=head1 NAME
XML::Compile::WSS::Sign::RSA - WSS Signing with RSA
=head1 INHERITANCE
XML::Compile::WSS::Sign::RSA
is a XML::Compile::WSS::Sign
=head1 SYNOPSIS
# either
use XML::Compile::WSS::Util qw/DSIG_RSA_SHA1/;
my $sign = XML::Compile::WSS::Sign->new(type => DSIG_RSA_SHA1);
# or
use XML::Compile::WSS::Sign::RSA;
my $token = XML::Compile::WSS::Sign::RSA->new(
hashing => 'SHA1', ...);
=head1 METHODS
=head2 Constructors
=over 4
=item XML::Compile::WSS::Sign::RSA-E<gt>B<fromConfig>(CONFIG, [PRIVKEY])
See L<XML::Compile::WSS::Sign/"Constructors">
=item XML::Compile::WSS::Sign::RSA-E<gt>B<new>(OPTIONS)
-Option --Defined in --Default
hashing <derived from type>
private_key undef
public_key <from private key>
type XML::Compile::WSS::Sign DSIG_RSA_SHA1
=over 2
=item hashing => STRING
For instance, C<SHA1>.
=item private_key => OBJECT|STRING|FILENAME
Required if you want to use this object to L<sign()|XML::Compile::WSS::Sign/"Handlers">. See L<privateKey()|XML::Compile::WSS::Sign::RSA/"Attributes">
=item public_key => OBJECT|STRING|FILENAME
Required if you want to use this object to L<check()|XML::Compile::WSS::Sign::RSA/"Handlers">. See L<publicKey()|XML::Compile::WSS::Sign::RSA/"Attributes">
Usually, you need either the public or the private key, not both. However,
when you specify a private key, you can ask for the public key as well: it
is included.
=item type => TYPE
=back
=back
=head2 Attributes
=over 4
=item $obj-E<gt>B<hashing>()
=item $obj-E<gt>B<privateKey>([KEY, [HASHING]])
The private key must be set with L<new(private_key)|XML::Compile::WSS::Sign::RSA/"Constructors"> or this method before
you can L<sign()|XML::Compile::WSS::Sign/"Handlers">. This method will return the text of the key.
=over 4
=item * an Crypt::OpenSSL::RSA object
=item * PEM formatted key, as accepted by Crypt::OpenSSL::RSA method C<new_private_key()>
=item * a filename which contains such bytes.
=back
=item $obj-E<gt>B<privateKeyRSA>()
Returns the private key wrapped in a Crypt::OpenSSL::RSA object.
=item $obj-E<gt>B<publicKey>([KEY])
Set the public key. You can pass a KEY, which is one of
=over 4
=item * an L<XML::Compile::WSS::SecToken::X509v3|XML::Compile::WSS::SecToken::X509v3> object
=item * an Crypt::OpenSSL::RSA object
=item * an Crypt::OpenSSL::X509 object
=back
=item $obj-E<gt>B<publicKeyRSA>()
Returns the Crypt::OpenSSL::RSA-wrapped public key.
=item $obj-E<gt>B<publicKeyString>('PKCS1'|'X509')
=item $obj-E<gt>B<type>()
See L<XML::Compile::WSS::Sign/"Attributes">
=back
=head2 Handlers
=over 4
=item $obj-E<gt>B<check>(ref-BYTES, SIGNATURE)
Use TOKEN to check whether the BYTES (passed by reference) match the
SIGNATURE.
For RSA signing, the token can be
=over 4
=item * a Crypt::OpenSSL::RSA object
=item * a Crypt::OpenSSL::X509 object
=item * a L<XML::Compile::WSS::SecToken::X509v3|XML::Compile::WSS::SecToken::X509v3> object
=back
=item $obj-E<gt>B<sign>(ref-BYTES)
See L<XML::Compile::WSS::Sign/"Handlers">
=back
=head1 DETAILS
Read DETAILS in L<XML::Compile::WSS::Sign|XML::Compile::WSS::Sign> first.
=head2 Signing, the generic part
=head2 Defend against man-in-the-middle
=head2 Signing with RSA
=head3 Limitations
The signing algorithm uses Crypt::OpenSSL::RSA. According to its
manual-page, the current implementation is limited to
=over 4
=item * sign_method
DSIG_RSA_SHA1 DSIGM_RSA_MD5 DSIGM_RSA_SHA256
DSIGM_RSA_SHA384 DSIGM_RSA_SHA512
It could support some RSA_RIPEMD160, however there is no official
constant for that in the standards.
=item * token_type
XTP10_X509 XTP10_X509PKI
=back
=head1 SEE ALSO
This module is part of XML-Compile-WSS-Signature distribution version 1.07,
built on January 14, 2013. Website: F<http://perl.overmeer.net/xml-compile/>
Other distributions in this suite:
L<XML::Compile>,
L<XML::Compile::SOAP>,
L<XML::Compile::SOAP12>,
L<XML::Compile::SOAP::Daemon>,
L<XML::Compile::SOAP::WSA>,
L<XML::Compile::C14N>,
L<XML::Compile::WSS>,
L<XML::Compile::WSS::Signature>,
L<XML::Compile::Tester>,
L<XML::Compile::Cache>,
L<XML::Compile::Dumper>,
L<XML::Compile::RPC>,
L<XML::Rewrite>,
L<XML::eXistDB>,
and
L<XML::LibXML::Simple>.
Please post questions or ideas to the mailinglist at
F<http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/xml-compile>
For live contact with other developers, visit the C<#xml-compile> channel
on C<irc.perl.org>.
=head1 LICENSE
Copyrights 2012-2013 by [Mark Overmeer]. For other contributors see ChangeLog.
This program is free software; you can redistribute it and/or modify it
under the same terms as Perl itself.
See F<http://www.perl.com/perl/misc/Artistic.html>