mirror of
https://github.com/emersion/go-msgauth
synced 2026-07-05 09:28:34 +00:00
RFC 6376 is inconsistent about whether RSA public keys should be formatted as RSAPublicKey or SubjectPublicKeyInfo. Erratum 3017 (https://www.rfc-editor.org/errata/eid3017) proposes allowing both. This commit changes the verifier to accept both formats, and changes dkim-keygen to generate keys in SubjectPublicKeyInfo format for consistency with other implementations including opendkim, Gmail, and Fastmail. Closes: https://github.com/emersion/go-msgauth/issues/43
37 lines
1.2 KiB
Go
37 lines
1.2 KiB
Go
package dkim
|
|
|
|
import (
|
|
"fmt"
|
|
)
|
|
|
|
const dnsRawRSAPublicKey = "v=DKIM1; p=MIGJAoGBALVI635dLK4cJJAH3Lx6upo3X/L" +
|
|
"m1tQz3mezcWTA3BUBnyIsdnRf57aD5BtNmhPrYYDlWlzw3" +
|
|
"UgnKisIxktkk5+iMQMlFtAS10JB8L3YadXNJY+JBcbeSi5" +
|
|
"TgJe4WFzNgW95FWDAuSTRXSWZfA/8xjflbTLDx0euFZOM7" +
|
|
"C4T0GwLAgMBAAE="
|
|
|
|
const dnsPublicKey = "v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQ" +
|
|
"KBgQDwIRP/UC3SBsEmGqZ9ZJW3/DkMoGeLnQg1fWn7/zYt" +
|
|
"IxN2SnFCjxOCKG9v3b4jYfcTNh5ijSsq631uBItLa7od+v" +
|
|
"/RtdC2UzJ1lWT947qR+Rcac2gbto/NMqJ0fzfVjH4OuKhi" +
|
|
"tdY9tf6mcwGjaNBcWToIMmPSPDdQPNUYckcQ2QIDAQAB"
|
|
|
|
const dnsEd25519PublicKey = "v=DKIM1; k=ed25519; p=11qYAYKxCrfVS/7TyWQHOg7hcvPapiMlrwIaaPcHURo="
|
|
|
|
func init() {
|
|
queryMethods["dns/txt"] = queryTest
|
|
}
|
|
|
|
func queryTest(domain, selector string, txtLookup txtLookupFunc) (*queryResult, error) {
|
|
record := selector + "._domainkey." + domain
|
|
switch record {
|
|
case "brisbane._domainkey.example.com", "brisbane._domainkey.example.org", "test._domainkey.football.example.com":
|
|
return parsePublicKey(dnsPublicKey)
|
|
case "newengland._domainkey.example.com":
|
|
return parsePublicKey(dnsRawRSAPublicKey)
|
|
case "brisbane._domainkey.football.example.com":
|
|
return parsePublicKey(dnsEd25519PublicKey)
|
|
}
|
|
return nil, fmt.Errorf("unknown test DNS record %v", record)
|
|
}
|