YdDp/3kbg0yahmKyD8Gq74z \& nUYbDL3R5JtR2Ad/KlUCQQDvSEICTHbO/BF7hVmlKRYZSNHKEPrv8X/OlppS14Kv \& QRwc+CZ5+l6T1Y+l5cHJQUXrXZoWS1K741TXdUhjjUd7AkEA4pod804Ex8sttdWi \& pHMfeyj+IbPAk5XnBc91jT7AYIeL8ccjtfl99xhMsGFaxrh3wA/4SGEvwzWkbxcq \& H8G5TwJAKNG+0P2SVwURRm0dOdukdXPCtiHnbP9Zujhe4zr4hEUrMpXymmRntfh8 \& pORpBpgoAVraams3Fe5WDttnGfSD+QJAOOC6V9HjfUrQhG3FT0XeRwm5EDiQQ/tC \& a8DxHqz7mL8tL1ju68ReC+G7jiJBqNOwqzLW/UP3uyYByiikWChGHQJAHUau7jIM \& 45ErO096n94Vh95p76ANxOroWszOt39TyvJOykIfoPwFagLrBWV9Jjos2/D54KE+ \& fyoy4t3yHT+/nw== \& \-\-\-\-\-END PRIVATE KEY\-\-\-\-\- .Ve .IP "\(bu" 4 PKCS#8 encrypted private keys \- password protected keys (supported since: CryptX\-0.062) .Sp .Vb 10 \& \-\-\-\-\-BEGIN ENCRYPTED PRIVATE KEY\-\-\-\-\- \& MIICojAcBgoqhkiG9w0BDAEDMA4ECCQk+Rr1yzzcAgIIAASCAoD/mgpUFjxxM/Ty \& Yt+NeT0Fo4echgoGksqs6+rYhO16oshG664emZfkuNoFGGzJ38X6GVuqIXhlPnYQ \& biKvL37dN/KnoGytFHq9Wnk8dDwjGHPtwajhW5WuIV3NuhW/AO1PF/cRZKFjWrPt \& NWY5CrpfH6t6zojoe+5uyXpH29lQy4OqvSRdPIt/12UcB+tzV7XzSWEuXh8HAi8a \& sYUu6tuCFnq4GrD2ffM4KWFmL5GqBAwN6m0KkyrNni9XT+RaA6zEhv/lVcwg2esa \& 4/EzRs0ixzzZDKaml8oCMl9RHtFAbQmdlfV7Ip4rGK9BwY6UFiDMIVru6HynOVQK \& vvZ+j//bgO+3ubrv7psX+vC9Fy/MoH2Tc7MIwDN/QVTciPZlzjWBnBNxMfeFKtEn \& d7NFiapgfLuRQIiDTMrW/clcqvO54NphxhrcgUEoxos4twKZARntqPZHtf8nEM2x \& 2sEF5kI65aEF/5Yy16qvP0vZAA2B1kcIdXZ8XLZCp4c3olhkIrmgUpo1gyFXdCoC \& 7dT5Cz7/YLkq5hkcFrtp4V9BZMR24fSttc4p24N5xuZ+JneGnGkLX6B+nJAtm9vw \& bZA6P+23GI0qeMzL3HJXwCOTSsWfm/H9W5+2Zmw851aAmE+pZLni/pk3e3iNSWgs \& 946x/doA5O0uCFsU7oxme+WAIp2SjhxGoe808Lf1CCFMPboFi1O/E0NsX8SIEX+i \& U+UHi4kxZqVkr3Q5SB/9kiSv8K1bE787yueQOT/dsTYYaMsjAbkEZo0o/47F32T6 \& A2ioXHOV/pr5zNHqE5tL+qKEcLYbAUF1O+WvmdqYz+vHQjRQBatAqTmncvLDYr/j \& 1HPwZX2d \& \-\-\-\-\-END ENCRYPTED PRIVATE KEY\-\-\-\-\- .Ve .IP "\(bu" 4 \&\s-1RSA\s0 public key from X509 certificate .Sp .Vb 10 \& \-\-\-\-\-BEGIN CERTIFICATE\-\-\-\-\- \& MIIC8zCCAdugAwIBAgIJAPi+LvMU3uGWMA0GCSqGSIb3DQEBCwUAMBAxDjAMBgNV \& BAMMBXBva3VzMB4XDTE3MDcxNDE0MTAyMFoXDTIwMDQwOTE0MTAyMFowEDEOMAwG \& A1UEAwwFcG9rdXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCQima \& SUIMIdz5uVevzcScbcj06xs1OLaFKUoPJ8v+xP6Ut61BQhAvc8GYuw2uRx223hZC \& r3HYLfSdWIfmOIAtlL8cPYPVoSivJtpSGE6fBG1tlBjVgXWRmJGR/oxx6Y5QDwcB \& Q4GZKga8TtHQoY5idZuatYOFZGfMIcIUC0Uoda+YSypnw7A90F/JvlpcTUh3Fnem \& VinqEA6XOegU9dCZk/29sXqauBjbdGihh8DvpklOhY16eQoiR3909AywQ0KUmI+R \& Sa9E8oIsmUDetFuXEvana+sD3y42tU+cd2nhBPRETbSXPcum0B3uF4yKgweuJy5D \& cvtVQIFVkkh4+AWNAgMBAAGjUDBOMB0GA1UdDgQWBBSS6V5PVGyN92NoB0AVLcOb \& pzR3SzAfBgNVHSMEGDAWgBSS6V5PVGyN92NoB0AVLcObpzR3SzAMBgNVHRMEBTAD \& AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBIszrBjoJ39axsS6Btbvwvo8vAmgiSWsav \& 7AmjXOAwknHPaCcDmrdOys5POD0DNRwNeRsnxFiZ/UL8Vmj2JGDLgAw+/v32MwfX \& Ig7m+oIbO8KqDzlYvS5kd3suJ5C21hHy1/JUtfofZLovZH7ZRzhTAoRvCYaodW90 \& 2o8ZqmyCdcXPzjFmoJ2xYzs/Sf8/E1cHfb+4HjOpeRnKxDvG0gwWzcsXpUrw2pNO \& Oztj6Rd0THNrf/anIeYVtAHX4aqZA8Kbv2TyJd+9g78usFw1cn+8vfmilm6Pn0DQ \& a+I5GyGd7BJI8wYuWqIStzvrJHbQQaNrSk7hgjWYiYlcsPh6w2QP \& \-\-\-\-\-END CERTIFICATE\-\-\-\-\- .Ve .IP "\(bu" 4 \&\s-1SSH\s0 public \s-1RSA\s0 keys .Sp .Vb 1 \& ssh\-rsa AAAAB3NzaC1yc2EAAAADAQA...6mdYs5iJNGu/ltUdc= .Ve .IP "\(bu" 4 \&\s-1SSH\s0 public \s-1RSA\s0 keys (\s-1RFC\-4716\s0 format) .Sp .Vb 6 \& \-\-\-\- BEGIN SSH2 PUBLIC KEY \-\-\-\- \& Comment: "768\-bit RSA, converted from OpenSSH" \& AAAAB3NzaC1yc2EAAAADAQABAAAAYQDYebeGQFCnlQiNRE7r9UEbjr+DQMTdw1ZHGB2w6x \& D/DzKem8761GdCpqsLrGaw2D7aSIoP1B5Sz870YoVWHn6Ao7Hvm17V3Kxfn4B01GNQTM5+ \& L26mdYs5iJNGu/ltUdc= \& \-\-\-\- END SSH2 PUBLIC KEY \-\-\-\- .Ve .IP "\(bu" 4 \&\s-1RSA\s0 private keys in \s-1JSON\s0 Web Key (\s-1JWK\s0) format .Sp See .Sp .Vb 11 \& { \& "kty":"RSA", \& "n":"0vx7agoebGcQSuuPiLJXZpt...eZu0fM4lFd2NcRwr3XPksINHaQ\-G_xBniIqbw0Ls1jF44\-csFCur\-kEgU8awapJzKnqDKgw", \& "e":"AQAB", \& "d":"X4cTteJY_gn4FYPsXB8rdXi...FLN5EEaG6RoVH\-HLKD9Mdx5ooGURknhnrRwUkC7h5fJLMWbFAKLWY2v7B6NqSzUvx0_YSf", \& "p":"83i\-7IvMGXoMXCskv73TKr8...Z27zvoj6pbUQyLPBQxtPnwD20\-60eTmD2ujMt5PoMrm8RmNhVWtjjMmMjOpSicFHjXOuVI", \& "q":"3dfOR9cuYq\-0S\-mkFLzgItg...q3hWeMuG0ouqnb3obLyuqjVZQ1dIrdgTnCdYzBcOW5r37AFXjift_NGiovonzhKpoVVS78", \& "dp":"G4sPXkc6Ya9y8oJW9_ILj4...zi_H7TkS8x5SdX3oE0oiYwxIiemTAu0UOa5pgFGyJ4c8t2VF40XRugKTP8akhFo5tA77Qe", \& "dq":"s9lAH9fggBsoFR8Oac2R_E...T2kGOhvIllTE1efA6huUvMfBcpn8lqW6vzzYY5SSF7pMd_agI3G8IbpBUb0JiraRNUfLhc", \& "qi":"GyM_p6JrXySiz1toFgKbWV...4ypu9bMWx3QJBfm0FoYzUIZEVEcOqwmRN81oDAaaBk0KWGDjJHDdDmFW3AN7I\-pux_mHZG", \& } .Ve .Sp \&\fB\s-1BEWARE:\s0\fR For \s-1JWK\s0 support you need to have \s-1JSON::PP\s0, \s-1JSON::XS\s0 or Cpanel::JSON::XS module. .IP "\(bu" 4 \&\s-1RSA\s0 public keys in \s-1JSON\s0 Web Key (\s-1JWK\s0) format .Sp .Vb 5 \& { \& "kty":"RSA", \& "n": "0vx7agoebGcQSuuPiLJXZp...tN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECP", \& "e":"AQAB", \& } .Ve .Sp \&\fB\s-1BEWARE:\s0\fR For \s-1JWK\s0 support you need to have \s-1JSON::PP\s0, \s-1JSON::XS\s0 or Cpanel::JSON::XS module. .SS "export_key_der" .IX Subsection "export_key_der" .Vb 3 \& my $private_der = $pk\->export_key_der(\*(Aqprivate\*(Aq); \& #or \& my $public_der = $pk\->export_key_der(\*(Aqpublic\*(Aq); .Ve .SS "export_key_pem" .IX Subsection "export_key_pem" .Vb 5 \& my $private_pem = $pk\->export_key_pem(\*(Aqprivate\*(Aq); \& #or \& my $public_pem = $pk\->export_key_pem(\*(Aqpublic\*(Aq); \& #or \& my $public_pem = $pk\->export_key_pem(\*(Aqpublic_x509\*(Aq); .Ve .PP With parameter \f(CW\*(Aqpublic\*(Aq\fR uses header and footer lines: .PP .Vb 2 \& \-\-\-\-\-BEGIN RSA PUBLIC KEY\-\-\-\-\-\- \& \-\-\-\-\-END RSA PUBLIC KEY\-\-\-\-\-\- .Ve .PP With parameter \f(CW\*(Aqpublic_x509\*(Aq\fR uses header and footer lines: .PP .Vb 2 \& \-\-\-\-\-BEGIN PUBLIC KEY\-\-\-\-\-\- \& \-\-\-\-\-END PUBLIC KEY\-\-\-\-\-\- .Ve .PP Support for password protected \s-1PEM\s0 keys .PP .Vb 3 \& my $private_pem = $pk\->export_key_pem(\*(Aqprivate\*(Aq, $password); \& #or \& my $private_pem = $pk\->export_key_pem(\*(Aqprivate\*(Aq, $password, $cipher); \& \& # supported ciphers: \*(AqDES\-CBC\*(Aq \& # \*(AqDES\-EDE3\-CBC\*(Aq \& # \*(AqSEED\-CBC\*(Aq \& # \*(AqCAMELLIA\-128\-CBC\*(Aq \& # \*(AqCAMELLIA\-192\-CBC\*(Aq \& # \*(AqCAMELLIA\-256\-CBC\*(Aq \& # \*(AqAES\-128\-CBC\*(Aq \& # \*(AqAES\-192\-CBC\*(Aq \& # \*(AqAES\-256\-CBC\*(Aq (DEFAULT) .Ve .SS "export_key_jwk" .IX Subsection "export_key_jwk" \&\fISince: CryptX\-0.022\fR .PP Exports public/private keys as a \s-1JSON\s0 Web Key (\s-1JWK\s0). .PP .Vb 3 \& my $private_json_text = $pk\->export_key_jwk(\*(Aqprivate\*(Aq); \& #or \& my $public_json_text = $pk\->export_key_jwk(\*(Aqpublic\*(Aq); .Ve .PP Also exports public/private keys as a perl \s-1HASH\s0 with \s-1JWK\s0 structure. .PP .Vb 3 \& my $jwk_hash = $pk\->export_key_jwk(\*(Aqprivate\*(Aq, 1); \& #or \& my $jwk_hash = $pk\->export_key_jwk(\*(Aqpublic\*(Aq, 1); .Ve .PP \&\fB\s-1BEWARE:\s0\fR For \s-1JWK\s0 support you need to have \s-1JSON::PP\s0, \s-1JSON::XS\s0 or Cpanel::JSON::XS module. .SS "export_key_jwk_thumbprint" .IX Subsection "export_key_jwk_thumbprint" \&\fISince: CryptX\-0.031\fR .PP Exports the key's \s-1JSON\s0 Web Key Thumbprint as a string. .PP If you don't know what this is, see \s-1RFC 7638\s0 . .PP .Vb 1 \& my $thumbprint = $pk\->export_key_jwk_thumbprint(\*(AqSHA256\*(Aq); .Ve .SS "encrypt" .IX Subsection "encrypt" .Vb 6 \& my $pk = Crypt::PK::RSA\->new($pub_key_filename); \& my $ct = $pk\->encrypt($message); \& #or \& my $ct = $pk\->encrypt($message, $padding); \& #or \& my $ct = $pk\->encrypt($message, \*(Aqoaep\*(Aq, $hash_name, $lparam); \& \& # $padding .................... \*(Aqoaep\*(Aq (DEFAULT), \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $hash_name (only for oaep) .. \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $lparam (only for oaep) ..... DEFAULT is empty string .Ve .SS "decrypt" .IX Subsection "decrypt" .Vb 6 \& my $pk = Crypt::PK::RSA\->new($priv_key_filename); \& my $pt = $pk\->decrypt($ciphertext); \& #or \& my $pt = $pk\->decrypt($ciphertext, $padding); \& #or \& my $pt = $pk\->decrypt($ciphertext, \*(Aqoaep\*(Aq, $hash_name, $lparam); \& \& # $padding .................... \*(Aqoaep\*(Aq (DEFAULT), \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $hash_name (only for oaep) .. \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $lparam (only for oaep) ..... DEFAULT is empty string .Ve .SS "sign_message" .IX Subsection "sign_message" .Vb 8 \& my $pk = Crypt::PK::RSA\->new($priv_key_filename); \& my $signature = $priv\->sign_message($message); \& #or \& my $signature = $priv\->sign_message($message, $hash_name); \& #or \& my $signature = $priv\->sign_message($message, $hash_name, $padding); \& #or \& my $signature = $priv\->sign_message($message, $hash_name, \*(Aqpss\*(Aq, $saltlen); \& \& # $hash_name ............... \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $padding ................. \*(Aqpss\*(Aq (DEFAULT) or \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $saltlen (only for pss) .. DEFAULT is 12 .Ve .SS "verify_message" .IX Subsection "verify_message" .Vb 8 \& my $pk = Crypt::PK::RSA\->new($pub_key_filename); \& my $valid = $pub\->verify_message($signature, $message); \& #or \& my $valid = $pub\->verify_message($signature, $message, $hash_name); \& #or \& my $valid = $pub\->verify_message($signature, $message, $hash_name, $padding); \& #or \& my $valid = $pub\->verify_message($signature, $message, $hash_name, \*(Aqpss\*(Aq, $saltlen); \& \& # $hash_name ............... \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $padding ................. \*(Aqpss\*(Aq (DEFAULT) or \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $saltlen (only for pss) .. DEFAULT is 12 .Ve .SS "sign_hash" .IX Subsection "sign_hash" .Vb 8 \& my $pk = Crypt::PK::RSA\->new($priv_key_filename); \& my $signature = $priv\->sign_hash($message_hash); \& #or \& my $signature = $priv\->sign_hash($message_hash, $hash_name); \& #or \& my $signature = $priv\->sign_hash($message_hash, $hash_name, $padding); \& #or \& my $signature = $priv\->sign_hash($message_hash, $hash_name, \*(Aqpss\*(Aq, $saltlen); \& \& # $hash_name ............... \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $padding ................. \*(Aqpss\*(Aq (DEFAULT) or \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $saltlen (only for pss) .. DEFAULT is 12 .Ve .SS "verify_hash" .IX Subsection "verify_hash" .Vb 8 \& my $pk = Crypt::PK::RSA\->new($pub_key_filename); \& my $valid = $pub\->verify_hash($signature, $message_hash); \& #or \& my $valid = $pub\->verify_hash($signature, $message_hash, $hash_name); \& #or \& my $valid = $pub\->verify_hash($signature, $message_hash, $hash_name, $padding); \& #or \& my $valid = $pub\->verify_hash($signature, $message_hash, $hash_name, \*(Aqpss\*(Aq, $saltlen); \& \& # $hash_name ............... \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $padding ................. \*(Aqpss\*(Aq (DEFAULT) or \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $saltlen (only for pss) .. DEFAULT is 12 .Ve .SS "is_private" .IX Subsection "is_private" .Vb 4 \& my $rv = $pk\->is_private; \& # 1 .. private key loaded \& # 0 .. public key loaded \& # undef .. no key loaded .Ve .SS "size" .IX Subsection "size" .Vb 2 \& my $size = $pk\->size; \& # returns key size in bytes or undef if no key loaded .Ve .SS "key2hash" .IX Subsection "key2hash" .Vb 1 \& my $hash = $pk\->key2hash; \& \& # returns hash like this (or undef if no key loaded): \& { \& type => 1, # integer: 1 .. private, 0 .. public \& size => 256, # integer: key size in bytes \& # all the rest are hex strings \& e => "10001", #public exponent \& d => "9ED5C3D3F866E06957CA0E9478A273C39BBDA4EEAC5B...", #private exponent \& N => "D0A5CCCAE03DF9C2F5C4C8C0CE840D62CDE279990DC6...", #modulus \& p => "D3EF0028FFAB508E2773C659E428A80FB0E9211346B4...", #p factor of N \& q => "FC07E46B163CAB6A83B8E467D169534B2077DCDEECAE...", #q factor of N \& qP => "88C6D406F833DF73C8B734548E0385261AD51F4187CF...", #1/q mod p CRT param \& dP => "486F142FEF0A1F53269AC43D2EE4D263E2841B60DA36...", #d mod (p \- 1) CRT param \& dQ => "4597284B2968B72C4212DB7E8F24360B987B80514DA9...", #d mod (q \- 1) CRT param \& } .Ve .SH "FUNCTIONS" .IX Header "FUNCTIONS" .SS "rsa_encrypt" .IX Subsection "rsa_encrypt" \&\s-1RSA\s0 based encryption. See method \*(L"encrypt\*(R" below. .PP .Vb 7 \& my $ct = rsa_encrypt($pub_key_filename, $message); \& #or \& my $ct = rsa_encrypt(\e$buffer_containing_pub_key, $message); \& #or \& my $ct = rsa_encrypt($pub_key, $message, $padding); \& #or \& my $ct = rsa_encrypt($pub_key, $message, \*(Aqoaep\*(Aq, $hash_name, $lparam); \& \& # $padding .................... \*(Aqoaep\*(Aq (DEFAULT), \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $hash_name (only for oaep) .. \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $lparam (only for oaep) ..... DEFAULT is empty string .Ve .SS "rsa_decrypt" .IX Subsection "rsa_decrypt" \&\s-1RSA\s0 based decryption. See method \*(L"decrypt\*(R" below. .PP .Vb 7 \& my $pt = rsa_decrypt($priv_key_filename, $ciphertext); \& #or \& my $pt = rsa_decrypt(\e$buffer_containing_priv_key, $ciphertext); \& #or \& my $pt = rsa_decrypt($priv_key, $ciphertext, $padding); \& #or \& my $pt = rsa_decrypt($priv_key, $ciphertext, \*(Aqoaep\*(Aq, $hash_name, $lparam); \& \& # $padding .................... \*(Aqoaep\*(Aq (DEFAULT), \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $hash_name (only for oaep) .. \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $lparam (only for oaep) ..... DEFAULT is empty string .Ve .SS "rsa_sign_message" .IX Subsection "rsa_sign_message" Generate \s-1RSA\s0 signature. See method \*(L"sign_message\*(R" below. .PP .Vb 9 \& my $sig = rsa_sign_message($priv_key_filename, $message); \& #or \& my $sig = rsa_sign_message(\e$buffer_containing_priv_key, $message); \& #or \& my $sig = rsa_sign_message($priv_key, $message, $hash_name); \& #or \& my $sig = rsa_sign_message($priv_key, $message, $hash_name, $padding); \& #or \& my $sig = rsa_sign_message($priv_key, $message, $hash_name, \*(Aqpss\*(Aq, $saltlen); \& \& # $hash_name ............... \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $padding ................. \*(Aqpss\*(Aq (DEFAULT) or \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $saltlen (only for pss) .. DEFAULT is 12 .Ve .SS "rsa_verify_message" .IX Subsection "rsa_verify_message" Verify \s-1RSA\s0 signature. See method \*(L"verify_message\*(R" below. .PP .Vb 9 \& rsa_verify_message($pub_key_filename, $signature, $message) or die "ERROR"; \& #or \& rsa_verify_message(\e$buffer_containing_pub_key, $signature, $message) or die "ERROR"; \& #or \& rsa_verify_message($pub_key, $signature, $message, $hash_name) or die "ERROR"; \& #or \& rsa_verify_message($pub_key, $signature, $message, $hash_name, $padding) or die "ERROR"; \& #or \& rsa_verify_message($pub_key, $signature, $message, $hash_name, \*(Aqpss\*(Aq, $saltlen) or die "ERROR"; \& \& # $hash_name ............... \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $padding ................. \*(Aqpss\*(Aq (DEFAULT) or \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $saltlen (only for pss) .. DEFAULT is 12 .Ve .SS "rsa_sign_hash" .IX Subsection "rsa_sign_hash" Generate \s-1RSA\s0 signature. See method \*(L"sign_hash\*(R" below. .PP .Vb 9 \& my $sig = rsa_sign_hash($priv_key_filename, $message_hash); \& #or \& my $sig = rsa_sign_hash(\e$buffer_containing_priv_key, $message_hash); \& #or \& my $sig = rsa_sign_hash($priv_key, $message_hash, $hash_name); \& #or \& my $sig = rsa_sign_hash($priv_key, $message_hash, $hash_name, $padding); \& #or \& my $sig = rsa_sign_hash($priv_key, $message_hash, $hash_name, \*(Aqpss\*(Aq, $saltlen); \& \& # $hash_name ............... \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $padding ................. \*(Aqpss\*(Aq (DEFAULT) or \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $saltlen (only for pss) .. DEFAULT is 12 .Ve .SS "rsa_verify_hash" .IX Subsection "rsa_verify_hash" Verify \s-1RSA\s0 signature. See method \*(L"verify_hash\*(R" below. .PP .Vb 9 \& rsa_verify_hash($pub_key_filename, $signature, $message_hash) or die "ERROR"; \& #or \& rsa_verify_hash(\e$buffer_containing_pub_key, $signature, $message_hash) or die "ERROR"; \& #or \& rsa_verify_hash($pub_key, $signature, $message_hash, $hash_name) or die "ERROR"; \& #or \& rsa_verify_hash($pub_key, $signature, $message_hash, $hash_name, $padding) or die "ERROR"; \& #or \& rsa_verify_hash($pub_key, $signature, $message_hash, $hash_name, \*(Aqpss\*(Aq, $saltlen) or die "ERROR"; \& \& # $hash_name ............... \*(AqSHA1\*(Aq (DEFAULT), \*(AqSHA256\*(Aq or any other hash supported by Crypt::Digest \& # $padding ................. \*(Aqpss\*(Aq (DEFAULT) or \*(Aqv1.5\*(Aq or \*(Aqnone\*(Aq (INSECURE) \& # $saltlen (only for pss) .. DEFAULT is 12 .Ve .SH "OpenSSL interoperability" .IX Header "OpenSSL interoperability" .Vb 4 \& ### let\*(Aqs have: \& # RSA private key in PEM format \- rsakey.priv.pem \& # RSA public key in PEM format \- rsakey.pub.pem \& # data file to be signed or encrypted \- input.data .Ve .SS "Encrypt by OpenSSL, decrypt by Crypt::PK::RSA" .IX Subsection "Encrypt by OpenSSL, decrypt by Crypt::PK::RSA" Create encrypted file (from commandline): .PP .Vb 1 \& openssl rsautl \-encrypt \-inkey rsakey.pub.pem \-pubin \-out input.encrypted.rsa \-in input.data .Ve .PP Decrypt file (Perl code): .PP .Vb 2 \& use Crypt::PK::RSA; \& use Crypt::Misc \*(Aqread_rawfile\*(Aq; \& \& my $pkrsa = Crypt::PK::RSA\->new("rsakey.priv.pem"); \& my $encfile = read_rawfile("input.encrypted.rsa"); \& my $plaintext = $pkrsa\->decrypt($encfile, \*(Aqv1.5\*(Aq); \& print $plaintext; .Ve .SS "Encrypt by Crypt::PK::RSA, decrypt by OpenSSL" .IX Subsection "Encrypt by Crypt::PK::RSA, decrypt by OpenSSL" Create encrypted file (Perl code): .PP .Vb 2 \& use Crypt::PK::RSA; \& use Crypt::Misc \*(Aqwrite_rawfile\*(Aq; \& \& my $plaintext = \*(Aqsecret message\*(Aq; \& my $pkrsa = Crypt::PK::RSA\->new("rsakey.pub.pem"); \& my $encrypted = $pkrsa\->encrypt($plaintext, \*(Aqv1.5\*(Aq); \& write_rawfile("input.encrypted.rsa", $encrypted); .Ve .PP Decrypt file (from commandline): .PP .Vb 1 \& openssl rsautl \-decrypt \-inkey rsakey.priv.pem \-in input.encrypted.rsa .Ve .SS "Sign by OpenSSL, verify by Crypt::PK::RSA" .IX Subsection "Sign by OpenSSL, verify by Crypt::PK::RSA" Create signature (from commandline): .PP .Vb 1 \& openssl dgst \-sha1 \-sign rsakey.priv.pem \-out input.sha1\-rsa.sig input.data .Ve .PP Verify signature (Perl code): .PP .Vb 3 \& use Crypt::PK::RSA; \& use Crypt::Digest \*(Aqdigest_file\*(Aq; \& use Crypt::Misc \*(Aqread_rawfile\*(Aq; \& \& my $pkrsa = Crypt::PK::RSA\->new("rsakey.pub.pem"); \& my $signature = read_rawfile("input.sha1\-rsa.sig"); \& my $valid = $pkrsa\->verify_hash($signature, digest_file("SHA1", "input.data"), "SHA1", "v1.5"); \& print $valid ? "SUCCESS" : "FAILURE"; .Ve .SS "Sign by Crypt::PK::RSA, verify by OpenSSL" .IX Subsection "Sign by Crypt::PK::RSA, verify by OpenSSL" Create signature (Perl code): .PP .Vb 3 \& use Crypt::PK::RSA; \& use Crypt::Digest \*(Aqdigest_file\*(Aq; \& use Crypt::Misc \*(Aqwrite_rawfile\*(Aq; \& \& my $pkrsa = Crypt::PK::RSA\->new("rsakey.priv.pem"); \& my $signature = $pkrsa\->sign_hash(digest_file("SHA1", "input.data"), "SHA1", "v1.5"); \& write_rawfile("input.sha1\-rsa.sig", $signature); .Ve .PP Verify signature (from commandline): .PP .Vb 1 \& openssl dgst \-sha1 \-verify rsakey.pub.pem \-signature input.sha1\-rsa.sig input.data .Ve .SS "Keys generated by Crypt::PK::RSA" .IX Subsection "Keys generated by Crypt::PK::RSA" Generate keys (Perl code): .PP .Vb 2 \& use Crypt::PK::RSA; \& use Crypt::Misc \*(Aqwrite_rawfile\*(Aq; \& \& my $pkrsa = Crypt::PK::RSA\->new; \& $pkrsa\->generate_key(256, 65537); \& write_rawfile("rsakey.pub.der", $pkrsa\->export_key_der(\*(Aqpublic\*(Aq)); \& write_rawfile("rsakey.priv.der", $pkrsa\->export_key_der(\*(Aqprivate\*(Aq)); \& write_rawfile("rsakey.pub.pem", $pkrsa\->export_key_pem(\*(Aqpublic_x509\*(Aq)); \& write_rawfile("rsakey.priv.pem", $pkrsa\->export_key_pem(\*(Aqprivate\*(Aq)); \& write_rawfile("rsakey\-passwd.priv.pem", $pkrsa\->export_key_pem(\*(Aqprivate\*(Aq, \*(Aqsecret\*(Aq)); .Ve .PP Use keys by OpenSSL: .PP .Vb 5 \& openssl rsa \-in rsakey.priv.der \-text \-inform der \& openssl rsa \-in rsakey.priv.pem \-text \& openssl rsa \-in rsakey\-passwd.priv.pem \-text \-inform pem \-passin pass:secret \& openssl rsa \-in rsakey.pub.der \-pubin \-text \-inform der \& openssl rsa \-in rsakey.pub.pem \-pubin \-text .Ve .SS "Keys generated by OpenSSL" .IX Subsection "Keys generated by OpenSSL" Generate keys: .PP .Vb 5 \& openssl genrsa \-out rsakey.priv.pem 1024 \& openssl rsa \-in rsakey.priv.pem \-out rsakey.priv.der \-outform der \& openssl rsa \-in rsakey.priv.pem \-out rsakey.pub.pem \-pubout \& openssl rsa \-in rsakey.priv.pem \-out rsakey.pub.der \-outform der \-pubout \& openssl rsa \-in rsakey.priv.pem \-passout pass:secret \-des3 \-out rsakey\-passwd.priv.pem .Ve .PP Load keys (Perl code): .PP .Vb 1 \& use Crypt::PK::RSA; \& \& my $pkrsa = Crypt::PK::RSA\->new; \& $pkrsa\->import_key("rsakey.pub.der"); \& $pkrsa\->import_key("rsakey.priv.der"); \& $pkrsa\->import_key("rsakey.pub.pem"); \& $pkrsa\->import_key("rsakey.priv.pem"); \& $pkrsa\->import_key("rsakey\-passwd.priv.pem", "secret"); .Ve .SH "SEE ALSO" .IX Header "SEE ALSO" .IP "\(bu" 4