PoC: DKIM verification

app/src/main/java/eu/faircode/email/MessageHelper.java

@@ -83,7 +83,12 @@ import java.net.URLDecoder;
 import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
 import java.nio.charset.UnsupportedCharsetException;
+import java.security.KeyFactory;
+import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.spec.X509EncodedKeySpec;
 import java.text.Normalizer;
 import java.text.ParsePosition;
 import java.util.ArrayList;
@@ -1871,6 +1876,219 @@ public class MessageHelper {
         return true;
     }
 
+    boolean verifyDKIM(Context context) throws MessagingException {
+        ensureHeaders();
+
+        // https://datatracker.ietf.org/doc/html/rfc6376/
+        String[] dkims = imessage.getHeader("DKIM-Signature");
+        if (dkims == null || dkims.length < 1)
+            return false;
+
+        Address[] from = getFrom();
+        if (from == null || from.length != 1 || !(from[0] instanceof InternetAddress))
+            return false;
+
+        String sender = ((InternetAddress) from[0]).getAddress();
+        String dsender = UriHelper.getEmailDomain(sender);
+        if (TextUtils.isEmpty(dsender))
+            return false;
+
+        boolean verified = false;
+        for (String dkim : dkims)
+            try {
+                String udkim = MimeUtility.unfold(dkim);
+                //String udkim = dkim.replaceAll("\\r?\\n[ \\t]", " ");
+                Log.i("DKIM " + udkim.replaceAll("\\r?\\n", "|"));
+                Map<String, String> kv = getKeyValues(udkim);
+
+                String v = kv.get("v"); // version
+                if (TextUtils.isEmpty(v))
+                    throw new IllegalArgumentException("DKIM v missing");
+                if (!"1".equals(v))
+                    throw new IllegalArgumentException("DKIM v invalid=" + v);
+
+                String a = kv.get("a"); // algorithm
+                if (TextUtils.isEmpty(a))
+                    throw new IllegalArgumentException("DKIM a missing");
+
+                String algo;
+                String hash;
+                String sign;
+                if ("rsa-sha1".equalsIgnoreCase(a)) {
+                    algo = "RSA";
+                    hash = "SHA-1";
+                    sign = "SHA1withRSA";
+                } else if ("rsa-sha256".equalsIgnoreCase(a)) {
+                    algo = "RSA";
+                    hash = "SHA-256";
+                    sign = "SHA256withRSA";
+                } else
+                    throw new IllegalArgumentException("DKIM a unsupported=" + a);
+
+                Log.i("DKIM algo=" + algo + " hash=" + hash + " sign=" + sign);
+
+                String q = kv.get("q");
+                if (!TextUtils.isEmpty(q) && !"dns/txt".equals(q))
+                    throw new IllegalArgumentException("DKIM q invalid=" + q);
+
+                String c = kv.get("c"); // canonicalization
+                if (TextUtils.isEmpty(c))
+                    throw new IllegalArgumentException("DKIM c missing");
+
+                String[] canon = c.split("/");
+                if (canon.length != 2)
+                    throw new IllegalArgumentException("DKIM c invalid=" + c);
+
+                String s = kv.get("s"); // selector
+                if (TextUtils.isEmpty(s))
+                    throw new IllegalArgumentException("DKIM s missing");
+
+                // TODO: check
+                // TODO: i
+                String d = kv.get("d"); // domain
+                if (TextUtils.isEmpty(d))
+                    throw new IllegalArgumentException("DKIM d missing");
+
+                if (!dsender.equalsIgnoreCase(d) && false) {
+                    Log.w("DKIM domain=" + dsender + "/" + d);
+                    continue;
+                }
+
+                // TODO: t
+
+                String h = kv.get("h"); // signed headers
+                if (TextUtils.isEmpty(h))
+                    throw new IllegalArgumentException("DKIM h missing");
+                h = h.replaceAll("\\s+", "");
+                Log.i("DKIM headers=" + h);
+
+                String bh = kv.get("bh"); // Body hash
+                if (TextUtils.isEmpty(bh))
+                    throw new IllegalArgumentException("DKIM bh missing");
+                bh = bh.replaceAll("\\s+", "");
+
+                String b = kv.get("b"); // signature
+                if (TextUtils.isEmpty(b))
+                    throw new IllegalArgumentException("DKIM b missing");
+
+                b = b.replaceAll("\\s+", "");
+                Log.i("DKIM signature=" + b);
+
+                // Lookup public key
+                String dns = s + "._domainkey." + d;
+                Log.i("DKIM lookup " + dns);
+                DnsHelper.DnsRecord[] records = DnsHelper.lookup(context, dns, "txt");
+                if (records.length == 0)
+                    throw new IllegalArgumentException("DKIM domain key missing");
+
+                Log.i("DKIM got " + records[0].name);
+                Map<String, String> dk = getKeyValues(records[0].name);
+
+                String p = dk.get("p");
+                if (TextUtils.isEmpty(p))
+                    throw new IllegalArgumentException("DKIM public key missing");
+
+                p = p.replaceAll("\\s+", "");
+                Log.i("DKIM pubkey=" + p);
+
+                // Build headers
+                List<String> names = new ArrayList<>();
+                for (String name : h.split(":"))
+                    if (!names.contains(name) && !"DKIM-Signature".equalsIgnoreCase(name))
+                        names.add(name);
+                names.add("DKIM-Signature");
+
+                StringBuilder headers = new StringBuilder();
+                for (String name : names) {
+                    String[] mh = ("DKIM-Signature".equals(name)
+                            ? new String[]{udkim}
+                            : imessage.getHeader(name));
+
+                    if (mh == null || mh.length == 0) {
+                        Log.w("DKIM header missing='" + name + "'");
+                        continue;
+                    }
+
+                    for (int i = mh.length - 1; i >= 0; i--) {
+                        String value = mh[i];
+                        if ("DKIM-Signature".equals(name)) {
+                            int idx = value.lastIndexOf("b=");
+                            if (idx < 0)
+                                throw new IllegalArgumentException("DKIM b missing");
+                            value = value.substring(0, idx + 2);
+                        }
+
+                        if ("simple".equals(canon[0]))
+                            headers.append(name).append(": ")
+                                    .append(value);
+                        else if ("relaxed".equals(canon[0])) {
+                            value = MimeUtility.unfold(value);
+                            headers.append(name.trim().toLowerCase()).append(':')
+                                    .append(value.replaceAll("\\s+", " ").trim());
+                        } else
+                            throw new IllegalArgumentException("DKIM header/c invalid=" + canon[0]);
+
+                        if (!"DKIM-Signature".equals(name))
+                            headers.append("\r\n");
+                    }
+                }
+                Log.i("DKIM hash=" + headers.toString().replaceAll("\\r?\\n", "|"));
+
+                // Get body
+                // TODO l
+                ByteArrayOutputStream bos = new ByteArrayOutputStream();
+                Helper.copy(imessage.getRawInputStream(), bos);
+                String body = bos.toString(StandardCharsets.UTF_8.name());
+
+                if ("simple".equals(canon[1])) {
+                    if (TextUtils.isEmpty(body))
+                        body = "\r\n";
+                    else if (!body.endsWith("\r\n"))
+                        body += "\r\n";
+                    else {
+                        while (body.endsWith("\r\n\r\n"))
+                            body = body.substring(0, body.length() - 2);
+                    }
+                } else if ("relaxed".equals(canon[1])) {
+                    if (TextUtils.isEmpty(body))
+                        body = "";
+                    else {
+                        body = body.replaceAll("[ \\t]+\r\n", "\r\n");
+                        body = body.replaceAll("[ \\t]+", " ");
+                        while (body.endsWith("\r\n\r\n"))
+                            body = body.substring(0, body.length() - 2);
+                        if ("\r\n".equals(body))
+                            body = "";
+                    }
+                } else
+                    throw new IllegalArgumentException("DKIM header/c invalid=" + canon[1]);
+
+                byte[] _lbh = MessageDigest.getInstance(hash).digest(body.getBytes(StandardCharsets.UTF_8.name()));
+                String lbh = Base64.encodeToString(_lbh, Base64.NO_WRAP);
+                if (!bh.equals(lbh))
+                    throw new IllegalArgumentException("DKIM bh invalid " + lbh + "/" + bh);
+
+                X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(Base64.decode(p, Base64.DEFAULT));
+                KeyFactory keyFactory = KeyFactory.getInstance(algo);
+                PublicKey pubKey = keyFactory.generatePublic(pubKeySpec);
+                Signature sig = Signature.getInstance(sign);
+                sig.initVerify(pubKey);
+                sig.update(headers.toString().getBytes());
+                boolean valid = sig.verify(Base64.decode(b, Base64.DEFAULT));
+                Log.i("DKIM valid=" + valid);
+                if (valid)
+                    verified = true;
+                else
+                    throw new IllegalArgumentException("DKIM invalid");
+            } catch (Throwable ex) {
+                Log.e("DKIM", ex);
+                return false;
+            }
+
+        Log.i("DKIM verified=" + verified);
+        return verified;
+    }
+
     Address[] getMailFrom(String[] headers) {
         if (headers == null)
             return null;