There are several things wrong with your DKIM-Signature header field.
You MUST have a v=, you MUST have an s=, you MUST have a=, you MUST
have d=, and you MUST have h=. See section 3.5 of RFC 4871 for
details.
eric
--On June 13, 2007 11:28:27 AM -0400 Bill Volz <bill(_at_)atwill(_dot_)com>
wrote:
I have written some dkim code but I am getting verification errors
from the test auto responders. I think it may be related to an
extra or missing crlf in the signed header or maybe just the data.
Here is what I am doing may be someone will see what's wrong.
Using simple canonicalization, assuming that the "To" and "From"
headers are being signed and added to the dkim h= tag.
Message:
From:bob(_at_)bob(_dot_)com\r\n
To:bob(_at_)bob(_dot_)com\r\n
\r\n
One line Body\r\n
bh = Hash("One line Body\r\n")
dkhead = "DKIM-Signature: .; bh=" + bh + "\r\n\t;b="
cHeader = "From:bob(_at_)bob(_dot_)com\r\nTo:bob(_at_)bob(_dot_)com\r\n" +
dkhead;
b = Sign (cHeader);
dkhead += b + "\r\n";
AddNewHeaderToMsg(dkhead);
One thing in the RFC I wasn't sure of was in section 3.7 Computing
the Message Hashes this line.
The DKIM-Signature header field that exists (verifying) or will be
inserted (signing) in the message, with the value of the "b=" tag
deleted (i.e., treated as the empty string), canonicalized using
the header canonicalization algorithm specified in the "c=" tag,
and without a trailing CRLF.
Does the "without a trailing CRLF" mean no crlf for the dkim header
or the dkim header should have a crlf but there should be no header
ending crlf or both in which case there is no crlf.
_______________________________________________
dkim-dev mailing list
dkim-dev(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-dev