mailauth 4.5.2 → 4.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/.ncurc.js +12 -0
  2. package/CHANGELOG.md +15 -0
  3. package/cli.md +3 -1
  4. package/lib/dkim/body/relaxed.js +8 -1
  5. package/lib/dkim/body/simple.js +7 -1
  6. package/lib/dkim/dkim-signer.js +3 -1
  7. package/lib/dkim/dkim-verifier.js +16 -2
  8. package/lib/tools.js +33 -8
  9. package/man/mailauth.1 +1 -1
  10. package/package.json +13 -11
  11. package/.ncurc.json +0 -4
  12. package/licenses.txt +0 -12
package/.ncurc.js ADDED
@@ -0,0 +1,12 @@
1
+ module.exports = {
2
+ upgrade: true,
3
+ reject: [
4
+ 'marked',
5
+ 'marked-man',
6
+ // only works as ESM
7
+ 'chai',
8
+
9
+ // Fails in Node 16
10
+ 'undici'
11
+ ]
12
+ };
package/CHANGELOG.md ADDED
@@ -0,0 +1,15 @@
1
+ # Changelog
2
+
3
+ ## [4.6.1](https://github.com/postalsys/mailauth/compare/v4.6.0...v4.6.1) (2024-01-24)
4
+
5
+
6
+ ### Bug Fixes
7
+
8
+ * **dkim-verify:** Show the length of the source body in DKIM results ([d28663b](https://github.com/postalsys/mailauth/commit/d28663b30b0bfaf07d395e9d3eaea044c9085657))
9
+
10
+ ## [4.6.0](https://github.com/postalsys/mailauth/compare/v4.5.2...v4.6.0) (2023-11-02)
11
+
12
+
13
+ ### Features
14
+
15
+ * **deploy:** Set up automatic publishing ([f9b9c32](https://github.com/postalsys/mailauth/commit/f9b9c325e4dbac060114aa12c5887ea8c92c0bf8))
package/cli.md CHANGED
@@ -22,7 +22,9 @@ Command line utility and a [Node.js library](README.md) for email authentication
22
22
 
23
23
  Download `mailauth` for your platform:
24
24
 
25
- - [MacOS](https://github.com/postalsys/mailauth/releases/latest/download/mailauth.pkg)
25
+ - MacOS
26
+ - [Intel processors](https://github.com/postalsys/mailauth/releases/latest/download/mailauth.pkg)
27
+ - [Apple silicon](https://github.com/postalsys/mailauth/releases/latest/download/mailauth-arm.pkg)
26
28
  - [Linux](https://github.com/postalsys/mailauth/releases/latest/download/mailauth.tar.gz)
27
29
  - [Windows](https://github.com/postalsys/mailauth/releases/latest/download/mailauth.exe)
28
30
  - Or install from the NPM registry: `npm install -g mailauth`
package/lib/dkim/body/relaxed.js CHANGED
@@ -26,9 +26,14 @@ class RelaxedHash {
26
26
  this.bodyHash = crypto.createHash(algorithm);
27
27
 
28
28
  this.remainder = false;
29
- this.byteLength = 0;
30
29
 
30
+ // total body size
31
+ this.byteLength = 0;
32
+ // total canonicalized body size
33
+ this.canonicalizedLength = 0;
34
+ // hashed canonicalized body size (after l= tag)
31
35
  this.bodyHashedBytes = 0;
36
+
32
37
  this.maxBodyLength = maxBodyLength;
33
38
 
34
39
  this.maxSizeReached = maxBodyLength === 0;
@@ -37,6 +42,8 @@ class RelaxedHash {
37
42
  }
38
43
 
39
44
  _updateBodyHash(chunk) {
45
+ this.canonicalizedLength += chunk.length;
46
+
40
47
  if (this.maxSizeReached) {
41
48
  return;
42
49
  }
package/lib/dkim/body/simple.js CHANGED
@@ -18,8 +18,12 @@ class SimpleHash {
18
18
  this.bodyHash = crypto.createHash(algorithm);
19
19
 
20
20
  this.remainder = [];
21
- this.byteLength = 0;
22
21
 
22
+ // total body size
23
+ this.byteLength = 0;
24
+ // total canonicalized body size
25
+ this.canonicalizedLength = 0;
26
+ // hashed canonicalized body size (after l= tag)
23
27
  this.bodyHashedBytes = 0;
24
28
 
25
29
  this.maxBodyLength = maxBodyLength;
@@ -29,6 +33,8 @@ class SimpleHash {
29
33
  }
30
34
 
31
35
  _updateBodyHash(chunk) {
36
+ this.canonicalizedLength += chunk.length;
37
+
32
38
  if (this.maxSizeReached) {
33
39
  return;
34
40
  }
package/lib/dkim/dkim-signer.js CHANGED
@@ -259,7 +259,9 @@ class DkimSigner extends MessageParser {
259
259
  // value for the l= tag (if needed)
260
260
  typeof signatureData.maxBodyLength === 'number'
261
261
  ? {
262
- bodyHashedBytes: this.bodyHashes.get(hashKey).hasher.bodyHashedBytes
262
+ bodyHashedBytes: this.bodyHashes.get(hashKey).hasher.bodyHashedBytes,
263
+ canonicalizedLength: this.bodyHashes.get(hashKey).hasher.canonicalizedLength,
264
+ sourceBodyLength: this.bodyHashes.get(hashKey).hasher.byteLength
263
265
  }
264
266
  : {}
265
267
  )
package/lib/dkim/dkim-verifier.js CHANGED
@@ -182,7 +182,8 @@ class DkimVerifier extends MessageParser {
182
182
 
183
183
  let signingHeaders = {
184
184
  keys: signingHeaderLines.keys,
185
- headers: signingHeaderLines.headers.map(l => l.line.toString())
185
+ headers: signingHeaderLines.headers.map(l => l.line.toString()),
186
+ canonicalizedHeader: canonicalizedHeader.toString('base64')
186
187
  };
187
188
 
188
189
  let publicKey, rr, modulusLength;
@@ -295,6 +296,8 @@ class DkimVerifier extends MessageParser {
295
296
  }
296
297
 
297
298
  signatureHeader.bodyHashedBytes = this.bodyHashes.get(signatureHeader.bodyHashKey)?.bodyHashedBytes;
299
+ signatureHeader.canonicalizedLength = this.bodyHashes.get(signatureHeader.bodyHashKey)?.canonicalizedLength;
300
+ signatureHeader.sourceBodyLength = this.bodyHashes.get(signatureHeader.bodyHashKey)?.byteLength;
298
301
 
299
302
  if (typeof signatureHeader.maxBodyLength === 'number' && signatureHeader.maxBodyLength !== signatureHeader.bodyHashedBytes) {
300
303
  status.result = 'fail';
@@ -313,12 +316,23 @@ class DkimVerifier extends MessageParser {
313
316
  status
314
317
  };
315
318
 
319
+ if (typeof signatureHeader.sourceBodyLength === 'number') {
320
+ result.sourceBodyLength = signatureHeader.sourceBodyLength;
321
+ }
322
+
316
323
  if (typeof signatureHeader.bodyHashedBytes === 'number') {
317
324
  result.canonBodyLength = signatureHeader.bodyHashedBytes;
318
325
  }
319
326
 
327
+ if (typeof signatureHeader.canonicalizedLength === 'number') {
328
+ result.canonBodyLengthTotal = signatureHeader.canonicalizedLength;
329
+ }
330
+
320
331
  if (typeof signatureHeader.maxBodyLength === 'number') {
321
- result.bodyLengthCount = signatureHeader.maxBodyLength;
332
+ result.canonBodyLengthLimited = true;
333
+ result.canonBodyLengthLimit = signatureHeader.maxBodyLength;
334
+ } else {
335
+ result.canonBodyLengthLimited = false;
322
336
  }
323
337
 
324
338
  if (publicKey) {
package/lib/tools.js CHANGED
@@ -269,14 +269,36 @@ const getPublicKey = async (type, name, minBitLength, resolver) => {
269
269
  }
270
270
 
271
271
  let paddingNeeded = publicKeyValue.length % 4 ? 4 - (publicKeyValue.length % 4) : 0;
272
+ let paddedPublicKey = publicKeyValue + '='.repeat(paddingNeeded);
273
+
274
+ let rawPublicKey = Buffer.from(publicKeyValue, 'base64');
275
+ let publicKeyObj;
276
+ let publicKeyOpts;
277
+
278
+ if (rawPublicKey.length === 32) {
279
+ // seems like an ed25519 key
280
+ rawPublicKey = Buffer.concat([Buffer.from('302A300506032B6570032100', 'hex'), rawPublicKey]);
281
+ publicKeyOpts = {
282
+ key: rawPublicKey,
283
+ format: 'der',
284
+ type: 'spki'
285
+ };
286
+ } else {
287
+ const publicKeyPem = Buffer.from(`-----BEGIN PUBLIC KEY-----\n${paddedPublicKey.replace(/.{64}/g, '$&\n').trim()}\n-----END PUBLIC KEY-----`);
288
+ publicKeyOpts = {
289
+ key: publicKeyPem,
290
+ format: 'pem'
291
+ };
292
+ }
272
293
 
273
- const publicKeyPem = Buffer.from(
274
- `-----BEGIN PUBLIC KEY-----\n${(publicKeyValue + '='.repeat(paddingNeeded)).replace(/.{64}/g, '$&\n')}\n-----END PUBLIC KEY-----`
275
- );
276
- const publicKeyObj = crypto.createPublicKey({
277
- key: publicKeyPem,
278
- format: 'pem'
279
- });
294
+ try {
295
+ publicKeyObj = crypto.createPublicKey(publicKeyOpts);
296
+ } catch (err) {
297
+ let error = new Error('Unknown key type (${keyType})', { cause: err });
298
+ error.code = 'EINVALIDTYPE';
299
+ error.rr = rr;
300
+ throw error;
301
+ }
280
302
 
281
303
  let keyType = publicKeyObj.asymmetricKeyType;
282
304
 
@@ -297,7 +319,10 @@ const getPublicKey = async (type, name, minBitLength, resolver) => {
297
319
  }
298
320
 
299
321
  return {
300
- publicKey: publicKeyPem,
322
+ publicKey: publicKeyObj.export({
323
+ type: publicKeyObj.asymmetricKeyType === 'ed25519' ? 'spki' : 'pkcs1',
324
+ format: 'pem'
325
+ }),
301
326
  rr,
302
327
  modulusLength
303
328
  };
package/man/mailauth.1 CHANGED
@@ -1,4 +1,4 @@
1
- .TH "MAILAUTH" "1" "August 2023" "v4.5.1" "Mailauth Help"
1
+ .TH "MAILAUTH" "1" "January 2024" "v4.6.1" "Mailauth Help"
2
2
  .SH "NAME"
3
3
  \fBmailauth\fR
4
4
  .QP
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "mailauth",
3
- "version": "4.5.2",
3
+ "version": "4.6.1",
4
4
  "description": "Email authentication library for Node.js",
5
5
  "main": "lib/mailauth.js",
6
6
  "scripts": {
@@ -9,7 +9,8 @@
9
9
  "man": "cd man && marked-man --version `node -e \"console.log('v'+require('../package.json').version)\"` --manual 'Mailauth Help' --section 1 man.md > mailauth.1",
10
10
  "build-source": "rm -rf node_modules package-lock.json && npm install && npm run man && npm run licenses && rm -rf node_modules package-lock.json && npm install --production && rm -rf package-lock.json",
11
11
  "build-dist": "npx pkg --compress Brotli package.json && rm -rf package-lock.json && npm install",
12
- "licenses": "license-report --only=prod --output=table --config license-report-config.json > licenses.txt"
12
+ "licenses": "license-report --only=prod --output=table --config license-report-config.json > licenses.txt",
13
+ "update": "rm -rf node_modules package-lock.json && ncu -u && npm install"
13
14
  },
14
15
  "repository": {
15
16
  "type": "git",
@@ -32,28 +33,29 @@
32
33
  },
33
34
  "homepage": "https://github.com/postalsys/mailauth",
34
35
  "devDependencies": {
35
- "chai": "4.3.7",
36
- "eslint": "8.46.0",
36
+ "chai": "4.4.1",
37
+ "eslint": "8.56.0",
37
38
  "eslint-config-nodemailer": "1.2.0",
38
- "eslint-config-prettier": "8.10.0",
39
+ "eslint-config-prettier": "9.1.0",
39
40
  "js-yaml": "4.1.0",
40
- "license-report": "6.4.0",
41
+ "license-report": "6.5.0",
41
42
  "marked": "0.7.0",
42
43
  "marked-man": "0.7.0",
43
44
  "mbox-reader": "1.1.5",
44
45
  "mocha": "10.2.0",
46
+ "npm-check-updates": "16.14.12",
45
47
  "pkg": "5.8.1"
46
48
  },
47
49
  "dependencies": {
48
50
  "@postalsys/vmc": "1.0.6",
49
- "fast-xml-parser": "4.2.7",
51
+ "fast-xml-parser": "4.3.3",
50
52
  "ipaddr.js": "2.1.0",
51
- "joi": "17.9.2",
53
+ "joi": "17.12.0",
52
54
  "libmime": "5.2.1",
53
- "nodemailer": "6.9.4",
55
+ "nodemailer": "6.9.8",
54
56
  "psl": "1.9.0",
55
- "punycode": "2.3.0",
56
- "undici": "5.23.0",
57
+ "punycode": "2.3.1",
58
+ "undici": "5.28.2",
57
59
  "yargs": "17.7.2"
58
60
  },
59
61
  "engines": {
package/.ncurc.json DELETED
@@ -1,4 +0,0 @@
1
- {
2
- "upgrade": true,
3
- "reject": ["marked", "marked-man"]
4
- }
package/licenses.txt DELETED
@@ -1,12 +0,0 @@
1
- name license type link installed version author
2
- ---- ------------ ---- ----------------- ------
3
- @postalsys/vmc MIT https://registry.npmjs.org/@postalsys/vmc/-/vmc-1.0.6.tgz 1.0.6 Postal Systems OÜ
4
- fast-xml-parser MIT git+https://github.com/NaturalIntelligence/fast-xml-parser.git 4.2.7 Amit Gupta (https://amitguptagwl.github.io)
5
- ipaddr.js MIT git://github.com/whitequark/ipaddr.js.git 2.1.0 whitequark <whitequark@whitequark.org>
6
- joi BSD-3-Clause git://github.com/hapijs/joi.git 17.9.2 n/a
7
- libmime MIT git://github.com/andris9/libmime.git 5.2.1 Andris Reinman <andris@kreata.ee>
8
- nodemailer MIT-0 git+https://github.com/nodemailer/nodemailer.git 6.9.4 Andris Reinman
9
- psl MIT git+ssh://git@github.com/lupomontero/psl.git 1.9.0 Lupo Montero <lupomontero@gmail.com> (https://lupomontero.com/)
10
- punycode MIT git+https://github.com/mathiasbynens/punycode.js.git 2.3.0 Mathias Bynens https://mathiasbynens.be/
11
- undici MIT git+https://github.com/nodejs/undici.git 5.23.0 Matteo Collina <hello@matteocollina.com>
12
- yargs MIT git+https://github.com/yargs/yargs.git 17.7.2 n/a