Having problems with message search?
Hi Jason;
Thanks for your email. I am a bit unclear between the content of b= and bh=. Suppose I have the following code fragment (I think it will give me the part contents of b=). In the following fragment, what whould be the best way to get the contents of bh.
Your help is appreciated very much.
Raj
Signature signature = Signature.getInstan ce(“SHA256withRSA” );]
// Returning canoncalized body
InputStream contentStream = message.getSimpleCa nonicalizedBody( );
/*
* 3. Signer Hashes the canonicalized message Header
*
*/
byte[] buffer = new byte[ 4096 ];
int read = contentStream. read( buffer );
int totalLen = 0;
while( read != -1 )
{
totalLen += read;
signature.update( buffer, 0, read);
read = contentStream. read( buffer );
}
* 3. Signer Hashes the canonicalized message Header
*
*/
byte[] buffer = new byte[ 4096 ];
int read = contentStream. read( buffer );
int totalLen = 0;
while( read != -1 )
{
totalLen += read;
signature.update( buffer, 0, read);
read = contentStream. read( buffer );
}
System.out.println( "Signed Body Length " + totalLen);
}
}
byte[] decoded = signature.sign( );
System.out.println( "Signer: The decoded Sign are: " + decoded.toString( ));
//Required Base64 Encoded String
BASE64Encoder encoder = new BASE64Encoder( );
encodedStr = encoder.encode( decoded );
encodedStr = encodedStr.replaceA ll( "[\\s]+", " " );
encodedStr = encodedStr.replaceA ll( "[\\s]+", "\r\n " );
Jason Long <jason@...> wrote:
BASE64Encoder encoder = new BASE64Encoder( );
encodedStr = encoder.encode( decoded );
encodedStr = encodedStr.replaceA ll( "[\\s]+", " " );
encodedStr = encodedStr.replaceA ll( "[\\s]+", "\r\n " );
Jason Long <jason@...> wrote:
I'll comment on a few things that jumped out to me...
You might also be interested in the dkim-dev list, which (theoretically) is
more oriented toward developing DKIM-aware programs.
Jason
>>>> "rajvkau" <rajvkau@yahoo.com > 4/3/08 9:50 AM >>>
>-------------------- --------- --------- --------- --------- --
>MY INTERPRETATION
>Take the message body:
>1. Canonicalized using the body canonicalization algorithm specified
>in the "c=" tag
>2. Take the complete body (default value of "l-" tag)
>3. Signer Hashes the canonicalized message body
>4. Hash value is converted to Base64 form and inserted into signers
>(???)
>-------------------- --------- --------- --------- --------- --
inserted into the signature, yep.
>
>-------------------- --------- --------- --------- --------- --
>MY INTERPRETATION
>Say by default we are signing the following header:
>canonicalization (Date: xxx) <CRLF>
>canonicalization (From: xxx) <CRLF>
>canonicalization (To:xxxx) <CRLF>
>canonicalization (Subject:xxxx) <CRLF>
>-------------------- --------- --------- --------- --------- --
right, in the order specified by the h= tag of the signature.
>-------------------- --------- --------- --------- --------- --
>MY INTERPRETATION
>Canoncalization (DKIM-Signature: v=1; a=rsa-sha256; d=infor.com;
>s=rajtest; c=simple/simple; i=@*.infor.com; t=; x=; q=dns/txt;
>h=Date:From:To:Subject; z=; bh=; b=)
>-------------------- --------- --------- --------- --------- --
Well, the bh= tag should have a value when you are canonicalizing the
signature header. Only the b= tag is made blank for the purpose of
canonicalization.
>-------------------- --------- --------- --------- --------- --
>I am not sure here specs are talking about DKIM-Signature field or
>Header fields in general.
>
>From Step 2: It looks like
>canonicalization (Date: xxx) <CRLF>
>canonicalization (From: xxx) <CRLF>
>canonicalization (To: xxx) <CRLF>
>canonicalization (Subject: xxx) <CRLF>
>canonicalization (DKIM-Signature: xxx)
>
>But the following phrase seems to be contradictory.
>
> **** rather than with the rest of the header fields *****
>
That phrase makes more sense when you remember that DKIM used to use a
single hash for the entire message. So back then, it would be: canonicalize
the header fields (except the DKIM-Signature header), followed by the
message body, then finally the DKIM-Signature header.
>******************** ********* ********* ********* ********* ********* *
>PSEUDO Algorithm
>
>What I am planning to do:
>
>1. Create a Signature Object [signature = Signature.getInstance
>("SHA256withRSA");]
>2. inputStreamBody = Canonicalized (body}
>3. signature.update (input StreamBody)
>4. inputStreamHeader = Canonicalized (date: xxx<CRLF>,from
>xxx<CRLF>,to xxx<CRLF>, subject: xxx<CRLF>, dkim-signature}
>5. signature.update (inputStreamHeader)
>6. byte[] decoded = signature.sign();
>7. Base64EncodedString = myBASE64Encoder(decoded);
>8. DKIM-Signature: v=1; a=rsa-sha256; d=infor.com; s=rajtest;
>c=simple/simple; i=@*.infor.com; t=; x=; q=dns/txt;
>h=Date:From:To:Subject; z=; bh=; b= Base64EncodedString )
>
>
>I am just wondering if my pseudo algorithm follows the specs or
>there could be a better implementation.
Before canonicalizing your dkim-signature, you need to compute the body
hash and insert its base64 value into the bh= tag of the signature.
You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.
Online Now 
Send Email
