in main/src/main/java/org/apache/james/jdkim/tagvalue/SignatureRecordImpl.java [57:98]
public void validate() throws IllegalStateException {
super.validate();
// TODO: what about v=0.5 and no v= at all?
// do specs allow parsing? what should we check?
if (!"1".equals(getValue("v")))
throw new IllegalStateException(
"Invalid DKIM-Signature version (expected '1'): "
+ getValue("v"));
if (getValue("h").length() == 0)
throw new IllegalStateException("Tag h= cannot be empty.");
CharSequence identity;
try {
identity = getIdentity();
} catch (IllegalArgumentException e) {
throw new IllegalStateException("Identity (i=) declaration cannot be parsed. Probably due to missing quoted printable encoding", e);
}
if (!identity.toString().toLowerCase().endsWith(
("@" + getValue("d")).toLowerCase())
&& !getIdentity().toString().toLowerCase().endsWith(
("." + getValue("d")).toLowerCase()))
throw new IllegalStateException("Identity (i=) domain mismatch: expected [optional]@[optional.]domain-from-d-attribute");
// when "x=" exists and signature expired then return PERMFAIL
// (signature expired)
if (getValue("x") != null) {
long expiration = Long.parseLong(getValue("x").toString());
long lifetime = (expiration - System.currentTimeMillis() / 1000);
if (lifetime < 0) {
throw new IllegalStateException("Signature is expired since "
+ getTimeMeasure(lifetime) + ".");
}
}
// when "h=" does not contain "from" return PERMFAIL (From field not
// signed).
if (!isInListCaseInsensitive("from", getHeaders()))
throw new IllegalStateException("From field not signed");
// TODO support ignoring signature for certain d values (externally to
// this class).
}