.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.35)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "Crypt::AuthEnc::GCM 3"
.TH Crypt::AuthEnc::GCM 3 "2022-01-07" "perl v5.26.3" "User Contributed Perl Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
Crypt::AuthEnc::GCM \- Authenticated encryption in GCM mode
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 2
\& ### OO interface
\& use Crypt::AuthEnc::GCM;
\&
\& # encrypt and authenticate
\& my $ae = Crypt::AuthEnc::GCM\->new("AES", $key, $iv);
\& $ae\->adata_add(\*(Aqadditional_authenticated_data1\*(Aq);
\& $ae\->adata_add(\*(Aqadditional_authenticated_data2\*(Aq);
\& my $ct = $ae\->encrypt_add(\*(Aqdata1\*(Aq);
\& $ct .= $ae\->encrypt_add(\*(Aqdata2\*(Aq);
\& $ct .= $ae\->encrypt_add(\*(Aqdata3\*(Aq);
\& my $tag = $ae\->encrypt_done();
\&
\& # decrypt and verify
\& my $ae = Crypt::AuthEnc::GCM\->new("AES", $key, $iv);
\& $ae\->adata_add(\*(Aqadditional_authenticated_data1\*(Aq);
\& $ae\->adata_add(\*(Aqadditional_authenticated_data2\*(Aq);
\& my $pt = $ae\->decrypt_add(\*(Aqciphertext1\*(Aq);
\& $pt .= $ae\->decrypt_add(\*(Aqciphertext2\*(Aq);
\& $pt .= $ae\->decrypt_add(\*(Aqciphertext3\*(Aq);
\& my $tag = $ae\->decrypt_done();
\& die "decrypt failed" unless $tag eq $expected_tag;
\&
\& #or
\& my $result = $ae\->decrypt_done($expected_tag); # 0 or 1
\&
\& ### functional interface
\& use Crypt::AuthEnc::GCM qw(gcm_encrypt_authenticate gcm_decrypt_verify);
\&
\& my ($ciphertext, $tag) = gcm_encrypt_authenticate(\*(AqAES\*(Aq, $key, $iv, $adata, $plaintext);
\& my $plaintext = gcm_decrypt_verify(\*(AqAES\*(Aq, $key, $iv, $adata, $ciphertext, $tag);
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Galois/Counter Mode (\s-1GCM\s0) \- provides encryption and authentication.
.SH "EXPORT"
.IX Header "EXPORT"
Nothing is exported by default.
.PP
You can export selected functions:
.PP
.Vb 1
\& use Crypt::AuthEnc::GCM qw(gcm_encrypt_authenticate gcm_decrypt_verify);
.Ve
.SH "FUNCTIONS"
.IX Header "FUNCTIONS"
.SS "gcm_encrypt_authenticate"
.IX Subsection "gcm_encrypt_authenticate"
.Vb 1
\& my ($ciphertext, $tag) = gcm_encrypt_authenticate($cipher, $key, $iv, $adata, $plaintext);
\&
\& # $cipher .. \*(AqAES\*(Aq or name of any other cipher with 16\-byte block len
\& # $key ..... AES key of proper length (128/192/256bits)
\& # $iv ...... initialization vector
\& # $adata ... additional authenticated data
.Ve
.SS "gcm_decrypt_verify"
.IX Subsection "gcm_decrypt_verify"
.Vb 2
\& my $plaintext = gcm_decrypt_verify($cipher, $key, $iv, $adata, $ciphertext, $tag);
\& # on error returns undef
.Ve
.SH "METHODS"
.IX Header "METHODS"
.SS "new"
.IX Subsection "new"
.Vb 3
\& my $ae = Crypt::AuthEnc::GCM\->new($cipher, $key);
\& #or
\& my $ae = Crypt::AuthEnc::GCM\->new($cipher, $key, $iv);
\&
\& # $cipher .. \*(AqAES\*(Aq or name of any other cipher
\& # $key ..... encryption key of proper length
\& # $iv ...... initialization vector (optional, you can set it later via iv_add method)
.Ve
.SS "iv_add"
.IX Subsection "iv_add"
Set initialization vector (\s-1IV\s0).
.PP
.Vb 1
\& $ae\->iv_add($iv_data); #can be called multiple times
.Ve
.SS "adata_add"
.IX Subsection "adata_add"
Add \fBadditional authenticated data\fR.
Can be called \fBafter\fR all \f(CW\*(C`iv_add\*(C'\fR calls but before the first \f(CW\*(C`encrypt_add\*(C'\fR or \f(CW\*(C`decrypt_add\*(C'\fR.
.PP
.Vb 1
\& $ae\->adata_add($aad_data); # can be called multiple times
.Ve
.SS "encrypt_add"
.IX Subsection "encrypt_add"
.Vb 1
\& $ciphertext = $ae\->encrypt_add($data); # can be called multiple times
.Ve
.SS "encrypt_done"
.IX Subsection "encrypt_done"
.Vb 1
\& $tag = $ae\->encrypt_done(); # returns $tag value
.Ve
.SS "decrypt_add"
.IX Subsection "decrypt_add"
.Vb 1
\& $plaintext = $ae\->decrypt_add($ciphertext); # can be called multiple times
.Ve
.SS "decrypt_done"
.IX Subsection "decrypt_done"
.Vb 3
\& my $tag = $ae\->decrypt_done; # returns $tag value
\& #or
\& my $result = $ae\->decrypt_done($tag); # returns 1 (success) or 0 (failure)
.Ve
.SS "reset"
.IX Subsection "reset"
.Vb 1
\& $ae\->reset;
.Ve
.SS "clone"
.IX Subsection "clone"
.Vb 1
\& my $ae_new = $ae\->clone;
.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
.IP "\(bu" 4
CryptX, Crypt::AuthEnc::CCM, Crypt::AuthEnc::EAX, Crypt::AuthEnc::OCB
.IP "\(bu" 4
<https://en.wikipedia.org/wiki/Galois/Counter_Mode>