Examples of PermFailException

org.apache.james.jdkim.exceptions.PermFailException

Examples of org.apache.james.jdkim.exceptions.PermFailException

            if (res == null || res.size() > 0)
                return res;
            else
                throw new TempFailException("Timout or servfail");
        } else
            throw new PermFailException("Unsupported method");
    }

View Full Code Here

Examples of org.apache.james.jdkim.exceptions.PermFailException

                    lastError = "invalid key for signature: " + e.getMessage();
                }
            }
        }
        // return PERMFAIL ($error).
        throw new PermFailException(lastError);
    }

View Full Code Here

Examples of org.apache.james.jdkim.exceptions.PermFailException

     */
    public static void apply(PublicKeyRecord pkr, SignatureRecord sign) throws PermFailException {
        try {
            if (!pkr.getGranularityPattern().matcher(sign.getIdentityLocalPart())
                    .matches()) {
                throw new PermFailException("inapplicable key identity local="
                        + sign.getIdentityLocalPart() + " Pattern: "
                        + pkr.getGranularityPattern().pattern(), sign.getIdentity().toString());
            }
    
            if (!pkr.isHashMethodSupported(sign.getHashMethod())) {
                throw new PermFailException("inappropriate hash for a="
                        + sign.getHashKeyType() + "/" + sign.getHashMethod(), sign.getIdentity().toString());
            }
            if (!pkr.isKeyTypeSupported(sign.getHashKeyType())) {
                throw new PermFailException("inappropriate key type for a="
                        + sign.getHashKeyType() + "/" + sign.getHashMethod(), sign.getIdentity().toString());
            }
    
            if (pkr.isDenySubdomains()) {
                if (!sign.getIdentity().toString().toLowerCase().endsWith(
                        ("@" + sign.getDToken()).toLowerCase())) {
                    throw new PermFailException(
                            "AUID in subdomain of SDID is not allowed by the public key record.", sign.getIdentity().toString());
                }
            }
        } catch (IllegalStateException e) {
            throw new PermFailException("Invalid public key: "+e.getMessage(), sign.getIdentity().toString());
        }
    }

View Full Code Here

Examples of org.apache.james.jdkim.exceptions.PermFailException

    public PublicKeyRecord publicRecordLookup(SignatureRecord sign)
            throws TempFailException, PermFailException {
        // System.out.println(sign);
        PublicKeyRecord key = null;
        TempFailException lastTempFailure = null;
        PermFailException lastPermFailure = null;
        for (Iterator<CharSequence> rlm = sign.getRecordLookupMethods().iterator(); key == null
                && rlm.hasNext();) {
            CharSequence method = rlm.next();
            try {
                PublicKeyRecordRetriever pkrr = getPublicKeyRecordRetriever();
                List<String> records = pkrr.getRecords(method, sign.getSelector()
                        .toString(), sign.getDToken().toString());
                PublicKeyRecord tempKey = publicKeySelector(records);
                // checks wether the key is applicable to the signature
                // TODO check with the IETF group to understand if this is the
                // right thing to do.
                // TODO loggin
                apply(tempKey, sign);
                key = tempKey;
            } catch (TempFailException tf) {
                lastTempFailure = tf;
            } catch (PermFailException pf) {
                lastPermFailure = pf;
            }
        }
        if (key == null) {
            if (lastTempFailure != null) {
                if (sign != null) lastTempFailure.setRelatedRecordIdentity(sign.getIdentity().toString());
                throw lastTempFailure;
            } else if (lastPermFailure != null) {
                if (sign != null) lastPermFailure.setRelatedRecordIdentity(sign.getIdentity().toString());
                throw lastPermFailure;
            }            // this is unexpected because the publicKeySelector always returns
            // null or exception
            else {
                throw new PermFailException(
                        "no key for signature [unexpected condition]", sign.getIdentity().toString());
            }
        }
        return key;
    }

View Full Code Here

Examples of org.apache.james.jdkim.exceptions.PermFailException

            } catch (IOException e) {
              throw e;
            } catch (Exception e1) {
              // This can only be a MimeException but we don't declare to allow usage of
              // DKIMSigner without Mime4J dependency.
              throw new PermFailException("Mime parsing exception: "
                      + e1.getMessage(), e1);
          }
          try {
              return verify(message, message.getBodyInputStream());
          } finally {

View Full Code Here

Examples of org.apache.james.jdkim.exceptions.PermFailException

                    try {
                        signatureRecord = newSignatureRecord(v);
                        // validate
                        signatureRecord.validate();
                    } catch (IllegalStateException e) {
                        throw new PermFailException("Invalid signature record: "+e.getMessage(), e);
                    }


                    // Specification say we MAY refuse to verify the signature.
                    if (signatureRecord.getSignatureTimestamp() != null) {
                        long signedTime = signatureRecord.getSignatureTimestamp().longValue();
                        long elapsed = (System.currentTimeMillis()/1000 - signedTime);
                        if (elapsed < -3600*24*365*3) {
                            throw new PermFailException("Signature date is more than "
                                    + -elapsed/(3600*24*365) + " years in the future.");
                        } else if (elapsed < -3600*24*30*3) {
                            throw new PermFailException("Signature date is more than "
                                    + -elapsed/(3600*24*30) + " months in the future.");
                        } else if (elapsed < -3600*24*3) {
                            throw new PermFailException("Signature date is more than "
                                        + -elapsed/(3600*24) + " days in the future.");
                        } else if (elapsed < -3600*3) {
                            throw new PermFailException("Signature date is more than "
                                    + -elapsed/3600 + " hours in the future.");
                        } else if (elapsed < -60*3) {
                            throw new PermFailException("Signature date is more than "
                                    + -elapsed/60 + " minutes in the future.");
                        } else if (elapsed < 0) {
                            throw new PermFailException("Signature date is "
                                    + elapsed + " seconds in the future.");
                        }
                    }


                    // TODO here we could check more parameters for
                    // validation before running a network operation like the
                    // dns lookup.
                    // e.g: the canonicalization method could be checked now.
                    PublicKeyRecord publicKeyRecord = publicRecordLookup(signatureRecord);


                    List<CharSequence> signedHeadersList = signatureRecord.getHeaders();


                    byte[] decoded = signatureRecord.getSignature();
                    signatureVerify(messageHeaders, signatureRecord, decoded,
                            publicKeyRecord, signedHeadersList);


                    // we track all canonicalizations+limit+bodyHash we
                    // see so to be able to check all of them in a single
                    // stream run.
                    BodyHasherImpl bhj = newBodyHasher(signatureRecord);


                    bodyHashJobs.put(signatureField, bhj);


                } else {
                    throw new PermFailException(
                            "unexpected bad signature field");
                }
            } catch (TempFailException e) {
                signatureExceptions.put(signatureField, e);
            } catch (PermFailException e) {
                signatureExceptions.put(signatureField, e);
            } catch (RuntimeException e) {
                signatureExceptions.put(signatureField, new PermFailException(
                        "Unexpected exception processing signature", e));
            }
        }


        if (bodyHashJobs.isEmpty()) {
            if (signatureExceptions.size() > 0) {
                throw prepareException(signatureExceptions);
            } else {
                throw new PermFailException("Unexpected condition with "+fields);
            }
        }


        return new CompoundBodyHasher(bodyHashJobs, signatureExceptions);
    }

View Full Code Here

Examples of org.apache.james.jdkim.exceptions.PermFailException

     * @throws PermFailException if it wasn't a CompoundBodyHasher
     */
    private CompoundBodyHasher validateBodyHasher(BodyHasher bh)
            throws PermFailException {
        if (!(bh instanceof CompoundBodyHasher)) {
            throw new PermFailException("Unexpected BodyHasher type: this is not generated by DKIMVerifier!");
        }
        
        CompoundBodyHasher cbh = (CompoundBodyHasher) bh;
        return cbh;
    }

View Full Code Here

Examples of org.apache.james.jdkim.exceptions.PermFailException


            if (!Arrays.equals(expectedBodyHash, computedHash)) {
                compoundBodyHasher.getSignatureExceptions()
                        .put(
                                "DKIM-Signature:"+bhj.getSignatureRecord().toString(),
                                new PermFailException(
                                        "Computed bodyhash is different from the expected one"));
            } else {
                verifiedSignatures.add(bhj.getSignatureRecord());
            }
        }

View Full Code Here

Examples of org.apache.james.jdkim.exceptions.PermFailException

                    .next();
        } else {
            // TODO loops signatureExceptions to give a more complete
            // response, using nested exception or a compound exception.
            // System.out.println(signatureExceptions);
            return new PermFailException("found " + signatureExceptions.size()
                    + " invalid signatures");
        }
    }

View Full Code Here

Examples of org.apache.james.jdkim.exceptions.PermFailException

                    + "with" + sign.getHashKeyType().toString().toUpperCase());
            PublicKey publicKey;
            try {
                publicKey = key.getPublicKey();
            } catch (IllegalStateException e) {
                throw new PermFailException("Invalid Public Key: "+e.getMessage(), e);
            }
            signature.initVerify(publicKey);


            signatureCheck(h, sign, headers, signature);


            if (!signature.verify(decoded))
                throw new PermFailException("Header signature does not verify");
        } catch (InvalidKeyException e) {
            throw new PermFailException(e.getMessage(), e);
        } catch (NoSuchAlgorithmException e) {
            throw new PermFailException(e.getMessage(), e);
        } catch (SignatureException e) {
            throw new PermFailException(e.getMessage(), e);
        }
    }

View Full Code Here

0 1

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.