/*
* PDKIM - a RFC4871 (DKIM) implementation
*
- * Copyright (C) 2009 - 2016 Tom Kistner <tom@duncanthrax.net>
+ * Copyright (c) The Exim Maintainers 2021 - 2023
* Copyright (C) 2016 - 2020 Jeremy Harris <jgh@exim.org>
- * Copyright (c) The Exim Maintainers 2021
+ * Copyright (C) 2009 - 2016 Tom Kistner <tom@duncanthrax.net>
+ * SPDX-License-Identifier: GPL-2.0-or-later
*
* http://duncanthrax.net/pdkim/
*
void
pdkim_decode_base64(const uschar * str, blob * b)
{
-int dlen = b64decode(str, &b->data);
+int dlen = b64decode(str, &b->data, str);
if (dlen < 0) b->data = NULL;
b->len = dlen;
}
{
for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next) /* Finish hashes */
{
- DEBUG(D_acl) debug_printf("DKIM: finish bodyhash %d/%d/%ld len %ld\n",
- b->hashtype, b->canon_method, b->bodylength, b->signed_body_bytes);
+ DEBUG(D_acl) debug_printf("DKIM: finish bodyhash %s/%s/%ld len %ld\n",
+ pdkim_hashes[b->hashtype].dkim_hashname, pdkim_canons[b->canon_method],
+ b->bodylength, b->signed_body_bytes);
exim_sha_finish(&b->body_hash_ctx, &b->bh);
}
DEBUG(D_acl)
{
- debug_printf("DKIM [%s] Body bytes (%s) hashed: %lu\n"
- "DKIM [%s] Body %s computed: ",
- sig->domain, pdkim_canons[b->canon_method], b->signed_body_bytes,
- sig->domain, pdkim_hashes[b->hashtype].dkim_hashname);
+ debug_printf("DKIM [%s]%s Body bytes (%s) hashed: %lu\n"
+ "DKIM [%s]%s Body %s computed: ",
+ sig->domain, sig->selector, pdkim_canons[b->canon_method], b->signed_body_bytes,
+ sig->domain, sig->selector, pdkim_hashes[b->hashtype].dkim_hashname);
pdkim_hexprint(CUS b->bh.data, b->bh.len);
}
static int
pdkim_header_complete(pdkim_ctx * ctx)
{
-if ( (ctx->cur_header->ptr > 1) &&
- (ctx->cur_header->s[ctx->cur_header->ptr-1] == '\r') )
- --ctx->cur_header->ptr;
+if (ctx->cur_header->ptr > 1)
+ gstring_trim_trailing(ctx->cur_header, '\r');
(void) string_from_gstring(ctx->cur_header);
#ifdef EXPERIMENTAL_ARC
rh = pdkim_relax_header(rh, TRUE); /* cook header for relaxed canon */
/* Feed header to the hash algorithm */
- exim_sha_update(&hhash_ctx, CUS rh, Ustrlen(rh));
+ exim_sha_update_string(&hhash_ctx, CUS rh);
/* Remember headers block for signing (when the library cannot do incremental) */
/*XXX we could avoid doing this for all but the GnuTLS/RSA case */
: string_copy(CUS hdrs->value);
/* Feed header to the hash algorithm */
- exim_sha_update(&hhash_ctx, CUS rh, Ustrlen(rh));
+ exim_sha_update_string(&hhash_ctx, CUS rh);
DEBUG(D_acl) pdkim_quoteprint(rh, Ustrlen(rh));
hdrs->tag = 1;
}
/* Finalize header hash */
- exim_sha_update(&hhash_ctx, CUS sig_hdr, Ustrlen(sig_hdr));
+ exim_sha_update_string(&hhash_ctx, CUS sig_hdr);
exim_sha_finish(&hhash_ctx, &hhash);
DEBUG(D_acl)
if (*dkim_verify_min_keysizes)
{
unsigned minbits;
- uschar * ss = expand_getkeyed(US pdkim_keytypes[sig->keytype],
+ const uschar * ss = expand_getkeyed(US pdkim_keytypes[sig->keytype],
dkim_verify_min_keysizes);
- if (ss && (minbits = atoi(CS ss)) > sig->keybits)
+ if (ss && (minbits = atoi(CCS ss)) > sig->keybits)
{
DEBUG(D_acl) debug_printf("Key too short: Actual: %s %u Minima '%s'\n",
pdkim_keytypes[sig->keytype], sig->keybits, dkim_verify_min_keysizes);
&& canon_method == b->canon_method
&& bodylength == b->bodylength)
{
- DEBUG(D_receive) debug_printf("DKIM: using existing bodyhash %d/%d/%ld\n",
- hashtype, canon_method, bodylength);
+ DEBUG(D_receive) debug_printf("DKIM: using existing bodyhash %s/%s/%ld\n",
+ pdkim_hashes[hashtype].dkim_hashname, pdkim_canons[canon_method], bodylength);
return b;
}
-DEBUG(D_receive) debug_printf("DKIM: new bodyhash %d/%d/%ld\n",
- hashtype, canon_method, bodylength);
+DEBUG(D_receive) debug_printf("DKIM: new bodyhash %s/%s/%ld\n",
+ pdkim_hashes[hashtype].dkim_hashname, pdkim_canons[canon_method], bodylength);
b = store_get(sizeof(pdkim_bodyhash), GET_UNTAINTED);
b->next = ctx->bodyhash;
b->hashtype = hashtype;
git://git.exim.org / exim.git / blobdiff