File Coverage

blib/lib/Net/AS2.pm
Criterion Covered Total %
statement 16 18 88.8
branch n/a
condition n/a
subroutine 6 6 100.0
pod n/a
total 22 24 91.6


line stmt bran cond sub pod time code
1             package Net::AS2;
2 4     4   212072 use strict;
  4         7  
  4         160  
3 4     4   18 use warnings qw(all);
  4         4  
  4         246  
4            
5             =head1 NAME
6            
7             Net::AS2 - AS2 Protocol implementation (RFC 4130) used in Electronic Data Exchange (EDI)
8            
9             =head1 SYNOPSIS
10            
11             ### Create an AS2 handler
12             my $as2 = Net::AS2->new(
13             MyId => 'alice',
14             MyKey => '...RSA KEY in PEM...',
15             MyCert => '...X509 Cert in PEM...'
16             PartnerId => 'bob', PartnerCert => '...X509 Cert in PEM...'
17             );
18            
19             ### Sending Message (Sync MDN)
20             my $mdn = $as2->send($body, Type => 'application/xml', MessageId => 'my-message-id-12345@localhost')
21            
22             ### Receiving MDN (Async MDN)
23             my $mdn = $as2->decode_mdn($headers, $body);
24            
25             ### Receiving Message and sending MDN
26             my $message = $as2->decode_message($headers, $post_body);
27            
28             if ($message->is_success) {
29             print $message->content;
30             }
31            
32             if ($message->is_mdn_async) {
33             # ASYNC MDN is expected
34            
35             # stored the state for later use
36             my $state = $message->serialized_state;
37            
38             # ...in another perl instance...
39             my $message = Net::AS2::Message->create_from_serialized_state($state);
40             $as2->send_async_mdn(
41             $message->is_success ?
42             Net::AS2::MDN->create_success($message) :
43             Net::AS2::MDN->create_from_unsuccessful_message($message),
44             'id-23456@localhost'
45             );
46             } else
47             {
48             # SYNC MDN is expected
49             my ($new_headers, $mdn_body) = $as2->prepare_sync_mdn(
50             $message->is_success ?
51             Net::AS2::MDN->create_success($message) :
52             Net::AS2::MDN->create_from_unsuccessful_message($message),
53             'id-23456@localhost'
54             );
55            
56             # ... Send headers and body ...
57             }
58            
59             =head1 DESCRIPTION
60            
61             This is a class for handling AS2 (RFC-4130) communication - sending
62             message (optionally sign and encrypt), decoding MDN. Receving message
63             and produce corresponding MDN.
64            
65             =head2 Protocol Introduction
66            
67             AS2 is a protocol that defines communication over HTTP(s), and
68             optionally using SMIME as payload container, plus a mandated
69             multipart/report machine readable Message Disposition Notification
70             response (MDN).
71            
72             When encryption and signature are used in SMIME payload (agree between
73             parties), as well as a signed MDN, the protocol offers data
74             confidentiality, data integrity/authenticity, non-repudiation of
75             origin, and non-repudiation of receipt over HTTP.
76            
77             In AS2, MDN can only be signed but not encrypted, some MIME headers
78             are also exposed in the HTTP headers when sending. Use HTTPS if this
79             is a concerns.
80            
81             Encryption and Signature are done in PKCS7/SMIME favor. The certifacate
82             are usually exchanged out of band before establishing communication.
83             The certificates could be self-signed.
84            
85             =head1 PUBLIC INTERFACE
86            
87             =cut
88            
89 4     4   1773 use Net::AS2::MDN;
  4         19  
  4         138  
90 4     4   2377 use Net::AS2::Message;
  4         9  
  4         144  
91 4     4   25 use Carp;
  4         6  
  4         232  
92 4     4   2094 use Crypt::SMIME;
  0            
  0            
93             use LWP::UserAgent;
94             use HTTP::Request;
95             use Digest::SHA1;
96             use MIME::Base64;
97             use MIME::Parser;
98             use Encode;
99             use MIME::Entity;
100             use Sys::Hostname;
101            
102             my $crlf = "\x0d\x0a";
103            
104             our $VERSION = "0.03";
105            
106             =head2 Constructor
107            
108             =over 4
109            
110             =item $as2 = Net::AS2->new(%ARGS)
111            
112             Create an AS2 handler. For preparing keys and certificates, see L
113            
114             The arguments are:
115            
116             =over 4
117            
118             =item MyId
119            
120             I
121             Your AS2 name. This will be used in the AS2-From header.
122            
123             =item PartnerId
124            
125             I
126             The AS2 name of the partner. This will be used in the AS2-To header.
127            
128             =item PartnerUrl
129            
130             I
131             The Url of partner where message would be sent to.
132            
133             =item MyKey
134            
135             I
136             Our private key in PEM format.
137             Please includes the C<-----BEGIN RSA PRIVATE KEY-----> and C<-----END RSA PRIVATE KEY-----> line.
138            
139             =item MyEncryptionKey, MySignatureKey
140            
141             I
142             Different private keys could be used for encryption and signing. L will be used if not independently supplied.
143            
144             =item MyCertificate
145            
146             I
147             Our corresponding certificate in PEM format.
148             Please includes the C<-----BEGIN CERTIFICATE-----> and C<-----END CERTIFICATE-----> line.
149            
150             =item MyEncryptionKey, MySignatureKey
151            
152             I
153             Different certificate could be used for encryption and signing. L will be used if not independently supplied.
154            
155             =item PartnerCertificate
156            
157             I
158             Partner's certificate in PEM format.
159             Please includes the C<-----BEGIN CERTIFICATE-----> and C<-----END CERTIFICATE-----> line.
160            
161             =item PartnerEncryptionCertificate, PartnerSignatureCertificate
162            
163             I
164             Different certificate could be used for encryption and signing. If so, load them here.
165             L will be used if not independently supplied.
166            
167             =item Encryption
168            
169             I
170             Encryption alogrithm used in SMIME encryption operation. Only C<3des> is supported at this moment.
171            
172             If left undefined, encryption is enabled and C<3des> would be used.
173             A false value must be specified to disable encryption.
174            
175             If enabled, encryption would also be required for receiving.
176             Otherwise, encryption would be optional for receiving.
177            
178             =item Signature
179            
180             I
181             Signing alogrithm used in SMIME signing operation. Only C is supported at this moment.
182            
183             If left undefined, signing is enabled and C would be used.
184             A false value must be specified to disable signature.
185            
186             If enabled, signature would also be required for receiving.
187             Otherwise, signature would be optional for receiving.
188            
189             Also, if enabled, signed MDN would be requested.
190            
191             =item Mdn
192            
193             I
194             The preferred MDN method - C or C. The default is C.
195            
196             =item MdnAsyncUrl
197            
198             i.
199             The Url where the parten should send the async MDN to.
200            
201             =item Timeout
202            
203             i
204             The timeout in seconds for HTTP communication. The default is 30.
205            
206             This is passed to LWP::UserAgent.
207            
208             =item UserAgent
209            
210             I
211             User Agent name used in HTTP communication.
212            
213             This is passed to LWP::UserAgent.
214            
215             =back
216            
217             =cut
218            
219             sub new
220             {
221             my ($class, %opts) = @_;
222            
223             $class = ref($class) || $class;
224             my $self = { %opts };
225             bless ($self, $class);
226            
227             $self->_validations();
228            
229             my $s_e = $self->{_smime_enc} = Crypt::SMIME->new();
230            
231             eval { $s_e->setPrivateKey($self->{MyEncryptionKey}, $self->{MyEncryptionCertificate}); };
232             croak "Unable to load private key/certificate for encryption: $@" if $@;
233            
234             eval { $s_e->setPublicKey($self->{PartnerEncryptionCertificate}); };
235             croak "Unable to load public certificate for encryption: $@" if $@;
236            
237             if (
238             $self->{MyEncryptionKey} eq $self->{MySignatureKey} &&
239             $self->{MyEncryptionCertificate} eq $self->{MySignatureCertificate} &&
240             $self->{PartnerEncryptionCertificate} eq $self->{PartnerSignatureCertificate}
241             ) {
242             $self->{_smime_sign} = $self->{_smime_enc};
243             } else
244             {
245             my $s_s = $self->{_smime_sign} = Crypt::SMIME->new();
246            
247             eval { $s_s->setPrivateKey($self->{MySignatureKey}, $self->{MySignatureCertificate}); };
248             croak "Unable to load private key/certificate for signature: $@" if $@;
249            
250             eval { $s_s->setPublicKey($self->{PartnerSignatureCertificate}); };
251             croak "Unable to load public certificate for signature: $@" if $@;
252             }
253            
254             return $self;
255             }
256            
257             sub _validations
258             {
259             my ($self) = @_;
260            
261             $self->{Encryption} = lc($self->{Encryption} // '3des');
262             croak sprintf("encryption %s is not supported", $self->{Encryption})
263             unless !$self->{Encryption} || $self->{Encryption} ~~ ['3des'];
264            
265             $self->{Signature} = lc($self->{Signature} // 'sha1');
266             croak sprintf("signature %s is not supported", $self->{Signature})
267             unless !$self->{Signature} || $self->{Signature} ~~ ['sha1'];
268            
269             $self->{MyEncryptionKey} //= $self->{MyKey};
270             $self->{MyEncryptionCertificate} //= $self->{MyCertificate};
271             $self->{MySignatureKey} //= $self->{MyKey};
272             $self->{MySignatureCertificate} //= $self->{MyCertificate};
273             $self->{PartnerEncryptionCertificate} //= $self->{PartnerCertificate};
274             $self->{PartnerSignatureCertificate} //= $self->{PartnerCertificate};
275             delete $self->{MyKey};
276             delete $self->{MyCertificate};
277             delete $self->{PartnerCertificate};
278            
279             foreach my $t (qw(
280             MyId
281             MyEncryptionKey MyEncryptionCertificate
282             MySignatureKey MySignatureCertificate
283             PartnerId
284             PartnerEncryptionCertificate PartnerSignatureCertificate
285             ))
286             {
287             croak "$t is not valid"
288             unless defined $self->{$t} && $self->{$t} =~ /^[\r\n\x20-\x7E]+$/;
289             }
290             croak "PartnerUrl is invalid"
291             unless defined $self->{PartnerUrl} && $self->{PartnerUrl} =~ m{^https?://[\x20-\x7E]+$};
292            
293             $self->{Mdn} = lc($self->{Mdn} // 'sync');
294             croak sprintf("mdn %s is not supported", $self->{Mdn})
295             unless lc($self->{Mdn}) ~~ [qw(sync async)];
296            
297             croak "mdn_async_url is invalid"
298             unless
299             !defined $self->{MdnAsyncUrl} && $self->{Mdn} eq 'sync' ||
300             defined $self->{MdnAsyncUrl} && $self->{MdnAsyncUrl} =~ m{^https?://[\x20-\x7E]+$} &&
301             $self->{Mdn} eq 'async';
302            
303             $self->{Timeout} //= 30;
304             croak "timeout is invalid"
305             unless $self->{Timeout} =~ /^[0-9]+$/;
306            
307             $self->{UserAgent} //= "Perl AS2/$VERSION";
308             }
309            
310             =back
311            
312             =head2 Methods
313            
314             =over 4
315            
316             =item $message = $as2->decode_message($headers, $content)
317            
318             Decode the incoming HTTP request as AS2 Message.
319            
320             Headers is an hash ref and should be supplied in PSGI format, or C<\%ENV> in CGI mode.
321             Content is the raw POST body of the request.
322            
323             This method always returns a C object and never dies.
324             The message could be successfully parsed, or contains corresponding error message.
325            
326             Check the C<$message-Eis_async> property and send the MDN accordingly.
327            
328             If ASYNC MDN is requested, it should be sent after this HTTP request is returned
329             or in another thread - some AS2 server might block otherwise, YMMV. How to handle
330             this is out of topic.
331            
332             =cut
333            
334             sub decode_message
335             {
336             my ($self, $headers, $content) = @_;
337             croak "headers must be an hash reference"
338             unless ref $headers eq 'HASH';
339             croak "content is undefined"
340             unless defined $content;
341            
342             my $message_id = $headers->{HTTP_MESSAGE_ID};
343             my $async_url = $headers->{HTTP_RECEIPT_DELIVERY_OPTION};
344             my @new_prefix = ($message_id, $async_url, 0);
345            
346             unless (!defined $async_url || $async_url =~ m{^https?://}) {
347             $new_prefix[1] = undef;
348             return Net::AS2::Message->create_failure_message(@new_prefix, 'Async transport other than http/https is not supported');
349             }
350            
351             if ($headers->{HTTP_DISPOSITION_NOTIFICATION_OPTIONS}) {
352             my $status = Net::AS2::Message::notification_options_check($headers->{HTTP_DISPOSITION_NOTIFICATION_OPTIONS});
353             return Net::AS2::Message->create_failure_message(@new_prefix, $status)
354             if defined $status;
355             $new_prefix[2] = 1;
356             }
357            
358             unless (
359             defined $headers->{CONTENT_TYPE} &&
360             defined $headers->{HTTP_MESSAGE_ID} &&
361             defined $headers->{HTTP_AS2_VERSION} &&
362             defined $headers->{HTTP_AS2_FROM} &&
363             defined $headers->{HTTP_AS2_TO})
364             {
365             return Net::AS2::Message->create_error_message(@new_prefix, 'unexpected-processing-error', 'Malformed AS2 Message, crucial headers are missing.');
366             }
367            
368             if (
369             _parse_as2_id($headers->{HTTP_AS2_FROM}) ne $self->{PartnerId} ||
370             _parse_as2_id($headers->{HTTP_AS2_TO}) ne $self->{MyId}
371             ) {
372             return Net::AS2::Message->create_error_message(@new_prefix, 'authentication-failed', 'AS2-From or AS2-To is not expected');
373             }
374            
375             my $is_content_raw = 1;
376            
377             my $raw_content = $content;
378             my $merged_headers =
379             join($crlf, map {
380             if (/^HTTP_/ || /^CONTENT_TYPE$/) {
381             my $key = $_;
382             $key =~ s/^HTTP_//;
383             $key =~ s/_/-/g;
384             "$key: ". $headers->{$_};
385             } else { (); }
386             } keys %{$headers}) . "$crlf$crlf";
387            
388             if ($self->{_smime_enc}->isEncrypted($merged_headers . $content))
389             {
390             # OpenSSL (Crypt::SMIME) in Windows cannot handle binary content,
391             # convert the data to base64
392             $content =
393             "Content-Transfer-Encoding: base64$crlf" .
394             $merged_headers .
395             encode_base64($content);
396             $is_content_raw = 0;
397            
398             $content = eval { $self->{_smime_enc}->decrypt($content); };
399             return Net::AS2::Message->create_error_message(@new_prefix,
400             'decryption-failed', 'Unable to decrypt the message')
401             if $@;
402             } else {
403             return Net::AS2::Message->create_error_message(@new_prefix,
404             'insufficient-message-security', 'Encryption is expected but the message is not encrypted')
405             if $self->{Encryption};
406             }
407            
408             if ($self->{_smime_sign}->isSigned($is_content_raw ? $merged_headers . $content : $content))
409             {
410             if ($is_content_raw) {
411             $content =
412             $merged_headers .
413             $content;
414             $is_content_raw = 0;
415             }
416             $content = eval { $self->{_smime_sign}->check($content); };
417            
418             return Net::AS2::Message->create_error_message(@new_prefix,
419             'insufficient-message-security', 'Unable to verify the signature')
420             if $@;
421             } else {
422             return Net::AS2::Message->create_error_message(@new_prefix,
423             'insufficient-message-security', 'Signature is expected but the message is not signed')
424             if $self->{Signature};
425             }
426            
427             my $mic = Digest::SHA1::sha1_base64($content) . '=';
428            
429             my $parser = new MIME::Parser;
430             $parser->output_to_core(1);
431             $parser->tmp_to_core(1);
432             my $entity = $parser->parse_data($is_content_raw ? $merged_headers . $content : $content);
433             my $bh = $entity->bodyhandle;
434            
435             return Net::AS2::Message->create_failure_message(@new_prefix,
436             'unexpected-processing-error',
437             'MIME has no body (multipart message is not supported)')
438             unless defined $bh;
439            
440             $content = $bh->as_string;
441             return Net::AS2::Message->new(@new_prefix, $mic, $content);
442             }
443            
444             =item $mdn = $as2->decode_mdn($headers, $content)
445            
446             I
447             Decode the incoming HTTP request as AS2 MDN.
448            
449             Headers is an hash ref and should be supplied in PSGI format, or C<\%ENV> in CGI mode.
450             Content is the raw POST body of the request.
451            
452             This method always returns a C object and never dies.
453             The MDN could be successfully parsed, or contains unparsable error details
454             if it is malformed, or signature could not be verified.
455            
456             C<$mdn-Ematch_mic($content_mic)> should be called afterward with the
457             pre-calculated MIC from the outgoing message to verify the correctness
458             of the MIC.
459            
460             =cut
461            
462             sub decode_mdn
463             {
464             my ($self, $headers, $content) = @_;
465             croak "headers must be an hash reference"
466             unless ref $headers eq 'HASH';
467             croak "content is undefined"
468             unless defined $content;
469            
470             unless (
471             defined $headers->{CONTENT_TYPE} &&
472             defined $headers->{HTTP_MESSAGE_ID} &&
473             defined $headers->{HTTP_AS2_VERSION} &&
474             defined $headers->{HTTP_AS2_FROM} &&
475             defined $headers->{HTTP_AS2_TO})
476             {
477             return Net::AS2::MDN->create_unparsable_mdn('Malformed AS2 MDN, crucial headers are missing.')
478             }
479            
480             if (
481             _parse_as2_id($headers->{HTTP_AS2_FROM}) ne $self->{PartnerId} ||
482             _parse_as2_id($headers->{HTTP_AS2_TO}) ne $self->{MyId}
483             ) {
484             return Net::AS2::MDN->create_unparsable_mdn('AS2-From or AS2-To is not expected')
485             }
486            
487             my $merged_headers =
488             join($crlf, map {
489             if (/^HTTP_/ || /^CONTENT_TYPE$/) {
490             my $key = $_;
491             $key =~ s/^HTTP_//;
492             $key =~ s/_/-/g;
493             "$key: ". $headers->{$_};
494             } else { (); }
495             } keys %{$headers}) . "$crlf$crlf";
496            
497             $content =
498             $merged_headers .
499             $content;
500            
501             return $self->_parse_mdn($content);
502             }
503            
504             =item ($headers, $content) = $as2->prepare_sync_mdn($mdn, $message_id)
505            
506             Returns the headers and content to be sent in a HTTP response for a sync MDN.
507            
508             The MDN is usually created after an incoming message is received, with
509             Ccreate_success> or Ccreate_from_unsuccessful_message>.
510            
511             The headers are in arrayref format in PSGI response format.
512             The content is raw and ready to be sent.
513            
514             For CGI, it should be sent like this:
515            
516             my ($headers, $content) = $as2->prepare_sync_mdn($mdn, $message_id);
517            
518             my $mh = '';
519             for (my $i = 0; $i < scalar @{$headers}; $i += 2)
520             {
521             $mh .= $headers->[$i] . ': ' . $headers->[$i+1] . "\x0d\x0a";
522             }
523            
524             binmode(STDOUT);
525             print $mh . "\x0d\x0a" . $content;
526            
527             If message id not specified, a random one will be generated.
528            
529             =cut
530            
531             sub prepare_sync_mdn
532             {
533             my ($self, $mdn, $message_id) = @_;
534            
535             $mdn->recipient($self->{MyId});
536            
537             $message_id =
538             defined $message_id && $message_id =~ /@/ ? $message_id :
539             sprintf('<%s@%s>', ($message_id || time + rand()), hostname);
540             my ($headers, $payload) =
541             $self->_send_preprocess($mdn->as_mime->stringify, $message_id, undef, undef,
542             1, $mdn->should_sign);
543            
544             return ($headers, $payload);
545             }
546            
547             =item $resp = $as2->send_async_mdn($mdn, $message_id)
548            
549             Send an ASYNC MDN requested by partner. Returns a L.
550            
551             The MDN is usually created after an incoming message is received, with
552             Ccreate_success> or Ccreate_from_unsuccessful_message>.
553            
554             If message id is not specified, a random one will be generated.
555            
556             Note that the destination URL is passed by the partner in its request,
557             but not specified during construction.
558            
559             =cut
560            
561             sub send_async_mdn
562             {
563             my ($self, $mdn, $message_id) = @_;
564            
565             $mdn->recipient($self->{MyId});
566             my $target_url = $mdn->async_url;
567            
568             croak "MDN async url is not defined" unless $target_url;
569             croak "MDN async url is not valid" unless $target_url =~ m{^https?://};
570            
571             $message_id =
572             defined $message_id && $message_id =~ /@/ ? $message_id :
573             sprintf('<%s@%s>', ($message_id || time + rand()), hostname);
574             my ($headers, $payload) =
575             $self->_send_preprocess($mdn->as_mime->stringify, $message_id, $target_url, undef,
576             1, $mdn->should_sign);
577            
578             my $req = HTTP::Request->new(POST => $target_url, \@$headers);
579             $req->content($payload);
580            
581             my $ua = $self->create_useragent;
582             my $resp = $ua->request($req);
583            
584             return $resp;
585             }
586            
587            
588             =item ($mdn, $mic) = $as2->send($data, %MIMEHEADERS)
589            
590             Send a message to the partner. Returns a C object and calculated SHA-1 MIC.
591            
592             The data should be encoded (or assumed to be UTF-8 encoded).
593            
594             The mime headers should be listed in a hash.
595             It will be passed to C almost transparently with some defaults dedicated for AS2,
596             at least the following must also be supplied
597            
598             =over 4
599            
600             =item MessageId
601            
602             Message id of this request should be supplied, or a random one would be generated.
603            
604             =item Type
605            
606             Content type of the message should be supplied.
607            
608             =back
609            
610             In case of HTTP failure, the MDN object will be marked with C<$mdn-Eis_error>.
611            
612             In case ASYNC MDN is expected, the MDN object returned will most likely be marked with
613             C<$mdn-Eis_unparsable> and should be ignored. A misbehave AS2 server could returns
614             a valid MDN even if async was requested - in this case the C<$mdn-Eis_success> would
615             be true.
616            
617             =cut
618            
619             sub send
620             {
621             my ($self, $data, %opts) = @_;
622            
623             croak "data is not defined"
624             unless defined $data;
625            
626             $data = utf8::is_utf8($data) ? encode("utf8", $data) : $data;
627             my $mic;
628             $mic = Digest::SHA1::sha1_base64($data) . '='
629             unless $self->{Signature} || $self->{Encryption};
630            
631             my $message_id = $opts{MessageId} // '';
632             $message_id =
633             $message_id =~ /@/ ? $message_id :
634             sprintf('<%s@%s>', ($message_id || time + rand()), hostname);
635            
636             $opts{Encoding} = 'base64';
637             $opts{Disposition} //= 'attachment';
638             $opts{Subject} //= 'AS2 Message';
639             $opts{'X-Mailer'} = undef;
640            
641             my $mime = new MIME::Entity->build(Data => $data, %opts);
642             return $self->_send($mime->stringify, $message_id, $mic);
643             }
644            
645             sub _send_preprocess
646             {
647             my ($self, $data, $message_id, $target_url, $pre_mic, $is_mdn, $should_mdn_signed) = @_;
648            
649             $data =~ s/(?:$crlf|\n)/$crlf/g;
650             my $mic = $is_mdn ? undef : ($pre_mic // Digest::SHA1::sha1_base64($data) . '=');
651            
652             if ($is_mdn && $should_mdn_signed || !$is_mdn && $self->{Signature}) {
653             $data = $self->{_smime_sign}->sign($data);
654             }
655             if ($self->{Encryption} && !$is_mdn) {
656             $data = $self->{_smime_enc}->encrypt($data);
657             }
658            
659             my ($header, $payload) = $data =~ /^(.*?)$crlf$crlf(.*)$/s;
660            
661             $header =~ //;
662            
663             my @header;
664             my ($prev_head, $prev_value);
665             my $is_base64 = 0;
666             foreach my $line (split(/$crlf/, $header))
667             {
668             if ($line =~ m/^([^:]+):\s*(.*)/) {
669             my ($key, $value) = ($1, $2);
670             push @header, ($prev_head => $prev_value)
671             if defined $prev_head;
672             if (lc($key) eq 'content-type') {
673             $value =~ s{application/x-pkcs7}{application/pkcs7};
674             } elsif (lc($key) eq 'content-transfer-encoding') {
675             $is_base64 = 1 if lc($value) eq 'base64';
676             $key = undef;
677             }
678             $prev_head = $key;
679             $prev_value = $value;
680             } elsif (defined $prev_head) {
681             $prev_value .= " $line";
682             }
683             }
684             push @header, ($prev_head => $prev_value)
685             if defined $prev_head;
686            
687             push @header, (
688             defined $target_url ? ('Recipient-Address' => $target_url) : (),
689             'Message-Id' => $message_id,
690             'AS2-Version' => '1.0',
691             'AS2-From' => _encode_as2_id($self->{MyId}), 'AS2-To' => _encode_as2_id($self->{PartnerId}),
692             $is_mdn ? () : (
693             'Disposition-notification-To' => 'example@example.com',
694             ($self->{Signature} ? (
695             'Disposition-Notification-Options' => 'signed-receipt-protocol=required, pkcs7-signature; signed-receipt-micalg=required, sha1'
696             ) : ()),
697             ($self->{MdnAsyncUrl} ? (
698             'Receipt-Delivery-Option' => $self->{MdnAsyncUrl}
699             ) : ())
700             ),
701             );
702             $payload = decode_base64($payload)
703             if $is_base64;
704             return (\@header, $payload, $mic);
705             }
706            
707             =back
708            
709             =head2 Test Hooks
710            
711             =over 4
712            
713             =item $as2->create_useragent()
714            
715             This should return a C usable for handling HTTP request.
716            
717             This allows test code to monitor the HTTP request sending out.
718            
719             =cut
720            
721             sub create_useragent
722             {
723             my $self = shift;
724             my $ua = new LWP::UserAgent(timeout => $self->{Timeout}, agent => $self->{UserAgent});
725             return $ua;
726             }
727            
728             sub _send
729             {
730             my ($self, $data, $message_id, $pre_mic) = @_;
731            
732             my $target_url = $self->{PartnerUrl};
733             my ($headers, $payload, $mic) =
734             $self->_send_preprocess($data, $message_id, $target_url, $pre_mic);
735            
736             my $req = HTTP::Request->new(POST => $target_url, \@$headers);
737             $req->content($payload);
738            
739             my $test = $req->as_string;
740            
741             my $ua = $self->create_useragent;
742             my $resp = $ua->request($req);
743            
744             my $mdn;
745             if ($resp->is_success)
746             {
747             my $content = $resp->as_string;
748             # Remove the status line
749             $content =~ s{^.*?\r?\n}{};
750             $mdn = $self->_parse_mdn($content);
751             $mdn->match_mic($mic, 'sha1');
752            
753             } else {
754             $mdn =
755             Net::AS2::MDN->create_error_mdn(sprintf('HTTP failure: %s', $resp->status_line));
756             }
757             return wantarray ? ($mdn, $mic) : $mdn;
758             }
759            
760             sub _parse_mdn
761             {
762             my ($self, $content) = @_;
763            
764             if ($self->{_smime_sign}->isSigned($content))
765             {
766             # OpenSSL (Crypt::SMIME) in Windows cannot handle binary content,
767             # convert signature part to base64
768             $content = _pkcs7_base64($content);
769             $content = eval { $self->{_smime_sign}->check($content); };
770             return Net::AS2::MDN->create_unparsable_mdn('MDN signature failed verification: ' . $@)
771             if $@;
772             } else {
773             return Net::AS2::MDN->create_unparsable_mdn('MDN is not signed')
774             if $self->{Signature};
775             }
776             return Net::AS2::MDN->parse_mdn($content);
777             }
778            
779            
780             sub _parse_as2_id {
781             my $as2_id = shift;
782             $as2_id =~ /^ (?: ([!\x23-\x5B\x5D-\x7E]+) | "((?:\\\\|\\"|[!\x23-\x5B\x5D-\x7E ])+)" ) $/x;
783             if (defined $1) {
784             return $1;
785             } elsif (defined $2) {
786             $as2_id = $2;
787             $as2_id =~ s/\\(\\|")/$1/g;
788             return $as2_id;
789             }
790             return undef;
791             }
792            
793             sub _encode_as2_id {
794             my $as2_id = shift;
795             if ($as2_id =~ s/(\\|")/\\$1/g || $as2_id =~ / /) {
796             return qq{"$as2_id"};
797             } else {
798             return $as2_id;
799             }
800             }
801            
802             sub _pkcs7_base64
803             {
804             my ($content) = @_;
805             my $parser = new MIME::Parser;
806            
807             $parser->output_to_core(1);
808             $parser->tmp_to_core(1);
809             my $entity = $parser->parse_data($content);
810            
811             if ($entity->parts == 2)
812             {
813             my $p = $entity->parts(1);
814             if (defined $p && $p->head &&
815             $p->head->get('Content-type') =~ m{^application/(x-)?pkcs7-signature($|;)} &&
816             ($p->head->get('Content-transfer-encoding') // '') ne 'base64'
817             ) {
818             $p->head->replace('Content-transfer-encoding', 'base64');
819             return $entity->stringify;
820             }
821             }
822            
823             return $content;
824             }
825            
826             1;
827            
828             =back
829            
830             =head1 BUGS
831            
832             =over 4
833            
834             =item *
835            
836             A bug in L will caused test to fail - specifically failed to add public key after decryption failure.
837             I applied the fixes and fork it to L.
838            
839             =back
840            
841             =head1 SEE ALSO
842            
843             L, L, L, L
844            
845             Source code is maintained here at L. Patches are welcome.
846            
847             =head1 COPYRIGHT AND LICENSE
848            
849             This software is copyright (c) 2012 by Sam Wong.
850            
851             This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.
852            
853             =head1 DISCLAIMER OF WARRANTY
854            
855             This module is not certificated by any AS2 body. This module generates MDN on behave of you.
856             When using this module, you must have reviewed and responsible for all the actions and in-actions caused by this module.
857            
858             More legal jargon follows:
859            
860             BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.
861            
862             IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
863            
864