};
static rspamd_dkim_key_t*
-rspamd_dkim_make_key (const gchar *keydata, guint keylen, GError *err)
+rspamd_dkim_make_key (const gchar *keydata, guint keylen, GError **err)
{
rspamd_dkim_key_t *key = NULL;
key->decoded_len = keylen + 1;
g_base64_decode_inplace (key->keydata, &key->decoded_len);
#ifdef HAVE_OPENSSL
- key->key_bio = BIO_new_mem_buf (key->keydata, decoded_len);
+ key->key_bio = BIO_new_mem_buf (key->keydata, key->decoded_len);
if (key->key_bio == NULL) {
g_set_error (err, DKIM_ERROR, DKIM_SIGERROR_KEYFAIL, "cannot make ssl bio from key");
rspamd_dkim_key_free (key);
GList *cur;
gchar *digest;
gsize dlen;
+ gint res = DKIM_CONTINUE;
#ifdef HAVE_OPENSSL
- RSA *rsa;
+ gint nid;
#endif
g_return_val_if_fail (ctx != NULL, DKIM_ERROR);
#ifdef HAVE_OPENSSL
/* Check headers signature */
- rsa = RSA_new ();
-
- rsa->rsa_rsa = key->rsa_key;
- rsa->rsa_keysize = RSA_size (rsa->rsa_rsa);
- rsa->rsa_pad = RSA_PKCS1_PADDING;
+ if (ctx->sig_alg == DKIM_SIGN_RSASHA1) {
+ nid = NID_sha1;
+ }
+ else if (ctx->sig_alg == DKIM_SIGN_RSASHA256) {
+ nid = NID_sha256;
+ }
+ else {
+ /* Not reached */
+ nid = NID_sha1;
+ }
- RSA_free (rsa);
+ if (RSA_verify (nid, digest, dlen, ctx->b, ctx->blen, key->key_rsa) != 1) {
+ res = DKIM_ERROR;
+ }
#endif
- return DKIM_CONTINUE;
+ return res;
}
projects / rspamd.git / commitdiff