lib/Mail/DKIM/Algorithm/Base.pm

#!/usr/bin/perl

# Copyright 2005-2007 Messiah College. All rights reserved.
# Jason Long <jlong@messiah.edu>

# Copyright (c) 2004 Anthony D. Urso. All rights reserved.
# This program is free software; you can redistribute it and/or
# modify it under the same terms as Perl itself.

use strict;
use warnings;

use Mail::DKIM::Canonicalization::nowsp;
use Mail::DKIM::Canonicalization::relaxed;
use Mail::DKIM::Canonicalization::simple;

package Mail::DKIM::Algorithm::Base;
use Carp;
use MIME::Base64;

sub new
{
	my $class = shift;
	my %args = @_;
	my $self = bless \%args, $class;
	$self->init;
	return $self;
}

sub init
{
	my $self = shift;

	croak "no signature" unless $self->{Signature};

	$self->{mode} = $self->{Signature}->signature ? "verify" : "sign";

	# allows subclasses to set the header_digest and body_digest
	# properties
	$self->init_digests;

	my ($header_method, $body_method)
		= $self->{Signature}->canonicalization;

	my $header_class = $self->get_canonicalization_class($header_method);
	my $body_class = $self->get_canonicalization_class($body_method);
	$self->{canon} = $header_class->new(
			output_digest => $self->{header_digest},
			Signature => $self->{Signature},
			Debug_Canonicalization => $self->{Debug_Canonicalization});
	$self->{body_canon} = $body_class->new(
			output_digest => $self->{body_digest},
			Signature => $self->{Signature},
			Debug_Canonicalization => $self->{Debug_Canonicalization});
}

# override this method, please...
# this method should set the "header_digest" and "body_digest" properties
sub init_digests
{
	die "not implemented";
}

# private method - DKIM-specific
sub get_canonicalization_class
{
	my $self = shift;
	croak "wrong number of arguments" unless (@_ == 1);
	my ($method) = @_;

	my $class = $method eq "nowsp" ? "Mail::DKIM::Canonicalization::nowsp" :
			$method eq "relaxed" ? "Mail::DKIM::Canonicalization::relaxed" :
			$method eq "simple" ? "Mail::DKIM::Canonicalization::simple" :
		die "unknown method $method\n";
	return $class;
}

=head1 NAME

Mail::DKIM::Algorithm::Base - base class for DKIM "algorithms"

=head1 SYNOPSIS

  my $algorithm = new Mail::DKIM::Algorithm::rsa_sha1(
                      Signature => $dkim_signature
                  );

  # add headers
  $algorithm->add_header("Subject: this is the subject\015\012");
  $algorithm->finish_header;

  # add body
  $algorithm->add_body("This is the body.\015\012");
  $algorithm->add_body("Another line of the body.\015\012");
  $algorithm->finish_body;

  # now sign or verify...
  # TODO...

=head1 CONSTRUCTOR

You should not create an object of this class directly. Instead, use one
of the DKIM algorithm implementation classes, such as rsa_sha1:

  my $algorithm = new Mail::DKIM::Algorithm::rsa_sha1(
                      Signature => $dkim_signature
                  );

=head1 METHODS

=head2 add_body() - feeds part of the body into the algorithm/canonicalization

  $algorithm->add_body("This is the body.\015\012");
  $algorithm->add_body("Another line of the body.\015\012");

The body should be fed one "line" at a time.

=cut

sub add_body
{
	my $self = shift;
	my $canon = $self->{body_canon} || $self->{canon};
	$canon->add_body(@_);
}

=head2 add_header() - feeds a header field into the algorithm/canonicalization

  $algorithm->add_header("Subject: this is the subject\015\012");

The header must start with the header field name and continue through any
folded lines (including the embedded <CRLF> sequences). It terminates with
the <CRLF> at the end of the header field.

=cut

sub add_header
{
	my $self = shift;
	$self->{canon}->add_header(@_);
}

=head2 finish_body() - signals the end of the message body

  $algorithm->finish_body

Call this method when all lines from the body have been submitted.
After calling this method, use sign() or verify() to get the results
from the algorithm.

=cut

sub finish_body
{
	my $self = shift;
	my $body_canon = $self->{body_canon} || $self->{canon};
	$body_canon->finish_body;
	$self->finish_message;
}

=head2 finish_header() - signals the end of the header field block

  $algorithm->finish_header;

Call this method when all the headers have been submitted.

=cut

sub finish_header
{
	my $self = shift;
	$self->{canon}->finish_header(@_);
}

# checks the bh= tag of the signature to see if it has the same body
# hash as computed by canonicalizing/digesting the actual message body.
# If it doesn't match, a false value is returned, and the
# verification_details property is set to "body has been altered"
sub check_body_hash
{
	my $self = shift;

	# The body_hash value is set in finish_message(), if we're operating
	# from a version of the DKIM spec that uses the bh= tag. Otherwise,
	# the signature shouldn't have a bh= tag to check.

	if ($self->{body_hash})
	{
		my $body_hash = $self->{body_hash};
		my $expected = decode_base64($self->{Signature}->body_hash);
		if ($body_hash ne $expected)
		{
			$self->{verification_details} = "body has been altered";
	#		print STDERR "I calculated  "
	#			. encode_base64($body_hash, "") . "\n";
	#		print STDERR "signature has "
	#			. encode_base64($expected, "") . "\n";
			return;
		}
	}
	return 1;
}

sub finish_message
{
	my $self = shift;

	# DKIM requires the signature itself to be committed into the digest.
	# But first, we need to set the bh= tag on the signature, then
	# "prettify" it.

	$self->{body_hash} = $self->{body_digest}->digest;
	if ($self->{mode} eq "sign")
	{
		$self->{Signature}->body_hash(
				encode_base64($self->{body_hash}, ""));
	}

	if ($self->{mode} eq "sign")
	{
		$self->{Signature}->prettify;
	}

	my $sig_line = $self->{Signature}->as_string_without_data;
	my $canonicalized = $self->{canon}->canonicalize_header($sig_line);

	$self->{canon}->output($canonicalized);
}

=head2 sign() - generates a signature using a private key

  $base64 = $algorithm->sign($private_key);

=cut

# override this method, please...
sub sign
{
	die "Not implemented";
}

=head2 signature() - get/set the signature worked on by this algorithm

  my $old_signature = $algorithm->signature;
  $algorithm->signature($new_signature);

=cut

sub signature
{
	my $self = shift;
	@_ and
		$self->{Signature} = shift;
	return $self->{Signature};
}

=head2 verify() - verifies a signature

  $result = $algorithm->verify();

Must be called after finish_body().

The result is a true/false value: true indicates the signature data
is valid, false indicates it is invalid.

For an invalid signature, details may be obtained from
$algorithm->{verification_details} or $@.

=cut

# override this method, please...
sub verify
{
	die "Not implemented";
}

1;

__END__

=head1 SEE ALSO

L<Mail::DKIM>

=head1 AUTHOR

Jason Long, E<lt>jlong@messiah.eduE<gt>

=head1 COPYRIGHT AND LICENSE

Copyright (C) 2005-2007 by Messiah College

This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.8.6 or,
at your option, any later version of Perl 5 you may have available.

=cut
	Global
`s`	Focus search bar
`?`	Bring up this help dialog
	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)
	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse
	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)