Package org.apache.james.jdkim.api

Examples of org.apache.james.jdkim.api.SignatureRecord

108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
     * sr.getSignature(); fail("expected failure"); } catch (Exception e) {
     * assertTrue(e.getMessage().toLowerCase().contains("decod")); } }
     */

    public void testWrongHashSyntaxes() {
        SignatureRecord sr = new SignatureRecordImpl("v=1; a=nothyphenedword;");
        try {
            sr.getHashAlgo();
            fail("expected failure");
        } catch (Exception e) {
            assertTrue(e.getMessage().toLowerCase().indexOf("hash") != -1);
        }
        try {
            sr.getHashMethod();
            fail("expected failure");
        } catch (Exception e) {
            assertTrue(e.getMessage().toLowerCase().indexOf("hash") != -1);
        }
        try {
            sr.getHashAlgo();
            fail("expected failure");
        } catch (Exception e) {
            assertTrue(e.getMessage().toLowerCase().indexOf("hash") != -1);
        }
    }
View Full Code Here
130
131
132
133
134
135
136
137
138
139
140
141
142
143
            assertTrue(e.getMessage().toLowerCase().indexOf("hash") != -1);
        }
    }

    public void testExpired() {
        SignatureRecord sr = new SignatureRecordImpl(
                "v=1; c=simple; h=from:to; s=select; d=example.com; a=rsa-sha1; x=0; bh=abcdef; b=1235345987;");
        try {
            sr.validate();
            fail("expected failure");
        } catch (Exception e) {
            assertTrue(e.getMessage().indexOf("expired") != -1);
        }
    }
View Full Code Here
25
26
27
28
29
30
31
32
33
34
35
36
37
import junit.framework.TestCase;

public class SignatureRecordTest extends TestCase {

    public void testBasic() {
        SignatureRecord sign = new SignatureRecordImpl(
                "v=1; a=rsa-sha256; c=relaxed/relaxed;\r\n"
                        + "        d=gmail.com; s=beta;\r\n"
                        + "        h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type;\r\n"
                        + "        bh=9sd6eO/xnGLInYGPFN86r9q27iClGpwfkl4PBc5XEuQ=;\r\n"
                        + "        b=tGQtBQg1sO+JKopOylApWLngylEqeMcXwCEUQN+S2PSpi9c1G9Nm5df9pMShus3iFaQb0PPvTfpw++cAC8/N0p3Gi/lVLc+Yh7xWEIPZ3Nxd3xqTQy7grIkBpV0q6559dEhhfFoEyLS0OK/IrqFIUVDRIMnsMjimXV7u+Sgoi7Q=");
        sign.validate();
    }
View Full Code Here
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
        sign.validate();
    }

    public void testWrongOrMissingVersion() {
        try {
            SignatureRecord sign = new SignatureRecordImpl(
                    "a=rsa-sha1; c=relaxed/relaxed;\r\n"
                            + "        d=gmail.com; s=beta;\r\n"
                            + "        h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type;\r\n"
                            + "        b=Kw/TqnjB4L5ZC7DX1ibiNkuIw630uHZvzuozn/e6yTm3U8ObWEz/rJK5GO8RSrF56JrCA/xo8W2CGmyNmpQYbEpLl5P9/NcJSYUmln/O6GSa4Usyv4FdEU4FVjkyW0ToGFHNkw9Mm0urveA4Lcfk9gClJczXnvGBdiv/bkVBEJk=");
            sign.validate();
            fail("expected error on missing v=");
        } catch (IllegalStateException e) {
        }
        try {
            SignatureRecord sign = new SignatureRecordImpl(
                    "v=2; a=rsa-sha256; c=relaxed/relaxed;\r\n"
                            + "        d=gmail.com; s=beta;\r\n"
                            + "        h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type;\r\n"
                            + "        bh=9sd6eO/xnGLInYGPFN86r9q27iClGpwfkl4PBc5XEuQ=;\r\n"
                            + "        b=tGQtBQg1sO+JKopOylApWLngylEqeMcXwCEUQN+S2PSpi9c1G9Nm5df9pMShus3iFaQb0PPvTfpw++cAC8/N0p3Gi/lVLc+Yh7xWEIPZ3Nxd3xqTQy7grIkBpV0q6559dEhhfFoEyLS0OK/IrqFIUVDRIMnsMjimXV7u+Sgoi7Q=");
            sign.validate();
            fail("expected error on wrong v=");
        } catch (IllegalStateException e) {
        }
    }
View Full Code Here
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
        }
    }

    public void testMissingRequired() {
        try {
            SignatureRecord sign = new SignatureRecordImpl(
                    "v=1; a=rsa-sha256; c=relaxed/relaxed;\r\n"
                            + "        d=gmail.com; s=beta;\r\n"
                            + "        h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type;\r\n"
                            + "        b=tGQtBQg1sO+JKopOylApWLngylEqeMcXwCEUQN+S2PSpi9c1G9Nm5df9pMShus3iFaQb0PPvTfpw++cAC8/N0p3Gi/lVLc+Yh7xWEIPZ3Nxd3xqTQy7grIkBpV0q6559dEhhfFoEyLS0OK/IrqFIUVDRIMnsMjimXV7u+Sgoi7Q=");
            sign.validate();
            fail("expected error on missing bh=");
        } catch (IllegalStateException e) {
        }
    }
View Full Code Here
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
        }
    }

    public void testDomainMismatch() {
        try {
            SignatureRecord sign = new SignatureRecordImpl(
                    "v=1; a=rsa-sha256; c=relaxed/relaxed;\r\n"
                            + "        d=gmail.com; s=beta; i=@agmail.com;\r\n"
                            + "        h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type;\r\n"
                            + "        bh=9sd6eO/xnGLInYGPFN86r9q27iClGpwfkl4PBc5XEuQ=;\r\n"
                            + "        b=tGQtBQg1sO+JKopOylApWLngylEqeMcXwCEUQN+S2PSpi9c1G9Nm5df9pMShus3iFaQb0PPvTfpw++cAC8/N0p3Gi/lVLc+Yh7xWEIPZ3Nxd3xqTQy7grIkBpV0q6559dEhhfFoEyLS0OK/IrqFIUVDRIMnsMjimXV7u+Sgoi7Q=");
            sign.validate();
            fail("expected error on domain mismatch");
        } catch (IllegalStateException e) {
        }
    }
View Full Code Here
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
        }
    }

    public void testMissingFrom() {
        try {
            SignatureRecord sign = new SignatureRecordImpl(
                    "v=1; a=rsa-sha256; c=relaxed/relaxed;\r\n"
                            + "        d=gmail.com; s=beta; i=@subdomain.gmail.com;\r\n"
                            + "        h=domainkey-signature:received:received:message-id:date:fram:to:subject:mime-version:content-type;\r\n"
                            + "        bh=9sd6eO/xnGLInYGPFN86r9q27iClGpwfkl4PBc5XEuQ=;\r\n"
                            + "        b=tGQtBQg1sO+JKopOylApWLngylEqeMcXwCEUQN+S2PSpi9c1G9Nm5df9pMShus3iFaQb0PPvTfpw++cAC8/N0p3Gi/lVLc+Yh7xWEIPZ3Nxd3xqTQy7grIkBpV0q6559dEhhfFoEyLS0OK/IrqFIUVDRIMnsMjimXV7u+Sgoi7Q=");
            sign.validate();
            fail("expected error on missing 'from' header");
        } catch (IllegalStateException e) {
        }
    }
View Full Code Here
123
124
125
126
127
128
129
130
131
132
133
        }
    }

    public void service(Mail mail) throws MessagingException {
        DKIMSigner signer = new DKIMSigner(getSignatureTemplate(), getPrivateKey());
        SignatureRecord signRecord = signer
                .newSignatureRecordTemplate(getSignatureTemplate());
        try {
            BodyHasher bhj = signer.newBodyHasher(signRecord);
            MimeMessage message = mail.getMessage();
            Headers headers = new MimeMessageHeaders(message);
View Full Code Here
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
            try {
                int pos = signatureField.indexOf(':');
                if (pos > 0) {
                    String v = signatureField.substring(pos + 1, signatureField
                            .length());
                    SignatureRecord signatureRecord;
                    try {
                        signatureRecord = newSignatureRecord(v);
                        // validate
                        signatureRecord.validate();
                    } catch (IllegalStateException e) {
                        throw new PermFailException("Invalid signature record: "+e.getMessage(), e);
                    }

                    // Specification say we MAY refuse to verify the signature.
                    if (signatureRecord.getSignatureTimestamp() != null) {
                        long signedTime = signatureRecord.getSignatureTimestamp().longValue();
                        long elapsed = (System.currentTimeMillis()/1000 - signedTime);
                        if (elapsed < -3600*24*365*3) {
                            throw new PermFailException("Signature date is more than "
                                    + -elapsed/(3600*24*365) + " years in the future.");
                        } else if (elapsed < -3600*24*30*3) {
                            throw new PermFailException("Signature date is more than "
                                    + -elapsed/(3600*24*30) + " months in the future.");
                        } else if (elapsed < -3600*24*3) {
                            throw new PermFailException("Signature date is more than "
                                        + -elapsed/(3600*24) + " days in the future.");
                        } else if (elapsed < -3600*3) {
                            throw new PermFailException("Signature date is more than "
                                    + -elapsed/3600 + " hours in the future.");
                        } else if (elapsed < -60*3) {
                            throw new PermFailException("Signature date is more than "
                                    + -elapsed/60 + " minutes in the future.");
                        } else if (elapsed < 0) {
                            throw new PermFailException("Signature date is "
                                    + elapsed + " seconds in the future.");
                        }
                    }

                    // TODO here we could check more parameters for
                    // validation before running a network operation like the
                    // dns lookup.
                    // e.g: the canonicalization method could be checked now.
                    PublicKeyRecord publicKeyRecord = publicRecordLookup(signatureRecord);

                    List<CharSequence> signedHeadersList = signatureRecord.getHeaders();

                    byte[] decoded = signatureRecord.getSignature();
                    signatureVerify(messageHeaders, signatureRecord, decoded,
                            publicKeyRecord, signedHeadersList);

                    // we track all canonicalizations+limit+bodyHash we
                    // see so to be able to check all of them in a single
View Full Code Here
75
76
77
78
79
80
81
82
83
84
85
                throw new PermFailException("MIME parsing exception: "
                        + e1.getMessage(), e1);
            }

            try {
                SignatureRecord srt = newSignatureRecordTemplate(signatureRecordTemplate);

                BodyHasher bhj = newBodyHasher(srt);

                // computation of the body hash.
                DKIMCommon.streamCopy(message.getBodyInputStream(), bhj
View Full Code Here
TOP

Related Classes of org.apache.james.jdkim.api.SignatureRecord

  • org.apache.james.jdkim.DKIMSigner
  • org.apache.james.jdkim.DKIMVerifier
  • org.apache.james.jdkim.mailets.DKIMSign
  • org.apache.james.jdkim.SignatureRecordImplTest
  • org.apache.james.jdkim.SignatureRecordTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.