mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
18054 Commits
28 Branches
Tree: dfbd181e9c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'dfbd181e9c'
${ noResults }
rspamd/src/libserver/dkim.c

dkim.c 78KB
Raw Blame History

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473 
  1. /*-

  2.  * Copyright 2016 Vsevolod Stakhov

  3.  *

  4.  * Licensed under the Apache License, Version 2.0 (the "License");

  5.  * you may not use this file except in compliance with the License.

  6.  * You may obtain a copy of the License at

  7.  *

  8.  *   http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  * Unless required by applicable law or agreed to in writing, software

  11.  * distributed under the License is distributed on an "AS IS" BASIS,

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  * See the License for the specific language governing permissions and

  14.  * limitations under the License.

  15.  */

  16. #include "config.h"

  17. #include "rspamd.h"

  18. #include "message.h"

  19. #include "dkim.h"

  20. #include "dns.h"

  21. #include "utlist.h"

  22. #include "unix-std.h"

  23. #include "mempool_vars_internal.h"

  24. 

  25. #include <openssl/evp.h>

  26. #include <openssl/rsa.h>

  27. #include <openssl/engine.h>

  28. 

  29. /* special DNS tokens */

  30. #define DKIM_DNSKEYNAME     "_domainkey"

  31. 

  32. /* ed25519 key lengths */

  33. #define ED25519_B64_BYTES	45

  34. #define ED25519_BYTES		32

  35. 

  36. /* Canonization methods */

  37. #define DKIM_CANON_UNKNOWN  (-1)    /* unknown method */

  38. #define DKIM_CANON_SIMPLE   0   /* as specified in DKIM spec */

  39. #define DKIM_CANON_RELAXED  1   /* as specified in DKIM spec */

  40. 

  41. #define DKIM_CANON_DEFAULT  DKIM_CANON_SIMPLE

  42. 

  43. #define RSPAMD_SHORT_BH_LEN 8

  44. 

  45. /* Params */

  46. enum rspamd_dkim_param_type {

  47. 	DKIM_PARAM_UNKNOWN = -1,

  48. 	DKIM_PARAM_SIGNATURE = 0,

  49. 	DKIM_PARAM_SIGNALG,

  50. 	DKIM_PARAM_DOMAIN,

  51. 	DKIM_PARAM_CANONALG,

  52. 	DKIM_PARAM_QUERYMETHOD,

  53. 	DKIM_PARAM_SELECTOR,

  54. 	DKIM_PARAM_HDRLIST,

  55. 	DKIM_PARAM_VERSION,

  56. 	DKIM_PARAM_IDENTITY,

  57. 	DKIM_PARAM_TIMESTAMP,

  58. 	DKIM_PARAM_EXPIRATION,

  59. 	DKIM_PARAM_COPIEDHDRS,

  60. 	DKIM_PARAM_BODYHASH,

  61. 	DKIM_PARAM_BODYLENGTH,

  62. 	DKIM_PARAM_IDX,

  63. 	DKIM_PARAM_CV,

  64. 	DKIM_PARAM_IGNORE

  65. };

  66. 

  67. #define RSPAMD_DKIM_MAX_ARC_IDX 10

  68. 

  69. #define msg_err_dkim(...) rspamd_default_log_function (G_LOG_LEVEL_CRITICAL, \

  70.         "dkim", ctx->pool->tag.uid, \

  71.         G_STRFUNC, \

  72.         __VA_ARGS__)

  73. #define msg_warn_dkim(...)   rspamd_default_log_function (G_LOG_LEVEL_WARNING, \

  74.         "dkim", ctx->pool->tag.uid, \

  75.         G_STRFUNC, \

  76.         __VA_ARGS__)

  77. #define msg_info_dkim(...)   rspamd_default_log_function (G_LOG_LEVEL_INFO, \

  78.         "dkim", ctx->pool->tag.uid, \

  79.         G_STRFUNC, \

  80.         __VA_ARGS__)

  81. #define msg_debug_dkim(...)  rspamd_conditional_debug_fast (NULL, NULL, \

  82.         rspamd_dkim_log_id, "dkim", ctx->pool->tag.uid, \

  83.         G_STRFUNC, \

  84.         __VA_ARGS__)

  85. #define msg_debug_dkim_taskless(...)  rspamd_conditional_debug_fast (NULL, NULL, \

  86.         rspamd_dkim_log_id, "dkim", "", \

  87.         G_STRFUNC, \

  88.         __VA_ARGS__)

  89. 

  90. INIT_LOG_MODULE(dkim)

  91. 

  92. #define RSPAMD_DKIM_FLAG_OVERSIGN (1u << 0u)

  93. #define RSPAMD_DKIM_FLAG_OVERSIGN_EXISTING (1u << 1u)

  94. 

  95. union rspamd_dkim_header_stat {

  96. 	struct _st {

  97. 		guint16 count;

  98. 		guint16 flags;

  99. 	} s;

  100. 	guint32 n;

  101. };

  102. 

  103. struct rspamd_dkim_common_ctx {

  104. 	rspamd_mempool_t *pool;

  105. 	guint64 sig_hash;

  106. 	gsize len;

  107. 	GPtrArray *hlist;

  108. 	GHashTable *htable; /* header -> count mapping */

  109. 	EVP_MD_CTX *headers_hash;

  110. 	EVP_MD_CTX *body_hash;

  111. 	enum rspamd_dkim_type type;

  112. 	guint idx;

  113. 	gint header_canon_type;

  114. 	gint body_canon_type;

  115. 	guint body_canonicalised;

  116. 	guint headers_canonicalised;

  117. 	gboolean is_sign;

  118. 

  119. };

  120. 

  121. enum rspamd_arc_seal_cv {

  122. 	RSPAMD_ARC_UNKNOWN = 0,

  123. 	RSPAMD_ARC_NONE,

  124. 	RSPAMD_ARC_INVALID,

  125. 	RSPAMD_ARC_FAIL,

  126. 	RSPAMD_ARC_PASS

  127. };

  128. 

  129. 

  130. struct rspamd_dkim_context_s {

  131. 	struct rspamd_dkim_common_ctx common;

  132. 	rspamd_mempool_t *pool;

  133. 	struct rspamd_dns_resolver *resolver;

  134. 	gsize blen;

  135. 	gsize bhlen;

  136. 	gint sig_alg;

  137. 	guint ver;

  138. 	time_t timestamp;

  139. 	time_t expiration;

  140. 	gchar *domain;

  141. 	gchar *selector;

  142. 	gint8 *b;

  143. 	gchar *short_b;

  144. 	gint8 *bh;

  145. 	gchar *dns_key;

  146. 	enum rspamd_arc_seal_cv cv;

  147. 	const gchar *dkim_header;

  148. };

  149. 

  150. #define RSPAMD_DKIM_KEY_ID_LEN 16

  151. 

  152. struct rspamd_dkim_key_s {

  153. 	guint8 *keydata;

  154. 	gsize keylen;

  155. 	gsize decoded_len;

  156. 	gchar key_id[RSPAMD_DKIM_KEY_ID_LEN];

  157. 	union {

  158. 		RSA *key_rsa;

  159. 		EC_KEY *key_ecdsa;

  160. 		guchar *key_eddsa;

  161. 	} key;

  162. 	BIO *key_bio;

  163. 	EVP_PKEY *key_evp;

  164. 	time_t mtime;

  165. 	guint ttl;

  166. 	enum rspamd_dkim_key_type type;

  167. 	ref_entry_t ref;

  168. };

  169. 

  170. struct rspamd_dkim_sign_context_s {

  171. 	struct rspamd_dkim_common_ctx common;

  172. 	rspamd_dkim_sign_key_t *key;

  173. };

  174. 

  175. struct rspamd_dkim_header {

  176. 	const gchar *name;

  177. 	gint count;

  178. };

  179. 

  180. /* Parser of dkim params */

  181. typedef gboolean (*dkim_parse_param_f) (rspamd_dkim_context_t * ctx,

  182. 	const gchar *param, gsize len, GError **err);

  183. 

  184. static gboolean rspamd_dkim_parse_signature (rspamd_dkim_context_t * ctx,

  185. 	const gchar *param,

  186. 	gsize len,

  187. 	GError **err);

  188. static gboolean rspamd_dkim_parse_signalg (rspamd_dkim_context_t * ctx,

  189. 	const gchar *param,

  190. 	gsize len,

  191. 	GError **err);

  192. static gboolean rspamd_dkim_parse_domain (rspamd_dkim_context_t * ctx,

  193. 	const gchar *param,

  194. 	gsize len,

  195. 	GError **err);

  196. static gboolean rspamd_dkim_parse_canonalg (rspamd_dkim_context_t * ctx,

  197. 	const gchar *param,

  198. 	gsize len,

  199. 	GError **err);

  200. static gboolean rspamd_dkim_parse_ignore (rspamd_dkim_context_t * ctx,

  201. 	const gchar *param,

  202. 	gsize len,

  203. 	GError **err);

  204. static gboolean rspamd_dkim_parse_selector (rspamd_dkim_context_t * ctx,

  205. 	const gchar *param,

  206. 	gsize len,

  207. 	GError **err);

  208. static gboolean rspamd_dkim_parse_hdrlist (rspamd_dkim_context_t * ctx,

  209. 	const gchar *param,

  210. 	gsize len,

  211. 	GError **err);

  212. static gboolean rspamd_dkim_parse_version (rspamd_dkim_context_t * ctx,

  213. 	const gchar *param,

  214. 	gsize len,

  215. 	GError **err);

  216. static gboolean rspamd_dkim_parse_timestamp (rspamd_dkim_context_t * ctx,

  217. 	const gchar *param,

  218. 	gsize len,

  219. 	GError **err);

  220. static gboolean rspamd_dkim_parse_expiration (rspamd_dkim_context_t * ctx,

  221. 	const gchar *param,

  222. 	gsize len,

  223. 	GError **err);

  224. static gboolean rspamd_dkim_parse_bodyhash (rspamd_dkim_context_t * ctx,

  225. 	const gchar *param,

  226. 	gsize len,

  227. 	GError **err);

  228. static gboolean rspamd_dkim_parse_bodylength (rspamd_dkim_context_t * ctx,

  229. 	const gchar *param,

  230. 	gsize len,

  231. 	GError **err);

  232. static gboolean rspamd_dkim_parse_idx (rspamd_dkim_context_t * ctx,

  233. 		const gchar *param,

  234. 		gsize len,

  235. 		GError **err);

  236. static gboolean rspamd_dkim_parse_cv (rspamd_dkim_context_t * ctx,

  237. 		const gchar *param,

  238. 		gsize len,

  239. 		GError **err);

  240. 

  241. 

  242. static const dkim_parse_param_f parser_funcs[] = {

  243. 	[DKIM_PARAM_SIGNATURE] = rspamd_dkim_parse_signature,

  244. 	[DKIM_PARAM_SIGNALG] = rspamd_dkim_parse_signalg,

  245. 	[DKIM_PARAM_DOMAIN] = rspamd_dkim_parse_domain,

  246. 	[DKIM_PARAM_CANONALG] = rspamd_dkim_parse_canonalg,

  247. 	[DKIM_PARAM_QUERYMETHOD] = rspamd_dkim_parse_ignore,

  248. 	[DKIM_PARAM_SELECTOR] = rspamd_dkim_parse_selector,

  249. 	[DKIM_PARAM_HDRLIST] = rspamd_dkim_parse_hdrlist,

  250. 	[DKIM_PARAM_VERSION] = rspamd_dkim_parse_version,

  251. 	[DKIM_PARAM_IDENTITY] = rspamd_dkim_parse_ignore,

  252. 	[DKIM_PARAM_TIMESTAMP] = rspamd_dkim_parse_timestamp,

  253. 	[DKIM_PARAM_EXPIRATION] = rspamd_dkim_parse_expiration,

  254. 	[DKIM_PARAM_COPIEDHDRS] = rspamd_dkim_parse_ignore,

  255. 	[DKIM_PARAM_BODYHASH] = rspamd_dkim_parse_bodyhash,

  256. 	[DKIM_PARAM_BODYLENGTH] = rspamd_dkim_parse_bodylength,

  257. 	[DKIM_PARAM_IDX] = rspamd_dkim_parse_idx,

  258. 	[DKIM_PARAM_CV] = rspamd_dkim_parse_cv,

  259. 	[DKIM_PARAM_IGNORE] = rspamd_dkim_parse_ignore,

  260. };

  261. 

  262. #define DKIM_ERROR dkim_error_quark ()

  263. GQuark

  264. dkim_error_quark (void)

  265. {

  266. 	return g_quark_from_static_string ("dkim-error-quark");

  267. }

  268. 

  269. /* Parsers implementation */

  270. static gboolean

  271. rspamd_dkim_parse_signature (rspamd_dkim_context_t * ctx,

  272. 	const gchar *param,

  273. 	gsize len,

  274. 	GError **err)

  275. {

  276. 	ctx->b = rspamd_mempool_alloc0 (ctx->pool, len);

  277. 	ctx->short_b = rspamd_mempool_alloc0 (ctx->pool, RSPAMD_SHORT_BH_LEN + 1);

  278. 	rspamd_strlcpy (ctx->short_b, param, MIN (len, RSPAMD_SHORT_BH_LEN + 1));

  279. 	(void)rspamd_cryptobox_base64_decode (param, len, ctx->b, &ctx->blen);

  280. 

  281. 	return TRUE;

  282. }

  283. 

  284. static gboolean

  285. rspamd_dkim_parse_signalg (rspamd_dkim_context_t * ctx,

  286. 	const gchar *param,

  287. 	gsize len,

  288. 	GError **err)

  289. {

  290. 	/* XXX: ugly size comparison, improve this code style some day */

  291. 	if (len == 8) {

  292. 		if (memcmp (param, "rsa-sha1", len) == 0) {

  293. 			ctx->sig_alg = DKIM_SIGN_RSASHA1;

  294. 			return TRUE;

  295. 		}

  296. 	}

  297. 	else if (len == 10) {

  298. 		if (memcmp (param, "rsa-sha256", len) == 0) {

  299. 			ctx->sig_alg = DKIM_SIGN_RSASHA256;

  300. 			return TRUE;

  301. 		}

  302. 		else if (memcmp (param, "rsa-sha512", len) == 0) {

  303. 			ctx->sig_alg = DKIM_SIGN_RSASHA512;

  304. 			return TRUE;

  305. 		}

  306. 	}

  307. 	else if (len == 15) {

  308. 		if (memcmp (param, "ecdsa256-sha256", len) == 0) {

  309. 			ctx->sig_alg = DKIM_SIGN_ECDSASHA256;

  310. 			return TRUE;

  311. 		}

  312. 		else if (memcmp (param, "ecdsa256-sha512", len) == 0) {

  313. 			ctx->sig_alg = DKIM_SIGN_ECDSASHA512;

  314. 			return TRUE;

  315. 		}

  316. 	}

  317. 	else if (len == 14) {

  318. 		if (memcmp (param, "ed25519-sha256", len) == 0) {

  319. 			ctx->sig_alg = DKIM_SIGN_EDDSASHA256;

  320. 			return TRUE;

  321. 		}

  322. 	}

  323. 

  324. 	g_set_error (err,

  325. 		DKIM_ERROR,

  326. 		DKIM_SIGERROR_INVALID_A,

  327. 		"invalid dkim sign algorithm");

  328. 	return FALSE;

  329. }

  330. 

  331. static gboolean

  332. rspamd_dkim_parse_domain (rspamd_dkim_context_t * ctx,

  333. 	const gchar *param,

  334. 	gsize len,

  335. 	GError **err)

  336. {

  337. 	if (!rspamd_str_has_8bit (param, len)) {

  338. 		ctx->domain = rspamd_mempool_alloc (ctx->pool, len + 1);

  339. 		rspamd_strlcpy (ctx->domain, param, len + 1);

  340. 	}

  341. 	else {

  342. 		ctx->domain = rspamd_dns_resolver_idna_convert_utf8 (ctx->resolver,

  343. 				ctx->pool, param, len, NULL);

  344. 

  345. 		if (!ctx->domain) {

  346. 			g_set_error (err,

  347. 					DKIM_ERROR,

  348. 					DKIM_SIGERROR_INVALID_H,

  349. 					"invalid dkim domain tag %*.s: idna failed",

  350. 					(int)len, param);

  351. 

  352. 			return FALSE;

  353. 		}

  354. 	}

  355. 

  356. 	return TRUE;

  357. }

  358. 

  359. static gboolean

  360. rspamd_dkim_parse_canonalg (rspamd_dkim_context_t * ctx,

  361. 	const gchar *param,

  362. 	gsize len,

  363. 	GError **err)

  364. {

  365. 	const gchar *p, *slash = NULL, *end = param + len;

  366. 	gsize sl = 0;

  367. 

  368. 	p = param;

  369. 	while (p != end) {

  370. 		if (*p == '/') {

  371. 			slash = p;

  372. 			break;

  373. 		}

  374. 		p++;

  375. 		sl++;

  376. 	}

  377. 

  378. 	if (slash == NULL) {

  379. 		/* Only check header */

  380. 		if (len == 6 && memcmp (param, "simple", len) == 0) {

  381. 			ctx->common.header_canon_type = DKIM_CANON_SIMPLE;

  382. 			return TRUE;

  383. 		}

  384. 		else if (len == 7 && memcmp (param, "relaxed", len) == 0) {

  385. 			ctx->common.header_canon_type = DKIM_CANON_RELAXED;

  386. 			return TRUE;

  387. 		}

  388. 	}

  389. 	else {

  390. 		/* First check header */

  391. 		if (sl == 6 && memcmp (param, "simple", sl) == 0) {

  392. 			ctx->common.header_canon_type = DKIM_CANON_SIMPLE;

  393. 		}

  394. 		else if (sl == 7 && memcmp (param, "relaxed", sl) == 0) {

  395. 			ctx->common.header_canon_type = DKIM_CANON_RELAXED;

  396. 		}

  397. 		else {

  398. 			goto err;

  399. 		}

  400. 		/* Check body */

  401. 		len -= sl + 1;

  402. 		slash++;

  403. 		if (len == 6 && memcmp (slash, "simple", len) == 0) {

  404. 			ctx->common.body_canon_type = DKIM_CANON_SIMPLE;

  405. 			return TRUE;

  406. 		}

  407. 		else if (len == 7 && memcmp (slash, "relaxed", len) == 0) {

  408. 			ctx->common.body_canon_type = DKIM_CANON_RELAXED;

  409. 			return TRUE;

  410. 		}

  411. 	}

  412. 

  413. err:

  414. 	g_set_error (err,

  415. 		DKIM_ERROR,

  416. 		DKIM_SIGERROR_INVALID_A,

  417. 		"invalid dkim canonization algorithm");

  418. 	return FALSE;

  419. }

  420. 

  421. static gboolean

  422. rspamd_dkim_parse_ignore (rspamd_dkim_context_t * ctx,

  423. 	const gchar *param,

  424. 	gsize len,

  425. 	GError **err)

  426. {

  427. 	/* Just ignore unused params */

  428. 	return TRUE;

  429. }

  430. 

  431. static gboolean

  432. rspamd_dkim_parse_selector (rspamd_dkim_context_t * ctx,

  433. 	const gchar *param,

  434. 	gsize len,

  435. 	GError **err)

  436. {

  437. 

  438. 	if (!rspamd_str_has_8bit (param, len)) {

  439. 		ctx->selector = rspamd_mempool_alloc (ctx->pool, len + 1);

  440. 		rspamd_strlcpy (ctx->selector, param, len + 1);

  441. 	}

  442. 	else {

  443. 		ctx->selector = rspamd_dns_resolver_idna_convert_utf8 (ctx->resolver,

  444. 				ctx->pool, param, len, NULL);

  445. 

  446. 		if (!ctx->selector) {

  447. 			g_set_error (err,

  448. 					DKIM_ERROR,

  449. 					DKIM_SIGERROR_INVALID_H,

  450. 					"invalid dkim selector tag %*.s: idna failed",

  451. 					(int)len, param);

  452. 

  453. 			return FALSE;

  454. 		}

  455. 	}

  456. 

  457. 	return TRUE;

  458. }

  459. 

  460. static void

  461. rspamd_dkim_hlist_free (void *ud)

  462. {

  463. 	GPtrArray *a = ud;

  464. 

  465. 	g_ptr_array_free (a, TRUE);

  466. }

  467. 

  468. static gboolean

  469. rspamd_dkim_parse_hdrlist_common (struct rspamd_dkim_common_ctx *ctx,

  470. 	const gchar *param,

  471. 	gsize len,

  472. 	gboolean sign,

  473. 	GError **err)

  474. {

  475. 	const gchar *c, *p, *end = param + len;

  476. 	gchar *h;

  477. 	gboolean from_found = FALSE, oversign, existing;

  478. 	guint count = 0;

  479. 	struct rspamd_dkim_header *new;

  480. 	gpointer found;

  481. 	union rspamd_dkim_header_stat u;

  482. 

  483. 	p = param;

  484. 	while (p <= end) {

  485. 		if ((p == end || *p == ':')) {

  486. 			count++;

  487. 		}

  488. 		p++;

  489. 	}

  490. 

  491. 	if (count > 0) {

  492. 		ctx->hlist = g_ptr_array_sized_new (count);

  493. 	}

  494. 	else {

  495. 		return FALSE;

  496. 	}

  497. 

  498. 	c = param;

  499. 	p = param;

  500. 	ctx->htable = g_hash_table_new (rspamd_strcase_hash, rspamd_strcase_equal);

  501. 

  502. 	while (p <= end) {

  503. 		if ((p == end || *p == ':') && p - c > 0) {

  504. 			oversign = FALSE;

  505. 			existing = FALSE;

  506. 			h = rspamd_mempool_alloc (ctx->pool, p - c + 1);

  507. 			rspamd_strlcpy (h, c, p - c + 1);

  508. 

  509. 			g_strstrip (h);

  510. 

  511. 			if (sign) {

  512. 				if (rspamd_lc_cmp (h, "(o)", 3) == 0) {

  513. 					oversign = TRUE;

  514. 					h += 3;

  515. 					msg_debug_dkim ("oversign header: %s", h);

  516. 				}

  517. 				else if (rspamd_lc_cmp (h, "(x)", 3) == 0) {

  518. 					oversign = TRUE;

  519. 					existing = TRUE;

  520. 					h += 3;

  521. 					msg_debug_dkim ("oversign existing header: %s", h);

  522. 				}

  523. 			}

  524. 

  525. 			/* Check mandatory from */

  526. 			if (!from_found && g_ascii_strcasecmp (h, "from") == 0) {

  527. 				from_found = TRUE;

  528. 			}

  529. 

  530. 			new = rspamd_mempool_alloc (ctx->pool,

  531. 					sizeof (struct rspamd_dkim_header));

  532. 			new->name = h;

  533. 			new->count = 0;

  534. 			u.n = 0;

  535. 

  536. 			g_ptr_array_add (ctx->hlist, new);

  537. 			found = g_hash_table_lookup (ctx->htable, h);

  538. 

  539. 			if (oversign) {

  540. 				if (found) {

  541. 					msg_err_dkim ("specified oversigned header more than once: %s",

  542. 							h);

  543. 				}

  544. 

  545. 				u.s.flags |= RSPAMD_DKIM_FLAG_OVERSIGN;

  546. 

  547. 				if (existing) {

  548. 					u.s.flags |= RSPAMD_DKIM_FLAG_OVERSIGN_EXISTING;

  549. 				}

  550. 

  551. 				u.s.count = 0;

  552. 			}

  553. 			else {

  554. 				if (found != NULL) {

  555. 					u.n = GPOINTER_TO_UINT (found);

  556. 					new->count = u.s.count;

  557. 					u.s.count ++;

  558. 				}

  559. 				else {

  560. 					/* Insert new header order to the list */

  561. 					u.s.count = new->count + 1;

  562. 				}

  563. 			}

  564. 

  565. 			g_hash_table_insert (ctx->htable, h, GUINT_TO_POINTER (u.n));

  566. 

  567. 			c = p + 1;

  568. 			p++;

  569. 		}

  570. 		else {

  571. 			p++;

  572. 		}

  573. 	}

  574. 

  575. 	if (!ctx->hlist) {

  576. 		g_set_error (err,

  577. 			DKIM_ERROR,

  578. 			DKIM_SIGERROR_INVALID_H,

  579. 			"invalid dkim header list");

  580. 		return FALSE;

  581. 	}

  582. 	else {

  583. 		if (!from_found) {

  584. 			g_ptr_array_free (ctx->hlist, TRUE);

  585. 			g_set_error (err,

  586. 				DKIM_ERROR,

  587. 				DKIM_SIGERROR_INVALID_H,

  588. 				"invalid dkim header list, from header is missing");

  589. 			return FALSE;

  590. 		}

  591. 

  592. 		rspamd_mempool_add_destructor (ctx->pool,

  593. 			(rspamd_mempool_destruct_t)rspamd_dkim_hlist_free,

  594. 			ctx->hlist);

  595. 		rspamd_mempool_add_destructor (ctx->pool,

  596. 				(rspamd_mempool_destruct_t)g_hash_table_unref,

  597. 				ctx->htable);

  598. 	}

  599. 

  600. 	return TRUE;

  601. }

  602. 

  603. static gboolean

  604. rspamd_dkim_parse_hdrlist (rspamd_dkim_context_t *ctx,

  605. 	const gchar *param,

  606. 	gsize len,

  607. 	GError **err)

  608. {

  609. 	return rspamd_dkim_parse_hdrlist_common (&ctx->common, param, len, FALSE, err);

  610. }

  611. 

  612. static gboolean

  613. rspamd_dkim_parse_version (rspamd_dkim_context_t * ctx,

  614. 	const gchar *param,

  615. 	gsize len,

  616. 	GError **err)

  617. {

  618. 	if (len != 1 || *param != '1') {

  619. 		g_set_error (err,

  620. 			DKIM_ERROR,

  621. 			DKIM_SIGERROR_VERSION,

  622. 			"invalid dkim version");

  623. 		return FALSE;

  624. 	}

  625. 

  626. 	ctx->ver = 1;

  627. 	return TRUE;

  628. }

  629. 

  630. static gboolean

  631. rspamd_dkim_parse_timestamp (rspamd_dkim_context_t * ctx,

  632. 	const gchar *param,

  633. 	gsize len,

  634. 	GError **err)

  635. {

  636. 	gulong val;

  637. 

  638. 	if (!rspamd_strtoul (param, len, &val)) {

  639. 		g_set_error (err,

  640. 			DKIM_ERROR,

  641. 			DKIM_SIGERROR_UNKNOWN,

  642. 			"invalid dkim timestamp");

  643. 		return FALSE;

  644. 	}

  645. 	ctx->timestamp = val;

  646. 

  647. 	return TRUE;

  648. }

  649. 

  650. static gboolean

  651. rspamd_dkim_parse_expiration (rspamd_dkim_context_t * ctx,

  652. 	const gchar *param,

  653. 	gsize len,

  654. 	GError **err)

  655. {

  656. 	gulong val;

  657. 

  658. 	if (!rspamd_strtoul (param, len, &val)) {

  659. 		g_set_error (err,

  660. 			DKIM_ERROR,

  661. 			DKIM_SIGERROR_UNKNOWN,

  662. 			"invalid dkim expiration");

  663. 		return FALSE;

  664. 	}

  665. 	ctx->expiration = val;

  666. 

  667. 	return TRUE;

  668. }

  669. 

  670. static gboolean

  671. rspamd_dkim_parse_bodyhash (rspamd_dkim_context_t * ctx,

  672. 	const gchar *param,

  673. 	gsize len,

  674. 	GError **err)

  675. {

  676. 	ctx->bh = rspamd_mempool_alloc0 (ctx->pool, len);

  677. 	(void)rspamd_cryptobox_base64_decode (param, len, ctx->bh, &ctx->bhlen);

  678. 

  679. 	return TRUE;

  680. }

  681. 

  682. static gboolean

  683. rspamd_dkim_parse_bodylength (rspamd_dkim_context_t * ctx,

  684. 	const gchar *param,

  685. 	gsize len,

  686. 	GError **err)

  687. {

  688. 	gulong val;

  689. 

  690. 	if (!rspamd_strtoul (param, len, &val)) {

  691. 		g_set_error (err,

  692. 			DKIM_ERROR,

  693. 			DKIM_SIGERROR_INVALID_L,

  694. 			"invalid dkim body length");

  695. 		return FALSE;

  696. 	}

  697. 	ctx->common.len = val;

  698. 

  699. 	return TRUE;

  700. }

  701. 

  702. static gboolean

  703. rspamd_dkim_parse_idx (rspamd_dkim_context_t * ctx,

  704. 		const gchar *param,

  705. 		gsize len,

  706. 		GError **err)

  707. {

  708. 	gulong val;

  709. 

  710. 	if (!rspamd_strtoul (param, len, &val)) {

  711. 		g_set_error (err,

  712. 				DKIM_ERROR,

  713. 				DKIM_SIGERROR_INVALID_L,

  714. 				"invalid ARC idx");

  715. 		return FALSE;

  716. 	}

  717. 	ctx->common.idx = val;

  718. 

  719. 	return TRUE;

  720. }

  721. 

  722. static gboolean

  723. rspamd_dkim_parse_cv (rspamd_dkim_context_t * ctx,

  724. 		const gchar *param,

  725. 		gsize len,

  726. 		GError **err)

  727. {

  728. 

  729. 	/* Only check header */

  730. 	if (len == 4 && memcmp (param, "fail", len) == 0) {

  731. 		ctx->cv = RSPAMD_ARC_FAIL;

  732. 		return TRUE;

  733. 	}

  734. 	else if (len == 4 && memcmp (param, "pass", len) == 0) {

  735. 		ctx->cv = RSPAMD_ARC_PASS;

  736. 		return TRUE;

  737. 	}

  738. 	else if (len == 4 && memcmp (param, "none", len) == 0) {

  739. 		ctx->cv = RSPAMD_ARC_NONE;

  740. 		return TRUE;

  741. 	}

  742. 	else if (len == 7 && memcmp (param, "invalid", len) == 0) {

  743. 		ctx->cv = RSPAMD_ARC_INVALID;

  744. 		return TRUE;

  745. 	}

  746. 

  747. 	g_set_error (err,

  748. 			DKIM_ERROR,

  749. 			DKIM_SIGERROR_UNKNOWN,

  750. 			"invalid arc seal verification result");

  751. 

  752. 	return FALSE;

  753. }

  754. 

  755. 

  756. static void

  757. rspamd_dkim_add_arc_seal_headers (rspamd_mempool_t *pool,

  758. 		struct rspamd_dkim_common_ctx *ctx)

  759. {

  760. 	struct rspamd_dkim_header *hdr;

  761. 	gint count = ctx->idx, i;

  762. 

  763. 	ctx->hlist = g_ptr_array_sized_new (count * 3 - 1);

  764. 

  765. 	for (i = 0; i < count; i ++) {

  766. 		/* Authentication results */

  767. 		hdr = rspamd_mempool_alloc (pool, sizeof (*hdr));

  768. 		hdr->name = RSPAMD_DKIM_ARC_AUTHHEADER;

  769. 		hdr->count = -(i + 1);

  770. 		g_ptr_array_add (ctx->hlist, hdr);

  771. 

  772. 		/* Arc signature */

  773. 		hdr = rspamd_mempool_alloc (pool, sizeof (*hdr));

  774. 		hdr->name = RSPAMD_DKIM_ARC_SIGNHEADER;

  775. 		hdr->count = -(i + 1);

  776. 		g_ptr_array_add (ctx->hlist, hdr);

  777. 

  778. 		/* Arc seal (except last one) */

  779. 		if (i != count - 1) {

  780. 			hdr = rspamd_mempool_alloc (pool, sizeof (*hdr));

  781. 			hdr->name = RSPAMD_DKIM_ARC_SEALHEADER;

  782. 			hdr->count = -(i + 1);

  783. 			g_ptr_array_add (ctx->hlist, hdr);

  784. 		}

  785. 	}

  786. 

  787. 	rspamd_mempool_add_destructor (ctx->pool,

  788. 			(rspamd_mempool_destruct_t)rspamd_dkim_hlist_free,

  789. 			ctx->hlist);

  790. }

  791. 

  792. /**

  793.  * Create new dkim context from signature

  794.  * @param sig message's signature

  795.  * @param pool pool to allocate memory from

  796.  * @param err pointer to error object

  797.  * @return new context or NULL

  798.  */

  799. rspamd_dkim_context_t *

  800. rspamd_create_dkim_context (const gchar *sig,

  801. 							rspamd_mempool_t *pool,

  802. 							struct rspamd_dns_resolver *resolver,

  803. 							guint time_jitter,

  804. 							enum rspamd_dkim_type type,

  805. 							GError **err)

  806. {

  807. 	const gchar *p, *c, *tag = NULL, *end;

  808. 	gsize taglen;

  809. 	gint param = DKIM_PARAM_UNKNOWN;

  810. 	const EVP_MD *md_alg;

  811. 	time_t now;

  812. 	rspamd_dkim_context_t *ctx;

  813. 	enum {

  814. 		DKIM_STATE_TAG = 0,

  815. 		DKIM_STATE_AFTER_TAG,

  816. 		DKIM_STATE_VALUE,

  817. 		DKIM_STATE_SKIP_SPACES = 99,

  818. 		DKIM_STATE_ERROR = 100

  819. 	}                                state, next_state;

  820. 

  821. 

  822. 	if (sig == NULL) {

  823. 		g_set_error (err,

  824. 				DKIM_ERROR,

  825. 				DKIM_SIGERROR_EMPTY_B,

  826. 				"empty signature");

  827. 		return NULL;

  828. 	}

  829. 

  830. 	ctx = rspamd_mempool_alloc0 (pool, sizeof (rspamd_dkim_context_t));

  831. 	ctx->pool = pool;

  832. 	ctx->resolver = resolver;

  833. 

  834. 	if (type == RSPAMD_DKIM_ARC_SEAL) {

  835. 		ctx->common.header_canon_type = DKIM_CANON_RELAXED;

  836. 		ctx->common.body_canon_type = DKIM_CANON_RELAXED;

  837. 	}

  838. 	else {

  839. 		ctx->common.header_canon_type = DKIM_CANON_DEFAULT;

  840. 		ctx->common.body_canon_type = DKIM_CANON_DEFAULT;

  841. 	}

  842. 

  843. 	ctx->sig_alg = DKIM_SIGN_UNKNOWN;

  844. 	ctx->common.pool = pool;

  845. 	ctx->common.type = type;

  846. 	/* A simple state machine of parsing tags */

  847. 	state = DKIM_STATE_SKIP_SPACES;

  848. 	next_state = DKIM_STATE_TAG;

  849. 	taglen = 0;

  850. 	p = sig;

  851. 	c = sig;

  852. 	end = p + strlen (p);

  853. 	ctx->common.sig_hash = rspamd_cryptobox_fast_hash (sig, end - sig,

  854. 			rspamd_hash_seed ());

  855. 

  856. 	msg_debug_dkim ("create dkim context sig = %L", ctx->common.sig_hash);

  857. 

  858. 	while (p <= end) {

  859. 		switch (state) {

  860. 		case DKIM_STATE_TAG:

  861. 			if (g_ascii_isspace (*p)) {

  862. 				taglen = p - c;

  863. 				while (*p && g_ascii_isspace (*p)) {

  864. 					/* Skip spaces before '=' sign */

  865. 					p++;

  866. 				}

  867. 				if (*p != '=') {

  868. 					g_set_error (err,

  869. 						DKIM_ERROR,

  870. 						DKIM_SIGERROR_UNKNOWN,

  871. 						"invalid dkim param");

  872. 					state = DKIM_STATE_ERROR;

  873. 				}

  874. 				else {

  875. 					state = DKIM_STATE_SKIP_SPACES;

  876. 					next_state = DKIM_STATE_AFTER_TAG;

  877. 					param = DKIM_PARAM_UNKNOWN;

  878. 					p++;

  879. 					tag = c;

  880. 				}

  881. 			}

  882. 			else if (*p == '=') {

  883. 				state = DKIM_STATE_SKIP_SPACES;

  884. 				next_state = DKIM_STATE_AFTER_TAG;

  885. 				param = DKIM_PARAM_UNKNOWN;

  886. 				p++;

  887. 				tag = c;

  888. 			}

  889. 			else {

  890. 				taglen++;

  891. 				p++;

  892. 			}

  893. 			break;

  894. 		case DKIM_STATE_AFTER_TAG:

  895. 			/* We got tag at tag and len at taglen */

  896. 			switch (taglen) {

  897. 			case 0:

  898. 				g_set_error (err,

  899. 					DKIM_ERROR,

  900. 					DKIM_SIGERROR_UNKNOWN,

  901. 					"zero length dkim param");

  902. 				state = DKIM_STATE_ERROR;

  903. 				break;

  904. 			case 1:

  905. 				/* Simple tags */

  906. 				switch (*tag) {

  907. 				case 'v':

  908. 					if (type == RSPAMD_DKIM_NORMAL) {

  909. 						param = DKIM_PARAM_VERSION;

  910. 					}

  911. 					else {

  912. 						g_set_error (err,

  913. 								DKIM_ERROR,

  914. 								DKIM_SIGERROR_UNKNOWN,

  915. 								"invalid ARC v param");

  916. 						state = DKIM_STATE_ERROR;

  917. 						break;

  918. 					}

  919. 					break;

  920. 				case 'a':

  921. 					param = DKIM_PARAM_SIGNALG;

  922. 					break;

  923. 				case 'b':

  924. 					param = DKIM_PARAM_SIGNATURE;

  925. 					break;

  926. 				case 'c':

  927. 					param = DKIM_PARAM_CANONALG;

  928. 					break;

  929. 				case 'd':

  930. 					param = DKIM_PARAM_DOMAIN;

  931. 					break;

  932. 				case 'h':

  933. 					if (type == RSPAMD_DKIM_ARC_SEAL) {

  934. 						g_set_error (err,

  935. 								DKIM_ERROR,

  936. 								DKIM_SIGERROR_UNKNOWN,

  937. 								"ARC seal must NOT have h= tag");

  938. 						state = DKIM_STATE_ERROR;

  939. 						break;

  940. 					}

  941. 					else {

  942. 						param = DKIM_PARAM_HDRLIST;

  943. 					}

  944. 					break;

  945. 				case 'i':

  946. 					if (type == RSPAMD_DKIM_NORMAL) {

  947. 						param = DKIM_PARAM_IDENTITY;

  948. 					}

  949. 					else {

  950. 						param = DKIM_PARAM_IDX;

  951. 					}

  952. 					break;

  953. 				case 'l':

  954. 					param = DKIM_PARAM_BODYLENGTH;

  955. 					break;

  956. 				case 'q':

  957. 					param = DKIM_PARAM_QUERYMETHOD;

  958. 					break;

  959. 				case 's':

  960. 					param = DKIM_PARAM_SELECTOR;

  961. 					break;

  962. 				case 't':

  963. 					param = DKIM_PARAM_TIMESTAMP;

  964. 					break;

  965. 				case 'x':

  966. 					param = DKIM_PARAM_EXPIRATION;

  967. 					break;

  968. 				case 'z':

  969. 					param = DKIM_PARAM_COPIEDHDRS;

  970. 					break;

  971. 				case 'r':

  972. 					param = DKIM_PARAM_IGNORE;

  973. 					break;

  974. 				default:

  975. 					g_set_error (err,

  976. 						DKIM_ERROR,

  977. 						DKIM_SIGERROR_UNKNOWN,

  978. 						"invalid dkim param: %c",

  979. 						*tag);

  980. 					state = DKIM_STATE_ERROR;

  981. 					break;

  982. 				}

  983. 				break;

  984. 			case 2:

  985. 				if (tag[0] == 'b' && tag[1] == 'h') {

  986. 					if (type == RSPAMD_DKIM_ARC_SEAL) {

  987. 						g_set_error (err,

  988. 								DKIM_ERROR,

  989. 								DKIM_SIGERROR_UNKNOWN,

  990. 								"ARC seal must NOT have bh= tag");

  991. 						state = DKIM_STATE_ERROR;

  992. 						break;

  993. 					}

  994. 					else {

  995. 						param = DKIM_PARAM_BODYHASH;

  996. 					}

  997. 				}

  998. 				else if (tag[0] == 'c' && tag[1] == 'v') {

  999. 					if (type != RSPAMD_DKIM_ARC_SEAL) {

  1000. 						g_set_error (err,

  1001. 								DKIM_ERROR,

  1002. 								DKIM_SIGERROR_UNKNOWN,

  1003. 								"cv tag is valid for ARC-Seal only");

  1004. 						state = DKIM_STATE_ERROR;

  1005. 						break;

  1006. 					}

  1007. 					else {

  1008. 						param = DKIM_PARAM_CV;

  1009. 					}

  1010. 				}

  1011. 				else {

  1012. 					g_set_error (err,

  1013. 						DKIM_ERROR,

  1014. 						DKIM_SIGERROR_UNKNOWN,

  1015. 						"invalid dkim param: %c%c",

  1016. 						tag[0],

  1017. 						tag[1]);

  1018. 					state = DKIM_STATE_ERROR;

  1019. 				}

  1020. 				break;

  1021. 			default:

  1022. 				g_set_error (err,

  1023. 					DKIM_ERROR,

  1024. 					DKIM_SIGERROR_UNKNOWN,

  1025. 					"invalid dkim param length: %zd",

  1026. 					taglen);

  1027. 				state = DKIM_STATE_ERROR;

  1028. 				break;

  1029. 			}

  1030. 			if (state != DKIM_STATE_ERROR) {

  1031. 				/* Skip spaces */

  1032. 				state = DKIM_STATE_SKIP_SPACES;

  1033. 				next_state = DKIM_STATE_VALUE;

  1034. 			}

  1035. 			break;

  1036. 		case DKIM_STATE_VALUE:

  1037. 			if (*p == ';') {

  1038. 				if (param == DKIM_PARAM_UNKNOWN ||

  1039. 					p - c == 0) {

  1040. 					state = DKIM_STATE_ERROR;

  1041. 				}

  1042. 				else {

  1043. 					/* Cut trailing spaces for value */

  1044. 					gint tlen = p - c;

  1045. 					const gchar *tmp = p - 1;

  1046. 

  1047. 					while (tlen > 0) {

  1048. 						if (!g_ascii_isspace (*tmp)) {

  1049. 							break;

  1050. 						}

  1051. 						tlen --;

  1052. 						tmp --;

  1053. 					}

  1054. 

  1055. 					if (!parser_funcs[param](ctx, c, tlen, err)) {

  1056. 						state = DKIM_STATE_ERROR;

  1057. 					}

  1058. 					else {

  1059. 						state = DKIM_STATE_SKIP_SPACES;

  1060. 						next_state = DKIM_STATE_TAG;

  1061. 						p++;

  1062. 						taglen = 0;

  1063. 					}

  1064. 				}

  1065. 			}

  1066. 			else if (p == end) {

  1067. 				if (param == DKIM_PARAM_UNKNOWN) {

  1068. 					state = DKIM_STATE_ERROR;

  1069. 				}

  1070. 				else {

  1071. 					gint tlen = p - c;

  1072. 					const gchar *tmp = p - 1;

  1073. 

  1074. 					while (tlen > 0) {

  1075. 						if (!g_ascii_isspace (*tmp)) {

  1076. 							break;

  1077. 						}

  1078. 						tlen --;

  1079. 						tmp --;

  1080. 					}

  1081. 

  1082. 					if (!parser_funcs[param](ctx, c, tlen, err)) {

  1083. 						state = DKIM_STATE_ERROR;

  1084. 					}

  1085. 					if (state == DKIM_STATE_ERROR) {

  1086. 						/*

  1087. 						 * We need to return from here as state machine won't

  1088. 						 * do any more steps after p == end

  1089. 						 */

  1090. 						if (err) {

  1091. 							msg_info_dkim ("dkim parse failed: %e", *err);

  1092. 						}

  1093. 

  1094. 						return NULL;

  1095. 					}

  1096. 					/* Finish processing */

  1097. 					p++;

  1098. 				}

  1099. 			}

  1100. 			else {

  1101. 				p++;

  1102. 			}

  1103. 			break;

  1104. 		case DKIM_STATE_SKIP_SPACES:

  1105. 			if (g_ascii_isspace (*p)) {

  1106. 				p++;

  1107. 			}

  1108. 			else {

  1109. 				c = p;

  1110. 				state = next_state;

  1111. 			}

  1112. 			break;

  1113. 		case DKIM_STATE_ERROR:

  1114. 			if (err && *err) {

  1115. 				msg_info_dkim ("dkim parse failed: %s", (*err)->message);

  1116. 				return NULL;

  1117. 			}

  1118. 			else {

  1119. 				msg_info_dkim ("dkim parse failed: unknown error when parsing %c tag",

  1120. 						*tag);

  1121. 				return NULL;

  1122. 			}

  1123. 			break;

  1124. 		}

  1125. 	}

  1126. 

  1127. 	if (type == RSPAMD_DKIM_ARC_SEAL) {

  1128. 		rspamd_dkim_add_arc_seal_headers (pool, &ctx->common);

  1129. 	}

  1130. 

  1131. 	/* Now check validity of signature */

  1132. 	if (ctx->b == NULL) {

  1133. 		g_set_error (err,

  1134. 			DKIM_ERROR,

  1135. 			DKIM_SIGERROR_EMPTY_B,

  1136. 			"b parameter missing");

  1137. 		return NULL;

  1138. 	}

  1139. 	if (ctx->common.type != RSPAMD_DKIM_ARC_SEAL && ctx->bh == NULL) {

  1140. 		g_set_error (err,

  1141. 			DKIM_ERROR,

  1142. 			DKIM_SIGERROR_EMPTY_BH,

  1143. 			"bh parameter missing");

  1144. 		return NULL;

  1145. 	}

  1146. 	if (ctx->domain == NULL) {

  1147. 		g_set_error (err,

  1148. 			DKIM_ERROR,

  1149. 			DKIM_SIGERROR_EMPTY_D,

  1150. 			"domain parameter missing");

  1151. 		return NULL;

  1152. 	}

  1153. 	if (ctx->selector == NULL) {

  1154. 		g_set_error (err,

  1155. 			DKIM_ERROR,

  1156. 			DKIM_SIGERROR_EMPTY_S,

  1157. 			"selector parameter missing");

  1158. 		return NULL;

  1159. 	}

  1160. 	if (ctx->common.type == RSPAMD_DKIM_NORMAL && ctx->ver == 0) {

  1161. 		g_set_error (err,

  1162. 			DKIM_ERROR,

  1163. 			DKIM_SIGERROR_EMPTY_V,

  1164. 			"v parameter missing");

  1165. 		return NULL;

  1166. 	}

  1167. 	if (ctx->common.hlist == NULL) {

  1168. 		g_set_error (err,

  1169. 			DKIM_ERROR,

  1170. 			DKIM_SIGERROR_EMPTY_H,

  1171. 			"h parameter missing");

  1172. 		return NULL;

  1173. 	}

  1174. 	if (ctx->sig_alg == DKIM_SIGN_UNKNOWN) {

  1175. 		g_set_error (err,

  1176. 			DKIM_ERROR,

  1177. 			DKIM_SIGERROR_EMPTY_S,

  1178. 			"s parameter missing");

  1179. 		return NULL;

  1180. 	}

  1181. 

  1182. 	if (type != RSPAMD_DKIM_ARC_SEAL) {

  1183. 		if (ctx->sig_alg == DKIM_SIGN_RSASHA1) {

  1184. 			/* Check bh length */

  1185. 			if (ctx->bhlen != (guint) EVP_MD_size (EVP_sha1 ())) {

  1186. 				g_set_error (err,

  1187. 						DKIM_ERROR,

  1188. 						DKIM_SIGERROR_BADSIG,

  1189. 						"signature has incorrect length: %zu",

  1190. 						ctx->bhlen);

  1191. 				return NULL;

  1192. 			}

  1193. 

  1194. 		} else if (ctx->sig_alg == DKIM_SIGN_RSASHA256 ||

  1195. 				ctx->sig_alg == DKIM_SIGN_ECDSASHA256) {

  1196. 			if (ctx->bhlen !=

  1197. 					(guint) EVP_MD_size (EVP_sha256 ())) {

  1198. 				g_set_error (err,

  1199. 						DKIM_ERROR,

  1200. 						DKIM_SIGERROR_BADSIG,

  1201. 						"signature has incorrect length: %zu",

  1202. 						ctx->bhlen);

  1203. 				return NULL;

  1204. 			}

  1205. 		} else if (ctx->sig_alg == DKIM_SIGN_RSASHA512 ||

  1206. 				ctx->sig_alg == DKIM_SIGN_ECDSASHA512) {

  1207. 			if (ctx->bhlen !=

  1208. 					(guint) EVP_MD_size (EVP_sha512 ())) {

  1209. 				g_set_error (err,

  1210. 						DKIM_ERROR,

  1211. 						DKIM_SIGERROR_BADSIG,

  1212. 						"signature has incorrect length: %zu",

  1213. 						ctx->bhlen);

  1214. 				return NULL;

  1215. 			}

  1216. 		}

  1217. 	}

  1218. 

  1219. 	/* Check expiration */

  1220. 	now = time (NULL);

  1221. 	if (ctx->timestamp && now < ctx->timestamp && ctx->timestamp - now >

  1222. 		(gint)time_jitter) {

  1223. 		g_set_error (err,

  1224. 			DKIM_ERROR,

  1225. 			DKIM_SIGERROR_FUTURE,

  1226. 			"signature was made in future, ignoring");

  1227. 		return NULL;

  1228. 	}

  1229. 	if (ctx->expiration && ctx->expiration < now) {

  1230. 		g_set_error (err,

  1231. 			DKIM_ERROR,

  1232. 			DKIM_SIGERROR_EXPIRED,

  1233. 			"signature has expired");

  1234. 		return NULL;

  1235. 	}

  1236. 

  1237. 	if (ctx->common.type != RSPAMD_DKIM_NORMAL && (ctx->common.idx == 0 ||

  1238. 			ctx->common.idx > RSPAMD_DKIM_MAX_ARC_IDX)) {

  1239. 		g_set_error (err,

  1240. 				DKIM_ERROR,

  1241. 				DKIM_SIGERROR_UNKNOWN,

  1242. 				"i parameter missing or invalid for ARC");

  1243. 		return NULL;

  1244. 	}

  1245. 

  1246. 	if (ctx->common.type == RSPAMD_DKIM_ARC_SEAL) {

  1247. 		if (ctx->cv == RSPAMD_ARC_UNKNOWN) {

  1248. 			g_set_error (err,

  1249. 					DKIM_ERROR,

  1250. 					DKIM_SIGERROR_UNKNOWN,

  1251. 					"cv parameter missing or invalid for ARC");

  1252. 			return NULL;

  1253. 		}

  1254. 	}

  1255. 

  1256. 	/* Now create dns key to request further */

  1257. 	taglen = strlen (ctx->domain) + strlen (ctx->selector) +

  1258. 		sizeof (DKIM_DNSKEYNAME) + 2;

  1259. 	ctx->dns_key = rspamd_mempool_alloc (ctx->pool, taglen);

  1260. 	rspamd_snprintf (ctx->dns_key,

  1261. 		taglen,

  1262. 		"%s.%s.%s",

  1263. 		ctx->selector,

  1264. 		DKIM_DNSKEYNAME,

  1265. 		ctx->domain);

  1266. 

  1267. 	/* Create checksums for further operations */

  1268. 	if (ctx->sig_alg == DKIM_SIGN_RSASHA1) {

  1269. 		md_alg = EVP_sha1 ();

  1270. 	}

  1271. 	else if (ctx->sig_alg == DKIM_SIGN_RSASHA256 ||

  1272. 			ctx->sig_alg == DKIM_SIGN_ECDSASHA256 ||

  1273. 			ctx->sig_alg == DKIM_SIGN_EDDSASHA256) {

  1274. 		md_alg = EVP_sha256 ();

  1275. 	}

  1276. 	else if (ctx->sig_alg == DKIM_SIGN_RSASHA512 ||

  1277. 			ctx->sig_alg == DKIM_SIGN_ECDSASHA512) {

  1278. 		md_alg = EVP_sha512 ();

  1279. 	}

  1280. 	else {

  1281. 		g_set_error (err,

  1282. 			DKIM_ERROR,

  1283. 			DKIM_SIGERROR_BADSIG,

  1284. 			"signature has unsupported signature algorithm");

  1285. 

  1286. 		return NULL;

  1287. 	}

  1288. #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

  1289. 	ctx->common.body_hash = EVP_MD_CTX_create ();

  1290. 	EVP_DigestInit_ex (ctx->common.body_hash, md_alg, NULL);

  1291. 	ctx->common.headers_hash = EVP_MD_CTX_create ();

  1292. 	EVP_DigestInit_ex (ctx->common.headers_hash, md_alg, NULL);

  1293. 	rspamd_mempool_add_destructor (pool,

  1294. 			(rspamd_mempool_destruct_t)EVP_MD_CTX_destroy, ctx->common.body_hash);

  1295. 	rspamd_mempool_add_destructor (pool,

  1296. 			(rspamd_mempool_destruct_t)EVP_MD_CTX_destroy, ctx->common.headers_hash);

  1297. #else

  1298. 	ctx->common.body_hash = EVP_MD_CTX_new ();

  1299. 	EVP_DigestInit_ex (ctx->common.body_hash, md_alg, NULL);

  1300. 	ctx->common.headers_hash = EVP_MD_CTX_new ();

  1301. 	EVP_DigestInit_ex (ctx->common.headers_hash, md_alg, NULL);

  1302. 	rspamd_mempool_add_destructor (pool,

  1303. 			(rspamd_mempool_destruct_t)EVP_MD_CTX_free, ctx->common.body_hash);

  1304. 	rspamd_mempool_add_destructor (pool,

  1305. 			(rspamd_mempool_destruct_t)EVP_MD_CTX_free, ctx->common.headers_hash);

  1306. #endif

  1307. 	ctx->dkim_header = sig;

  1308. 

  1309. 	return ctx;

  1310. }

  1311. 

  1312. struct rspamd_dkim_key_cbdata {

  1313. 	rspamd_dkim_context_t *ctx;

  1314. 	dkim_key_handler_f handler;

  1315. 	gpointer ud;

  1316. };

  1317. 

  1318. rspamd_dkim_key_t *

  1319. rspamd_dkim_make_key (const gchar *keydata,

  1320. 		guint keylen, enum rspamd_dkim_key_type type, GError **err)

  1321. {

  1322. 	rspamd_dkim_key_t *key = NULL;

  1323. 

  1324. 	if (keylen < 3) {

  1325. 		g_set_error (err,

  1326. 				DKIM_ERROR,

  1327. 				DKIM_SIGERROR_KEYFAIL,

  1328. 				"DKIM key is too short to be valid");

  1329. 		return NULL;

  1330. 	}

  1331. 

  1332. 	key = g_malloc0 (sizeof (rspamd_dkim_key_t));

  1333. 	REF_INIT_RETAIN (key, rspamd_dkim_key_free);

  1334. 	key->keydata = g_malloc0 (keylen + 1);

  1335. 	key->decoded_len = keylen;

  1336. 	key->keylen = keylen;

  1337. 	key->type = type;

  1338. 

  1339. 	if (!rspamd_cryptobox_base64_decode (keydata, keylen, key->keydata,

  1340. 			&key->decoded_len)) {

  1341. 		REF_RELEASE (key);

  1342. 		g_set_error (err,

  1343. 				DKIM_ERROR,

  1344. 				DKIM_SIGERROR_KEYFAIL,

  1345. 				"DKIM key is not a valid base64 string");

  1346. 

  1347. 		return NULL;

  1348. 	}

  1349. 

  1350. 	/* Calculate ID -> md5 */

  1351. 	EVP_MD_CTX *mdctx = EVP_MD_CTX_create ();

  1352. 

  1353. #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW

  1354. 	EVP_MD_CTX_set_flags (mdctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);

  1355. #endif

  1356. 

  1357. 	if (EVP_DigestInit_ex (mdctx, EVP_md5 (), NULL) == 1) {

  1358. 		guint dlen = sizeof (key->key_id);

  1359. 

  1360. 		EVP_DigestUpdate (mdctx, key->keydata, key->decoded_len);

  1361. 		EVP_DigestFinal_ex (mdctx, key->key_id, &dlen);

  1362. 	}

  1363. 

  1364. 	EVP_MD_CTX_destroy (mdctx);

  1365. 

  1366. 	if (key->type == RSPAMD_DKIM_KEY_EDDSA) {

  1367. 		key->key.key_eddsa = key->keydata;

  1368. 

  1369. 		if (key->decoded_len != rspamd_cryptobox_pk_sig_bytes (

  1370. 				RSPAMD_CRYPTOBOX_MODE_25519)) {

  1371. 			g_set_error (err,

  1372. 					DKIM_ERROR,

  1373. 					DKIM_SIGERROR_KEYFAIL,

  1374. 					"DKIM key is has invalid length %d for eddsa; expected %d",

  1375. 					(gint)key->decoded_len,

  1376. 					rspamd_cryptobox_pk_sig_bytes (RSPAMD_CRYPTOBOX_MODE_25519));

  1377. 			REF_RELEASE (key);

  1378. 

  1379. 			return NULL;

  1380. 		}

  1381. 	}

  1382. 	else {

  1383. 		key->key_bio = BIO_new_mem_buf (key->keydata, key->decoded_len);

  1384. 

  1385. 		if (key->key_bio == NULL) {

  1386. 			g_set_error (err,

  1387. 					DKIM_ERROR,

  1388. 					DKIM_SIGERROR_KEYFAIL,

  1389. 					"cannot make ssl bio from key");

  1390. 			REF_RELEASE (key);

  1391. 

  1392. 			return NULL;

  1393. 		}

  1394. 

  1395. 		key->key_evp = d2i_PUBKEY_bio (key->key_bio, NULL);

  1396. 

  1397. 		if (key->key_evp == NULL) {

  1398. 			g_set_error (err,

  1399. 					DKIM_ERROR,

  1400. 					DKIM_SIGERROR_KEYFAIL,

  1401. 					"cannot extract pubkey from bio");

  1402. 			REF_RELEASE (key);

  1403. 

  1404. 			return NULL;

  1405. 		}

  1406. 

  1407. 		if (type == RSPAMD_DKIM_KEY_RSA) {

  1408. 			key->key.key_rsa = EVP_PKEY_get1_RSA (key->key_evp);

  1409. 

  1410. 			if (key->key.key_rsa == NULL) {

  1411. 				g_set_error (err,

  1412. 						DKIM_ERROR,

  1413. 						DKIM_SIGERROR_KEYFAIL,

  1414. 						"cannot extract rsa key from evp key");

  1415. 				REF_RELEASE (key);

  1416. 

  1417. 				return NULL;

  1418. 			}

  1419. 		} else {

  1420. 			key->key.key_ecdsa = EVP_PKEY_get1_EC_KEY (key->key_evp);

  1421. 

  1422. 			if (key->key.key_ecdsa == NULL) {

  1423. 				g_set_error (err,

  1424. 						DKIM_ERROR,

  1425. 						DKIM_SIGERROR_KEYFAIL,

  1426. 						"cannot extract ecdsa key from evp key");

  1427. 				REF_RELEASE (key);

  1428. 

  1429. 				return NULL;

  1430. 			}

  1431. 		}

  1432. 	}

  1433. 

  1434. 	return key;

  1435. }

  1436. 

  1437. const guchar *

  1438. rspamd_dkim_key_id (rspamd_dkim_key_t *key)

  1439. {

  1440. 	if (key) {

  1441. 		return key->key_id;

  1442. 	}

  1443. 

  1444. 	return NULL;

  1445. }

  1446. 

  1447. /**

  1448.  * Free DKIM key

  1449.  * @param key

  1450.  */

  1451. void

  1452. rspamd_dkim_key_free (rspamd_dkim_key_t *key)

  1453. {

  1454. 	if (key->key_evp) {

  1455. 		EVP_PKEY_free (key->key_evp);

  1456. 	}

  1457. 

  1458. 	if (key->type == RSPAMD_DKIM_KEY_RSA) {

  1459. 		if (key->key.key_rsa) {

  1460. 			RSA_free (key->key.key_rsa);

  1461. 		}

  1462. 	}

  1463. 	else if (key->type == RSPAMD_DKIM_KEY_ECDSA) {

  1464. 		if (key->key.key_ecdsa) {

  1465. 			EC_KEY_free (key->key.key_ecdsa);

  1466. 		}

  1467. 	}

  1468. 	/* Nothing in case of eddsa key */

  1469. 	if (key->key_bio) {

  1470. 		BIO_free (key->key_bio);

  1471. 	}

  1472. 

  1473. 	g_free (key->keydata);

  1474. 	g_free (key);

  1475. }

  1476. 

  1477. void

  1478. rspamd_dkim_sign_key_free (rspamd_dkim_sign_key_t *key)

  1479. {

  1480. 	if (key->key_evp) {

  1481. 		EVP_PKEY_free (key->key_evp);

  1482. 	}

  1483. 	if (key->type == RSPAMD_DKIM_KEY_RSA) {

  1484. 		if (key->key.key_rsa) {

  1485. 			RSA_free (key->key.key_rsa);

  1486. 		}

  1487. 	}

  1488. 	if (key->key_bio) {

  1489. 		BIO_free (key->key_bio);

  1490. 	}

  1491. 

  1492. 	if (key->type == RSPAMD_DKIM_KEY_EDDSA) {

  1493. 		rspamd_explicit_memzero (key->key.key_eddsa, key->keylen);

  1494. 		g_free (key->keydata);

  1495. 	}

  1496. 

  1497. 	g_free (key);

  1498. }

  1499. 

  1500. rspamd_dkim_key_t *

  1501. rspamd_dkim_parse_key (const gchar *txt, gsize *keylen, GError **err)

  1502. {

  1503. 	const gchar *c, *p, *end, *key = NULL, *alg = "rsa";

  1504. 	enum {

  1505. 		read_tag = 0,

  1506. 		read_eqsign,

  1507. 		read_p_tag,

  1508. 		read_k_tag,

  1509. 	} state = read_tag;

  1510. 	gchar tag = '\0';

  1511. 	gsize klen = 0, alglen = 0;

  1512. 

  1513. 	c = txt;

  1514. 	p = txt;

  1515. 	end = txt + strlen (txt);

  1516. 

  1517. 	while (p < end) {

  1518. 		switch (state) {

  1519. 		case read_tag:

  1520. 			if (*p == '=') {

  1521. 				state = read_eqsign;

  1522. 			} else {

  1523. 				tag = *p;

  1524. 			}

  1525. 			p++;

  1526. 			break;

  1527. 		case read_eqsign:

  1528. 			if (tag == 'p') {

  1529. 				state = read_p_tag;

  1530. 				c = p;

  1531. 			} else if (tag == 'k') {

  1532. 				state = read_k_tag;

  1533. 				c = p;

  1534. 			} else {

  1535. 				/* Unknown tag, ignore */

  1536. 				state = read_tag;

  1537. 				tag = '\0';

  1538. 				p++;

  1539. 			}

  1540. 			break;

  1541. 		case read_p_tag:

  1542. 			if (*p == ';') {

  1543. 				klen = p - c;

  1544. 				key = c;

  1545. 				state = read_tag;

  1546. 				tag = '\0';

  1547. 			}

  1548. 			p++;

  1549. 			break;

  1550. 		case read_k_tag:

  1551. 			if (*p == ';') {

  1552. 				alglen = p - c;

  1553. 				alg = c;

  1554. 				state = read_tag;

  1555. 				tag = '\0';

  1556. 			}

  1557. 			p++;

  1558. 			break;

  1559. 		default:

  1560. 			break;

  1561. 		}

  1562. 	}

  1563. 

  1564. 	/* Leftover */

  1565. 	switch (state) {

  1566. 	case read_p_tag:

  1567. 		klen = p - c;

  1568. 		key = c;

  1569. 		break;

  1570. 	case read_k_tag:

  1571. 		alglen = p - c;

  1572. 		alg = c;

  1573. 		break;

  1574. 	default:

  1575. 		break;

  1576. 	}

  1577. 

  1578. 	if (klen == 0 || key == NULL) {

  1579. 		g_set_error (err,

  1580. 				DKIM_ERROR,

  1581. 				DKIM_SIGERROR_KEYFAIL,

  1582. 				"key is missing");

  1583. 

  1584. 		return NULL;

  1585. 	}

  1586. 

  1587. 	if (alglen == 0 || alg == NULL) {

  1588. 		alg = "rsa"; /* Implicit */

  1589. 		alglen = 3;

  1590. 	}

  1591. 

  1592. 	if (keylen) {

  1593. 		*keylen = klen;

  1594. 	}

  1595. 

  1596. 	if (alglen == 8 && rspamd_lc_cmp (alg, "ecdsa256", alglen) == 0) {

  1597. 		return rspamd_dkim_make_key (key, klen,

  1598. 				RSPAMD_DKIM_KEY_ECDSA, err);

  1599. 	}

  1600. 	else if (alglen == 7 && rspamd_lc_cmp (alg, "ed25519", alglen) == 0) {

  1601. 		return rspamd_dkim_make_key (key, klen,

  1602. 				RSPAMD_DKIM_KEY_EDDSA, err);

  1603. 	}

  1604. 	else {

  1605. 		/* We assume RSA default in all cases */

  1606. 		return rspamd_dkim_make_key (key, klen,

  1607. 				RSPAMD_DKIM_KEY_RSA, err);

  1608. 	}

  1609. 

  1610. 	g_assert_not_reached ();

  1611. 

  1612. 	return NULL;

  1613. }

  1614. 

  1615. /* Get TXT request data and parse it */

  1616. static void

  1617. rspamd_dkim_dns_cb (struct rdns_reply *reply, gpointer arg)

  1618. {

  1619. 	struct rspamd_dkim_key_cbdata *cbdata = arg;

  1620. 	rspamd_dkim_key_t *key = NULL;

  1621. 	GError *err = NULL;

  1622. 	struct rdns_reply_entry *elt;

  1623. 	gsize keylen = 0;

  1624. 

  1625. 	if (reply->code != RDNS_RC_NOERROR) {

  1626. 		gint err_code = DKIM_SIGERROR_NOKEY;

  1627. 		if (reply->code == RDNS_RC_NOREC) {

  1628. 			err_code = DKIM_SIGERROR_NOREC;

  1629. 		}

  1630. 		else if (reply->code == RDNS_RC_NXDOMAIN) {

  1631. 			err_code = DKIM_SIGERROR_NOREC;

  1632. 		}

  1633. 		g_set_error (&err,

  1634. 			DKIM_ERROR,

  1635. 			err_code,

  1636. 			"dns request to %s failed: %s",

  1637. 			cbdata->ctx->dns_key,

  1638. 			rdns_strerror (reply->code));

  1639. 		cbdata->handler (NULL, 0, cbdata->ctx, cbdata->ud, err);

  1640. 	}

  1641. 	else {

  1642. 		LL_FOREACH (reply->entries, elt)

  1643. 		{

  1644. 			if (elt->type == RDNS_REQUEST_TXT) {

  1645. 				if (err != NULL) {

  1646. 					/* Free error as it is insignificant */

  1647. 					g_error_free (err);

  1648. 					err = NULL;

  1649. 				}

  1650. 				key = rspamd_dkim_parse_key (elt->content.txt.data,

  1651. 						&keylen,

  1652. 						&err);

  1653. 				if (key) {

  1654. 					key->ttl = elt->ttl;

  1655. 					break;

  1656. 				}

  1657. 			}

  1658. 		}

  1659. 		cbdata->handler (key, keylen, cbdata->ctx, cbdata->ud, err);

  1660. 	}

  1661. }

  1662. 

  1663. /**

  1664.  * Make DNS request for specified context and obtain and parse key

  1665.  * @param ctx dkim context from signature

  1666.  * @param resolver dns resolver object

  1667.  * @param s async session to make request

  1668.  * @return

  1669.  */

  1670. gboolean

  1671. rspamd_get_dkim_key (rspamd_dkim_context_t *ctx,

  1672. 	struct rspamd_task *task,

  1673. 	dkim_key_handler_f handler,

  1674. 	gpointer ud)

  1675. {

  1676. 	struct rspamd_dkim_key_cbdata *cbdata;

  1677. 

  1678. 	g_return_val_if_fail (ctx != NULL,			FALSE);

  1679. 	g_return_val_if_fail (ctx->dns_key != NULL, FALSE);

  1680. 

  1681. 	cbdata =

  1682. 		rspamd_mempool_alloc (ctx->pool,

  1683. 			sizeof (struct rspamd_dkim_key_cbdata));

  1684. 	cbdata->ctx = ctx;

  1685. 	cbdata->handler = handler;

  1686. 	cbdata->ud = ud;

  1687. 

  1688. 	return rspamd_dns_resolver_request_task_forced (task,

  1689. 			rspamd_dkim_dns_cb,

  1690. 			cbdata,

  1691. 			RDNS_REQUEST_TXT,

  1692. 			ctx->dns_key);

  1693. }

  1694. 

  1695. static gboolean

  1696. rspamd_dkim_relaxed_body_step (struct rspamd_dkim_common_ctx *ctx, EVP_MD_CTX *ck,

  1697. 		const gchar **start, guint size,

  1698. 		gssize *remain)

  1699. {

  1700. 	const gchar *h;

  1701. 	gchar *t;

  1702. 	guint len, inlen;

  1703. 	gssize octets_remain;

  1704. 	gboolean got_sp;

  1705. 	gchar buf[1024];

  1706. 

  1707. 	len = size;

  1708. 	inlen = sizeof (buf) - 1;

  1709. 	h = *start;

  1710. 	t = buf;

  1711. 	got_sp = FALSE;

  1712. 	octets_remain = *remain;

  1713. 

  1714. 	while (len > 0 && inlen > 0 && (octets_remain != 0)) {

  1715. 

  1716. 		if (*h == '\r' || *h == '\n') {

  1717. 			if (got_sp) {

  1718. 				/* Ignore spaces at the end of line */

  1719. 				t --;

  1720. 			}

  1721. 			*t++ = '\r';

  1722. 			*t++ = '\n';

  1723. 

  1724. 			if (len > 1 && (*h == '\r' && h[1] == '\n')) {

  1725. 				h += 2;

  1726. 				len -= 2;

  1727. 				octets_remain -= 2;

  1728. 			}

  1729. 			else {

  1730. 				h ++;

  1731. 				len --;

  1732. 				if (octets_remain >= 2) {

  1733. 					octets_remain -= 2; /* Input has just \n or \r so we actually add more octets */

  1734. 				}

  1735. 				else {

  1736. 					octets_remain --;

  1737. 					break;

  1738. 				}

  1739. 			}

  1740. 			break;

  1741. 		}

  1742. 		else if (g_ascii_isspace (*h)) {

  1743. 			if (got_sp) {

  1744. 				/* Ignore multiply spaces */

  1745. 				h++;

  1746. 				len--;

  1747. 				continue;

  1748. 			}

  1749. 			else {

  1750. 				*t++ = ' ';

  1751. 				h++;

  1752. 				inlen--;

  1753. 				len--;

  1754. 				octets_remain --;

  1755. 				got_sp = TRUE;

  1756. 				continue;

  1757. 			}

  1758. 		}

  1759. 		else {

  1760. 			got_sp = FALSE;

  1761. 		}

  1762. 

  1763. 		*t++ = *h++;

  1764. 		inlen--;

  1765. 		len--;

  1766. 		octets_remain --;

  1767. 	}

  1768. 

  1769. 	*start = h;

  1770. 

  1771. 	if (t - buf > 0) {

  1772. 		gsize cklen = t - buf;

  1773. 

  1774. 		EVP_DigestUpdate (ck, buf, cklen);

  1775. 		ctx->body_canonicalised += cklen;

  1776. 		msg_debug_dkim ("relaxed update signature with body buffer "

  1777. 				"(%z size, %z -> %z remain)",

  1778. 						cklen, *remain, octets_remain);

  1779. 		*remain = octets_remain;

  1780. 

  1781. 	}

  1782. 

  1783. 	return ((len != 0) && (octets_remain != 0));

  1784. }

  1785. 

  1786. static gboolean

  1787. rspamd_dkim_simple_body_step (struct rspamd_dkim_common_ctx *ctx,

  1788. 		EVP_MD_CTX *ck, const gchar **start, guint size,

  1789. 		gssize *remain)

  1790. {

  1791. 	const gchar *h;

  1792. 	gchar *t;

  1793. 	guint len, inlen;

  1794. 	gssize octets_remain;

  1795. 	gchar buf[1024];

  1796. 

  1797. 	len = size;

  1798. 	inlen = sizeof (buf) - 1;

  1799. 	h = *start;

  1800. 	t = &buf[0];

  1801. 	octets_remain = *remain;

  1802. 

  1803. 	while (len > 0 && inlen > 0 && (octets_remain != 0)) {

  1804. 		if (*h == '\r' || *h == '\n') {

  1805. 			*t++ = '\r';

  1806. 			*t++ = '\n';

  1807. 

  1808. 			if (len > 1 && (*h == '\r' && h[1] == '\n')) {

  1809. 				h += 2;

  1810. 				len -= 2;

  1811. 

  1812. 				if (octets_remain >= 2) {

  1813. 					octets_remain -= 2; /* Input has just \n or \r so we actually add more octets */

  1814. 				}

  1815. 				else {

  1816. 					octets_remain --;

  1817. 				}

  1818. 			}

  1819. 			else {

  1820. 				h ++;

  1821. 				len --;

  1822. 

  1823. 				if (octets_remain >= 2) {

  1824. 					octets_remain -= 2; /* Input has just \n or \r so we actually add more octets */

  1825. 				}

  1826. 				else {

  1827. 					octets_remain --;

  1828. 				}

  1829. 			}

  1830. 			break;

  1831. 		}

  1832. 

  1833. 		*t++ = *h++;

  1834. 		octets_remain --;

  1835. 		inlen--;

  1836. 		len--;

  1837. 	}

  1838. 

  1839. 	*start = h;

  1840. 

  1841. 	if (t - buf > 0) {

  1842. 		gsize cklen = t - buf;

  1843. 

  1844. 		EVP_DigestUpdate (ck, buf, cklen);

  1845. 		ctx->body_canonicalised += cklen;

  1846. 		msg_debug_dkim ("simple update signature with body buffer "

  1847. 						"(%z size, %z -> %z remain)",

  1848. 				cklen, *remain, octets_remain);

  1849. 		*remain = octets_remain;

  1850. 	}

  1851. 

  1852. 	return ((len != 0) && (octets_remain != 0));

  1853. }

  1854. 

  1855. static const gchar *

  1856. rspamd_dkim_skip_empty_lines (const gchar *start, const gchar *end,

  1857. 		guint type, gboolean sign, gboolean *need_crlf)

  1858. {

  1859. 	const gchar *p = end - 1, *t;

  1860. 	enum {

  1861. 		init = 0,

  1862. 		init_2,

  1863. 		got_cr,

  1864. 		got_lf,

  1865. 		got_crlf,

  1866. 		test_spaces,

  1867. 	} state = init;

  1868. 	guint skip = 0;

  1869. 

  1870. 	while (p >= start) {

  1871. 		switch (state) {

  1872. 		case init:

  1873. 			if (*p == '\r') {

  1874. 				state = got_cr;

  1875. 			}

  1876. 			else if (*p == '\n') {

  1877. 				state = got_lf;

  1878. 			}

  1879. 			else if (type == DKIM_CANON_RELAXED && *p == ' ') {

  1880. 				skip = 0;

  1881. 				state = test_spaces;

  1882. 			}

  1883. 			else {

  1884. 				if (sign || type != DKIM_CANON_RELAXED) {

  1885. 					*need_crlf = TRUE;

  1886. 				}

  1887. 

  1888. 				goto end;

  1889. 			}

  1890. 			break;

  1891. 		case init_2:

  1892. 			if (*p == '\r') {

  1893. 				state = got_cr;

  1894. 			}

  1895. 			else if (*p == '\n') {

  1896. 				state = got_lf;

  1897. 			}

  1898. 			else if (type == DKIM_CANON_RELAXED && (*p == ' ' || *p == '\t')) {

  1899. 				skip = 0;

  1900. 				state = test_spaces;

  1901. 			}

  1902. 			else {

  1903. 				goto end;

  1904. 			}

  1905. 			break;

  1906. 		case got_cr:

  1907. 			if (p >= start + 1) {

  1908. 				if (*(p - 1) == '\r') {

  1909. 					p --;

  1910. 					state = got_cr;

  1911. 				}

  1912. 				else if (*(p - 1) == '\n') {

  1913. 					if ((*p - 2) == '\r') {

  1914. 						/* \r\n\r -> we know about one line */

  1915. 						p -= 1;

  1916. 						state = got_crlf;

  1917. 					}

  1918. 					else {

  1919. 						/* \n\r -> we know about one line */

  1920. 						p -= 1;

  1921. 						state = got_lf;

  1922. 					}

  1923. 				}

  1924. 				else if (type == DKIM_CANON_RELAXED && (*(p - 1) == ' ' ||

  1925. 						*(p - 1) == '\t')) {

  1926. 					skip = 1;

  1927. 					state = test_spaces;

  1928. 				}

  1929. 				else {

  1930. 					goto end;

  1931. 				}

  1932. 			}

  1933. 			else {

  1934. 				if (g_ascii_isspace (*(p - 1))) {

  1935. 					if (type == DKIM_CANON_RELAXED) {

  1936. 						p -= 1;

  1937. 					}

  1938. 				}

  1939. 				goto end;

  1940. 			}

  1941. 			break;

  1942. 		case got_lf:

  1943. 			if (p >= start + 1) {

  1944. 				if (*(p - 1) == '\r') {

  1945. 					state = got_crlf;

  1946. 				}

  1947. 				else if (*(p - 1) == '\n') {

  1948. 					/* We know about one line */

  1949. 					p --;

  1950. 					state = got_lf;

  1951. 				}

  1952. 				else if (type == DKIM_CANON_RELAXED && (*(p - 1) == ' ' ||

  1953. 						*(p - 1) == '\t')) {

  1954. 					skip = 1;

  1955. 					state = test_spaces;

  1956. 				}

  1957. 				else {

  1958. 					goto end;

  1959. 				}

  1960. 			}

  1961. 			else {

  1962. 				if (g_ascii_isspace (*(p - 1))) {

  1963. 					if (type == DKIM_CANON_RELAXED) {

  1964. 						p -= 1;

  1965. 					}

  1966. 				}

  1967. 				goto end;

  1968. 			}

  1969. 			break;

  1970. 		case got_crlf:

  1971. 			if (p >= start + 2) {

  1972. 				if (*(p - 2) == '\r') {

  1973. 					p -= 2;

  1974. 					state = got_cr;

  1975. 				}

  1976. 				else if (*(p - 2) == '\n') {

  1977. 					p -= 2;

  1978. 					state = got_lf;

  1979. 				}

  1980. 				else if (type == DKIM_CANON_RELAXED && (*(p - 2) == ' ' ||

  1981. 						*(p - 2) == '\t')) {

  1982. 					skip = 2;

  1983. 					state = test_spaces;

  1984. 				}

  1985. 				else {

  1986. 					goto end;

  1987. 				}

  1988. 			}

  1989. 			else {

  1990. 				if (g_ascii_isspace (*(p - 2))) {

  1991. 					if (type == DKIM_CANON_RELAXED) {

  1992. 						p -= 2;

  1993. 					}

  1994. 				}

  1995. 				goto end;

  1996. 			}

  1997. 			break;

  1998. 		case test_spaces:

  1999. 			t = p - skip;

  2000. 

  2001. 			while (t >= start + 2 && (*t == ' ' || *t == '\t')) {

  2002. 				t --;

  2003. 			}

  2004. 

  2005. 			if (*t == '\r') {

  2006. 				p = t;

  2007. 				state = got_cr;

  2008. 			}

  2009. 			else if (*t == '\n') {

  2010. 				p = t;

  2011. 				state = got_lf;

  2012. 			}

  2013. 			else {

  2014. 				goto end;

  2015. 			}

  2016. 			break;

  2017. 		}

  2018. 	}

  2019. 

  2020. end:

  2021. 	return p;

  2022. }

  2023. 

  2024. static gboolean

  2025. rspamd_dkim_canonize_body (struct rspamd_dkim_common_ctx *ctx,

  2026. 	const gchar *start,

  2027. 	const gchar *end,

  2028. 	gboolean sign)

  2029. {

  2030. 	const gchar *p;

  2031. 	gssize remain = ctx->len ? ctx->len : -1;

  2032. 	guint total_len = end - start;

  2033. 	gboolean need_crlf = FALSE;

  2034. 

  2035. 	if (start == NULL) {

  2036. 		/* Empty body */

  2037. 		if (ctx->body_canon_type == DKIM_CANON_SIMPLE) {

  2038. 			EVP_DigestUpdate (ctx->body_hash, CRLF, sizeof (CRLF) - 1);

  2039. 			ctx->body_canonicalised += sizeof (CRLF) - 1;

  2040. 		}

  2041. 		else {

  2042. 			EVP_DigestUpdate (ctx->body_hash, "", 0);

  2043. 		}

  2044. 	}

  2045. 	else {

  2046. 		/* Strip extra ending CRLF */

  2047. 		p = rspamd_dkim_skip_empty_lines (start, end, ctx->body_canon_type,

  2048. 				sign, &need_crlf);

  2049. 		end = p + 1;

  2050. 

  2051. 		if (end == start) {

  2052. 			/* Empty body */

  2053. 			if (ctx->body_canon_type == DKIM_CANON_SIMPLE) {

  2054. 				EVP_DigestUpdate (ctx->body_hash, CRLF, sizeof (CRLF) - 1);

  2055. 				ctx->body_canonicalised += sizeof (CRLF) - 1;

  2056. 			}

  2057. 			else {

  2058. 				EVP_DigestUpdate (ctx->body_hash, "", 0);

  2059. 			}

  2060. 		}

  2061. 		else {

  2062. 			if (ctx->body_canon_type == DKIM_CANON_SIMPLE) {

  2063. 				/* Simple canonization */

  2064. 				while (rspamd_dkim_simple_body_step (ctx, ctx->body_hash,

  2065. 						&start, end - start, &remain));

  2066. 

  2067. 				/*

  2068. 				 * If we have l= tag then we cannot add crlf...

  2069. 				 */

  2070. 				if (need_crlf) {

  2071. 					/* l is evil... */

  2072. 					if (ctx->len == 0) {

  2073. 						remain = 2;

  2074. 					}

  2075. 					else {

  2076. 						if (ctx->len <= total_len) {

  2077. 							/* We don't have enough l to add \r\n */

  2078. 							remain = 0;

  2079. 						}

  2080. 						else {

  2081. 							if (ctx->len - total_len >= 2) {

  2082. 								remain = 2;

  2083. 							}

  2084. 							else {

  2085. 								remain = ctx->len - total_len;

  2086. 							}

  2087. 						}

  2088. 					}

  2089. 

  2090. 					start = "\r\n";

  2091. 					end = start + 2;

  2092. 

  2093. 					rspamd_dkim_simple_body_step (ctx, ctx->body_hash,

  2094. 							&start, end - start, &remain);

  2095. 				}

  2096. 			}

  2097. 			else {

  2098. 				while (rspamd_dkim_relaxed_body_step (ctx, ctx->body_hash,

  2099. 						&start, end - start, &remain)) ;

  2100. 				if (need_crlf) {

  2101. 					start = "\r\n";

  2102. 					end = start + 2;

  2103. 					remain = 2;

  2104. 					rspamd_dkim_relaxed_body_step (ctx, ctx->body_hash,

  2105. 							&start, end - start, &remain);

  2106. 				}

  2107. 			}

  2108. 		}

  2109. 		return TRUE;

  2110. 	}

  2111. 

  2112. 	/* TODO: Implement relaxed algorithm */

  2113. 	return FALSE;

  2114. }

  2115. 

  2116. /* Update hash converting all CR and LF to CRLF */

  2117. static void

  2118. rspamd_dkim_hash_update (EVP_MD_CTX *ck, const gchar *begin, gsize len)

  2119. {

  2120. 	const gchar *p, *c, *end;

  2121. 

  2122. 	end = begin + len;

  2123. 	p = begin;

  2124. 	c = p;

  2125. 

  2126. 	while (p < end) {

  2127. 		if (*p == '\r') {

  2128. 			EVP_DigestUpdate (ck, c, p - c);

  2129. 			EVP_DigestUpdate (ck, CRLF, sizeof (CRLF) - 1);

  2130. 			p++;

  2131. 

  2132. 			if (p < end && *p == '\n') {

  2133. 				p++;

  2134. 			}

  2135. 			c = p;

  2136. 		}

  2137. 		else if (*p == '\n') {

  2138. 			EVP_DigestUpdate (ck, c, p - c);

  2139. 			EVP_DigestUpdate (ck, CRLF, sizeof (CRLF) - 1);

  2140. 			p++;

  2141. 			c = p;

  2142. 		}

  2143. 		else {

  2144. 			p++;

  2145. 		}

  2146. 	}

  2147. 

  2148. 	if (p > c) {

  2149. 		EVP_DigestUpdate (ck, c, p - c);

  2150. 	}

  2151. }

  2152. 

  2153. /* Update hash by signature value (ignoring b= tag) */

  2154. static void

  2155. rspamd_dkim_signature_update (struct rspamd_dkim_common_ctx *ctx,

  2156. 	const gchar *begin,

  2157. 	guint len)

  2158. {

  2159. 	const gchar *p, *c, *end;

  2160. 	gboolean tag, skip;

  2161. 

  2162. 	end = begin + len;

  2163. 	p = begin;

  2164. 	c = begin;

  2165. 	tag = TRUE;

  2166. 	skip = FALSE;

  2167. 

  2168. 	while (p < end) {

  2169. 		if (tag && p[0] == 'b' && p[1] == '=') {

  2170. 			/* Add to signature */

  2171. 			msg_debug_dkim ("initial update hash with signature part: %*s",

  2172. 					(gint)(p - c + 2),

  2173. 					c);

  2174. 			ctx->headers_canonicalised += p - c + 2;

  2175. 			rspamd_dkim_hash_update (ctx->headers_hash, c, p - c + 2);

  2176. 			skip = TRUE;

  2177. 		}

  2178. 		else if (skip && (*p == ';' || p == end - 1)) {

  2179. 			skip = FALSE;

  2180. 			c = p;

  2181. 		}

  2182. 		else if (!tag && *p == ';') {

  2183. 			tag = TRUE;

  2184. 		}

  2185. 		else if (tag && *p == '=') {

  2186. 			tag = FALSE;

  2187. 		}

  2188. 		p++;

  2189. 	}

  2190. 

  2191. 	p--;

  2192. 	/* Skip \r\n at the end */

  2193. 	while ((*p == '\r' || *p == '\n') && p >= c) {

  2194. 		p--;

  2195. 	}

  2196. 

  2197. 	if (p - c + 1 > 0) {

  2198. 		msg_debug_dkim ("final update hash with signature part: %*s",

  2199. 				(gint)(p - c + 1), c);

  2200. 		ctx->headers_canonicalised += p - c + 1;

  2201. 		rspamd_dkim_hash_update (ctx->headers_hash, c, p - c + 1);

  2202. 	}

  2203. }

  2204. 

  2205. goffset

  2206. rspamd_dkim_canonize_header_relaxed_str (const gchar *hname,

  2207. 		const gchar *hvalue,

  2208. 		gchar *out,

  2209. 		gsize outlen)

  2210. {

  2211. 	gchar *t;

  2212. 	const guchar *h;

  2213. 	gboolean got_sp;

  2214. 

  2215. 	/* Name part */

  2216. 	t = out;

  2217. 	h = hname;

  2218. 

  2219. 	while (*h && t - out < outlen) {

  2220. 		*t++ = lc_map[*h++];

  2221. 	}

  2222. 

  2223. 	if (t - out >= outlen) {

  2224. 		return -1;

  2225. 	}

  2226. 

  2227. 	*t++ = ':';

  2228. 

  2229. 	/* Value part */

  2230. 	h = hvalue;

  2231. 	/* Skip spaces at the beginning */

  2232. 	while (g_ascii_isspace (*h)) {

  2233. 		h++;

  2234. 	}

  2235. 

  2236. 	got_sp = FALSE;

  2237. 

  2238. 	while (*h && (t - out < outlen))  {

  2239. 		if (g_ascii_isspace (*h)) {

  2240. 			if (got_sp) {

  2241. 				h++;

  2242. 				continue;

  2243. 			}

  2244. 			else {

  2245. 				got_sp = TRUE;

  2246. 				*t++ = ' ';

  2247. 				h++;

  2248. 				continue;

  2249. 			}

  2250. 		}

  2251. 		else {

  2252. 			got_sp = FALSE;

  2253. 		}

  2254. 

  2255. 		*t++ = *h++;

  2256. 	}

  2257. 

  2258. 	if (g_ascii_isspace (*(t - 1))) {

  2259. 		t--;

  2260. 	}

  2261. 

  2262. 	if (t - out >= outlen - 2) {

  2263. 		return -1;

  2264. 	}

  2265. 

  2266. 	*t++ = '\r';

  2267. 	*t++ = '\n';

  2268. 	*t = '\0';

  2269. 

  2270. 	return t - out;

  2271. }

  2272. 

  2273. static gboolean

  2274. rspamd_dkim_canonize_header_relaxed (struct rspamd_dkim_common_ctx *ctx,

  2275. 									 const gchar *header,

  2276. 									 const gchar *header_name,

  2277. 									 gboolean is_sign,

  2278. 									 guint count,

  2279. 									 bool is_seal)

  2280. {

  2281. 	static gchar st_buf[8192];

  2282. 	gchar *buf;

  2283. 	guint inlen;

  2284. 	goffset r;

  2285. 	gboolean allocated = FALSE;

  2286. 

  2287. 	inlen = strlen (header) + strlen (header_name) + sizeof (":" CRLF);

  2288. 

  2289. 	if (inlen > sizeof (st_buf)) {

  2290. 		buf = g_malloc (inlen);

  2291. 		allocated = TRUE;

  2292. 	}

  2293. 	else {

  2294. 		/* Faster */

  2295. 		buf = st_buf;

  2296. 	}

  2297. 

  2298. 	r = rspamd_dkim_canonize_header_relaxed_str (header_name, header, buf, inlen);

  2299. 

  2300. 	g_assert (r != -1);

  2301. 

  2302. 	if (!is_sign) {

  2303. 		msg_debug_dkim ("update %s with header (idx=%d): %s",

  2304. 				is_seal ? "seal" : "signature", count, buf);

  2305. 		EVP_DigestUpdate (ctx->headers_hash, buf, r);

  2306. 	}

  2307. 	else {

  2308. 		rspamd_dkim_signature_update (ctx, buf, r);

  2309. 	}

  2310. 

  2311. 	if (allocated) {

  2312. 		g_free (buf);

  2313. 	}

  2314. 

  2315. 	return TRUE;

  2316. }

  2317. 

  2318. 

  2319. static gboolean

  2320. rspamd_dkim_canonize_header (struct rspamd_dkim_common_ctx *ctx,

  2321. 							 struct rspamd_task *task,

  2322. 							 const gchar *header_name,

  2323. 							 gint count,

  2324. 							 const gchar *dkim_header,

  2325. 							 const gchar *dkim_domain)

  2326. {

  2327. 	struct rspamd_mime_header *rh, *cur, *sel = NULL;

  2328. 	gint hdr_cnt = 0;

  2329. 	bool use_idx = false, is_sign = ctx->is_sign;

  2330. 

  2331. 	if (count < 0) {

  2332. 		use_idx = true;

  2333. 		count = -(count); /* use i= in header content as it is arc stuff */

  2334. 	}

  2335. 

  2336. 	if (dkim_header == NULL) {

  2337. 		rh = rspamd_message_get_header_array (task, header_name,

  2338. 				is_sign);

  2339. 

  2340. 		if (rh) {

  2341. 			/* Check uniqueness of the header but we count from the bottom to top */

  2342. 			if (!use_idx) {

  2343. 				for (cur = rh->prev;; cur = cur->prev) {

  2344. 					if (hdr_cnt == count) {

  2345. 						sel = cur;

  2346. 					}

  2347. 

  2348. 					hdr_cnt++;

  2349. 

  2350. 					if (cur == rh) {

  2351. 						/* Cycle */

  2352. 						break;

  2353. 					}

  2354. 				}

  2355. 

  2356. 				if ((rh->flags & RSPAMD_HEADER_UNIQUE) && hdr_cnt > 1) {

  2357. 					guint64 random_cookie = ottery_rand_uint64 ();

  2358. 

  2359. 					msg_warn_dkim ("header %s is intended to be unique by"

  2360. 								   " email standards, but we have %d headers of this"

  2361. 								   " type, artificially break DKIM check", header_name,

  2362. 							hdr_cnt);

  2363. 					rspamd_dkim_hash_update (ctx->headers_hash,

  2364. 							(const gchar *)&random_cookie,

  2365. 							sizeof (random_cookie));

  2366. 					ctx->headers_canonicalised += sizeof (random_cookie);

  2367. 

  2368. 					return FALSE;

  2369. 				}

  2370. 

  2371. 				if (hdr_cnt <= count) {

  2372. 					/*

  2373. 					 * If DKIM has less headers requested than there are in a

  2374. 					 * message, then it's fine, it allows adding extra headers

  2375. 					 */

  2376. 					return TRUE;

  2377. 				}

  2378. 			}

  2379. 			else {

  2380. 				gchar idx_buf[16];

  2381. 				gint id_len;

  2382. 

  2383. 				id_len = rspamd_snprintf (idx_buf, sizeof (idx_buf), "i=%d;",

  2384. 						count);

  2385. 

  2386. 				for (cur = rh->prev; ; cur = cur->prev) {

  2387. 					if (cur->decoded &&

  2388. 						rspamd_substring_search (cur->decoded, strlen (cur->decoded),

  2389. 								idx_buf, id_len) != -1) {

  2390. 						sel = cur;

  2391. 						break;

  2392. 					}

  2393. 

  2394. 					if (cur == rh) {

  2395. 						/* Cycle */

  2396. 						break;

  2397. 					}

  2398. 				}

  2399. 

  2400. 				if (sel == NULL) {

  2401. 					return FALSE;

  2402. 				}

  2403. 			}

  2404. 

  2405. 			/* Selected header must be non-null if previous condition is false */

  2406. 			g_assert (sel != NULL);

  2407. 

  2408. 			if (ctx->header_canon_type == DKIM_CANON_SIMPLE) {

  2409. 				rspamd_dkim_hash_update (ctx->headers_hash, sel->raw_value,

  2410. 						sel->raw_len);

  2411. 				ctx->headers_canonicalised += sel->raw_len;

  2412. 				msg_debug_dkim ("update %s with header (idx=%d): %*s",

  2413. 						(use_idx ? "seal" : "signature"),

  2414. 						count, (gint)sel->raw_len, sel->raw_value);

  2415. 			}

  2416. 			else {

  2417. 				if (is_sign && (sel->flags & RSPAMD_HEADER_FROM)) {

  2418. 					/* Special handling of the From handling when rewrite is done */

  2419. 					gboolean has_rewrite = FALSE;

  2420. 					guint i;

  2421. 					struct rspamd_email_address *addr;

  2422. 

  2423. 					PTR_ARRAY_FOREACH (MESSAGE_FIELD (task, from_mime), i, addr) {

  2424. 						if ((addr->flags & RSPAMD_EMAIL_ADDR_ORIGINAL)

  2425. 							&& !(addr->flags & RSPAMD_EMAIL_ADDR_ALIASED)) {

  2426. 							has_rewrite = TRUE;

  2427. 						}

  2428. 					}

  2429. 

  2430. 					if (has_rewrite) {

  2431. 						PTR_ARRAY_FOREACH (MESSAGE_FIELD (task, from_mime), i, addr) {

  2432. 							if (!(addr->flags & RSPAMD_EMAIL_ADDR_ORIGINAL)) {

  2433. 								if (!rspamd_dkim_canonize_header_relaxed (ctx, addr->raw,

  2434. 										header_name, FALSE, i, use_idx)) {

  2435. 									return FALSE;

  2436. 								}

  2437. 

  2438. 								return TRUE;

  2439. 							}

  2440. 						}

  2441. 					}

  2442. 				}

  2443. 

  2444. 				if (!rspamd_dkim_canonize_header_relaxed (ctx, sel->value,

  2445. 						header_name, FALSE, count, use_idx)) {

  2446. 					return FALSE;

  2447. 				}

  2448. 			}

  2449. 		}

  2450. 	}

  2451. 	else {

  2452. 		/* For signature check just use the saved dkim header */

  2453. 		if (ctx->header_canon_type == DKIM_CANON_SIMPLE) {

  2454. 			/* We need to find our own signature and use it */

  2455. 			rh = rspamd_message_get_header_array (task, header_name, is_sign);

  2456. 

  2457. 			if (rh) {

  2458. 				/* We need to find our own signature */

  2459. 				if (!dkim_domain) {

  2460. 					msg_err_dkim ("cannot verify dkim as we have no dkim domain!");

  2461. 					return FALSE;

  2462. 				}

  2463. 

  2464. 				gboolean found = FALSE;

  2465. 

  2466. 				DL_FOREACH (rh, cur) {

  2467. 					guint64 th = rspamd_cryptobox_fast_hash (cur->decoded,

  2468. 							strlen (cur->decoded), rspamd_hash_seed ());

  2469. 

  2470. 					if (th == ctx->sig_hash) {

  2471. 						rspamd_dkim_signature_update (ctx, cur->raw_value,

  2472. 								cur->raw_len);

  2473. 						found = TRUE;

  2474. 						break;

  2475. 					}

  2476. 				}

  2477. 				if (!found) {

  2478. 					msg_err_dkim ("BUGON: cannot verify dkim as we have lost our signature"

  2479. 								  " during simple canonicalisation, expected hash=%L",

  2480. 								  ctx->sig_hash);

  2481. 					return FALSE;

  2482. 				}

  2483. 			}

  2484. 			else {

  2485. 				return FALSE;

  2486. 			}

  2487. 		}

  2488. 		else {

  2489. 			if (!rspamd_dkim_canonize_header_relaxed (ctx,

  2490. 					dkim_header,

  2491. 					header_name,

  2492. 					TRUE, 0, use_idx)) {

  2493. 				return FALSE;

  2494. 			}

  2495. 		}

  2496. 	}

  2497. 

  2498. 	return TRUE;

  2499. }

  2500. 

  2501. struct rspamd_dkim_cached_hash {

  2502. 	guchar *digest_normal;

  2503. 	guchar *digest_cr;

  2504. 	guchar *digest_crlf;

  2505. 	gchar *type;

  2506. };

  2507. 

  2508. static struct rspamd_dkim_cached_hash *

  2509. rspamd_dkim_check_bh_cached (struct rspamd_dkim_common_ctx *ctx,

  2510. 		struct rspamd_task *task, gsize bhlen, gboolean is_sign)

  2511. {

  2512. 	gchar typebuf[64];

  2513. 	struct rspamd_dkim_cached_hash *res;

  2514. 

  2515. 	rspamd_snprintf (typebuf, sizeof (typebuf),

  2516. 			RSPAMD_MEMPOOL_DKIM_BH_CACHE "%z_%s_%d_%z",

  2517. 			bhlen,

  2518. 			ctx->body_canon_type == DKIM_CANON_RELAXED ? "1" : "0",

  2519. 			!!is_sign,

  2520. 			ctx->len);

  2521. 

  2522. 	res = rspamd_mempool_get_variable (task->task_pool,

  2523. 			typebuf);

  2524. 

  2525. 	if (!res) {

  2526. 		res = rspamd_mempool_alloc0 (task->task_pool, sizeof (*res));

  2527. 		res->type = rspamd_mempool_strdup (task->task_pool, typebuf);

  2528. 		rspamd_mempool_set_variable (task->task_pool,

  2529. 				res->type, res, NULL);

  2530. 	}

  2531. 

  2532. 	return res;

  2533. }

  2534. 

  2535. static const char *

  2536. rspamd_dkim_type_to_string (enum rspamd_dkim_type t)

  2537. {

  2538. 	switch (t) {

  2539. 	case RSPAMD_DKIM_NORMAL:

  2540. 		return "dkim";

  2541. 	case RSPAMD_DKIM_ARC_SIG:

  2542. 		return "arc_sig";

  2543. 	case RSPAMD_DKIM_ARC_SEAL:

  2544. 	default:

  2545. 		return "arc_seal";

  2546. 

  2547. 	}

  2548. }

  2549. 

  2550. /**

  2551.  * Check task for dkim context using dkim key

  2552.  * @param ctx dkim verify context

  2553.  * @param key dkim key (from cache or from dns request)

  2554.  * @param task task to check

  2555.  * @return

  2556.  */

  2557. struct rspamd_dkim_check_result *

  2558. rspamd_dkim_check (rspamd_dkim_context_t *ctx,

  2559. 	rspamd_dkim_key_t *key,

  2560. 	struct rspamd_task *task)

  2561. {

  2562. 	const gchar *body_end, *body_start;

  2563. 	guchar raw_digest[EVP_MAX_MD_SIZE];

  2564. 	struct rspamd_dkim_cached_hash *cached_bh = NULL;

  2565. 	EVP_MD_CTX *cpy_ctx = NULL;

  2566. 	gsize dlen = 0;

  2567. 	struct rspamd_dkim_check_result *res;

  2568. 	guint i;

  2569. 	struct rspamd_dkim_header *dh;

  2570. 	gint nid;

  2571. 

  2572. 	g_return_val_if_fail (ctx != NULL,		 NULL);

  2573. 	g_return_val_if_fail (key != NULL,		 NULL);

  2574. 	g_return_val_if_fail (task->msg.len > 0, NULL);

  2575. 

  2576. 	/* First of all find place of body */

  2577. 	body_end = task->msg.begin + task->msg.len;

  2578. 

  2579. 	body_start = MESSAGE_FIELD (task, raw_headers_content).body_start;

  2580. 

  2581. 	res = rspamd_mempool_alloc0 (task->task_pool, sizeof (*res));

  2582. 	res->ctx = ctx;

  2583. 	res->selector = ctx->selector;

  2584. 	res->domain = ctx->domain;

  2585. 	res->fail_reason = NULL;

  2586. 	res->short_b = ctx->short_b;

  2587. 	res->rcode = DKIM_CONTINUE;

  2588. 

  2589. 	if (!body_start) {

  2590. 		res->rcode = DKIM_ERROR;

  2591. 		return res;

  2592. 	}

  2593. 

  2594. 	if (ctx->common.type != RSPAMD_DKIM_ARC_SEAL) {

  2595. 		dlen = EVP_MD_CTX_size (ctx->common.body_hash);

  2596. 		cached_bh = rspamd_dkim_check_bh_cached (&ctx->common, task,

  2597. 				dlen, FALSE);

  2598. 

  2599. 		if (!cached_bh->digest_normal) {

  2600. 			/* Start canonization of body part */

  2601. 			if (!rspamd_dkim_canonize_body (&ctx->common, body_start, body_end,

  2602. 					FALSE)) {

  2603. 				res->rcode = DKIM_RECORD_ERROR;

  2604. 				return res;

  2605. 			}

  2606. 		}

  2607. 	}

  2608. 

  2609. 	/* Now canonize headers */

  2610. 	for (i = 0; i < ctx->common.hlist->len; i++) {

  2611. 		dh = g_ptr_array_index (ctx->common.hlist, i);

  2612. 		rspamd_dkim_canonize_header (&ctx->common, task, dh->name, dh->count,

  2613. 				NULL, NULL);

  2614. 	}

  2615. 

  2616. 	/* Canonize dkim signature */

  2617. 	switch (ctx->common.type) {

  2618. 	case RSPAMD_DKIM_NORMAL:

  2619. 		rspamd_dkim_canonize_header (&ctx->common, task, RSPAMD_DKIM_SIGNHEADER, 0,

  2620. 				ctx->dkim_header, ctx->domain);

  2621. 		break;

  2622. 	case RSPAMD_DKIM_ARC_SIG:

  2623. 		rspamd_dkim_canonize_header (&ctx->common, task, RSPAMD_DKIM_ARC_SIGNHEADER, 0,

  2624. 				ctx->dkim_header, ctx->domain);

  2625. 		break;

  2626. 	case RSPAMD_DKIM_ARC_SEAL:

  2627. 		rspamd_dkim_canonize_header (&ctx->common, task, RSPAMD_DKIM_ARC_SEALHEADER, 0,

  2628. 				ctx->dkim_header, ctx->domain);

  2629. 		break;

  2630. 	}

  2631. 

  2632. 

  2633. 	if (ctx->common.type != RSPAMD_DKIM_ARC_SEAL) {

  2634. 		if (!cached_bh->digest_normal) {

  2635. 			/* Copy md_ctx to deal with broken CRLF at the end */

  2636. 			cpy_ctx = EVP_MD_CTX_create ();

  2637. 			EVP_MD_CTX_copy (cpy_ctx, ctx->common.body_hash);

  2638. 			EVP_DigestFinal_ex (cpy_ctx, raw_digest, NULL);

  2639. 

  2640. 			cached_bh->digest_normal = rspamd_mempool_alloc (task->task_pool,

  2641. 				sizeof (raw_digest));

  2642. 			memcpy (cached_bh->digest_normal, raw_digest, sizeof (raw_digest));

  2643. 		}

  2644. 

  2645. 		/* Check bh field */

  2646. 		if (memcmp (ctx->bh, cached_bh->digest_normal, ctx->bhlen) != 0) {

  2647. 			msg_debug_dkim (

  2648. 					"bh value mismatch: %*xs versus %*xs, try add LF; try adding CRLF",

  2649. 					(gint)dlen, ctx->bh,

  2650. 					(gint)dlen, raw_digest);

  2651. 

  2652. 			if (cpy_ctx) {

  2653. 				/* Try add CRLF */

  2654. #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

  2655. 				EVP_MD_CTX_cleanup (cpy_ctx);

  2656. #else

  2657. 				EVP_MD_CTX_reset (cpy_ctx);

  2658. #endif

  2659. 				EVP_MD_CTX_copy (cpy_ctx, ctx->common.body_hash);

  2660. 				EVP_DigestUpdate (cpy_ctx, "\r\n", 2);

  2661. 				EVP_DigestFinal_ex (cpy_ctx, raw_digest, NULL);

  2662. 				cached_bh->digest_crlf = rspamd_mempool_alloc (task->task_pool,

  2663. 						sizeof (raw_digest));

  2664. 				memcpy (cached_bh->digest_crlf, raw_digest, sizeof (raw_digest));

  2665. 

  2666. 				if (memcmp (ctx->bh, raw_digest, ctx->bhlen) != 0) {

  2667. 					msg_debug_dkim (

  2668. 							"bh value mismatch after added CRLF: %*xs versus %*xs, try add LF",

  2669. 							(gint)dlen, ctx->bh,

  2670. 							(gint)dlen, raw_digest);

  2671. 

  2672. 					/* Try add LF */

  2673. #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

  2674. 					EVP_MD_CTX_cleanup (cpy_ctx);

  2675. #else

  2676. 					EVP_MD_CTX_reset (cpy_ctx);

  2677. #endif

  2678. 					EVP_MD_CTX_copy (cpy_ctx, ctx->common.body_hash);

  2679. 					EVP_DigestUpdate (cpy_ctx, "\n", 1);

  2680. 					EVP_DigestFinal_ex (cpy_ctx, raw_digest, NULL);

  2681. 					cached_bh->digest_cr = rspamd_mempool_alloc (task->task_pool,

  2682. 							sizeof (raw_digest));

  2683. 					memcpy (cached_bh->digest_cr, raw_digest, sizeof (raw_digest));

  2684. 

  2685. 					if (memcmp (ctx->bh, raw_digest, ctx->bhlen) != 0) {

  2686. 						msg_debug_dkim ("bh value mismatch after added LF: %*xs versus %*xs",

  2687. 								(gint)dlen, ctx->bh,

  2688. 								(gint)dlen, raw_digest);

  2689. 						res->fail_reason = "body hash did not verify";

  2690. 						res->rcode = DKIM_REJECT;

  2691. 					}

  2692. 				}

  2693. 			}

  2694. 			else if (cached_bh->digest_crlf) {

  2695. 				if (memcmp (ctx->bh, cached_bh->digest_crlf, ctx->bhlen) != 0) {

  2696. 					msg_debug_dkim ("bh value mismatch after added CRLF: %*xs versus %*xs",

  2697. 							(gint)dlen, ctx->bh,

  2698. 							(gint)dlen, cached_bh->digest_crlf);

  2699. 

  2700. 					if (cached_bh->digest_cr) {

  2701. 						if (memcmp (ctx->bh, cached_bh->digest_cr, ctx->bhlen) != 0) {

  2702. 							msg_debug_dkim (

  2703. 									"bh value mismatch after added LF: %*xs versus %*xs",

  2704. 									(gint)dlen, ctx->bh,

  2705. 									(gint)dlen, cached_bh->digest_cr);

  2706. 

  2707. 							res->fail_reason = "body hash did not verify";

  2708. 							res->rcode = DKIM_REJECT;

  2709. 						}

  2710. 					}

  2711. 					else {

  2712. 

  2713. 						res->fail_reason = "body hash did not verify";

  2714. 						res->rcode = DKIM_REJECT;

  2715. 					}

  2716. 				}

  2717. 			}

  2718. 			else {

  2719. 				msg_debug_dkim (

  2720. 						"bh value mismatch: %*xs versus %*xs",

  2721. 						(gint)dlen, ctx->bh,

  2722. 						(gint)dlen, cached_bh->digest_normal);

  2723. 				res->fail_reason = "body hash did not verify";

  2724. 				res->rcode = DKIM_REJECT;

  2725. 			}

  2726. 		}

  2727. 

  2728. 		if (cpy_ctx) {

  2729. #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

  2730. 			EVP_MD_CTX_cleanup (cpy_ctx);

  2731. #else

  2732. 			EVP_MD_CTX_reset (cpy_ctx);

  2733. #endif

  2734. 			EVP_MD_CTX_destroy (cpy_ctx);

  2735. 		}

  2736. 

  2737. 		if (res->rcode == DKIM_REJECT) {

  2738. 			msg_info_dkim (

  2739. 					"%s: bh value mismatch: got %*Bs, expected %*Bs; "

  2740. 					"body length %d->%d; d=%s; s=%s",

  2741. 					rspamd_dkim_type_to_string (ctx->common.type),

  2742. 					(gint)dlen, cached_bh->digest_normal,

  2743. 					(gint)dlen, ctx->bh,

  2744. 					(gint)(body_end - body_start), ctx->common.body_canonicalised,

  2745. 					ctx->domain, ctx->selector);

  2746. 

  2747. 			return res;

  2748. 		}

  2749. 	}

  2750. 

  2751. 	dlen = EVP_MD_CTX_size (ctx->common.headers_hash);

  2752. 	EVP_DigestFinal_ex (ctx->common.headers_hash, raw_digest, NULL);

  2753. 	/* Check headers signature */

  2754. 

  2755. 	if (ctx->sig_alg == DKIM_SIGN_RSASHA1) {

  2756. 		nid = NID_sha1;

  2757. 	}

  2758. 	else if (ctx->sig_alg == DKIM_SIGN_RSASHA256 ||

  2759. 			ctx->sig_alg == DKIM_SIGN_ECDSASHA256 ||

  2760. 			ctx->sig_alg == DKIM_SIGN_EDDSASHA256) {

  2761. 		nid = NID_sha256;

  2762. 	}

  2763. 	else if (ctx->sig_alg == DKIM_SIGN_RSASHA512 ||

  2764. 			ctx->sig_alg == DKIM_SIGN_ECDSASHA512) {

  2765. 		nid = NID_sha512;

  2766. 	}

  2767. 	else {

  2768. 		/* Not reached */

  2769. 		nid = NID_sha1;

  2770. 	}

  2771. 

  2772. 	switch (key->type) {

  2773. 	case RSPAMD_DKIM_KEY_RSA:

  2774. 		if (RSA_verify (nid, raw_digest, dlen, ctx->b, ctx->blen,

  2775. 				key->key.key_rsa) != 1) {

  2776. 			msg_debug_dkim ("headers rsa verify failed");

  2777. 			res->rcode = DKIM_REJECT;

  2778. 			res->fail_reason = "headers rsa verify failed";

  2779. 

  2780. 			msg_info_dkim (

  2781. 					"%s: headers RSA verification failure; "

  2782. 					"body length %d->%d; headers length %d; d=%s; s=%s; key_md5=%*xs; orig header: %s",

  2783. 					rspamd_dkim_type_to_string (ctx->common.type),

  2784. 					(gint)(body_end - body_start), ctx->common.body_canonicalised,

  2785. 					ctx->common.headers_canonicalised,

  2786. 					ctx->domain, ctx->selector,

  2787. 					RSPAMD_DKIM_KEY_ID_LEN, rspamd_dkim_key_id (key),

  2788. 					ctx->dkim_header);

  2789. 		}

  2790. 		break;

  2791. 	case RSPAMD_DKIM_KEY_ECDSA:

  2792. 		if (ECDSA_verify (nid, raw_digest, dlen, ctx->b, ctx->blen,

  2793. 				key->key.key_ecdsa) != 1) {

  2794. 			msg_info_dkim (

  2795. 					"%s: headers ECDSA verification failure; "

  2796. 					"body length %d->%d; headers length %d; d=%s; s=%s; key_md5=%*xs; orig header: %s",

  2797. 					rspamd_dkim_type_to_string (ctx->common.type),

  2798. 					(gint)(body_end - body_start), ctx->common.body_canonicalised,

  2799. 					ctx->common.headers_canonicalised,

  2800. 					ctx->domain, ctx->selector,

  2801. 					RSPAMD_DKIM_KEY_ID_LEN, rspamd_dkim_key_id (key),

  2802. 					ctx->dkim_header);

  2803. 			msg_debug_dkim ("headers ecdsa verify failed");

  2804. 			res->rcode = DKIM_REJECT;

  2805. 			res->fail_reason = "headers ecdsa verify failed";

  2806. 		}

  2807. 		break;

  2808. 	case RSPAMD_DKIM_KEY_EDDSA:

  2809. 		if (!rspamd_cryptobox_verify (ctx->b, ctx->blen, raw_digest, dlen,

  2810. 				key->key.key_eddsa, RSPAMD_CRYPTOBOX_MODE_25519)) {

  2811. 			msg_info_dkim (

  2812. 					"%s: headers EDDSA verification failure; "

  2813. 					"body length %d->%d; headers length %d; d=%s; s=%s; key_md5=%*xs; orig header: %s",

  2814. 					rspamd_dkim_type_to_string (ctx->common.type),

  2815. 					(gint)(body_end - body_start), ctx->common.body_canonicalised,

  2816. 					ctx->common.headers_canonicalised,

  2817. 					ctx->domain, ctx->selector,

  2818. 					RSPAMD_DKIM_KEY_ID_LEN, rspamd_dkim_key_id (key),

  2819. 					ctx->dkim_header);

  2820. 			msg_debug_dkim ("headers eddsa verify failed");

  2821. 			res->rcode = DKIM_REJECT;

  2822. 			res->fail_reason = "headers eddsa verify failed";

  2823. 		}

  2824. 		break;

  2825. 	}

  2826. 

  2827. 

  2828. 	if (ctx->common.type == RSPAMD_DKIM_ARC_SEAL && res->rcode == DKIM_CONTINUE) {

  2829. 		switch (ctx->cv) {

  2830. 		case RSPAMD_ARC_INVALID:

  2831. 			msg_info_dkim ("arc seal is invalid i=%d", ctx->common.idx);

  2832. 			res->rcode = DKIM_PERM_ERROR;

  2833. 			res->fail_reason = "arc seal is invalid";

  2834. 			break;

  2835. 		case RSPAMD_ARC_FAIL:

  2836. 			msg_info_dkim ("arc seal failed i=%d", ctx->common.idx);

  2837. 			res->rcode = DKIM_REJECT;

  2838. 			res->fail_reason = "arc seal failed";

  2839. 			break;

  2840. 		default:

  2841. 			break;

  2842. 		}

  2843. 	}

  2844. 

  2845. 	return res;

  2846. }

  2847. 

  2848. struct rspamd_dkim_check_result *

  2849. rspamd_dkim_create_result (rspamd_dkim_context_t *ctx,

  2850. 						   enum rspamd_dkim_check_rcode rcode,

  2851. 						   struct rspamd_task *task)

  2852. {

  2853. 	struct rspamd_dkim_check_result *res;

  2854. 

  2855. 	res = rspamd_mempool_alloc0 (task->task_pool, sizeof (*res));

  2856. 	res->ctx = ctx;

  2857. 	res->selector = ctx->selector;

  2858. 	res->domain = ctx->domain;

  2859. 	res->fail_reason = NULL;

  2860. 	res->short_b = ctx->short_b;

  2861. 	res->rcode = rcode;

  2862. 

  2863. 	return res;

  2864. }

  2865. 

  2866. rspamd_dkim_key_t *

  2867. rspamd_dkim_key_ref (rspamd_dkim_key_t *k)

  2868. {

  2869. 	REF_RETAIN (k);

  2870. 

  2871. 	return k;

  2872. }

  2873. 

  2874. void

  2875. rspamd_dkim_key_unref (rspamd_dkim_key_t *k)

  2876. {

  2877. 	REF_RELEASE (k);

  2878. }

  2879. 

  2880. rspamd_dkim_sign_key_t *

  2881. rspamd_dkim_sign_key_ref (rspamd_dkim_sign_key_t *k)

  2882. {

  2883. 	REF_RETAIN (k);

  2884. 

  2885. 	return k;

  2886. }

  2887. 

  2888. void

  2889. rspamd_dkim_sign_key_unref (rspamd_dkim_sign_key_t *k)

  2890. {

  2891. 	REF_RELEASE (k);

  2892. }

  2893. 

  2894. const gchar*

  2895. rspamd_dkim_get_domain (rspamd_dkim_context_t *ctx)

  2896. {

  2897. 	if (ctx) {

  2898. 		return ctx->domain;

  2899. 	}

  2900. 

  2901. 	return NULL;

  2902. }

  2903. 

  2904. const gchar*

  2905. rspamd_dkim_get_selector (rspamd_dkim_context_t *ctx)

  2906. {

  2907. 	if (ctx) {

  2908. 		return ctx->selector;

  2909. 	}

  2910. 

  2911. 	return NULL;

  2912. }

  2913. 

  2914. guint

  2915. rspamd_dkim_key_get_ttl (rspamd_dkim_key_t *k)

  2916. {

  2917. 	if (k) {

  2918. 		return k->ttl;

  2919. 	}

  2920. 

  2921. 	return 0;

  2922. }

  2923. 

  2924. const gchar*

  2925. rspamd_dkim_get_dns_key (rspamd_dkim_context_t *ctx)

  2926. {

  2927. 	if (ctx) {

  2928. 		return ctx->dns_key;

  2929. 	}

  2930. 

  2931. 	return NULL;

  2932. }

  2933. 

  2934. #define PEM_SIG "-----BEGIN"

  2935. 

  2936. rspamd_dkim_sign_key_t*

  2937. rspamd_dkim_sign_key_load (const gchar *key, gsize len,

  2938. 		enum rspamd_dkim_key_format type,

  2939. 		GError **err)

  2940. {

  2941. 	guchar *map = NULL, *tmp = NULL;

  2942. 	gsize maplen;

  2943. 	rspamd_dkim_sign_key_t *nkey;

  2944. 	time_t mtime = time (NULL);

  2945. 

  2946. 	if (type < 0 || type > RSPAMD_DKIM_KEY_UNKNOWN || len == 0 || key == NULL) {

  2947. 		g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL,

  2948. 				"invalid key type to load: %d", type);

  2949. 		return NULL;

  2950. 	}

  2951. 

  2952. 	nkey = g_malloc0 (sizeof (*nkey));

  2953. 	nkey->mtime = mtime;

  2954. 

  2955. 	msg_debug_dkim_taskless ("got public key with length %z and type %d",

  2956. 			len, type);

  2957. 

  2958. 	/* Load key file if needed */

  2959. 	if (type == RSPAMD_DKIM_KEY_FILE) {

  2960. 		struct stat st;

  2961. 

  2962. 		if (stat (key, &st) != 0) {

  2963. 			g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL,

  2964. 					"cannot stat key file: '%s' %s", key, strerror (errno));

  2965. 			g_free (nkey);

  2966. 

  2967. 			return NULL;

  2968. 		}

  2969. 

  2970. 		nkey->mtime = st.st_mtime;

  2971. 		map = rspamd_file_xmap (key, PROT_READ, &maplen, TRUE);

  2972. 

  2973. 		if (map == NULL) {

  2974. 			g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL,

  2975. 					"cannot map key file: '%s' %s", key, strerror (errno));

  2976. 			g_free (nkey);

  2977. 

  2978. 			return NULL;

  2979. 		}

  2980. 

  2981. 		key = map;

  2982. 		len = maplen;

  2983. 

  2984. 		if (maplen > sizeof (PEM_SIG) &&

  2985. 			strncmp (map, PEM_SIG, sizeof (PEM_SIG) - 1) == 0) {

  2986. 			type = RSPAMD_DKIM_KEY_PEM;

  2987. 		}

  2988. 		else if (rspamd_cryptobox_base64_is_valid (map, maplen)) {

  2989. 			type = RSPAMD_DKIM_KEY_BASE64;

  2990. 		}

  2991. 		else {

  2992. 			type = RSPAMD_DKIM_KEY_RAW;

  2993. 		}

  2994. 	}

  2995. 

  2996. 	if (type == RSPAMD_DKIM_KEY_UNKNOWN) {

  2997. 		if (len > sizeof (PEM_SIG) &&

  2998. 			memcmp (key, PEM_SIG, sizeof (PEM_SIG) - 1) == 0) {

  2999. 			type = RSPAMD_DKIM_KEY_PEM;

  3000. 		}

  3001. 		else {

  3002. 			type = RSPAMD_DKIM_KEY_RAW;

  3003. 		}

  3004. 	}

  3005. 

  3006. 	if (type == RSPAMD_DKIM_KEY_BASE64) {

  3007. 		type = RSPAMD_DKIM_KEY_RAW;

  3008. 		tmp = g_malloc (len);

  3009. 		rspamd_cryptobox_base64_decode (key, len, tmp, &len);

  3010. 		key = tmp;

  3011. 	}

  3012. 

  3013. 	if (type == RSPAMD_DKIM_KEY_RAW && (len == 32 ||

  3014. 		len == rspamd_cryptobox_sk_sig_bytes (RSPAMD_CRYPTOBOX_MODE_25519))) {

  3015. 		if (len == 32) {

  3016. 			/* Seeded key, need scalarmult */

  3017. 			unsigned char pk[32];

  3018. 			nkey->type = RSPAMD_DKIM_KEY_EDDSA;

  3019. 			nkey->key.key_eddsa = g_malloc (

  3020. 					rspamd_cryptobox_sk_sig_bytes (RSPAMD_CRYPTOBOX_MODE_25519));

  3021. 			crypto_sign_ed25519_seed_keypair (pk, nkey->key.key_eddsa, key);

  3022. 			nkey->keylen = rspamd_cryptobox_sk_sig_bytes (RSPAMD_CRYPTOBOX_MODE_25519);

  3023. 		}

  3024. 		else {

  3025. 			/* Full ed25519 key */

  3026. 			unsigned klen = rspamd_cryptobox_sk_sig_bytes (RSPAMD_CRYPTOBOX_MODE_25519);

  3027. 			nkey->type = RSPAMD_DKIM_KEY_EDDSA;

  3028. 			nkey->key.key_eddsa = g_malloc (klen);

  3029. 			memcpy (nkey->key.key_eddsa, key, klen);

  3030. 			nkey->keylen = klen;

  3031. 		}

  3032. 	}

  3033. 	else {

  3034. 		nkey->key_bio = BIO_new_mem_buf (key, len);

  3035. 

  3036. 		if (type == RSPAMD_DKIM_KEY_RAW) {

  3037. 			if (d2i_PrivateKey_bio (nkey->key_bio, &nkey->key_evp) == NULL) {

  3038. 				g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL,

  3039. 						"cannot parse raw private key: %s",

  3040. 						ERR_error_string (ERR_get_error (), NULL));

  3041. 

  3042. 				rspamd_dkim_sign_key_free (nkey);

  3043. 				nkey = NULL;

  3044. 

  3045. 				goto end;

  3046. 			}

  3047. 		}

  3048. 		else {

  3049. 			if (!PEM_read_bio_PrivateKey (nkey->key_bio, &nkey->key_evp, NULL, NULL)) {

  3050. 				g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL,

  3051. 						"cannot parse pem private key: %s",

  3052. 						ERR_error_string (ERR_get_error (), NULL));

  3053. 				rspamd_dkim_sign_key_free (nkey);

  3054. 				nkey = NULL;

  3055. 

  3056. 				goto end;

  3057. 			}

  3058. 

  3059. 		}

  3060. 		nkey->key.key_rsa = EVP_PKEY_get1_RSA (nkey->key_evp);

  3061. 		if (nkey->key.key_rsa == NULL) {

  3062. 			g_set_error (err,

  3063. 					DKIM_ERROR,

  3064. 					DKIM_SIGERROR_KEYFAIL,

  3065. 					"cannot extract rsa key from evp key");

  3066. 			rspamd_dkim_sign_key_free (nkey);

  3067. 			nkey = NULL;

  3068. 

  3069. 			goto end;

  3070. 		}

  3071. 		nkey->type = RSPAMD_DKIM_KEY_RSA;

  3072. 	}

  3073. 

  3074. 	REF_INIT_RETAIN (nkey, rspamd_dkim_sign_key_free);

  3075. 

  3076. end:

  3077. 

  3078. 	if (map != NULL) {

  3079. 		munmap (map, maplen);

  3080. 	}

  3081. 

  3082. 	if (tmp != NULL) {

  3083. 		rspamd_explicit_memzero (tmp, len);

  3084. 		g_free (tmp);

  3085. 	}

  3086. 

  3087. 	return nkey;

  3088. }

  3089. 

  3090. #undef PEM_SIG

  3091. 

  3092. gboolean

  3093. rspamd_dkim_sign_key_maybe_invalidate (rspamd_dkim_sign_key_t *key, time_t mtime)

  3094. {

  3095. 	if (mtime > key->mtime) {

  3096. 			return TRUE;

  3097. 	}

  3098. 	return FALSE;

  3099. }

  3100. 

  3101. rspamd_dkim_sign_context_t *

  3102. rspamd_create_dkim_sign_context (struct rspamd_task *task,

  3103. 		rspamd_dkim_sign_key_t *priv_key,

  3104. 		gint headers_canon,

  3105. 		gint body_canon,

  3106. 		const gchar *headers,

  3107. 		enum rspamd_dkim_type type,

  3108. 		GError **err)

  3109. {

  3110. 	rspamd_dkim_sign_context_t *nctx;

  3111. 

  3112. 	if (headers_canon != DKIM_CANON_SIMPLE && headers_canon != DKIM_CANON_RELAXED) {

  3113. 		g_set_error (err,

  3114. 				DKIM_ERROR,

  3115. 				DKIM_SIGERROR_INVALID_HC,

  3116. 				"bad headers canonicalisation");

  3117. 

  3118. 		return NULL;

  3119. 	}

  3120. 	if (body_canon != DKIM_CANON_SIMPLE && body_canon != DKIM_CANON_RELAXED) {

  3121. 		g_set_error (err,

  3122. 				DKIM_ERROR,

  3123. 				DKIM_SIGERROR_INVALID_BC,

  3124. 				"bad body canonicalisation");

  3125. 

  3126. 		return NULL;

  3127. 	}

  3128. 

  3129. 	if (!priv_key || (!priv_key->key.key_rsa && !priv_key->key.key_eddsa)) {

  3130. 		g_set_error (err,

  3131. 				DKIM_ERROR,

  3132. 				DKIM_SIGERROR_KEYFAIL,

  3133. 				"bad key to sign");

  3134. 

  3135. 		return NULL;

  3136. 	}

  3137. 

  3138. 	nctx = rspamd_mempool_alloc0 (task->task_pool, sizeof (*nctx));

  3139. 	nctx->common.pool = task->task_pool;

  3140. 	nctx->common.header_canon_type = headers_canon;

  3141. 	nctx->common.body_canon_type = body_canon;

  3142. 	nctx->common.type = type;

  3143. 	nctx->common.is_sign = TRUE;

  3144. 

  3145. 	if (type != RSPAMD_DKIM_ARC_SEAL) {

  3146. 		if (!rspamd_dkim_parse_hdrlist_common (&nctx->common, headers,

  3147. 				strlen (headers), TRUE,

  3148. 				err)) {

  3149. 			return NULL;

  3150. 		}

  3151. 	}

  3152. 	else {

  3153. 		rspamd_dkim_add_arc_seal_headers (task->task_pool, &nctx->common);

  3154. 	}

  3155. 

  3156. 	nctx->key = rspamd_dkim_sign_key_ref (priv_key);

  3157. 

  3158. 	rspamd_mempool_add_destructor (task->task_pool,

  3159. 			(rspamd_mempool_destruct_t)rspamd_dkim_sign_key_unref, priv_key);

  3160. 

  3161. #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)

  3162. 	nctx->common.body_hash = EVP_MD_CTX_create ();

  3163. 	EVP_DigestInit_ex (nctx->common.body_hash, EVP_sha256 (), NULL);

  3164. 	nctx->common.headers_hash = EVP_MD_CTX_create ();

  3165. 	EVP_DigestInit_ex (nctx->common.headers_hash, EVP_sha256 (), NULL);

  3166. 	rspamd_mempool_add_destructor (task->task_pool,

  3167. 			(rspamd_mempool_destruct_t)EVP_MD_CTX_destroy, nctx->common.body_hash);

  3168. 	rspamd_mempool_add_destructor (task->task_pool,

  3169. 			(rspamd_mempool_destruct_t)EVP_MD_CTX_destroy, nctx->common.headers_hash);

  3170. #else

  3171. 	nctx->common.body_hash = EVP_MD_CTX_new ();

  3172. 	EVP_DigestInit_ex (nctx->common.body_hash, EVP_sha256 (), NULL);

  3173. 	nctx->common.headers_hash = EVP_MD_CTX_new ();

  3174. 	EVP_DigestInit_ex (nctx->common.headers_hash, EVP_sha256 (), NULL);

  3175. 	rspamd_mempool_add_destructor (task->task_pool,

  3176. 			(rspamd_mempool_destruct_t)EVP_MD_CTX_free, nctx->common.body_hash);

  3177. 	rspamd_mempool_add_destructor (task->task_pool,

  3178. 			(rspamd_mempool_destruct_t)EVP_MD_CTX_free, nctx->common.headers_hash);

  3179. #endif

  3180. 

  3181. 	return nctx;

  3182. }

  3183. 

  3184. 

  3185. GString *

  3186. rspamd_dkim_sign (struct rspamd_task *task, const gchar *selector,

  3187. 		const gchar *domain, time_t expire, gsize len, guint idx,

  3188. 		const gchar *arc_cv, rspamd_dkim_sign_context_t *ctx)

  3189. {

  3190. 	GString *hdr;

  3191. 	struct rspamd_dkim_header *dh;

  3192. 	const gchar *body_end, *body_start, *hname;

  3193. 	guchar raw_digest[EVP_MAX_MD_SIZE];

  3194. 	struct rspamd_dkim_cached_hash *cached_bh = NULL;

  3195. 	gsize dlen = 0;

  3196. 	guint i, j;

  3197. 	gchar *b64_data;

  3198. 	guchar *sig_buf;

  3199. 	guint sig_len;

  3200. 	guint headers_len = 0, cur_len = 0;

  3201. 	union rspamd_dkim_header_stat hstat;

  3202. 

  3203. 	g_assert (ctx != NULL);

  3204. 

  3205. 	/* First of all find place of body */

  3206. 	body_end = task->msg.begin + task->msg.len;

  3207. 	body_start = MESSAGE_FIELD (task, raw_headers_content).body_start;

  3208. 

  3209. 	if (len > 0) {

  3210. 		ctx->common.len = len;

  3211. 	}

  3212. 

  3213. 	if (!body_start) {

  3214. 		return NULL;

  3215. 	}

  3216. 

  3217. 	/* Start canonization of body part */

  3218. 	if (ctx->common.type != RSPAMD_DKIM_ARC_SEAL) {

  3219. 		dlen = EVP_MD_CTX_size (ctx->common.body_hash);

  3220. 		cached_bh = rspamd_dkim_check_bh_cached (&ctx->common, task,

  3221. 				dlen, TRUE);

  3222. 

  3223. 		if (!cached_bh->digest_normal) {

  3224. 			/* Start canonization of body part */

  3225. 			if (!rspamd_dkim_canonize_body (&ctx->common, body_start, body_end,

  3226. 					TRUE)) {

  3227. 				return NULL;

  3228. 			}

  3229. 		}

  3230. 	}

  3231. 

  3232. 	hdr = g_string_sized_new (255);

  3233. 

  3234. 	if (ctx->common.type == RSPAMD_DKIM_NORMAL) {

  3235. 		rspamd_printf_gstring (hdr, "v=1; a=%s; c=%s/%s; d=%s; s=%s; ",

  3236. 				ctx->key->type == RSPAMD_DKIM_KEY_RSA ?

  3237. 						"rsa-sha256" : "ed25519-sha256",

  3238. 				ctx->common.header_canon_type == DKIM_CANON_RELAXED ?

  3239. 						"relaxed" : "simple",

  3240. 				ctx->common.body_canon_type == DKIM_CANON_RELAXED ?

  3241. 						"relaxed" : "simple",

  3242. 				domain, selector);

  3243. 	}

  3244. 	else if (ctx->common.type == RSPAMD_DKIM_ARC_SIG) {

  3245. 		rspamd_printf_gstring (hdr, "i=%d; a=%s; c=%s/%s; d=%s; s=%s; ",

  3246. 				idx,

  3247. 				ctx->key->type == RSPAMD_DKIM_KEY_RSA ?

  3248. 						"rsa-sha256" : "ed25519-sha256",

  3249. 				ctx->common.header_canon_type == DKIM_CANON_RELAXED ?

  3250. 						"relaxed" : "simple",

  3251. 				ctx->common.body_canon_type == DKIM_CANON_RELAXED ?

  3252. 						"relaxed" : "simple",

  3253. 				domain, selector);

  3254. 	}

  3255. 	else {

  3256. 		g_assert (arc_cv != NULL);

  3257. 		rspamd_printf_gstring (hdr, "i=%d; a=%s; d=%s; s=%s; cv=%s; ",

  3258. 				idx,

  3259. 				ctx->key->type == RSPAMD_DKIM_KEY_RSA ?

  3260. 						"rsa-sha256" : "ed25519-sha256",

  3261. 				domain,

  3262. 				selector,

  3263. 				arc_cv);

  3264. 	}

  3265. 

  3266. 	if (expire > 0) {

  3267. 		rspamd_printf_gstring (hdr, "x=%t; ", expire);

  3268. 	}

  3269. 

  3270. 	if (ctx->common.type != RSPAMD_DKIM_ARC_SEAL) {

  3271. 		if (len > 0) {

  3272. 			rspamd_printf_gstring (hdr, "l=%z; ", len);

  3273. 		}

  3274. 	}

  3275. 

  3276. 	rspamd_printf_gstring (hdr, "t=%t; h=", time (NULL));

  3277. 

  3278. 	/* Now canonize headers */

  3279. 	for (i = 0; i < ctx->common.hlist->len; i++) {

  3280. 		struct rspamd_mime_header *rh, *cur;

  3281. 

  3282. 		dh = g_ptr_array_index (ctx->common.hlist, i);

  3283. 

  3284. 		/* We allow oversigning if dh->count > number of headers with this name */

  3285. 		hstat.n = GPOINTER_TO_UINT (g_hash_table_lookup (ctx->common.htable, dh->name));

  3286. 

  3287. 		if (hstat.s.flags & RSPAMD_DKIM_FLAG_OVERSIGN) {

  3288. 			/* Do oversigning */

  3289. 			guint count = 0;

  3290. 

  3291. 			rh = rspamd_message_get_header_array(task, dh->name, FALSE);

  3292. 

  3293. 			if (rh) {

  3294. 				DL_FOREACH (rh, cur) {

  3295. 					/* Sign all existing headers */

  3296. 					rspamd_dkim_canonize_header (&ctx->common, task, dh->name,

  3297. 							count,

  3298. 							NULL, NULL);

  3299. 					count++;

  3300. 				}

  3301. 			}

  3302. 

  3303. 			/* Now add one more entry to oversign */

  3304. 			if (count > 0 || !(hstat.s.flags & RSPAMD_DKIM_FLAG_OVERSIGN_EXISTING)) {

  3305. 				cur_len = (strlen (dh->name) + 1) * (count + 1);

  3306. 				headers_len += cur_len;

  3307. 

  3308. 				if (headers_len > 70 && i > 0 && i < ctx->common.hlist->len - 1) {

  3309. 					rspamd_printf_gstring (hdr, "  ");

  3310. 					headers_len = cur_len;

  3311. 				}

  3312. 

  3313. 				for (j = 0; j < count + 1; j++) {

  3314. 					rspamd_printf_gstring (hdr, "%s:", dh->name);

  3315. 				}

  3316. 			}

  3317. 		}

  3318. 		else {

  3319. 			rh = rspamd_message_get_header_array(task, dh->name, FALSE);

  3320. 

  3321. 			if (rh) {

  3322. 				if (hstat.s.count > 0) {

  3323. 

  3324. 					cur_len = (strlen (dh->name) + 1) * (hstat.s.count);

  3325. 					headers_len += cur_len;

  3326. 					if (headers_len > 70 && i > 0 && i < ctx->common.hlist->len - 1) {

  3327. 						rspamd_printf_gstring (hdr, "  ");

  3328. 						headers_len = cur_len;

  3329. 					}

  3330. 

  3331. 					for (j = 0; j < hstat.s.count; j++) {

  3332. 						rspamd_printf_gstring (hdr, "%s:", dh->name);

  3333. 					}

  3334. 				}

  3335. 

  3336. 

  3337. 				rspamd_dkim_canonize_header (&ctx->common, task,

  3338. 						dh->name, dh->count,

  3339. 						NULL, NULL);

  3340. 			}

  3341. 		}

  3342. 

  3343. 		g_hash_table_remove (ctx->common.htable, dh->name);

  3344. 	}

  3345. 

  3346. 	/* Replace the last ':' with ';' */

  3347. 	hdr->str[hdr->len - 1] = ';';

  3348. 

  3349. 	if (ctx->common.type != RSPAMD_DKIM_ARC_SEAL) {

  3350. 		if (!cached_bh->digest_normal) {

  3351. 			EVP_DigestFinal_ex (ctx->common.body_hash, raw_digest, NULL);

  3352. 			cached_bh->digest_normal = rspamd_mempool_alloc (task->task_pool,

  3353. 					sizeof (raw_digest));

  3354. 			memcpy (cached_bh->digest_normal, raw_digest, sizeof (raw_digest));

  3355. 		}

  3356. 

  3357. 

  3358. 		b64_data = rspamd_encode_base64 (cached_bh->digest_normal, dlen, 0, NULL);

  3359. 		rspamd_printf_gstring (hdr, " bh=%s; b=", b64_data);

  3360. 		g_free (b64_data);

  3361. 	}

  3362. 	else {

  3363. 		rspamd_printf_gstring (hdr, " b=");

  3364. 	}

  3365. 

  3366. 	switch (ctx->common.type) {

  3367. 	case RSPAMD_DKIM_NORMAL:

  3368. 	default:

  3369. 		hname = RSPAMD_DKIM_SIGNHEADER;

  3370. 		break;

  3371. 	case RSPAMD_DKIM_ARC_SIG:

  3372. 		hname = RSPAMD_DKIM_ARC_SIGNHEADER;

  3373. 		break;

  3374. 	case RSPAMD_DKIM_ARC_SEAL:

  3375. 		hname = RSPAMD_DKIM_ARC_SEALHEADER;

  3376. 		break;

  3377. 	}

  3378. 

  3379. 	if (ctx->common.header_canon_type == DKIM_CANON_RELAXED) {

  3380. 		if (!rspamd_dkim_canonize_header_relaxed (&ctx->common,

  3381. 				hdr->str,

  3382. 				hname,

  3383. 				TRUE,

  3384. 				0,

  3385. 				ctx->common.type == RSPAMD_DKIM_ARC_SEAL)) {

  3386. 

  3387. 			g_string_free (hdr, TRUE);

  3388. 			return NULL;

  3389. 		}

  3390. 	}

  3391. 	else {

  3392. 		/* Will likely have issues with folding */

  3393. 		rspamd_dkim_hash_update (ctx->common.headers_hash, hdr->str,

  3394. 				hdr->len);

  3395. 		ctx->common.headers_canonicalised += hdr->len;

  3396. 		msg_debug_task ("update signature with header: %*s",

  3397. 				(gint)hdr->len, hdr->str);

  3398. 	}

  3399. 

  3400. 	dlen = EVP_MD_CTX_size (ctx->common.headers_hash);

  3401. 	EVP_DigestFinal_ex (ctx->common.headers_hash, raw_digest, NULL);

  3402. 	if (ctx->key->type == RSPAMD_DKIM_KEY_RSA) {

  3403. 		sig_len = RSA_size (ctx->key->key.key_rsa);

  3404. 		sig_buf = g_alloca (sig_len);

  3405. 

  3406. 		if (RSA_sign (NID_sha256, raw_digest, dlen, sig_buf, &sig_len,

  3407. 				ctx->key->key.key_rsa) != 1) {

  3408. 			g_string_free (hdr, TRUE);

  3409. 			msg_err_task ("rsa sign error: %s",

  3410. 					ERR_error_string (ERR_get_error (), NULL));

  3411. 

  3412. 			return NULL;

  3413. 		}

  3414. 	} else if (ctx->key->type == RSPAMD_DKIM_KEY_EDDSA) {

  3415. 		sig_len = rspamd_cryptobox_signature_bytes (RSPAMD_CRYPTOBOX_MODE_25519);

  3416. 		sig_buf = g_alloca (sig_len);

  3417. 

  3418. 		rspamd_cryptobox_sign (sig_buf, NULL, raw_digest, dlen,

  3419. 				ctx->key->key.key_eddsa, RSPAMD_CRYPTOBOX_MODE_25519);

  3420. 	} else {

  3421. 		g_string_free (hdr, TRUE);

  3422. 		msg_err_task ("unsupported key type for signing");

  3423. 

  3424. 		return NULL;

  3425. 	}

  3426. 

  3427. 	if (task->protocol_flags & RSPAMD_TASK_PROTOCOL_FLAG_MILTER) {

  3428. 		b64_data = rspamd_encode_base64_fold (sig_buf, sig_len, 70, NULL,

  3429. 				RSPAMD_TASK_NEWLINES_LF);

  3430. 	}

  3431. 	else {

  3432. 		b64_data = rspamd_encode_base64_fold (sig_buf, sig_len, 70, NULL,

  3433. 				MESSAGE_FIELD (task, nlines_type));

  3434. 	}

  3435. 

  3436. 	rspamd_printf_gstring (hdr, "%s", b64_data);

  3437. 	g_free (b64_data);

  3438. 

  3439. 	return hdr;

  3440. }

  3441. 

  3442. gboolean

  3443. rspamd_dkim_match_keys (rspamd_dkim_key_t *pk,

  3444. 								 rspamd_dkim_sign_key_t *sk,

  3445. 								 GError **err)

  3446. {

  3447. 	if (pk == NULL || sk == NULL) {

  3448. 		g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL,

  3449. 				"missing public or private key");

  3450. 		return FALSE;

  3451. 	}

  3452. 	if (pk->type != sk->type) {

  3453. 		g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL,

  3454. 				"public and private key types do not match");

  3455. 		return FALSE;

  3456. 	}

  3457. 

  3458. 	if (pk->type == RSPAMD_DKIM_KEY_EDDSA) {

  3459. 		if (memcmp(sk->key.key_eddsa + 32, pk->key.key_eddsa, 32) != 0) {

  3460. 			g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYHASHMISMATCH,

  3461. 					"pubkey does not match private key");

  3462. 			return FALSE;

  3463. 		}

  3464. 

  3465. 	}

  3466. 	else if (EVP_PKEY_cmp (pk->key_evp, sk->key_evp) != 1) {

  3467. 		g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYHASHMISMATCH,

  3468. 				"pubkey does not match private key");

  3469. 		return FALSE;

  3470. 	}

  3471. 

  3472. 	return TRUE;

  3473. }