org.jboss.resteasy.security.doseta

Class DKIMSignature

java.lang.Object

org.jboss.resteasy.security.doseta.DKIMSignature

public class DKIMSignature
extends Object

One single signature within a DKIM-Signature header

Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields

Modifier and Type	Field and Description
static String	ALGORITHM
protected Map<String,String>	attributes
static String	BODY_HASH
protected boolean	bodyHashRequired
static String	CANONICALIZATION
static String	DEFAULT_ALGORITHM This is settable
static String	DEFAULT_SIGNER This is settable
static String	DKIM_SIGNATURE
static String	DOMAIN
static String	EXPIRATION
protected List<String>	headers
static String	HEADERS
protected String	headerValue
static String	IDENTITY
static String	LENGTH
protected PrivateKey	privateKey
static String	QUERY
static String	SELECTOR
static String	SHA256WITH_RSA
protected byte[]	signature
static String	SIGNATURE
static String	TIMESTAMP
static String	VERSION

Constructor Summary

Constructors

Constructor and Description
DKIMSignature()
DKIMSignature(Map<String,String> attrs)
DKIMSignature(String headerValue)

Method Summary

Methods

Modifier and Type	Method and Description
void	addHeader(String headerName) Add a reference to a header within the signature calculation
protected void	extractAttributes()
String	getAlgorithm()
Map<String,String>	getAttributes()
String	getBased64Signature()
String	getDomain()
List<String>	getHeaderList()
String	getId()
PrivateKey	getPrivateKey() Private key to use to sign the message.
String	getQuery()
String	getSelector()
byte[]	getSignature()
boolean	isBodyHashRequired() Whether or not to add a body hash to signature
boolean	isExpired() Return false if true current time.
boolean	isStale(int seconds, int minutes, int hours, int days, int months, int years) Returns false if timestamp does not exist or if the current time is greater than timestamp + variables
void	setAlgorithm(String value) Default value is SHA256withRSA, see Javadoc on java.security.Signature for other supported values.
void	setAttribute(String name, String value)
void	setBase64Signature(String signature)
void	setBodyHashRequired(boolean bodyHashRequired)
void	setDomain(String domain)
void	setExpiration(Date expire)
void	setExpiration(int seconds, int minutes, int hours, int days, int months, int years) Calculates an expiration date based on the current time plus the additional time units specified in the method parameters.
void	setId(String id)
void	setPrivateKey(PrivateKey privateKey)
void	setQuery(String query)
void	setSelector(String selector)
void	setSignature(byte[] signature)
void	setTimestamp()
void	setTimestamp(String value)
void	sign(Map headers, byte[] body, PrivateKey defaultKey) Headers can be a Map or a Map>.
String	toString() Generates the Content-Signature value.
MultivaluedMap<String,String>	verify(boolean bodyHashRequired, Map headers, byte[] body, PublicKey key) Headers can be a Map or a Map>.
MultivaluedMap<String,String>	verify(Map headers, byte[] body, PublicKey key)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

DKIM_SIGNATURE

public static final String DKIM_SIGNATURE

See Also:

Constant Field Values

TIMESTAMP

public static final String TIMESTAMP

See Also:

Constant Field Values

DOMAIN

public static final String DOMAIN

See Also:

Constant Field Values

EXPIRATION

public static final String EXPIRATION

See Also:

Constant Field Values

ALGORITHM

public static final String ALGORITHM

See Also:

Constant Field Values

SIGNATURE

public static final String SIGNATURE

See Also:

Constant Field Values

HEADERS

public static final String HEADERS

See Also:

Constant Field Values

IDENTITY

public static final String IDENTITY

See Also:

Constant Field Values

VERSION

public static final String VERSION

See Also:

Constant Field Values

BODY_HASH

public static final String BODY_HASH

See Also:

Constant Field Values

CANONICALIZATION

public static final String CANONICALIZATION

See Also:

Constant Field Values

QUERY

public static final String QUERY

See Also:

Constant Field Values

SELECTOR

public static final String SELECTOR

See Also:

Constant Field Values

LENGTH

public static final String LENGTH

See Also:

Constant Field Values

DEFAULT_SIGNER

public static String DEFAULT_SIGNER

This is settable

SHA256WITH_RSA

public static final String SHA256WITH_RSA

See Also:

Constant Field Values

DEFAULT_ALGORITHM

public static String DEFAULT_ALGORITHM

This is settable

privateKey

protected PrivateKey privateKey

attributes

protected Map<String,String> attributes

headers

protected List<String> headers

signature

protected byte[] signature

headerValue

protected String headerValue

bodyHashRequired

protected boolean bodyHashRequired

Constructor Detail

DKIMSignature

public DKIMSignature()

DKIMSignature

public DKIMSignature(Map<String,String> attrs)

DKIMSignature

public DKIMSignature(String headerValue)

Method Detail

extractAttributes

protected void extractAttributes()

getHeaderList

public List<String> getHeaderList()

toString

public String toString()

Generates the Content-Signature value.

Overrides:

toString in class Object

Returns:

isBodyHashRequired

public boolean isBodyHashRequired()

Whether or not to add a body hash to signature

Returns:

setBodyHashRequired

public void setBodyHashRequired(boolean bodyHashRequired)

addHeader

public void addHeader(String headerName)

Add a reference to a header within the signature calculation

Parameters:

headerName -

setAttribute

public void setAttribute(String name,
                String value)

Parameters:

name -

value - if null, remove attribute

includeSignature - true if you want attribute to be included within the signature calculation

display - true if you want attribute shown in the Content-Signature

setAlgorithm

public void setAlgorithm(String value)

Default value is SHA256withRSA, see Javadoc on java.security.Signature for other supported values.

Parameters:

value -

includeSignature - true if you want attribute to be included within the signature calculation

display - true if you want attribute shown in the Content-Signature

setTimestamp

public void setTimestamp(String value)

setTimestamp

public void setTimestamp()

setSelector

public void setSelector(String selector)

getSelector

public String getSelector()

getQuery

public String getQuery()

setQuery

public void setQuery(String query)

setDomain

public void setDomain(String domain)

getDomain

public String getDomain()

setId

public void setId(String id)

Parameters:

value -

setExpiration

public void setExpiration(Date expire)

setExpiration

public void setExpiration(int seconds,
                 int minutes,
                 int hours,
                 int days,
                 int months,
                 int years)

Calculates an expiration date based on the current time plus the additional time units specified in the method parameters.

Parameters:

seconds -

minutes -

hours -

days -

months -

years -

isExpired

public boolean isExpired()

Return false if true current time. If expiration isn't set, then just return false. Returns false otherwise.

Returns:

isStale

public boolean isStale(int seconds,
              int minutes,
              int hours,
              int days,
              int months,
              int years)

Returns false if timestamp does not exist or if the current time is greater than timestamp + variables

getId

public String getId()

getAlgorithm

public String getAlgorithm()

getAttributes

public Map<String,String> getAttributes()

getBased64Signature

public String getBased64Signature()

setBase64Signature

public void setBase64Signature(String signature)

getSignature

public byte[] getSignature()

setSignature

public void setSignature(byte[] signature)

getPrivateKey

public PrivateKey getPrivateKey()

Private key to use to sign the message. Can be null. If so, system will try to figure out the signer based on a default value, or the current user principal

Returns:

setPrivateKey

public void setPrivateKey(PrivateKey privateKey)

sign

public void sign(Map headers,
        byte[] body,
        PrivateKey defaultKey)
          throws SignatureException

Headers can be a Map or a Map>. This gives some compatibility with JAX-RS's MultivaluedMap. If a map of lists, every value of each header duplicate will be added.

Parameters:

headers -

body - if null, bh field will not be set or provided

defaultKey - will be used if privateKey is null

Throws:

GeneralSecurityException

SignatureException

verify

public MultivaluedMap<String,String> verify(Map headers,
                                   byte[] body,
                                   PublicKey key)
                                     throws SignatureException

Throws:

SignatureException

verify

public MultivaluedMap<String,String> verify(boolean bodyHashRequired,
                                   Map headers,
                                   byte[] body,
                                   PublicKey key)
                                     throws SignatureException

Headers can be a Map or a Map>. This gives some compatibility with JAX-RS's MultivaluedMap. If a map of lists, every value of each header duplicate will be added.

Parameters:

headers -

body -

key -

Returns:

map of verified headers and their values

Throws:

SignatureException