[JDKIM-42] Example on how to use verify bh in DKIM - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Question
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

Trying to verify the DKIM bh value for an email using verify method from tests.

protected static List<SignatureRecord> verify(DKIMVerifier verifier, MimeMessage message, boolean forceCRLF)
throws MessagingException, FailException {
Headers headers = new MimeMessageHeaders(message);
BodyHasher bh = verifier.newBodyHasher(headers);
try {
if (bh != null)

{ OutputStream os = new HeaderSkippingOutputStream(bh .getOutputStream()); if (forceCRLF) os = new CRLFOutputStream(os); message.writeTo(os); bh.getOutputStream().close(); }

} catch (IOException e)

{ throw new MessagingException("Exception calculating bodyhash: " + e.getMessage(), e); }

return verifier.verify(bh);
}

Created DKIMVerifier with a PublicKeyRecordRetriever. Call verify method with following:

verify(new DKIMVerifier(pkr), new MimeMessage(Session.getDefaultInstance(new Properties()), new ByteArrayInputStream(str.getBytes())), false);

str is a String with all of the source (headers and content) of an email.

verify throws error "Header signature does not verify" from line with "BodyHasher bh = verifier.newBodyHasher(headers);".

The only place in codebase where DKIMVerify.verify is used is in DKIMSignTest which uses a MockPublicKeyRecordRetriever.

What is incorrect with implementation?

Thanks.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: BG

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 13/Dec/18 20:49

Updated:: 13/Dec/18 20:50