Skip to content

Commit

Permalink
Fixed dkim bodyhash for custom domains closes anonaddy#14
Browse files Browse the repository at this point in the history
  • Loading branch information
willbrowningme committed Feb 18, 2020
1 parent 391efa9 commit 3056f5a
Show file tree
Hide file tree
Showing 4 changed files with 105 additions and 71 deletions.
55 changes: 22 additions & 33 deletions app/Helpers/OpenPGPSigner.php
Original file line number Diff line number Diff line change
Expand Up @@ -216,21 +216,16 @@ public function signMessage(Swift_Message $message)
$signature = $this->pgpSignString($signedBody, $this->signingKey);

//Swiftmailer is automatically changing content type and this is the hack to prevent it
$body = <<<EOT
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--{$message->getBoundary()}
$signedBody
--{$message->getBoundary()}
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
$signature
--{$message->getBoundary()}--
EOT;

// Fixes DKIM signature incorrect body hash for custom domains
$body = "This is an OpenPGP/MIME signed message (RFC 4880 and 3156)\r\n\r\n";
$body .= "--{$message->getBoundary()}\r\n";
$body .= $signedBody."\r\n";
$body .= "--{$message->getBoundary()}\r\n";
$body .= "Content-Type: application/pgp-signature; name=\"signature.asc\"\r\n";
$body .= "Content-Description: OpenPGP digital signature\r\n";
$body .= "Content-Disposition: attachment; filename=\"signature.asc\"\r\n\r\n";
$body .= $signature."\r\n\r\n";
$body .= "--{$message->getBoundary()}--";

$message->setBody($body);

Expand Down Expand Up @@ -261,24 +256,18 @@ public function signMessage(Swift_Message $message)
'boundary' => $message->getBoundary()
]);

$body = <<<EOT
This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
--{$message->getBoundary()}
Content-Type: application/pgp-encrypted
Content-Description: PGP/MIME version identification
Version: 1
--{$message->getBoundary()}
Content-Type: application/octet-stream; name="encrypted.asc"
Content-Description: OpenPGP encrypted message
Content-Disposition: inline; filename="encrypted.asc"
$encryptedBody
--{$message->getBoundary()}--
EOT;
// Fixes DKIM signature incorrect body hash for custom domains
$body = "This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)\r\n\r\n";
$body .= "--{$message->getBoundary()}\r\n";
$body .= "Content-Type: application/pgp-encrypted\r\n";
$body .= "Content-Description: PGP/MIME version identification\r\n\r\n";
$body .= "Version: 1\r\n\r\n";
$body .= "--{$message->getBoundary()}\r\n";
$body .= "Content-Type: application/octet-stream; name=\"encrypted.asc\"\r\n";
$body .= "Content-Description: OpenPGP encrypted message\r\n";
$body .= "Content-Disposition: inline; filename=\"encrypted.asc\"\r\n\r\n";
$body .= $encryptedBody."\r\n\r\n";
$body .= "--{$message->getBoundary()}--";

$message->setBody($body);
}
Expand Down
19 changes: 14 additions & 5 deletions app/Mail/ForwardEmail.php
Original file line number Diff line number Diff line change
Expand Up @@ -44,9 +44,6 @@ class ForwardEmail extends Mailable implements ShouldQueue
*/
public function __construct(Alias $alias, EmailData $emailData, Recipient $recipient)
{
$this->encryptedParts = $emailData->encryptedParts ?? null;
$fingerprint = $recipient->should_encrypt && !$this->encryptedParts ? $recipient->fingerprint : null;

$this->user = $alias->user;
$this->alias = $alias;
$this->sender = $emailData->sender;
Expand All @@ -57,7 +54,12 @@ public function __construct(Alias $alias, EmailData $emailData, Recipient $recip
$this->emailHtml = $emailData->html;
$this->emailAttachments = $emailData->attachments;
$this->deactivateUrl = URL::signedRoute('deactivate', ['alias' => $alias->id]);
$this->bannerLocation = $this->alias->user->banner_location;

$this->encryptedParts = $emailData->encryptedParts ?? null;

$fingerprint = $recipient->should_encrypt && !$this->isAlreadyEncrypted() ? $recipient->fingerprint : null;

$this->bannerLocation = $this->isAlreadyEncrypted() ? 'off' : $this->alias->user->banner_location;

if ($this->fingerprint = $fingerprint) {
try {
Expand Down Expand Up @@ -131,7 +133,9 @@ public function build()

if ($this->openpgpsigner) {
$message->attachSigner($this->openpgpsigner);
} elseif ($this->dkimSigner) { // TODO fix issue with failing DKIM signature if message is encrypted
}

if ($this->dkimSigner) {
$message->attachSigner($this->dkimSigner);
}
});
Expand All @@ -152,4 +156,9 @@ public function build()

return $email;
}

private function isAlreadyEncrypted()
{
return $this->encryptedParts || preg_match('/^-----BEGIN PGP MESSAGE-----([A-Za-z0-9+=\/\n]+)-----END PGP MESSAGE-----$/', base64_decode($this->emailText));
}
}
57 changes: 57 additions & 0 deletions tests/emails/email_inline_encrypted.eml
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
Date: Wed, 20 Feb 2019 15:00:00 +0100 (CET)
From: Will <[email protected]>
To: <[email protected]>
Subject: Test Email
Content-Type: multipart/mixed; boundary="----=_Part_10031_1199410393.1550677940425"

------=_Part_10031_1199410393.1550677940425
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit

<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<pre>
-----BEGIN PGP MESSAGE-----

hQGMA61U1XgYVZGqAQwAvxPrShPyuRv/cjTQlEfFDfkVCatT/QC89e2IShMX8bDa
UUx0tRlHHmEauZYOlM+DeBdD6je9KMEWm8hkBBoDMZVzBdjCWJUwVN9FyRV7YuHV
EPgnEt6Z1gKCI4WqdXX+5CaVy6FP8ebNIUZaMzTodV9oCbPMxC9U47aV8YdfoUJB
erae096R+S8aXWfUr2Xip0cUaBXPXVILLq0tmbi9w5mmXGbYEJPEg4hM9gfRA1uu
nFm7t74te66ELbW4mwYnfIhHKXQNkFfZT+yKjFp0k6QnkII390E0TfHjBW8B/4li
tOT/xfbxfEyWt7K4NPOd29Bx+iF+EMUhT+E+FgH9QfVzosM79pYZkPrtUVbyLFkl
R/s7jlauoFGYqFngNupQmjvEIi5wcIqM/4edlYxWSxRGuL8wl+OFnWY5fs3aVu23
xbmLVNjr+rp6eMlBhV2LQcA+Y6JAA3xWrEXkTpLMeI8NNAPGO5BuFJD74YJ6NXag
PYDgwd2jtrY6uYQqb7jT0lQBx6sVv2ee5nn+GNSz9IlHPt5+RyGxytuyT1vCkqQS
vFUqKZ2Cgih08CpiIw9QO2J7tieoNP39TsN/PLdNNLZiugwJFGi32S7jh/C692Eo
fcVyc/Q=
=StNi
-----END PGP MESSAGE-----
</pre>
</body>
</html>


------=_Part_10031_1199410393.1550677940425
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
-----BEGIN PGP MESSAGE-----

hQGMA61U1XgYVZGqAQwAvxPrShPyuRv/cjTQlEfFDfkVCatT/QC89e2IShMX8bDa
UUx0tRlHHmEauZYOlM+DeBdD6je9KMEWm8hkBBoDMZVzBdjCWJUwVN9FyRV7YuHV
EPgnEt6Z1gKCI4WqdXX+5CaVy6FP8ebNIUZaMzTodV9oCbPMxC9U47aV8YdfoUJB
erae096R+S8aXWfUr2Xip0cUaBXPXVILLq0tmbi9w5mmXGbYEJPEg4hM9gfRA1uu
nFm7t74te66ELbW4mwYnfIhHKXQNkFfZT+yKjFp0k6QnkII390E0TfHjBW8B/4li
tOT/xfbxfEyWt7K4NPOd29Bx+iF+EMUhT+E+FgH9QfVzosM79pYZkPrtUVbyLFkl
R/s7jlauoFGYqFngNupQmjvEIi5wcIqM/4edlYxWSxRGuL8wl+OFnWY5fs3aVu23
xbmLVNjr+rp6eMlBhV2LQcA+Y6JAA3xWrEXkTpLMeI8NNAPGO5BuFJD74YJ6NXag
PYDgwd2jtrY6uYQqb7jT0lQBx6sVv2ee5nn+GNSz9IlHPt5+RyGxytuyT1vCkqQS
vFUqKZ2Cgih08CpiIw9QO2J7tieoNP39TsN/PLdNNLZiugwJFGi32S7jh/C692Eo
fcVyc/Q=
=StNi
-----END PGP MESSAGE-----

------=_Part_10031_1199410393.1550677940425--
45 changes: 12 additions & 33 deletions tests/emails/email_reply_encrypted.eml
Original file line number Diff line number Diff line change
Expand Up @@ -19,39 +19,18 @@ Content-Disposition: inline; filename="encrypted.asc"
-----BEGIN PGP MESSAGE-----

hQGMA61U1XgYVZGqAQv7BbzB8NkO1UipXAKUIFodEuCnFJhRJDkmM8mXUTp89MJt
je0c8StVIwbqE56tx6Bl5e9pfiRslGhXd6C+Gxj2rmKC2vZ85gHi3ozZ9XzYzN2b
hYIxlNNTOBzrblq9ihxwXe1dLgUm+IsFIPuQLnpGfzWjDsHgTjEOeZ+dL626z4oe
JcngimUWvGyrvMAiCdfbWYSacrC9z3NPCczpKe8g/CqbyP/4G7po8Ncm1onEz3pz
DzwkLmiHrUq9xk72GXcqpXtY3J5ZgPwR0sX8pz9Im6p+5vP54mj2SPuK+PfZWiR8
7kY2Gv6KjK7Mbn9hYgeNJKAMwM/4oq9d0NWipdguEL2QcMeXmmOu3r8stsilaisu
spqsJYQTxeE7VBWc+6qsW0JrSgq2F00IfOXA0oWWfaprFO+NS/tsQorh4gzu6Php
QVHRR5fRoI9nNxnM6NQWu6KfgHnSuWkwEuX3P0RoCkNxd4BjezQ72SHxj0rNTFUU
eqa4DAmL6raOK9MmVp6phQGMA0sUUxmvUIjDAQv/Z2MAv/1bN+c9oNseeGzfjwPt
6l3V9o1Y8NDpRc6cGcN36+1ZQrTdZK4UmmhXFP6DrdZFAh6RIpfN1qbkPTnt7pJ1
OH5OYvP86MPKSM7XkpJm37mJYs62ueRO2mB4eDharHzAa3d8uPfn28eKNnJkIU/H
yuz+pGl2z7M64ZEklimwIiNn+8/CWLq7+xGE7ULq6sLK4DG308KsjUhMuRT6uRmz
lBGVXHhbuHorFMIyNlSZL4fKE7N2r0uUsK4DpdJiPcUFBUFqtlhxXR1oqjmNjRUe
UWnf7i9Gw3r27o09B1FutZBD8xkN54EPXwLOJ4Xl3N1NseqgDDXMGbSGmUoEMSQh
weEOhnw+JmIvU8cbk6U0uQsCxHeWvujkfcSKEo+p4hr/Oa6EbaCFyiQ4HLJ5Oi5/
VvRi42IRrW3Pd3nuMqSqp0NvJm/DgarEy4sXWZyLAPdDMDXtxHKudMlRLIXpT3a5
jHwMrhyP/KnjQeWAn77fbdOc6HDHFXzdo1Koo/Ww0ukBh4P4IXQJRphYPGigGTuN
C+ur/9qxQ3vjRBUmxxlW0xWZyNgQo+Gb7CCrBo1KBuUwMDRmmFf29Rr9UxxKManV
1U75OJs90i5ESN824o27pslSz5wwLH9QzETENxZIPaQ1RG/AsfdIAiGrXdaRoZLv
wjm8TNlDr1ITjwyREfLYOvg/YXxkOePh1iM7aLSNvLc76yVFZ8+MmsFOaAc13OvC
qbWMnkLYZit4RSsb5N5OomqFVoPqHOxdUHpoQZhPzV3AQD0D/zBoynzPo3Np5xPm
/a+NwpGjrdT+dQw9YiUGeDsPrIw1XPcRNQkYyVtIvGC+tUO9+4H5/fsequ24cr2j
TnMjd5SPJycqFf+sarwM/+hayH0bCq8F66Voie6/VMxUq7r++4UpEUlj4EU8El1B
O5IoLn26P+ec+Foo5uTaX/NUh71hQ23T9IX4aclkPOwwUydBlnWJu3ILE6fGH3Q9
vSbMvQ9+HO8sHTogNWiVHkSM6jTgM3N6L7Gdie6h0ozN/ZAa1WCzZIgKm4ROST1O
E8vmpl4M8ixZpw2B1Auglei6CJ7tNXGEaKsrJOhzIOA4b/3eiCreHaDdvvVWCn26
rQJYoUtItuvB3EbaeTTtA0BIOcM3My0pUuhD3OcUEQ0oYsG6UdrUastWWYY45fsW
sqH0ElKz8Aa7nwIvwQsMTMAI3YMctI83r6xu3Bc2eZ21/BqDdB21zdjh1bQYN+Sm
1bFnfDjE+WDHO0AX7F8vPqZ2nAmoX+OYBhyAnTg+Kac3p7cDouIvSd5vnEBJeAGh
2PE0BywLEiK2LQeOXlwQNNfxY3T4QaDrOaSxALr1EFKa3BlH9kU4PXt+vx0gch9p
vpmU721CP95vKWKMaJvpmlK8i2BOeCYC/+oEf7CwFYcIzlpWhZNGajADc9W4XsHo
z/x1RGWQTcq5LANBKBUoYQqiScidMstiSX0=
=3dtw
hQGMA61U1XgYVZGqAQwAvxPrShPyuRv/cjTQlEfFDfkVCatT/QC89e2IShMX8bDa
UUx0tRlHHmEauZYOlM+DeBdD6je9KMEWm8hkBBoDMZVzBdjCWJUwVN9FyRV7YuHV
EPgnEt6Z1gKCI4WqdXX+5CaVy6FP8ebNIUZaMzTodV9oCbPMxC9U47aV8YdfoUJB
erae096R+S8aXWfUr2Xip0cUaBXPXVILLq0tmbi9w5mmXGbYEJPEg4hM9gfRA1uu
nFm7t74te66ELbW4mwYnfIhHKXQNkFfZT+yKjFp0k6QnkII390E0TfHjBW8B/4li
tOT/xfbxfEyWt7K4NPOd29Bx+iF+EMUhT+E+FgH9QfVzosM79pYZkPrtUVbyLFkl
R/s7jlauoFGYqFngNupQmjvEIi5wcIqM/4edlYxWSxRGuL8wl+OFnWY5fs3aVu23
xbmLVNjr+rp6eMlBhV2LQcA+Y6JAA3xWrEXkTpLMeI8NNAPGO5BuFJD74YJ6NXag
PYDgwd2jtrY6uYQqb7jT0lQBx6sVv2ee5nn+GNSz9IlHPt5+RyGxytuyT1vCkqQS
vFUqKZ2Cgih08CpiIw9QO2J7tieoNP39TsN/PLdNNLZiugwJFGi32S7jh/C692Eo
fcVyc/Q=
=StNi
-----END PGP MESSAGE-----

------=_Part_10031_1199410393.1550677940425--

0 comments on commit 3056f5a

Please sign in to comment.