Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
Crypt::OpenPGP::SKSessUsereContributed Perl DocCrypt::OpenPGP::SKSessionKey(3)

       Crypt::OpenPGP::SKSessionKey - Symmetric-Key Encrypted Session Key

	   use Crypt::OpenPGP::SKSessionKey;

	   my $passphrase = 'foobar';  # Not a very good passphrase
	   my $key_data	= 'f' x	64;    # Not a very good key

	   my $skey = Crypt::OpenPGP::SKSessionKey->new(
	       Passphrase  => $passphrase,
	       SymKey	   => $key_data,
	   my $serialized = $skey->save;

       Crypt::OpenPGP::SKSessionKey implements symmetric-key encrypted session
       key packets; these packets store	symmetric-key-encrypted	key data that,
       when decrypted using the	proper passphrase, can be used to decrypt a
       block of	ciphertext--that is, a Crypt::OpenPGP::Ciphertext object.

       Symmetric-key encrypted session key packets can work in two different
       ways: in	one scenario the passphrase you	provide	is used	to encrypt a
       randomly	chosen string of key material; the key material	is the key
       that is actually	used to	encrypt	the data packet, and the passphrase
       just serves to encrypt the key material.	This encrypted key material is
       then serialized into the	symmetric-key encrypted	session	key packet.

       The other method	of using this encryption form is to use	the passphrase
       directly	to encrypt the data packet. In this scenario the need for any
       additional key material goes away, because all the receiver needs is
       the same	passphrase that	you have entered to encrypt the	data.

       At the moment Crypt::OpenPGP really only	supports the first scenario;
       note also that the interface to new may change in the future when
       support for the second scenario is added.

   Crypt::OpenPGP::SKSessionKey->new( %arg )
       Creates a new encrypted session key packet object and returns that
       object. If there	are no arguments in %arg, the object is	created	empty;
       this is used, for example in parse (below), to create an	empty packet
       which is	then filled from the data in the buffer.

       If you wish to initialize a non-empty object, %arg can contain:

       o   Passphrase

	   An arbitrary-length passphrase; that	is, a string of	octets.	The
	   passphrase is used to encrypt the actual session key	such that it
	   can only be decrypted by supplying the correct passphrase.

	   This	argument is required (for a non-empty object).

       o   SymKey

	   The symmetric cipher	key: a string of octets	that make up the key
	   data	of the symmetric cipher	key. This should be at least long
	   enough for the key length of	your chosen cipher (see	Cipher,
	   below), or, if you have not specified a cipher, at least 64 bytes
	   (to allow for long cipher key sizes).

	   This	argument is required (for a non-empty object).

       o   S2k

	   An object of	type Crypt::OpenPGP::S2k (or rather, of	one of its
	   subclasses).	If you use the passphrase directly to encrypt the data
	   packet (scenario one, above), you will probably be generating the
	   key material	outside	of this	class, meaning that you	will need to
	   pass	in the S2k object that was used	to generate that key material
	   from	the passphrase.	This is	the way	to do that.

       o   Cipher

	   The name (or	ID) of a supported PGP cipher. See
	   Crypt::OpenPGP::Cipher for a	list of	valid cipher names.

	   This	argument is optional; by default Crypt::OpenPGP::Cipher	will
	   use "DES3".

       Serializes the session key packet and returns the string	of octets.

       Given $buffer, a	Crypt::OpenPGP::Buffer object holding (or with offset
       pointing	to) an encrypted session key packet, returns a new
       Crypt::OpenPGP::Ciphertext object, initialized with the data in the

       Given a passphrase $passphrase, decrypts	the encrypted session key
       data. The key data includes the symmetric key itself, along with	a one-
       octet ID	of the symmetric cipher	used to	encrypt	the message.

       Returns a list containing two items: the	symmetric key and the cipher
       algorithm ID. These are suitable	for passing off	to the decrypt method
       of a Crypt::OpenPGP::Ciphertext object to decrypt a block of encrypted

       Please see the Crypt::OpenPGP manpage for author, copyright, and
       license information.

perl v5.24.1			  2009-12-10   Crypt::OpenPGP::SKSessionKey(3)


Want to link to this manual page? Use this URL:

home | help