dwww Home | Manual pages | Find package

Mail::DKIM::Signature(User Contributed Perl DocumentMail::DKIM::Signature(3pm)

NAME
       Mail::DKIM::Signature - represents a DKIM-Signature header

VERSION
       version 1.20200907

CONSTRUCTORS
   new() - create a new signature from parameters
         my $signature = Mail::DKIM::Signature->new(
                             [ Algorithm => 'rsa-sha1', ]
                             [ Signature => $base64, ]
                             [ Method => 'relaxed', ]
                             [ Domain => 'example.org', ]
                             [ Identity => 'user@example.org', ]
                             [ Headers => 'from:subject:date:message-id', ]
                             [ Query => 'dns', ]
                             [ Selector => 'alpha', ]
                             [ Timestamp => time(), ]
                             [ Expiration => time() + 86400, ]
                         );

   parse() - create a new signature from a DKIM-Signature header
         my $sig = Mail::DKIM::Signature->parse(
                         'DKIM-Signature: a=rsa-sha1; b=yluiJ7+0=; c=relaxed'
                   );

       Constructs a signature by parsing the provided DKIM-Signature header
       content. You do not have to include the header name (i.e. "DKIM-
       Signature:") but it is recommended, so the header name can be preserved
       and returned the same way in as_string().

       Note: The input to this constructor is in the same format as the output
       of the as_string method.

METHODS
   algorithm() - get or set the algorithm (a=) field
       The algorithm used to generate the signature. Should be either
       "rsa-sha1", an RSA-signed SHA-1 digest, or "rsa-sha256", an RSA-signed
       SHA-256 digest.

       See also hash_algorithm().

   as_string() - the signature header as a string
         print $signature->as_string . "\n";

       outputs

         DKIM-Signature: a=rsa-sha1; b=yluiJ7+0=; c=relaxed

       As shown in the example, the as_string method can be used to generate
       the DKIM-Signature that gets prepended to a signed message.

   as_string_without_data() - signature without the signature data
         print $signature->as_string_without_data . "\n";

       outputs

         DKIM-Signature: a=rsa-sha1; b=; c=relaxed

       This is similar to the as_string() method, but it always excludes the
       "data" part. This is used by the DKIM canonicalization methods, which
       require incorporating this part of the signature into the signed
       message.

   body_count() - get or set the body count (l=) field
         my $i = $signature->body_count;

       Informs the verifier of the number of bytes in the body of the email
       included in the cryptographic hash, starting from 0 immediately
       following the CRLF preceding the body. Also known as the l= tag.

       When creating a signature, this tag may be either omitted, or set after
       the selected canonicalization system has received the entire message
       body (but before it canonicalizes the DKIM-Signature).

   body_hash() - get or set the body hash (bh=) field
         my $bh = $signature->body_hash;

       The hash of the body part of the message. Whitespace is ignored in this
       value. This tag is required.

       When accessing this value, whitespace is stripped from the tag for you.

   canonicalization() - get or set the canonicalization (c=) field
         $signature->canonicalization('relaxed', 'simple');

         ($header, $body) = $signature->canonicalization;

       Message canonicalization (default is "simple/simple"). This informs the
       verifier of the type of canonicalization used to prepare the message
       for signing.

       In scalar context, this returns header/body canonicalization as a
       single string separated by /. In list context, it returns a two element
       array, containing first the header canonicalization, then the body.

   data() - get or set the signature data (b=) field
         my $base64 = $signature->data;
         $signature->data($base64);

       The signature data. Whitespace is automatically stripped from the
       returned value. The data is Base64-encoded.

   domain() - get or set the domain (d=) field
         my $d = $signature->domain;          # gets the domain value
         $signature->domain('example.org');   # sets the domain value

       The domain of the signing entity, as specified in the signature.  This
       is the domain that will be queried for the public key.

       If using an "internationalized domain name", the domain name must be
       converted to ASCII (following section 4.1 of RFC 3490) before passing
       it to this method.

   expiration() - get or set the signature expiration (x=) field
       Signature expiration (default is undef, meaning no expiration).  The
       signature expiration, if defined, is an unsigned integer identifying
       the standard Unix seconds-since-1970 time when the signature will
       expire.

   get_public_key() - fetches the public key referenced by this signature
         my $pubkey = $signature->get_public_key;

       Public key to fetch is determined by the protocol, selector, and domain
       fields.

       This method caches the result of the fetch, so subsequent calls will
       not require additional DNS queries.

       This method will "die" if an error occurs.

   get_tag() - access the raw value of a tag in this signature
         my $raw_identity = $signature->get_tag('i');

       Use this method to access a tag not already supported by Mail::DKIM, or
       if you want to bypass decoding of the value by Mail::DKIM.

       For example, the raw i= (identity) tag is encoded in quoted-printable
       form. If you use the identity() method, Mail::DKIM will decode from
       quoted-printable before returning the value. But if you use
       get_tag('i'), you can access the encoded quoted-printable form of the
       value.

   hash_algorithm() - access the hash algorithm specified in this signature
         my $hash = $signature->hash_algorithm;

       Determines what hashing algorithm is used as part of the signature's
       specified algorithm.

       For algorithm "rsa-sha1", the hash algorithm is "sha1". Likewise, for
       algorithm "rsa-sha256", the hash algorithm is "sha256". If the
       algorithm is not recognized, undef is returned.

   headerlist() - get or set the signed header fields (h=) field
         $signature->headerlist('a:b:c');

         my $headerlist = $signature->headerlist;

         my @headers = $signature->headerlist;

       Signed header fields. A colon-separated list of header field names that
       identify the header fields presented to the signing algorithm.

       In scalar context, the list of header field names will be returned as a
       single string, with the names joined together with colons.  In list
       context, the header field names will be returned as a list.

   identity() - get or set the signing identity (i=) field
         my $i = $signature->identity;

       Identity of the user or agent on behalf of which this message is
       signed.  The identity has an optional local part, followed by "@", then
       a domain name. The domain name should be the same as or a subdomain of
       the domain returned by the "domain" method.

       Ideally, the identity should match the identity listed in the From:
       header, or the Sender: header, but this is not required to have a valid
       signature. Whether the identity used is "authorized" to sign for the
       given message is not determined here.

       If using an "internationalized domain name", the domain name must be
       converted to ASCII (following section 4.1 of RFC 3490) before passing
       it to this method.

       Identity values are encoded in the signature in quoted-printable
       format.  Using this method will translate to/from quoted-printable as
       necessary.  If you want the raw quoted-printable version of the
       identity, use $signature->get_tag('i').

   key() - get or set the private key object
         my $key = $signature->key;

         $signature->key(Mail::DKIM::PrivateKey->load(File => 'private.key'));

       The private key is used for signing messages.  It is not used for
       verifying messages.

       The key object can be any object that implements the sign_digest()
       method.  (Providing your own object can be useful if your actual keys
       are stored out-of-process.)

   method() - get or set the canonicalization (c=) field
       Message canonicalization (default is "simple"). This informs the
       verifier of the type of canonicalization used to prepare the message
       for signing.

   protocol() - get or set the query methods (q=) field
       A colon-separated list of query methods used to retrieve the public key
       (default is "dns"). Each query method is of the form "type[/options]",
       where the syntax and semantics of the options depends on the type.

   result() - get or set the verification result
         my $result = $signature->result;

         $signature->result('pass');

         # to set the result with details
         $signature->result('invalid', 'no public key');

   result_detail() - access the result, plus details if available
         my $detail = $signature->result_detail;

       An explanation of possible detail messages can be found in the
       documentation for "result_detail()" in Mail::DKIM::Verifier.

   selector() - get or set the selector (s=) field
       The selector subdivides the namespace for the "d=" (domain) tag.

   prettify() - alters the signature to look "nicer" as an email header
         $signature->prettify;

       This method may alter the signature in a way that breaks signatures, so
       it should be done ONLY when the signature is being generated, BEFORE
       being fed to the canonicalization algorithm.

       See also prettify_safe(), which will not break signatures.

   prettify_safe() - same as prettify() but only touches the b= part
         $signature->prettify_safe;

       This method will not break the signature, but it only affects the b=
       part of the signature.

   timestamp() - get or set the signature timestamp (t=) field
       Signature timestamp (default is undef, meaning unknown creation time).
       This is the time that the signature was created. The value is an
       unsigned integer identifying the number of standard Unix
       seconds-since-1970.

   version() - get or set the DKIM specification version (v=) field
       This is the version of the DKIM specification that applies to this
       signature record.

SEE ALSO
       Mail::DKIM::DkSignature for DomainKey-Signature headers

AUTHORS
       •   Jason Long <jason@long.name>

       •   Marc Bradshaw <marc@marcbradshaw.net>

       •   Bron Gondwana <brong@fastmailteam.com> (ARC)

THANKS
       Work on ensuring that this module passes the ARC test suite was
       generously sponsored by Valimail (https://www.valimail.com/)

COPYRIGHT AND LICENSE
       •   Copyright (C) 2013 by Messiah College

       •   Copyright (C) 2010 by Jason Long

       •   Copyright (C) 2017 by Standcore LLC

       •   Copyright (C) 2020 by FastMail Pty Ltd

       This library is free software; you can redistribute it and/or modify it
       under the same terms as Perl itself, either Perl version 5.8.6 or, at
       your option, any later version of Perl 5 you may have available.

perl v5.30.3                      2020-09-11        Mail::DKIM::Signature(3pm)

Generated by dwww version 1.14 on Fri Jan 24 09:43:15 CET 2025.