DKIM: accept ed25519.

dev
Philippe Pittoli 2024-03-13 20:16:18 +01:00
parent 547a22f6dd
commit a9c33df22d
2 changed files with 11 additions and 3 deletions

View File

@ -55,8 +55,8 @@ show_hashing_algorithm = case _ of
-- SHA1 -> "sha1" -- SHA1 -> "sha1"
SHA256 -> "sha256" SHA256 -> "sha256"
data SignatureAlgorithm = RSA data SignatureAlgorithm = RSA | ED25519
sign_algos = [RSA] :: Array SignatureAlgorithm sign_algos = [RSA, ED25519] :: Array SignatureAlgorithm
-- | Codec for just encoding a single value of type `SignatureAlgorithm`. -- | Codec for just encoding a single value of type `SignatureAlgorithm`.
codecSignatureAlgorithm :: CA.JsonCodec SignatureAlgorithm codecSignatureAlgorithm :: CA.JsonCodec SignatureAlgorithm
@ -65,11 +65,13 @@ codecSignatureAlgorithm = CA.prismaticCodec "SignatureAlgorithm" str_to_signatur
str_to_signature_algorithm :: String -> Maybe SignatureAlgorithm str_to_signature_algorithm :: String -> Maybe SignatureAlgorithm
str_to_signature_algorithm = case _ of str_to_signature_algorithm = case _ of
"rsa" -> Just RSA "rsa" -> Just RSA
"ed25519" -> Just ED25519
_ -> Nothing _ -> Nothing
show_signature_algorithm :: SignatureAlgorithm -> String show_signature_algorithm :: SignatureAlgorithm -> String
show_signature_algorithm = case _ of show_signature_algorithm = case _ of
RSA -> "rsa" RSA -> "rsa"
ED25519 -> "ed25519"
data Version = DKIM1 data Version = DKIM1

View File

@ -269,6 +269,7 @@ validationSPF form = ado
-- | Accepted RSA key sizes = 2048 or 4096 bits, meaning 256 or 512 characters. -- | Accepted RSA key sizes = 2048 or 4096 bits, meaning 256 or 512 characters.
accepted_rsa_key_sizes = [256, 512] :: Array Int accepted_rsa_key_sizes = [256, 512] :: Array Int
accepted_ed25519_key_sizes = [32] :: Array Int
verify_public_key :: DKIM.SignatureAlgorithm -> DKIM.PublicKey -> V (Array Error) DKIM.PublicKey verify_public_key :: DKIM.SignatureAlgorithm -> DKIM.PublicKey -> V (Array Error) DKIM.PublicKey
verify_public_key signalgo key = case signalgo of verify_public_key signalgo key = case signalgo of
@ -277,6 +278,11 @@ verify_public_key signalgo key = case signalgo of
then pure key then pure key
else invalid [DKIMInvalidKeySize accepted_rsa_key_sizes] else invalid [DKIMInvalidKeySize accepted_rsa_key_sizes]
in k in k
DKIM.ED25519 -> ado
k <- if A.elem (S.length key) accepted_ed25519_key_sizes
then pure key
else invalid [DKIMInvalidKeySize accepted_ed25519_key_sizes]
in k
validationDKIM :: ResourceRecord -> V (Array Error) ResourceRecord validationDKIM :: ResourceRecord -> V (Array Error) ResourceRecord
validationDKIM form = validationDKIM form =