DKIM: accept ed25519.
parent
547a22f6dd
commit
a9c33df22d
|
@ -55,8 +55,8 @@ show_hashing_algorithm = case _ of
|
|||
-- SHA1 -> "sha1"
|
||||
SHA256 -> "sha256"
|
||||
|
||||
data SignatureAlgorithm = RSA
|
||||
sign_algos = [RSA] :: Array SignatureAlgorithm
|
||||
data SignatureAlgorithm = RSA | ED25519
|
||||
sign_algos = [RSA, ED25519] :: Array SignatureAlgorithm
|
||||
|
||||
-- | Codec for just encoding a single value of type `SignatureAlgorithm`.
|
||||
codecSignatureAlgorithm :: CA.JsonCodec SignatureAlgorithm
|
||||
|
@ -65,11 +65,13 @@ codecSignatureAlgorithm = CA.prismaticCodec "SignatureAlgorithm" str_to_signatur
|
|||
str_to_signature_algorithm :: String -> Maybe SignatureAlgorithm
|
||||
str_to_signature_algorithm = case _ of
|
||||
"rsa" -> Just RSA
|
||||
"ed25519" -> Just ED25519
|
||||
_ -> Nothing
|
||||
|
||||
show_signature_algorithm :: SignatureAlgorithm -> String
|
||||
show_signature_algorithm = case _ of
|
||||
RSA -> "rsa"
|
||||
ED25519 -> "ed25519"
|
||||
|
||||
data Version = DKIM1
|
||||
|
||||
|
|
|
@ -269,6 +269,7 @@ validationSPF form = ado
|
|||
|
||||
-- | Accepted RSA key sizes = 2048 or 4096 bits, meaning 256 or 512 characters.
|
||||
accepted_rsa_key_sizes = [256, 512] :: Array Int
|
||||
accepted_ed25519_key_sizes = [32] :: Array Int
|
||||
|
||||
verify_public_key :: DKIM.SignatureAlgorithm -> DKIM.PublicKey -> V (Array Error) DKIM.PublicKey
|
||||
verify_public_key signalgo key = case signalgo of
|
||||
|
@ -277,6 +278,11 @@ verify_public_key signalgo key = case signalgo of
|
|||
then pure key
|
||||
else invalid [DKIMInvalidKeySize accepted_rsa_key_sizes]
|
||||
in k
|
||||
DKIM.ED25519 -> ado
|
||||
k <- if A.elem (S.length key) accepted_ed25519_key_sizes
|
||||
then pure key
|
||||
else invalid [DKIMInvalidKeySize accepted_ed25519_key_sizes]
|
||||
in k
|
||||
|
||||
validationDKIM :: ResourceRecord -> V (Array Error) ResourceRecord
|
||||
validationDKIM form =
|
||||
|
|
Loading…
Reference in New Issue