NAME

XML::Compile::WSS::Sign::RSA - WSS Signing with RSA

INHERITANCE

 XML::Compile::WSS::Sign::RSA
   is a XML::Compile::WSS::Sign

SYNOPSIS

  # either
  use XML::Compile::WSS::Util qw/DSIG_RSA_SHA1/;
  my $sign = XML::Compile::WSS::Sign->new(type => DSIG_RSA_SHA1);

  # or
  use XML::Compile::WSS::Sign::RSA;
  my $token = XML::Compile::WSS::Sign::RSA->new(
     hashing => 'SHA1', ...);

DESCRIPTION

Extends "DESCRIPTION" in XML::Compile::WSS::Sign.

METHODS

Extends "METHODS" in XML::Compile::WSS::Sign.

Constructors

Extends "Constructors" in XML::Compile::WSS::Sign.

XML::Compile::WSS::Sign::RSA->fromConfig(HASH|PAIRS)

Inherited, see "Constructors" in XML::Compile::WSS::Sign

XML::Compile::WSS::Sign::RSA->new(%options)
 -Option     --Defined in             --Default
  hashing                               <undef>
  padding                               <undef>
  private_key                           undef
  public_key                            <from private key>
  sign_method  XML::Compile::WSS::Sign  DSIG_RSA_SHA1
hashing => 'SHA1'|'MD5'|...
padding => 'NO'|'PKCS1'|...
private_key => OBJECT|STRING|FILENAME

Required if you want to use this object to sign. See privateKey()

public_key => OBJECT|STRING|FILENAME

Required if you want to use this object to check(). See publicKey() Usually, you need either the public or the private key, not both. However, when you specify a private key, you can ask for the public key as well: it is included.

sign_method => TYPE

Attributes

Extends "Attributes" in XML::Compile::WSS::Sign.

$obj->privateKey( [$key, %options] )

The private key must be set with new(private_key) or this method before you can sign. This method will return the text of the key.

  • an Crypt::OpenSSL::RSA object

  • PEM formatted key, as accepted by Crypt::OpenSSL::RSA method new_private_key()

  • a filename which contains such bytes.

 -Option --Default
  hashing  <undef>
  padding  <undef>
hashing => 'SHA1'|'MD5'|'RIPEMD160'|...

Enforce an hashing setting on the $key.

padding => 'NO'|'PKCS1'|'PKCS1_OAEP'|'SSLv23'
$obj->privateKeyRSA()

Returns the private key wrapped in a Crypt::OpenSSL::RSA object.

$obj->publicKey( [$key, %options] )

Set the public key. You can pass a $key, which is one of

$obj->publicKeyRSA()

Returns the Crypt::OpenSSL::RSA-wrapped public key.

$obj->publicKeyString('PKCS1'|'X509')
$obj->signMethod()

Inherited, see "Attributes" in XML::Compile::WSS::Sign

$obj->toPrivateSHA($private-$key)
XML::Compile::WSS::Sign::RSA->toPrivateSHA($private-$key)
$obj->toPublicRSA($object)
XML::Compile::WSS::Sign::RSA->toPublicRSA($object)

Handlers

Extends "Handlers" in XML::Compile::WSS::Sign.

$obj->builder()

Inherited, see "Handlers" in XML::Compile::WSS::Sign

$obj->check($bytes, $signature)
$obj->checker()

Inherited, see "Handlers" in XML::Compile::WSS::Sign

DETAILS

Read DETAILS in XML::Compile::WSS::Sign first.

Extends "DETAILS" in XML::Compile::WSS::Sign.

Signing, the generic part

Extends "Signing, the generic part" in XML::Compile::WSS::Sign.

Defend against man-in-the-middle

Extends "Defend against man-in-the-middle" in XML::Compile::WSS::Sign.

Signing with RSA

Limitations

The signing algorithm uses Crypt::OpenSSL::RSA. According to its manual-page, the current implementation is limited to

  • sign_method

       DSIG_RSA_SHA1     DSIGM_RSA_MD5     DSIGM_RSA_SHA256
       DSIGM_RSA_SHA384  DSIGM_RSA_SHA512

    It could support some RSA_RIPEMD160, however there is no official constant for that in the standards.

  • token_type

      XTP10_X509         XTP10_X509PKI

SEE ALSO

This module is part of XML-Compile-WSS-Signature distribution version 2.02, built on July 16, 2016. Website: http://perl.overmeer.net/xml-compile/

Please post questions or ideas to the mailinglist at http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/xml-compile . For live contact with other developers, visit the #xml-compile channel on irc.perl.org.

LICENSE

Copyrights 2012-2016 by [Mark Overmeer]. For other contributors see ChangeLog.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See http://www.perl.com/perl/misc/Artistic.html