From a9c33df22da713ad00b9fe3c38971fcacfca24f5 Mon Sep 17 00:00:00 2001
From: Philippe Pittoli <karchnu@karchnu.fr>
Date: Wed, 13 Mar 2024 20:16:18 +0100
Subject: [PATCH] DKIM: accept ed25519.

---
 src/App/Type/DKIM.purs      | 8 +++++---
 src/App/Validation/DNS.purs | 6 ++++++
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/src/App/Type/DKIM.purs b/src/App/Type/DKIM.purs
index b1580d1..82d9fe9 100644
--- a/src/App/Type/DKIM.purs
+++ b/src/App/Type/DKIM.purs
@@ -55,8 +55,8 @@ show_hashing_algorithm = case _ of
   -- SHA1   -> "sha1"
   SHA256 -> "sha256"
 
-data SignatureAlgorithm = RSA
-sign_algos = [RSA] :: Array SignatureAlgorithm
+data SignatureAlgorithm = RSA | ED25519
+sign_algos = [RSA, ED25519] :: Array SignatureAlgorithm
 
 -- | Codec for just encoding a single value of type `SignatureAlgorithm`.
 codecSignatureAlgorithm :: CA.JsonCodec SignatureAlgorithm
@@ -65,11 +65,13 @@ codecSignatureAlgorithm = CA.prismaticCodec "SignatureAlgorithm" str_to_signatur
 str_to_signature_algorithm :: String -> Maybe SignatureAlgorithm
 str_to_signature_algorithm = case _ of
   "rsa"       -> Just RSA
+  "ed25519"   -> Just ED25519
   _ -> Nothing
 
 show_signature_algorithm :: SignatureAlgorithm -> String
 show_signature_algorithm = case _ of
-  RSA -> "rsa"
+  RSA     -> "rsa"
+  ED25519 -> "ed25519"
 
 data Version = DKIM1
 
diff --git a/src/App/Validation/DNS.purs b/src/App/Validation/DNS.purs
index 1af4ec5..fd80d50 100644
--- a/src/App/Validation/DNS.purs
+++ b/src/App/Validation/DNS.purs
@@ -269,6 +269,7 @@ validationSPF form = ado
 
 -- | Accepted RSA key sizes = 2048 or 4096 bits, meaning 256 or 512 characters.
 accepted_rsa_key_sizes = [256, 512] :: Array Int
+accepted_ed25519_key_sizes = [32] :: Array Int
 
 verify_public_key :: DKIM.SignatureAlgorithm -> DKIM.PublicKey -> V (Array Error) DKIM.PublicKey
 verify_public_key signalgo key = case signalgo of
@@ -277,6 +278,11 @@ verify_public_key signalgo key = case signalgo of
          then pure key
          else invalid [DKIMInvalidKeySize accepted_rsa_key_sizes]
     in k
+  DKIM.ED25519 -> ado
+    k <- if A.elem (S.length key) accepted_ed25519_key_sizes
+         then pure key
+         else invalid [DKIMInvalidKeySize accepted_ed25519_key_sizes]
+    in k
 
 validationDKIM :: ResourceRecord -> V (Array Error) ResourceRecord
 validationDKIM form =