XML-Enc
view release on metacpan or search on metacpan
lib/XML/Enc.pm view on Meta::CPAN
$x509Key->use_pkcs1_padding();
$self->{ key_obj } = $x509Key;
$self->{key_type} = 'x509';
}
else {
confess "did not get a new Crypt::OpenSSL::X509 object";
}
}
##
## _load_cert_file()
##
## Arguments: none
##
## Returns: nothing
##
## Read the file name from $self->{ cert } and
## Populate:
## self->{key_obj}
## $self->{KeyInfo}
##
sub _load_cert_file {
my $self = shift;
eval {
require Crypt::OpenSSL::X509;
};
die "Crypt::OpenSSL::X509 needs to be installed so that we can handle X509 certs.\n" if $@;
my $file = $self->{ cert };
if (!-r $file) {
die "Could not find certificate file $file";
}
open my $CERT, '<', $file or die "Unable to open $file\n";
my $text = '';
local $/ = undef;
$text = <$CERT>;
close $CERT;
my $cert = Crypt::PK::RSA->new(\$text);
die "Could not load certificate from $file" unless $cert;
$self->{ cert_obj } = $cert;
my $cert_text = $cert->export_key_pem('public_x509');
$cert_text =~ s/-----[^-]*-----//gm;
$self->{KeyInfo} = "<dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>\n"._trim($cert_text)."\n</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>";
return;
}
sub _create_encrypted_data_xml {
my $self = shift;
local $XML::LibXML::skipXMLDeclaration = $self->{ no_xml_declaration };
my $doc = XML::LibXML::Document->new();
my $xencns = 'http://www.w3.org/2001/04/xmlenc#';
my $dsigns = 'http://www.w3.org/2000/09/xmldsig#';
my $xenc11ns = 'http://www.w3.org/2009/xmlenc11#';
my $encdata = $self->_create_node($doc, $xencns, $doc, 'xenc:EncryptedData',
{
Type => 'http://www.w3.org/2001/04/xmlenc#Element',
}
);
$doc->setDocumentElement ($encdata);
my $encmethod = $self->_create_node(
$doc,
$xencns,
$encdata,
'xenc:EncryptionMethod',
{
Algorithm => $self->{data_enc_method},
}
);
my $keyinfo = $self->_create_node(
$doc,
$dsigns,
$encdata,
'dsig:KeyInfo',
);
my $enckey = $self->_create_node(
$doc,
$xencns,
$keyinfo,
'xenc:EncryptedKey',
);
my $kencmethod = $self->_create_node(
$doc,
$xencns,
$enckey,
'xenc:EncryptionMethod',
{
Algorithm => $self->{key_transport},
}
);
if ($self->{key_transport} eq 'http://www.w3.org/2009/xmlenc11#rsa-oaep' ||
$self->{key_transport} eq 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' &&
$self->{oaep_label_hash}) {
my $digestmethod = $self->_create_node(
$doc,
$dsigns,
$kencmethod,
'dsig:DigestMethod',
{
Algorithm => $self->{oaep_label_hash},
}
);
};
if ($self->{'oaep_params'} ne '') {
my $oaep_params = $self->_create_node(
$doc,
$xencns,
$kencmethod,
'xenc:OAEPparams',
);
};
if ($self->{key_transport} eq 'http://www.w3.org/2009/xmlenc11#rsa-oaep' &&
$self->{oaep_mgf_alg}) {
my $oaepmethod = $self->_create_node(
$doc,
$xenc11ns,
$kencmethod,
'xenc11:MGF',
{
Algorithm => $self->{oaep_mgf_alg},
}
);
};
my $keyinfo2 = $self->_create_node(
$doc,
$dsigns,
$enckey,
'dsig:KeyInfo',
);
if (defined $self->{key_name}) {
my $keyname = $self->_create_node(
$doc,
$dsigns,
$keyinfo2,
'dsig:KeyName',
);
};
my $keycipherdata = $self->_create_node(
$doc,
$xencns,
$enckey,
'xenc:CipherData',
);
my $keyciphervalue = $self->_create_node(
$doc,
$xencns,
$keycipherdata,
'xenc:CipherValue',
);
my $cipherdata = $self->_create_node(
$doc,
$xencns,
$encdata,
'xenc:CipherData',
);
my $ciphervalue = $self->_create_node(
$doc,
$xencns,
$cipherdata,
'xenc:CipherValue',
);
return $doc;
}
sub _create_node {
my $self = shift;
my $doc = shift;
my $nsuri = shift;
my $parent = shift;
my $name = shift;
my $attributes = shift;
my $node = $doc->createElementNS ($nsuri, $name);
for (keys %$attributes) {
$node->addChild (
$doc->createAttribute (
#$node->setAttribute (
$_ => $attributes->{$_}
)
);
}
$parent->addChild($node);
}
1;
__END__
=pod
=encoding UTF-8
=head1 NAME
XML::Enc - XML::Enc Encryption Support
=head1 VERSION
version 0.16
=head1 SYNOPSIS
my $decrypter = XML::Enc->new(
{
key => 't/sign-private.pem',
no_xml_declaration => 1,
},
);
$decrypted = $enc->decrypt($xml);
my $encrypter = XML::Enc->new(
( run in 1.001 second using v1.01-cache-2.11-cpan-39bf76dae61 )