Author: bago Date: Mon Oct 12 08:48:03 2009 New Revision: 824261 URL: http://svn.apache.org/viewvc?rev=824261&view=rev Log: Switch to PEM format for the privateKey (JDKIM-10) This adds a new runtime dependency on not-yet-commons-ssl.
Added: james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/DNSPublicKeyRetrieverTest.java (with props) james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/PerlDKIMTest.java (with props) Modified: james/jdkim/trunk/mailets/pom.xml james/jdkim/trunk/mailets/src/main/java/org/apache/james/jdkim/mailets/DKIMSign.java james/jdkim/trunk/mailets/src/test/java/org/apache/james/jdkim/mailets/DKIMSignTest.java james/jdkim/trunk/stage/pom.xml Modified: james/jdkim/trunk/mailets/pom.xml URL: http://svn.apache.org/viewvc/james/jdkim/trunk/mailets/pom.xml?rev=824261&r1=824260&r2=824261&view=diff ============================================================================== --- james/jdkim/trunk/mailets/pom.xml (original) +++ james/jdkim/trunk/mailets/pom.xml Mon Oct 12 08:48:03 2009 @@ -97,6 +97,12 @@ <version>1.1.1</version> </dependency> + <dependency> + <groupId>ca.juliusdavies</groupId> + <artifactId>not-yet-commons-ssl</artifactId> + <version>0.3.11</version> + </dependency> + </dependencies> Modified: james/jdkim/trunk/mailets/src/main/java/org/apache/james/jdkim/mailets/DKIMSign.java URL: http://svn.apache.org/viewvc/james/jdkim/trunk/mailets/src/main/java/org/apache/james/jdkim/mailets/DKIMSign.java?rev=824261&r1=824260&r2=824261&view=diff ============================================================================== --- james/jdkim/trunk/mailets/src/main/java/org/apache/james/jdkim/mailets/DKIMSign.java (original) +++ james/jdkim/trunk/mailets/src/main/java/org/apache/james/jdkim/mailets/DKIMSign.java Mon Oct 12 08:48:03 2009 @@ -19,7 +19,9 @@ package org.apache.james.jdkim.mailets; +import java.io.ByteArrayInputStream; import java.io.IOException; +import java.security.GeneralSecurityException; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.spec.InvalidKeySpecException; @@ -34,6 +36,7 @@ import javax.mail.MessagingException; import javax.mail.internet.MimeMessage; +import org.apache.commons.ssl.PKCS8Key; import org.apache.james.jdkim.DKIMSigner; import org.apache.james.jdkim.api.BodyHasher; import org.apache.james.jdkim.api.Headers; @@ -44,13 +47,31 @@ /** * This mailet sign a message using the DKIM protocol + * If the privateKey is encoded using a password then you can pass + * the password as privateKeyPassword parameter. * * Sample configuration: * * <pre><code> * <mailet match="All" class="DKIMSign"> * <signatureTemplate>v=1; s=selector; d=example.com; h=from:to:received:received; a=rsa-sha256; bh=; b=;</signatureTemplate> - * <privateKey>MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANgNpgpfPBVjCpZsuGa4nrppMA3zCYNH6t8cTwd+eRI5rHSgihMznOq5mtMujfTzvRgx9jPHB8HqP83PdB3CtQP+3RgxgmJQrJYmcIp9lcckEn7J9Eevuhb5RbdxWj0IbZsF8jGwifBh7XvmD1SPKe0mla56p0QijVzZuG/0ynrpAgMBAAECgYEAjxdzCdmLRKrk3z3AX6AU2GdEQWjeuwkNoJjyKod0DkMOWevdptv/KGKnDQj/UeWALp8gbah7Fc5cVaX5RKCpG3WRO32NeFUUTGDyY2SjZR6UDAW2yXwJGNVxhA5x514f9Yz+ZeODbBSqpl6cGaUqUPq81vvSMUl5VoMn/ufuPwECQQD02QfYPhmCP8g4BVhxxlgfvj5WA7R7tWRSNCT3C0naPpwaono9+PSuhUgxRbOgFvxh8StHyXomdVBt/LzeAl6JAkEA4eTejDsmMCfxe47JnHbgpxNphYpSQBB9FZgMUU5hAXgpX3EtIS3JxjSSOx3EYoO51ZywBOWUXNcMJAXoNM0hYQJAQDnZ4/BOMqtWctN8IsQbg6Acq+Vm53hqa2HAPIlagwQfYKE0HaN7U3gkusAE4T6GT466gqcoAoSNZ3x/cmD+uQJAePyZCaiAephaKSA/8VJmXnXyNXjxNqjeJduq9T0yjZPrLNg0IKoigMsVax41WcJNnRBv4h+IR/VR5lVXmjgn4QJANq02dLdX2phQqOP+Ss1EP9TT7t6HxLbKUuoPdGVKf0q1gZEyAC1Re2I4SLMEfpt3+ivMj1X2zDzIHP5mogfblA==</privateKey> + * <privateKey> + * -----BEGIN RSA PRIVATE KEY----- + * MIICXAIBAAKBgQDYDaYKXzwVYwqWbLhmuJ66aTAN8wmDR+rfHE8HfnkSOax0oIoT + * M5zquZrTLo30870YMfYzxwfB6j/Nz3QdwrUD/t0YMYJiUKyWJnCKfZXHJBJ+yfRH + * r7oW+UW3cVo9CG2bBfIxsInwYe175g9UjyntJpWueqdEIo1c2bhv9Mp66QIDAQAB + * AoGBAI8XcwnZi0Sq5N89wF+gFNhnREFo3rsJDaCY8iqHdA5DDlnr3abb/yhipw0I + * /1HlgC6fIG2oexXOXFWl+USgqRt1kTt9jXhVFExg8mNko2UelAwFtsl8CRjVcYQO + * cedeH/WM/mXjg2wUqqZenBmlKlD6vNb70jFJeVaDJ/7n7j8BAkEA9NkH2D4Zgj/I + * OAVYccZYH74+VgO0e7VkUjQk9wtJ2j6cGqJ6Pfj0roVIMUWzoBb8YfErR8l6JnVQ + * bfy83gJeiQJBAOHk3ow7JjAn8XuOyZx24KcTaYWKUkAQfRWYDFFOYQF4KV9xLSEt + * ycY0kjsdxGKDudWcsATllFzXDCQF6DTNIWECQEA52ePwTjKrVnLTfCLEG4OgHKvl + * Zud4amthwDyJWoMEH2ChNB2je1N4JLrABOE+hk+OuoKnKAKEjWd8f3Jg/rkCQHj8 + * mQmogHqYWikgP/FSZl518jV48Tao3iXbqvU9Mo2T6yzYNCCqIoDLFWseNVnCTZ0Q + * b+IfiEf1UeZVV5o4J+ECQDatNnS3V9qYUKjj/krNRD/U0+7eh8S2ylLqD3RlSn9K + * tYGRMgAtUXtiOEizBH6bd/orzI9V9sw8yBz+ZqIH25Q= + * -----END RSA PRIVATE KEY----- + * </privateKey> * </mailet> * </code></pre> * @@ -105,8 +126,14 @@ public void init() throws MessagingException { signatureTemplate = getInitParameter("signatureTemplate"); String privateKeyString = getInitParameter("privateKey"); + String privateKeyPassword = getInitParameter("privateKeyPassword", null); try { - privateKey = DKIMSigner.getPrivateKey(privateKeyString); + PKCS8Key pkcs8 = new PKCS8Key(new ByteArrayInputStream( + privateKeyString.getBytes()), + privateKeyPassword != null ? privateKeyPassword + .toCharArray() : null); + privateKey = pkcs8.getPrivateKey(); + // privateKey = DKIMSigner.getPrivateKey(privateKeyString); } catch (NoSuchAlgorithmException e) { throw new MessagingException("Unknown private key algorythm: " + e.getMessage(), e); @@ -114,6 +141,9 @@ throw new MessagingException( "PrivateKey should be in base64 encoded PKCS8 (der) format: " + e.getMessage(), e); + } catch (GeneralSecurityException e) { + throw new MessagingException("General security exception: " + + e.getMessage(), e); } } Modified: james/jdkim/trunk/mailets/src/test/java/org/apache/james/jdkim/mailets/DKIMSignTest.java URL: http://svn.apache.org/viewvc/james/jdkim/trunk/mailets/src/test/java/org/apache/james/jdkim/mailets/DKIMSignTest.java?rev=824261&r1=824260&r2=824261&view=diff ============================================================================== --- james/jdkim/trunk/mailets/src/test/java/org/apache/james/jdkim/mailets/DKIMSignTest.java (original) +++ james/jdkim/trunk/mailets/src/test/java/org/apache/james/jdkim/mailets/DKIMSignTest.java Mon Oct 12 08:48:03 2009 @@ -45,6 +45,23 @@ public class DKIMSignTest extends TestCase { + private static final String TESTING_PEM = "-----BEGIN RSA PRIVATE KEY-----\r\n"+ + "MIICXAIBAAKBgQDYDaYKXzwVYwqWbLhmuJ66aTAN8wmDR+rfHE8HfnkSOax0oIoT\r\n"+ + "M5zquZrTLo30870YMfYzxwfB6j/Nz3QdwrUD/t0YMYJiUKyWJnCKfZXHJBJ+yfRH\r\n"+ + "r7oW+UW3cVo9CG2bBfIxsInwYe175g9UjyntJpWueqdEIo1c2bhv9Mp66QIDAQAB\r\n"+ + "AoGBAI8XcwnZi0Sq5N89wF+gFNhnREFo3rsJDaCY8iqHdA5DDlnr3abb/yhipw0I\r\n"+ + "/1HlgC6fIG2oexXOXFWl+USgqRt1kTt9jXhVFExg8mNko2UelAwFtsl8CRjVcYQO\r\n"+ + "cedeH/WM/mXjg2wUqqZenBmlKlD6vNb70jFJeVaDJ/7n7j8BAkEA9NkH2D4Zgj/I\r\n"+ + "OAVYccZYH74+VgO0e7VkUjQk9wtJ2j6cGqJ6Pfj0roVIMUWzoBb8YfErR8l6JnVQ\r\n"+ + "bfy83gJeiQJBAOHk3ow7JjAn8XuOyZx24KcTaYWKUkAQfRWYDFFOYQF4KV9xLSEt\r\n"+ + "ycY0kjsdxGKDudWcsATllFzXDCQF6DTNIWECQEA52ePwTjKrVnLTfCLEG4OgHKvl\r\n"+ + "Zud4amthwDyJWoMEH2ChNB2je1N4JLrABOE+hk+OuoKnKAKEjWd8f3Jg/rkCQHj8\r\n"+ + "mQmogHqYWikgP/FSZl518jV48Tao3iXbqvU9Mo2T6yzYNCCqIoDLFWseNVnCTZ0Q\r\n"+ + "b+IfiEf1UeZVV5o4J+ECQDatNnS3V9qYUKjj/krNRD/U0+7eh8S2ylLqD3RlSn9K\r\n"+ + "tYGRMgAtUXtiOEizBH6bd/orzI9V9sw8yBz+ZqIH25Q=\r\n"+ + "-----END RSA PRIVATE KEY-----\r\n"; + // "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANgNpgpfPBVjCpZsuGa4nrppMA3zCYNH6t8cTwd+eRI5rHSgihMznOq5mtMujfTzvRgx9jPHB8HqP83PdB3CtQP+3RgxgmJQrJYmcIp9lcckEn7J9Eevuhb5RbdxWj0IbZsF8jGwifBh7XvmD1SPKe0mla56p0QijVzZuG/0ynrpAgMBAAECgYEAjxdzCdmLRKrk3z3AX6AU2GdEQWjeuwkNoJjyKod0DkMOWevdptv/KGKnDQj/UeWALp8gbah7Fc5cVaX5RKCpG3WRO32NeFUUTGDyY2SjZR6UDAW2yXwJGNVxhA5x514f9Yz+ZeODbBSqpl6cGaUqUPq81vvSMUl5VoMn/ufuPwECQQD02QfYPhmCP8g4BVhxxlgfvj5WA7R7tWRSNCT3C0naPpwaono9+PSuhUgxRbOgFvxh8StHyXomdVBt/LzeAl6JAkEA4eTejDsmMCfxe47JnHbgpxNphYpSQBB9FZgMUU5hAXgpX3EtIS3JxjSSOx3EYoO51ZywBOWUXNcMJAXoNM0hYQJAQDnZ4/BOMqtWctN8IsQbg6Acq+Vm53hqa2HAPIlagwQfYKE0HaN7U3gkusAE4T6GT466gqcoAoSNZ3x/cmD+uQJAePyZCaiAephaKSA/8VJmXnXyNXjxNqjeJduq9T0yjZPrLNg0IKoigMsVax41WcJNnRBv4h+IR/VR5lVXmjgn4QJANq02dLdX2phQqOP+Ss1EP9TT7t6HxLbKUuoPdGVKf0q1gZEyAC1Re2I4SLMEfpt3+ivMj1X2zDzIHP5mogfblA=="); + public void testDKIMSign() throws MessagingException, IOException, FailException { String message = "Received: by 10.XX.XX.12 with SMTP id dfgskldjfhgkljsdfhgkljdhfg;\r\n\tTue, 06 Oct 2009 07:37:34 -0700 (PDT)\r\nReturn-Path: <bou...@example.com>\r\nReceived: from example.co.uk (example.co.uk [XX.XXX.125.19])\r\n\tby mx.example.com with ESMTP id dgdfgsdfgsd.97.2009.10.06.07.37.32;\r\n\tTue, 06 Oct 2009 07:37:32 -0700 (PDT)\r\nFrom: apa...@bago.org\r\nto: apa...@bago.org\r\n\r\nbody\r\n"; @@ -60,7 +77,7 @@ mci .setProperty( "privateKey", - "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANgNpgpfPBVjCpZsuGa4nrppMA3zCYNH6t8cTwd+eRI5rHSgihMznOq5mtMujfTzvRgx9jPHB8HqP83PdB3CtQP+3RgxgmJQrJYmcIp9lcckEn7J9Eevuhb5RbdxWj0IbZsF8jGwifBh7XvmD1SPKe0mla56p0QijVzZuG/0ynrpAgMBAAECgYEAjxdzCdmLRKrk3z3AX6AU2GdEQWjeuwkNoJjyKod0DkMOWevdptv/KGKnDQj/UeWALp8gbah7Fc5cVaX5RKCpG3WRO32NeFUUTGDyY2SjZR6UDAW2yXwJGNVxhA5x514f9Yz+ZeODbBSqpl6cGaUqUPq81vvSMUl5VoMn/ufuPwECQQD02QfYPhmCP8g4BVhxxlgfvj5WA7R7tWRSNCT3C0naPpwaono9+PSuhUgxRbOgFvxh8StHyXomdVBt/LzeAl6JAkEA4eTejDsmMCfxe47JnHbgpxNphYpSQBB9FZgMUU5hAXgpX3EtIS3JxjSSOx3EYoO51ZywBOWUXNcMJAXoNM0hYQJAQDnZ4/BOMqtWctN8IsQbg6Acq+Vm53hqa2HAPIlagwQfYKE0HaN7U3gkusAE4T6GT466gqcoAoSNZ3x/cmD+uQJAePyZCaiAephaKSA/8VJmXnXyNXjxNqjeJduq9T0yjZPrLNg0IKoigMsVax41WcJNnRBv4h+IR/VR5lVXmjgn4QJANq02dLdX2phQqOP+Ss1EP9TT7t6HxLbKUuoPdGVKf0q1gZEyAC1Re2I4SLMEfpt3+ivMj1X2zDzIHP5mogfblA=="); + TESTING_PEM); mailet.init(mci); @@ -105,7 +122,7 @@ mci .setProperty( "privateKey", - "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANgNpgpfPBVjCpZsuGa4nrppMA3zCYNH6t8cTwd+eRI5rHSgihMznOq5mtMujfTzvRgx9jPHB8HqP83PdB3CtQP+3RgxgmJQrJYmcIp9lcckEn7J9Eevuhb5RbdxWj0IbZsF8jGwifBh7XvmD1SPKe0mla56p0QijVzZuG/0ynrpAgMBAAECgYEAjxdzCdmLRKrk3z3AX6AU2GdEQWjeuwkNoJjyKod0DkMOWevdptv/KGKnDQj/UeWALp8gbah7Fc5cVaX5RKCpG3WRO32NeFUUTGDyY2SjZR6UDAW2yXwJGNVxhA5x514f9Yz+ZeODbBSqpl6cGaUqUPq81vvSMUl5VoMn/ufuPwECQQD02QfYPhmCP8g4BVhxxlgfvj5WA7R7tWRSNCT3C0naPpwaono9+PSuhUgxRbOgFvxh8StHyXomdVBt/LzeAl6JAkEA4eTejDsmMCfxe47JnHbgpxNphYpSQBB9FZgMUU5hAXgpX3EtIS3JxjSSOx3EYoO51ZywBOWUXNcMJAXoNM0hYQJAQDnZ4/BOMqtWctN8IsQbg6Acq+Vm53hqa2HAPIlagwQfYKE0HaN7U3gkusAE4T6GT466gqcoAoSNZ3x/cmD+uQJAePyZCaiAephaKSA/8VJmXnXyNXjxNqjeJduq9T0yjZPrLNg0IKoigMsVax41WcJNnRBv4h+IR/VR5lVXmjgn4QJANq02dLdX2phQqOP+Ss1EP9TT7t6HxLbKUuoPdGVKf0q1gZEyAC1Re2I4SLMEfpt3+ivMj1X2zDzIHP5mogfblA=="); + TESTING_PEM); mailet.init(mci); @@ -151,7 +168,7 @@ mci .setProperty( "privateKey", - "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANgNpgpfPBVjCpZsuGa4nrppMA3zCYNH6t8cTwd+eRI5rHSgihMznOq5mtMujfTzvRgx9jPHB8HqP83PdB3CtQP+3RgxgmJQrJYmcIp9lcckEn7J9Eevuhb5RbdxWj0IbZsF8jGwifBh7XvmD1SPKe0mla56p0QijVzZuG/0ynrpAgMBAAECgYEAjxdzCdmLRKrk3z3AX6AU2GdEQWjeuwkNoJjyKod0DkMOWevdptv/KGKnDQj/UeWALp8gbah7Fc5cVaX5RKCpG3WRO32NeFUUTGDyY2SjZR6UDAW2yXwJGNVxhA5x514f9Yz+ZeODbBSqpl6cGaUqUPq81vvSMUl5VoMn/ufuPwECQQD02QfYPhmCP8g4BVhxxlgfvj5WA7R7tWRSNCT3C0naPpwaono9+PSuhUgxRbOgFvxh8StHyXomdVBt/LzeAl6JAkEA4eTejDsmMCfxe47JnHbgpxNphYpSQBB9FZgMUU5hAXgpX3EtIS3JxjSSOx3EYoO51ZywBOWUXNcMJAXoNM0hYQJAQDnZ4/BOMqtWctN8IsQbg6Acq+Vm53hqa2HAPIlagwQfYKE0HaN7U3gkusAE4T6GT466gqcoAoSNZ3x/cmD+uQJAePyZCaiAephaKSA/8VJmXnXyNXjxNqjeJduq9T0yjZPrLNg0IKoigMsVax41WcJNnRBv4h+IR/VR5lVXmjgn4QJANq02dLdX2phQqOP+Ss1EP9TT7t6HxLbKUuoPdGVKf0q1gZEyAC1Re2I4SLMEfpt3+ivMj1X2zDzIHP5mogfblA=="); + TESTING_PEM); Mail mail = new FakeMail(); mail.setMessage(mm); @@ -199,7 +216,7 @@ mci .setProperty( "privateKey", - "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANgNpgpfPBVjCpZsuGa4nrppMA3zCYNH6t8cTwd+eRI5rHSgihMznOq5mtMujfTzvRgx9jPHB8HqP83PdB3CtQP+3RgxgmJQrJYmcIp9lcckEn7J9Eevuhb5RbdxWj0IbZsF8jGwifBh7XvmD1SPKe0mla56p0QijVzZuG/0ynrpAgMBAAECgYEAjxdzCdmLRKrk3z3AX6AU2GdEQWjeuwkNoJjyKod0DkMOWevdptv/KGKnDQj/UeWALp8gbah7Fc5cVaX5RKCpG3WRO32NeFUUTGDyY2SjZR6UDAW2yXwJGNVxhA5x514f9Yz+ZeODbBSqpl6cGaUqUPq81vvSMUl5VoMn/ufuPwECQQD02QfYPhmCP8g4BVhxxlgfvj5WA7R7tWRSNCT3C0naPpwaono9+PSuhUgxRbOgFvxh8StHyXomdVBt/LzeAl6JAkEA4eTejDsmMCfxe47JnHbgpxNphYpSQBB9FZgMUU5hAXgpX3EtIS3JxjSSOx3EYoO51ZywBOWUXNcMJAXoNM0hYQJAQDnZ4/BOMqtWctN8IsQbg6Acq+Vm53hqa2HAPIlagwQfYKE0HaN7U3gkusAE4T6GT466gqcoAoSNZ3x/cmD+uQJAePyZCaiAephaKSA/8VJmXnXyNXjxNqjeJduq9T0yjZPrLNg0IKoigMsVax41WcJNnRBv4h+IR/VR5lVXmjgn4QJANq02dLdX2phQqOP+Ss1EP9TT7t6HxLbKUuoPdGVKf0q1gZEyAC1Re2I4SLMEfpt3+ivMj1X2zDzIHP5mogfblA=="); + TESTING_PEM); Mail mail = new FakeMail(); mail.setMessage(mm); Added: james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/DNSPublicKeyRetrieverTest.java URL: http://svn.apache.org/viewvc/james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/DNSPublicKeyRetrieverTest.java?rev=824261&view=auto ============================================================================== --- james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/DNSPublicKeyRetrieverTest.java (added) +++ james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/DNSPublicKeyRetrieverTest.java Mon Oct 12 08:48:03 2009 @@ -0,0 +1,173 @@ +/**************************************************************** + * Licensed to the Apache Software Foundation (ASF) under one * + * or more contributor license agreements. See the NOTICE file * + * distributed with this work for additional information * + * regarding copyright ownership. The ASF licenses this file * + * to you under the Apache License, Version 2.0 (the * + * "License"); you may not use this file except in compliance * + * with the License. You may obtain a copy of the License at * + * * + * http://www.apache.org/licenses/LICENSE-2.0 * + * * + * Unless required by applicable law or agreed to in writing, * + * software distributed under the License is distributed on an * + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * + * KIND, either express or implied. See the License for the * + * specific language governing permissions and limitations * + * under the License. * + ****************************************************************/ + +package org.apache.james.jdkim; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.interfaces.RSAKey; +import java.security.spec.InvalidKeySpecException; +import java.util.List; +import java.util.Properties; + +import javax.mail.Address; +import javax.mail.MessagingException; +import javax.mail.Session; +import javax.mail.Transport; +import javax.mail.internet.InternetAddress; +import javax.mail.internet.MimeMessage; + +import junit.framework.TestCase; + +import org.apache.james.jdkim.api.PublicKeyRecord; +import org.apache.james.jdkim.api.PublicKeyRecordRetriever; +import org.apache.james.jdkim.exceptions.FailException; +import org.apache.james.jdkim.exceptions.PermFailException; +import org.apache.james.jdkim.exceptions.TempFailException; +import org.apache.james.jdkim.impl.DNSPublicKeyRecordRetriever; +import org.apache.james.jdkim.tagvalue.SignatureRecordImpl; +import org.apache.james.jdkim.tagvalue.TagValue; +import org.apache.mailet.HostAddress; + +import com.sun.mail.smtp.SMTPTransport; + +public class DNSPublicKeyRetrieverTest extends TestCase { + + public void testWrongOption() throws TempFailException { + try { + new DNSPublicKeyRecordRetriever().getRecords("somethingelse", + "test", "test"); + fail("expected unsupported operation"); + } catch (PermFailException e) { + e.printStackTrace(); + } + } + + public void testConstructor() { + new DNSPublicKeyRecordRetriever(); + } + + /** + * TODO: Requires internet connection + * + * @throws PermFailException + */ + public void testRetrieve() throws TempFailException, PermFailException { + PublicKeyRecordRetriever pkr = new DNSPublicKeyRecordRetriever(); + System.out.println(pkr.getRecords("dns/txt", "beta", "gmail.com")); + System.out + .println(pkr.getRecords("dns/txt", "lima", "yahoogroups.com")); + + new TagValue((String) pkr.getRecords("dns/txt", "lima", + "yahoogroups.com").get(0)); + } + + public void testKeyPair() throws PermFailException, TempFailException, + NoSuchAlgorithmException, InvalidKeySpecException { + PublicKeyRecord key = new DKIMVerifier() + .publicKeySelector(new MockPublicKeyRecordRetriever( + "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYDaYKXzwVYwqWbLhmuJ66aTAN8wmDR+rfHE8HfnkSOax0oIoTM5zquZrTLo30870YMfYzxwfB6j/Nz3QdwrUD/t0YMYJiUKyWJnCKfZXHJBJ+yfRHr7oW+UW3cVo9CG2bBfIxsInwYe175g9UjyntJpWueqdEIo1c2bhv9Mp66QIDAQAB;", + "dummy", "dummy").getRecords("dns/txt", "dummy", + "dummy")); + + // String privateKey = + // "MIICXAIBAAKBgQDYDaYKXzwVYwqWbLhmuJ66aTAN8wmDR+rfHE8HfnkSOax0oIoTM5zquZrTLo30870YMfYzxwfB6j/Nz3QdwrUD/t0YMYJiUKyWJnCKfZXHJBJ+yfRHr7oW+UW3cVo9CG2bBfIxsInwYe175g9UjyntJpWueqdEIo1c2bhv9Mp66QIDAQABAoGBAI8XcwnZi0Sq5N89wF+gFNhnREFo3rsJDaCY8iqHdA5DDlnr3abb/yhipw0I/1HlgC6fIG2oexXOXFWl+USgqRt1kTt9jXhVFExg8mNko2UelAwFtsl8CRjVcYQOcedeH/WM/mXjg2wUqqZenBmlKlD6vNb70jFJeVaDJ/7n7j8BAkEA9NkH2D4Zgj/IOAVYccZYH74+VgO0e7VkUjQk9wtJ2j6cGqJ6Pfj0roVIMUWzoBb8YfErR8l6JnVQbfy83gJeiQJBAOHk3ow7JjAn8XuOyZx24KcTaYWKUkAQfRWYDFFOYQF4KV9xLSEtycY0kjsdxGKDudWcsATllFzXDCQF6DTNIWECQEA52ePwTjKrVnLTfCLEG4OgHKvlZud4amthwDyJWoMEH2ChNB2je1N4JLrABOE+hk+OuoKnKAKEjWd8f3Jg/rkCQHj8mQmogHqYWikgP/FSZl518jV48Tao3iXbqvU9Mo2T6yzYNCCqIoDLFWseNVnCTZ0Qb+IfiEf1UeZVV5o4J+ECQDatNnS3V9qYUKjj/krNRD/U0+7eh8S2ylLqD3RlSn9KtYGRMgAtUXtiOEizBH6bd/orzI9V9sw8yBz+ZqIH25Q="; + String privateKeyPKCS8 = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANgNpgpfPBVjCpZsuGa4nrppMA3zCYNH6t8cTwd+eRI5rHSgihMznOq5mtMujfTzvRgx9jPHB8HqP83PdB3CtQP+3RgxgmJQrJYmcIp9lcckEn7J9Eevuhb5RbdxWj0IbZsF8jGwifBh7XvmD1SPKe0mla56p0QijVzZuG/0ynrpAgMBAAECgYEAjxdzCdmLRKrk3z3AX6AU2GdEQWjeuwkNoJjyKod0DkMOWevdptv/KGKnDQj/UeWALp8gbah7Fc5cVaX5RKCpG3WRO32NeFUUTGDyY2SjZR6UDAW2yXwJGNVxhA5x514f9Yz+ZeODbBSqpl6cGaUqUPq81vvSMUl5VoMn/ufuPwECQQD02QfYPhmCP8g4BVhxxlgfvj5WA7R7tWRSNCT3C0naPpwaono9+PSuhUgxRbOgFvxh8StHyXomdVBt/LzeAl6JAkEA4eTejDsmMCfxe47JnHbgpxNphYpSQBB9FZgMUU5hAXgpX3EtIS3JxjSSOx3EYoO51ZywBOWUXNcMJAXoNM0hYQJAQDnZ4/BOMqtWctN8IsQbg6Acq+Vm53hqa2HAPIlagwQfYKE0HaN7U3gkusAE4T6GT466gqcoAoSNZ3x/cmD+uQJAePyZCaiAephaKSA/8VJmXnXyNXjxNqjeJduq9T0yjZPrLNg0IKoigMsVax41WcJNnRBv4h+IR/VR5lVXmjgn4QJANq02dLdX2phQqOP+Ss1EP9TT7t6HxLbKUuoPdGVKf0q1gZEyAC1Re2I4SLMEfpt3+ivMj1X2zDzIHP5mogfblA=="; + + PrivateKey privKey = DKIMSigner.getPrivateKey(privateKeyPKCS8); + + // controllo che il modulus della chiave privata corrisponda al record + // pubblico + assertEquals(((RSAKey) privKey).getModulus(), ((RSAKey) key + .getPublicKey()).getModulus()); + } + + public void testSignVerify() throws NoSuchAlgorithmException, + InvalidKeySpecException, IOException, FailException { + MockPublicKeyRecordRetriever mockPublicKeyRecordRetriever = new MockPublicKeyRecordRetriever( + "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYDaYKXzwVYwqWbLhmuJ66aTAN8wmDR+rfHE8HfnkSOax0oIoTM5zquZrTLo30870YMfYzxwfB6j/Nz3QdwrUD/t0YMYJiUKyWJnCKfZXHJBJ+yfRHr7oW+UW3cVo9CG2bBfIxsInwYe175g9UjyntJpWueqdEIo1c2bhv9Mp66QIDAQAB;", + "selector", "example.com"); + PublicKeyRecord key = new DKIMVerifier() + .publicKeySelector(mockPublicKeyRecordRetriever.getRecords( + "dns/txt", "selector", "example.com")); + String privateKeyPKCS8 = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANgNpgpfPBVjCpZsuGa4nrppMA3zCYNH6t8cTwd+eRI5rHSgihMznOq5mtMujfTzvRgx9jPHB8HqP83PdB3CtQP+3RgxgmJQrJYmcIp9lcckEn7J9Eevuhb5RbdxWj0IbZsF8jGwifBh7XvmD1SPKe0mla56p0QijVzZuG/0ynrpAgMBAAECgYEAjxdzCdmLRKrk3z3AX6AU2GdEQWjeuwkNoJjyKod0DkMOWevdptv/KGKnDQj/UeWALp8gbah7Fc5cVaX5RKCpG3WRO32NeFUUTGDyY2SjZR6UDAW2yXwJGNVxhA5x514f9Yz+ZeODbBSqpl6cGaUqUPq81vvSMUl5VoMn/ufuPwECQQD02QfYPhmCP8g4BVhxxlgfvj5WA7R7tWRSNCT3C0naPpwaono9+PSuhUgxRbOgFvxh8StHyXomdVBt/LzeAl6JAkEA4eTejDsmMCfxe47JnHbgpxNphYpSQBB9FZgMUU5hAXgpX3EtIS3JxjSSOx3EYoO51ZywBOWUXNcMJAXoNM0hYQJAQDnZ4/BOMqtWctN8IsQbg6Acq+Vm53hqa2HAPIlagwQfYKE0HaN7U3gkusAE4T6GT466gqcoAoSNZ3x/cmD+uQJAePyZCaiAephaKSA/8VJmXnXyNXjxNqjeJduq9T0yjZPrLNg0IKoigMsVax41WcJNnRBv4h+IR/VR5lVXmjgn4QJANq02dLdX2phQqOP+Ss1EP9TT7t6HxLbKUuoPdGVKf0q1gZEyAC1Re2I4SLMEfpt3+ivMj1X2zDzIHP5mogfblA=="; + PrivateKey privKey = DKIMSigner.getPrivateKey(privateKeyPKCS8); + + // Check that the private key modulus equals the public key modulus + assertEquals(((RSAKey) privKey).getModulus(), ((RSAKey) key + .getPublicKey()).getModulus()); + + DKIMSigner signer = new DKIMSigner( + "v=1; s=selector; d=example.com; h=from:to; a=rsa-sha256; bh=; b=;", + privKey); + String message = "From: i...@bago.org\r\nto: i...@bago.org\r\n\r\nbody\r\n"; + String res = signer.sign(new ByteArrayInputStream(message.getBytes())); + System.out.println(res); + String signedMessage = res + "\r\n" + + "From: i...@bago.org\r\nto: i...@bago.org\r\n\r\nbody\r\n"; + + new DKIMVerifier(mockPublicKeyRecordRetriever) + .verify(new ByteArrayInputStream(signedMessage.getBytes())); + + } + + /* + * public void testDONOTCOMMITME() throws NoSuchAlgorithmException, + * InvalidKeySpecException, IOException, FailException, MessagingException { + * List records = new DNSPublicKeyRecordRetriever().getRecords("dns/txt", + * "selector1", "emailsimulator.com"); PublicKeyRecord key = new + * DKIMVerifier().publicKeySelector(records); + * System.out.println(key.toString()); key.validate(); String + * privateKeyPKCS8 = + * "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANgNpgpfPBVjCpZsuGa4nrppMA3zCYNH6t8cTwd+eRI5rHSgihMznOq5mtMujfTzvRgx9jPHB8HqP83PdB3CtQP+3RgxgmJQrJYmcIp9lcckEn7J9Eevuhb5RbdxWj0IbZsF8jGwifBh7XvmD1SPKe0mla56p0QijVzZuG/0ynrpAgMBAAECgYEAjxdzCdmLRKrk3z3AX6AU2GdEQWjeuwkNoJjyKod0DkMOWevdptv/KGKnDQj/UeWALp8gbah7Fc5cVaX5RKCpG3WRO32NeFUUTGDyY2SjZR6UDAW2yXwJGNVxhA5x514f9Yz+ZeODbBSqpl6cGaUqUPq81vvSMUl5VoMn/ufuPwECQQD02QfYPhmCP8g4BVhxxlgfvj5WA7R7tWRSNCT3C0naPpwaono9+PSuhUgxRbOgFvxh8StHyXomdVBt/LzeAl6JAkEA4eTejDsmMCfxe47JnHbgpxNphYpSQBB9FZgMUU5hAXgpX3EtIS3JxjSSOx3EYoO51ZywBOWUXNcMJAXoNM0hYQJAQDnZ4/BOMqtWctN8IsQbg6Acq+Vm53hqa2HAPIlagwQfYKE0HaN7U3gkusAE4T6GT466gqcoAoSNZ3x/cmD+uQJAePyZCaiAephaKSA/8VJmXnXyNXjxNqjeJduq9T0yjZPrLNg0IKoigMsVax41WcJNnRBv4h+IR/VR5lVXmjgn4QJANq02dLdX2phQqOP+Ss1EP9TT7t6HxLbKUuoPdGVKf0q1gZEyAC1Re2I4SLMEfpt3+ivMj1X2zDzIHP5mogfblA=="; + * PrivateKey privKey = DKIMSigner.getPrivateKey(privateKeyPKCS8); + * // Check that the private key modulus equals the public key modulus + * assertEquals(((RSAKey) privKey).getModulus(), ((RSAKey) + * key.getPublicKey()).getModulus()); + * // NOTE: this works both with "b=;" and "b=" but not with WSP/FWS after + * the b=". DKIMSigner signer = new DKIMSigner("v=1; c=simple/simple; + * s=selector1; d=emailsimulator.com; h=from:to:message-id:date; a=rsa-sha1; + * bh=; b=;", privKey); String message ="Date: Thu, 1 Oct 2009 17:15:28 + * +0200 (CEST)\r\nFrom: <i...@bago.org>\r\nMessage-Id: + * <test4325223...@localhost>\r\nSubject: prova11 bago.org\r\nTo: + * <vid...@gmail.com>\r\n\r\nbody text\r\n"; String res = signer.sign(new + * ByteArrayInputStream(message.getBytes())); System.out.println(res); + * String signedMessage =res+"\r\n"+message; + * + * new DKIMVerifier().verify(new + * ByteArrayInputStream(signedMessage.getBytes())); + * + * System.out.println("-------------------------"); Properties props = new + * Properties(); props.put("mail.smtp.from", "i...@bago.org"); Session session = + * Session.getDefaultInstance(props); MimeMessage m = new + * MimeMessage(session, new ByteArrayInputStream(signedMessage.getBytes())); + * m.writeTo(System.out); + * + * HostAddress ha = new HostAddress("vm3.void.it", "smtp://94.23.67.198"); + * Transport transport = session.getTransport(ha); + * transport.connect("vm3.void.it", 6025, "bago", "bv678nt"); Address[] + * recipients = new Address[] { new InternetAddress("vid...@gmail.com"), new + * InternetAddress("b...@ngi.it") }; transport.sendMessage(m, recipients); + * transport.close(); + * } + */ + +} Propchange: james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/DNSPublicKeyRetrieverTest.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/DNSPublicKeyRetrieverTest.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Added: james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/PerlDKIMTest.java URL: http://svn.apache.org/viewvc/james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/PerlDKIMTest.java?rev=824261&view=auto ============================================================================== --- james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/PerlDKIMTest.java (added) +++ james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/PerlDKIMTest.java Mon Oct 12 08:48:03 2009 @@ -0,0 +1,159 @@ +/**************************************************************** + * Licensed to the Apache Software Foundation (ASF) under one * + * or more contributor license agreements. See the NOTICE file * + * distributed with this work for additional information * + * regarding copyright ownership. The ASF licenses this file * + * to you under the Apache License, Version 2.0 (the * + * "License"); you may not use this file except in compliance * + * with the License. You may obtain a copy of the License at * + * * + * http://www.apache.org/licenses/LICENSE-2.0 * + * * + * Unless required by applicable law or agreed to in writing, * + * software distributed under the License is distributed on an * + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * + * KIND, either express or implied. See the License for the * + * specific language governing permissions and limitations * + * under the License. * + ****************************************************************/ + +package org.apache.james.jdkim; + +import java.io.BufferedReader; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; + +import org.apache.james.jdkim.exceptions.FailException; +import org.apache.james.mime4j.parser.MimeTokenStream; + +/** + * Creates a TestSuite running the test for each .msg file in the test resouce + * folder. Allow running of a single test from Unit testing GUIs + */ +public class PerlDKIMTest extends TestCase { + + private File file; + private MockPublicKeyRecordRetriever pkr; + + public PerlDKIMTest(String testName) throws IOException { + this(testName, PerlDKIMTestSuite.getFile(testName), + getPublicRecordRetriever()); + } + + public PerlDKIMTest(String name, File testFile, + MockPublicKeyRecordRetriever pkr) { + super(name); + this.file = testFile; + this.pkr = pkr; + } + + public static MockPublicKeyRecordRetriever getPublicRecordRetriever() + throws IOException { + MockPublicKeyRecordRetriever pkr = new MockPublicKeyRecordRetriever(); + BufferedReader fakeDNSlist = new BufferedReader( + new InputStreamReader( + new FileInputStream( + "main\\src\\test\\resources\\org\\apache\\james\\jdkim\\Mail-DKIM\\FAKE_DNS.dat"))); + String line; + while ((line = fakeDNSlist.readLine()) != null) { + if (!line.startsWith("#")) { + int pDK = line.indexOf("._domainkey."); + int pSp = line.indexOf(" "); + + if (line.charAt(pSp + 1) == ' ') { + pkr.addRecord(line.substring(0, pDK), line.substring(pDK + + "._domainkey.".length(), pSp), line + .substring(pSp + 2)); + } else { + if (line.substring(pSp + 1).startsWith("~~")) { + pkr.addRecord(line.substring(0, pDK), line.substring( + pDK + "._domainkey.".length(), pSp), null); + } else { + // NXDOMAIN can be ignored + } + } + } + } + return pkr; + } + + protected void runTest() throws Throwable { + MimeTokenStream stream = new MimeTokenStream(); + stream.setRecursionMode(MimeTokenStream.M_FLAT); + // String checkFile = + // "/org/apache/james/jdkim/bago/default_gfkresearch.com.eml"; + + InputStream is = new FileInputStream(file); + // String msgoutFile = file.getAbsolutePath().substring(0, + // file.getAbsolutePath().lastIndexOf('.')) + ".out"; + + pkr = getPublicRecordRetriever(); + + boolean expectFailure = false; + // DomainKey files + if (getName().indexOf("dk_") != -1) + expectFailure = true; + // older spec version + else if (getName().indexOf("_ietf") != -1) + expectFailure = true; + else if (getName().startsWith("multiple_1")) + expectFailure = true; + else if (getName().startsWith("no_body")) + expectFailure = true; + // invalid or inapplicable + else if (getName().startsWith("badkey_")) + expectFailure = true; + else if (getName().startsWith("ignore_")) + expectFailure = true; + else if (getName().startsWith("bad_")) + expectFailure = true; + + try { + new DKIMVerifier(pkr).verify(is); + if (expectFailure) + fail("Failure expected!"); + } catch (FailException e) { + if (!expectFailure) + fail(e.getMessage()); + } + } + + public static Test suite() throws IOException { + return new PerlDKIMTestSuite(); + } + + static class PerlDKIMTestSuite extends TestSuite { + + private static final File TESTS_FOLDER = new File( + "main\\src\\test\\resources\\org\\apache\\james\\jdkim\\Mail-DKIM\\corpus"); + + public PerlDKIMTestSuite() throws IOException { + super(); + File dir = TESTS_FOLDER; + File[] files = dir.listFiles(); + + if (files != null) + for (int i = 0; i < files.length; i++) { + File f = files[i]; + if (f.getName().toLowerCase().endsWith(".txt")) { + addTest(new PerlDKIMTest(f.getName().substring(0, + f.getName().length() - 4), f, + getPublicRecordRetriever())); + } + } + } + + public static File getFile(String name) { + return new File(TESTS_FOLDER.getAbsolutePath() + File.separator + + name + ".txt"); + } + + } +} \ No newline at end of file Propchange: james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/PerlDKIMTest.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: james/jdkim/trunk/main/src/test/java/org/apache/james/jdkim/PerlDKIMTest.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Modified: james/jdkim/trunk/stage/pom.xml URL: http://svn.apache.org/viewvc/james/jdkim/trunk/stage/pom.xml?rev=824261&r1=824260&r2=824261&view=diff ============================================================================== --- james/jdkim/trunk/stage/pom.xml (original) +++ james/jdkim/trunk/stage/pom.xml Mon Oct 12 08:48:03 2009 @@ -130,6 +130,11 @@ <artifactId>dnsjava</artifactId> <version>2.0.7</version> </dependency> + <dependency> + <groupId>ca.juliusdavies</groupId> + <artifactId>not-yet-commons-ssl</artifactId> + <version>0.3.11</version> + </dependency> </dependencies> <reporting> --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org