1Mail::DKIM::Signer(3) User Contributed Perl DocumentationMail::DKIM::Signer(3)
2
6 Mail::DKIM::Signer - generates a DKIM signature for a message
7
9 use Mail::DKIM::Signer;
10 use Mail::DKIM::TextWrap; #recommended
11 # create a signer object
13 my $dkim = Mail::DKIM::Signer->new(
14 Algorithm => 'rsa-sha1',
15 Method => 'relaxed',
16 Domain => 'example.org',
17 Selector => 'selector1',
18 KeyFile => 'private.key',
19 Headers => 'x-header:x-header2',
20 );
21 # read an email from a file handle
23 $dkim->load(*STDIN);
24 # or read an email and pass it into the signer, one line at a time
26 while (<STDIN>)
27 {
28 # remove local line terminators
29 chomp;
30 s/\015$//;
31 # use SMTP line terminators
33 $dkim->PRINT("$_\015\012");
34 }
35 $dkim->CLOSE;
36 # what is the signature result?
38 my $signature = $dkim->signature;
39 print $signature->as_string;
40
42 This class is the part of Mail::DKIM responsible for generating
43 signatures for a given message. You create an object of this class,
44 specifying the parameters of the signature you wish to create, or
45 specifying a callback function so that the signature parameters can be
46 determined later. Next, you feed it the entire message using "PRINT()",
47 completing with "CLOSE()". Finally, use the "signatures()" method to
48 access the generated signatures.
49 Pretty Signatures
51 Mail::DKIM includes a signature-wrapping module (which inserts
52 linebreaks into the generated signature so that it looks nicer in the
53 resulting message. To enable this module, simply call
54 use Mail::DKIM::TextWrap;
56 in your program before generating the signature.
58
60 new()
61 Construct an object-oriented signer.
62 # create a signer using the default policy
64 my $dkim = Mail::DKIM::Signer->new(
65 Algorithm => 'rsa-sha1',
66 Method => 'relaxed',
67 Domain => 'example.org',
68 Selector => 'selector1',
69 KeyFile => 'private.key',
70 Headers => 'x-header:x-header2',
71 );
72 # create a signer using a custom policy
74 my $dkim = Mail::DKIM::Signer->new(
75 Policy => $policyfn,
76 );
77 The "default policy" is to create a DKIM signature using the specified
79 parameters, but only if the message's sender matches the domain. The
80 following parameters can be passed to this new() method to influence
81 the resulting signature: Algorithm, Method, Domain, Selector, KeyFile,
82 Identity, Timestamp.
83 If you want different behavior, you can provide a "signer policy"
85 instead. A signer policy is a subroutine or class that determines
86 signature parameters after the message's headers have been parsed. See
87 the section "SIGNER POLICIES" below for more information.
88 See Mail::DKIM::SignerPolicy for more information about policy objects.
90 In addition to the parameters demonstrated above, the following are
92 recognized:
93 Key rather than using "KeyFile", use "Key" to use an already-loaded
95 Mail::DKIM::PrivateKey object.
96 Headers
98 A colon separated list of headers to sign, this is added to the
99 list of default headers as shown in in the DKIM specification.
100 For each specified header all headers of that type which are
102 present in the message will be signed, but we will not oversign or
103 sign headers which are not present.
104 If you require greater control over signed headers please use the
106 extended_headers() method instead.
107 The list of headers signed by default is as follows
109 From Sender Reply-To Subject Date
111 Message-ID To Cc MIME-Version
112 Content-Type Content-Transfer-Encoding Content-ID Content-Description
113 Resent-Date Resent-From Resent-Sender Resent-To Resent-cc
114 Resent-Message-ID
115 In-Reply-To References
116 List-Id List-Help List-Unsubscribe List-Subscribe
117 List-Post List-Owner List-Archive
118
120 PRINT()
121 Feed part of the message to the signer.
122 $dkim->PRINT("a line of the message\015\012");
124 Feeds content of the message being signed into the signer. The API is
126 designed this way so that the entire message does NOT need to be read
127 into memory at once.
128 Please note that although the PRINT() method expects you to use SMTP-
130 style line termination characters, you should NOT use the SMTP-style
131 dot-stuffing technique described in RFC 2821 section 4.5.2. Nor should
132 you use a <CR><LF>.<CR><LF> sequence to terminate the message.
133 CLOSE()
135 Call this when finished feeding in the message.
136 $dkim->CLOSE;
138 This method finishes the canonicalization process, computes a hash, and
140 generates a signature.
141 extended_headers()
143 This method overrides the headers to be signed and allows more control
144 than is possible with the Headers property in the constructor.
145 The method expects a HashRef to be passed in.
147 The Keys are the headers to sign, and the values are either the number
149 of headers of that type to sign, or the special values '*' and '+'.
150 * will sign ALL headers of that type present in the message.
152 + will sign ALL + 1 headers of that type present in the message to
154 prevent additional headers being added.
155 You may override any of the default headers by including them in the
157 hashref, and disable them by giving them a 0 value.
158 Keys are case insensitive with the values being added upto the highest
160 value.
161 Headers => {
163 'X-test' => '*',
164 'x-test' => '1',
165 'Subject' => '+',
166 'Sender' => 0,
167 },
168 add_signature()
170 Used by signer policy to create a new signature.
171 $dkim->add_signature(new Mail::DKIM::Signature(...));
173 Signer policies can use this method to specify complete parameters for
175 the signature to add, including what type of signature. For more
176 information, see Mail::DKIM::SignerPolicy.
177 algorithm()
179 Get or set the selected algorithm.
180 $alg = $dkim->algorithm;
182 $dkim->algorithm('rsa-sha1');
184 domain()
186 Get or set the selected domain.
187 $alg = $dkim->domain;
189 $dkim->domain('example.org');
191 load()
193 Load the entire message from a file handle.
194 $dkim->load($file_handle);
196 Reads a complete message from the designated file handle, feeding it
198 into the signer. The message must use <CRLF> line terminators (same as
199 the SMTP protocol).
200 headers()
202 Determine which headers to put in signature.
203 my $headers = $dkim->headers;
205 This is a string containing the names of the header fields that will be
207 signed, separated by colons.
208 key()
210 Get or set the private key object.
211 my $key = $dkim->key;
213 $dkim->key(Mail::DKIM::PrivateKey->load(File => 'private.key'));
215 The key object can be any object that implements the sign_digest()
217 method. (Providing your own object can be useful if your actual keys
218 are stored out-of-process.)
219 If you use this method to specify a private key, do not use
221 "key_file()".
222 key_file()
224 Get or set the filename containing the private key.
225 my $filename = $dkim->key_file;
227 $dkim->key_file('private.key');
229 If you use this method to specify a private key file, do not use
231 "key()".
232 method()
234 Get or set the selected canonicalization method.
235 $alg = $dkim->method;
237 $dkim->method('relaxed');
239 message_originator()
241 Access the "From" header.
242 my $address = $dkim->message_originator;
244 Returns the "originator address" found in the message, as a
246 Mail::Address object. This is typically the (first) name and email
247 address found in the From: header. If there is no From: header, then an
248 empty Mail::Address object is returned.
249 To get just the email address part, do:
251 my $email = $dkim->message_originator->address;
253 See also "message_sender()".
255 message_sender()
257 Access the "From" or "Sender" header.
258 my $address = $dkim->message_sender;
260 Returns the "sender" found in the message, as a Mail::Address object.
262 This is typically the (first) name and email address found in the
263 Sender: header. If there is no Sender: header, it is the first name and
264 email address in the From: header. If neither header is present, then
265 an empty Mail::Address object is returned.
266 To get just the email address part, do:
268 my $email = $dkim->message_sender->address;
270 The "sender" is the mailbox of the agent responsible for the actual
272 transmission of the message. For example, if a secretary were to send a
273 message for another person, the "sender" would be the secretary and the
274 "originator" would be the actual author.
275 selector()
277 Get or set the current key selector.
278 $alg = $dkim->selector;
280 $dkim->selector('alpha');
282 signature()
284 Access the generated signature object.
285 my $signature = $dkim->signature;
287 Returns the generated signature. The signature is an object of type
289 Mail::DKIM::Signature. If multiple signatures were generated, this
290 method returns the last one.
291 The signature (as text) should be prepended to the message to make the
293 resulting message. At the very least, it should precede any headers
294 that were signed.
295 signatures()
297 Access list of generated signature objects.
298 my @signatures = $dkim->signatures;
300 Returns all generated signatures, as a list.
302
304 The new() constructor takes an optional Policy argument. This can be a
305 Perl object or class with an apply() method, or just a simple
306 subroutine reference. The method/subroutine will be called with the
307 signer object as an argument. The policy is responsible for checking
308 the message and specifying signature parameters. The policy must return
309 a nonzero value to create the signature, otherwise no signature will be
310 created. E.g.,
311 my $policyfn = sub {
313 my $dkim = shift;
314 # specify signature parameters
316 $dkim->algorithm('rsa-sha1');
317 $dkim->method('relaxed');
318 $dkim->domain('example.org');
319 $dkim->selector('mx1');
320 # return true value to create the signature
322 return 1;
323 };
324 Or the policy object can actually create the signature, using the
326 add_signature method within the policy object. If you add a signature,
327 you do not need to return a nonzero value. This mechanism can be
328 utilized to create multiple signatures, or to create the older
329 DomainKey-style signatures.
330 my $policyfn = sub {
332 my $dkim = shift;
333 $dkim->add_signature(
334 new Mail::DKIM::Signature(
335 Algorithm => 'rsa-sha1',
336 Method => 'relaxed',
337 Headers => $dkim->headers,
338 Domain => 'example.org',
339 Selector => 'mx1',
340 ));
341 $dkim->add_signature(
342 new Mail::DKIM::DkSignature(
343 Algorithm => 'rsa-sha1',
344 Method => 'nofws',
345 Headers => $dkim->headers,
346 Domain => 'example.org',
347 Selector => 'mx1',
348 ));
349 return;
350 };
351 If no policy is specified, the default policy is used. The default
353 policy signs every message using the domain, algorithm, method, and
354 selector specified in the new() constructor.
355
357 Mail::DKIM::SignerPolicy
358
360 Jason Long, <jlong@messiah.edu>
361
363 Copyright (C) 2006-2007 by Messiah College
364 This library is free software; you can redistribute it and/or modify it
366 under the same terms as Perl itself, either Perl version 5.8.6 or, at
367 your option, any later version of Perl 5 you may have available.
368perl v5.28.0 2018-05-27 Mail::DKIM::Signer(3)