Commit
Author: Mauro D [mauro@stalw.art]
Hash: a7e63156cc96be220409160f565f1d686e54b5f5
Timestamp: Mon, 16 Jan 2023 16:59:59 +0000 (1 year ago)

+25 -24 +/-5 browse
Removed Clone derive from SigningKey (#8).
1diff --git a/examples/report_arf_generate.rs b/examples/report_arf_generate.rs
2index d2802a7..766680c 100644
3--- a/examples/report_arf_generate.rs
4+++ b/examples/report_arf_generate.rs
5 @@ -40,8 +40,7 @@ fn main() {
6 .with_identity_alignment(IdentityAlignment::DkimSpf)
7 .with_message(&b"From: hello@world.org\r\nTo: ciao@mundo.org\r\n\r\n"[..])
8 .to_rfc5322(
9- "DMARC Reports",
10- "no-reply@example.org",
11+ ("DMARC Reports", "no-reply@example.org"),
12 "ruf@otherdomain.com",
13 "DMARC Authentication Failure Report",
14 )
15 diff --git a/examples/report_dmarc_generate.rs b/examples/report_dmarc_generate.rs
16index 8c8511c..eb279d8 100644
17--- a/examples/report_dmarc_generate.rs
18+++ b/examples/report_dmarc_generate.rs
19 @@ -99,9 +99,8 @@ fn main() {
20 )
21 .to_rfc5322(
22 "initech.net",
23- "Initech Industries",
24- "noreply-dmarc@initech.net",
25- "dmarc-reports@example.org",
26+ ("Initech Industries", "noreply-dmarc@initech.net"),
27+ ["dmarc-reports@example.org"].iter().copied(),
28 )
29 .unwrap();
30
31 diff --git a/src/arc/seal.rs b/src/arc/seal.rs
32index 381063c..101c620 100644
33--- a/src/arc/seal.rs
34+++ b/src/arc/seal.rs
35 @@ -247,13 +247,13 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
36 );
37
38 // Create private keys
39- let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
40 let pk_ed_public =
41 base64_decode(ED25519_PUBLIC_KEY.rsplit_once("p=").unwrap().1.as_bytes()).unwrap();
42 let pk_ed_private = base64_decode(ED25519_PRIVATE_KEY.as_bytes()).unwrap();
43
44 // Create DKIM-signed message
45- let mut raw_message = DkimSigner::from_key(pk_rsa.clone())
46+ let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
47+ let mut raw_message = DkimSigner::from_key(pk_rsa)
48 .domain("manchego.org")
49 .selector("rsa")
50 .headers(["From", "To", "Subject"])
51 @@ -264,6 +264,8 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
52
53 // Verify and seal the message 50 times
54 for _ in 0..25 {
55+ let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
56+
57 raw_message = arc_verify_and_seal(
58 &resolver,
59 &raw_message,
60 @@ -272,14 +274,8 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
61 Ed25519Key::from_bytes(&pk_ed_public, &pk_ed_private).unwrap(),
62 )
63 .await;
64- raw_message = arc_verify_and_seal(
65- &resolver,
66- &raw_message,
67- "manchego.org",
68- "rsa",
69- pk_rsa.clone(),
70- )
71- .await;
72+ raw_message =
73+ arc_verify_and_seal(&resolver, &raw_message, "manchego.org", "rsa", pk_rsa).await;
74 }
75
76 //println!("{}", raw_message);
77 diff --git a/src/common/crypto/rust_crypto.rs b/src/common/crypto/rust_crypto.rs
78index 178fb2d..2d6c34d 100644
79--- a/src/common/crypto/rust_crypto.rs
80+++ b/src/common/crypto/rust_crypto.rs
81 @@ -8,7 +8,7 @@ use crate::{common::headers::Writer, dkim::Canonicalization, Error, Result};
82
83 use super::{Algorithm, HashContext, HashImpl, HashOutput, Sha1, Sha256, SigningKey, VerifyingKey};
84
85- #[derive(Clone, Debug)]
86+ #[derive(Debug)]
87 pub struct RsaKey<T> {
88 inner: RsaPrivateKey,
89 padding: PhantomData<T>,
90 diff --git a/src/dkim/sign.rs b/src/dkim/sign.rs
91index 43c2e6e..1aa996e 100644
92--- a/src/dkim/sign.rs
93+++ b/src/dkim/sign.rs
94 @@ -198,7 +198,6 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
95 );
96
97 // Create private keys
98- let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
99 let pk_ed = Ed25519Key::from_bytes(
100 &base64_decode(ED25519_PUBLIC_KEY.rsplit_once("p=").unwrap().1.as_bytes()).unwrap(),
101 &base64_decode(ED25519_PRIVATE_KEY.as_bytes()).unwrap(),
102 @@ -224,9 +223,10 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
103 );
104
105 // Test RSA-SHA256 relaxed/relaxed
106+ let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
107 verify(
108 &resolver,
109- DkimSigner::from_key(pk_rsa.clone())
110+ DkimSigner::from_key(pk_rsa)
111 .domain("example.com")
112 .selector("default")
113 .headers(["From", "To", "Subject"])
114 @@ -253,9 +253,10 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
115 .await;
116
117 // Test RSA-SHA256 simple/simple with duplicated headers
118+ let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
119 verify(
120 &resolver,
121- DkimSigner::from_key(pk_rsa.clone())
122+ DkimSigner::from_key(pk_rsa)
123 .domain("example.com")
124 .selector("default")
125 .headers([
126 @@ -275,9 +276,10 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
127 .await;
128
129 // Test RSA-SHA256 simple/relaxed with fixed body length
130+ let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
131 verify(
132 &resolver,
133- DkimSigner::from_key(pk_rsa.clone())
134+ DkimSigner::from_key(pk_rsa)
135 .domain("example.com")
136 .selector("default")
137 .headers(["From", "To", "Subject"])
138 @@ -291,9 +293,10 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
139 .await;
140
141 // Test AUID not matching domain
142+ let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
143 verify(
144 &resolver,
145- DkimSigner::from_key(pk_rsa.clone())
146+ DkimSigner::from_key(pk_rsa)
147 .domain("example.com")
148 .selector("default")
149 .headers(["From", "To", "Subject"])
150 @@ -306,9 +309,10 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
151 .await;
152
153 // Test expired signature and reporting
154+ let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
155 let r = verify(
156 &resolver,
157- DkimSigner::from_key(pk_rsa.clone())
158+ DkimSigner::from_key(pk_rsa)
159 .domain("example.com")
160 .selector("default")
161 .headers(["From", "To", "Subject"])
162 @@ -326,9 +330,10 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
163 assert_eq!(r.as_deref(), Some("dkim-failures@example.com"));
164
165 // Verify ATPS (failure)
166+ let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
167 verify(
168 &resolver,
169- DkimSigner::from_key(pk_rsa.clone())
170+ DkimSigner::from_key(pk_rsa)
171 .domain("example.com")
172 .selector("default")
173 .headers(["From", "To", "Subject"])
174 @@ -342,6 +347,7 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
175 .await;
176
177 // Verify ATPS (success)
178+ let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
179 resolver.txt_add(
180 "UN42N5XOV642KXRXRQIYANHCOUPGQL5LT4WTBKYT2IJFLBWODFDQ._atps.example.com.".to_string(),
181 Atps::parse(b"v=ATPS1;").unwrap(),
182 @@ -349,7 +355,7 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
183 );
184 verify(
185 &resolver,
186- DkimSigner::from_key(pk_rsa.clone())
187+ DkimSigner::from_key(pk_rsa)
188 .domain("example.com")
189 .selector("default")
190 .headers(["From", "To", "Subject"])
191 @@ -363,6 +369,7 @@ GMot/L2x0IYyMLAz6oLWh2hm7zwtb0CgOrPo1ke44hFYnfc=
192 .await;
193
194 // Verify ATPS (success - no hash)
195+ let pk_rsa = RsaKey::<Sha256>::from_pkcs1_pem(RSA_PRIVATE_KEY).unwrap();
196 resolver.txt_add(
197 "example.com._atps.example.com.".to_string(),
198 Atps::parse(b"v=ATPS1;").unwrap(),