XML-Compile-WSS-Signature
view release on metacpan or search on metacpan
lib/XML/Compile/WSS/Sign.pm
lib/XML/Compile/WSS/Sign.pod
lib/XML/Compile/WSS/Sign/HMAC.pm
lib/XML/Compile/WSS/Sign/HMAC.pod
lib/XML/Compile/WSS/Sign/RSA.pm
lib/XML/Compile/WSS/Sign/RSA.pod
lib/XML/Compile/WSS/Signature.pm
lib/XML/Compile/WSS/Signature.pod
lib/XML/Compile/WSS/SignedInfo.pm
lib/XML/Compile/WSS/SignedInfo.pod
lib/XML/Compile/WSS/dsig/200009-dsig.xsd
lib/XML/Compile/WSS/dsig/2009-dsig11.xsd
lib/XML/Compile/WSS/dsig/20110303-dsig-properties.xsd
lib/XML/Compile/WSS/encr/200104-xenc.xsd
lib/XML/Compile/WSS/encr/20100513-gh.xsd
lib/XML/Compile/WSS/encr/20110303-ghc.xsd
t/01use.t
t/02templs.t
t/20any.wsdl
t/20cert.pem
t/20privkey.pem
t/20signature.t
t/21enckey.t
dump/60complex/answer.dd view on Meta::CPAN
}
}
],
Algorithm => 'http://www.w3.org/2001/10/xml-exc-c14n#'
}
]
},
URI => '#node-56286600',
ds_DigestValue => 'h d´|{T±uËÍôQŠàOÍ',
ds_DigestMethod => {
Algorithm => 'http://www.w3.org/2000/09/xmldsig#sha1'
}
},
{
ds_Transforms => {
ds_Transform => [
{
cho_any => [
{
c14n_InclusiveNamespaces => {
PrefixList => [
dump/60complex/answer.dd view on Meta::CPAN
}
}
],
Algorithm => 'http://www.w3.org/2001/10/xml-exc-c14n#'
}
]
},
URI => '#node-57831016',
ds_DigestValue => '2泌³àø-cÄxAn¢q²',
ds_DigestMethod => {
Algorithm => 'http://www.w3.org/2000/09/xmldsig#sha1'
}
},
{
ds_Transforms => {
ds_Transform => [
{
cho_any => [
{
c14n_InclusiveNamespaces => {
PrefixList => [
dump/60complex/answer.dd view on Meta::CPAN
}
}
],
Algorithm => 'http://www.w3.org/2001/10/xml-exc-c14n#'
}
]
},
URI => '#node-57830632',
ds_DigestValue => '²äÃq<ï©“êê
fx‹òáS',
ds_DigestMethod => {
Algorithm => 'http://www.w3.org/2000/09/xmldsig#sha1'
}
},
{
ds_Transforms => {
ds_Transform => [
{
cho_any => [
{
c14n_InclusiveNamespaces => {
PrefixList => [
dump/60complex/answer.dd view on Meta::CPAN
}
],
Algorithm => 'http://www.w3.org/2001/10/xml-exc-c14n#'
}
]
},
URI => '#node-57831304',
ds_DigestValue => 'øÛ\'-ß
¯’—2»ð|Â’xq ',
ds_DigestMethod => {
Algorithm => 'http://www.w3.org/2000/09/xmldsig#sha1'
}
},
{
ds_Transforms => {
ds_Transform => [
{
cho_any => [
{
c14n_InclusiveNamespaces => {
PrefixList => [
dump/60complex/answer.dd view on Meta::CPAN
}
}
],
Algorithm => 'http://www.w3.org/2001/10/xml-exc-c14n#'
}
]
},
URI => '#node-54971504',
ds_DigestValue => '~úC"“.˜¨¹}T‹X
Wÿ´zQ',
ds_DigestMethod => {
Algorithm => 'http://www.w3.org/2000/09/xmldsig#sha1'
}
},
{
ds_Transforms => {
ds_Transform => [
{
cho_any => [
{
c14n_InclusiveNamespaces => {
PrefixList => [
dump/60complex/answer.dd view on Meta::CPAN
}
}
],
Algorithm => 'http://www.w3.org/2001/10/xml-exc-c14n#'
}
]
},
URI => '#node-57830584',
ds_DigestValue => 'ÊzmÇóHKß|‚…‹î]†',
ds_DigestMethod => {
Algorithm => 'http://www.w3.org/2000/09/xmldsig#sha1'
}
},
{
ds_Transforms => {
ds_Transform => [
{
cho_any => [
{
c14n_InclusiveNamespaces => {
PrefixList => [
dump/60complex/answer.dd view on Meta::CPAN
}
}
],
Algorithm => 'http://www.w3.org/2001/10/xml-exc-c14n#'
}
]
},
URI => '#node-57830488',
ds_DigestValue => '‘¾@ûµu¾b…¯|™ÒD ¥H‰(',
ds_DigestMethod => {
Algorithm => 'http://www.w3.org/2000/09/xmldsig#sha1'
}
}
],
ds_SignatureMethod => {
Algorithm => 'http://www.w3.org/2000/09/xmldsig#hmac-sha1'
}
},
Id => 'SIG-1376089490',
ds_KeyInfo => {
cho_ds_KeyName => [
{
wsse_SecurityTokenReference => {
cho_any => [
{
wsse_Reference => {
dump/60complex/answer.dd view on Meta::CPAN
}
}
],
Algorithm => 'http://www.w3.org/2001/10/xml-exc-c14n#'
}
]
},
URI => '#SIG-1376089490',
ds_DigestValue => '†éa³i¡àÖ9Ò‡D¥¸¢Ðf',
ds_DigestMethod => {
Algorithm => 'http://www.w3.org/2000/09/xmldsig#sha1'
}
}
],
ds_SignatureMethod => {
Algorithm => 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'
}
},
Id => 'SIG-1376089490',
ds_KeyInfo => {
cho_ds_KeyName => [
{
wsse_SecurityTokenReference => {
cho_any => [
{
wsse_Reference => {
dump/60complex/msgsent view on Meta::CPAN
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:c14n="http://www.w3.org/2001/10/xml-exc-c14n#" wsu:Id="node-56286600">
<wsu:Created ValueType="http://www.w3.org/2001/XMLSchema/dateTime">2013-08-09T23:04:50Z</wsu:Created>
<wsu:Expires ValueType="http://www.w3.org/2001/XMLSchema/dateTime">2013-08-09T23:09:50Z</wsu:Expires>
</wsu:Timestamp>
<xenc:EncryptedKey xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
<xenc:CipherData>
<xenc:CipherValue>sX2SpJCcjPETvtQq3g86epIu5IG5gVW/BwMynQj0+H7TsGw4tgfbwVm/WwCdhONkE6VieKUvZxDO
HCUDuMcukotuFUGGlKYBYFZpZ8xDJyNX+ZMyiPr4/RoNZWKvGPOdpI1YlztQnL8naAKLdgo3C9oc
voQLJCRbrtKulZeMMvY=
</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-1376089490">
<ds:SignedInfo xmlns:c14n="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="ds wsu xenc SOAP-ENV"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
<ds:Reference URI="#node-56286600">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="ds wsu xenc SOAP-ENV"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>aB9ktBR8e1SxdcvNBfStUYrgT80=
</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#node-57831016">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="ds wsu xenc SOAP-ENV"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>Mu+lqBiz4PgtY8R4BxNBbqJxAbI=
</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#node-57830632">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="ds wsu xenc SOAP-ENV"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>suTDGnE876mT6uoNnWZ4i/LhUxA=
</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#node-57831304">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="ds wsu xenc SOAP-ENV"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>+NsnLd+BCq+SlzK78HzCkpB4cR8=
</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#node-54971504">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="ds wsu xenc SOAP-ENV"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>fvpDIpMumKi5fVSLWH8eV/+0elE=
</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#node-57830584">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="ds wsu xenc SOAP-ENV"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>ynptx/NIS998ghOFfxuL7gIHXYY=
</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#node-57830488">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="ds wsu xenc SOAP-ENV"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>kb5A+7Wtdb5iha98mdJEoKVIiSg=
</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>zQStVsD67pNtWTCoLSnJ4c9KClM=
</ds:SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference URI="TOKEN-53021768" ValueType="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</wsse:SecurityTokenReference>
dump/60complex/msgsent view on Meta::CPAN
DQYDVQQHDAZBcm5oZW0xFDASBgNVBAMMC2V4YW1wbGUuY29tMB4XDTEyMTEwMjIyMDEwOFoXDTEz
MTEwMjIyMDEwOFowNDELMAkGA1UEBhMCTkwxDzANBgNVBAcMBkFybmhlbTEUMBIGA1UEAwwLZXhh
bXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPLWMEhImMNpRTqMns6rADVhu8Yy
xBpLjh75nOsAj1aIWVM/Oi7pPwjCsMMyZV4iXGhT2WxmE9EmHBwgIqBn90qhbC7G3HwAvsTUAv27
phPco+u7tfhXmT1jG2NIWf0l/1SqDqXPUDecAz1xjTCYvMjCwm1dtsZDpmiUZVgCoR6XAgMBAAGj
UDBOMB0GA1UdDgQWBBRvhcWDNhXGhIj34sLkTAHvAT2qNTAfBgNVHSMEGDAWgBRvhcWDNhXGhIj3
4sLkTAHvAT2qNTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAN+lDWtlhFSxqLAcqA7R
IIj0LqMCL0RYEs3rbAaUliee5lM6cOkxStx2wkAVY68yBBLNmEYJ10yt/BLg6LiDeA7UxZ4gj/om
Q6/OsNC7eQJsxGKedA34/JT0R/zAVrHFkQYWrPNSkRLxQuXYG3xGLbQ6WVGJ25Iw+iYGYnKQYoMk
</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-1376089490">
<ds:SignedInfo xmlns:c14n="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="ds wsu xenc SOAP-ENV"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#SIG-1376089490">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="ds wsu xenc SOAP-ENV"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>hukFYX+zaaHg1jnShwVEpbii0GY=
</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>xUUK6Gs/qhyNDu+QC+Zs6HOmGx/EGhD9n4GO/1R8hzdiLcYBp4pfiRRoc0OicbEPUDWGtPhPBFOF
+iNVQ4Lc4thGLw94G6/+EJzpAk9N7h2swASYB4ra4doBbIhI93/IOOE3CzpUffBqU9ERG34AFK3x
8+uTxrG7cxLxOJ4eiiI=
</ds:SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference>
dump/encrkey/template view on Meta::CPAN
# Describing complex xenc:EncryptedKey
# {http://www.w3.org/2001/04/xmlenc#}EncryptedKey
#
# Produced by XML::Compile::Translate::Template version undef
# on Thu Jun 26 17:02:34 2025
#
# BE WARNED: in most cases, the example below cannot be used without
# interpretation. The comments will guide you.
#
# xmlns:ds http://www.w3.org/2000/09/xmldsig#
# xmlns:xenc http://www.w3.org/2001/04/xmlenc#
# is a xenc:EncryptedKeyType
{ # is a xsd:ID
# becomes an attribute
Id => "id_0",
# is a xsd:anyURI
# becomes an attribute
Type => "http://example.com",
dump/keyinfo/KeyIdentifier.templ view on Meta::CPAN
# Describing tagged wsse:KeyIdentifier
# {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}KeyIdentifier
#
# Produced by XML::Compile::Translate::Template version undef
# on Thu Jun 26 17:02:33 2025
#
# BE WARNED: in most cases, the example below cannot be used without
# interpretation. The comments will guide you.
#
# xmlns:ds http://www.w3.org/2000/09/xmldsig#
# xmlns:wsse http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
# xmlns:wsu http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
# xmlns:xsd http://www.w3.org/2001/XMLSchema
# is a wsse:KeyIdentifierType
# wsse_KeyIdentifier is simple value with attributes
{ # is a xsd:ID
# becomes an attribute
wsu_Id => "id_0",
dump/keyinfo/KeyInfo.templ view on Meta::CPAN
# Describing complex ds:KeyInfo
# {http://www.w3.org/2000/09/xmldsig#}KeyInfo
#
# Produced by XML::Compile::Translate::Template version undef
# on Thu Jun 26 17:02:33 2025
#
# BE WARNED: in most cases, the example below cannot be used without
# interpretation. The comments will guide you.
#
# xmlns:ds http://www.w3.org/2000/09/xmldsig#
# is a ds:KeyInfoType
{ # is a xsd:ID
# becomes an attribute
Id => "id_0",
# choice of ds_KeyName, ds_KeyValue, ds_RetrievalMethod,
# ds_X509Data, ds_PGPData, ds_SPKIData, ds_MgmtData, ANY
# occurs 1 <= # <= unbounded times
cho_ds_KeyName =>
dump/signature.templ view on Meta::CPAN
# Describing complex ds:Signature
# {http://www.w3.org/2000/09/xmldsig#}Signature
#
# Produced by XML::Compile::Translate::Template version undef
# on Thu Jun 26 17:02:33 2025
#
# BE WARNED: in most cases, the example below cannot be used without
# interpretation. The comments will guide you.
#
# xmlns:ds http://www.w3.org/2000/09/xmldsig#
# xmlns:wsse http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
# is a ds:SignatureType
{ # is a xsd:ID
# becomes an attribute
Id => "id_0",
# sequence of ds_SignedInfo, ds_SignatureValue, ds_KeyInfo,
# ds_Object
dump/signedinfo/InclusiveNamespaces.templ view on Meta::CPAN
# Describing complex c14n:InclusiveNamespaces
# {http://www.w3.org/2001/10/xml-exc-c14n#}InclusiveNamespaces
#
# Produced by XML::Compile::Translate::Template version undef
# on Thu Jun 26 17:02:34 2025
#
# BE WARNED: in most cases, the example below cannot be used without
# interpretation. The comments will guide you.
#
# xmlns:c14n http://www.w3.org/2001/10/xml-exc-c14n#
# xmlns:ds http://www.w3.org/2000/09/xmldsig#
# xmlns:xsd http://www.w3.org/2001/XMLSchema
# is a c14n:InclusiveNamespaces
{ # is a xsd:NMTOKENS
# becomes an attribute
PrefixList => "nmtokens", }
dump/signedinfo/template view on Meta::CPAN
# Describing complex ds:SignedInfo
# {http://www.w3.org/2000/09/xmldsig#}SignedInfo
#
# Produced by XML::Compile::Translate::Template version undef
# on Thu Jun 26 17:02:34 2025
#
# BE WARNED: in most cases, the example below cannot be used without
# interpretation. The comments will guide you.
#
# xmlns:ds http://www.w3.org/2000/09/xmldsig#
# is a ds:SignedInfoType
{ # is a xsd:ID
# becomes an attribute
Id => "id_0",
# sequence of ds_CanonicalizationMethod, ds_SignatureMethod,
# ds_Reference
# is a ds:CanonicalizationMethodType
lib/XML/Compile/WSS/Sign.pm view on Meta::CPAN
package XML::Compile::WSS::Sign;{
our $VERSION = '2.04';
}
use warnings;
use strict;
use Log::Report 'xml-compile-wss-sig';
use XML::Compile::WSS::Util qw/:wss11 :dsig/;
use Scalar::Util qw/blessed/;
my ($signs, $sigmns) = (DSIG_NS, DSIG_MORE_NS);
sub new(@)
{ my $class = shift;
my $args = @_==1 ? shift : {@_};
$args->{sign_method} ||= delete $args->{type}; # pre 2.00
lib/XML/Compile/WSS/Signature.pm view on Meta::CPAN
our $VERSION = '2.04';
}
use base 'XML::Compile::WSS';
use warnings;
use strict;
use Log::Report 'xml-compile-wss-sig';
use XML::Compile::WSS::Util qw/:wss11 :wsm10 :dsig :xtp10/;
use XML::Compile::WSS::SecToken ();
use XML::Compile::WSS::Sign ();
use XML::Compile::WSS::KeyInfo ();
use XML::Compile::WSS::SignedInfo ();
use XML::Compile::C14N::Util qw/:c14n/;
use XML::Compile::C14N ();
use Digest ();
use XML::LibXML ();
use File::Basename qw/dirname/;
use File::Glob qw/bsd_glob/;
use Scalar::Util qw/blessed/;
my %prefixes =
( # ds=DSIG_NS already registered in ::WSS
dsig11 => DSIG11_NS
, dsp => DSP_NS
, dsigm => DSIG_MORE_NS
, xenc => XENC_NS
);
#use Data::Dumper;
#$Data::Dumper::Indent = 1;
#$Data::Dumper::Quotekeys = 0;
sub init($)
{ my ($self, $args) = @_;
lib/XML/Compile/WSS/Signature.pm view on Meta::CPAN
$self;
}
sub loadSchemas($$)
{ my ($self, $schema, $version) = @_;
return if $schema->{XCWS_sig_loaded}++;
$self->SUPER::loadSchemas($schema, $version);
my $xsddir = dirname __FILE__;
trace "loading wss-dsig schemas from $xsddir/(dsig|encr)/*.xsd";
my @xsds =
( bsd_glob("$xsddir/dsig/*.xsd")
, bsd_glob("$xsddir/encr/*.xsd")
);
$schema->addPrefixes(\%prefixes);
my $prefixes = join ',', sort keys %prefixes;
$schema->addKeyRewrite("PREFIXED($prefixes)");
$schema->importDefinitions(\@xsds);
$schema;
}
lib/XML/Compile/WSS/Signature.pod view on Meta::CPAN
XML::Compile::WSS::Signature - WSS Signatures
=head1 INHERITANCE
XML::Compile::WSS::Signature
is a XML::Compile::WSS
=head1 SYNOPSIS
# You may need a few constants
use XML::Compile::WSS::Util qw/:dsig/;
use XML::Compile::C14N::Util qw/:c14n/;
# This modules van be used "stand-alone" ...
my $schema = XML::Compile::Cache->new(...);
my $sig = XML::Compile::WSS::Signature->new
(sign_method => DSIG_RSA_SHA1, ...);
# ... or as SOAP slave (strict order of object creation!)
my $wss = XML::Compile::SOAP::WSS->new;
my $wsdl = XML::Compile::WSDL11->new($wsdlfn);
lib/XML/Compile/WSS/Signature.pod view on Meta::CPAN
to 'LEGACY', but better use SHA256 or higher. Defaults of this module
still use SHA1, which might change in the future.
The generic Web Service Security protocol is implemented by the super
class L<XML::Compile::WSS|XML::Compile::WSS>. This extension implements cypto signatures.
On this moment, there are two versions of this standard:
=over 4
=item * F<http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/>
=item * F<http://www.w3.org/TR/xmldsig-core2/>
=back
One or more elements of a (SOAP) document can be selected to be signed. They
are canonalized (serialized in a well-described way) and then digested
(usually via SHA1). The digest is put in a C<SignedInfo> component of
the C<Signature> element in the C<Security> header. When all digests
are in place, the whole SignedInfo structure gets signed.
Extends L<"DESCRIPTION" in XML::Compile::WSS|XML::Compile::WSS/"DESCRIPTION">.
lib/XML/Compile/WSS/SignedInfo.pm view on Meta::CPAN
use warnings;
use strict;
use Log::Report 'xml-compile-wss-sig';
use Digest::SHA ();
use XML::Compile::C14N;
use XML::Compile::Util qw/type_of_node/;
use XML::Compile::WSS::Util qw/:wss11 :dsig/;
use XML::Compile::C14N::Util qw/:c14n is_canon_constant/;
# Quite some problems to get canonicalization compatible between
# client and server. Especially where some xmlns's are optional.
# It may help to enforce some namespaces via $wsdl->prefixFor($ns)
my @default_canon_ns = qw(SOAP-ENV); # qw/wsu/;
# There can only be one c14n rule active, because it would otherwise
# produce a prefix
my $c14n;
lib/XML/Compile/WSS/dsig/200009-dsig.xsd view on Meta::CPAN
<?xml version="1.0" encoding="utf-8"?>
<schema xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
targetNamespace="http://www.w3.org/2000/09/xmldsig#"
version="0.1" elementFormDefault="qualified">
<!-- Basic Types Defined for Signatures -->
<simpleType name="CryptoBinary">
<restriction base="base64Binary">
</restriction>
</simpleType>
<!-- Start Signature -->
lib/XML/Compile/WSS/dsig/2009-dsig11.xsd view on Meta::CPAN
<?xml version="1.0" encoding="utf-8"?>
<schema xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:dsig11="http://www.w3.org/2009/xmldsig11#"
targetNamespace="http://www.w3.org/2009/xmldsig11#"
version="0.1" elementFormDefault="qualified">
<import namespace="http://www.w3.org/2000/09/xmldsig#"/>
<element name="ECKeyValue" type="dsig11:ECKeyValueType"/>
<complexType name="ECKeyValueType">
<sequence>
<choice>
<element name="ECParameters" type="dsig11:ECParametersType"/>
<element name="NamedCurve" type="dsig11:NamedCurveType"/>
</choice>
<element name="PublicKey" type="dsig11:ECPointType"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<complexType name="NamedCurveType">
<attribute name="URI" type="anyURI" use="required"/>
</complexType>
<simpleType name="ECPointType">
<restriction base="ds:CryptoBinary"/>
</simpleType>
<complexType name="ECParametersType">
<sequence>
<element name="FieldID" type="dsig11:FieldIDType"/>
<element name="Curve" type="dsig11:CurveType"/>
<element name="Base" type="dsig11:ECPointType"/>
<element name="Order" type="ds:CryptoBinary"/>
<element name="CoFactor" type="integer" minOccurs="0"/>
<element name="ValidationData"
type="dsig11:ECValidationDataType" minOccurs="0"/>
</sequence>
</complexType>
<complexType name="FieldIDType">
<choice>
<element ref="dsig11:Prime"/>
<element ref="dsig11:TnB"/>
<element ref="dsig11:PnB"/>
<element ref="dsig11:GnB"/>
<any namespace="##other" processContents="lax"/>
</choice>
</complexType>
<complexType name="CurveType">
<sequence>
<element name="A" type="ds:CryptoBinary"/>
<element name="B" type="ds:CryptoBinary"/>
</sequence>
</complexType>
<complexType name="ECValidationDataType">
<sequence>
<element name="seed" type="ds:CryptoBinary"/>
</sequence>
<attribute name="hashAlgorithm" type="anyURI" use="required"/>
</complexType>
<element name="Prime" type="dsig11:PrimeFieldParamsType"/>
<complexType name="PrimeFieldParamsType">
<sequence>
<element name="P" type="ds:CryptoBinary"/>
</sequence>
</complexType>
<element name="GnB" type="dsig11:CharTwoFieldParamsType"/>
<complexType name="CharTwoFieldParamsType">
<sequence>
<element name="M" type="positiveInteger"/>
</sequence>
</complexType>
<element name="TnB" type="dsig11:TnBFieldParamsType"/>
<complexType name="TnBFieldParamsType">
<complexContent>
<extension base="dsig11:CharTwoFieldParamsType">
<sequence>
<element name="K" type="positiveInteger"/>
</sequence>
</extension>
</complexContent>
</complexType>
<element name="PnB" type="dsig11:PnBFieldParamsType"/>
<complexType name="PnBFieldParamsType">
<complexContent>
<extension base="dsig11:CharTwoFieldParamsType">
<sequence>
<element name="K1" type="positiveInteger"/>
<element name="K2" type="positiveInteger"/>
<element name="K3" type="positiveInteger"/>
</sequence>
</extension>
</complexContent>
</complexType>
<element name="OCSPResponse" type="base64Binary"/>
<element name="DEREncodedKeyValue" type="dsig11:DEREncodedKeyValueType"/>
<complexType name="DEREncodedKeyValueType">
<simpleContent>
<extension base="base64Binary">
<attribute name="Id" type="ID" use="optional"/>
</extension>
</simpleContent>
</complexType>
<element name="KeyInfoReference" type="dsig11:KeyInfoReferenceType"/>
<complexType name="KeyInfoReferenceType">
<attribute name="URI" type="anyURI" use="required"/>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<element name="X509Digest" type="dsig11:X509DigestType"/>
<complexType name="X509DigestType">
<simpleContent>
<extension base="base64Binary">
<attribute name="Algorithm" type="anyURI" use="required"/>
</extension>
</simpleContent>
</complexType>
</schema>
lib/XML/Compile/WSS/dsig/20110303-dsig-properties.xsd view on Meta::CPAN
<?xml version="1.0" encoding="utf-8"?>
<schema xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:dsp="http://www.w3.org/2009/xmldsig-properties"
targetNamespace="http://www.w3.org/2009/xmldsig-properties"
version="0.1" elementFormDefault="qualified">
<element name="Profile" type="dsp:ProfileType"/>
<complexType name="ProfileType">
<attribute name="URI" type="anyURI"/>
</complexType>
<element name="Role" type="dsp:RoleType"/>
<complexType name="RoleType">
<attribute name="URI" type="anyURI"/>
lib/XML/Compile/WSS/encr/200104-xenc.xsd view on Meta::CPAN
<?xml version="1.0" encoding="utf-8"?>
<schema xmlns='http://www.w3.org/2001/XMLSchema' version='1.0'
xmlns:xenc='http://www.w3.org/2001/04/xmlenc#'
xmlns:ds='http://www.w3.org/2000/09/xmldsig#'
targetNamespace='http://www.w3.org/2001/04/xmlenc#'
elementFormDefault='qualified'>
<import namespace='http://www.w3.org/2000/09/xmldsig#'
schemaLocation='http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd'/>
<complexType name='EncryptedType' abstract='true'>
<sequence>
<element name='EncryptionMethod' type='xenc:EncryptionMethodType'
minOccurs='0'/>
<element ref='ds:KeyInfo' minOccurs='0'/>
<element ref='xenc:CipherData'/>
<element ref='xenc:EncryptionProperties' minOccurs='0'/>
</sequence>
<attribute name='Id' type='ID' use='optional'/>
t/20signature.t view on Meta::CPAN
use warnings;
use strict;
use lib '../XML-Compile-WSS/lib', 'lib';
use XML::Compile::WSDL11;
use XML::Compile::SOAP11;
use XML::Compile::Transport::SOAPHTTP;
use XML::Compile::SOAP::WSS;
use XML::Compile::WSS::Util qw/:dsig :dsigm :xtp10/;
use XML::Compile::C14N::Util qw/:c14n/;
use Log::Report mode => 2;
use Data::Dumper;
$Data::Dumper::Indent = 1;
$Data::Dumper::Quotekeys = 0;
use Test::More;
BEGIN {
eval "require Crypt::OpenSSL::RSA";
t/21enckey.t view on Meta::CPAN
ok(defined $x509fp, 'got fingerprint');
my $x509fp64 = encode_base64 $x509fp;
my $token_xml = <<__TOKEN__;
<?xml version="1.0"?>
<xenc:EncryptedKey
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EK"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">$x509fp64</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>
tOkmh0f6Ez2x6Uc9I7J6gPlZA0H02eWGFmLrRxaIeZe15g/j7/NvRfpy09OnsiWyhmzbq16TNX/l
OAsRQD/K7VZb4MjTXBq6GWpK7ZF7k39VggqagzXLp8fu+V3bBcMtbZwspBIZggGwxJuKGONDu5w2
t/30signedinfo.t view on Meta::CPAN
use Data::Dumper;
$Data::Dumper::Indent = 1;
$Data::Dumper::Quotekeys = 0;
$Data::Dumper::Sortkeys = 1;
use File::Slurp qw/write_file/;
use MIME::Base64 qw/encode_base64/;
use XML::LibXML ();
use XML::Compile::WSS::Util qw/:dsig/;
use XML::Compile::C14N::Util qw/C14N_EXC_NO_COMM/;
use XML::Compile::Tester qw/compare_xml/;
sub newdoc() { XML::LibXML::Document->new('1.0', 'UTF8') }
use_ok('XML::Compile::Cache');
use_ok('XML::Compile::WSS::SignedInfo');
use_ok('XML::Compile::WSS::Signature');
my $schema = XML::Compile::Cache->new;
t/30signedinfo.t view on Meta::CPAN
### SignedInfo
my $b2 = $si->builder($wss);
isa_ok($b2, 'CODE', 'signedinfo builder');
my $doc2 = newdoc;
my ($info2, $canon2) = $b2->($doc2, [$ts1], DSIG_HMAC_SHA1);
isa_ok($info2, 'XML::LibXML::Element');
is($info2->toString(1)."\n", <<'__EXPECT');
<ds:SignedInfo xmlns:c14n="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="SOAP-ENV"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
<ds:Reference URI="#TS-1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<c14n:InclusiveNamespaces PrefixList="SOAP-ENV"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>tUsn5vQc0RxHgy8u/btX3fHZAsA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
__EXPECT
t/31keyinfo.t view on Meta::CPAN
ok(defined $x509fp, 'got fingerprint');
my $x509fp64 = encode_base64 $x509fp;
### SECTOKREF_KEYID
ok(1, 'testing SECTOKREF_KEYID');
my $keyinfo1 = <<__KEYINFO__;
<?xml version="1.0"?>
<ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
>
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">$x509fp64</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
__KEYINFO__
t/31keyinfo.t view on Meta::CPAN
, keyident_id => 'my-first-id'
, sectokref_id => 'another-id'
);
my $doc1 = newdoc;
my $data1 = $wr1->($doc1, $x509, undef);
#warn Dumper $data1;
my $xml1 = $ki_writer->($doc1, $data1);
compare_xml($xml1->toString(1), <<'__XML');
<ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference wsu:Id="another-id">
<wsse:KeyIdentifier
wsu:Id="my-first-id"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">
MTI6RjQ6NzY6NjY6QzI6NzA6RjM6MUU6OTk6RDQ6QjY6MjE6NTg6RjQ6RTE6MzM6NjQ6N0U6OTE6
MDA=
</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
__XML
### SECTOKREF_URI
ok(1, 'testing SECTOKREF_URI');
my $keyinfo2 = <<__KEYINFO__;
<?xml version="1.0"?>
<ds:KeyInfo Id="KI-7C1FF62FE1E419416813626762777505"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:SecurityTokenReference
wsu:Id="STR-7C1FF62FE1E419416813626762777506">
<wsse:Reference
URI="#X509-7C1FF62FE1E419416813626762777504"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
__KEYINFO__
t/31keyinfo.t view on Meta::CPAN
, sectokref_uri => '#my-uri'
);
my $doc2 = newdoc;
my $sec2b = $doc2->createElement('top');
my $data2 = $wr2->($doc2, $x509, $sec2b);
#warn Dumper $data2;
my $xml2 = $ki_writer->($doc2, $data2);
compare_xml($xml2->toString(1), <<'__XML');
<ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:Reference URI="#my-uri"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
__XML
compare_xml($sec2b->toString(1), <<'__SEC', 'binsectoken');
<top>
<wsse:BinarySecurityToken
t/31keyinfo.t view on Meta::CPAN
FuH0CMzAKjwIxlBejms=
</wsse:BinarySecurityToken>
</top>
__SEC
#### KEYNAME
ok(1, 'testing KEYNAME');
my $keyinfo3 = <<'__KEYINFO__';
<ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
Id="key3-read">
<ds:KeyName>C=NL, L=Arnhem, CN=example.com</ds:KeyName>
</ds:KeyInfo>
__KEYINFO__
my $keyhash3 = $ki_reader->($keyinfo3);
#warn Dumper $keyhash3;
is($keyhash3->{Id}, 'key3-read');
t/31keyinfo.t view on Meta::CPAN
, keyinfo_id => 'key3'
);
my $doc3 = newdoc;
my $data3 = $wr3->($doc3, $x509, undef);
#warn Dumper $data3;
my $xml3 = $ki_writer->($doc3, $data3);
compare_xml($xml3->toString(1), <<'__XML');
<ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="key3">
<ds:KeyName>C=NL, L=Arnhem, CN=example.com</ds:KeyName>
</ds:KeyInfo>
__XML
#### X509Data
ok(1, 'testing X509Data');
# data taken from an SMD file example
my $keyinfo4 = <<'__KEYINFO4__';
<ds:KeyInfo Id="_b3cab897-58a4-4c41-9c16-d1e1539d7b70"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
MIIFLzCCBBegAwIBAgIgLrAbevoae52y3f6C2tB0Sn3p7XJm0T02FogxKCfNhXowDQYJKoZIhvcN
AQELBQAwfDELMAkGA1UEBhMCVVMxPDA6BgNVBAoTM0ludGVybmV0IENvcnBvcmF0aW9uIGZvciBB
c3NpZ25lZCBOYW1lcyBhbmQgTnVtYmVyczEvMC0GA1UEAxMmSUNBTk4gVHJhZGVtYXJrIENsZWFy
aW5naG91c2UgUGlsb3QgQ0EwHhcNMTMwNjI2MDAwMDAwWhcNMTgwNjI1MjM1OTU5WjCBjzELMAkG
A1UEBhMCQkUxIDAeBgNVBAgTF0JydXNzZWxzLUNhcGl0YWwgUmVnaW9uMREwDwYDVQQHEwhCcnVz
c2VsczERMA8GA1UEChMIRGVsb2l0dGUxODA2BgNVBAMTL0lDQU5OIFRNQ0ggQXV0aG9yaXplZCBU
cmFkZW1hcmsgUGlsb3QgVmFsaWRhdG9yMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
xlp3KpYHX3WyAsFhSk3LwWfnGlxnUDFqFZA3UouMYj/XigbMkNeEXIjlkROKT4OPGfRx/LAyRlQQ
t/test-encr.xml view on Meta::CPAN
<?xml version="1.0"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" S:mustUnderstand="1">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X5...
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-8">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="S"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#SIG-7">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse wsu S"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>rZ4SUv4snYbEuqo8B8x7OjN0XL0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>ZuDpRI3yL6hSL8GleOiHwfF9pCfL7x3o4YvVgdIWNq13PV69T80c6Fttcwn73ygzdhvWGhKpyyAJ
2mB5diZRWxMPKQwXYgrKf8QIVXye2P5d9fWfz2i96av9FEygkJot2BSfl5sZsdorVwZLlow+aWvw
x/SGOLAHo92gW2MdmQU=</ds:SignatureValue>
<ds:KeyInfo Id="KI-7C1FF62FE1E419416813626762777505">
<wsse:SecurityTokenReference wsu:Id="STR-7C1FF62FE1E419416813626762777506">
<wsse:Reference URI="#X509-7C1FF62FE1E419416813626762777504" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EK-7C1FF62FE1E419416813626762776921">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">+tkVcx0cyPfbKr...
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>XSVAEVO5x6TPr38HJ4vnzBccEYjNcbvIoF0/HpuusihA0Pqnc7obyqTlc4coSVhVDhPy851g4TL41Xe/ZT2T5X1yzM0ty8XNtXauCTU12dNbdty3mKfAxlt7yRGbZwhsFny66DpHokdEDiz/uK1CSObppPVH9HiyD+YzKsORhh4=</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-7">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="S"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
<ds:Reference URI="#TS-1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse S"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>olYfh1K3kbo7HRLio52pyc24g7g=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-2">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=""/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>czQuzZm9hrdPMxZGhI39E7TuzsM=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="S"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>fN/tb3XyFWrQWOhLD8bBgnbiFok=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-4">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="S"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>H8YfZ0EIU739xO9rpmV/ClUPmss=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-5">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="S"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>vW2ligRPss5nRrq0E6jrvdBoKL4=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-6">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="S"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>HYtQ7krGcBBq9O44oGxDOaJDOtk=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>BPY2EVmbBtivuq6x3henDXPqg0E=</ds:SignatureValue>
<ds:KeyInfo Id="KI-7C1FF62FE1E419416813626762777072">
<wsse:SecurityTokenReference xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" wsu:Id="STR-7C1FF62FE1E4194168...
<wsse:Reference URI="#EK-7C1FF62FE1E419416813626762776921" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
( run in 1.032 second using v1.01-cache-2.11-cpan-71847e10f99 )