Show RSA key length

lieser · Jul 28, 2024 · 7839331 · 7839331
1 parent 7c2e3ce
commit 7839331
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 5 deletions.
diff --git a/content/displayAction.mjs.js b/content/displayAction.mjs.js
@@ -121,14 +121,52 @@ class DkimResult extends HTMLElement {
 		DkimResult.#addOptionalTextValue(this.#content, "AUID", this.result?.auid);
 		DkimResult.#addOptionalTimeValue(this.#content, "Sign date", this.result?.timestamp);
 		DkimResult.#addOptionalTimeValue(this.#content, "Expiration date", this.result?.expiration);
-		let algorithm;
-		if (this.result?.algorithmSignature && this.result?.algorithmHash) {
-			algorithm = `${this.result?.algorithmSignature}-${this.result?.algorithmHash}`;
-		}
-		DkimResult.#addOptionalTextValue(this.#content, "Algorithm", algorithm);
+		DkimResult.#addOptionalTextValue(this.#content, "Algorithm", this.#algorithm());
 		DkimResult.#addOptionalTextValue(this.#content, "Signed headers", this.result?.signedHeaders?.join(", "));
 	}
 
+	/**
+	 * Get a string description of the used algorithm.
+	 *
+	 * @returns {string|undefined}
+	 */
+	#algorithm() {
+		if (!this.result?.algorithmSignature || !this.result?.algorithmHash) {
+			return undefined;
+		}
+		const signature = (() => {
+			switch (this.result?.algorithmSignature) {
+				case "rsa": {
+					const name = "RSA";
+					if (this.result.keyLength) {
+						return `${name} (${this.result.keyLength} bits)`;
+					}
+					return name;
+				}
+				case "ed25519": {
+					return "Ed25519";
+				}
+				default: {
+					return this.result?.algorithmSignature;
+				}
+			}
+		})();
+		const hash = (() => {
+			switch (this.result?.algorithmHash) {
+				case "sha1": {
+					return "SHA-1";
+				}
+				case "sha256": {
+					return "SHA-256";
+				}
+				default: {
+					return this.result?.algorithmHash;
+				}
+			}
+		})();
+		return `${signature} / ${hash}`;
+	}
+
 	/**
 	 * Add a text value to an element under the specified key.
 	 *

diff --git a/modules/dkim/verifier.mjs.js b/modules/dkim/verifier.mjs.js
@@ -89,6 +89,7 @@ import RfcParser from "../rfcParser.mjs.js";
  * @property {number|null} [expiration]
  * @property {string} [algorithmSignature]
  * @property {string} [algorithmHash]
+ * @property {number|undefined} [keyLength]
  * @property {string[]} [signedHeaders]
  */
 
@@ -928,6 +929,11 @@ class DkimSignature {
 		 * @readonly
 		 */
 		this._header = header;
+		/**
+		 * @private
+		 * @type {number|undefined}
+		 */
+		this._keyLength = undefined;
 	}
 
 	/**
@@ -1382,6 +1388,7 @@ class DkimSignature {
 		}
 
 		if (this._header.a_sig === "rsa") {
+			this._keyLength = keyLength;
 			// Check strength of RSA keys.
 			if (keyLength < 1024) {
 				// error if key is too short
@@ -1436,6 +1443,7 @@ class DkimSignature {
 			...this._header.toBaseResult("SUCCESS"),
 			warnings,
 			keySecure: keyQueryResult.secure,
+			keyLength: this._keyLength,
 		};
 		return verification_result;
 	}