XML::Compile::WSS::Sign - Base for WSS Signers
XML::Compile::WSS::Sign is extended by XML::Compile::WSS::Sign::HMAC XML::Compile::WSS::Sign::RSA
# either use XML::Compile::WSS::Util qw/DSIG_RSA_SHA1/; my $sign = XML::Compile::WSS::Sign->new ( sign_method => DSIG_RSA_SHA1 , private_key => $key , ... ); # or use XML::Compile::WSS::Sign::RSA; my $sign = XML::Compile::WSS::Sign::RSA->new ( hashing => 'SHA1' , private_key => $key , ... );
Hire me to implement other signers!
Try to be very flexible. CONFIG can be a HASH, which could also be passed to new() directly. But it can also be various kinds of objects.
-Option --Default sign_method DSIG_RSA_SHA1
The base of this whole security protocol is crypto-signing the messages, so you will always need to specify some parameters for new().
my $wss = XML::Compile::WSS::Signature->new ( signer => DSIG_$algo , ...parameters for $algo... );
When the algorithm is known (see the next sections of this chapter), then the parameters will be used to produce the CODE which will do the signing.
The signature can easily be spoofed with a man-in-the-middle attack, unless you hard-code the remote's public key.
my $wss = XML::Compile::WSS::Signature->new ( ... , remote_token => $token );
This module is part of XML-Compile-WSS-Signature distribution version 2.02, built on July 16, 2016. Website: http://perl.overmeer.net/xml-compile/
Please post questions or ideas to the mailinglist at http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/xml-compile . For live contact with other developers, visit the
#xml-compile channel on
Copyrights 2012-2016 by [Mark Overmeer]. For other contributors see ChangeLog.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See http://www.perl.com/perl/misc/Artistic.html