[jira] [Commented] (JDKIM-42) Example on how to use verify bh in DKIM

[Jean Helou (Jira)]

    [ 
https://issues.apache.org/jira/browse/JDKIM-42?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17940325#comment-17940325
 ] 

Jean Helou commented on JDKIM-42:
---------------------------------

Hello,

I stumbled upon this issue, you can find an client of the DKIMVerify api in 
[https://github.com/apache/james-project/blob/master/server/mailet/dkim/src/main/java/org/apache/james/jdkim/mailets/DKIMVerify.java#L53]

you can check how the tests for this are instantiated : 
[https://github.com/apache/james-project/blob/e09a085b8fb195495f0f0844bc91068a638b5f62/server/mailet/dkim/src/test/java/org/apache/james/jdkim/mailets/DKIMVerifyTest.java#L93]

 

I realize that 7 years later you are probably not expecting an answer anymore 
but hopefully this comment can help some else in the future :D

> Example on how to use verify bh in DKIM
> ---------------------------------------
>
>                 Key: JDKIM-42
>                 URL: https://issues.apache.org/jira/browse/JDKIM-42
>             Project: James jDKIM
>          Issue Type: Question
>            Reporter: BG
>            Priority: Major
>
> Trying to verify the DKIM bh value for an email using verify method from 
> tests.
> protected static List<SignatureRecord> verify(DKIMVerifier verifier, 
> MimeMessage message, boolean forceCRLF)
>         throws MessagingException, FailException {
>         Headers headers = new MimeMessageHeaders(message);
>         BodyHasher bh = verifier.newBodyHasher(headers);
>         try {
>             if (bh != null) {
>                 OutputStream os = new HeaderSkippingOutputStream(bh
>                     .getOutputStream());
>                 if (forceCRLF) os = new CRLFOutputStream(os);
>                 message.writeTo(os);
>                 bh.getOutputStream().close();
>             }
>         } catch (IOException e) {
>             throw new MessagingException("Exception calculating bodyhash: "
>                 + e.getMessage(), e);
>         }
>         return verifier.verify(bh);
>     }
> Created DKIMVerifier with a PublicKeyRecordRetriever. Call verify method with 
> following:
> {{verify(new DKIMVerifier(pkr), new 
> MimeMessage(Session.getDefaultInstance(new Properties()), new 
> ByteArrayInputStream(str.getBytes())), false);}}
> str is a String with all of the source (headers and content) of an email.
> verify throws error "Header signature does not verify" from line with 
> "BodyHasher bh = verifier.newBodyHasher(headers);".
> The only place in codebase where DKIMVerify.verify is used is in DKIMSignTest 
> which uses a MockPublicKeyRecordRetriever. 
> What is incorrect with implementation?
> Thanks.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org