The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.
 / 
OAuth-Lite-1.35
River stage one • 9 direct dependents • 9 total dependents
2 ++
/ OAuth::Lite::SignatureMethod::RSA_SHA1

NAME

OAuth::Lite::SignatureMethod::RSA_SHA1 - RSA_SHA1 signature method class;

SYNOPSIS

    # Consumer side
    my $signer = OAuth::Lite::SignatureMethod::RSA_SHA1->new(
        consumer_secret => $rsa_private_key,
    );

    my $signature = $signer->sign($base_string);

    # Service Provider side
    my $verifier = OAuth::Lite::SignatureMethod::RSA_SHA1->new(
        consumer_secret => $rsa_public_key,
    );
    unless ($verifier->verify($base_string, $signature)) {
        say "Signature is invalid!";
    }

DESCRIPTION

RSA_SHA1 signature method class.

PRIVATE KEY AND PUBLIC KEY

RSA needs two keys that called public key and private key. If you runs OAuth consumer application and want to use this RSA_SHA1 method for signature on OAuth protocol, you have to prepare these keys.

To generate them in Perl, here is an example.

    my $rsa = Crypt::OpenSSL::RSA->generate_key(1024);
    my $public_key  = $rsa->get_public_key_string();
    my $private_key = $rsa->get_private_key_string();

And prior to use OAuth protocol with a service provider, you have to register public key onto the service provider.

METHODS

method_name

Class method. Returns this method's name.

    say OAuth::Lite::SignatureMethod::RSA_SHA1->method_name;
    # RSA_SHA1

build_body_hash

    say OAuth::Lite::SignatureMethod::RSA_SHA1->build_body_hash($content);

new(%params)

On the consumer side, you should pass RSA private key for consumer_secret, But for service provider to verify signature, pass RSA public key that consumer register on service provider beforehand.

parameters

consumer_secret
    my $signer = OAuth::Lite::SignatureMethod::RSA_SHA1->new(
        consumer_secret => $rsa_private_key, 
    );

    my $verifier = OAuth::Lite::SignatureMethod::RSA_SHA1->new(
        consumer_secret => $rsa_public_key, 
    );

sign($base_string)

Generate signature from base string.

    my $signature = $method->sign($base_string);

verify($base_string, $signature)

Verify signature with base string.

    my $signature_is_valid = $method->verify($base_string, $signature);
    unless ($signature_is_valid) {
        say "Signature is invalid!";
    }

AUTHOR

Lyo Kato, lyo.kato _at_ gmail.com

COPYRIGHT AND LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.