main/src/main/java/org/apache/james/jdkim/tagvalue/SignatureRecordImpl.java [51:159]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - defaults.put("c", SIMPLE + "/" + SIMPLE); defaults.put("l", ALL); defaults.put("q", "dns/txt"); } /** * @see org.apache.james.jdkim.api.SignatureRecord#validate() */ public void validate() throws IllegalStateException { super.validate(); // TODO: what about v=0.5 and no v= at all? // do specs allow parsing? what should we check? if (!"1".equals(getValue("v"))) throw new IllegalStateException( "Invalid DKIM-Signature version (expected '1'): " + getValue("v")); if (getValue("h").length() == 0) throw new IllegalStateException("Tag h= cannot be empty."); CharSequence identity; try { identity = getIdentity(); } catch (IllegalArgumentException e) { throw new IllegalStateException("Identity (i=) declaration cannot be parsed. Probably due to missing quoted printable encoding", e); } if (!identity.toString().toLowerCase().endsWith( ("@" + getValue("d")).toLowerCase()) && !getIdentity().toString().toLowerCase().endsWith( ("." + getValue("d")).toLowerCase())) throw new IllegalStateException("Identity (i=) domain mismatch: expected [optional]@[optional.]domain-from-d-attribute"); // when "x=" exists and signature expired then return PERMFAIL // (signature expired) if (getValue("x") != null) { long expiration = Long.parseLong(getValue("x").toString()); long lifetime = (expiration - System.currentTimeMillis() / 1000); if (lifetime < 0) { throw new IllegalStateException("Signature is expired since " + getTimeMeasure(lifetime) + "."); } } // when "h=" does not contain "from" return PERMFAIL (From field not // signed). if (!isInListCaseInsensitive("from", getHeaders())) throw new IllegalStateException("From field not signed"); // TODO support ignoring signature for certain d values (externally to // this class). } private String getTimeMeasure(long lifetime) { String measure = "s"; lifetime = -lifetime; if (lifetime > 600) { lifetime = lifetime / 60; measure = "m"; if (lifetime > 600) { lifetime = lifetime / 60; measure = "h"; if (lifetime > 120) { lifetime = lifetime / 24; measure = "d"; if (lifetime > 90) { lifetime = lifetime / 30; measure = " months"; if (lifetime > 24) { lifetime = lifetime / 12; measure = " years"; } } } } } return lifetime + measure; } /** * @see org.apache.james.jdkim.api.SignatureRecord#getHeaders() */ public List getHeaders() { return stringToColonSeparatedList(getValue("h").toString(), hdrNamePattern); } // If i= is unspecified the default is @d protected CharSequence getDefault(String tag) { if ("i".equals(tag)) { return "@" + getValue("d"); } else return super.getDefault(tag); } /** * @see org.apache.james.jdkim.api.SignatureRecord#getIdentityLocalPart() */ public CharSequence getIdentityLocalPart() { String identity = getIdentity().toString(); int pAt = identity.indexOf('@'); return identity.subSequence(0, pAt); } /** * This may throws IllegalArgumentException on invalid "i" content, * but should always happen during validation! * * @see org.apache.james.jdkim.api.SignatureRecord#getIdentity() */ public CharSequence getIdentity() { - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - main/src/main/java/org/apache/james/jdkim/tagvalue/SignatureRecordTemplate.java [59:167]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - defaults.put("c", SIMPLE + "/" + SIMPLE); defaults.put("l", ALL); defaults.put("q", "dns/txt"); } /** * @see SignatureRecord#validate() */ public void validate() throws IllegalStateException { super.validate(); // TODO: what about v=0.5 and no v= at all? // do specs allow parsing? what should we check? if (!"1".equals(getValue("v"))) throw new IllegalStateException( "Invalid DKIM-Signature version (expected '1'): " + getValue("v")); if (getValue("h").length() == 0) throw new IllegalStateException("Tag h= cannot be empty."); CharSequence identity; try { identity = getIdentity(); } catch (IllegalArgumentException e) { throw new IllegalStateException("Identity (i=) declaration cannot be parsed. Probably due to missing quoted printable encoding", e); } if (!identity.toString().toLowerCase().endsWith( ("@" + getValue("d")).toLowerCase()) && !getIdentity().toString().toLowerCase().endsWith( ("." + getValue("d")).toLowerCase())) throw new IllegalStateException("Identity (i=) domain mismatch: expected [optional]@[optional.]domain-from-d-attribute"); // when "x=" exists and signature expired then return PERMFAIL // (signature expired) if (getValue("x") != null) { long expiration = Long.parseLong(getValue("x").toString()); long lifetime = (expiration - System.currentTimeMillis() / 1000); if (lifetime < 0) { throw new IllegalStateException("Signature is expired since " + getTimeMeasure(lifetime) + "."); } } // when "h=" does not contain "from" return PERMFAIL (From field not // signed). if (!isInListCaseInsensitive("from", getHeaders())) throw new IllegalStateException("From field not signed"); // TODO support ignoring signature for certain d values (externally to // this class). } private String getTimeMeasure(long lifetime) { String measure = "s"; lifetime = -lifetime; if (lifetime > 600) { lifetime = lifetime / 60; measure = "m"; if (lifetime > 600) { lifetime = lifetime / 60; measure = "h"; if (lifetime > 120) { lifetime = lifetime / 24; measure = "d"; if (lifetime > 90) { lifetime = lifetime / 30; measure = " months"; if (lifetime > 24) { lifetime = lifetime / 12; measure = " years"; } } } } } return lifetime + measure; } /** * @see SignatureRecord#getHeaders() */ public List getHeaders() { return stringToColonSeparatedList(getValue("h").toString(), hdrNamePattern); } // If i= is unspecified the default is @d protected CharSequence getDefault(String tag) { if ("i".equals(tag)) { return "@" + getValue("d"); } else return super.getDefault(tag); } /** * @see SignatureRecord#getIdentityLocalPart() */ public CharSequence getIdentityLocalPart() { String identity = getIdentity().toString(); int pAt = identity.indexOf('@'); return identity.subSequence(0, pAt); } /** * This may throws IllegalArgumentException on invalid "i" content, * but should always happen during validation! * * @see SignatureRecord#getIdentity() */ public CharSequence getIdentity() { - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -