james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "BG (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (JDKIM-42) Example on how to use verify bh in DKIM
Date Thu, 13 Dec 2018 20:51:00 GMT

     [ https://issues.apache.org/jira/browse/JDKIM-42?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

BG updated JDKIM-42:
--------------------
    Description: 
Trying to verify the DKIM bh value for an email using verify method from tests.

 {{
protected static List<SignatureRecord> verify(DKIMVerifier verifier, MimeMessage message,
boolean forceCRLF)
        throws MessagingException, FailException {
        Headers headers = new MimeMessageHeaders(message);
        BodyHasher bh = verifier.newBodyHasher(headers);
        try {
            if (bh != null) {
                OutputStream os = new HeaderSkippingOutputStream(bh
                    .getOutputStream());
                if (forceCRLF) os = new CRLFOutputStream(os);
                message.writeTo(os);
                bh.getOutputStream().close();
            }

        } catch (IOException e) {
            throw new MessagingException("Exception calculating bodyhash: "
                + e.getMessage(), e);
        }
        return verifier.verify(bh);
    }
}}

Created DKIMVerifier with a PublicKeyRecordRetriever. Call verify method with following:

{{verify(new DKIMVerifier(pkr), new MimeMessage(Session.getDefaultInstance(new Properties()),
new ByteArrayInputStream(str.getBytes())), false);}}

str is a String with all of the source (headers and content) of an email.

verify throws error "Header signature does not verify" from line with "BodyHasher bh = verifier.newBodyHasher(headers);".

The only place in codebase where DKIMVerify.verify is used is in DKIMSignTest which uses a
MockPublicKeyRecordRetriever. 

What is incorrect with implementation?

Thanks.

  was:
Trying to verify the DKIM bh value for an email using verify method from tests.

 {{protected static List<SignatureRecord> verify(DKIMVerifier verifier, MimeMessage
message, boolean forceCRLF)
        throws MessagingException, FailException {
        Headers headers = new MimeMessageHeaders(message);
        BodyHasher bh = verifier.newBodyHasher(headers);
        try {
            if (bh != null) {
                OutputStream os = new HeaderSkippingOutputStream(bh
                    .getOutputStream());
                if (forceCRLF) os = new CRLFOutputStream(os);
                message.writeTo(os);
                bh.getOutputStream().close();
            }

        } catch (IOException e) {
            throw new MessagingException("Exception calculating bodyhash: "
                + e.getMessage(), e);
        }
        return verifier.verify(bh);
    }}}

Created DKIMVerifier with a PublicKeyRecordRetriever. Call verify method with following:

{{verify(new DKIMVerifier(pkr), new MimeMessage(Session.getDefaultInstance(new Properties()),
new ByteArrayInputStream(str.getBytes())), false);}}

str is a String with all of the source (headers and content) of an email.

verify throws error "Header signature does not verify" from line with "BodyHasher bh = verifier.newBodyHasher(headers);".

The only place in codebase where DKIMVerify.verify is used is in DKIMSignTest which uses a
MockPublicKeyRecordRetriever. 

What is incorrect with implementation?

Thanks.


> Example on how to use verify bh in DKIM
> ---------------------------------------
>
>                 Key: JDKIM-42
>                 URL: https://issues.apache.org/jira/browse/JDKIM-42
>             Project: James jDKIM
>          Issue Type: Question
>            Reporter: BG
>            Priority: Major
>
> Trying to verify the DKIM bh value for an email using verify method from tests.
>  {{
> protected static List<SignatureRecord> verify(DKIMVerifier verifier, MimeMessage
message, boolean forceCRLF)
>         throws MessagingException, FailException {
>         Headers headers = new MimeMessageHeaders(message);
>         BodyHasher bh = verifier.newBodyHasher(headers);
>         try {
>             if (bh != null) {
>                 OutputStream os = new HeaderSkippingOutputStream(bh
>                     .getOutputStream());
>                 if (forceCRLF) os = new CRLFOutputStream(os);
>                 message.writeTo(os);
>                 bh.getOutputStream().close();
>             }
>         } catch (IOException e) {
>             throw new MessagingException("Exception calculating bodyhash: "
>                 + e.getMessage(), e);
>         }
>         return verifier.verify(bh);
>     }
> }}
> Created DKIMVerifier with a PublicKeyRecordRetriever. Call verify method with following:
> {{verify(new DKIMVerifier(pkr), new MimeMessage(Session.getDefaultInstance(new Properties()),
new ByteArrayInputStream(str.getBytes())), false);}}
> str is a String with all of the source (headers and content) of an email.
> verify throws error "Header signature does not verify" from line with "BodyHasher bh
= verifier.newBodyHasher(headers);".
> The only place in codebase where DKIMVerify.verify is used is in DKIMSignTest which uses
a MockPublicKeyRecordRetriever. 
> What is incorrect with implementation?
> Thanks.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message