[ https://issues.apache.org/jira/browse/JDKIM-42?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
BG updated JDKIM-42: -------------------- Description: Trying to verify the DKIM bh value for an email using verify method from tests. protected static List<SignatureRecord> verify(DKIMVerifier verifier, MimeMessage message, boolean forceCRLF) throws MessagingException, FailException { Headers headers = new MimeMessageHeaders(message); BodyHasher bh = verifier.newBodyHasher(headers); try { if (bh != null) { OutputStream os = new HeaderSkippingOutputStream(bh .getOutputStream()); if (forceCRLF) os = new CRLFOutputStream(os); message.writeTo(os); bh.getOutputStream().close(); } } catch (IOException e) { throw new MessagingException("Exception calculating bodyhash: " + e.getMessage(), e); } return verifier.verify(bh); } Created DKIMVerifier with a PublicKeyRecordRetriever. Call verify method with following: {{verify(new DKIMVerifier(pkr), new MimeMessage(Session.getDefaultInstance(new Properties()), new ByteArrayInputStream(str.getBytes())), false);}} str is a String with all of the source (headers and content) of an email. verify throws error "Header signature does not verify" from line with "BodyHasher bh = verifier.newBodyHasher(headers);". The only place in codebase where DKIMVerify.verify is used is in DKIMSignTest which uses a MockPublicKeyRecordRetriever. What is incorrect with implementation? Thanks. was: Trying to verify the DKIM bh value for an email using verify method from tests. {{ protected static List<SignatureRecord> verify(DKIMVerifier verifier, MimeMessage message, boolean forceCRLF) throws MessagingException, FailException { Headers headers = new MimeMessageHeaders(message); BodyHasher bh = verifier.newBodyHasher(headers); try { if (bh != null) { OutputStream os = new HeaderSkippingOutputStream(bh .getOutputStream()); if (forceCRLF) os = new CRLFOutputStream(os); message.writeTo(os); bh.getOutputStream().close(); } } catch (IOException e) { throw new MessagingException("Exception calculating bodyhash: " + e.getMessage(), e); } return verifier.verify(bh); } }} Created DKIMVerifier with a PublicKeyRecordRetriever. Call verify method with following: {{verify(new DKIMVerifier(pkr), new MimeMessage(Session.getDefaultInstance(new Properties()), new ByteArrayInputStream(str.getBytes())), false);}} str is a String with all of the source (headers and content) of an email. verify throws error "Header signature does not verify" from line with "BodyHasher bh = verifier.newBodyHasher(headers);". The only place in codebase where DKIMVerify.verify is used is in DKIMSignTest which uses a MockPublicKeyRecordRetriever. What is incorrect with implementation? Thanks. > Example on how to use verify bh in DKIM > --------------------------------------- > > Key: JDKIM-42 > URL: https://issues.apache.org/jira/browse/JDKIM-42 > Project: James jDKIM > Issue Type: Question > Reporter: BG > Priority: Major > > Trying to verify the DKIM bh value for an email using verify method from > tests. > protected static List<SignatureRecord> verify(DKIMVerifier verifier, > MimeMessage message, boolean forceCRLF) > throws MessagingException, FailException { > Headers headers = new MimeMessageHeaders(message); > BodyHasher bh = verifier.newBodyHasher(headers); > try { > if (bh != null) { > OutputStream os = new HeaderSkippingOutputStream(bh > .getOutputStream()); > if (forceCRLF) os = new CRLFOutputStream(os); > message.writeTo(os); > bh.getOutputStream().close(); > } > } catch (IOException e) { > throw new MessagingException("Exception calculating bodyhash: " > + e.getMessage(), e); > } > return verifier.verify(bh); > } > Created DKIMVerifier with a PublicKeyRecordRetriever. Call verify method with > following: > {{verify(new DKIMVerifier(pkr), new > MimeMessage(Session.getDefaultInstance(new Properties()), new > ByteArrayInputStream(str.getBytes())), false);}} > str is a String with all of the source (headers and content) of an email. > verify throws error "Header signature does not verify" from line with > "BodyHasher bh = verifier.newBodyHasher(headers);". > The only place in codebase where DKIMVerify.verify is used is in DKIMSignTest > which uses a MockPublicKeyRecordRetriever. > What is incorrect with implementation? > Thanks. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org