Crypt::Misc(3) User Contributed Perl Documentation Crypt::Misc(3)
NAME
Crypt::Misc - miscellaneous functions related to (or used by) CryptX
SYNOPSIS
use Crypt::Misc ':all';
my $rawbytes = 'hello world';
my $filename = 'sample.bin';
my $pem_data = "-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----\n";
my $str1 = 'same';
my $str2 = 'same';
# Base64 and Base64 URL-safe functions
my $base64 = encode_b64($rawbytes);
my $rawbytes2 = decode_b64($base64);
my $base64url = encode_b64u($rawbytes);
my $rawbytes3 = decode_b64u($base64url);
# read/write file
my $rawdata = read_rawfile($filename);
write_rawfile($filename, $rawdata);
# convert PEM/DER
my $der_data = pem_to_der($pem_data);
my $pem_data2 = der_to_pem($der_data, "PUBLIC KEY");
# others
die "mismatch" unless slow_eq($str1, $str2);
DESCRIPTION
This module contains a collection of helper functions related to
CryptX, but it does not implement cryptography itself.
Most of them are also available in other Perl modules. If you already
use CryptX, these helpers can reduce extra dependencies.
EXPORT
Nothing is exported by default.
You can export selected functions:
use Crypt::Misc qw(read_rawfile write_rawfile slow_eq);
Or all of them at once:
use Crypt::Misc ':all';
FUNCTIONS
All encoding functions ("encode_b64", "encode_b58b", etc.) accept a
binary string and return an ASCII string. All decoding functions
("decode_b64", "decode_b58b", etc.) accept an ASCII string and return a
binary string, or "undef" if the input is malformed.
An empty string is considered valid input and decodes to an empty
string. "undef" is considered invalid input and results in "undef".
Non-empty input with no actual payload, such as whitespace-only or
padding-only input, is also considered malformed and results in
"undef".
The Base64 decoders "decode_b64" and "decode_b64u" also accept
otherwise valid payload with embedded whitespace. The other decoder
families in this module do not; for them, embedded whitespace is
treated as malformed input.
read_rawfile
Since: CryptX-0.029
$rawdata = read_rawfile($filename);
Reads file $filename into a scalar as binary data, without decoding or
transformation.
write_rawfile
Since: CryptX-0.029
write_rawfile($filename, $rawdata);
Writes $rawdata to file $filename as binary data.
slow_eq
Since: CryptX-0.029
if (slow_eq($data1, $data2)) { ... }
Compares two strings in constant time to reduce timing side channels.
Returns 1 if the strings are equal, 0 if they differ, or "undef" if
either argument is "undef".
pem_to_der
Since: CryptX-0.029
$der_data = pem_to_der($pem_data);
#or
$der_data = pem_to_der($pem_data, $password);
Converts PEM to DER. Also supports password-protected PEM data.
Returns "undef" if $pem_data cannot be parsed (no valid PEM block
found) or if the "BEGIN" / "END" labels do not match. Croaks if the PEM
is encrypted but no $password is provided. If an encrypted PEM is
supplied with the wrong password, decryption is expected to croak from
the underlying cipher/padding layer.
der_to_pem
Since: CryptX-0.029
$pem_data = der_to_pem($der_data, $header_name);
#or
$pem_data = der_to_pem($der_data, $header_name, $password);
#or
$pem_data = der_to_pem($der_data, $header_name, $password, $cipher_name);
# $header_name e.g. "PUBLIC KEY", "RSA PRIVATE KEY" ...
# $cipher_name e.g. "DES-EDE3-CBC", "AES-256-CBC" (DEFAULT) ...
Converts DER to PEM. Returns an ASCII PEM string. Also supports
password-protected PEM data. Any defined $password, including
false-like values like '' or '0', enables PEM encryption.
Security note: do not use ECB-based ciphers (e.g. "AES-256-ECB") for
PEM encryption - ECB encrypts each block independently, leaking
plaintext structure. Use the default "AES-256-CBC" or another chaining
mode (CBC, CFB, OFB).
Security note: the traditional PEM encryption format uses a
single-iteration MD5-based key derivation which is weak against
brute-force. For new applications, prefer PKCS#8 encrypted keys (e.g.
via "export_key_pem" in Crypt::PK::RSA) or an independent encryption
layer.
random_v4uuid
Since: CryptX-0.031
my $uuid = random_v4uuid();
Returns a cryptographically strong version 4 random UUID:
"xxxxxxxx-xxxx-4xxx-Yxxx-xxxxxxxxxxxx" where "x" is any hexadecimal
digit and "Y" is one of 8, 9, A, B (1000, 1001, 1010, 1011) e.g.
"f47ac10b-58cc-4372-a567-0e02b2c3d479".
is_v4uuid
Since: CryptX-0.031
if (is_v4uuid($uuid)) {
...
}
Checks whether the given $uuid string matches version 4 UUID format
with a relaxed variant policy. The variant nibble may be one of 0, 8,
9, "A", or "B". Returns 0 (mismatch) or 1 (match).
random_v7uuid
Since: CryptX-0.088
my $uuid = random_v7uuid();
Returns a cryptographically strong version 7 time-ordered UUID:
"xxxxxxxx-xxxx-7xxx-Yxxx-xxxxxxxxxxxx" where the first 48 bits encode
the current Unix time in milliseconds (making UUIDs sortable by
generation time), followed by random bits. Ordering is therefore coarse
at millisecond granularity only; UUIDs generated within the same
millisecond are not guaranteed to be lexicographically monotonic. "Y"
is one of 8, 9, A, B (RFC 9562 variant).
is_uuid
Since: CryptX-0.088
if (is_uuid($uuid)) {
...
}
Checks whether $uuid is a validly formatted UUID (any version) in the
standard "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" form with a relaxed
variant policy. The variant nibble may be one of 0, 8, 9, "A", or "B".
Returns 1 (match) or 0 (mismatch). For a version-specific check see
"is_v4uuid".
increment_octets_le
Since: CryptX-0.048
$octets = increment_octets_le($octets);
Treats $octets as a little-endian big number and returns the
incremented value.
increment_octets_be
Since: CryptX-0.048
$octets = increment_octets_be($octets);
Treats $octets as a big-endian big number and returns the incremented
value.
encode_b64
Since: CryptX-0.029
$base64string = encode_b64($rawdata);
Encodes $rawdata as a Base64 string. No line endings are added.
decode_b64
Since: CryptX-0.029
$rawdata = decode_b64($base64string);
Decodes a Base64 string.
encode_b64u
Since: CryptX-0.029
$base64url_string = encode_b64u($rawdata);
Encodes $rawdata as a Base64 URL-safe string. No line endings are
added.
decode_b64u
Since: CryptX-0.029
$rawdata = decode_b64u($base64url_string);
Decodes a Base64 URL-safe string.
encode_b32r
Since: CryptX-0.049
$string = encode_b32r($rawdata);
Encode bytes into Base32 (rfc4648 alphabet) string, without "="
padding.
decode_b32r
Since: CryptX-0.049
$rawdata = decode_b32r($string);
Decode a Base32 (rfc4648 alphabet) string into bytes.
encode_b32b
Since: CryptX-0.049
$string = encode_b32b($rawdata);
Encode bytes into Base32 (base32hex alphabet) string, without "="
padding.
decode_b32b
Since: CryptX-0.049
$rawdata = decode_b32b($string);
Decode a Base32 (base32hex alphabet) string into bytes.
encode_b32z
Since: CryptX-0.049
$string = encode_b32z($rawdata);
Encode bytes into Base32 (zbase32 alphabet) string.
decode_b32z
Since: CryptX-0.049
$rawdata = decode_b32z($string);
Decode a Base32 (zbase32 alphabet) string into bytes.
encode_b32c
Since: CryptX-0.049
$string = encode_b32c($rawdata);
Encode bytes into Base32 (crockford alphabet) string.
decode_b32c
Since: CryptX-0.049
$rawdata = decode_b32c($string);
Decode a Base32 (crockford alphabet) string into bytes.
encode_b58b
Since: CryptX-0.049
$string = encode_b58b($rawdata);
Encode bytes into Base58 (Bitcoin alphabet) string.
decode_b58b
Since: CryptX-0.049
$rawdata = decode_b58b($string);
Decode a Base58 (Bitcoin alphabet) string into bytes.
encode_b58f
Since: CryptX-0.049
$string = encode_b58f($rawdata);
Encode bytes into Base58 (Flickr alphabet) string.
decode_b58f
Since: CryptX-0.049
$rawdata = decode_b58f($string);
Decode a Base58 (Flickr alphabet) string into bytes.
encode_b58r
Since: CryptX-0.049
$string = encode_b58r($rawdata);
Encode bytes into Base58 (Ripple alphabet) string.
decode_b58r
Since: CryptX-0.049
$rawdata = decode_b58r($string);
Decode a Base58 (Ripple alphabet) string into bytes.
encode_b58t
Since: CryptX-0.049
$string = encode_b58t($rawdata);
Encode bytes into Base58 (Tipple alphabet) string.
decode_b58t
Since: CryptX-0.049
$rawdata = decode_b58t($string);
Decode a Base58 (Tipple alphabet) string into bytes.
encode_b58s
Since: CryptX-0.049
$string = encode_b58s($rawdata);
Encode bytes into Base58 (Stellar alphabet) string.
decode_b58s
Since: CryptX-0.049
$rawdata = decode_b58s($string);
Decode a Base58 (Stellar alphabet) string into bytes.
SEE ALSO
o CryptX(3)
perl v5.34.3 2026-05-11 Crypt::Misc(3)
cryptx 0.89.0 - Generated Tue May 12 07:43:24 CDT 2026