Some domains showing as invalid

[Stexxen]

Thanks for your work on this plugin, I just got round to testing it tonight. After installing version 0.2, I've been checking it against some emails in my inbox. From Domains ebay.co.uk OK amazon.co.uk OK

facebookmail.com KO

DKIM: Parsed DKIM-Signature: ({v:"1", a_sig:"rsa", a_hash:"sha256", b:"key1JCk6byyYDZGDsC+mOeikZlKRA0zU/LcJJJhjwKYfYQ6sBitjSq8MdUPThEVMUqQtFFRPSez0YQwFJ553zNlHfUEJwUcltepRyRRGwBif3GFOrJ5tqJJFzODMJVVLo+0SXN9LhvRgM6Ha+x+8RSLmtUvk2Aq+VTSaAqouZz4=", b_folded:"key1JCk6byyYDZGDsC+mOeikZlKRA0zU/LcJJJhjwKYfYQ6sBitjSq8MdUPThEVMU\r\n\t qQtFFRPSez0YQwFJ553zNlHfUEJwUcltepRyRRGwBif3GFOrJ5tqJJFzODMJVVLo+0\r\n\t SXN9LhvRgM6Ha+x+8RSLmtUvk2Aq+VTSaAqouZz4=", bh:"e5ja/lQb9OayTEyvQrKuu8VAxMlF2c0SKH/RRZJNdcI=", c_header:"relaxed", c_body:"simple", d:"facebookmail.com", h:"Date:To:From:Subject:MIME-Version:Content-Type", h_array:["date", "to", "from", "subject", "mime-version", "content-type"], i:"@facebookmail.com", l:null, q:"dns/txt", s:"s1024-2011-q2", t:1368945560, x:null, z:null})
DKIM: computed body hash: e5ja/lQb9OayTEyvQrKuu8VAxMlF2c0SKH/RRZJNdcI=
DKIM: DNS result: k=rsa; t=s; h=sha256; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLWnmo7aFBKfL4+mogTe/cXx6D4MUF7VUM9O+nmXAcUP6jJh1RDgZuSJ/KKxo+KMpDiF5xnawr4p3N4eFruSZWFB1vtHgDiy3iPke/u0lmXB2PDQphFRJU4Raghm9e2duPfuSExbvSu9COWIoaz1vH/T+8zc0vuonClGuPfxoqhQIDAQAB
DKIM: Parsed DKIM-Key: ({v:"DKIM1", h:"sha256", k:"rsa", n:null, p:"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLWnmo7aFBKfL4+mogTe/cXx6D4MUF7VUM9O+nmXAcUP6jJh1RDgZuSJ/KKxo+KMpDiF5xnawr4p3N4eFruSZWFB1vtHgDiy3iPke/u0lmXB2PDQphFRJU4Raghm9e2duPfuSExbvSu9COWIoaz1vH/T+8zc0vuonClGuPfxoqhQIDAQAB", s:"*", t:"s", t_array:["s"]})
DKIM: Header hash input:
date:Sat, 18 May 2013 23:39:20 -0700
to:xxxxx xxxxxx <xxxxxx@xxxxxxxxxx.co.uk>
from:"Facebook" <nxxxxxxxxxx@facebookmail.com>
subject:xxxxxxxxxxx have birthdays this week
mime-version:1.0
content-type:multipart/alternative; boundary="b1_b00931723f94ca6aa7ad58da398f237f"

dkim-signature:v=1; a=rsa-sha256; c=relaxed/simple; d=facebookmail.com; s=s1024-2011-q2; t=1368945560; bh=e5ja/lQb9OayTEyvQrKuu8VAxMlF2c0SKH/RRZJNdcI=; h=Date:To:From:Subject:MIME-Version:Content-Type; b=
Timestamp: 22/05/2013 01:34:13
Error: DKIM Signature Error: Signature wrong
verifySignaturePart2@chrome://dkim_verifier/content/dkim.js:884
that.dnsCallback@chrome://dkim_verifier/content/dkim.js:1007
DNS_getRDData@chrome://dkim_verifier/content/dns.js:437
listener.process@chrome://dkim_verifier/content/dns.js:283
dataListener.onDataAvailable@chrome://dkim_verifier/content/dns.js:510

Source File: chrome://dkim_verifier/content/dkim.js
Line: 907

connect.vmware.com KO [similar error as above] gmail.com [similar error as above]

email.wiggle.com KO Different error, text stays on "Validating....." and never changes

Timestamp: 22/05/2013 01:40:08
Error: uncaught exception: Record type is not one that this library can understand.
DKIM: DNS result: null
Timestamp: 22/05/2013 01:40:08
Error: DKIM Signature Error: DNS query for key failed
Source File: chrome://dkim_verifier/content/dkim.js
Line: 1002

I hope this is enough info to work with? Thanks, S.

[lieser]

First thanks for reporting the bugs, it helps a lot. It would be nice if you could give me a little bit more info, so i can reproduce the errors (more details below).

facebookmail.com It seems the header hash input is wrong (the two empty lines between content-type and dkim-signature shouldn't be there). Please post the Content-Type field and the beginning of the next field from the message source (Ctrl-U or View | Message Source). If you have a text editor that can show control characters, best paste it there before posting it to github, and replace the control characters with viewable text (in Word newline <CRLF> is displayed as "¶"). Example:

Content-type: multipart/alternative;<CRLF>
<TAB>boundary="=b77tpqqbfjtk5qau01bq7qcbc64x5t"<CRLF>
Envelope-To: ...

connect.vmware.com and gmail.com If, like in facebookmail.com, there are empty lines in the "DKIM: Header hash input", it's probably the same error, and the info from facebookmail.com should be enough. Otherwise please post "DKIM: Parsed DKIM-Signature" and "DKIM: Header hash input".

email.wiggle.com The DNS query for the DKIM key record fails (the result seems to be in a format the DNS Library can't handle). Please post the selector (s=) and domain (d=) field of the DKIM-Signature, so i can look at the key record. The reason you see only "Validating....." is because i forgot to catch the Exception, and the script crashes.

[lieser]

I found a bug in the parsing of the last header field. So if in the facebookmail.com, connect.vmware.com and gmail.com e-mail the last header field (in facebookmail.com the Content-type header) was signed, it should now work with version 0.2.1.

[lieser]

Because you haven't responded yet, I assume the new version solved this. If not, please reopen the issue, and provide the additional information I asked for.

[Stexxen]

Sorry about the delay in getting back. Your fix has corrected the gmail facebookmail and vmware domain problem. Thanks for that. Regarding the email.wiggle.com domain. The Error now says "DNS Query for Key failed" Much nicer :-)

From the error Log I can now see the following

Timestamp: 05/06/2013 20:50:45
Error: [Exception... "'Record type is not one that this library can understand.' when calling method: [nsIStreamListener::onDataAvailable]"  nsresult: "0x8057001e (NS_ERROR_XPC_JS_THREW_STRING)"  location: ""  data: no]

DNS: Resolving neolane._domainkey.email.wiggle.com/TXT: Failed to connect to DNS server 8.8.8.8 with error code 2153185310.

DKIM: DNS result: null

Timestamp: 05/06/2013 20:50:45
Error: DKIM Signature Error: DNS query for key failed
that.dnsCallback@chrome://dkim_verifier/content/dkim.js:1099
listener.finished@chrome://dkim_verifier/content/dns.js:276
dataListener.onStopRequest@chrome://dkim_verifier/content/dns.js:520
Source File: chrome://dkim_verifier/content/dkim.js
Line: 1113

I've posted posted the relevant parts of the header.

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
    s=neolane;
    d=email.wiggle.com;
    h=domainkey-signature:from:date:subject:to:reply-to:mime-version:x-mailer:message-id:content-type;
    bh=baTA7kJlu46Nc+0slTa/kP0klJLn1vb6MCVHDYrnvg0=;
    b=vVcX1GGm5tT6bo26uQYn/7oHZ6TOGT4BWQiYzeWTxhTXGxmpAEXGb4ayruWZTNxCJ2rMh7XSSu1tX8+yyn94J4Jyxp3s6bYynEZr8LLKG29wrzkrMphtLEZW7EbFsKH9BxtXO7zRIugPv9/ntgV1Pr3+hiVVaMAeVyhSqIkU+VI=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns;
    s=neolane;
    d=email.wiggle.com;
    h=From:Date:Subject:To:Reply-To:MIME-Version:X-mailer:Message-ID:Content-Type;
    b=NQrxJ3oSlX1mI5kn8OWLQVH5+px5xTopMtUVw0rXsMib7MQgFAgXlrqSMVp6ctpLc/m+j6TGIqaju8+mnpstLfEwUwDzxdsV2GAtb0TBts2bejzftflno0VGEiso7oja5PWOgsRH5V0m5aW1LiK0nc8PDynT7OI6AkpZJhW2U30=

[lieser]

The DNS querry for the email.wiggle.com email should now work too. Like the other issue (#4) you reported, the bug fix (commit 1d8fd3d36909b432f49c3cdc92afce5e9d0d8564) will be included in version 0.3.4.