Authen-HTTP-Signature
view release on metacpan - search on metacpan
view release on metacpan or search on metacpan
lib/Authen/HTTP/Signature/Method/RSA.pm view on Meta::CPAN
-----BEGIN PUBLIC KEY-----
=back
=cut
has 'key' => (
is => 'ro',
required => 1,
);
=over
=item data
Holds the data to be signed or verified. This is typically the C<signing_string> attribute
from L<Authen::HTTP::Signature>. Read-only. Required.
=back
=cut
has 'data' => (
is => 'ro',
required => 1,
);
=over
=item hash
Digest algorithm. Read-only. Required.
=back
=cut
has 'hash' => (
is => 'ro',
required => 1,
);
=head1 METHODS
=over
=item sign()
Signs C<data> using C<key>.
Returns a base 64 encoded signature.
=back
=cut
sub sign {
my $self = shift;
my $key = Crypt::OpenSSL::RSA->new_private_key($self->key);
confess "I don't have a key!" unless $key;
$self->_set_digest($key);
my $s = $key->sign($self->data);
# pass empty string as second arg to prevent line breaks in stream
return encode_base64($s, "");
}
sub _set_digest {
my $self = shift;
my $key = shift;
if ( $self->hash =~ /sha1/ ) {
$key->use_sha1_hash();
}
elsif ( $self->hash =~ /sha256/ ) {
$key->use_sha256_hash();
}
elsif ( $self->hash =~ /sha512/ ) {
$key->use_sha512_hash();
}
}
=over
=item verify()
This method validates a signature was generated by a specific private key by using the corresponding
public key.
Takes a Base64 encoded signature string as input.
Returns a boolean.
=back
=cut
sub verify {
my $self = shift;
my $signature = shift;
confess "I don't have a signature to verify!" unless $signature;
my $key = Crypt::OpenSSL::RSA->new_public_key($self->key);
confess "I don't have a key!" unless $key;
$self->_set_digest($key);
return $key->verify($self->data, decode_base64( $signature ));
}
=head1 SEE ALSO
L<Authen::HTTP::Signature>
=cut
view all matches for this distributionview release on metacpan - search on metacpan
( run in 0.393 second using v1.00-cache-2.02-grep-82fe00e-cpan-dad7e4baca0 )