summaryrefslogtreecommitdiff
path: root/src/dkimsign.cpp
diff options
context:
space:
mode:
authorJannis Hoffmann <jannis@fehcom.de>2024-07-03 19:03:11 +0200
committerJannis Hoffmann <jannis@fehcom.de>2024-07-03 19:03:11 +0200
commit20b85c03e751b4876fa3c92040464e483172b746 (patch)
tree734fadbfdbc143ec4465093857f4c239448715e0 /src/dkimsign.cpp
parenta6a7d6ce079cabdaf2fa502b2e2cf15e5428ac6f (diff)
manual format adjustment
Diffstat (limited to 'src/dkimsign.cpp')
-rw-r--r--src/dkimsign.cpp105
1 files changed, 37 insertions, 68 deletions
diff --git a/src/dkimsign.cpp b/src/dkimsign.cpp
index 8be3fc6..fbdc001 100644
--- a/src/dkimsign.cpp
+++ b/src/dkimsign.cpp
@@ -20,11 +20,6 @@
*
*****************************************************************************/
-#define _strnicmp strncasecmp
-#define _stricmp strcasecmp
-#define LOWORD(l) ((unsigned)(l) & 0xffff)
-#define HIWORD(l) ((unsigned)(l) >> 16)
-
#include "dkimsign.h"
#include <string.h>
@@ -33,6 +28,11 @@
#include "dkim.h"
+#define _strnicmp strncasecmp
+#define _stricmp strcasecmp
+#define LOWORD(l) ((unsigned)(l) & 0xffff)
+#define HIWORD(l) ((unsigned)(l) >> 16)
+
/*****************************************************************************
*
* Generating Ed25519 signed message:
@@ -52,16 +52,16 @@
* 3. Public keys
* The 'public keys' need to be deployed in the DNS:
* - The RSA public key is DER-header enriched base64-encoded; thus is 9 byte larger
-* than the 'naked' public key, which size depends on the given parameters.
+* than the 'naked' public key, which size depends on the given parameters.
* - The Ed25519 public key is also base64-encoded with a constant length of 60 byte.
*
-* 4. DKIM message preparation scheme
+* 4. DKIM message preparation scheme
* According to RFC 6376 Sec. 3.7, we have a conducted hash for
-* - the previously available headers in the message;
+* - the previously available headers in the message;
* selected and given in order by h=...,
* - any existing DKIM signature fields b=...,
* - except for previous added 'X-Authentication ...' header fields,
-* - and all (new) synthezised DKIM header tokens; except of course for the
+* - and all (new) synthezised DKIM header tokens; except of course for the
* signature itself - treated as 'null string': b="".
* All this is subject of canonicalization (adding/removing CRLF, whitespaces ...).
+ As a result, the input for further calculations depends on this order given.
@@ -75,13 +75,13 @@
* 5. Generating (ECC) signatures
* According to RFC 8032 Sect 4., we have two possible Ed25519 signature schemes:
*
-* a) PureEd25519, as a one shot signature calculation swallowing the
+* a) PureEd25519, as a one shot signature calculation swallowing the
* complete message and employing a shortened SHA-512 hash input.
-* b) HashEd25519 working again in 'streaming mode' and permitting a choice
+* b) HashEd25519 working again in 'streaming mode' and permitting a choice
* for the hash function - which is in RFC 8463 - defined to be SHA-256.
*
* RFC 8463 in Sect 3 is a bit ambiguous about the signing function:
-* Ed25519-256 vs. PureEd25519.
+* Ed25519-256 vs. PureEd25519.
* In fact (after consulting John Levine), it is PureEd25519.
*
* In order to allow parallel RSA/Ed25519 processing, we need to generate:
@@ -98,7 +98,7 @@
* having a length of 512 bits => 64 bytes.
*
* 6. Hybrid signatures (RSA and Ed25519)
-* They involve
+* They involve
* m_Hdr_sha256ctx => Used for RSA signatures
* m_Hdr_ed25519ctx => PureED25519 signature
* m_Bdy_sha256ctx => SHA256 digest of the message (BodyHash) for RSA
@@ -110,10 +110,10 @@
*
* ------
*
-* The particular function and variable names chosen here do not obviously match
-* what they are intended to do. However, in order to keep traceablility of the
+* The particular function and variable names chosen here do not obviously match
+* what they are intended to do. However, in order to keep traceablility of the
* changes, I left those untouched.
-*
+*
*****************************************************************************/
CDKIMSign::CDKIMSign()
@@ -218,7 +218,7 @@ int CDKIMSign::Init(DKIMSignOptions *pOptions)
m_sCopiedHeaders.erase();
// Initializes ED25519 header fields SigHdrs
-#if ((OPENSSL_VERSION_NUMBER > 0x10101000L))
+#if (OPENSSL_VERSION_NUMBER > 0x10101000L)
SigHdrs.assign("");
m_SigHdrs = 0;
#endif
@@ -350,12 +350,8 @@ bool ConvertHeaderToQuotedPrintable(const char *source, char *dest)
void CDKIMSign::GetHeaderParams(const string& sHdr)
{
if (_strnicmp(sHdr.c_str(), "X", 1) == 0) return;
- if (_strnicmp(sHdr.c_str(), "From:", 5) == 0) {
- sFrom.assign(sHdr.c_str() + 5);
- }
- if (_strnicmp(sHdr.c_str(), "Sender:", 7) == 0) {
- sSender.assign(sHdr.c_str() + 7);
- }
+ if (_strnicmp(sHdr.c_str(), "From:", 5) == 0) sFrom.assign(sHdr.c_str() + 5);
+ if (_strnicmp(sHdr.c_str(), "Sender:", 7) == 0) sSender.assign(sHdr.c_str() + 7);
if (m_nIncludeCopiedHeaders) {
string::size_type pos = sHdr.find(':');
@@ -368,9 +364,7 @@ void CDKIMSign::GetHeaderParams(const string& sHdr)
sValue.assign(sHdr.substr(pos + 1, string::npos));
ConvertHeaderToQuotedPrintable(sTag.c_str(), workBuffer);
- if (!m_sCopiedHeaders.empty()) {
- m_sCopiedHeaders.append("|");
- }
+ if (!m_sCopiedHeaders.empty()) m_sCopiedHeaders.append("|");
m_sCopiedHeaders.append(workBuffer);
m_sCopiedHeaders.append(":");
ConvertHeaderToQuotedPrintable(sValue.c_str(), workBuffer);
@@ -546,8 +540,9 @@ int CDKIMSign::ProcessBody(char *szBuffer, int nBufLength, bool bEOF)
Hash("\r\n", 2, false);
m_nBodyLength += 2;
}
- } else
+ } else {
m_EmptyLineCount++;
+ }
break;
}
@@ -695,9 +690,7 @@ void CDKIMSign::AddFoldedValueToSig(const string& sValue, char cbrk)
if (brkpos == string::npos || brkpos < pos) {
brkpos = sValue.find(cbrk, pos);
- if (brkpos == string::npos) {
- brkpos = sValue.size();
- }
+ if (brkpos == string::npos) brkpos = sValue.size();
}
len = brkpos - pos + 1;
@@ -723,13 +716,9 @@ void CDKIMSign::AddFoldedValueToSig(const string& sValue, char cbrk)
////////////////////////////////////////////////////////////////////////////////
int CDKIMSign::GetSig2(char *szRSAKey, char *szECCKey, char **pszSignature)
{
- if (szRSAKey == NULL && szECCKey == NULL) {
- return DKIM_BAD_PRIVATE_KEY;
- }
+ if (szRSAKey == NULL && szECCKey == NULL) return DKIM_BAD_PRIVATE_KEY;
- if (pszSignature == NULL) {
- return DKIM_BUFFER_TOO_SMALL;
- }
+ if (pszSignature == NULL) return DKIM_BUFFER_TOO_SMALL;
int nRet = AssembleReturnedSig(szRSAKey, szECCKey);
@@ -815,28 +804,18 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg)
AddTagToSig("s", eSelector, 0, false);
else
AddTagToSig("s", sSelector, 0, false);
- if (m_IncludeBodyLengthTag) {
- AddTagToSig("l", m_nBodyLength);
- }
+ if (m_IncludeBodyLengthTag) AddTagToSig("l", m_nBodyLength);
if (m_nIncludeTimeStamp != 0) {
time_t t;
time(&t);
AddTagToSig("t", t);
}
- if (m_ExpireTime != 0) {
- AddTagToSig("x", m_ExpireTime);
- }
- if (!sIdentity.empty()) {
- AddTagToSig("i", sIdentity, 0, false);
- }
- if (m_nIncludeQueryMethod) {
- AddTagToSig("q", "dns/txt", 0, false);
- }
+ if (m_ExpireTime != 0) AddTagToSig("x", m_ExpireTime);
+ if (!sIdentity.empty()) AddTagToSig("i", sIdentity, 0, false);
+ if (m_nIncludeQueryMethod) AddTagToSig("q", "dns/txt", 0, false);
AddTagToSig("h", hParam, ':', true); // copied headers follow the ':'
- if (m_nIncludeCopiedHeaders) {
- AddTagToSig("z", m_sCopiedHeaders, 0, true);
- }
+ if (m_nIncludeCopiedHeaders) AddTagToSig("z", m_sCopiedHeaders, 0, true);
/* Set up context for (body) hash */
@@ -962,9 +941,7 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg)
pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL); // FIXME - done
BIO_free(bio);
- if (!pkey) {
- return DKIM_BAD_PRIVATE_KEY;
- }
+ if (!pkey) return DKIM_BAD_PRIVATE_KEY;
siglen = EVP_PKEY_size(pkey);
sig = (unsigned char *)OPENSSL_malloc(siglen);
@@ -1018,9 +995,7 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg)
}
bio = BIO_new(BIO_s_mem());
- if (!bio) {
- return DKIM_OUT_OF_MEMORY;
- }
+ if (!bio) return DKIM_OUT_OF_MEMORY;
b64 = BIO_new(BIO_f_base64());
if (!b64) {
@@ -1078,9 +1053,7 @@ int CDKIMSign::AssembleReturnedSig(char *szRSAKey, char *szECCKey)
ProcessFinal();
- if (ParseFromAddress() == false) {
- return DKIM_NO_SENDER;
- }
+ if (ParseFromAddress() == false) return DKIM_NO_SENDER;
string ed25519Sig, sha256Sig, sha1Sig;
@@ -1113,8 +1086,8 @@ int CDKIMSign::AssembleReturnedSig(char *szRSAKey, char *szECCKey)
}
}
- // fclose(fpdebug);
- // fpdebug = NULL;
+ // fclose(fpdebug);
+ // fpdebug = NULL;
if (!ed25519Sig.empty()) {
/* if (!m_sReturnedSig.empty()) {
@@ -1125,16 +1098,12 @@ int CDKIMSign::AssembleReturnedSig(char *szRSAKey, char *szECCKey)
}
if (!sha1Sig.empty()) {
- if (!m_sReturnedSig.empty()) {
- m_sReturnedSig.append("\r\n");
- }
+ if (!m_sReturnedSig.empty()) m_sReturnedSig.append("\r\n");
m_sReturnedSig.append(sha1Sig);
}
if (!sha256Sig.empty()) {
- if (!m_sReturnedSig.empty()) {
- m_sReturnedSig.append("\r\n");
- }
+ if (!m_sReturnedSig.empty()) m_sReturnedSig.append("\r\n");
m_sReturnedSig.append(sha256Sig);
}