Fixed dkim bodyhash for custom domains closes #14

app/Helpers/OpenPGPSigner.php

@@ -216,21 +216,16 @@ class OpenPGPSigner implements Swift_Signers_BodySigner
         $signature = $this->pgpSignString($signedBody, $this->signingKey);
 
         //Swiftmailer is automatically changing content type and this is the hack to prevent it
-        $body = <<<EOT
-This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
-
---{$message->getBoundary()}
-$signedBody
---{$message->getBoundary()}
-Content-Type: application/pgp-signature; name="signature.asc"
-Content-Description: OpenPGP digital signature
-Content-Disposition: attachment; filename="signature.asc"
-
-$signature
-
---{$message->getBoundary()}--
-EOT;
-
+        // Fixes DKIM signature incorrect body hash for custom domains
+        $body = "This is an OpenPGP/MIME signed message (RFC 4880 and 3156)\r\n\r\n";
+        $body .= "--{$message->getBoundary()}\r\n";
+        $body .= $signedBody."\r\n";
+        $body .= "--{$message->getBoundary()}\r\n";
+        $body .= "Content-Type: application/pgp-signature; name=\"signature.asc\"\r\n";
+        $body .= "Content-Description: OpenPGP digital signature\r\n";
+        $body .= "Content-Disposition: attachment; filename=\"signature.asc\"\r\n\r\n";
+        $body .= $signature."\r\n\r\n";
+        $body .= "--{$message->getBoundary()}--";
 
         $message->setBody($body);
 
@@ -261,24 +256,18 @@ EOT;
                 'boundary' => $message->getBoundary()
             ]);
 
-            $body = <<<EOT
-This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
-
---{$message->getBoundary()}
-Content-Type: application/pgp-encrypted
-Content-Description: PGP/MIME version identification
-
-Version: 1
-
---{$message->getBoundary()}
-Content-Type: application/octet-stream; name="encrypted.asc"
-Content-Description: OpenPGP encrypted message
-Content-Disposition: inline; filename="encrypted.asc"
-
-$encryptedBody
-
---{$message->getBoundary()}--
-EOT;
+            // Fixes DKIM signature incorrect body hash for custom domains
+            $body = "This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)\r\n\r\n";
+            $body .= "--{$message->getBoundary()}\r\n";
+            $body .= "Content-Type: application/pgp-encrypted\r\n";
+            $body .= "Content-Description: PGP/MIME version identification\r\n\r\n";
+            $body .= "Version: 1\r\n\r\n";
+            $body .= "--{$message->getBoundary()}\r\n";
+            $body .= "Content-Type: application/octet-stream; name=\"encrypted.asc\"\r\n";
+            $body .= "Content-Description: OpenPGP encrypted message\r\n";
+            $body .= "Content-Disposition: inline; filename=\"encrypted.asc\"\r\n\r\n";
+            $body .= $encryptedBody."\r\n\r\n";
+            $body .= "--{$message->getBoundary()}--";
 
             $message->setBody($body);
         }

app/Mail/ForwardEmail.php

@@ -44,9 +44,6 @@ class ForwardEmail extends Mailable implements ShouldQueue
      */
     public function __construct(Alias $alias, EmailData $emailData, Recipient $recipient)
     {
-        $this->encryptedParts = $emailData->encryptedParts ?? null;
-        $fingerprint = $recipient->should_encrypt && !$this->encryptedParts ? $recipient->fingerprint : null;
-
         $this->user = $alias->user;
         $this->alias = $alias;
         $this->sender = $emailData->sender;
@@ -57,7 +54,12 @@ class ForwardEmail extends Mailable implements ShouldQueue
         $this->emailHtml = $emailData->html;
         $this->emailAttachments = $emailData->attachments;
         $this->deactivateUrl = URL::signedRoute('deactivate', ['alias' => $alias->id]);
-        $this->bannerLocation = $this->alias->user->banner_location;
+
+        $this->encryptedParts = $emailData->encryptedParts ?? null;
+
+        $fingerprint = $recipient->should_encrypt && !$this->isAlreadyEncrypted() ? $recipient->fingerprint : null;
+
+        $this->bannerLocation = $this->isAlreadyEncrypted() ? 'off' : $this->alias->user->banner_location;
 
         if ($this->fingerprint = $fingerprint) {
             try {
@@ -131,7 +133,9 @@ class ForwardEmail extends Mailable implements ShouldQueue
 
                 if ($this->openpgpsigner) {
                     $message->attachSigner($this->openpgpsigner);
-                } elseif ($this->dkimSigner) { // TODO fix issue with failing DKIM signature if message is encrypted
+                }
+
+                if ($this->dkimSigner) {
                     $message->attachSigner($this->dkimSigner);
                 }
             });
@@ -152,4 +156,9 @@ class ForwardEmail extends Mailable implements ShouldQueue
 
         return $email;
     }
+
+    private function isAlreadyEncrypted()
+    {
+        return $this->encryptedParts || preg_match('/^-----BEGIN PGP MESSAGE-----([A-Za-z0-9+=\/\n]+)-----END PGP MESSAGE-----$/', base64_decode($this->emailText));
+    }
 }

tests/emails/email_inline_encrypted.eml

@@ -0,0 +1,57 @@
+Date: Wed, 20 Feb 2019 15:00:00 +0100 (CET)
+From: Will <will@anonaddy.com>
+To: <ebay@johndoe.anonaddy.com>
+Subject: Test Email
+Content-Type: multipart/mixed; boundary="----=_Part_10031_1199410393.1550677940425"
+
+------=_Part_10031_1199410393.1550677940425
+Content-Type: text/html; charset=UTF-8
+Content-Transfer-Encoding: 7bit
+
+<html>
+<head>
+<meta http-equiv="content-type" content="text/html; charset=UTF-8">
+</head>
+<body>
+<pre>
+-----BEGIN PGP MESSAGE-----
+
+hQGMA61U1XgYVZGqAQwAvxPrShPyuRv/cjTQlEfFDfkVCatT/QC89e2IShMX8bDa
+UUx0tRlHHmEauZYOlM+DeBdD6je9KMEWm8hkBBoDMZVzBdjCWJUwVN9FyRV7YuHV
+EPgnEt6Z1gKCI4WqdXX+5CaVy6FP8ebNIUZaMzTodV9oCbPMxC9U47aV8YdfoUJB
+erae096R+S8aXWfUr2Xip0cUaBXPXVILLq0tmbi9w5mmXGbYEJPEg4hM9gfRA1uu
+nFm7t74te66ELbW4mwYnfIhHKXQNkFfZT+yKjFp0k6QnkII390E0TfHjBW8B/4li
+tOT/xfbxfEyWt7K4NPOd29Bx+iF+EMUhT+E+FgH9QfVzosM79pYZkPrtUVbyLFkl
+R/s7jlauoFGYqFngNupQmjvEIi5wcIqM/4edlYxWSxRGuL8wl+OFnWY5fs3aVu23
+xbmLVNjr+rp6eMlBhV2LQcA+Y6JAA3xWrEXkTpLMeI8NNAPGO5BuFJD74YJ6NXag
+PYDgwd2jtrY6uYQqb7jT0lQBx6sVv2ee5nn+GNSz9IlHPt5+RyGxytuyT1vCkqQS
+vFUqKZ2Cgih08CpiIw9QO2J7tieoNP39TsN/PLdNNLZiugwJFGi32S7jh/C692Eo
+fcVyc/Q=
+=StNi
+-----END PGP MESSAGE-----
+</pre>
+</body>
+</html>
+
+
+------=_Part_10031_1199410393.1550677940425
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: quoted-printable
+
+-----BEGIN PGP MESSAGE-----
+
+hQGMA61U1XgYVZGqAQwAvxPrShPyuRv/cjTQlEfFDfkVCatT/QC89e2IShMX8bDa
+UUx0tRlHHmEauZYOlM+DeBdD6je9KMEWm8hkBBoDMZVzBdjCWJUwVN9FyRV7YuHV
+EPgnEt6Z1gKCI4WqdXX+5CaVy6FP8ebNIUZaMzTodV9oCbPMxC9U47aV8YdfoUJB
+erae096R+S8aXWfUr2Xip0cUaBXPXVILLq0tmbi9w5mmXGbYEJPEg4hM9gfRA1uu
+nFm7t74te66ELbW4mwYnfIhHKXQNkFfZT+yKjFp0k6QnkII390E0TfHjBW8B/4li
+tOT/xfbxfEyWt7K4NPOd29Bx+iF+EMUhT+E+FgH9QfVzosM79pYZkPrtUVbyLFkl
+R/s7jlauoFGYqFngNupQmjvEIi5wcIqM/4edlYxWSxRGuL8wl+OFnWY5fs3aVu23
+xbmLVNjr+rp6eMlBhV2LQcA+Y6JAA3xWrEXkTpLMeI8NNAPGO5BuFJD74YJ6NXag
+PYDgwd2jtrY6uYQqb7jT0lQBx6sVv2ee5nn+GNSz9IlHPt5+RyGxytuyT1vCkqQS
+vFUqKZ2Cgih08CpiIw9QO2J7tieoNP39TsN/PLdNNLZiugwJFGi32S7jh/C692Eo
+fcVyc/Q=
+=StNi
+-----END PGP MESSAGE-----
+
+------=_Part_10031_1199410393.1550677940425--

tests/emails/email_reply_encrypted.eml

@@ -19,39 +19,18 @@ Content-Disposition: inline; filename="encrypted.asc"
 
 -----BEGIN PGP MESSAGE-----
 
-hQGMA61U1XgYVZGqAQv7BbzB8NkO1UipXAKUIFodEuCnFJhRJDkmM8mXUTp89MJt
-je0c8StVIwbqE56tx6Bl5e9pfiRslGhXd6C+Gxj2rmKC2vZ85gHi3ozZ9XzYzN2b
-hYIxlNNTOBzrblq9ihxwXe1dLgUm+IsFIPuQLnpGfzWjDsHgTjEOeZ+dL626z4oe
-JcngimUWvGyrvMAiCdfbWYSacrC9z3NPCczpKe8g/CqbyP/4G7po8Ncm1onEz3pz
-DzwkLmiHrUq9xk72GXcqpXtY3J5ZgPwR0sX8pz9Im6p+5vP54mj2SPuK+PfZWiR8
-7kY2Gv6KjK7Mbn9hYgeNJKAMwM/4oq9d0NWipdguEL2QcMeXmmOu3r8stsilaisu
-spqsJYQTxeE7VBWc+6qsW0JrSgq2F00IfOXA0oWWfaprFO+NS/tsQorh4gzu6Php
-QVHRR5fRoI9nNxnM6NQWu6KfgHnSuWkwEuX3P0RoCkNxd4BjezQ72SHxj0rNTFUU
-eqa4DAmL6raOK9MmVp6phQGMA0sUUxmvUIjDAQv/Z2MAv/1bN+c9oNseeGzfjwPt
-6l3V9o1Y8NDpRc6cGcN36+1ZQrTdZK4UmmhXFP6DrdZFAh6RIpfN1qbkPTnt7pJ1
-OH5OYvP86MPKSM7XkpJm37mJYs62ueRO2mB4eDharHzAa3d8uPfn28eKNnJkIU/H
-yuz+pGl2z7M64ZEklimwIiNn+8/CWLq7+xGE7ULq6sLK4DG308KsjUhMuRT6uRmz
-lBGVXHhbuHorFMIyNlSZL4fKE7N2r0uUsK4DpdJiPcUFBUFqtlhxXR1oqjmNjRUe
-UWnf7i9Gw3r27o09B1FutZBD8xkN54EPXwLOJ4Xl3N1NseqgDDXMGbSGmUoEMSQh
-weEOhnw+JmIvU8cbk6U0uQsCxHeWvujkfcSKEo+p4hr/Oa6EbaCFyiQ4HLJ5Oi5/
-VvRi42IRrW3Pd3nuMqSqp0NvJm/DgarEy4sXWZyLAPdDMDXtxHKudMlRLIXpT3a5
-jHwMrhyP/KnjQeWAn77fbdOc6HDHFXzdo1Koo/Ww0ukBh4P4IXQJRphYPGigGTuN
-C+ur/9qxQ3vjRBUmxxlW0xWZyNgQo+Gb7CCrBo1KBuUwMDRmmFf29Rr9UxxKManV
-1U75OJs90i5ESN824o27pslSz5wwLH9QzETENxZIPaQ1RG/AsfdIAiGrXdaRoZLv
-wjm8TNlDr1ITjwyREfLYOvg/YXxkOePh1iM7aLSNvLc76yVFZ8+MmsFOaAc13OvC
-qbWMnkLYZit4RSsb5N5OomqFVoPqHOxdUHpoQZhPzV3AQD0D/zBoynzPo3Np5xPm
-/a+NwpGjrdT+dQw9YiUGeDsPrIw1XPcRNQkYyVtIvGC+tUO9+4H5/fsequ24cr2j
-TnMjd5SPJycqFf+sarwM/+hayH0bCq8F66Voie6/VMxUq7r++4UpEUlj4EU8El1B
-O5IoLn26P+ec+Foo5uTaX/NUh71hQ23T9IX4aclkPOwwUydBlnWJu3ILE6fGH3Q9
-vSbMvQ9+HO8sHTogNWiVHkSM6jTgM3N6L7Gdie6h0ozN/ZAa1WCzZIgKm4ROST1O
-E8vmpl4M8ixZpw2B1Auglei6CJ7tNXGEaKsrJOhzIOA4b/3eiCreHaDdvvVWCn26
-rQJYoUtItuvB3EbaeTTtA0BIOcM3My0pUuhD3OcUEQ0oYsG6UdrUastWWYY45fsW
-sqH0ElKz8Aa7nwIvwQsMTMAI3YMctI83r6xu3Bc2eZ21/BqDdB21zdjh1bQYN+Sm
-1bFnfDjE+WDHO0AX7F8vPqZ2nAmoX+OYBhyAnTg+Kac3p7cDouIvSd5vnEBJeAGh
-2PE0BywLEiK2LQeOXlwQNNfxY3T4QaDrOaSxALr1EFKa3BlH9kU4PXt+vx0gch9p
-vpmU721CP95vKWKMaJvpmlK8i2BOeCYC/+oEf7CwFYcIzlpWhZNGajADc9W4XsHo
-z/x1RGWQTcq5LANBKBUoYQqiScidMstiSX0=
-=3dtw
+hQGMA61U1XgYVZGqAQwAvxPrShPyuRv/cjTQlEfFDfkVCatT/QC89e2IShMX8bDa
+UUx0tRlHHmEauZYOlM+DeBdD6je9KMEWm8hkBBoDMZVzBdjCWJUwVN9FyRV7YuHV
+EPgnEt6Z1gKCI4WqdXX+5CaVy6FP8ebNIUZaMzTodV9oCbPMxC9U47aV8YdfoUJB
+erae096R+S8aXWfUr2Xip0cUaBXPXVILLq0tmbi9w5mmXGbYEJPEg4hM9gfRA1uu
+nFm7t74te66ELbW4mwYnfIhHKXQNkFfZT+yKjFp0k6QnkII390E0TfHjBW8B/4li
+tOT/xfbxfEyWt7K4NPOd29Bx+iF+EMUhT+E+FgH9QfVzosM79pYZkPrtUVbyLFkl
+R/s7jlauoFGYqFngNupQmjvEIi5wcIqM/4edlYxWSxRGuL8wl+OFnWY5fs3aVu23
+xbmLVNjr+rp6eMlBhV2LQcA+Y6JAA3xWrEXkTpLMeI8NNAPGO5BuFJD74YJ6NXag
+PYDgwd2jtrY6uYQqb7jT0lQBx6sVv2ee5nn+GNSz9IlHPt5+RyGxytuyT1vCkqQS
+vFUqKZ2Cgih08CpiIw9QO2J7tieoNP39TsN/PLdNNLZiugwJFGi32S7jh/C692Eo
+fcVyc/Q=
+=StNi
 -----END PGP MESSAGE-----
 
 ------=_Part_10031_1199410393.1550677940425--