NAME

Net::AS2 - AS2 Protocol implementation (RFC 4130) used in Electronic Data Exchange (EDI)

SYNOPSIS

### Create an AS2 handler
my $as2 = Net::AS2->new(
        MyId => 'alice', 
        MyKey => '...RSA KEY in PEM...', 
        MyCert => '...X509 Cert in PEM...'
        PartnerId => 'bob', PartnerCert => '...X509 Cert in PEM...'
    );

### Sending Message (Sync MDN)
my $mdn = $as2->send($body, Type => 'application/xml', MessageId => 'my-message-id-12345@localhost')

### Receiving MDN (Async MDN)
my $mdn = $as2->decode_mdn($headers, $body);

### Receiving Message and sending MDN
my $message = $as2->decode_message($headers, $post_body);

if ($message->is_success) {
    print $message->content;
}

if ($message->is_mdn_async) {
    # ASYNC MDN is expected

    # stored the state for later use
    my $state = $message->serialized_state;

    # ...in another perl instance...
    my $message = Net::AS2::Message->create_from_serialized_state($state);
    $as2->send_async_mdn(
            $message->is_success ?
                Net::AS2::MDN->create_success($message) :
                Net::AS2::MDN->create_from_unsuccessful_message($message),
            'id-23456@localhost'
        );
} else 
{
    # SYNC MDN is expected
    my ($new_headers, $mdn_body) = $as2->prepare_sync_mdn(
            $message->is_success ?
                Net::AS2::MDN->create_success($message) :
                Net::AS2::MDN->create_from_unsuccessful_message($message),
            'id-23456@localhost'
        );

    # ... Send headers and body ...
}

DESCRIPTION

This is a class for handling AS2 (RFC-4130) communication - sending message (optionally sign and encrypt), decoding MDN. Receving message and produce corresponding MDN.

Protocol Introduction

AS2 is a protocol that defines communication over HTTP(s), and optionally using SMIME as payload container, plus a mandated multipart/report machine readable Message Disposition Notification response (MDN).

When encryption and signature are used in SMIME payload (agree between parties), as well as a signed MDN, the protocol offers data confidentiality, data integrity/authenticity, non-repudiation of origin, and non-repudiation of receipt over HTTP.

In AS2, MDN can only be signed but not encrypted, some MIME headers are also exposed in the HTTP headers when sending. Use HTTPS if this is a concerns.

Encryption and Signature are done in PKCS7/SMIME favor. The certifacate are usually exchanged out of band before establishing communication. The certificates could be self-signed.

PUBLIC INTERFACE

Constructor

$as2 = Net::AS2->new(%ARGS)

Create an AS2 handler. For preparing keys and certificates, see Preparing Certificates

The arguments are:

MyId

Required. Your AS2 name. This will be used in the AS2-From header.

PartnerId

Required. The AS2 name of the partner. This will be used in the AS2-To header.

PartnerUrl

Required. The Url of partner where message would be sent to.

MyKey

Required. Our private key in PEM format. Please includes the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- line.

MyEncryptionKey, MySignatureKey

Optional. Different private keys could be used for encryption and signing. MyKey will be used if not independently supplied.

MyCertificate

Required. Our corresponding certificate in PEM format. Please includes the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- line.

MyEncryptionKey, MySignatureKey

Optional. Different certificate could be used for encryption and signing. MyCertificate will be used if not independently supplied.

PartnerCertificate

Required. Partner's certificate in PEM format. Please includes the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- line.

PartnerEncryptionCertificate, PartnerSignatureCertificate

Optional. Different certificate could be used for encryption and signing. If so, load them here. PartnerCertificate will be used if not independently supplied.

Encryption

Optional. Encryption alogrithm used in SMIME encryption operation. Only 3des is supported at this moment.

If left undefined, encryption is enabled and 3des would be used. A false value must be specified to disable encryption.

If enabled, encryption would also be required for receiving. Otherwise, encryption would be optional for receiving.

Signature

Optional. Signing alogrithm used in SMIME signing operation. Only sha1 is supported at this moment.

If left undefined, signing is enabled and sha1 would be used. A false value must be specified to disable signature.

If enabled, signature would also be required for receiving. Otherwise, signature would be optional for receiving.

Also, if enabled, signed MDN would be requested.

Mdn

Optional. The preferred MDN method - sync or async. The default is sync.

MdnAsyncUrl

i<Required if Mdn is async>. The Url where the parten should send the async MDN to.

Timeout

i<Optional.> The timeout in seconds for HTTP communication. The default is 30.

This is passed to LWP::UserAgent.

UserAgent

Optional. User Agent name used in HTTP communication.

This is passed to LWP::UserAgent.

Methods

$message = $as2->decode_message($headers, $content)

Decode the incoming HTTP request as AS2 Message.

Headers is an hash ref and should be supplied in PSGI format, or \%ENV in CGI mode. Content is the raw POST body of the request.

This method always returns a Net::AS2::Message object and never dies. The message could be successfully parsed, or contains corresponding error message.

Check the $message->is_async property and send the MDN accordingly.

If ASYNC MDN is requested, it should be sent after this HTTP request is returned or in another thread - some AS2 server might block otherwise, YMMV. How to handle this is out of topic.

$mdn = $as2->decode_mdn($headers, $content)

Instance method. Decode the incoming HTTP request as AS2 MDN.

Headers is an hash ref and should be supplied in PSGI format, or \%ENV in CGI mode. Content is the raw POST body of the request.

This method always returns a Net::AS2::MDN object and never dies. The MDN could be successfully parsed, or contains unparsable error details if it is malformed, or signature could not be verified.

$mdn->match_mic($content_mic) should be called afterward with the pre-calculated MIC from the outgoing message to verify the correctness of the MIC.

($headers, $content) = $as2->prepare_sync_mdn($mdn, $message_id)

Returns the headers and content to be sent in a HTTP response for a sync MDN.

The MDN is usually created after an incoming message is received, with Net::AS2::MDN->create_success or Net::AS2::MDN->create_from_unsuccessful_message.

The headers are in arrayref format in PSGI response format. The content is raw and ready to be sent.

For CGI, it should be sent like this:

my ($headers, $content) = $as2->prepare_sync_mdn($mdn, $message_id);

my $mh = '';
for (my $i = 0; $i < scalar @{$headers}; $i += 2)
{
    $mh .= $headers->[$i] . ': ' . $headers->[$i+1] . "\x0d\x0a";
}

binmode(STDOUT);
print $mh . "\x0d\x0a" . $content;    

If message id not specified, a random one will be generated.

$resp = $as2->send_async_mdn($mdn, $message_id)

Send an ASYNC MDN requested by partner. Returns a HTTP::Response.

The MDN is usually created after an incoming message is received, with Net::AS2::MDN->create_success or Net::AS2::MDN->create_from_unsuccessful_message.

If message id is not specified, a random one will be generated.

Note that the destination URL is passed by the partner in its request, but not specified during construction.

($mdn, $mic) = $as2->send($data, %MIMEHEADERS)

Send a message to the partner. Returns a Net::AS2::MDN object and calculated SHA-1 MIC.

The data should be encoded (or assumed to be UTF-8 encoded).

The mime headers should be listed in a hash. It will be passed to MIME::Entity almost transparently with some defaults dedicated for AS2, at least the following must also be supplied

MessageId

Message id of this request should be supplied, or a random one would be generated.

Type

Content type of the message should be supplied.

In case of HTTP failure, the MDN object will be marked with $mdn->is_error.

In case ASYNC MDN is expected, the MDN object returned will most likely be marked with $mdn->is_unparsable and should be ignored. A misbehave AS2 server could returns a valid MDN even if async was requested - in this case the $mdn->is_success would be true.

Test Hooks

$as2->create_useragent()

This should return a LWP::UserAgent usable for handling HTTP request.

This allows test code to monitor the HTTP request sending out.

BUGS

  • A bug in Crypt::SMIME will caused test to fail - specifically failed to add public key after decryption failure. I applied the fixes and fork it to github.

SEE ALSO

Net::AS2::FAQ, Net::AS2::Message, Net::AS2::MDN, MIME::Entity

Source code is maintained here at https://github.com/sam0737/perl-net-as2. Patches are welcome.

COPYRIGHT AND LICENSE

This software is copyright (c) 2012 by Sam Wong.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

DISCLAIMER OF WARRANTY

This module is not certificated by any AS2 body. This module generates MDN on behave of you. When using this module, you must have reviewed and responsible for all the actions and in-actions caused by this module.

More legal jargon follows:

BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.