X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/f444c2c7e41c8a2b43b6270708e7eb88831f11e0..07eeb4df55e6c0843156aedaacf32bfebe0e9eaa:/src/src/pdkim/pdkim.h diff --git a/src/src/pdkim/pdkim.h b/src/src/pdkim/pdkim.h index c7c7b5837..0803ea0b0 100644 --- a/src/src/pdkim/pdkim.h +++ b/src/src/pdkim/pdkim.h @@ -2,6 +2,7 @@ * PDKIM - a RFC4871 (DKIM) implementation * * Copyright (C) 2009 - 2012 Tom Kistner + * Copyright (c) Jeremy Harris 2016 * * http://duncanthrax.net/pdkim/ * @@ -19,13 +20,11 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ +#ifndef PDKIM_H +#define PDKIM_H -#ifdef USE_GNUTLS -# include -# include -#else -# include -#endif +#include "../blob.h" +#include "../hash.h" /* -------------------------------------------------------------------------- */ /* Length of the preallocated buffer for the "answer" from the dns/txt @@ -36,11 +35,12 @@ /* Function success / error codes */ #define PDKIM_OK 0 #define PDKIM_FAIL -1 -#define PDKIM_ERR_OOM -100 #define PDKIM_ERR_RSA_PRIVKEY -101 #define PDKIM_ERR_RSA_SIGNING -102 #define PDKIM_ERR_LONG_LINE -103 #define PDKIM_ERR_BUFFER_TOO_SMALL -104 +#define PDKIM_SIGN_PRIVKEY_WRAP -105 +#define PDKIM_SIGN_PRIVKEY_B64D -106 /* -------------------------------------------------------------------------- */ /* Main/Extended verification status */ @@ -49,11 +49,14 @@ #define PDKIM_VERIFY_FAIL 2 #define PDKIM_VERIFY_PASS 3 -#define PDKIM_VERIFY_FAIL_BODY 1 -#define PDKIM_VERIFY_FAIL_MESSAGE 2 -#define PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE 3 -#define PDKIM_VERIFY_INVALID_BUFFER_SIZE 4 -#define PDKIM_VERIFY_INVALID_PUBKEY_PARSING 5 +#define PDKIM_VERIFY_FAIL_BODY 1 +#define PDKIM_VERIFY_FAIL_MESSAGE 2 +#define PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE 3 +#define PDKIM_VERIFY_INVALID_BUFFER_SIZE 4 +#define PDKIM_VERIFY_INVALID_PUBKEY_DNSRECORD 5 +#define PDKIM_VERIFY_INVALID_PUBKEY_IMPORT 6 +#define PDKIM_VERIFY_INVALID_SIGNATURE_ERROR 7 +#define PDKIM_VERIFY_INVALID_DKIM_VERSION 8 /* -------------------------------------------------------------------------- */ /* Some parameter values */ @@ -74,6 +77,10 @@ /* Some required forward declarations, please ignore */ typedef struct pdkim_stringlist pdkim_stringlist; typedef struct pdkim_str pdkim_str; +typedef struct sha1_context sha1_context; +typedef struct sha2_context sha2_context; +#define HAVE_SHA1_CONTEXT +#define HAVE_SHA2_CONTEXT /* -------------------------------------------------------------------------- */ /* Some concessions towards Redmond */ @@ -90,16 +97,15 @@ typedef struct pdkim_str pdkim_str; /* -------------------------------------------------------------------------- */ /* Public key as (usually) fetched from DNS */ typedef struct pdkim_pubkey { - char *version; /* v= */ - char *granularity; /* g= */ + uschar *version; /* v= */ + uschar *granularity; /* g= */ - char *hashes; /* h= */ - char *keytype; /* k= */ - char *srvtype; /* s= */ - char *notes; /* n= */ + uschar *hashes; /* h= */ + uschar *keytype; /* k= */ + uschar *srvtype; /* s= */ + uschar *notes; /* n= */ - char *key; /* p= */ - int key_len; + blob key; /* p= */ int testing; /* t=y */ int no_subdomaining; /* t=s */ @@ -131,13 +137,13 @@ typedef struct pdkim_signature { int querymethod; /* (s=) The selector string as given in the signature */ - char *selector; + uschar *selector; /* (d=) The domain as given in the signature */ - char *domain; + uschar *domain; /* (i=) The identity as given in the signature */ - char *identity; + uschar *identity; /* (t=) Timestamp of signature creation */ unsigned long created; @@ -151,24 +157,22 @@ typedef struct pdkim_signature { /* (h=) Colon-separated list of header names that are included in the signature */ - char *headernames; + uschar *headernames; /* (z=) */ - char *copiedheaders; + uschar *copiedheaders; /* (b=) Raw signature data, along with its length in bytes */ - char *sigdata; - int sigdata_len; + blob sigdata; /* (bh=) Raw body hash data, along with its length in bytes */ - char *bodyhash; - int bodyhash_len; + blob bodyhash; /* Folded DKIM-Signature: header. Singing only, NULL for verifying. Ready for insertion into the message. Note: Folded using CRLFTB, but final line terminator is NOT included. Note2: This buffer is free()d when you call pdkim_free_ctx(). */ - char *signature_header; + uschar *signature_header; /* The main verification status. Verification only. One of: @@ -228,18 +232,14 @@ typedef struct pdkim_signature { /* Properties below this point are used internally only ------------- */ /* Per-signature helper variables ----------------------------------- */ -#ifdef USE_GNUTLS - gnutls_hash_hd_t sha_body; /* Either SHA1 or SHA256 block */ -#else - SHA_CTX sha1_body; /* SHA1 block */ - SHA256_CTX sha2_body; /* SHA256 block */ -#endif + hctx body_hash; + unsigned long signed_body_bytes; /* How many body bytes we hashed */ - pdkim_stringlist *headers; /* Raw headers included in the sig */ + pdkim_stringlist *headers; /* Raw headers included in the sig */ /* Signing specific ------------------------------------------------- */ - char *rsa_privkey; /* Private RSA key */ - char *sign_headers; /* To-be-signed header names */ - char *rawsig_no_b_val; /* Original signature header w/o b= tag value. */ + uschar * rsa_privkey; /* Private RSA key */ + uschar * sign_headers; /* To-be-signed header names */ + uschar * rawsig_no_b_val; /* Original signature header w/o b= tag value. */ } pdkim_signature; @@ -259,7 +259,9 @@ typedef struct pdkim_ctx { int(*dns_txt_callback)(char *, char *); /* Coder's little helpers */ - pdkim_str *cur_header; + uschar *cur_header; + int cur_header_size; + int cur_header_len; char *linebuf; int linebuf_offset; BOOL seen_lf; @@ -280,6 +282,8 @@ typedef struct pdkim_ctx { extern "C" { #endif +void pdkim_init (void); + DLLEXPORT pdkim_ctx *pdkim_init_sign (char *, char *, char *, int); @@ -303,3 +307,5 @@ void pdkim_free_ctx (pdkim_ctx *); #ifdef __cplusplus } #endif + +#endif