Object::Signature(3) Generate cryptographic signatures for objects

SYNOPSIS


# In your module
package My::Module
use base 'Object::Signature';

# In outside code
my $Object = My::Module->new;
print "Object Signature: " . $Object->signature;

DESCRIPTION

Object::Signature is an abstract base class that you can inherit from in order to allow your objects to generate unique cryptographic signatures.

The method used to generate the signature is based on Storable and Digest::MD5. The object is fed to "Storable::nfreeze" to get a string, which is then passed to Digest::MD5::md5_hex to get a unique 32 character hexidecimal signature.

METHODS

signature

The "signature" method is the only method added to your class, and will generate a unique 32 hexidecimal signature for any object it is called on.

SUPPORT

All bugs should be filed via the bug tracker at

http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Object-Signature <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Object-Signature>

For other issues, or commercial enhancement or support, contact the author.

TO DO

Incremental Generation

Currently has to generate the entire Storable string before digesting it. Would be nice if there was a way to incrementally Storablise and Digest in one pass so that it becomes much more memory efficient for large objects.

Strengthen the Digest Algorithm

Once the current (as of 2005) hashing controversy settles down, consider selecting a newer and more powerful hashing algorithm to replace MD5. Or offer alternatives depending on how important the security situation is, as MD5 is very fast (90 meg a second) and many more-secure ones are a lot slower (more than 10 times slower in some cases).

On our side is the fact we use Storable. It should be much harder to create collisions when you don't control the string, only the structure before it goes through Storable.

AUTHOR

Adam Kennedy <[email protected]>

COPYRIGHT

Copyright 2004 - 2011 Adam Kennedy.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

The full text of the license can be found in the LICENSE file included with this module.