UNPKG

email-dkim

Version:

DomainKeys Identified Mail (DKIM)

github.com/p4rthk4/email-dkim

p4rthk4/email-dkim

114 lines (88 loc) 3.61 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
/** * Canonicalize the message header according to * methods defined in RFC[6376] * @memberOf DKIM * @param {Array<String>} headers - Each header is formatted as `<field>: <value>` * @param {Array} signHeaders * @param {String} method - (simple|relaxed) * @return {String} * @throws {Error} If canonicalization method is unsupported * @example * DKIM.processHeader( [ 'A: X', 'B : Y\t\r\n\tZ '], [ 'A' ], 'relaxed' ) */ function processHeader(headers, signHeaders, method) { if (typeof signHeaders === 'string') { method = signHeaders signHeaders = null } method = method || 'simple' if (method !== 'simple' && method !== 'relaxed') { throw new Error('Canonicalization method "' + method + '" not supported') } if (signHeaders != null) { // Clone this array so that newely added headers don't show up outsite this "processHeader" function // See https://tools.ietf.org/html/rfc5322#section-3.6 signHeaders = signHeaders.slice() signHeaders.push('DKIM-Signature') signHeaders.push('X-Google-DKIM-Signature') signHeaders = signHeaders.map(function (header) { return header.toLowerCase() }) // Remove duplicates // signHeaders = signHeaders.reduce((ac, val) => [...ac, ...ac.includes(val) ? [] : [val]], []) signHeaders = signHeaders.reduce(function (ac, val) { if (ac.indexOf(val) < 0) { ac.push(val) } return ac; }, []) // Sort elements of headers array using the "signHeaders" order var indexedHeaders = headers.map(function (header) { var key = header.slice(0, header.indexOf(':')).trim().toLowerCase() var idx = signHeaders.indexOf(key) return { idx, header } }) headers = indexedHeaders .filter(function (h) { return h.idx > -1 }) .sort(function (h1, h2) { return h1.idx - h2.idx }) .map(function (h) { return h.header }) // headers = headers.filter( function( header ) { // var key = header.slice( 0, header.indexOf( ':' ) ).trim().toLowerCase() // return signHeaders.indexOf( key ) !== -1 // }) } if (method === 'simple') { return headers.map((line, il) => { var colon = line.indexOf(':') var key = line.slice(0, colon).toLowerCase() if (/^(dkim-signature|x-google-dkim-signature)/i.test(key)) line = line.replace(/b=[^;]+;?/, 'b=') return line }).join('\r\n') } // TODO: Something's not right here... // relaxed signatures still don't verify if (method === 'relaxed') { return headers.map(function (line) { var colon = line.indexOf(':') var value = line.slice(colon) // Convert all header field names to lowercase var key = line.slice(0, colon).toLowerCase() // Unfold all header field continuation lines value = value.replace(/\r\n(?=[\x20\x09])/g, '') // Convert all sequences of one or more WSP characters to a single SP value = value.replace(/[\x20\x09]+/g, ' ') // Devare all WSP characters at the end of each unfolded header field value = value.replace(/[\x20\x09]+$/g, '') // Remove signature value for "dkim-signature" header if (/^(dkim-signature|x-google-dkim-signature)/i.test(key)) { value = value.replace(/ b=([^;]*)/, ' b=') } if (key === 'x-google-dkim-signature') { key = key.replace('x-google-dkim-signature', 'dkim-signature') } // Remove any WSP characters remaining before and after the colon return (key + value).replace(/[\x20\x09]*[:][\x20\x09]*/, ':') }).join('\r\n') } } module.exports = processHeader