1Mail::DKIM::Signer(3) User Contributed Perl DocumentationMail::DKIM::Signer(3)
2
3
4
6 Mail::DKIM::Signer - generates a DKIM signature for a message
7
9 use Mail::DKIM::Signer;
10 use Mail::DKIM::TextWrap; #recommended
11
12 # create a signer object
13 my $dkim = Mail::DKIM::Signer->new(
14 Algorithm => 'rsa-sha1',
15 Method => 'relaxed',
16 Domain => 'example.org',
17 Selector => 'selector1',
18 KeyFile => 'private.key',
19 Headers => 'x-header:x-header2',
20 );
21
22 # read an email from a file handle
23 $dkim->load(*STDIN);
24
25 # or read an email and pass it into the signer, one line at a time
26 while (<STDIN>)
27 {
28 # remove local line terminators
29 chomp;
30 s/\015$//;
31
32 # use SMTP line terminators
33 $dkim->PRINT("$_\015\012");
34 }
35 $dkim->CLOSE;
36
37 # what is the signature result?
38 my $signature = $dkim->signature;
39 print $signature->as_string;
40
42 This class is the part of Mail::DKIM responsible for generating
43 signatures for a given message. You create an object of this class,
44 specifying the parameters of the signature you wish to create, or
45 specifying a callback function so that the signature parameters can be
46 determined later. Next, you feed it the entire message using "PRINT()",
47 completing with "CLOSE()". Finally, use the "signatures()" method to
48 access the generated signatures.
49
50 Pretty Signatures
51 Mail::DKIM includes a signature-wrapping module (which inserts
52 linebreaks into the generated signature so that it looks nicer in the
53 resulting message. To enable this module, simply call
54
55 use Mail::DKIM::TextWrap;
56
57 in your program before generating the signature.
58
60 new()
61 Construct an object-oriented signer.
62
63 # create a signer using the default policy
64 my $dkim = Mail::DKIM::Signer->new(
65 Algorithm => 'rsa-sha1',
66 Method => 'relaxed',
67 Domain => 'example.org',
68 Selector => 'selector1',
69 KeyFile => 'private.key',
70 Headers => 'x-header:x-header2',
71 );
72
73 # create a signer using a custom policy
74 my $dkim = Mail::DKIM::Signer->new(
75 Policy => $policyfn,
76 );
77
78 The "default policy" is to create a DKIM signature using the specified
79 parameters, but only if the message's sender matches the domain. The
80 following parameters can be passed to this new() method to influence
81 the resulting signature: Algorithm, Method, Domain, Selector, KeyFile,
82 Identity, Timestamp.
83
84 If you want different behavior, you can provide a "signer policy"
85 instead. A signer policy is a subroutine or class that determines
86 signature parameters after the message's headers have been parsed. See
87 the section "SIGNER POLICIES" below for more information.
88
89 See Mail::DKIM::SignerPolicy for more information about policy objects.
90
91 In addition to the parameters demonstrated above, the following are
92 recognized:
93
94 Key rather than using "KeyFile", use "Key" to use an already-loaded
95 Mail::DKIM::PrivateKey object.
96
97 Headers
98 A colon separated list of headers to sign, this is added to the
99 list of default headers as shown in in the DKIM specification.
100
101 For each specified header all headers of that type which are
102 present in the message will be signed, but we will not oversign or
103 sign headers which are not present.
104
105 If you require greater control over signed headers please use the
106 extended_headers() method instead.
107
108 The list of headers signed by default is as follows
109
110 From Sender Reply-To Subject Date
111 Message-ID To Cc MIME-Version
112 Content-Type Content-Transfer-Encoding Content-ID Content-Description
113 Resent-Date Resent-From Resent-Sender Resent-To Resent-cc
114 Resent-Message-ID
115 In-Reply-To References
116 List-Id List-Help List-Unsubscribe List-Subscribe
117 List-Post List-Owner List-Archive
118
120 PRINT()
121 Feed part of the message to the signer.
122
123 $dkim->PRINT("a line of the message\015\012");
124
125 Feeds content of the message being signed into the signer. The API is
126 designed this way so that the entire message does NOT need to be read
127 into memory at once.
128
129 Please note that although the PRINT() method expects you to use SMTP-
130 style line termination characters, you should NOT use the SMTP-style
131 dot-stuffing technique described in RFC 2821 section 4.5.2. Nor should
132 you use a <CR><LF>.<CR><LF> sequence to terminate the message.
133
134 CLOSE()
135 Call this when finished feeding in the message.
136
137 $dkim->CLOSE;
138
139 This method finishes the canonicalization process, computes a hash, and
140 generates a signature.
141
142 extended_headers()
143 This method overrides the headers to be signed and allows more control
144 than is possible with the Headers property in the constructor.
145
146 The method expects a HashRef to be passed in.
147
148 The Keys are the headers to sign, and the values are either the number
149 of headers of that type to sign, or the special values '*' and '+'.
150
151 * will sign ALL headers of that type present in the message.
152
153 + will sign ALL + 1 headers of that type present in the message to
154 prevent additional headers being added.
155
156 You may override any of the default headers by including them in the
157 hashref, and disable them by giving them a 0 value.
158
159 Keys are case insensitive with the values being added upto the highest
160 value.
161
162 Headers => {
163 'X-test' => '*',
164 'x-test' => '1',
165 'Subject' => '+',
166 'Sender' => 0,
167 },
168
169 add_signature()
170 Used by signer policy to create a new signature.
171
172 $dkim->add_signature(new Mail::DKIM::Signature(...));
173
174 Signer policies can use this method to specify complete parameters for
175 the signature to add, including what type of signature. For more
176 information, see Mail::DKIM::SignerPolicy.
177
178 algorithm()
179 Get or set the selected algorithm.
180
181 $alg = $dkim->algorithm;
182
183 $dkim->algorithm('rsa-sha1');
184
185 domain()
186 Get or set the selected domain.
187
188 $alg = $dkim->domain;
189
190 $dkim->domain('example.org');
191
192 load()
193 Load the entire message from a file handle.
194
195 $dkim->load($file_handle);
196
197 Reads a complete message from the designated file handle, feeding it
198 into the signer. The message must use <CRLF> line terminators (same as
199 the SMTP protocol).
200
201 headers()
202 Determine which headers to put in signature.
203
204 my $headers = $dkim->headers;
205
206 This is a string containing the names of the header fields that will be
207 signed, separated by colons.
208
209 key()
210 Get or set the private key object.
211
212 my $key = $dkim->key;
213
214 $dkim->key(Mail::DKIM::PrivateKey->load(File => 'private.key'));
215
216 The key object can be any object that implements the sign_digest()
217 method. (Providing your own object can be useful if your actual keys
218 are stored out-of-process.)
219
220 If you use this method to specify a private key, do not use
221 "key_file()".
222
223 key_file()
224 Get or set the filename containing the private key.
225
226 my $filename = $dkim->key_file;
227
228 $dkim->key_file('private.key');
229
230 If you use this method to specify a private key file, do not use
231 "key()".
232
233 method()
234 Get or set the selected canonicalization method.
235
236 $alg = $dkim->method;
237
238 $dkim->method('relaxed');
239
240 message_originator()
241 Access the "From" header.
242
243 my $address = $dkim->message_originator;
244
245 Returns the "originator address" found in the message, as a
246 Mail::Address object. This is typically the (first) name and email
247 address found in the From: header. If there is no From: header, then an
248 empty Mail::Address object is returned.
249
250 To get just the email address part, do:
251
252 my $email = $dkim->message_originator->address;
253
254 See also "message_sender()".
255
256 message_sender()
257 Access the "From" or "Sender" header.
258
259 my $address = $dkim->message_sender;
260
261 Returns the "sender" found in the message, as a Mail::Address object.
262 This is typically the (first) name and email address found in the
263 Sender: header. If there is no Sender: header, it is the first name and
264 email address in the From: header. If neither header is present, then
265 an empty Mail::Address object is returned.
266
267 To get just the email address part, do:
268
269 my $email = $dkim->message_sender->address;
270
271 The "sender" is the mailbox of the agent responsible for the actual
272 transmission of the message. For example, if a secretary were to send a
273 message for another person, the "sender" would be the secretary and the
274 "originator" would be the actual author.
275
276 selector()
277 Get or set the current key selector.
278
279 $alg = $dkim->selector;
280
281 $dkim->selector('alpha');
282
283 signature()
284 Access the generated signature object.
285
286 my $signature = $dkim->signature;
287
288 Returns the generated signature. The signature is an object of type
289 Mail::DKIM::Signature. If multiple signatures were generated, this
290 method returns the last one.
291
292 The signature (as text) should be prepended to the message to make the
293 resulting message. At the very least, it should precede any headers
294 that were signed.
295
296 signatures()
297 Access list of generated signature objects.
298
299 my @signatures = $dkim->signatures;
300
301 Returns all generated signatures, as a list.
302
304 The new() constructor takes an optional Policy argument. This can be a
305 Perl object or class with an apply() method, or just a simple
306 subroutine reference. The method/subroutine will be called with the
307 signer object as an argument. The policy is responsible for checking
308 the message and specifying signature parameters. The policy must return
309 a nonzero value to create the signature, otherwise no signature will be
310 created. E.g.,
311
312 my $policyfn = sub {
313 my $dkim = shift;
314
315 # specify signature parameters
316 $dkim->algorithm('rsa-sha1');
317 $dkim->method('relaxed');
318 $dkim->domain('example.org');
319 $dkim->selector('mx1');
320
321 # return true value to create the signature
322 return 1;
323 };
324
325 Or the policy object can actually create the signature, using the
326 add_signature method within the policy object. If you add a signature,
327 you do not need to return a nonzero value. This mechanism can be
328 utilized to create multiple signatures, or to create the older
329 DomainKey-style signatures.
330
331 my $policyfn = sub {
332 my $dkim = shift;
333 $dkim->add_signature(
334 new Mail::DKIM::Signature(
335 Algorithm => 'rsa-sha1',
336 Method => 'relaxed',
337 Headers => $dkim->headers,
338 Domain => 'example.org',
339 Selector => 'mx1',
340 ));
341 $dkim->add_signature(
342 new Mail::DKIM::DkSignature(
343 Algorithm => 'rsa-sha1',
344 Method => 'nofws',
345 Headers => $dkim->headers,
346 Domain => 'example.org',
347 Selector => 'mx1',
348 ));
349 return;
350 };
351
352 If no policy is specified, the default policy is used. The default
353 policy signs every message using the domain, algorithm, method, and
354 selector specified in the new() constructor.
355
357 Mail::DKIM::SignerPolicy
358
360 Jason Long, <jlong@messiah.edu>
361
363 Copyright (C) 2006-2007 by Messiah College
364
365 This library is free software; you can redistribute it and/or modify it
366 under the same terms as Perl itself, either Perl version 5.8.6 or, at
367 your option, any later version of Perl 5 you may have available.
368
369
370
371perl v5.26.3 2018-10-13 Mail::DKIM::Signer(3)