From 20b85c03e751b4876fa3c92040464e483172b746 Mon Sep 17 00:00:00 2001 From: Jannis Hoffmann Date: Wed, 3 Jul 2024 19:03:11 +0200 Subject: manual format adjustment --- src/dkimsign.cpp | 105 ++++++++++++++++++++----------------------------------- 1 file changed, 37 insertions(+), 68 deletions(-) (limited to 'src/dkimsign.cpp') diff --git a/src/dkimsign.cpp b/src/dkimsign.cpp index 8be3fc6..fbdc001 100644 --- a/src/dkimsign.cpp +++ b/src/dkimsign.cpp @@ -20,11 +20,6 @@ * *****************************************************************************/ -#define _strnicmp strncasecmp -#define _stricmp strcasecmp -#define LOWORD(l) ((unsigned)(l) & 0xffff) -#define HIWORD(l) ((unsigned)(l) >> 16) - #include "dkimsign.h" #include @@ -33,6 +28,11 @@ #include "dkim.h" +#define _strnicmp strncasecmp +#define _stricmp strcasecmp +#define LOWORD(l) ((unsigned)(l) & 0xffff) +#define HIWORD(l) ((unsigned)(l) >> 16) + /***************************************************************************** * * Generating Ed25519 signed message: @@ -52,16 +52,16 @@ * 3. Public keys * The 'public keys' need to be deployed in the DNS: * - The RSA public key is DER-header enriched base64-encoded; thus is 9 byte larger -* than the 'naked' public key, which size depends on the given parameters. +* than the 'naked' public key, which size depends on the given parameters. * - The Ed25519 public key is also base64-encoded with a constant length of 60 byte. * -* 4. DKIM message preparation scheme +* 4. DKIM message preparation scheme * According to RFC 6376 Sec. 3.7, we have a conducted hash for -* - the previously available headers in the message; +* - the previously available headers in the message; * selected and given in order by h=..., * - any existing DKIM signature fields b=..., * - except for previous added 'X-Authentication ...' header fields, -* - and all (new) synthezised DKIM header tokens; except of course for the +* - and all (new) synthezised DKIM header tokens; except of course for the * signature itself - treated as 'null string': b="". * All this is subject of canonicalization (adding/removing CRLF, whitespaces ...). + As a result, the input for further calculations depends on this order given. @@ -75,13 +75,13 @@ * 5. Generating (ECC) signatures * According to RFC 8032 Sect 4., we have two possible Ed25519 signature schemes: * -* a) PureEd25519, as a one shot signature calculation swallowing the +* a) PureEd25519, as a one shot signature calculation swallowing the * complete message and employing a shortened SHA-512 hash input. -* b) HashEd25519 working again in 'streaming mode' and permitting a choice +* b) HashEd25519 working again in 'streaming mode' and permitting a choice * for the hash function - which is in RFC 8463 - defined to be SHA-256. * * RFC 8463 in Sect 3 is a bit ambiguous about the signing function: -* Ed25519-256 vs. PureEd25519. +* Ed25519-256 vs. PureEd25519. * In fact (after consulting John Levine), it is PureEd25519. * * In order to allow parallel RSA/Ed25519 processing, we need to generate: @@ -98,7 +98,7 @@ * having a length of 512 bits => 64 bytes. * * 6. Hybrid signatures (RSA and Ed25519) -* They involve +* They involve * m_Hdr_sha256ctx => Used for RSA signatures * m_Hdr_ed25519ctx => PureED25519 signature * m_Bdy_sha256ctx => SHA256 digest of the message (BodyHash) for RSA @@ -110,10 +110,10 @@ * * ------ * -* The particular function and variable names chosen here do not obviously match -* what they are intended to do. However, in order to keep traceablility of the +* The particular function and variable names chosen here do not obviously match +* what they are intended to do. However, in order to keep traceablility of the * changes, I left those untouched. -* +* *****************************************************************************/ CDKIMSign::CDKIMSign() @@ -218,7 +218,7 @@ int CDKIMSign::Init(DKIMSignOptions *pOptions) m_sCopiedHeaders.erase(); // Initializes ED25519 header fields SigHdrs -#if ((OPENSSL_VERSION_NUMBER > 0x10101000L)) +#if (OPENSSL_VERSION_NUMBER > 0x10101000L) SigHdrs.assign(""); m_SigHdrs = 0; #endif @@ -350,12 +350,8 @@ bool ConvertHeaderToQuotedPrintable(const char *source, char *dest) void CDKIMSign::GetHeaderParams(const string& sHdr) { if (_strnicmp(sHdr.c_str(), "X", 1) == 0) return; - if (_strnicmp(sHdr.c_str(), "From:", 5) == 0) { - sFrom.assign(sHdr.c_str() + 5); - } - if (_strnicmp(sHdr.c_str(), "Sender:", 7) == 0) { - sSender.assign(sHdr.c_str() + 7); - } + if (_strnicmp(sHdr.c_str(), "From:", 5) == 0) sFrom.assign(sHdr.c_str() + 5); + if (_strnicmp(sHdr.c_str(), "Sender:", 7) == 0) sSender.assign(sHdr.c_str() + 7); if (m_nIncludeCopiedHeaders) { string::size_type pos = sHdr.find(':'); @@ -368,9 +364,7 @@ void CDKIMSign::GetHeaderParams(const string& sHdr) sValue.assign(sHdr.substr(pos + 1, string::npos)); ConvertHeaderToQuotedPrintable(sTag.c_str(), workBuffer); - if (!m_sCopiedHeaders.empty()) { - m_sCopiedHeaders.append("|"); - } + if (!m_sCopiedHeaders.empty()) m_sCopiedHeaders.append("|"); m_sCopiedHeaders.append(workBuffer); m_sCopiedHeaders.append(":"); ConvertHeaderToQuotedPrintable(sValue.c_str(), workBuffer); @@ -546,8 +540,9 @@ int CDKIMSign::ProcessBody(char *szBuffer, int nBufLength, bool bEOF) Hash("\r\n", 2, false); m_nBodyLength += 2; } - } else + } else { m_EmptyLineCount++; + } break; } @@ -695,9 +690,7 @@ void CDKIMSign::AddFoldedValueToSig(const string& sValue, char cbrk) if (brkpos == string::npos || brkpos < pos) { brkpos = sValue.find(cbrk, pos); - if (brkpos == string::npos) { - brkpos = sValue.size(); - } + if (brkpos == string::npos) brkpos = sValue.size(); } len = brkpos - pos + 1; @@ -723,13 +716,9 @@ void CDKIMSign::AddFoldedValueToSig(const string& sValue, char cbrk) //////////////////////////////////////////////////////////////////////////////// int CDKIMSign::GetSig2(char *szRSAKey, char *szECCKey, char **pszSignature) { - if (szRSAKey == NULL && szECCKey == NULL) { - return DKIM_BAD_PRIVATE_KEY; - } + if (szRSAKey == NULL && szECCKey == NULL) return DKIM_BAD_PRIVATE_KEY; - if (pszSignature == NULL) { - return DKIM_BUFFER_TOO_SMALL; - } + if (pszSignature == NULL) return DKIM_BUFFER_TOO_SMALL; int nRet = AssembleReturnedSig(szRSAKey, szECCKey); @@ -815,28 +804,18 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg) AddTagToSig("s", eSelector, 0, false); else AddTagToSig("s", sSelector, 0, false); - if (m_IncludeBodyLengthTag) { - AddTagToSig("l", m_nBodyLength); - } + if (m_IncludeBodyLengthTag) AddTagToSig("l", m_nBodyLength); if (m_nIncludeTimeStamp != 0) { time_t t; time(&t); AddTagToSig("t", t); } - if (m_ExpireTime != 0) { - AddTagToSig("x", m_ExpireTime); - } - if (!sIdentity.empty()) { - AddTagToSig("i", sIdentity, 0, false); - } - if (m_nIncludeQueryMethod) { - AddTagToSig("q", "dns/txt", 0, false); - } + if (m_ExpireTime != 0) AddTagToSig("x", m_ExpireTime); + if (!sIdentity.empty()) AddTagToSig("i", sIdentity, 0, false); + if (m_nIncludeQueryMethod) AddTagToSig("q", "dns/txt", 0, false); AddTagToSig("h", hParam, ':', true); // copied headers follow the ':' - if (m_nIncludeCopiedHeaders) { - AddTagToSig("z", m_sCopiedHeaders, 0, true); - } + if (m_nIncludeCopiedHeaders) AddTagToSig("z", m_sCopiedHeaders, 0, true); /* Set up context for (body) hash */ @@ -962,9 +941,7 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg) pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL); // FIXME - done BIO_free(bio); - if (!pkey) { - return DKIM_BAD_PRIVATE_KEY; - } + if (!pkey) return DKIM_BAD_PRIVATE_KEY; siglen = EVP_PKEY_size(pkey); sig = (unsigned char *)OPENSSL_malloc(siglen); @@ -1018,9 +995,7 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg) } bio = BIO_new(BIO_s_mem()); - if (!bio) { - return DKIM_OUT_OF_MEMORY; - } + if (!bio) return DKIM_OUT_OF_MEMORY; b64 = BIO_new(BIO_f_base64()); if (!b64) { @@ -1078,9 +1053,7 @@ int CDKIMSign::AssembleReturnedSig(char *szRSAKey, char *szECCKey) ProcessFinal(); - if (ParseFromAddress() == false) { - return DKIM_NO_SENDER; - } + if (ParseFromAddress() == false) return DKIM_NO_SENDER; string ed25519Sig, sha256Sig, sha1Sig; @@ -1113,8 +1086,8 @@ int CDKIMSign::AssembleReturnedSig(char *szRSAKey, char *szECCKey) } } - // fclose(fpdebug); - // fpdebug = NULL; + // fclose(fpdebug); + // fpdebug = NULL; if (!ed25519Sig.empty()) { /* if (!m_sReturnedSig.empty()) { @@ -1125,16 +1098,12 @@ int CDKIMSign::AssembleReturnedSig(char *szRSAKey, char *szECCKey) } if (!sha1Sig.empty()) { - if (!m_sReturnedSig.empty()) { - m_sReturnedSig.append("\r\n"); - } + if (!m_sReturnedSig.empty()) m_sReturnedSig.append("\r\n"); m_sReturnedSig.append(sha1Sig); } if (!sha256Sig.empty()) { - if (!m_sReturnedSig.empty()) { - m_sReturnedSig.append("\r\n"); - } + if (!m_sReturnedSig.empty()) m_sReturnedSig.append("\r\n"); m_sReturnedSig.append(sha256Sig); } -- cgit v1.2.3