This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-jdkim.git
The following commit(s) were added to refs/heads/master by this push:
new 65ff762 Remove commons-codec
65ff762 is described below
commit 65ff762e05271ec8b64642070ed16dd15d165b8f
Author: Emerson Pinter <[email protected]>
AuthorDate: Thu Oct 2 20:46:40 2025 -0300
Remove commons-codec
---
main/pom.xml | 34 ----------------------
.../java/org/apache/james/jdkim/DKIMSigner.java | 5 ++--
.../java/org/apache/james/jdkim/DKIMVerifier.java | 10 +++++--
.../james/jdkim/tagvalue/PublicKeyRecordImpl.java | 4 +--
.../james/jdkim/tagvalue/SignatureRecordImpl.java | 10 +++----
.../jdkim/tagvalue/SignatureRecordTemplate.java | 14 ++++-----
.../org/apache/james/jdkim/tagvalue/TagValue.java | 12 +++++++-
.../test/java/org/apache/james/jdkim/DKIMTest.java | 6 ++--
.../james/jdkim/SignatureRecordImplTest.java | 16 ++++++++++
.../test/java/org/apache/james/jdkim/TestKeys.java | 7 ++---
pom.xml | 6 ----
11 files changed, 57 insertions(+), 67 deletions(-)
diff --git a/main/pom.xml b/main/pom.xml
index 1f1d29e..29db1aa 100644
--- a/main/pom.xml
+++ b/main/pom.xml
@@ -35,10 +35,6 @@
<inceptionYear>2008</inceptionYear>
<dependencies>
- <dependency>
- <groupId>commons-codec</groupId>
- <artifactId>commons-codec</artifactId>
- </dependency>
<dependency>
<groupId>dnsjava</groupId>
<artifactId>dnsjava</artifactId>
@@ -94,36 +90,6 @@
</execution>
</executions>
</plugin>
- <!-- Shading commons-codec Base64 class so that we don't have one
more dependency -->
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-shade-plugin</artifactId>
- <version>3.6.0</version>
- <executions>
- <execution>
- <phase>package</phase>
- <goals>
- <goal>shade</goal>
- </goals>
- <configuration>
- <artifactSet>
- <includes>
-
<include>commons-codec:commons-codec</include>
- </includes>
- </artifactSet>
- <relocations>
- <relocation>
- <pattern>org.apache.commons.codec</pattern>
-
<shadedPattern>org.apache.james.jdkim.codec</shadedPattern>
- </relocation>
- </relocations>
- <transformers>
- <transformer
implementation="org.apache.maven.plugins.shade.resource.ComponentsXmlResourceTransformer"
/>
- </transformers>
- </configuration>
- </execution>
- </executions>
- </plugin>
<plugin>
<groupId>org.apache.rat</groupId>
<artifactId>apache-rat-plugin</artifactId>
diff --git a/main/src/main/java/org/apache/james/jdkim/DKIMSigner.java
b/main/src/main/java/org/apache/james/jdkim/DKIMSigner.java
index 7f05aa7..c280d40 100644
--- a/main/src/main/java/org/apache/james/jdkim/DKIMSigner.java
+++ b/main/src/main/java/org/apache/james/jdkim/DKIMSigner.java
@@ -21,7 +21,6 @@ package org.apache.james.jdkim;
import static org.apache.james.jdkim.DKIMCommon.signatureCheck;
-import org.apache.commons.codec.binary.Base64;
import org.apache.james.jdkim.api.BodyHasher;
import org.apache.james.jdkim.api.Headers;
import org.apache.james.jdkim.api.SignatureRecord;
@@ -41,6 +40,7 @@ import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
+import java.util.Base64;
import java.util.List;
public class DKIMSigner {
@@ -160,7 +160,8 @@ public class DKIMSigner {
*/
public static PrivateKey getPrivateKey(String privateKeyPKCS8)
throws NoSuchAlgorithmException, InvalidKeySpecException {
- byte[] encKey = Base64.decodeBase64(privateKeyPKCS8.getBytes());
+ byte[] encKey =
Base64.getMimeDecoder().decode(privateKeyPKCS8.getBytes());
+
// byte[] encKey = privateKey.getBytes();
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(encKey);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
diff --git a/main/src/main/java/org/apache/james/jdkim/DKIMVerifier.java
b/main/src/main/java/org/apache/james/jdkim/DKIMVerifier.java
index 44537a1..07c1ddc 100644
--- a/main/src/main/java/org/apache/james/jdkim/DKIMVerifier.java
+++ b/main/src/main/java/org/apache/james/jdkim/DKIMVerifier.java
@@ -295,9 +295,13 @@ public class DKIMVerifier {
List<CharSequence> signedHeadersList =
signatureRecord.getHeaders();
- byte[] decoded = signatureRecord.getSignature();
- signatureVerify(messageHeaders, signatureRecord, decoded,
- publicKeyRecord, signedHeadersList);
+ try {
+ byte[] decoded = signatureRecord.getSignature();
+ signatureVerify(messageHeaders, signatureRecord,
decoded,
+ publicKeyRecord, signedHeadersList);
+ } catch (IllegalArgumentException e) {
+ throw new PermFailException("Invalid signature record:
" + e.getMessage(), signatureRecord, e);
+ }
// we track all canonicalizations+limit+bodyHash we
// see so to be able to check all of them in a single
diff --git
a/main/src/main/java/org/apache/james/jdkim/tagvalue/PublicKeyRecordImpl.java
b/main/src/main/java/org/apache/james/jdkim/tagvalue/PublicKeyRecordImpl.java
index c1225d9..d482eab 100644
---
a/main/src/main/java/org/apache/james/jdkim/tagvalue/PublicKeyRecordImpl.java
+++
b/main/src/main/java/org/apache/james/jdkim/tagvalue/PublicKeyRecordImpl.java
@@ -19,7 +19,6 @@
package org.apache.james.jdkim.tagvalue;
-import org.apache.commons.codec.binary.Base64;
import org.apache.james.jdkim.api.PublicKeyRecord;
import java.security.KeyFactory;
@@ -29,6 +28,7 @@ import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
@@ -178,7 +178,7 @@ public class PublicKeyRecordImpl extends TagValue
implements PublicKeyRecord {
public PublicKey getPublicKey() {
try {
String p = getValue("p").toString();
- byte[] key = Base64.decodeBase64(p.getBytes());
+ byte[] key = Base64.getMimeDecoder().decode(p.getBytes());
KeyFactory keyFactory;
keyFactory = KeyFactory.getInstance(getValue("k").toString());
X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(key);
diff --git
a/main/src/main/java/org/apache/james/jdkim/tagvalue/SignatureRecordImpl.java
b/main/src/main/java/org/apache/james/jdkim/tagvalue/SignatureRecordImpl.java
index dfa3e1c..c2cfc88 100644
---
a/main/src/main/java/org/apache/james/jdkim/tagvalue/SignatureRecordImpl.java
+++
b/main/src/main/java/org/apache/james/jdkim/tagvalue/SignatureRecordImpl.java
@@ -21,9 +21,9 @@ package org.apache.james.jdkim.tagvalue;
import static
org.apache.james.jdkim.parser.DKIMQuotedPrintable.dkimQuotedPrintableDecode;
-import org.apache.commons.codec.binary.Base64;
import org.apache.james.jdkim.api.SignatureRecord;
+import java.util.Base64;
import java.util.LinkedList;
import java.util.List;
import java.util.regex.Pattern;
@@ -215,11 +215,11 @@ public class SignatureRecordImpl extends TagValue
implements SignatureRecord {
}
public byte[] getBodyHash() {
- return Base64.decodeBase64(getValue("bh").toString().getBytes());
+ return decodeBase64TagValue("bh");
}
public byte[] getSignature() {
- return Base64.decodeBase64(getValue("b").toString().getBytes());
+ return decodeBase64TagValue("b");
}
public CharSequence getRawSignature() {
@@ -274,12 +274,12 @@ public class SignatureRecordImpl extends TagValue
implements SignatureRecord {
}
public void setSignature(byte[] newSignature) {
- String signature = new String(Base64.encodeBase64(newSignature));
+ String signature = new
String(Base64.getMimeDecoder().decode(newSignature));
setValue("b", signature);
}
public void setBodyHash(byte[] newBodyHash) {
- String bodyHash = new String(Base64.encodeBase64(newBodyHash));
+ String bodyHash = new
String(Base64.getMimeDecoder().decode(newBodyHash));
setValue("bh", bodyHash);
// If a t=; parameter is present in the signature, make sure to
// fill it with the current timestamp
diff --git
a/main/src/main/java/org/apache/james/jdkim/tagvalue/SignatureRecordTemplate.java
b/main/src/main/java/org/apache/james/jdkim/tagvalue/SignatureRecordTemplate.java
index 186c3c8..d33bab4 100644
---
a/main/src/main/java/org/apache/james/jdkim/tagvalue/SignatureRecordTemplate.java
+++
b/main/src/main/java/org/apache/james/jdkim/tagvalue/SignatureRecordTemplate.java
@@ -19,12 +19,12 @@
package org.apache.james.jdkim.tagvalue;
+import java.util.Base64;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
-import org.apache.commons.codec.binary.Base64;
import org.apache.james.jdkim.api.HashMethod;
import org.apache.james.jdkim.api.SignatureRecord;
import org.apache.james.jdkim.api.SigningAlgorithm;
@@ -223,11 +223,11 @@ public class SignatureRecordTemplate extends TagValue
implements SignatureRecord
}
public byte[] getBodyHash() {
- return Base64.decodeBase64(getValue("bh").toString().getBytes());
+ return decodeBase64TagValue("bh");
}
public byte[] getSignature() {
- return Base64.decodeBase64(getValue("b").toString().getBytes());
+ return decodeBase64TagValue("b");
}
public CharSequence getRawSignature() {
@@ -282,12 +282,12 @@ public class SignatureRecordTemplate extends TagValue
implements SignatureRecord
}
public void setSignature(byte[] newSignature) {
- String signature = new String(Base64.encodeBase64(newSignature));
+ String signature = new
String(Base64.getEncoder().encode(newSignature));
setValue("b", signature);
}
public void setBodyHash(byte[] newBodyHash) {
- String bodyHash = new String(Base64.encodeBase64(newBodyHash));
+ String bodyHash = new String(Base64.getEncoder().encode(newBodyHash));
setValue("bh", bodyHash);
// If a t=; parameter is present in the signature, make sure to
// fill it with the current timestamp
@@ -299,10 +299,10 @@ public class SignatureRecordTemplate extends TagValue
implements SignatureRecord
public SignatureRecordImpl toSignatureRecord(SigningAlgorithm algorithm,
HashMethod hashMethod, byte[] bodyHash, byte[] signature) {
setValue("a", algorithm.asTagValue() + "-" + hashMethod.asTagValue());
- String bodyHashTagValue = new String(Base64.encodeBase64(bodyHash));
+ String bodyHashTagValue = new
String(Base64.getEncoder().encode(bodyHash));
setValue("bh", bodyHashTagValue);
- String signatureTagValue = new String(Base64.encodeBase64(signature));
+ String signatureTagValue = new
String(Base64.getEncoder().encode(signature));
setValue("b", signatureTagValue);
// If a t=; parameter is present in the signature, make sure to
// fill it with the current timestamp
diff --git a/main/src/main/java/org/apache/james/jdkim/tagvalue/TagValue.java
b/main/src/main/java/org/apache/james/jdkim/tagvalue/TagValue.java
index 6af2d22..68562a5 100644
--- a/main/src/main/java/org/apache/james/jdkim/tagvalue/TagValue.java
+++ b/main/src/main/java/org/apache/james/jdkim/tagvalue/TagValue.java
@@ -20,6 +20,7 @@
package org.apache.james.jdkim.tagvalue;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
@@ -44,6 +45,7 @@ public class TagValue {
// Use possessive matching to avoid heavy stack usage
private static final Pattern valuePattern = Pattern.compile("^(?:" + tval
+ "(?:(?:(?:\r\n)?[\t ])++" + tval + ")*+)?$");
+ private static final Pattern b64PadFixPattern =
Pattern.compile("=(\r?\n\\s*)=$");
// we may use a TreeMap because we may need to know original order.
private final Map<String, CharSequence> tagValues;
@@ -219,7 +221,15 @@ public class TagValue {
else
return val;
}
-
+
+ protected byte[] decodeBase64TagValue(String key) {
+ // When a base64 string ends with a newline between two '=',
java.util.Base64 fails.
+ String value = getValue(key).toString();
+ return Base64.getMimeDecoder().decode(
+ b64PadFixPattern.matcher(value).replaceAll("$1==")
+ );
+ }
+
protected void setValue(String tag, String value) {
stringRepresentation = null;
tagValues.put(tag, value);
diff --git a/main/src/test/java/org/apache/james/jdkim/DKIMTest.java
b/main/src/test/java/org/apache/james/jdkim/DKIMTest.java
index fce5524..09f7441 100644
--- a/main/src/test/java/org/apache/james/jdkim/DKIMTest.java
+++ b/main/src/test/java/org/apache/james/jdkim/DKIMTest.java
@@ -33,9 +33,9 @@ import java.net.URISyntaxException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
+import java.util.Base64;
import java.util.List;
-import org.apache.commons.codec.binary.Base64;
import org.apache.james.jdkim.MockPublicKeyRecordRetriever.Record;
import org.apache.james.jdkim.api.Headers;
import org.apache.james.jdkim.api.Result;
@@ -49,12 +49,12 @@ public class DKIMTest {
Record.of(
"selector2",
"messiah.edu",
- "k=rsa; p=" +
Base64.encodeBase64String(TestKeys.publicKey.getEncoded()) + ";"
+ "k=rsa; p=" +
Base64.getEncoder().encodeToString(TestKeys.publicKey.getEncoded()) + ";"
),
Record.of(
"selector3",
"messiah.edu",
- "k=rsa; p=" +
Base64.encodeBase64String(TestKeys.publicKey_2.getEncoded()) + ";"
+ "k=rsa; p=" +
Base64.getEncoder().encodeToString(TestKeys.publicKey_2.getEncoded()) + ";"
)
);
diff --git
a/main/src/test/java/org/apache/james/jdkim/SignatureRecordImplTest.java
b/main/src/test/java/org/apache/james/jdkim/SignatureRecordImplTest.java
index d31ef44..d380ec1 100644
--- a/main/src/test/java/org/apache/james/jdkim/SignatureRecordImplTest.java
+++ b/main/src/test/java/org/apache/james/jdkim/SignatureRecordImplTest.java
@@ -24,6 +24,7 @@ import org.apache.james.jdkim.tagvalue.SignatureRecordImpl;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import org.junit.Assert;
import org.junit.Test;
public class SignatureRecordImplTest {
@@ -132,4 +133,19 @@ public class SignatureRecordImplTest {
).hasMessageContaining("expired");
}
+ @Test
+ public void should_parse_signature_with_newline_between_padding() {
+ String signature = "v=1; a=rsa-sha256; q=dns/txt; c=simple;
s=selector2; d=messiah.edu; bh=6pQY\r\n" +
+ " 5V6Dw8mCYWq017gfbpv+x2X4GvOhIIZtKw6iU6g=;
h=date:from:subject; b=Axa\r\n" +
+ "
8s/gTnnJ8em45KV/AQw33hQ4uYtBKiQp3dLq7oRFt+WmDZ5ZErPq4lBVXfP+IAvP+Au9\r\n" +
+ "
1J8270ivn1J/6E0YqKntn4s1hjcNBPPRVohvmlcQ1mEMd6DuYDtWjDFwG2GWZwtilaPY\r\n" +
+ "
2afhlTuAbHkn8nHm7MVtAGETO8QQ2zfD1NSGzKbNYP9I+hrDJq5ajka6PZn1d+mDhUH5\r\n" +
+ "
Px8yScYqo5i8Z8GXaejSIu7RsLDuxtOO2cuClRi8MKGxc7MiGndMufXB8xbS1L80IFly\r\n" +
+ "
unOVY5eBaqnnhF2YrDDQfZ6DTqorzX6D5dNjpjOG6AbsqkW83Drx0TTV/5M0raU1SIw=\r\n" +
+ " =";
+
+ SignatureRecordImpl signatureRecord = new
SignatureRecordImpl(signature);
+ Assert.assertTrue(signatureRecord.getSignature().length > 0);
+ Assert.assertTrue(signatureRecord.getBodyHash().length > 0);
+ }
}
diff --git a/main/src/test/java/org/apache/james/jdkim/TestKeys.java
b/main/src/test/java/org/apache/james/jdkim/TestKeys.java
index 82b1900..72265ed 100644
--- a/main/src/test/java/org/apache/james/jdkim/TestKeys.java
+++ b/main/src/test/java/org/apache/james/jdkim/TestKeys.java
@@ -31,8 +31,7 @@ import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
-
-import org.apache.commons.codec.binary.Base64;
+import java.util.Base64;
public class TestKeys {
public static final PrivateKey privateKey =
loadPrivateKey("org/apache/james/jdkim/keys/private.key");
@@ -50,7 +49,7 @@ public class TestKeys {
.replace("-----BEGIN PUBLIC KEY-----", "")
.replace("-----END PUBLIC KEY-----", "")
.replaceAll(System.lineSeparator(), "");
- byte[] encoded = Base64.decodeBase64(keyText);
+ byte[] encoded = Base64.getMimeDecoder().decode(keyText);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encoded);
return keyFactory.generatePublic(keySpec);
@@ -71,7 +70,7 @@ public class TestKeys {
.replace("-----BEGIN PRIVATE KEY-----", "")
.replace("-----END PRIVATE KEY-----", "")
.replaceAll(System.lineSeparator(), "");
- byte[] encoded = Base64.decodeBase64(keyText);
+ byte[] encoded = Base64.getMimeDecoder().decode(keyText);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encoded);
return keyFactory.generatePrivate(keySpec);
diff --git a/pom.xml b/pom.xml
index 3f78004..696678e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -62,7 +62,6 @@
<properties>
<apache-mime4j.version>0.8.12</apache-mime4j.version>
- <commons-codec.version>1.18.0</commons-codec.version>
<dnsjava.version>3.6.3</dnsjava.version>
<james-skin.version>1.8</james-skin.version>
<junit.version>4.13.2</junit.version>
@@ -71,11 +70,6 @@
<dependencyManagement>
<dependencies>
- <dependency>
- <groupId>commons-codec</groupId>
- <artifactId>commons-codec</artifactId>
- <version>${commons-codec.version}</version>
- </dependency>
<dependency>
<groupId>dnsjava</groupId>
<artifactId>dnsjava</artifactId>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
