https://github.com/jhawthorn/dkim/tree/master/lib/dkim
获取 private.pem
DKIM Private and Public Key
DKIM is a popular way to sign email. Here is a way to generate private and public keys for enabling DKIM on a domain.
1. Generate Private Key (in PEM format) openssl genrsa -out private.pem 786 2. Generate Public Key openssl rsa -pubout -in private.pem | sed /^-----/d | tr -d '\n' 3. Put the following in DNS record <selector>._domainkey IN TXT v=DKIM1;h=sha256;k=rsa;s=*;t=s;p=<publicKey>
If you are using Java to send email, consider using DKIM-JavaMail for signing email. Convert the private key to PKCS8 format and then Base64 encode it using the following
openssl pkcs8 -topk8 -inform PEM -outform DER -in private.pem -nocrypt | base64 -w 0
Here is the code snippet to sign email
String dkimPrivateKey = // Base64 encoded private key in PKCS8 format KeyFactory keyFactory = KeyFactory.getInstance("RSA"); byte[] privateKeyPKCS8 = Base64.decodeBase64(dkimPrivateKey); PKCS8EncodedKeySpec privateSpec = new PKCS8EncodedKeySpec(privateKeyPKCS8); RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory.generatePrivate(privateSpec); DKIMSigner dkimSigner = new DKIMSigner(<signingDomain>, <selector>, privateKey);