Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
Mail::DKIM::Signature(User Contributed Perl DocumentatMail::DKIM::Signature(3)

       Mail::DKIM::Signature - represents a DKIM-Signature header

   new() - create a new	signature from parameters
	 my $signature = Mail::DKIM::Signature->new(
			     [ Algorithm => 'rsa-sha1',	]
			     [ Signature => $base64, ]
			     [ Method => 'relaxed', ]
			     [ Domain => '',	]
			     [ Identity	=> '', ]
			     [ Headers => 'from:subject:date:message-id', ]
			     [ Query =>	'dns', ]
			     [ Selector	=> 'alpha', ]
			     [ Timestamp => time(), ]
			     [ Expiration => time() + 86400, ]

   parse() - create a new signature from a DKIM-Signature header
	 my $sig = Mail::DKIM::Signature->parse(
			 'DKIM-Signature: a=rsa-sha1; b=yluiJ7+0=; c=relaxed'

       Constructs a signature by parsing the provided DKIM-Signature header
       content.	You do not have	to include the header name (i.e. "DKIM-
       Signature:") but	it is recommended, so the header name can be preserved
       and returned the	same way in as_string().

       Note: The input to this constructor is in the same format as the	output
       of the as_string	method.

   algorithm() - get or	set the	algorithm (a=) field
       The algorithm used to generate the signature. Should be either
       "rsa-sha1", an RSA-signed SHA-1 digest, or "rsa-sha256",	an RSA-signed
       SHA-256 digest.

       See also	hash_algorithm().

   as_string() - the signature header as a string
	 print $signature->as_string . "\n";


	 DKIM-Signature: a=rsa-sha1; b=yluiJ7+0=; c=relaxed

       As shown	in the example,	the as_string method can be used to generate
       the DKIM-Signature that gets prepended to a signed message.

   as_string_without_data() - signature	without	the signature data
	 print $signature->as_string_without_data . "\n";


	 DKIM-Signature: a=rsa-sha1; b=; c=relaxed

       This is similar to the as_string() method, but it always	excludes the
       "data" part. This is used by the	DKIM canonicalization methods, which
       require incorporating this part of the signature	into the signed

   body_count()	- get or set the body count (l=) field
	 my $i = $signature->body_count;

       Informs the verifier of the number of bytes in the body of the email
       included	in the cryptographic hash, starting from 0 immediately
       following the CRLF preceding the	body. Also known as the	l= tag.

       When creating a signature, this tag may be either omitted, or set after
       the selected canonicalization system has	received the entire message
       body (but before	it canonicalizes the DKIM-Signature).

   body_hash() - get or	set the	body hash (bh=)	field
	 my $bh	= $signature->body_hash;

       The hash	of the body part of the	message. Whitespace is ignored in this
       value. This tag is required.

       When accessing this value, whitespace is	stripped from the tag for you.

   canonicalization() -	get or set the canonicalization	(c=) field
	 $signature->canonicalization('relaxed', 'simple');

	 ($header, $body) = $signature->canonicalization;

       Message canonicalization	(default is "simple/simple"). This informs the
       verifier	of the type of canonicalization	used to	prepare	the message
       for signing.

       In scalar context, this returns header/body canonicalization as a
       single string separated by /. In	list context, it returns a two element
       array, containing first the header canonicalization, then the body.

   data() - get	or set the signature data (b=) field
	 my $base64 = $signature->data;

       The signature data. Whitespace is automatically stripped	from the
       returned	value. The data	is Base64-encoded.

   domain() - get or set the domain (d=) field
	 my $d = $signature->domain;	      #	gets the domain	value
	 $signature->domain('');   #	sets the domain	value

       The domain of the signing entity, as specified in the signature.	 This
       is the domain that will be queried for the public key.

       If using	an "internationalized domain name", the	domain name must be
       converted to ASCII (following section 4.1 of RFC	3490) before passing
       it to this method.

   expiration()	- get or set the signature expiration (x=) field
       Signature expiration (default is	undef, meaning no expiration).	The
       signature expiration, if	defined, is an unsigned	integer	identifying
       the standard Unix seconds-since-1970 time when the signature will

   get_public_key() - fetches the public key referenced	by this	signature
	 my $pubkey = $signature->get_public_key;

       Public key to fetch is determined by the	protocol, selector, and	domain

       This method caches the result of	the fetch, so subsequent calls will
       not require additional DNS queries.

       This method will	"die" if an error occurs.

   get_tag() - access the raw value of a tag in	this signature
	 my $raw_identity = $signature->get_tag('i');

       Use this	method to access a tag not already supported by	Mail::DKIM, or
       if you want to bypass decoding of the value by Mail::DKIM.

       For example, the	raw i= (identity) tag is encoded in quoted-printable
       form. If	you use	the identity() method, Mail::DKIM will decode from
       quoted-printable	before returning the value. But	if you use
       get_tag('i'), you can access the	encoded	quoted-printable form of the

   hash_algorithm() - access the hash algorithm	specified in this signature
	 my $hash = $signature->hash_algorithm;

       Determines what hashing algorithm is used as part of the	signature's
       specified algorithm.

       For algorithm "rsa-sha1", the hash algorithm is "sha1". Likewise, for
       algorithm "rsa-sha256", the hash	algorithm is "sha256". If the
       algorithm is not	recognized, undef is returned.

   headerlist()	- get or set the signed	header fields (h=) field

	 my $headerlist	= $signature->headerlist;

	 my @headers = $signature->headerlist;

       Signed header fields. A colon-separated list of header field names that
       identify	the header fields presented to the signing algorithm.

       In scalar context, the list of header field names will be returned as a
       single string, with the names joined together with colons.  In list
       context,	the header field names will be returned	as a list.

   identity() -	get or set the signing identity	(i=) field
	 my $i = $signature->identity;

       Identity	of the user or agent on	behalf of which	this message is
       signed.	The identity has an optional local part, followed by "@", then
       a domain	name. The domain name should be	the same as or a subdomain of
       the domain returned by the "domain" method.

       Ideally,	the identity should match the identity listed in the From:
       header, or the Sender: header, but this is not required to have a valid
       signature. Whether the identity used is "authorized" to sign for	the
       given message is	not determined here.

       If using	an "internationalized domain name", the	domain name must be
       converted to ASCII (following section 4.1 of RFC	3490) before passing
       it to this method.

       Identity	values are encoded in the signature in quoted-printable
       format.	Using this method will translate to/from quoted-printable as
       necessary.  If you want the raw quoted-printable	version	of the
       identity, use $signature->get_tag('i').

   key() - get or set the private key object
	 my $key = $signature->key;

	 $signature->key(Mail::DKIM::PrivateKey->load(File => 'private.key'));

       The private key is used for signing messages.  It is not	used for
       verifying messages.

       The key object can be any object	that implements	the sign_digest()
       method.	(Providing your	own object can be useful if your actual	keys
       are stored out-of-process.)

   method() - get or set the canonicalization (c=) field
       Message canonicalization	(default is "simple"). This informs the
       verifier	of the type of canonicalization	used to	prepare	the message
       for signing.

   protocol() -	get or set the query methods (q=) field
       A colon-separated list of query methods used to retrieve	the public key
       (default	is "dns"). Each	query method is	of the form "type[/options]",
       where the syntax	and semantics of the options depends on	the type.

   result() - get or set the verification result
	 my $result = $signature->result;


	 # to set the result with details
	 $signature->result('invalid', 'no public key');

   result_detail() - access the	result,	plus details if	available
	 my $detail = $signature->result_detail;

       An explanation of possible detail messages can be found in the
       documentation for "result_detail()" in Mail::DKIM::Verifier.

   selector() -	get or set the selector	(s=) field
       The selector subdivides the namespace for the "d=" (domain) tag.

   prettify() -	alters the signature to	look "nicer" as	an email header

       This method may alter the signature in a	way that breaks	signatures, so
       it should be done ONLY when the signature is being generated, BEFORE
       being fed to the	canonicalization algorithm.

       See also	prettify_safe(), which will not	break signatures.

   prettify_safe() - same as prettify()	but only touches the b=	part

       This method will	not break the signature, but it	only affects the b=
       part of the signature.

   timestamp() - get or	set the	signature timestamp (t=) field
       Signature timestamp (default is undef, meaning unknown creation time).
       This is the time	that the signature was created.	The value is an
       unsigned	integer	identifying the	number of standard Unix

   version() - get or set the DKIM specification version (v=) field
       This is the version of the DKIM specification that applies to this
       signature record.

       Mail::DKIM::DkSignature for DomainKey-Signature headers

       Jason Long, <>

       Copyright (C) 2006-2007 by Messiah College

       This library is free software; you can redistribute it and/or modify it
       under the same terms as Perl itself, either Perl	version	5.8.6 or, at
       your option, any	later version of Perl 5	you may	have available.

perl v5.32.0			  2018-10-13	      Mail::DKIM::Signature(3)


Want to link to this manual page? Use this URL:

home | help