File Coverage

blib/lib/Mail/DKIM/ARC/Verifier.pm

Criterion	Covered	Total	%
statement	269	303	88.7
branch	102	134	76.1
condition	48	71	67.6
subroutine	16	17	94.1
pod	2	9	22.2
total	437	534	81.8

line	stmt	bran	cond	sub	pod	time	code
1							package Mail::DKIM::ARC::Verifier;
2	2			2		1119	use strict;
	2					13
	2					59
3	2			2		11	use warnings;
	2					3
	2					83
4							our $VERSION = '1.20230911'; # VERSION
5							# ABSTRACT: verifies an ARC-Sealed message
6
7							# Copyright 2017 FastMail Pty Ltd. All Rights Reserved.
8							# Bron Gondwana
9
10							# This program is free software; you can redistribute it and/or
11							# modify it under the same terms as Perl itself.
12
13
14
15	2			2		12	use base 'Mail::DKIM::Common';
	2					4
	2					186
16	2			2		15	use Mail::DKIM::ARC::MessageSignature;
	2					7
	2					38
17	2			2		10	use Mail::DKIM::ARC::Seal;
	2					4
	2					112
18	2			2		15	use Mail::Address;
	2					6
	2					35
19	2			2		9	use Carp;
	2					5
	2					6056
20							our $MAX_SIGNATURES_TO_PROCESS = 50;
21
22							sub init {
23	168			168	0	286	my $self = shift;
24	168					556	$self->SUPER::init;
25	168					299	$self->{signatures} = [];
26	168					511	$self->{result} = undef; # we're done once this is set
27							}
28
29							# @{$arc->{signatures}}
30							# array of L objects, representing all
31							# parseable message signatures and seals found in the header,
32							# ordered from the top of the header to the bottom.
33							#
34							# $arc->{signature_reject_reason}
35							# simple string listing a reason, if any, for not using a signature.
36							# This may be a helpful diagnostic if there is a signature in the header,
37							# but was found not to be valid. It will be ambiguous if there are more
38							# than one signatures that could not be used.
39							#
40							# @{$arc->{headers}}
41							# array of strings, each member is one header, in its original format.
42							#
43							# $arc->{algorithms}
44							# array of algorithms, one for each signature being verified.
45							#
46							# $arc->{result}
47							# string; the result of the verification (see the result() method)
48							#
49
50							sub handle_header {
51	2408			2408	0	3442	my $self = shift;
52	2408					4429	my ( $field_name, $contents, $line ) = @_;
53
54	2408					6114	$self->SUPER::handle_header( $field_name, $contents );
55
56	2408	100				5309	if ( lc($field_name) eq 'arc-message-signature' ) {
57							eval {
58	189					602	local $SIG{__DIE__};
59	189					619	my $signature = Mail::DKIM::ARC::MessageSignature->parse($line);
60	188					598	$self->add_signature($signature);
61	187					889	1
62	189	100				458	} \|\| do {
63
64							# the only reason an error should be thrown is if the
65							# signature really is unparse-able
66
67							# otherwise, invalid signatures are caught in finish_header()
68
69	2					15	chomp( my $E = $@ );
70	2					7	$self->{signature_reject_reason} = $E;
71							};
72							}
73
74	2408	100				5963	if ( lc($field_name) eq 'arc-seal' ) {
75							eval {
76	188					691	local $SIG{__DIE__};
77	188					680	my $signature = Mail::DKIM::ARC::Seal->parse($line);
78	188					587	$self->add_signature($signature);
79	187					1174	1
80	188	100				655	} \|\| do {
81
82							# the only reason an error should be thrown is if the
83							# signature really is unparse-able
84
85							# otherwise, invalid signatures are caught in finish_header()
86
87	1					4	chomp( my $E = $@ );
88	1					5	$self->{signature_reject_reason} = $E;
89							};
90							}
91
92							}
93
94							sub add_signature {
95	376			376	0	713	my ( $self, $signature ) = @_;
96	376	50				821	croak 'wrong number of arguments' unless ( @_ == 2 );
97
98	376	100				837	return if $self->{result}; # already failed
99
100	364					553	push @{ $self->{signatures} }, $signature;
	364					722
101
102	364	100				847	unless ( $self->check_signature($signature) ) {
103	14					53	$signature->result( 'invalid', $self->{signature_reject_reason} );
104	14					29	return;
105							}
106
107							# signature looks ok, go ahead and query for the public key
108	350					952	$signature->fetch_public_key;
109
110							# create a canonicalization filter and algorithm
111	348					894	my $algorithm_class =
112							$signature->get_algorithm_class( $signature->algorithm );
113							my $algorithm = $algorithm_class->new(
114							Signature => $signature,
115							Debug_Canonicalization => $signature->isa('Mail::DKIM::ARC::Seal')
116							? $self->{AS_Canonicalization}
117							: $self->{AMS_Canonicalization},
118	348	100				2581	);
119
120							# push through the headers parsed prior to the signature header
121	348	50				1108	if ( $algorithm->wants_pre_signature_headers ) {
122
123							# Note: this will include the signature header that led to this
124							# "algorithm"...
125	348					543	foreach my $head ( @{ $self->{headers} } ) {
	348					1001
126	1036					1982	$algorithm->add_header($head);
127							}
128							}
129
130							# save the algorithm
131	348		50			869	$self->{algorithms} \|\|= [];
132	348					514	push @{ $self->{algorithms} }, $algorithm;
	348					635
133
134							# check for bogus tags (should be done much earlier but better late than never)
135							# tagkeys is uniq'd via a hash, rawtaglen counts all the tags
136	348					540	my @tagkeys = keys %{ $signature->{tags_by_name} };
	348					1484
137	348					546	my $rawtaglen = $#{ $signature->{tags} };
	348					646
138
139							# crock: ignore empty clause after trailing semicolon
140							$rawtaglen--
141	348	100				601	if $signature->{tags}->[ $#{ $signature->{tags} } ]->{raw} =~ /^\s*$/;
	348					1902
142
143							# duplicate tags
144	348	100				836	if ( $rawtaglen != $#tagkeys ) {
145	4					9	$self->{result} = 'fail'; # bogus
146	4					10	$self->{details} = 'Duplicate tag in signature';
147	4					10	return;
148							}
149
150							# invalid tag name
151	344	100				630	if ( grep { !m{[a-z][a-z0-9_]*}i } @tagkeys ) {
	2735					6790
152	2					18	$self->{result} = 'fail'; # bogus
153	2					8	$self->{details} = 'Invalid tag in signature';
154	2					6	return;
155							}
156
157	342	100				1568	if ( $signature->isa('Mail::DKIM::ARC::Seal') ) {
		50
158	176					228	my ($instance);
159	176		100			524	$instance = $signature->instance() \|\| '';
160
161	176	50	66			1267	if ( $instance !~ m{^\d+$} or $instance < 1 or $instance > 1024 ) {
			66
162	5					12	$self->{result} = 'fail'; # bogus
163	5					22	$self->{details} = sprintf "Invalid ARC-Seal instance '%s'",
164							$instance;
165	5					17	return;
166							}
167
168	171	100				511	if ( $self->{seals}[$instance] ) {
169	3					15	$self->{result} = 'fail'; # dup
170	3	50				16	if ( $signature eq $self->{seals}[$instance] ) {
171	0					0	$self->{details} = sprintf 'Duplicate ARC-Seal %d', $instance;
172							}
173							else {
174	3					19	$self->{details} = sprintf 'Redundant ARC-Seal %d', $instance;
175							}
176	3					42	return;
177							}
178
179	168					502	$self->{seals}[$instance] = $signature;
180							}
181							elsif ( $signature->isa('Mail::DKIM::ARC::MessageSignature') ) {
182	166		100			528	my $instance = $signature->instance() \|\| '';
183
184	166	50	66			1206	if ( $instance !~ m{^\d+$} or $instance < 1 or $instance > 1024 ) {
			66
185	4					9	$self->{result} = 'fail'; # bogus
186							$self->{details} =
187	4					17	sprintf "Invalid ARC-Message-Signature instance '%s'", $instance;
188	4					12	return;
189							}
190
191	162	100				505	if ( $self->{messages}[$instance] ) {
192	3					15	$self->{result} = 'fail'; # dup
193	3	50				16	if ( $signature->as_string() eq
194							$self->{messages}[$instance]->as_string() )
195							{
196	0					0	$self->{details} = sprintf 'Duplicate ARC-Message-Signature %d',
197							$instance;
198							}
199							else {
200	3					20	$self->{details} = sprintf 'Redundant ARC-Message-Signature %d',
201							$instance;
202							}
203	3					10	return;
204							}
205	159					505	$self->{messages}[$instance] = $signature;
206							}
207							}
208
209							sub check_signature {
210	364			364	0	577	my $self = shift;
211	364	50				788	croak 'wrong number of arguments' unless ( @_ == 1 );
212	364					617	my ($signature) = @_;
213
214	364	50				900	unless ( $signature->check_version ) {
215
216							# unsupported version
217	0	0				0	if ( defined $signature->version ) {
218							$self->{signature_reject_reason} =
219	0					0	'unsupported version ' . $signature->version;
220							}
221							else {
222	0					0	$self->{signature_reject_reason} = 'missing v tag';
223							}
224	0					0	return 0;
225							}
226
227	364	100	100			840	unless ( $signature->algorithm
			33
			66
228							&& $signature->get_algorithm_class( $signature->algorithm )
229							&& ( !$self->{Strict} \|\| $signature->algorithm ne 'rsa-sha1' )
230							) # no more SHA1 for us in strict mode
231							{
232							# unsupported algorithm
233	6					17	$self->{signature_reject_reason} = 'unsupported algorithm';
234	6	100				20	if ( defined $signature->algorithm ) {
235	4					15	$self->{signature_reject_reason} .= ' ' . $signature->algorithm;
236							}
237	6					21	return 0;
238							}
239
240	358	100				1143	unless ( $signature->check_canonicalization ) {
241
242							# unsupported canonicalization method
243	1					4	$self->{signature_reject_reason} = 'unsupported canonicalization';
244	1	50				4	if ( defined $signature->canonicalization ) {
245							$self->{signature_reject_reason} .=
246	1					4	' ' . $signature->canonicalization;
247							}
248	1					4	return 0;
249							}
250
251	357	50				845	unless ( $signature->check_protocol ) {
252
253							# unsupported query protocol
254							$self->{signature_reject_reason} =
255	0	0				0	!defined( $signature->protocol )
256							? 'missing q tag'
257							: 'unsupported query protocol, q=' . $signature->protocol;
258	0					0	return 0;
259							}
260
261	357	50				911	unless ( $signature->check_expiration ) {
262
263							# signature has expired
264	0					0	$self->{signature_reject_reason} = 'signature is expired';
265	0					0	return 0;
266							}
267
268	357	100				774	unless ( defined $signature->domain ) {
269
270							# no domain specified
271	2					7	$self->{signature_reject_reason} = 'missing d tag';
272	2					8	return 0;
273							}
274
275	355	100				779	if ( $signature->domain eq '' ) {
276
277							# blank domain
278	2					6	$self->{signature_reject_reason} = 'invalid domain in d tag';
279	2					8	return 0;
280							}
281
282	353	100				870	unless ( defined $signature->selector ) {
283
284							# no selector specified
285	3					11	$self->{signature_reject_reason} = 'missing s tag';
286	3					9	return 0;
287							}
288
289	350					861	return 1;
290							}
291
292							sub check_public_key {
293	295			295	0	553	my $self = shift;
294	295	50				707	croak 'wrong number of arguments' unless ( @_ == 2 );
295	295					527	my ( $signature, $public_key ) = @_;
296
297	295					438	my $result = 0;
298							eval {
299	295					975	local $SIG{__DIE__};
300	295					505	$@ = undef;
301
302							# HACK- I'm indecisive here about whether I want the
303							# check_foo functions to return false or to "die"
304							# on failure
305
306							# check public key's allowed hash algorithms
307	295					774	$result =
308							$public_key->check_hash_algorithm( $signature->hash_algorithm );
309
310							# HACK- DomainKeys signatures are allowed to have an empty g=
311							# tag in the public key
312							# my $empty_g_means_wildcard = $signature->isa('Mail::DKIM::DkSignature');
313
314							# check public key's granularity
315	295		33			1208	$result &&= $public_key->check_granularity( $signature->domain, 0 );
316
317							# $signature->instance, $empty_g_means_wildcard);
318
319	295	50				621	die $@ if $@;
320	295					1043	1
321	295	50				519	} \|\| do {
322	0					0	my $E = $@;
323	0					0	chomp $E;
324	0					0	$self->{signature_reject_reason} = "public key: $E";
325							};
326	295					751	return $result;
327							}
328
329							#
330							# called when the verifier has received the last of the message headers
331							# (body is still to come)
332							#
333							sub finish_header {
334	168			168	0	274	my $self = shift;
335
336							# Signatures we found and were successfully parsed are stored in
337							# $self->{signatures}. If none were found, our result is "none".
338
339	168	100	66			606	if ( @{ $self->{signatures} } == 0
	168					564
340							&& !defined( $self->{signature_reject_reason} ) )
341							{
342	5					11	$self->{result} = 'none';
343	5					12	return;
344							}
345
346							# check for duplicate AAR headers (dup AS and AMS checked in add_signature)
347	163					380	my @aars = [];
348	163					249	foreach my $hdr ( @{ $self->{headers} } ) {
	163					379
349	2366	100				6699	if ( my ($i) = $hdr =~ m{ARC-Authentication-Results:\si=(\d+)\s;}i ) {
350	180	100				464	if ( defined $aars[$i] ) {
351	2					4	$self->{result} = 'fail';
352							$self->{details} =
353	2					9	"Duplicate ARC-Authentication-Results header $1";
354	2					7	return;
355							}
356	178					395	$aars[$i] = $hdr;
357							}
358							}
359
360	161					265	foreach my $algorithm ( @{ $self->{algorithms} } ) {
	161					360
361							$algorithm->finish_header(
362							Headers => $self->{headers},
363	344					1040	Chain => 'pass'
364							);
365							}
366
367							# stop processing signatures that are already known to be invalid
368	161					461	@{ $self->{algorithms} } = grep {
369	344					807	my $sig = $_->signature;
370	344		33			811	!( $sig->result && $sig->result eq 'invalid' );
371	161					301	} @{ $self->{algorithms} };
	161					402
372
373	161	50	33			236	if ( @{ $self->{algorithms} } == 0
	161					745
374	0					0	&& @{ $self->{signatures} } > 0 )
375							{
376	0		0			0	$self->{result} = $self->{signatures}->[0]->result \|\| 'invalid';
377							$self->{details} = $self->{signatures}->[0]->{verify_details}
378	0		0			0	\|\| $self->{signature_reject_reason};
379	0					0	return;
380							}
381							}
382
383							sub _check_and_verify_signature {
384	306			306		504	my $self = shift;
385	306					571	my ($algorithm) = @_;
386
387							# check signature
388	306					726	my $signature = $algorithm->signature;
389
390	306	50				739	if ( not $signature->get_tag('d') ) { # All sigs must have a D tag
391	0					0	$self->{signature_reject_reason} = 'missing D tag';
392	0					0	return ( 'fail', $self->{signature_reject_reason} );
393							}
394
395	306	100				661	if ( not $signature->get_tag('b') ) { # All sigs must have a B tag
396	4					23	$self->{signature_reject_reason} = 'missing B tag';
397	4					17	return ( 'fail', $self->{signature_reject_reason} );
398							}
399
400	302	100				1313	if ( not $signature->isa('Mail::DKIM::ARC::Seal') ) { # AMS tests
401	151	100				356	unless ( $signature->get_tag('bh') ) { # AMS must have a BH tag
402	2					11	$self->{signature_reject_reason} = 'missing BH tag';
403	2					7	return ( 'fail', $self->{signature_reject_reason} );
404							}
405	149	100	100			345	if ( ( $signature->get_tag('h') \|\| '' ) =~ /arc-seal/i )
406							{ # cannot cover AS
407							$self->{signature_reject_reason} =
408	1					6	'Arc-Message-Signature covers Arc-Seal';
409	1					5	return ( 'fail', $self->{signature_reject_reason} );
410							}
411							}
412
413							# AMS signature must not
414
415							# get public key
416	299					463	my $pkey;
417							eval {
418	299					1054	local $SIG{__DIE__};
419	299					880	$pkey = $signature->get_public_key;
420	295					1278	1
421	299	100				461	} \|\| do {
422	4					14	my $E = $@;
423	4					11	chomp $E;
424	4					13	$self->{signature_reject_reason} = "public key: $E";
425	4					19	return ( 'invalid', $self->{signature_reject_reason} );
426							};
427
428	295	50				855	unless ( $self->check_public_key( $signature, $pkey ) ) {
429	0					0	return ( 'invalid', $self->{signature_reject_reason} );
430							}
431
432							# make sure key is big enough
433	295					791	my $keysize = $pkey->cork->size * 8; # in bits
434	295	50	66			654	if ( $keysize < 1024 && $self->{Strict} ) {
435	2					10	$self->{signature_reject_reason} = "Key length $keysize too short";
436	2					7	return ( 'fail', $self->{signature_reject_reason} );
437							}
438
439							# verify signature
440	293					438	my $result;
441							my $details;
442	293					503	local $@ = undef;
443							eval {
444	293					776	local $SIG{__DIE__};
445	293	100				958	$result = $algorithm->verify() ? 'pass' : 'fail';
446	287		100			998	$details = $algorithm->{verification_details} \|\| $@;
447	287					1152	1
448	293	100				520	} \|\| do {
449
450							# see also add_signature
451	6					26	chomp( my $E = $@ );
452	6	50				67	if ( $E =~ /(OpenSSL error: .*?) at / ) {
		0
453	6					26	$E = $1;
454							}
455							elsif ( $E =~ /^(panic:.*?) at / ) {
456	0					0	$E = "OpenSSL $1";
457							}
458	6					12	$result = 'fail';
459	6					13	$details = $E;
460							};
461	293					992	return ( $result, $details );
462							}
463
464							sub finish_body {
465	168			168	0	334	my $self = shift;
466
467	168	100				454	return if $self->{result}; # already failed
468
469	140					205	foreach my $algorithm ( @{ $self->{algorithms} } ) {
	140					292
470
471							# finish canonicalizing
472	306					862	$algorithm->finish_body;
473
474	306					939	my ( $result, $details ) =
475							$self->_check_and_verify_signature($algorithm);
476
477							# save the results of this signature verification
478	306					698	$algorithm->{result} = $result;
479	306					625	$algorithm->{details} = $details;
480	306		66			947	$self->{signature} \|\|= $algorithm->signature; # something if we fail
481	306					698	$algorithm->signature->result( $result, $details );
482							}
483
484	140		100			474	my $seals = $self->{seals} \|\| [];
485	140		100			335	my $messages = $self->{messages} \|\| [];
486	140	50	66			414	unless ( @$seals or @$messages ) {
487	0					0	$self->{result} = 'none';
488	0					0	$self->{details} = 'no ARC headers found';
489	0					0	return;
490							}
491
492							# determine if it's valid:
493							# 5.1.1.5. Determining the 'cv' Tag Value for ARC-Seal
494
495							# In order for a series of ARC sets to be considered valid, the
496							# following statements MUST be satisfied:
497
498							# 1. The chain of ARC sets must have structural integrity (no sets or
499							# set component header fields missing, no duplicates, excessive
500							# hops (cf. Section 5.1.1.1.1), etc.);
501
502	140	50				318	if ( $#$seals == 0 ) {
503	0					0	$self->{result} = 'fail';
504	0					0	$self->{details} = 'missing ARC-Seal 1';
505	0					0	return;
506							}
507	140	50				336	if ( $#$messages == 0 ) {
508	0					0	$self->{result} = 'fail';
509	0					0	$self->{details} = 'missing ARC-Message-Signature 1';
510	0					0	return;
511							}
512
513	140	100				340	if ( $#$messages > $#$seals ) {
514	11					24	$self->{result} = 'fail';
515	11					39	$self->{details} = 'missing Arc-Seal ' . $#$messages;
516	11					40	return;
517							}
518
519	129					381	foreach my $i ( 1 .. $#$seals ) {
520
521							# XXX - we should error if it's already present, but that's done above if at all
522	152	100				356	if ( !$seals->[$i] ) {
523	1					3	$self->{result} = 'fail';
524	1					5	$self->{details} = "missing ARC-Seal $i";
525	1					4	return;
526							}
527	151	100				359	if ( !$messages->[$i] ) {
528	12					30	$self->{result} = 'fail';
529	12					37	$self->{details} = "missing ARC-Message-Signature $i";
530	12					42	return;
531							}
532							}
533
534							# 2. All ARC-Seal header fields MUST validate;
535	116					243	foreach my $i ( 1 .. $#$seals ) {
536	137					445	my $result = $seals->[$i]->result();
537	137	100				358	if ( $result ne 'pass' ) {
538	38					113	$self->{signature} = $seals->[$i]->signature;
539	38					82	$self->{result} = $result;
540	38					101	$self->{details} = $seals->[$i]->result_detail();
541	38					133	return;
542							}
543							}
544
545							# 3. All ARC-Seal header fields MUST have a chain value (cv=) status
546							# of "pass" (except the first which MUST be "none"); and
547	78					218	my $cv = $seals->[1]->get_tag('cv');
548	78	100	100			374	if ( !defined $cv or $cv ne 'none' ) {
549	7					62	$self->{signature} = $seals->[1]->signature;
550	7					21	$self->{result} = 'fail';
551	7					16	$self->{details} = 'first ARC-Seal must be cv=none';
552	7					24	return;
553							}
554	71					179	foreach my $i ( 2 .. $#$seals ) {
555	16					44	my $cv = $seals->[$i]->get_tag('cv');
556	16	100				48	if ( $cv ne 'pass' ) {
557	2					8	$self->{signature} = $seals->[$i]->signature;
558	2					7	$self->{result} = 'fail';
559	2					7	$self->{details} = "wrong cv for ARC-Seal i=$i";
560	2					7	return;
561							}
562							}
563
564							# 4. The newest (highest instance number (i=)) AMS header field MUST
565							# validate.
566	69					201	my $result = $messages->[$#$seals]->result();
567	69	100				171	if ( $result ne 'pass' ) {
568	16					96	$self->{signature} = $messages->[$#$seals]->signature;
569	16					38	$self->{result} = $result;
570	16					77	$self->{details} = $messages->[$#$seals]->result_detail();
571	16					49	return;
572							}
573
574							# Success!
575	53					154	$self->{signature} = $seals->[$#$seals]->signature();
576	53					127	$self->{result} = 'pass';
577	53					172	$self->{details} = $seals->[$#$seals]->result_detail();
578							}
579
580							sub result_detail {
581	168			168	1	598	my $self = shift;
582
583	168	100				395	return 'none' if $self->{result} eq 'none';
584
585	163					272	my @items;
586	163					231	foreach my $signature ( @{ $self->{signatures} } ) {
	163					380
587	364	50				967	my $type =
		100
588							ref($signature) eq 'Mail::DKIM::ARC::Seal' ? 'as'
589							: ref($signature) eq 'Mail::DKIM::ARC::MessageSignature' ? 'ams'
590							: ref($signature);
591	364		100			978	push @items,
			100
			100
592							"$type."
593							. ( $signature->instance() \|\| '' ) . '.'
594							. ( $signature->domain() \|\| '(none)' ) . '='
595							. ( $signature->result_detail() \|\| '?' );
596							}
597
598	163					744	return $self->{result} . ' (' . join( ', ', @items ) . ')';
599							}
600
601
602
603							sub signatures {
604	0			0	1		my $self = shift;
605	0	0					croak 'unexpected argument' if @_;
606
607	0						return @{ $self->{signatures} };
	0
608							}
609
610							1;
611
612							__END__