NAME XML::Enc - XML::Enc Encryption Support VERSION version 0.15 SYNOPSIS my $decrypter = XML::Enc->new( { key => 't/sign-private.pem', no_xml_declaration => 1, }, ); $decrypted = $enc->decrypt($xml); my $encrypter = XML::Enc->new( { cert => 't/sign-certonly.pem', no_xml_declaration => 1, data_enc_method => 'aes256-cbc', key_transport => 'rsa-1_5', }, ); $encrypted = $enc->encrypt($xml); NAME XML::Enc - XML Encryption METHODS new( ... ) Constructor. Creates an instance of the XML::Enc object Arguments: key Filename of the private key to be used for decryption. cert Filename of the public key to be used for encryption. no_xml_declaration Do not return the XML declaration if true (1). Return it if false (0). This is useful for decrypting documents without the declaration such as SAML2 Responses. data_enc_method Specify the data encryption method to be used. Supported methods are: Used in encryption. Optional. Default method: aes256-cbc * tripledes-cbc <https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.ht ml#tripledes-cbc> * aes128-cbc <https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.ht ml#aes128-cbc> * aes192-cbc <https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.ht ml#aes192-cbc> * aes256-cbc <https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.ht ml#aes256-cbc> * aes128-gcm <https://www.w3.org/TR/xmlenc-core/#aes128-gcm> * aes192-gcm <https://www.w3.org/TR/xmlenc-core/#aes192-gcm> * aes256-gcm <https://www.w3.org/TR/xmlenc-core/#aes256-gcm> key_transport Specify the encryption method to be used for key transport. Supported methods are: Used in encryption. Optional. Default method: rsa-oaep-mgf1p * rsa-1_5 <https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.ht ml#rsa-1_5> * rsa-oaep-mgf1p <https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.ht ml#rsa-oaep-mgf1p> * rsa-oaep <http://www.w3.org/2009/xmlenc11#rsa-oaep> oaep_mgf_alg Specify the Algorithm to be used for rsa-oaep. Supported algorithms are: Used in encryption. Optional. Default method: mgf1sha1 * mgf1sha1 <http://www.w3.org/2009/xmlenc11#mgf1sha1> * mgf1sha224 <http://www.w3.org/2009/xmlenc11#mgf1sha224> * mgf1sha265 <http://www.w3.org/2009/xmlenc11#mgf1sha256> * mgf1sha384 <http://www.w3.org/2009/xmlenc11#mgf1sha384> * mgf1sha512 <http://www.w3.org/2009/xmlenc11#mgf1sha512> oaep_params Specify the OAEPparams value to use as part of the mask generation function (MGF). It is optional but can be specified for rsa-oaep and rsa-oaep-mgf1p EncryptionMethods. It is base64 encoded and stored in the XML as OAEPparams. If specified you MAY specify the oaep_label_hash that should be used. You should note that not all implementations support an oaep_label_hash that differs from that of the MGF specified in the xenc11:MGF element or the default MGF1 with SHA1. The oaep_label_hash is stored in the DigestMethod child element of the EncryptionMethod. oaep_label_hash Specify the Hash Algorithm to use for the rsa-oaep label as specified by oaep_params. The default is sha1. Supported algorithms are: * sha1 <http://www.w3.org/2000/09/xmldsig#sha1> * sha224 <http://www.w3.org/2001/04/xmldsig-more#sha224> * sha256 <http://www.w3.org/2001/04/xmlenc#sha256> * sha384 <http://www.w3.org/2001/04/xmldsig-more#sha384> * sha512 <http://www.w3.org/2001/04/xmlenc#sha512> key_name Specify a key name to add to the KeyName element. If it is not specified then no KeyName element is added to the KeyInfo decrypt( ... ) Main decryption function. Arguments: xml XML containing the encrypted data. encrypt( ... ) Main encryption function. Arguments: xml XML containing the plaintext data. AUTHOR Timothy Legge <timlegge@cpan.org> COPYRIGHT AND LICENSE This software is copyright (c) 2024 by TImothy Legge. This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.