Commit
+48 -18 +/-5 browse
1 | diff --git a/src/common/headers.rs b/src/common/headers.rs |
2 | index 2cf0265..4bec251 100644 |
3 | --- a/src/common/headers.rs |
4 | +++ b/src/common/headers.rs |
5 | @@ -60,9 +60,9 @@ pub(crate) enum AuthenticatedHeader<'x> { |
6 | |
7 | #[derive(Debug, Clone, PartialEq, Eq)] |
8 | pub struct Header<'x, T> { |
9 | - pub(crate) name: &'x [u8], |
10 | - pub(crate) value: &'x [u8], |
11 | - pub(crate) header: T, |
12 | + pub name: &'x [u8], |
13 | + pub value: &'x [u8], |
14 | + pub header: T, |
15 | } |
16 | |
17 | impl<'x> HeaderParser<'x> { |
18 | diff --git a/src/dkim/canonicalize.rs b/src/dkim/canonicalize.rs |
19 | index d27ac40..7a21b6c 100644 |
20 | --- a/src/dkim/canonicalize.rs |
21 | +++ b/src/dkim/canonicalize.rs |
22 | @@ -158,7 +158,7 @@ impl Canonicalization { |
23 | } |
24 | |
25 | impl Signature { |
26 | - pub(crate) fn canonicalize<'x>( |
27 | + pub fn canonicalize<'x>( |
28 | &self, |
29 | mut message: impl HeaderStream<'x>, |
30 | ) -> (usize, CanonicalHeaders<'x>, Vec<String>, CanonicalBody<'x>) { |
31 | diff --git a/src/dkim/mod.rs b/src/dkim/mod.rs |
32 | index ee4b110..d30306e 100644 |
33 | --- a/src/dkim/mod.rs |
34 | +++ b/src/dkim/mod.rs |
35 | @@ -36,8 +36,8 @@ pub enum Canonicalization { |
36 | #[derive(Debug, PartialEq, Eq, Clone, Default)] |
37 | pub struct DkimSigner<T: SigningKey, State = NeedDomain> { |
38 | _state: std::marker::PhantomData<State>, |
39 | - pub(crate) key: T, |
40 | - pub(crate) template: Signature, |
41 | + pub key: T, |
42 | + pub template: Signature, |
43 | } |
44 | |
45 | pub struct NeedDomain; |
46 | diff --git a/src/dkim/verify.rs b/src/dkim/verify.rs |
47 | index a590339..31690f9 100644 |
48 | --- a/src/dkim/verify.rs |
49 | +++ b/src/dkim/verify.rs |
50 | @@ -240,6 +240,36 @@ impl Resolver { |
51 | } |
52 | |
53 | impl<'x> AuthenticatedMessage<'x> { |
54 | + pub async fn get_canonicalized_header(&self) -> Result<Vec<u8>, Error> { |
55 | + // Based on verify_dkim_ function |
56 | + // Iterate through possible DKIM headers |
57 | + let mut data = Vec::with_capacity(256); |
58 | + for header in &self.dkim_headers { |
59 | + // Ensure signature is not obviously invalid |
60 | + let signature = match &header.header { |
61 | + Ok(signature) => { |
62 | + if signature.x == 0 || (signature.x > signature.t) { |
63 | + signature |
64 | + } else { |
65 | + continue; |
66 | + } |
67 | + } |
68 | + Err(_err) => { |
69 | + continue; |
70 | + } |
71 | + }; |
72 | + |
73 | + // Get pre-hashed but canonically ordered headers, who's hash is signed |
74 | + let dkim_hdr_value = header.value.strip_signature(); |
75 | + let headers = self.signed_headers(&signature.h, header.name, &dkim_hdr_value); |
76 | + signature.ch.canonicalize_headers(headers, &mut data); |
77 | + |
78 | + return Ok(data); |
79 | + } |
80 | + // Return not ok |
81 | + Err(Error::FailedBodyHashMatch) |
82 | + } |
83 | + |
84 | pub fn signed_headers<'z: 'x>( |
85 | &'z self, |
86 | headers: &'x [String], |
87 | diff --git a/src/lib.rs b/src/lib.rs |
88 | index 67d3c91..7957986 100644 |
89 | --- a/src/lib.rs |
90 | +++ b/src/lib.rs |
91 | @@ -335,18 +335,18 @@ pub struct MX { |
92 | |
93 | #[derive(Debug, Clone)] |
94 | pub struct AuthenticatedMessage<'x> { |
95 | - pub(crate) headers: Vec<(&'x [u8], &'x [u8])>, |
96 | - pub(crate) from: Vec<String>, |
97 | - pub(crate) raw_message: &'x [u8], |
98 | - pub(crate) body_offset: usize, |
99 | - pub(crate) body_hashes: Vec<(Canonicalization, HashAlgorithm, u64, Vec<u8>)>, |
100 | - pub(crate) dkim_headers: Vec<Header<'x, crate::Result<dkim::Signature>>>, |
101 | - pub(crate) ams_headers: Vec<Header<'x, crate::Result<arc::Signature>>>, |
102 | - pub(crate) as_headers: Vec<Header<'x, crate::Result<arc::Seal>>>, |
103 | - pub(crate) aar_headers: Vec<Header<'x, crate::Result<arc::Results>>>, |
104 | - pub(crate) received_headers_count: usize, |
105 | - pub(crate) date_header_present: bool, |
106 | - pub(crate) message_id_header_present: bool, |
107 | + pub headers: Vec<(&'x [u8], &'x [u8])>, |
108 | + pub from: Vec<String>, |
109 | + pub raw_message: &'x [u8], |
110 | + pub body_offset: usize, |
111 | + pub body_hashes: Vec<(Canonicalization, HashAlgorithm, u64, Vec<u8>)>, |
112 | + pub dkim_headers: Vec<Header<'x, crate::Result<dkim::Signature>>>, |
113 | + pub ams_headers: Vec<Header<'x, crate::Result<arc::Signature>>>, |
114 | + pub as_headers: Vec<Header<'x, crate::Result<arc::Seal>>>, |
115 | + pub aar_headers: Vec<Header<'x, crate::Result<arc::Results>>>, |
116 | + pub received_headers_count: usize, |
117 | + pub date_header_present: bool, |
118 | + pub message_id_header_present: bool, |
119 | } |
120 | |
121 | #[derive(Debug, Clone, PartialEq, Eq)] |