in main/src/main/java/org/apache/james/jdkim/DKIMVerifier.java [154:195]
public PublicKeyRecord publicRecordLookup(SignatureRecord sign)
throws TempFailException, PermFailException {
// System.out.println(sign);
PublicKeyRecord key = null;
TempFailException lastTempFailure = null;
PermFailException lastPermFailure = null;
for (Iterator<CharSequence> rlm = sign.getRecordLookupMethods().iterator(); key == null
&& rlm.hasNext(); ) {
CharSequence method = rlm.next();
try {
PublicKeyRecordRetriever pkrr = getPublicKeyRecordRetriever();
List<String> records = pkrr.getRecords(method, sign.getSelector()
.toString(), sign.getDToken().toString());
PublicKeyRecord tempKey = publicKeySelector(records);
// checks wether the key is applicable to the signature
// TODO check with the IETF group to understand if this is the
// right thing to do.
// TODO loggin
apply(tempKey, sign);
key = tempKey;
} catch (TempFailException tf) {
lastTempFailure = tf;
} catch (PermFailException pf) {
lastPermFailure = pf;
}
}
if (key == null) {
if (lastTempFailure != null) {
if (sign != null) lastTempFailure.setRelatedRecordIdentity(sign.getIdentity().toString());
throw lastTempFailure;
} else if (lastPermFailure != null) {
if (sign != null) lastPermFailure.setRelatedRecordIdentity(sign.getIdentity().toString());
throw lastPermFailure;
} // this is unexpected because the publicKeySelector always returns
// null or exception
else {
throw new PermFailException(
"no key for signature [unexpected condition]", sign.getIdentity().toString());
}
}
return key;
}