DKIM: accept ed25519.

This commit is contained in:
Philippe Pittoli 2024-03-13 20:16:18 +01:00
parent 547a22f6dd
commit a9c33df22d
2 changed files with 11 additions and 3 deletions

View File

@ -55,8 +55,8 @@ show_hashing_algorithm = case _ of
-- SHA1 -> "sha1"
SHA256 -> "sha256"
data SignatureAlgorithm = RSA
sign_algos = [RSA] :: Array SignatureAlgorithm
data SignatureAlgorithm = RSA | ED25519
sign_algos = [RSA, ED25519] :: Array SignatureAlgorithm
-- | Codec for just encoding a single value of type `SignatureAlgorithm`.
codecSignatureAlgorithm :: CA.JsonCodec SignatureAlgorithm
@ -65,11 +65,13 @@ codecSignatureAlgorithm = CA.prismaticCodec "SignatureAlgorithm" str_to_signatur
str_to_signature_algorithm :: String -> Maybe SignatureAlgorithm
str_to_signature_algorithm = case _ of
"rsa" -> Just RSA
"ed25519" -> Just ED25519
_ -> Nothing
show_signature_algorithm :: SignatureAlgorithm -> String
show_signature_algorithm = case _ of
RSA -> "rsa"
RSA -> "rsa"
ED25519 -> "ed25519"
data Version = DKIM1

View File

@ -269,6 +269,7 @@ validationSPF form = ado
-- | Accepted RSA key sizes = 2048 or 4096 bits, meaning 256 or 512 characters.
accepted_rsa_key_sizes = [256, 512] :: Array Int
accepted_ed25519_key_sizes = [32] :: Array Int
verify_public_key :: DKIM.SignatureAlgorithm -> DKIM.PublicKey -> V (Array Error) DKIM.PublicKey
verify_public_key signalgo key = case signalgo of
@ -277,6 +278,11 @@ verify_public_key signalgo key = case signalgo of
then pure key
else invalid [DKIMInvalidKeySize accepted_rsa_key_sizes]
in k
DKIM.ED25519 -> ado
k <- if A.elem (S.length key) accepted_ed25519_key_sizes
then pure key
else invalid [DKIMInvalidKeySize accepted_ed25519_key_sizes]
in k
validationDKIM :: ResourceRecord -> V (Array Error) ResourceRecord
validationDKIM form =