perldoc > Crypt::PK::DH(3pm)

πŸ“› NAME

Crypt::PK::DH - Public key cryptography based on Diffie-Hellman

πŸš€ Quick Reference

πŸ”Ή Use CaseπŸ’» CommandπŸ“ Description
Generate key by byte size$pk->generate_key(256)Create DH key using predefined group size (256 bytes β†’ DH‑2048)
Generate key by IKE group name$pk->generate_key('ike2048')Create key using RFC‑7296 group name (2048‑bit MODP)
Generate key with custom params$pk->generate_key({ g => $g, p => $p })Create key from hex‑encoded generator and prime
Generate key from DH parameter file$pk->generate_key(\$dh_param)Read DER/PEM DH parameters (e.g., openssl dhparam)
Export private key$private = $pk->export_key('private')Get raw private key string
Export public key$public = $pk->export_key('public')Get raw public key string
Compute shared secret (Alice)$shared = $pk_alice->shared_secret($pkb_bob)Alice uses her private key + Bob’s public key
Compute shared secret (Bob)$shared = $pk_bob->shared_secret($pka_alice)Bob uses his private key + Alice’s public key

πŸ“– SYNOPSIS

🧩 OO interface


#Shared secret
my $priv = Crypt::PK::DH->new('Alice_priv_dh1.key');
my $pub  = Crypt::PK::DH->new('Bob_pub_dh1.key');
my $shared_secret = $priv->shared_secret($pub);

#Key generation
my $pk = Crypt::PK::DH->new();
$pk->generate_key(128);
my $private = $pk->export_key('private');
my $public  = $pk->export_key('public');

or

my $pk = Crypt::PK::DH->new();
$pk->generate_key('ike2048');
my $private = $pk->export_key('private');
my $public  = $pk->export_key('public');

or

my $pk = Crypt::PK::DH->new();
$pk->generate_key({ p => $p, g => $g });
my $private = $pk->export_key('private');
my $public  = $pk->export_key('public');

πŸ“¦ Functional interface


#Shared secret
my $shared_secret = dh_shared_secret('Alice_priv_dh1.key', 'Bob_pub_dh1.key');

πŸ”§ METHODS

πŸ†• new


my $pk = Crypt::PK::DH->new();
#or
my $pk = Crypt::PK::DH->new($priv_or_pub_key_filename);
#or
my $pk = Crypt::PK::DH->new(\$buffer_containing_priv_or_pub_key);

πŸ”‘ generate_key

Uses Yarrow-based cryptographically strong random number generator seeded with random data taken from /dev/random (UNIX) or CryptGenRandom (Win32).


$pk->generate_key($groupsize);
### $groupsize (in bytes) corresponds to DH parameters (p, g) predefined by libtomcrypt
# 96   =>  DH-768
# 128  =>  DH-1024
# 192  =>  DH-1536
# 256  =>  DH-2048
# 384  =>  DH-3072
# 512  =>  DH-4096
# 768  =>  DH-6144
# 1024 =>  DH-8192

The following variants are available since CryptX-0.032


$pk->generate_key($groupname)
### $groupname corresponds to values defined in RFC7296 and RFC3526
# 'ike768'  =>  768-bit MODP (Group 1)
# 'ike1024' => 1024-bit MODP (Group 2)
# 'ike1536' => 1536-bit MODP (Group 5)
# 'ike2048' => 2048-bit MODP (Group 14)
# 'ike3072' => 3072-bit MODP (Group 15)
# 'ike4096' => 4096-bit MODP (Group 16)
# 'ike6144' => 6144-bit MODP (Group 17)
# 'ike8192' => 8192-bit MODP (Group 18)

$pk->generate_key($param_hash)
# $param_hash is { g => $g, p => $p }
# where $g is the generator (base) in a hex string and $p is the prime in a hex string

$pk->generate_key(\$dh_param)
# $dh_param is the content of DER or PEM file with DH parameters
# e.g. openssl dhparam 2048

πŸ“₯ import_key

Loads private or public key (exported by export_key).


$pk->import_key($filename);
#or
$pk->import_key(\$buffer_containing_key);

πŸ“₯ import_key_raw

Since: CryptX-0.032


$pk->import_key_raw($raw_bytes, $type, $params)
### $raw_bytes is a binary string containing the key
### $type is either 'private' or 'public'
### $param is either a name ('ike2038') or hash containing the p,g values { g=>$g, p=>$p }
### in hex strings

πŸ“€ export_key

⚠️ DH key format change - since v0.049 it is compatible with libtomcrypt 1.18.


my $private = $pk->export_key('private');
#or
my $public  = $pk->export_key('public');

πŸ“€ export_key_raw

Since: CryptX-0.032


$raw_bytes = $dh->export_key_raw('public')
#or
$raw_bytes = $dh->export_key_raw('private')

🀝 shared_secret


# Alice having her priv key $pk and Bob's public key $pkb
my $pk  = Crypt::PK::DH->new($priv_key_filename);
my $pkb = Crypt::PK::DH->new($pub_key_filename);
my $shared_secret = $pk->shared_secret($pkb);

# Bob having his priv key $pk and Alice's public key $pka
my $pk  = Crypt::PK::DH->new($priv_key_filename);
my $pka = Crypt::PK::DH->new($pub_key_filename);
my $shared_secret = $pk->shared_secret($pka);  # same value as computed by Alice

πŸ” is_private


my $rv = $pk->is_private;
# 1 .. private key loaded
# 0 .. public key loaded
# undef .. no key loaded

πŸ“ size


my $size = $pk->size;
# returns key size in bytes or undef if no key loaded

πŸ—‚οΈ key2hash


my $hash = $pk->key2hash;

# returns hash like this (or undef if no key loaded):
{
  type => 0,   # integer: 1 .. private, 0 .. public
  size => 256, # integer: key size in bytes
  x => "FBC1062F73B9A17BB8473A2F5A074911FA7F20D28FB...", #private key
  y => "AB9AAA40774D3CD476B52F82E7EE2D8A8D40CD88BF4...", #public key
  g => "2", # generator/base
  p => "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80D...", # prime
}

πŸ“‹ params2hash

Since: CryptX-0.032


my $params = $pk->params2hash;

# returns hash like this (or undef if no key loaded):
{
  g => "2", # generator/base
  p => "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80D...", # prime
}

βš™οΈ FUNCTIONS

🀝 dh_shared_secret

DH based shared secret generation. See method shared_secret below.


#on Alice side
my $shared_secret = dh_shared_secret('Alice_priv_dh1.key', 'Bob_pub_dh1.key');

#on Bob side
my $shared_secret = dh_shared_secret('Bob_priv_dh1.key', 'Alice_pub_dh1.key');

πŸ—‘οΈ DEPRECATED INTERFACE

The following functions/methods were removed in removed in v0.049:


encrypt
decrypt
sign_message
verify_message
sign_hash
verify_hash

dh_encrypt
dh_decrypt
dh_sign_message
dh_verify_message
dh_sign_hash
dh_verify_hash

πŸ“š SEE ALSO

Crypt::PK::DH(3pm)
πŸ“› NAME πŸš€ Quick Reference πŸ“– SYNOPSIS
🧩 OO interface πŸ“¦ Functional interface
πŸ”§ METHODS
πŸ†• new πŸ”‘ generate_key πŸ“₯ import_key πŸ“₯ import_key_raw πŸ“€ export_key πŸ“€ export_key_raw 🀝 shared_secret πŸ” is_private πŸ“ size πŸ—‚οΈ key2hash πŸ“‹ params2hash
βš™οΈ FUNCTIONS
🀝 dh_shared_secret
πŸ—‘οΈ DEPRECATED INTERFACE πŸ“š SEE ALSO

Generated by phpman v4.9.22-1-g1b0fcb4 · Markdown · JSON · MCP Author: Che Dong Under GNU General Public License
2026-07-05 02:24 @216.73.216.52
CrawledBy Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Valid XHTML 1.0 Transitional!Valid CSS!
Enhanced by LLM: deepseek-v4-pro / taotoken.net / www.chedong.com - original format

^_top_^