The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.
=head1 NAME

XML::Compile::WSS::Sign::RSA - WSS Signing with RSA

=head1 INHERITANCE

 XML::Compile::WSS::Sign::RSA
   is a XML::Compile::WSS::Sign

=head1 SYNOPSIS

  # either
  use XML::Compile::WSS::Util qw/DSIG_RSA_SHA1/;
  my $sign = XML::Compile::WSS::Sign->new(type => DSIG_RSA_SHA1);

  # or
  use XML::Compile::WSS::Sign::RSA;
  my $token = XML::Compile::WSS::Sign::RSA->new(
     hashing => 'SHA1', ...);

=head1 METHODS

=head2 Constructors

=over 4

=item XML::Compile::WSS::Sign::RSA-E<gt>B<fromConfig>(CONFIG, [PRIVKEY])

See L<XML::Compile::WSS::Sign/"Constructors">

=item XML::Compile::WSS::Sign::RSA-E<gt>B<new>(OPTIONS)

 -Option     --Defined in             --Default
  hashing                               <derived from type>
  private_key                           undef
  public_key                            <from private key>
  type         XML::Compile::WSS::Sign  DSIG_RSA_SHA1

=over 2

=item hashing => STRING

For instance, C<SHA1>.

=item private_key => OBJECT|STRING|FILENAME

Required if you want to use this object to L<sign()|XML::Compile::WSS::Sign/"Handlers">. See L<privateKey()|XML::Compile::WSS::Sign::RSA/"Attributes">

=item public_key => OBJECT|STRING|FILENAME

Required if you want to use this object to L<check()|XML::Compile::WSS::Sign::RSA/"Handlers">. See L<publicKey()|XML::Compile::WSS::Sign::RSA/"Attributes">
Usually, you need either the public or the private key, not both.  However,
when you specify a private key, you can ask for the public key as well: it
is included.

=item type => TYPE

=back

=back

=head2 Attributes

=over 4

=item $obj-E<gt>B<hashing>()

=item $obj-E<gt>B<privateKey>([KEY, [HASHING]])

The private key must be set with L<new(private_key)|XML::Compile::WSS::Sign::RSA/"Constructors"> or this method before
you can L<sign()|XML::Compile::WSS::Sign/"Handlers">.  This method will return the text of the key.

=over 4

=item * an Crypt::OpenSSL::RSA object

=item * PEM formatted key, as accepted by Crypt::OpenSSL::RSA method C<new_private_key()>

=item * a filename which contains such bytes.

=back

=item $obj-E<gt>B<privateKeyRSA>()

Returns the private key wrapped in a Crypt::OpenSSL::RSA object.

=item $obj-E<gt>B<publicKey>([KEY])

Set the public key.  You can pass a KEY, which is one of

=over 4

=item * an L<XML::Compile::WSS::SecToken::X509v3|XML::Compile::WSS::SecToken::X509v3> object

=item * an Crypt::OpenSSL::RSA object

=item * an Crypt::OpenSSL::X509 object

=back

=item $obj-E<gt>B<publicKeyRSA>()

Returns the Crypt::OpenSSL::RSA-wrapped public key.

=item $obj-E<gt>B<publicKeyString>('PKCS1'|'X509')

=item $obj-E<gt>B<type>()

See L<XML::Compile::WSS::Sign/"Attributes">

=back

=head2 Handlers

=over 4

=item $obj-E<gt>B<check>(ref-BYTES, SIGNATURE)

Use TOKEN to check whether the BYTES (passed by reference) match the
SIGNATURE.

For RSA signing, the token can be

=over 4

=item * a Crypt::OpenSSL::RSA object

=item * a Crypt::OpenSSL::X509 object

=item * a L<XML::Compile::WSS::SecToken::X509v3|XML::Compile::WSS::SecToken::X509v3> object

=back

=item $obj-E<gt>B<sign>(ref-BYTES)

See L<XML::Compile::WSS::Sign/"Handlers">

=back

=head1 DETAILS

Read DETAILS in L<XML::Compile::WSS::Sign|XML::Compile::WSS::Sign> first.

=head2 Signing, the generic part

=head2 Defend against man-in-the-middle

=head2 Signing with RSA

=head3 Limitations

The signing algorithm uses Crypt::OpenSSL::RSA.  According to its
manual-page, the current implementation is limited to 

=over 4

=item * sign_method

   DSIG_RSA_SHA1     DSIGM_RSA_MD5     DSIGM_RSA_SHA256
   DSIGM_RSA_SHA384  DSIGM_RSA_SHA512

It could support some RSA_RIPEMD160, however there is no official
constant for that in the standards.

=item * token_type

  XTP10_X509         XTP10_X509PKI

=back

=head1 SEE ALSO

This module is part of XML-Compile-WSS-Signature distribution version 1.07,
built on January 14, 2013. Website: F<http://perl.overmeer.net/xml-compile/>

Other distributions in this suite:
L<XML::Compile>,
L<XML::Compile::SOAP>,
L<XML::Compile::SOAP12>,
L<XML::Compile::SOAP::Daemon>,
L<XML::Compile::SOAP::WSA>,
L<XML::Compile::C14N>,
L<XML::Compile::WSS>,
L<XML::Compile::WSS::Signature>,
L<XML::Compile::Tester>,
L<XML::Compile::Cache>,
L<XML::Compile::Dumper>,
L<XML::Compile::RPC>,
L<XML::Rewrite>,
L<XML::eXistDB>,
and
L<XML::LibXML::Simple>.

Please post questions or ideas to the mailinglist at
F<http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/xml-compile>

For live contact with other developers, visit the C<#xml-compile> channel
on C<irc.perl.org>.

=head1 LICENSE

Copyrights 2012-2013 by [Mark Overmeer]. For other contributors see ChangeLog.

This program is free software; you can redistribute it and/or modify it
under the same terms as Perl itself.
See F<http://www.perl.com/perl/misc/Artistic.html>