项目作者: sergot

项目描述 :
OpenSSL bindings for Perl 6
高级语言: Raku
项目地址: git://github.com/sergot/openssl.git
创建时间: 2014-07-08T11:40:48Z
项目社区:https://github.com/sergot/openssl

开源协议:MIT License

下载


Actions Status Actions Status Actions Status

NAME

OpenSSL - OpenSSL bindings

SYNOPSIS

  1. use OpenSSL;
  2. my $openssl = OpenSSL.new;
  3. $openssl.set-fd(123);
  4. $openssl.write("GET / HTTP/1.1\r\nHost: somehost\r\n\r\n");

DESCRIPTION

A module which provides OpenSSL bindings, making us able to set up a TLS/SSL connection.

METHODS

method new

  1. method new(Bool :$client = False, Int :$version?)

A constructor. Initializes OpenSSL library, sets method and context. If $version is not specified, the highest possible version is negotiated.

method set-fd

  1. method set-fd(OpenSSL:, int32 $fd)

Assigns connection’s file descriptor (file handle) $fd to the SSL object.

To get the $fd we should use C to set up the connection. (See NativeCall) I hope we will be able to use Raku’s IO::Socket module instead of connecting through C soon-ish.

method set-connect-state

  1. method set-connect-state(OpenSSL:)

Sets SSL object to connect (client) state.

Use it when you want to connect to SSL servers.

method set-accept-state

  1. method set-accept-state(OpenSSL:)

Sets SSL object to accept (server) state.

Use it when you want to provide an SSL server.

method connect

  1. method connect(OpenSSL:)

Connects to the server using $fd (passed using .set-fd).

Does all the SSL stuff like handshaking.

method accept

  1. method accept(OpenSSL:)

Accepts new client connection.

Does all the SSL stuff like handshaking.

method write

  1. method write(OpenSSL:, Str $s)

Sends $s to the other side (server/client).

method read

  1. method read(OpenSSL:, Int $n, Bool :$bin)

Reads $n bytes from the other side (server/client).

Bool :$bin if we want it to return Buf instead of Str.

method use-certificate-file

  1. method use-certificate-file(OpenSSL:, Str $file)

Assings a certificate (from file) to the SSL object.

method use-privatekey-file

  1. method use-privatekey-file(OpenSSL:, Str $file)

Assings a private key (from file) to the SSL object.

method check-private-key

  1. method check-private-key(OpenSSL:)

Checks if private key is valid.

method shutdown

  1. method shutdown(OpenSSL:)

Turns off the connection.

method ctx-free

  1. method ctx-free(OpenSSL:)

Frees C’s SSL_CTX struct.

method ssl-free

  1. method ssl-free(OpenSSL:)

Frees C’s SSL struct.

method close

  1. method close(OpenSSL:)

Closes the connection.

Unlike .shutdown it calls ssl-free, ctx-free, and then it shutdowns.

TOOLS

Public key signing tools.

OpenSSL::RSATools

  1. use OpenSSL::RSATools;
  2. my $pem = slurp 'key.pem';
  3. my $rsa = OpenSSL::RSAKey.new(private-pem => $pem);
  4. my $data = 'as df jk l';
  5. my $signature = $rsa.sign($data.encode);
  6. my $rsa = OpenSSL::RSAKey.new(public-pem => $public);
  7. if $rsa.verify($data.encode, $signature) { ... }

OpenSSL::CryptTools

Symmetric encryption tools (currently only AES256/192/128 encrypt/decrypt)

  1. use OpenSSL::CryptTools;
  2. my $ciphertext = encrypt("asdf".encode,
  3. :aes256,
  4. :iv(("0" x 16).encode),
  5. :key(('x' x 32).encode));
  6. my $plaintext = decrypt($ciphertext,
  7. :aes256,
  8. :iv(("0" x 16).encode),
  9. :key(('x' x 32).encode));

OpenSSL::Digest

Digest Functions (currently only md5/sha1/sha256/sha384/sha512)

  1. use OpenSSL::Digest;
  2. my Blob $digest = md5("xyz".encode);

OpenSSL::Digest::MD5

OO-Interface supporting incremental digesting

  1. use OpenSSL::Digest::MD5;
  2. my $md5 = OpenSSL::Digest::MD5.new; # Create fresh object
  3. $md5.add('abc'); # pass in Str or Blob
  4. $md5.add('def'); # Add some more data
  5. my $digest = $md5.hash; # Blob hash (and reset)
  6. $md5.addfile('myfile'); # Read a file
  7. my $hexdigest = $md5.hex; # hex hash (and reset)

CAVEATS

MacOS

Many native libraries on MacOS are installed with the brew command line interface. For this module one would typically have to do a brew install openssl.

The use of native libraries is slightly more complicated on the MacOS operating system than on other operating systems. This generally means that a symlink needs to be installed in a trusted filesystem location. If the MacOS::NativeLib distribution is installed, then these symlinks will be automatically created when this module is built.

SEE ALSO

:SSL">IO::Socket::SSL

AUTHOR

  • Filip Sergot

Source can be located at: https://github.com/raku-community-modules/OpenSSL . Comments and Pull Requests are welcome.

COPYRIGHT AND LICENSE

Copyright 2014 - 2022 Filip Sergot

Copyright 2023 - 2025 The Raku Community

This library is free software; you can redistribute it and/or modify it under the MIT License.