From f98eee5dc4ee897175780d92f71b8adf0488b4c5 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Wed, 13 Sep 2017 19:06:02 +0100
Subject: [PATCH] [Feature] Support sha512 in DKIM signatures

---
 src/libserver/dkim.c | 40 +++++++++++++++++++++++++++++++++++++---
 1 file changed, 37 insertions(+), 3 deletions(-)

diff --git a/src/libserver/dkim.c b/src/libserver/dkim.c
index 72cc7232f..a60f0fa94 100644
--- a/src/libserver/dkim.c
+++ b/src/libserver/dkim.c
@@ -61,7 +61,10 @@ enum rspamd_dkim_param_type {
 enum rspamd_sign_type {
 	DKIM_SIGN_UNKNOWN = -2,
 	DKIM_SIGN_RSASHA1 = 0,
-	DKIM_SIGN_RSASHA256
+	DKIM_SIGN_RSASHA256,
+	DKIM_SIGN_RSASHA512,
+	DKIM_SIGN_ECDSASHA256,
+	DKIM_SIGN_ECDSASHA512
 };
 
 #define RSPAMD_DKIM_MAX_ARC_IDX 10
@@ -272,6 +275,20 @@ rspamd_dkim_parse_signalg (rspamd_dkim_context_t * ctx,
 			ctx->sig_alg = DKIM_SIGN_RSASHA256;
 			return TRUE;
 		}
+		else if (memcmp (param, "rsa-sha512", len) == 0) {
+			ctx->sig_alg = DKIM_SIGN_RSASHA512;
+			return TRUE;
+		}
+	}
+	else if (len == sizeof ("ecdsa256-sha256") - 1) {
+		if (memcmp (param, "ecdsa256-sha256", len) == 0) {
+			ctx->sig_alg = DKIM_SIGN_ECDSASHA256;
+			return TRUE;
+		}
+		else if (memcmp (param, "ecdsa256-sha512", len) == 0) {
+			ctx->sig_alg = DKIM_SIGN_ECDSASHA512;
+			return TRUE;
+		}
 	}
 
 	g_set_error (err,
@@ -1014,7 +1031,8 @@ rspamd_create_dkim_context (const gchar *sig,
 				return NULL;
 			}
 
-		} else if (ctx->sig_alg == DKIM_SIGN_RSASHA256) {
+		} else if (ctx->sig_alg == DKIM_SIGN_RSASHA256 ||
+				ctx->sig_alg == DKIM_SIGN_ECDSASHA256) {
 			if (ctx->bhlen !=
 					(guint) EVP_MD_size (EVP_sha256 ())) {
 				g_set_error (err,
@@ -1024,6 +1042,17 @@ rspamd_create_dkim_context (const gchar *sig,
 						ctx->bhlen);
 				return NULL;
 			}
+		} else if (ctx->sig_alg == DKIM_SIGN_RSASHA512 ||
+				ctx->sig_alg == DKIM_SIGN_ECDSASHA512) {
+			if (ctx->bhlen !=
+					(guint) EVP_MD_size (EVP_sha512 ())) {
+				g_set_error (err,
+						DKIM_ERROR,
+						DKIM_SIGERROR_BADSIG,
+						"signature has incorrect length: %zu",
+						ctx->bhlen);
+				return NULL;
+			}
 		}
 	}
 
@@ -1079,9 +1108,14 @@ rspamd_create_dkim_context (const gchar *sig,
 	if (ctx->sig_alg == DKIM_SIGN_RSASHA1) {
 		md_alg = EVP_sha1 ();
 	}
-	else if (ctx->sig_alg == DKIM_SIGN_RSASHA256) {
+	else if (ctx->sig_alg == DKIM_SIGN_RSASHA256 ||
+			ctx->sig_alg == DKIM_SIGN_ECDSASHA256) {
 		md_alg = EVP_sha256 ();
 	}
+	else if (ctx->sig_alg == DKIM_SIGN_RSASHA512 ||
+			ctx->sig_alg == DKIM_SIGN_ECDSASHA512) {
+		md_alg = EVP_sha512 ();
+	}
 	else {
 		g_set_error (err,
 			DKIM_ERROR,
-- 
2.39.5