Skip to content

Per request sign algorithm (A part of issue #6)#202

Open
futatuki wants to merge 4 commits intotrusteddomainproject:developfrom
futatuki:per-request-sign-algorithm
Open

Per request sign algorithm (A part of issue #6)#202
futatuki wants to merge 4 commits intotrusteddomainproject:developfrom
futatuki:per-request-sign-algorithm

Conversation

@futatuki
Copy link

@futatuki futatuki commented Mar 1, 2024
edited
Loading

This extends KeyTable value fields as the issue comment #6 (comment) said.

With an extended KeyTable and lua script, I could confirm that the milter can both rsa-sha256 and ed25519-sha256 signature.

(Edit)
Now, this PR depends on PR #207 for conversion table for dkim_alg_t and dkim_canon_t (but not including those commits).

@futatuki
Copy link
Author

futatuki commented Mar 1, 2024

I didn't care opendkim-testkey, so I'll update it later.

@futatuki
Copy link
Author

futatuki commented Mar 3, 2024

I didn't care opendkim-testkey, so I'll update it later.

Done. However library function dkim_test_key() does not support ed25519 keys, so opendkim-testkey still reports "keys do not match" at ed25519 key entry.

@futatuki
Copy link
Author

futatuki commented Mar 3, 2024

As commit message of commit 2fb3b18 is wrong, rebase latest 2 commit.

@futatuki futatuki force-pushed the per-request-sign-algorithm branch from 0abd128 to 5c47d2c Compare March 3, 2024 04:19
@futatuki
Copy link
Author

futatuki commented Mar 3, 2024

As commit message of commit 2fb3b18 is wrong, rebase latest 2 commit.

Done.

@futatuki
Copy link
Author

futatuki commented Mar 9, 2024

I separated lookup functions and tables from opendkim/opendkim.c into opendkim/opendkim-const.c because opendkim/opendkim-testkey.c uses conversion from sign algorithm string to sign algorithm internal code.

However I found it has been provided in libopendkim/dkim-tables.h, so I'll remove last 2 commit and I'll use dkim_name_to_code in opendkim/opendkim-testkey.c.

I think lookups for dkimf_canon and dkimf_sign in opendkim/opendkim.c should also use dkim_name_to_code or dkim_code_to_name with canonicalizations table and algorithms, but it is another issue.

@futatuki futatuki marked this pull request as draft March 9, 2024 18:42
@futatuki
Copy link
Author

futatuki commented Mar 10, 2024

It turned out that all nametable s which should be used with dkim_code_to_name() or dkim_name_to_code() are all not exposed outside of the library because of their name, while the functions are exposed.

I believe those nametables are worth exposed. Also, there is no bad side effect if names of the tables are renamed by adding prefix 'dkim_', because all macros in the tables are already exposed.

futatuki added 3 commits March 23, 2024 14:58
@futatuki
Extend KeyTable value field so that store sign algorithm in the 4th f…
2b84a15 
…ield

* opendkim/opendkim.c
  (): Add forward declaration for dkimf_lookup_strtoint
  (dkimf_add_signrequest): Extract sign algorithm from 4th field in key
   table and set it in the sign request.
  (dkimf_config_load): Allow 4th field in key table value.
@futatuki
opendkim-testkey: Support sign algorithm field in KeyTable
6e75699
@futatuki
Update manual of opendkim.conf and RELEASE_NOTE for KeyTable extension
a05fead
futatuki added a commit to futatuki/OpenDKIM that referenced this pull request Mar 23, 2024
@futatuki
Merge pull request trusteddomainproject#202 from futatuki/per-request…
23ade73 
…-sign-algorithm
@futatuki futatuki force-pushed the per-request-sign-algorithm branch from 5c47d2c to a05fead Compare March 23, 2024 08:08
@futatuki futatuki marked this pull request as ready for review March 23, 2024 08:13
@futatuki
Copy link
Author

futatuki commented Mar 23, 2024

Now, it uses lookup table for dkim_alg_t and dkim_canon_t in libopendkim (by using PR #207).

futatuki added a commit to futatuki/OpenDKIM that referenced this pull request Mar 24, 2024
@futatuki
Merge pull request trusteddomainproject#202 from futatuki/per-request…
6151def 
…-sign-algorithm
@futatuki futatuki mentioned this pull request Mar 24, 2024
Open
futatuki added a commit to futatuki/OpenDKIM that referenced this pull request Apr 9, 2024
@futatuki
Merge pull request trusteddomainproject#202 from futatuki/per-request…
daf493a 
…-sign-algorithm
futatuki added a commit to futatuki/OpenDKIM that referenced this pull request Apr 26, 2024
@futatuki
Merge pull request trusteddomainproject#202 from futatuki/per-request…
81ef296 
…-sign-algorithm

Extend KeyTable to hold optionally signing algorithm per key entry.
futatuki added a commit to futatuki/OpenDKIM that referenced this pull request Apr 26, 2024
@futatuki
RELEASE_NOTES: Record PR number on the entry for PR trusteddomainproj…
1736830 
…ect#207 and PR trusteddomainproject#202
@futatuki futatuki changed the title Per request sign algorithm (A pert of issue #6) Per request sign algorithm (A part of issue #6) Jun 21, 2024
@SilmorSenedlen
Copy link

SilmorSenedlen commented Oct 20, 2025

Good day
Is there any further progress or OpenDKIM project no longer being developed?..

@futatuki
Copy link
Author

futatuki commented Oct 20, 2025
edited
Loading

At least there is no progress in my side, stuck during estimatiting related PR #243 - #246 (on my branch).

@SilmorSenedlen
Copy link

SilmorSenedlen commented Oct 20, 2025

@futatuki
That's a pity, but thanks for clarification.

Will try dkimpy-milter, as I understand by mentions in neighbouring issues, its support dual-signing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@futatuki @SilmorSenedlen