Public bug reported: opendkim generate an invalid signature if one header is fold just after the header name
Expected : the email is well signed. Actual : Signature is invalid. How to reproduce ? Send the email just below by replacing "example.com" by a valid DKIM-signed domain. I used postfix to send the email. Here is a source .eml email that will fail to be correctly signed by opendkim : ``` From: <[email protected]> To: <[email protected]> Subject: Folding_White_Space_and_too_long_subject_aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Test ``` opendkim generate an invalid signature with this email because of the "Subject:" folding white space. The signature is valid if the "Subject:" is written in one line : ``` Subject: Folding_White_Space_and_too_long_subject_aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa ``` Ubuntu 18.04.3 LTS opendkim : 2.11.0~alpha-11build1 --- This bug occurs for all headers signed by opendkim (not only with "Subject:"). This syntax seems valid. At least Gmail, Outlook, Thunderbird display the subject correctly. https://www.ietf.org/rfc/rfc5322.txt : > Unfolding is accomplished by simply removing any CRLF > that is immediately followed by WSP. Each header field should be > treated in its unfolded form for further syntactic and semantic > evaluation. An unfolded header field has no length restriction and > therefore may be indeterminately long. Gmail and opendkim itself consider the signature as invalid. opendkim : ``` Authentication-Results: xxx.example.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=example.com header.b=ABCDEF; ``` Gmail: ``` ARC-Authentication-Results: i=1; mx.google.com; dkim=fail [email protected] header.s=xxxxxxx header.b="a/aaaaaa"; ``` ** Affects: opendkim (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1857618 Title: opendkim generate an invalid signature if one header is fold just after the header name To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/opendkim/+bug/1857618/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
