I have written some dkim code but I am getting verification errors from the
test auto responders. I think it may be related to an extra or missing crlf
in the signed header or maybe just the data.
Here is what I am doing may be someone will see what's wrong. Using simple
canonicalization, assuming that the "To" and "From" headers are being signed
and added to the dkim h= tag.
Message:
From:bob(_at_)bob(_dot_)com\r\n
To:bob(_at_)bob(_dot_)com\r\n
\r\n
One line Body\r\n
bh = Hash("One line Body\r\n")
dkhead = "DKIM-Signature: .; bh=" + bh + "\r\n\t;b="
cHeader = "From:bob(_at_)bob(_dot_)com\r\nTo:bob(_at_)bob(_dot_)com\r\n" +
dkhead;
b = Sign (cHeader);
dkhead += b + "\r\n";
AddNewHeaderToMsg(dkhead);
One thing in the RFC I wasn't sure of was in section 3.7 Computing the
Message Hashes this line.
The DKIM-Signature header field that exists (verifying) or will be inserted
(signing) in the message, with the value of the "b=" tag deleted (i.e.,
treated as the empty string), canonicalized using the header
canonicalization algorithm specified in the "c=" tag, and without a trailing
CRLF.
Does the "without a trailing CRLF" mean no crlf for the dkim header or the
dkim header should have a crlf but there should be no header ending crlf or
both in which case there is no crlf.
_______________________________________________
dkim-dev mailing list
dkim-dev(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-dev