/usr/share/perl5/Mail/DKIM/Algorithm/Base.pm is in libmail-dkim-perl 0.44-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 | #!/usr/bin/perl
# Copyright 2005-2007 Messiah College. All rights reserved.
# Jason Long <jlong@messiah.edu>
# Copyright (c) 2004 Anthony D. Urso. All rights reserved.
# This program is free software; you can redistribute it and/or
# modify it under the same terms as Perl itself.
use strict;
use warnings;
use Mail::DKIM::Canonicalization::nowsp;
use Mail::DKIM::Canonicalization::relaxed;
use Mail::DKIM::Canonicalization::simple;
use Mail::DKIM::Canonicalization::seal;
package Mail::DKIM::Algorithm::Base;
use Carp;
use MIME::Base64;
sub new
{
my $class = shift;
my %args = @_;
my $self = bless \%args, $class;
$self->init;
return $self;
}
sub init
{
my $self = shift;
croak "no signature" unless $self->{Signature};
$self->{mode} = $self->{Signature}->signature ? "verify" : "sign";
# allows subclasses to set the header_digest and body_digest
# properties
$self->init_digests;
my ($header_method, $body_method)
= $self->{Signature}->canonicalization;
my $header_class = $self->get_canonicalization_class($header_method);
my $body_class = $self->get_canonicalization_class($body_method);
$self->{canon} = $header_class->new(
output_digest => $self->{header_digest},
Signature => $self->{Signature},
Debug_Canonicalization => $self->{Debug_Canonicalization});
$self->{body_canon} = $body_class->new(
output_digest => $self->{body_digest},
Signature => $self->{Signature},
Debug_Canonicalization => $self->{Debug_Canonicalization});
}
# override this method, please...
# this method should set the "header_digest" and "body_digest" properties
sub init_digests
{
die "not implemented";
}
# private method - DKIM-specific
sub get_canonicalization_class
{
my $self = shift;
croak "wrong number of arguments" unless (@_ == 1);
my ($method) = @_;
my $class = $method eq "nowsp" ? "Mail::DKIM::Canonicalization::nowsp" :
$method eq "relaxed" ? "Mail::DKIM::Canonicalization::relaxed" :
$method eq "simple" ? "Mail::DKIM::Canonicalization::simple" :
$method eq "seal" ? "Mail::DKIM::Canonicalization::seal" :
die "unknown method $method\n";
return $class;
}
=head1 NAME
Mail::DKIM::Algorithm::Base - base class for DKIM "algorithms"
=head1 SYNOPSIS
my $algorithm = new Mail::DKIM::Algorithm::rsa_sha1(
Signature => $dkim_signature
);
# add headers
$algorithm->add_header("Subject: this is the subject\015\012");
$algorithm->finish_header;
# add body
$algorithm->add_body("This is the body.\015\012");
$algorithm->add_body("Another line of the body.\015\012");
$algorithm->finish_body;
# now sign or verify...
# TODO...
=head1 CONSTRUCTOR
You should not create an object of this class directly. Instead, use one
of the DKIM algorithm implementation classes, such as rsa_sha1:
my $algorithm = new Mail::DKIM::Algorithm::rsa_sha1(
Signature => $dkim_signature
);
=head1 METHODS
=head2 add_body() - feeds part of the body into the algorithm/canonicalization
$algorithm->add_body("This is the body.\015\012");
$algorithm->add_body("Another line of the body.\015\012");
The body should be fed one "line" at a time.
=cut
sub add_body
{
my $self = shift;
my $canon = $self->{body_canon} || $self->{canon};
$canon->add_body(@_);
}
=head2 add_header() - feeds a header field into the algorithm/canonicalization
$algorithm->add_header("Subject: this is the subject\015\012");
The header must start with the header field name and continue through any
folded lines (including the embedded <CRLF> sequences). It terminates with
the <CRLF> at the end of the header field.
=cut
sub add_header
{
my $self = shift;
$self->{canon}->add_header(@_);
}
=head2 finish_body() - signals the end of the message body
$algorithm->finish_body
Call this method when all lines from the body have been submitted.
After calling this method, use sign() or verify() to get the results
from the algorithm.
=cut
sub finish_body
{
my $self = shift;
my $body_canon = $self->{body_canon} || $self->{canon};
$body_canon->finish_body;
$self->finish_message;
}
=head2 finish_header() - signals the end of the header field block
$algorithm->finish_header;
Call this method when all the headers have been submitted.
=cut
sub finish_header
{
my $self = shift;
$self->{canon}->finish_header(@_);
}
# checks the bh= tag of the signature to see if it has the same body
# hash as computed by canonicalizing/digesting the actual message body.
# If it doesn't match, a false value is returned, and the
# verification_details property is set to "body has been altered"
sub check_body_hash
{
my $self = shift;
# The body_hash value is set in finish_message(), if we're operating
# from a version of the DKIM spec that uses the bh= tag. Otherwise,
# the signature shouldn't have a bh= tag to check.
my $sighash = $self->{Signature}->body_hash();
if ($self->{body_hash} and $sighash)
{
my $body_hash = $self->{body_hash};
my $expected = decode_base64($sighash);
if ($body_hash ne $expected)
{
$self->{verification_details} = "body has been altered";
# print STDERR "I calculated "
# . encode_base64($body_hash, "") . "\n";
# print STDERR "signature has "
# . encode_base64($expected, "") . "\n";
return;
}
}
return 1;
}
sub finish_message
{
my $self = shift;
# DKIM requires the signature itself to be committed into the digest.
# But first, we need to set the bh= tag on the signature, then
# "prettify" it.
$self->{body_hash} = $self->{body_digest}->digest;
if ($self->{mode} eq "sign")
{
$self->{Signature}->body_hash(
encode_base64($self->{body_hash}, ""));
}
if ($self->{mode} eq "sign")
{
$self->{Signature}->prettify;
}
my $sig_line = $self->{Signature}->as_string_without_data;
my $canonicalized = $self->{canon}->canonicalize_header($sig_line);
$self->{canon}->output($canonicalized);
}
=head2 sign() - generates a signature using a private key
$base64 = $algorithm->sign($private_key);
=cut
# override this method, please...
sub sign
{
die "Not implemented";
}
=head2 signature() - get/set the signature worked on by this algorithm
my $old_signature = $algorithm->signature;
$algorithm->signature($new_signature);
=cut
sub signature
{
my $self = shift;
@_ and
$self->{Signature} = shift;
return $self->{Signature};
}
=head2 verify() - verifies a signature
$result = $algorithm->verify();
Must be called after finish_body().
The result is a true/false value: true indicates the signature data
is valid, false indicates it is invalid.
For an invalid signature, details may be obtained from
$algorithm->{verification_details} or $@.
=cut
# override this method, please...
sub verify
{
die "Not implemented";
}
1;
__END__
=head1 SEE ALSO
L<Mail::DKIM>
=head1 AUTHOR
Jason Long, E<lt>jlong@messiah.eduE<gt>
=head1 COPYRIGHT AND LICENSE
Copyright (C) 2005-2007 by Messiah College
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.8.6 or,
at your option, any later version of Perl 5 you may have available.
=cut
|