routing.js « OC « src « core - nextcloud-server.git - Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server

ass="w"> && rspamd_lc_cmp (alg, "ecdsa256", alglen) == 0) { return rspamd_dkim_make_key (key, klen, RSPAMD_DKIM_KEY_ECDSA, err); } else if (alglen == 7 && rspamd_lc_cmp (alg, "ed25519", alglen) == 0) { return rspamd_dkim_make_key (key, klen, RSPAMD_DKIM_KEY_EDDSA, err); } else { /* We assume RSA default in all cases */ return rspamd_dkim_make_key (key, klen, RSPAMD_DKIM_KEY_RSA, err); } g_assert_not_reached (); return NULL; } /* Get TXT request data and parse it */ static void rspamd_dkim_dns_cb (struct rdns_reply *reply, gpointer arg) { struct rspamd_dkim_key_cbdata *cbdata = arg; rspamd_dkim_key_t *key = NULL; GError *err = NULL; struct rdns_reply_entry *elt; gsize keylen = 0; if (reply->code != RDNS_RC_NOERROR) { gint err_code = DKIM_SIGERROR_NOKEY; if (reply->code == RDNS_RC_NOREC) { err_code = DKIM_SIGERROR_NOREC; } else if (reply->code == RDNS_RC_NXDOMAIN) { err_code = DKIM_SIGERROR_NOREC; } g_set_error (&err, DKIM_ERROR, err_code, "dns request to %s failed: %s", cbdata->ctx->dns_key, rdns_strerror (reply->code)); cbdata->handler (NULL, 0, cbdata->ctx, cbdata->ud, err); } else { LL_FOREACH (reply->entries, elt) { if (elt->type == RDNS_REQUEST_TXT) { if (err != NULL) { /* Free error as it is insignificant */ g_error_free (err); err = NULL; } key = rspamd_dkim_parse_key (elt->content.txt.data, &keylen, &err); if (key) { key->ttl = elt->ttl; break; } } } cbdata->handler (key, keylen, cbdata->ctx, cbdata->ud, err); } } /** * Make DNS request for specified context and obtain and parse key * @param ctx dkim context from signature * @param resolver dns resolver object * @param s async session to make request * @return */ gboolean rspamd_get_dkim_key (rspamd_dkim_context_t *ctx, struct rspamd_task *task, dkim_key_handler_f handler, gpointer ud) { struct rspamd_dkim_key_cbdata *cbdata; g_return_val_if_fail (ctx != NULL, FALSE); g_return_val_if_fail (ctx->dns_key != NULL, FALSE); cbdata = rspamd_mempool_alloc (ctx->pool, sizeof (struct rspamd_dkim_key_cbdata)); cbdata->ctx = ctx; cbdata->handler = handler; cbdata->ud = ud; return rspamd_dns_resolver_request_task_forced (task, rspamd_dkim_dns_cb, cbdata, RDNS_REQUEST_TXT, ctx->dns_key); } static gboolean rspamd_dkim_relaxed_body_step (struct rspamd_dkim_common_ctx *ctx, EVP_MD_CTX *ck, const gchar **start, guint size, gssize *remain) { const gchar *h; gchar *t; guint len, inlen; gssize octets_remain; gboolean got_sp, ret = TRUE; gchar buf[1024]; len = size; inlen = sizeof (buf) - 1; h = *start; t = buf; got_sp = FALSE; octets_remain = *remain; while (len > 0 && inlen > 0 && (octets_remain > 0)) { if (*h == '\r' || *h == '\n') { if (got_sp) { /* Ignore spaces at the end of line */ t --; } *t++ = '\r'; *t++ = '\n'; if (len > 1 && (*h == '\r' && h[1] == '\n')) { h += 2; len -= 2; octets_remain -= 2; } else { h ++; len --; if (octets_remain >= 2) { octets_remain -= 2; /* Input has just \n or \r so we actually add more octets */ } else { octets_remain --; break; } } break; } else if (g_ascii_isspace (*h)) { if (got_sp) { /* Ignore multiply spaces */ h++; len--; continue; } else { *t++ = ' '; h++; inlen--; len--; octets_remain --; got_sp = TRUE; continue; } } else { got_sp = FALSE; } *t++ = *h++; inlen--; len--; octets_remain --; } if (octets_remain < 0) { /* Absurdic l tag value, but we still need to rewind the t pointer back */ while (t > buf && octets_remain < 0) { t --; octets_remain ++; } ret = FALSE; } *start = h; if (t - buf > 0) { gsize cklen = t - buf; EVP_DigestUpdate (ck, buf, cklen); ctx->body_canonicalised += cklen; msg_debug_dkim ("relaxed update signature with body buffer " "(%z size, %z -> %z remain)", cklen, *remain, octets_remain); *remain = octets_remain; } return ret && ((len > 0) && (octets_remain > 0)); } static gboolean rspamd_dkim_simple_body_step (struct rspamd_dkim_common_ctx *ctx, EVP_MD_CTX *ck, const gchar **start, guint size, gssize *remain) { const gchar *h; gchar *t; guint len, inlen; gssize octets_remain; gchar buf[1024]; len = size; inlen = sizeof (buf) - 1; h = *start; t = &buf[0]; octets_remain = *remain; while (len > 0 && inlen > 0 && (octets_remain != 0)) { if (*h == '\r' || *h == '\n') { *t++ = '\r'; *t++ = '\n'; if (len > 1 && (*h == '\r' && h[1] == '\n')) { h += 2; len -= 2; if (octets_remain >= 2) { octets_remain -= 2; /* Input has just \n or \r so we actually add more octets */ } else { octets_remain --; } } else { h ++; len --; if (octets_remain >= 2) { octets_remain -= 2; /* Input has just \n or \r so we actually add more octets */ } else { octets_remain --; } } break; } *t++ = *h++; octets_remain --; inlen--; len--; } *start = h; if (t - buf > 0) { gsize cklen = t - buf; EVP_DigestUpdate (ck, buf, cklen); ctx->body_canonicalised += cklen; msg_debug_dkim ("simple update signature with body buffer " "(%z size, %z -> %z remain)", cklen, *remain, octets_remain); *remain = octets_remain; } return ((len != 0) && (octets_remain != 0)); } static const gchar * rspamd_dkim_skip_empty_lines (const gchar *start, const gchar *end, guint type, gboolean sign, gboolean *need_crlf) { const gchar *p = end - 1, *t; enum { init = 0, init_2, got_cr, got_lf, got_crlf, test_spaces, } state = init; guint skip = 0; while (p >= start) { switch (state) { case init: if (*p == '\r') { state = got_cr; } else if (*p == '\n') { state = got_lf; } else if (type == DKIM_CANON_RELAXED && *p == ' ') { skip = 0; state = test_spaces; } else { if (sign || type != DKIM_CANON_RELAXED) { *need_crlf = TRUE; } goto end; } break; case init_2: if (*p == '\r') { state = got_cr; } else if (*p == '\n') { state = got_lf; } else if (type == DKIM_CANON_RELAXED && (*p == ' ' || *p == '\t')) { skip = 0; state = test_spaces; } else { goto end; } break; case got_cr: if (p >= start + 1) { if (*(p - 1) == '\r') { p --; state = got_cr; } else if (*(p - 1) == '\n') { if ((*p - 2) == '\r') { /* \r\n\r -> we know about one line */ p -= 1; state = got_crlf; } else { /* \n\r -> we know about one line */ p -= 1; state = got_lf; } } else if (type == DKIM_CANON_RELAXED && (*(p - 1) == ' ' || *(p - 1) == '\t')) { skip = 1; state = test_spaces; } else { goto end; } } else { if (g_ascii_isspace (*(p - 1))) { if (type == DKIM_CANON_RELAXED) { p -= 1; } } goto end; } break; case got_lf: if (p >= start + 1) { if (*(p - 1) == '\r') { state = got_crlf; } else if (*(p - 1) == '\n') { /* We know about one line */ p --; state = got_lf; } else if (type == DKIM_CANON_RELAXED && (*(p - 1) == ' ' || *(p - 1) == '\t')) { skip = 1; state = test_spaces; } else { goto end; } } else { if (g_ascii_isspace (*(p - 1))) { if (type == DKIM_CANON_RELAXED) { p -= 1; } } goto end; } break; case got_crlf: if (p >= start + 2) { if (*(p - 2) == '\r') { p -= 2; state = got_cr; } else if (*(p - 2) == '\n') { p -= 2; state = got_lf; } else if (type == DKIM_CANON_RELAXED && (*(p - 2) == ' ' || *(p - 2) == '\t')) { skip = 2; state = test_spaces; } else { goto end; } } else { if (g_ascii_isspace (*(p - 2))) { if (type == DKIM_CANON_RELAXED) { p -= 2; } } goto end; } break; case test_spaces: t = p - skip; while (t >= start + 2 && (*t == ' ' || *t == '\t')) { t --; } if (*t == '\r') { p = t; state = got_cr; } else if (*t == '\n') { p = t; state = got_lf; } else { goto end; } break; } } end: return p; } static gboolean rspamd_dkim_canonize_body (struct rspamd_dkim_common_ctx *ctx, const gchar *start, const gchar *end, gboolean sign) { const gchar *p; gssize remain = ctx->len ? ctx->len : G_MAXSSIZE; guint total_len = end - start; gboolean need_crlf = FALSE; if (start == NULL) { /* Empty body */ if (ctx->body_canon_type == DKIM_CANON_SIMPLE) { EVP_DigestUpdate (ctx->body_hash, CRLF, sizeof (CRLF) - 1); ctx->body_canonicalised += sizeof (CRLF) - 1; } else { EVP_DigestUpdate (ctx->body_hash, "", 0); } } else { /* Strip extra ending CRLF */ p = rspamd_dkim_skip_empty_lines (start, end, ctx->body_canon_type, sign, &need_crlf); end = p + 1; if (end == start) { /* Empty body */ if (ctx->body_canon_type == DKIM_CANON_SIMPLE) { EVP_DigestUpdate (ctx->body_hash, CRLF, sizeof (CRLF) - 1); ctx->body_canonicalised += sizeof (CRLF) - 1; } else { EVP_DigestUpdate (ctx->body_hash, "", 0); } } else { if (ctx->body_canon_type == DKIM_CANON_SIMPLE) { /* Simple canonization */ while (rspamd_dkim_simple_body_step (ctx, ctx->body_hash, &start, end - start, &remain)); /* * If we have l= tag then we cannot add crlf... */ if (need_crlf) { /* l is evil... */ if (ctx->len == 0) { remain = 2; } else { if (ctx->len <= total_len) { /* We don't have enough l to add \r\n */ remain = 0; } else { if (ctx->len - total_len >= 2) { remain = 2; } else { remain = ctx->len - total_len; } } } start = "\r\n"; end = start + 2; rspamd_dkim_simple_body_step (ctx, ctx->body_hash, &start, end - start, &remain); } } else { while (rspamd_dkim_relaxed_body_step (ctx, ctx->body_hash, &start, end - start, &remain)) ; if (need_crlf) { start = "\r\n"; end = start + 2; remain = 2; rspamd_dkim_relaxed_body_step (ctx, ctx->body_hash, &start, end - start, &remain); } } } return TRUE; } /* TODO: Implement relaxed algorithm */ return FALSE; } /* Update hash converting all CR and LF to CRLF */ static void rspamd_dkim_hash_update (EVP_MD_CTX *ck, const gchar *begin, gsize len) { const gchar *p, *c, *end; end = begin + len; p = begin; c = p; while (p < end) { if (*p == '\r') { EVP_DigestUpdate (ck, c, p - c); EVP_DigestUpdate (ck, CRLF, sizeof (CRLF) - 1); p++; if (p < end && *p == '\n') { p++; } c = p; } else if (*p == '\n') { EVP_DigestUpdate (ck, c, p - c); EVP_DigestUpdate (ck, CRLF, sizeof (CRLF) - 1); p++; c = p; } else { p++; } } if (p > c) { EVP_DigestUpdate (ck, c, p - c); } } /* Update hash by signature value (ignoring b= tag) */ static void rspamd_dkim_signature_update (struct rspamd_dkim_common_ctx *ctx, const gchar *begin, guint len) { const gchar *p, *c, *end; gboolean tag, skip; end = begin + len; p = begin; c = begin; tag = TRUE; skip = FALSE; while (p < end) { if (tag && p[0] == 'b' && p[1] == '=') { /* Add to signature */ msg_debug_dkim ("initial update hash with signature part: %*s", (gint)(p - c + 2), c); ctx->headers_canonicalised += p - c + 2; rspamd_dkim_hash_update (ctx->headers_hash, c, p - c + 2); skip = TRUE; } else if (skip && (*p == ';' || p == end - 1)) { skip = FALSE; c = p; } else if (!tag && *p == ';') { tag = TRUE; } else if (tag && *p == '=') { tag = FALSE; } p++; } p--; /* Skip \r\n at the end */ while ((*p == '\r' || *p == '\n') && p >= c) { p--; } if (p - c + 1 > 0) { msg_debug_dkim ("final update hash with signature part: %*s", (gint)(p - c + 1), c); ctx->headers_canonicalised += p - c + 1; rspamd_dkim_hash_update (ctx->headers_hash, c, p - c + 1); } } goffset rspamd_dkim_canonize_header_relaxed_str (const gchar *hname, const gchar *hvalue, gchar *out, gsize outlen) { gchar *t; const guchar *h; gboolean got_sp; /* Name part */ t = out; h = hname; while (*h && t - out < outlen) { *t++ = lc_map[*h++]; } if (t - out >= outlen) { return -1; } *t++ = ':'; /* Value part */ h = hvalue; /* Skip spaces at the beginning */ while (g_ascii_isspace (*h)) { h++; } got_sp = FALSE; while (*h && (t - out < outlen)) { if (g_ascii_isspace (*h)) { if (got_sp) { h++; continue; } else { got_sp = TRUE; *t++ = ' '; h++; continue; } } else { got_sp = FALSE; } *t++ = *h++; } if (g_ascii_isspace (*(t - 1))) { t--; } if (t - out >= outlen - 2) { return -1; } *t++ = '\r'; *t++ = '\n'; *t = '\0'; return t - out; } static gboolean rspamd_dkim_canonize_header_relaxed (struct rspamd_dkim_common_ctx *ctx, const gchar *header, const gchar *header_name, gboolean is_sign, guint count, bool is_seal) { static gchar st_buf[8192]; gchar *buf; guint inlen; goffset r; gboolean allocated = FALSE; inlen = strlen (header) + strlen (header_name) + sizeof (":" CRLF); if (inlen > sizeof (st_buf)) { buf = g_malloc (inlen); allocated = TRUE; } else { /* Faster */ buf = st_buf; } r = rspamd_dkim_canonize_header_relaxed_str (header_name, header, buf, inlen); g_assert (r != -1); if (!is_sign) { msg_debug_dkim ("update %s with header (idx=%d): %s", is_seal ? "seal" : "signature", count, buf); EVP_DigestUpdate (ctx->headers_hash, buf, r); } else { rspamd_dkim_signature_update (ctx, buf, r); } if (allocated) { g_free (buf); } return TRUE; } static gboolean rspamd_dkim_canonize_header (struct rspamd_dkim_common_ctx *ctx, struct rspamd_task *task, const gchar *header_name, gint count, const gchar *dkim_header, const gchar *dkim_domain) { struct rspamd_mime_header *rh, *cur, *sel = NULL; gint hdr_cnt = 0; bool use_idx = false, is_sign = ctx->is_sign; /* * TODO: * Temporary hack to prevent linked list being misused until refactored */ const guint max_list_iters = 1000; if (count < 0) { use_idx = true; count = -(count); /* use i= in header content as it is arc stuff */ } if (dkim_header == NULL) { rh = rspamd_message_get_header_array (task, header_name, is_sign); if (rh) { /* Check uniqueness of the header but we count from the bottom to top */ if (!use_idx) { for (cur = rh->prev;; cur = cur->prev) { if (hdr_cnt == count) { sel = cur; } hdr_cnt++; if (cur == rh || hdr_cnt >= max_list_iters) { /* Cycle */ break; } } if ((rh->flags & RSPAMD_HEADER_UNIQUE) && hdr_cnt > 1) { guint64 random_cookie = ottery_rand_uint64 (); msg_warn_dkim ("header %s is intended to be unique by" " email standards, but we have %d headers of this" " type, artificially break DKIM check", header_name, hdr_cnt); rspamd_dkim_hash_update (ctx->headers_hash, (const gchar *)&random_cookie, sizeof (random_cookie)); ctx->headers_canonicalised += sizeof (random_cookie); return FALSE; } if (hdr_cnt <= count) { /* * If DKIM has less headers requested than there are in a * message, then it's fine, it allows adding extra headers */ return TRUE; } } else { /* * This branch is used for ARC headers, and it orders them based on * i=<number> string and not their real order in the list of headers */ gchar idx_buf[16]; gint id_len, i; id_len = rspamd_snprintf (idx_buf, sizeof (idx_buf), "i=%d;", count); for (cur = rh->prev, i = 0; i < max_list_iters; cur = cur->prev, i ++) { if (cur->decoded && rspamd_substring_search (cur->decoded, strlen (cur->decoded), idx_buf, id_len) != -1) { sel = cur; break; } if (cur == rh) { /* Cycle */ break; } } if (sel == NULL) { return FALSE; } } /* Selected header must be non-null if previous condition is false */ g_assert (sel != NULL); if (ctx->header_canon_type == DKIM_CANON_SIMPLE) { rspamd_dkim_hash_update (ctx->headers_hash, sel->raw_value, sel->raw_len); ctx->headers_canonicalised += sel->raw_len; msg_debug_dkim ("update %s with header (idx=%d): %*s", (use_idx ? "seal" : "signature"), count, (gint)sel->raw_len, sel->raw_value); } else { if (is_sign && (sel->flags & RSPAMD_HEADER_FROM)) { /* Special handling of the From handling when rewrite is done */ gboolean has_rewrite = FALSE; guint i; struct rspamd_email_address *addr; PTR_ARRAY_FOREACH (MESSAGE_FIELD (task, from_mime), i, addr) { if ((addr->flags & RSPAMD_EMAIL_ADDR_ORIGINAL) && !(addr->flags & RSPAMD_EMAIL_ADDR_ALIASED)) { has_rewrite = TRUE; } } if (has_rewrite) { PTR_ARRAY_FOREACH (MESSAGE_FIELD (task, from_mime), i, addr) { if (!(addr->flags & RSPAMD_EMAIL_ADDR_ORIGINAL)) { if (!rspamd_dkim_canonize_header_relaxed (ctx, addr->raw, header_name, FALSE, i, use_idx)) { return FALSE; } return TRUE; } } } } if (!rspamd_dkim_canonize_header_relaxed (ctx, sel->value, header_name, FALSE, count, use_idx)) { return FALSE; } } } } else { /* For signature check just use the saved dkim header */ if (ctx->header_canon_type == DKIM_CANON_SIMPLE) { /* We need to find our own signature and use it */ rh = rspamd_message_get_header_array (task, header_name, is_sign); if (rh) { /* We need to find our own signature */ if (!dkim_domain) { msg_err_dkim ("cannot verify dkim as we have no dkim domain!"); return FALSE; } gboolean found = FALSE; DL_FOREACH (rh, cur) { guint64 th = rspamd_cryptobox_fast_hash (cur->decoded, strlen (cur->decoded), rspamd_hash_seed ()); if (th == ctx->sig_hash) { rspamd_dkim_signature_update (ctx, cur->raw_value, cur->raw_len); found = TRUE; break; } } if (!found) { msg_err_dkim ("BUGON: cannot verify dkim as we have lost our signature" " during simple canonicalisation, expected hash=%L", ctx->sig_hash); return FALSE; } } else { return FALSE; } } else { if (!rspamd_dkim_canonize_header_relaxed (ctx, dkim_header, header_name, TRUE, 0, use_idx)) { return FALSE; } } } return TRUE; } struct rspamd_dkim_cached_hash { guchar *digest_normal; guchar *digest_cr; guchar *digest_crlf; gchar *type; }; static struct rspamd_dkim_cached_hash * rspamd_dkim_check_bh_cached (struct rspamd_dkim_common_ctx *ctx, struct rspamd_task *task, gsize bhlen, gboolean is_sign) { gchar typebuf[64]; struct rspamd_dkim_cached_hash *res; rspamd_snprintf (typebuf, sizeof (typebuf), RSPAMD_MEMPOOL_DKIM_BH_CACHE "%z_%s_%d_%z", bhlen, ctx->body_canon_type == DKIM_CANON_RELAXED ? "1" : "0", !!is_sign, ctx->len); res = rspamd_mempool_get_variable (task->task_pool, typebuf); if (!res) { res = rspamd_mempool_alloc0 (task->task_pool, sizeof (*res)); res->type = rspamd_mempool_strdup (task->task_pool, typebuf); rspamd_mempool_set_variable (task->task_pool, res->type, res, NULL); } return res; } static const char * rspamd_dkim_type_to_string (enum rspamd_dkim_type t) { switch (t) { case RSPAMD_DKIM_NORMAL: return "dkim"; case RSPAMD_DKIM_ARC_SIG: return "arc_sig"; case RSPAMD_DKIM_ARC_SEAL: default: return "arc_seal"; } } /** * Check task for dkim context using dkim key * @param ctx dkim verify context * @param key dkim key (from cache or from dns request) * @param task task to check * @return */ struct rspamd_dkim_check_result * rspamd_dkim_check (rspamd_dkim_context_t *ctx, rspamd_dkim_key_t *key, struct rspamd_task *task) { const gchar *body_end, *body_start; guchar raw_digest[EVP_MAX_MD_SIZE]; struct rspamd_dkim_cached_hash *cached_bh = NULL; EVP_MD_CTX *cpy_ctx = NULL; gsize dlen = 0; struct rspamd_dkim_check_result *res; guint i; struct rspamd_dkim_header *dh; gint nid; g_return_val_if_fail (ctx != NULL, NULL); g_return_val_if_fail (key != NULL, NULL); g_return_val_if_fail (task->msg.len > 0, NULL); /* First of all find place of body */ body_end = task->msg.begin + task->msg.len; body_start = MESSAGE_FIELD (task, raw_headers_content).body_start; res = rspamd_mempool_alloc0 (task->task_pool, sizeof (*res)); res->ctx = ctx; res->selector = ctx->selector; res->domain = ctx->domain; res->fail_reason = NULL; res->short_b = ctx->short_b; res->rcode = DKIM_CONTINUE; if (!body_start) { res->rcode = DKIM_ERROR; return res; } if (ctx->common.type != RSPAMD_DKIM_ARC_SEAL) { dlen = EVP_MD_CTX_size (ctx->common.body_hash); cached_bh = rspamd_dkim_check_bh_cached (&ctx->common, task, dlen, FALSE); if (!cached_bh->digest_normal) { /* Start canonization of body part */ if (!rspamd_dkim_canonize_body (&ctx->common, body_start, body_end, FALSE)) { res->rcode = DKIM_RECORD_ERROR; return res; } } } /* Now canonize headers */ for (i = 0; i < ctx->common.hlist->len; i++) { dh = g_ptr_array_index (ctx->common.hlist, i); rspamd_dkim_canonize_header (&ctx->common, task, dh->name, dh->count, NULL, NULL); } /* Canonize dkim signature */ switch (ctx->common.type) { case RSPAMD_DKIM_NORMAL: rspamd_dkim_canonize_header (&ctx->common, task, RSPAMD_DKIM_SIGNHEADER, 0, ctx->dkim_header, ctx->domain); break; case RSPAMD_DKIM_ARC_SIG: rspamd_dkim_canonize_header (&ctx->common, task, RSPAMD_DKIM_ARC_SIGNHEADER, 0, ctx->dkim_header, ctx->domain); break; case RSPAMD_DKIM_ARC_SEAL: rspamd_dkim_canonize_header (&ctx->common, task, RSPAMD_DKIM_ARC_SEALHEADER, 0, ctx->dkim_header, ctx->domain); break; } /* Use cached BH for all but arc seal, if it is not NULL we are not in arc seal mode */ if (cached_bh != NULL) { if (!cached_bh->digest_normal) { /* Copy md_ctx to deal with broken CRLF at the end */ cpy_ctx = EVP_MD_CTX_create (); EVP_MD_CTX_copy (cpy_ctx, ctx->common.body_hash); EVP_DigestFinal_ex (cpy_ctx, raw_digest, NULL); cached_bh->digest_normal = rspamd_mempool_alloc (task->task_pool, sizeof (raw_digest)); memcpy (cached_bh->digest_normal, raw_digest, sizeof (raw_digest)); } /* Check bh field */ if (memcmp (ctx->bh, cached_bh->digest_normal, ctx->bhlen) != 0) { msg_debug_dkim ( "bh value mismatch: %*xs versus %*xs, try add LF; try adding CRLF", (gint)dlen, ctx->bh, (gint)dlen, raw_digest); if (cpy_ctx) { /* Try add CRLF */ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) EVP_MD_CTX_cleanup (cpy_ctx); #else EVP_MD_CTX_reset (cpy_ctx); #endif EVP_MD_CTX_copy (cpy_ctx, ctx->common.body_hash); EVP_DigestUpdate (cpy_ctx, "\r\n", 2); EVP_DigestFinal_ex (cpy_ctx, raw_digest, NULL); cached_bh->digest_crlf = rspamd_mempool_alloc (task->task_pool, sizeof (raw_digest)); memcpy (cached_bh->digest_crlf, raw_digest, sizeof (raw_digest)); if (memcmp (ctx->bh, raw_digest, ctx->bhlen) != 0) { msg_debug_dkim ( "bh value mismatch after added CRLF: %*xs versus %*xs, try add LF", (gint)dlen, ctx->bh, (gint)dlen, raw_digest); /* Try add LF */ #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) EVP_MD_CTX_cleanup (cpy_ctx); #else EVP_MD_CTX_reset (cpy_ctx); #endif EVP_MD_CTX_copy (cpy_ctx, ctx->common.body_hash); EVP_DigestUpdate (cpy_ctx, "\n", 1); EVP_DigestFinal_ex (cpy_ctx, raw_digest, NULL); cached_bh->digest_cr = rspamd_mempool_alloc (task->task_pool, sizeof (raw_digest)); memcpy (cached_bh->digest_cr, raw_digest, sizeof (raw_digest)); if (memcmp (ctx->bh, raw_digest, ctx->bhlen) != 0) { msg_debug_dkim ("bh value mismatch after added LF: %*xs versus %*xs", (gint)dlen, ctx->bh, (gint)dlen, raw_digest); res->fail_reason = "body hash did not verify"; res->rcode = DKIM_REJECT; } } } else if (cached_bh->digest_crlf) { if (memcmp (ctx->bh, cached_bh->digest_crlf, ctx->bhlen) != 0) { msg_debug_dkim ("bh value mismatch after added CRLF: %*xs versus %*xs", (gint)dlen, ctx->bh, (gint)dlen, cached_bh->digest_crlf); if (cached_bh->digest_cr) { if (memcmp (ctx->bh, cached_bh->digest_cr, ctx->bhlen) != 0) { msg_debug_dkim ( "bh value mismatch after added LF: %*xs versus %*xs", (gint)dlen, ctx->bh, (gint)dlen, cached_bh->digest_cr); res->fail_reason = "body hash did not verify"; res->rcode = DKIM_REJECT; } } else { res->fail_reason = "body hash did not verify"; res->rcode = DKIM_REJECT; } } } else { msg_debug_dkim ( "bh value mismatch: %*xs versus %*xs", (gint)dlen, ctx->bh, (gint)dlen, cached_bh->digest_normal); res->fail_reason = "body hash did not verify"; res->rcode = DKIM_REJECT; } } if (cpy_ctx) { #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) EVP_MD_CTX_cleanup (cpy_ctx); #else EVP_MD_CTX_reset (cpy_ctx); #endif EVP_MD_CTX_destroy (cpy_ctx); } if (res->rcode == DKIM_REJECT) { msg_info_dkim ( "%s: bh value mismatch: got %*Bs, expected %*Bs; " "body length %d->%d; d=%s; s=%s", rspamd_dkim_type_to_string (ctx->common.type), (gint)dlen, cached_bh->digest_normal, (gint)dlen, ctx->bh, (gint)(body_end - body_start), ctx->common.body_canonicalised, ctx->domain, ctx->selector); return res; } } dlen = EVP_MD_CTX_size (ctx->common.headers_hash); EVP_DigestFinal_ex (ctx->common.headers_hash, raw_digest, NULL); /* Check headers signature */ if (ctx->sig_alg == DKIM_SIGN_RSASHA1) { nid = NID_sha1; } else if (ctx->sig_alg == DKIM_SIGN_RSASHA256 || ctx->sig_alg == DKIM_SIGN_ECDSASHA256 || ctx->sig_alg == DKIM_SIGN_EDDSASHA256) { nid = NID_sha256; } else if (ctx->sig_alg == DKIM_SIGN_RSASHA512 || ctx->sig_alg == DKIM_SIGN_ECDSASHA512) { nid = NID_sha512; } else { /* Not reached */ nid = NID_sha1; } switch (key->type) { case RSPAMD_DKIM_KEY_RSA: if (RSA_verify (nid, raw_digest, dlen, ctx->b, ctx->blen, key->key.key_rsa) != 1) { msg_debug_dkim ("headers rsa verify failed"); res->rcode = DKIM_REJECT; res->fail_reason = "headers rsa verify failed"; msg_info_dkim ( "%s: headers RSA verification failure; " "body length %d->%d; headers length %d; d=%s; s=%s; key_md5=%*xs; orig header: %s", rspamd_dkim_type_to_string (ctx->common.type), (gint)(body_end - body_start), ctx->common.body_canonicalised, ctx->common.headers_canonicalised, ctx->domain, ctx->selector, RSPAMD_DKIM_KEY_ID_LEN, rspamd_dkim_key_id (key), ctx->dkim_header); } break; case RSPAMD_DKIM_KEY_ECDSA: if (ECDSA_verify (nid, raw_digest, dlen, ctx->b, ctx->blen, key->key.key_ecdsa) != 1) { msg_info_dkim ( "%s: headers ECDSA verification failure; " "body length %d->%d; headers length %d; d=%s; s=%s; key_md5=%*xs; orig header: %s", rspamd_dkim_type_to_string (ctx->common.type), (gint)(body_end - body_start), ctx->common.body_canonicalised, ctx->common.headers_canonicalised, ctx->domain, ctx->selector, RSPAMD_DKIM_KEY_ID_LEN, rspamd_dkim_key_id (key), ctx->dkim_header); msg_debug_dkim ("headers ecdsa verify failed"); res->rcode = DKIM_REJECT; res->fail_reason = "headers ecdsa verify failed"; } break; case RSPAMD_DKIM_KEY_EDDSA: if (!rspamd_cryptobox_verify (ctx->b, ctx->blen, raw_digest, dlen, key->key.key_eddsa, RSPAMD_CRYPTOBOX_MODE_25519)) { msg_info_dkim ( "%s: headers EDDSA verification failure; " "body length %d->%d; headers length %d; d=%s; s=%s; key_md5=%*xs; orig header: %s", rspamd_dkim_type_to_string (ctx->common.type), (gint)(body_end - body_start), ctx->common.body_canonicalised, ctx->common.headers_canonicalised, ctx->domain, ctx->selector, RSPAMD_DKIM_KEY_ID_LEN, rspamd_dkim_key_id (key), ctx->dkim_header); msg_debug_dkim ("headers eddsa verify failed"); res->rcode = DKIM_REJECT; res->fail_reason = "headers eddsa verify failed"; } break; } if (ctx->common.type == RSPAMD_DKIM_ARC_SEAL && res->rcode == DKIM_CONTINUE) { switch (ctx->cv) { case RSPAMD_ARC_INVALID: msg_info_dkim ("arc seal is invalid i=%d", ctx->common.idx); res->rcode = DKIM_PERM_ERROR; res->fail_reason = "arc seal is invalid"; break; case RSPAMD_ARC_FAIL: msg_info_dkim ("arc seal failed i=%d", ctx->common.idx); res->rcode = DKIM_REJECT; res->fail_reason = "arc seal failed"; break; default: break; } } return res; } struct rspamd_dkim_check_result * rspamd_dkim_create_result (rspamd_dkim_context_t *ctx, enum rspamd_dkim_check_rcode rcode, struct rspamd_task *task) { struct rspamd_dkim_check_result *res; res = rspamd_mempool_alloc0 (task->task_pool, sizeof (*res)); res->ctx = ctx; res->selector = ctx->selector; res->domain = ctx->domain; res->fail_reason = NULL; res->short_b = ctx->short_b; res->rcode = rcode; return res; } rspamd_dkim_key_t * rspamd_dkim_key_ref (rspamd_dkim_key_t *k) { REF_RETAIN (k); return k; } void rspamd_dkim_key_unref (rspamd_dkim_key_t *k) { REF_RELEASE (k); } rspamd_dkim_sign_key_t * rspamd_dkim_sign_key_ref (rspamd_dkim_sign_key_t *k) { REF_RETAIN (k); return k; } void rspamd_dkim_sign_key_unref (rspamd_dkim_sign_key_t *k) { REF_RELEASE (k); } const gchar* rspamd_dkim_get_domain (rspamd_dkim_context_t *ctx) { if (ctx) { return ctx->domain; } return NULL; } const gchar* rspamd_dkim_get_selector (rspamd_dkim_context_t *ctx) { if (ctx) { return ctx->selector; } return NULL; } guint rspamd_dkim_key_get_ttl (rspamd_dkim_key_t *k) { if (k) { return k->ttl; } return 0; } const gchar* rspamd_dkim_get_dns_key (rspamd_dkim_context_t *ctx) { if (ctx) { return ctx->dns_key; } return NULL; } #define PEM_SIG "-----BEGIN" rspamd_dkim_sign_key_t* rspamd_dkim_sign_key_load (const gchar *key, gsize len, enum rspamd_dkim_key_format type, GError **err) { guchar *map = NULL, *tmp = NULL; gsize maplen; rspamd_dkim_sign_key_t *nkey; time_t mtime = time (NULL); if (type < 0 || type > RSPAMD_DKIM_KEY_UNKNOWN || len == 0 || key == NULL) { g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL, "invalid key type to load: %d", type); return NULL; } nkey = g_malloc0 (sizeof (*nkey)); nkey->mtime = mtime; msg_debug_dkim_taskless ("got public key with length %z and type %d", len, type); /* Load key file if needed */ if (type == RSPAMD_DKIM_KEY_FILE) { struct stat st; if (stat (key, &st) != 0) { g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL, "cannot stat key file: '%s' %s", key, strerror (errno)); g_free (nkey); return NULL; } nkey->mtime = st.st_mtime; map = rspamd_file_xmap (key, PROT_READ, &maplen, TRUE); if (map == NULL) { g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL, "cannot map key file: '%s' %s", key, strerror (errno)); g_free (nkey); return NULL; } key = map; len = maplen; if (maplen > sizeof (PEM_SIG) && strncmp (map, PEM_SIG, sizeof (PEM_SIG) - 1) == 0) { type = RSPAMD_DKIM_KEY_PEM; } else if (rspamd_cryptobox_base64_is_valid (map, maplen)) { type = RSPAMD_DKIM_KEY_BASE64; } else { type = RSPAMD_DKIM_KEY_RAW; } } if (type == RSPAMD_DKIM_KEY_UNKNOWN) { if (len > sizeof (PEM_SIG) && memcmp (key, PEM_SIG, sizeof (PEM_SIG) - 1) == 0) { type = RSPAMD_DKIM_KEY_PEM; } else { type = RSPAMD_DKIM_KEY_RAW; } } if (type == RSPAMD_DKIM_KEY_BASE64) { type = RSPAMD_DKIM_KEY_RAW; tmp = g_malloc (len); rspamd_cryptobox_base64_decode (key, len, tmp, &len); key = tmp; } if (type == RSPAMD_DKIM_KEY_RAW && (len == 32 || len == rspamd_cryptobox_sk_sig_bytes (RSPAMD_CRYPTOBOX_MODE_25519))) { if (len == 32) { /* Seeded key, need scalarmult */ unsigned char pk[32]; nkey->type = RSPAMD_DKIM_KEY_EDDSA; nkey->key.key_eddsa = g_malloc ( rspamd_cryptobox_sk_sig_bytes (RSPAMD_CRYPTOBOX_MODE_25519)); crypto_sign_ed25519_seed_keypair (pk, nkey->key.key_eddsa, key); nkey->keylen = rspamd_cryptobox_sk_sig_bytes (RSPAMD_CRYPTOBOX_MODE_25519); } else { /* Full ed25519 key */ unsigned klen = rspamd_cryptobox_sk_sig_bytes (RSPAMD_CRYPTOBOX_MODE_25519); nkey->type = RSPAMD_DKIM_KEY_EDDSA; nkey->key.key_eddsa = g_malloc (klen); memcpy (nkey->key.key_eddsa, key, klen); nkey->keylen = klen; } } else { nkey->key_bio = BIO_new_mem_buf (key, len); if (type == RSPAMD_DKIM_KEY_RAW) { if (d2i_PrivateKey_bio (nkey->key_bio, &nkey->key_evp) == NULL) { g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL, "cannot parse raw private key: %s", ERR_error_string (ERR_get_error (), NULL)); rspamd_dkim_sign_key_free (nkey); nkey = NULL; goto end; } } else { if (!PEM_read_bio_PrivateKey (nkey->key_bio, &nkey->key_evp, NULL, NULL)) { g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL, "cannot parse pem private key: %s", ERR_error_string (ERR_get_error (), NULL)); rspamd_dkim_sign_key_free (nkey); nkey = NULL; goto end; } } nkey->key.key_rsa = EVP_PKEY_get1_RSA (nkey->key_evp); if (nkey->key.key_rsa == NULL) { g_set_error (err, DKIM_ERROR, DKIM_SIGERROR_KEYFAIL, "cannot extract rsa key from evp key"); rspamd_dkim_sign_key_free (nkey); nkey = NULL; goto end; } nkey->type = RSPAMD_DKIM_KEY_RSA; } REF_INIT_RETAIN (nkey, rspamd_dkim_sign_key_free); end: if (map != NULL) { munmap (map, maplen); } if (tmp != NULL) { rspamd_explicit_memzero (tmp, len); g_free (tmp); } return nkey; } #undef PEM_SIG gboolean rspamd_dkim_sign_key_maybe_invalidate (rspamd_dkim_sign_key_t *key, time_t mtime) { if (mtime > key->mtime) { return TRUE; } return FALSE; } rspamd_dkim_sign_context_t * rspamd_create_dkim_sign_context (struct rspamd_task *task, rspamd_dkim_sign_key_t *priv_key, gint headers_canon, gint body_canon, const gchar *headers, enum rspamd_dkim_type type, GError **err) { rspamd_dkim_sign_context_t *nctx; if (headers_canon != DKIM_CANON_SIMPLE && headers_canon != DKIM_CANON_RELAXED) { g_set_error (err, DKIM_ERROR, DKIM_SIGERROR_INVALID_HC, "bad headers canonicalisation"); return NULL; } if (body_canon != DKIM_CANON_SIMPLE && body_canon != DKIM_CANON_RELAXED) { g_set_error (err, DKIM_ERROR, DKIM_SIGERROR_INVALID_BC, "bad body canonicalisation"); return NULL; } if (!priv_key || (!priv_key->key.key_rsa && !priv_key->key.key_eddsa)) { g_set_error (err, DKIM_ERROR, DKIM_SIGERROR_KEYFAIL, "bad key to sign"); return NULL; } nctx = rspamd_mempool_alloc0 (task->task_pool, sizeof (*nctx)); nctx->common.pool = task->task_pool; nctx->common.header_canon_type = headers_canon; nctx->common.body_canon_type = body_canon; nctx->common.type = type; nctx->common.is_sign = TRUE; if (type != RSPAMD_DKIM_ARC_SEAL) { if (!rspamd_dkim_parse_hdrlist_common (&nctx->common, headers, strlen (headers), TRUE, err)) { return NULL; } } else { rspamd_dkim_add_arc_seal_headers (task->task_pool, &nctx->common); } nctx->key = rspamd_dkim_sign_key_ref (priv_key); rspamd_mempool_add_destructor (task->task_pool, (rspamd_mempool_destruct_t)rspamd_dkim_sign_key_unref, priv_key); #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) nctx->common.body_hash = EVP_MD_CTX_create (); EVP_DigestInit_ex (nctx->common.body_hash, EVP_sha256 (), NULL); nctx->common.headers_hash = EVP_MD_CTX_create (); EVP_DigestInit_ex (nctx->common.headers_hash, EVP_sha256 (), NULL); rspamd_mempool_add_destructor (task->task_pool, (rspamd_mempool_destruct_t)EVP_MD_CTX_destroy, nctx->common.body_hash); rspamd_mempool_add_destructor (task->task_pool, (rspamd_mempool_destruct_t)EVP_MD_CTX_destroy, nctx->common.headers_hash); #else nctx->common.body_hash = EVP_MD_CTX_new (); EVP_DigestInit_ex (nctx->common.body_hash, EVP_sha256 (), NULL); nctx->common.headers_hash = EVP_MD_CTX_new (); EVP_DigestInit_ex (nctx->common.headers_hash, EVP_sha256 (), NULL); rspamd_mempool_add_destructor (task->task_pool, (rspamd_mempool_destruct_t)EVP_MD_CTX_free, nctx->common.body_hash); rspamd_mempool_add_destructor (task->task_pool, (rspamd_mempool_destruct_t)EVP_MD_CTX_free, nctx->common.headers_hash); #endif return nctx; } GString * rspamd_dkim_sign (struct rspamd_task *task, const gchar *selector, const gchar *domain, time_t expire, gsize len, guint idx, const gchar *arc_cv, rspamd_dkim_sign_context_t *ctx) { GString *hdr; struct rspamd_dkim_header *dh; const gchar *body_end, *body_start, *hname; guchar raw_digest[EVP_MAX_MD_SIZE]; struct rspamd_dkim_cached_hash *cached_bh = NULL; gsize dlen = 0; guint i, j; gchar *b64_data; guchar *sig_buf; guint sig_len; guint headers_len = 0, cur_len = 0; union rspamd_dkim_header_stat hstat; g_assert (ctx != NULL); /* First of all find place of body */ body_end = task->msg.begin + task->msg.len; body_start = MESSAGE_FIELD (task, raw_headers_content).body_start; if (len > 0) { ctx->common.len = len; } if (!body_start) { return NULL; } /* Start canonization of body part */ if (ctx->common.type != RSPAMD_DKIM_ARC_SEAL) { dlen = EVP_MD_CTX_size (ctx->common.body_hash); cached_bh = rspamd_dkim_check_bh_cached (&ctx->common, task, dlen, TRUE); if (!cached_bh->digest_normal) { /* Start canonization of body part */ if (!rspamd_dkim_canonize_body (&ctx->common, body_start, body_end, TRUE)) { return NULL; } } } hdr = g_string_sized_new (255); if (ctx->common.type == RSPAMD_DKIM_NORMAL) { rspamd_printf_gstring (hdr, "v=1; a=%s; c=%s/%s; d=%s; s=%s; ", ctx->key->type == RSPAMD_DKIM_KEY_RSA ? "rsa-sha256" : "ed25519-sha256", ctx->common.header_canon_type == DKIM_CANON_RELAXED ? "relaxed" : "simple", ctx->common.body_canon_type == DKIM_CANON_RELAXED ? "relaxed" : "simple", domain, selector); } else if (ctx->common.type == RSPAMD_DKIM_ARC_SIG) { rspamd_printf_gstring (hdr, "i=%d; a=%s; c=%s/%s; d=%s; s=%s; ", idx, ctx->key->type == RSPAMD_DKIM_KEY_RSA ? "rsa-sha256" : "ed25519-sha256", ctx->common.header_canon_type == DKIM_CANON_RELAXED ? "relaxed" : "simple", ctx->common.body_canon_type == DKIM_CANON_RELAXED ? "relaxed" : "simple", domain, selector); } else { g_assert (arc_cv != NULL); rspamd_printf_gstring (hdr, "i=%d; a=%s; d=%s; s=%s; cv=%s; ", idx, ctx->key->type == RSPAMD_DKIM_KEY_RSA ? "rsa-sha256" : "ed25519-sha256", domain, selector, arc_cv); } if (expire > 0) { rspamd_printf_gstring (hdr, "x=%t; ", expire); } if (ctx->common.type != RSPAMD_DKIM_ARC_SEAL) { if (len > 0) { rspamd_printf_gstring (hdr, "l=%z; ", len); } } rspamd_printf_gstring (hdr, "t=%t; h=", time (NULL)); /* Now canonize headers */ for (i = 0; i < ctx->common.hlist->len; i++) { struct rspamd_mime_header *rh, *cur; dh = g_ptr_array_index (ctx->common.hlist, i); /* We allow oversigning if dh->count > number of headers with this name */ hstat.n = GPOINTER_TO_UINT (g_hash_table_lookup (ctx->common.htable, dh->name)); if (hstat.s.flags & RSPAMD_DKIM_FLAG_OVERSIGN) { /* Do oversigning */ guint count = 0; rh = rspamd_message_get_header_array(task, dh->name, FALSE); if (rh) { DL_FOREACH (rh, cur) { /* Sign all existing headers */ rspamd_dkim_canonize_header (&ctx->common, task, dh->name, count, NULL, NULL); count++; } } /* Now add one more entry to oversign */ if (count > 0 || !(hstat.s.flags & RSPAMD_DKIM_FLAG_OVERSIGN_EXISTING)) { cur_len = (strlen (dh->name) + 1) * (count + 1); headers_len += cur_len; if (headers_len > 70 && i > 0 && i < ctx->common.hlist->len - 1) { rspamd_printf_gstring (hdr, " "); headers_len = cur_len; } for (j = 0; j < count + 1; j++) { rspamd_printf_gstring (hdr, "%s:", dh->name); } } } else { rh = rspamd_message_get_header_array(task, dh->name, FALSE); if (rh) { if (hstat.s.count > 0) { cur_len = (strlen (dh->name) + 1) * (hstat.s.count); headers_len += cur_len; if (headers_len > 70 && i > 0 && i < ctx->common.hlist->len - 1) { rspamd_printf_gstring (hdr, " "); headers_len = cur_len; } for (j = 0; j < hstat.s.count; j++) { rspamd_printf_gstring (hdr, "%s:", dh->name); } } rspamd_dkim_canonize_header (&ctx->common, task, dh->name, dh->count, NULL, NULL); } } g_hash_table_remove (ctx->common.htable, dh->name); } /* Replace the last ':' with ';' */ hdr->str[hdr->len - 1] = ';'; if (ctx->common.type != RSPAMD_DKIM_ARC_SEAL) { if (!cached_bh->digest_normal) { EVP_DigestFinal_ex (ctx->common.body_hash, raw_digest, NULL); cached_bh->digest_normal = rspamd_mempool_alloc (task->task_pool, sizeof (raw_digest)); memcpy (cached_bh->digest_normal, raw_digest, sizeof (raw_digest)); } b64_data = rspamd_encode_base64 (cached_bh->digest_normal, dlen, 0, NULL); rspamd_printf_gstring (hdr, " bh=%s; b=", b64_data); g_free (b64_data); } else { rspamd_printf_gstring (hdr, " b="); } switch (ctx->common.type) { case RSPAMD_DKIM_NORMAL: default: hname = RSPAMD_DKIM_SIGNHEADER; break; case RSPAMD_DKIM_ARC_SIG: hname = RSPAMD_DKIM_ARC_SIGNHEADER; break; case RSPAMD_DKIM_ARC_SEAL: hname = RSPAMD_DKIM_ARC_SEALHEADER; break; } if (ctx->common.header_canon_type == DKIM_CANON_RELAXED) { if (!rspamd_dkim_canonize_header_relaxed (&ctx->common, hdr->str, hname, TRUE, 0, ctx->common.type == RSPAMD_DKIM_ARC_SEAL)) { g_string_free (hdr, TRUE); return NULL; } } else { /* Will likely have issues with folding */ rspamd_dkim_hash_update (ctx->common.headers_hash, hdr->str, hdr->len); ctx->common.headers_canonicalised += hdr->len; msg_debug_task ("update signature with header: %*s", (gint)hdr->len, hdr->str); } dlen = EVP_MD_CTX_size (ctx->common.headers_hash); EVP_DigestFinal_ex (ctx->common.headers_hash, raw_digest, NULL); if (ctx->key->type == RSPAMD_DKIM_KEY_RSA) { sig_len = RSA_size (ctx->key->key.key_rsa); sig_buf = g_alloca (sig_len); if (RSA_sign (NID_sha256, raw_digest, dlen, sig_buf, &sig_len, ctx->key->key.key_rsa) != 1) { g_string_free (hdr, TRUE); msg_err_task ("rsa sign error: %s", ERR_error_string (ERR_get_error (), NULL)); return NULL; } } else if (ctx->key->type == RSPAMD_DKIM_KEY_EDDSA) { sig_len = rspamd_cryptobox_signature_bytes (RSPAMD_CRYPTOBOX_MODE_25519); sig_buf = g_alloca (sig_len); rspamd_cryptobox_sign (sig_buf, NULL, raw_digest, dlen, ctx->key->key.key_eddsa, RSPAMD_CRYPTOBOX_MODE_25519); } else { g_string_free (hdr, TRUE); msg_err_task ("unsupported key type for signing"); return NULL; } if (task->protocol_flags & RSPAMD_TASK_PROTOCOL_FLAG_MILTER) { b64_data = rspamd_encode_base64_fold (sig_buf, sig_len, 70, NULL, RSPAMD_TASK_NEWLINES_LF); } else { b64_data = rspamd_encode_base64_fold (sig_buf, sig_len, 70, NULL, MESSAGE_FIELD (task, nlines_type)); } rspamd_printf_gstring (hdr, "%s", b64_data); g_free (b64_data); return hdr; } gboolean rspamd_dkim_match_keys (rspamd_dkim_key_t *pk, rspamd_dkim_sign_key_t *sk, GError **err) { if (pk == NULL || sk == NULL) { g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL, "missing public or private key"); return FALSE; } if (pk->type != sk->type) { g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYFAIL, "public and private key types do not match"); return FALSE; } if (pk->type == RSPAMD_DKIM_KEY_EDDSA) { if (memcmp(sk->key.key_eddsa + 32, pk->key.key_eddsa, 32) != 0) { g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYHASHMISMATCH, "pubkey does not match private key"); return FALSE; } } else if (EVP_PKEY_cmp (pk->key_evp, sk->key_evp) != 1) { g_set_error (err, dkim_error_quark (), DKIM_SIGERROR_KEYHASHMISMATCH, "pubkey does not match private key"); return FALSE; } return TRUE; }