Skip to content

Commit

Permalink
opendkim-testkey: Support sign algorithm field in KeyTable
Browse files Browse the repository at this point in the history
  • Loading branch information
@futatuki
futatuki committed Mar 3, 2024
1 parent 3b2fb09 commit fc63259
Showing 1 changed file with 32 additions and 2 deletions.
34 changes: 32 additions & 2 deletions opendkim/opendkim-testkey.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@
#include "config.h"
#include "opendkim-config.h"
#include "opendkim-crypto.h"
#include "opendkim-const.h"

/* macros */
#define CMDLINEOPTS "d:k:s:vx:"
Expand Down Expand Up @@ -236,6 +237,8 @@ main(int argc, char **argv)
char domain[BUFRSZ];
char selector[BUFRSZ];
char keypath[MAXBUFRSZ];
char signalgstr[BUFRSZ];
dkim_alg_t signalg;

progname = (p = strrchr(argv[0], '/')) == NULL ? argv[0] : p + 1;

Expand Down Expand Up @@ -464,7 +467,7 @@ main(int argc, char **argv)
size_t keylen;
DKIMF_DB db;
char keyname[BUFRSZ + 1];
struct dkimf_db_data dbd[3];
struct dkimf_db_data dbd[4];

memset(dbd, '\0', sizeof dbd);

Expand All @@ -491,18 +494,22 @@ main(int argc, char **argv)
memset(domain, '\0', sizeof domain);
memset(selector, '\0', sizeof selector);
memset(keypath, '\0', sizeof keypath);
memset(signalgstr, '\0', sizeof signalgstr);

dbd[0].dbdata_buffer = domain;
dbd[0].dbdata_buflen = sizeof domain;
dbd[1].dbdata_buffer = selector;
dbd[1].dbdata_buflen = sizeof selector;
dbd[2].dbdata_buffer = keypath;
dbd[2].dbdata_buflen = sizeof keypath;
dbd[3].dbdata_buffer = signalgstr;
dbd[3].dbdata_buflen = sizeof signalgstr;
dbd[3].dbdata_flags = DKIMF_DB_DATA_OPTIONAL;

keylen = sizeof keyname;

status = dkimf_db_walk(db, c == 0, keyname, &keylen,
dbd, 3);
dbd, 4);
if (status == -1)
{
fprintf(stderr,
Expand All @@ -524,6 +531,26 @@ main(int argc, char **argv)
progname, c, keyname);
}

if (signalgstr[0] != '\0')
{
signalg = dkimf_lookup_strtoint(signalgstr, dkimf_sign);
if (signalg == -1)
{
fprintf(stderr,
"%s: unknown sign algorithm "
"'%s' for key '%s'\n",
progname, signalgstr, keyname);
return 1;
}

if (verbose > 1)
{
fprintf(stderr,
"%s: key '%s': sign algorithm is '%s'\n",
progname, keyname, signalgstr);
}
}

if (keypath[0] == '/' ||
strncmp(keypath, "./", 2) == 0 ||
strncmp(keypath, "../", 3) == 0)
Expand Down Expand Up @@ -572,6 +599,9 @@ main(int argc, char **argv)
progname, keyname);
}

/* To do: check consistency of the key and algorithm.
It is needed to extend dkim_test_key() for it */

dnssec = DKIM_DNSSEC_UNKNOWN;

status = dkim_test_key(lib, selector, domain,
Expand Down

0 comments on commit fc63259

Please sign in to comment.