[exim.git] / src / src / pdkim / pdkim.h

/*
 *  PDKIM - a RFC4871 (DKIM) implementation
 *
 *  Copyright (C) 2009 - 2012  Tom Kistner <tom@duncanthrax.net>
 *  Copyright (c) Jeremy Harris 2016
 *
 *  http://duncanthrax.net/pdkim/
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License along
 *  with this program; if not, write to the Free Software Foundation, Inc.,
 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#ifndef PDKIM_H
#define PDKIM_H

#include "../blob.h"
#include "../hash.h"

/* -------------------------------------------------------------------------- */
/* Length of the preallocated buffer for the "answer" from the dns/txt
   callback function. This should match the maximum RDLENGTH from DNS. */
#define PDKIM_DNS_TXT_MAX_RECLEN    (1 << 16)

/* -------------------------------------------------------------------------- */
/* Function success / error codes */
#define PDKIM_OK                      0
#define PDKIM_FAIL                   -1
#define PDKIM_ERR_RSA_PRIVKEY      -101
#define PDKIM_ERR_RSA_SIGNING      -102
#define PDKIM_ERR_LONG_LINE        -103
#define PDKIM_ERR_BUFFER_TOO_SMALL -104
#define PDKIM_SIGN_PRIVKEY_WRAP    -105
#define PDKIM_SIGN_PRIVKEY_B64D    -106

/* -------------------------------------------------------------------------- */
/* Main/Extended verification status */
#define PDKIM_VERIFY_NONE      0
#define PDKIM_VERIFY_INVALID   1
#define PDKIM_VERIFY_FAIL      2
#define PDKIM_VERIFY_PASS      3

#define PDKIM_VERIFY_FAIL_BODY                    1
#define PDKIM_VERIFY_FAIL_MESSAGE                 2
#define PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE   3
#define PDKIM_VERIFY_INVALID_BUFFER_SIZE          4
#define PDKIM_VERIFY_INVALID_PUBKEY_DNSRECORD     5
#define PDKIM_VERIFY_INVALID_PUBKEY_IMPORT        6
#define PDKIM_VERIFY_INVALID_SIGNATURE_ERROR      7
#define PDKIM_VERIFY_INVALID_DKIM_VERSION         8

/* -------------------------------------------------------------------------- */
/* Some parameter values */
#define PDKIM_QUERYMETHOD_DNS_TXT 0

#define PDKIM_ALGO_RSA_SHA256     0
#define PDKIM_ALGO_RSA_SHA1       1

#define PDKIM_CANON_SIMPLE        0
#define PDKIM_CANON_RELAXED       1

#define PDKIM_HASH_SHA256         0
#define PDKIM_HASH_SHA1           1

#define PDKIM_KEYTYPE_RSA         0

/* -------------------------------------------------------------------------- */
/* Some required forward declarations, please ignore */
typedef struct pdkim_stringlist pdkim_stringlist;
typedef struct pdkim_str pdkim_str;
typedef struct sha1_context sha1_context;
typedef struct sha2_context sha2_context;
#define HAVE_SHA1_CONTEXT
#define HAVE_SHA2_CONTEXT

/* -------------------------------------------------------------------------- */
/* Some concessions towards Redmond */
#ifdef WINDOWS
#define snprintf _snprintf
#define strcasecmp _stricmp
#define strncasecmp _strnicmp
#define DLLEXPORT __declspec(dllexport)
#else
#define DLLEXPORT
#endif


/* -------------------------------------------------------------------------- */
/* Public key as (usually) fetched from DNS */
typedef struct pdkim_pubkey {
  uschar *version;                /* v=  */
  uschar *granularity;            /* g=  */

#ifdef notdef
  uschar *hashes;                 /* h=  */
  uschar *keytype;                /* k=  */
#endif
  uschar *srvtype;                /* s=  */
  uschar *notes;                  /* n=  */

  blob  key;                      /* p=  */
  int   testing;                  /* t=y */
  int   no_subdomaining;          /* t=s */
} pdkim_pubkey;

/* -------------------------------------------------------------------------- */
/* Signature as it appears in a DKIM-Signature header */
typedef struct pdkim_signature {

  /* Bits stored in a DKIM signature header --------------------------- */

  /* (v=) The version, as an integer. Currently, always "1" */
  int version;

  /* (a=) The signature algorithm. Either PDKIM_ALGO_RSA_SHA256
     or PDKIM_ALGO_RSA_SHA1 */
  int algo;

  /* (c=x/) Header canonicalization method. Either PDKIM_CANON_SIMPLE
     or PDKIM_CANON_RELAXED */
  int canon_headers;

  /* (c=/x) Body canonicalization method. Either PDKIM_CANON_SIMPLE
     or PDKIM_CANON_RELAXED */
  int canon_body;

  /* (q=) Query Method. Currently, only PDKIM_QUERYMETHOD_DNS_TXT
     is specified */
  int querymethod;

  /* (s=) The selector string as given in the signature */
  uschar *selector;

  /* (d=) The domain as given in the signature */
  uschar *domain;

  /* (i=) The identity as given in the signature */
  uschar *identity;

  /* (t=) Timestamp of signature creation */
  unsigned long created;

  /* (x=) Timestamp of expiry of signature */
  unsigned long expires;

  /* (l=) Amount of hashed body bytes (after canonicalization). Default
     is -1. Note: a value of 0 means that the body is unsigned! */
  long bodylength;

  /* (h=) Colon-separated list of header names that are included in the
     signature */
  uschar *headernames;

  /* (z=) */
  uschar *copiedheaders;

  /* (b=) Raw signature data, along with its length in bytes */
  blob sighash;

  /* (bh=) Raw body hash data, along with its length in bytes */
  blob bodyhash;

  /* Folded DKIM-Signature: header. Singing only, NULL for verifying.
     Ready for insertion into the message. Note: Folded using CRLFTB,
     but final line terminator is NOT included. Note2: This buffer is
     free()d when you call pdkim_free_ctx(). */
  uschar *signature_header;

  /* The main verification status. Verification only. One of:

     PDKIM_VERIFY_NONE      Verification was not attempted. This status
                            should not appear.

     PDKIM_VERIFY_INVALID   There was an error while trying to verify
                            the signature. A more precise description
                            is available in verify_ext_status.

     PDKIM_VERIFY_FAIL      Verification failed because either the body
                            hash did not match, or the signature verification
                            failed. This means the message was modified.
                            Check verify_ext_status for the exact reason.

     PDKIM_VERIFY_PASS      Verification succeeded.
  */
  int verify_status;

  /* Extended verification status. Verification only. Depending on the value
     of verify_status, it can contain:

     For verify_status == PDKIM_VERIFY_INVALID:

        PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE
          Unable to retrieve a public key container.

        PDKIM_VERIFY_INVALID_BUFFER_SIZE
          Either the DNS name constructed to retrieve the public key record
          does not fit into PDKIM_DNS_TXT_MAX_NAMELEN bytes, or the retrieved
          record is longer than PDKIM_DNS_TXT_MAX_RECLEN bytes.

        PDKIM_VERIFY_INVALID_PUBKEY_PARSING
          (Syntax) error while parsing the retrieved public key record.


     For verify_status == PDKIM_VERIFY_FAIL:

        PDKIM_VERIFY_FAIL_BODY
          The calculated body hash does not match the advertised body hash
          from the bh= tag of the signature.

        PDKIM_VERIFY_FAIL_MESSAGE
          RSA verification of the signature (b= tag) failed.
  */
  int verify_ext_status;

  /* Pointer to a public key record that was used to verify the signature.
     See pdkim_pubkey declaration above for more information.
     Caution: is NULL if signing or if no record was retrieved. */
  pdkim_pubkey *pubkey;

  /* Pointer to the next pdkim_signature signature. NULL if signing or if
     this is the last signature. */
  void *next;

  /* Properties below this point are used internally only ------------- */

  /* Per-signature helper variables ----------------------------------- */
  hctx         body_hash_ctx;

  unsigned long signed_body_bytes; /* How many body bytes we hashed     */
  pdkim_stringlist *headers; /* Raw headers included in the sig         */
  /* Signing specific ------------------------------------------------- */
  uschar * rsa_privkey;     /* Private RSA key                             */
  uschar * sign_headers;    /* To-be-signed header names                   */
  uschar * rawsig_no_b_val; /* Original signature header w/o b= tag value. */
} pdkim_signature;


/* -------------------------------------------------------------------------- */
/* Context to keep state between all operations. */
typedef struct pdkim_ctx {

#define PDKIM_MODE_SIGN   BIT(0)	/* if unset, mode==verify */
#define PDKIM_DOT_TERM	  BIT(1)	/* dot termination and unstuffing */
#define PDKIM_SEEN_CR	  BIT(2)
#define PDKIM_SEEN_LF	  BIT(3)
#define PDKIM_PAST_HDRS	  BIT(4)
#define PDKIM_SEEN_EOD	  BIT(5)
  unsigned   flags;

  /* One (signing) or several chained (verification) signatures */
  pdkim_signature *sig;

  /* Callback for dns/txt query method (verification only) */
  int(*dns_txt_callback)(char *, char *);

  /* Coder's little helpers */
  uschar    *cur_header;
  int        cur_header_size;
  int        cur_header_len;
  char      *linebuf;
  int        linebuf_offset;
  int        num_buffered_crlf;
  int        num_headers;
  pdkim_stringlist *headers; /* Raw headers for verification         */
} pdkim_ctx;


/* -------------------------------------------------------------------------- */
/* API functions. Please see the sample code in sample/test_sign.c and
   sample/test_verify.c for documentation.
*/

#ifdef __cplusplus
extern "C" {
#endif

void	   pdkim_init         (void);

DLLEXPORT
pdkim_ctx *pdkim_init_sign    (char *, char *, char *, int,
			      BOOL, int(*)(char *, char *));

DLLEXPORT
pdkim_ctx *pdkim_init_verify  (int(*)(char *, char *), BOOL);

DLLEXPORT
int        pdkim_set_optional (pdkim_ctx *, char *, char *,int, int,
                               long,
                               unsigned long,
                               unsigned long);

DLLEXPORT
int        pdkim_feed         (pdkim_ctx *, char *, int);
DLLEXPORT
int        pdkim_feed_finish  (pdkim_ctx *, pdkim_signature **);

DLLEXPORT
void       pdkim_free_ctx     (pdkim_ctx *);


const char *	pdkim_errstr(int);

#ifdef __cplusplus
}
#endif

#endif
Commit	Line	Data
80a47a2c TK	1	/*
	2	* PDKIM - a RFC4871 (DKIM) implementation
	3	*
c4ceed07	4	* Copyright (C) 2009 - 2012 Tom Kistner <tom@duncanthrax.net>
80fea873	5	* Copyright (c) Jeremy Harris 2016
80a47a2c TK	6	*
	7	* http://duncanthrax.net/pdkim/
	8	*
	9	* This program is free software; you can redistribute it and/or modify
	10	* it under the terms of the GNU General Public License as published by
	11	* the Free Software Foundation; either version 2 of the License, or
	12	* (at your option) any later version.
	13	*
	14	* This program is distributed in the hope that it will be useful,
	15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	17	* GNU General Public License for more details.
	18	*
	19	* You should have received a copy of the GNU General Public License along
	20	* with this program; if not, write to the Free Software Foundation, Inc.,
	21	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	22	*/
2592e6c0 JH	23	#ifndef PDKIM_H
	24	#define PDKIM_H
	25
63af6f3a JH	26	#include "../blob.h"
63af6f3a JH	27	#include "../hash.h"
80a47a2c	28
80a47a2c TK	29	/* -------------------------------------------------------------------------- */
80a47a2c TK	30	/* Length of the preallocated buffer for the "answer" from the dns/txt
4263f395 PP	31	callback function. This should match the maximum RDLENGTH from DNS. */
4263f395 PP	32	#define PDKIM_DNS_TXT_MAX_RECLEN (1 << 16)
80a47a2c TK	33
	34	/* -------------------------------------------------------------------------- */
	35	/* Function success / error codes */
	36	#define PDKIM_OK 0
	37	#define PDKIM_FAIL -1
80a47a2c TK	38	#define PDKIM_ERR_RSA_PRIVKEY -101
	39	#define PDKIM_ERR_RSA_SIGNING -102
	40	#define PDKIM_ERR_LONG_LINE -103
	41	#define PDKIM_ERR_BUFFER_TOO_SMALL -104
df3def24 JH	42	#define PDKIM_SIGN_PRIVKEY_WRAP -105
df3def24 JH	43	#define PDKIM_SIGN_PRIVKEY_B64D -106
80a47a2c TK	44
	45	/* -------------------------------------------------------------------------- */
	46	/* Main/Extended verification status */
	47	#define PDKIM_VERIFY_NONE 0
	48	#define PDKIM_VERIFY_INVALID 1
	49	#define PDKIM_VERIFY_FAIL 2
	50	#define PDKIM_VERIFY_PASS 3
	51
07eeb4df	52	#define PDKIM_VERIFY_FAIL_BODY 1
	53	#define PDKIM_VERIFY_FAIL_MESSAGE 2
	54	#define PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE 3
	55	#define PDKIM_VERIFY_INVALID_BUFFER_SIZE 4
	56	#define PDKIM_VERIFY_INVALID_PUBKEY_DNSRECORD 5
	57	#define PDKIM_VERIFY_INVALID_PUBKEY_IMPORT 6
	58	#define PDKIM_VERIFY_INVALID_SIGNATURE_ERROR 7
	59	#define PDKIM_VERIFY_INVALID_DKIM_VERSION 8
80a47a2c TK	60
	61	/* -------------------------------------------------------------------------- */
	62	/* Some parameter values */
	63	#define PDKIM_QUERYMETHOD_DNS_TXT 0
	64
	65	#define PDKIM_ALGO_RSA_SHA256 0
	66	#define PDKIM_ALGO_RSA_SHA1 1
	67
	68	#define PDKIM_CANON_SIMPLE 0
	69	#define PDKIM_CANON_RELAXED 1
	70
	71	#define PDKIM_HASH_SHA256 0
	72	#define PDKIM_HASH_SHA1 1
	73
	74	#define PDKIM_KEYTYPE_RSA 0
	75
	76	/* -------------------------------------------------------------------------- */
	77	/* Some required forward declarations, please ignore */
	78	typedef struct pdkim_stringlist pdkim_stringlist;
	79	typedef struct pdkim_str pdkim_str;
cb224393 JH	80	typedef struct sha1_context sha1_context;
	81	typedef struct sha2_context sha2_context;
	82	#define HAVE_SHA1_CONTEXT
	83	#define HAVE_SHA2_CONTEXT
80a47a2c TK	84
	85	/* -------------------------------------------------------------------------- */
	86	/* Some concessions towards Redmond */
	87	#ifdef WINDOWS
	88	#define snprintf _snprintf
	89	#define strcasecmp _stricmp
	90	#define strncasecmp _strnicmp
	91	#define DLLEXPORT __declspec(dllexport)
	92	#else
	93	#define DLLEXPORT
	94	#endif
	95
	96
	97	/* -------------------------------------------------------------------------- */
	98	/* Public key as (usually) fetched from DNS */
	99	typedef struct pdkim_pubkey {
e2e3255a JH	100	uschar version; / v= */
e2e3255a JH	101	uschar granularity; / g= */
80a47a2c	102
e21a4d00	103	#ifdef notdef
e2e3255a JH	104	uschar hashes; / h= */
e2e3255a JH	105	uschar keytype; / k= */
e21a4d00	106	#endif
e2e3255a JH	107	uschar srvtype; / s= */
e2e3255a JH	108	uschar notes; / n= */
80a47a2c	109
2592e6c0	110	blob key; /* p= */
80a47a2c TK	111	int testing; /* t=y */
	112	int no_subdomaining; /* t=s */
	113	} pdkim_pubkey;
	114
	115	/* -------------------------------------------------------------------------- */
	116	/* Signature as it appears in a DKIM-Signature header */
	117	typedef struct pdkim_signature {
	118
	119	/* Bits stored in a DKIM signature header --------------------------- */
	120
	121	/* (v=) The version, as an integer. Currently, always "1" */
	122	int version;
	123
	124	/* (a=) The signature algorithm. Either PDKIM_ALGO_RSA_SHA256
	125	or PDKIM_ALGO_RSA_SHA1 */
	126	int algo;
	127
	128	/* (c=x/) Header canonicalization method. Either PDKIM_CANON_SIMPLE
	129	or PDKIM_CANON_RELAXED */
	130	int canon_headers;
	131
	132	/* (c=/x) Body canonicalization method. Either PDKIM_CANON_SIMPLE
	133	or PDKIM_CANON_RELAXED */
	134	int canon_body;
	135
	136	/* (q=) Query Method. Currently, only PDKIM_QUERYMETHOD_DNS_TXT
	137	is specified */
	138	int querymethod;
	139
	140	/* (s=) The selector string as given in the signature */
e2e3255a	141	uschar *selector;
80a47a2c TK	142
80a47a2c TK	143	/* (d=) The domain as given in the signature */
e2e3255a	144	uschar *domain;
80a47a2c TK	145
80a47a2c TK	146	/* (i=) The identity as given in the signature */
e2e3255a	147	uschar *identity;
80a47a2c TK	148
	149	/* (t=) Timestamp of signature creation */
	150	unsigned long created;
	151
	152	/* (x=) Timestamp of expiry of signature */
	153	unsigned long expires;
	154
	155	/* (l=) Amount of hashed body bytes (after canonicalization). Default
	156	is -1. Note: a value of 0 means that the body is unsigned! */
	157	long bodylength;
	158
	159	/* (h=) Colon-separated list of header names that are included in the
	160	signature */
2592e6c0	161	uschar *headernames;
80a47a2c TK	162
80a47a2c TK	163	/* (z=) */
e2e3255a	164	uschar *copiedheaders;
80a47a2c TK	165
80a47a2c TK	166	/* (b=) Raw signature data, along with its length in bytes */
dcd03763	167	blob sighash;
80a47a2c TK	168
80a47a2c TK	169	/* (bh=) Raw body hash data, along with its length in bytes */
2592e6c0	170	blob bodyhash;
80a47a2c TK	171
	172	/* Folded DKIM-Signature: header. Singing only, NULL for verifying.
	173	Ready for insertion into the message. Note: Folded using CRLFTB,
	174	but final line terminator is NOT included. Note2: This buffer is
	175	free()d when you call pdkim_free_ctx(). */
e2e3255a	176	uschar *signature_header;
80a47a2c TK	177
	178	/* The main verification status. Verification only. One of:
	179
	180	PDKIM_VERIFY_NONE Verification was not attempted. This status
	181	should not appear.
	182
	183	PDKIM_VERIFY_INVALID There was an error while trying to verify
	184	the signature. A more precise description
	185	is available in verify_ext_status.
	186
	187	PDKIM_VERIFY_FAIL Verification failed because either the body
	188	hash did not match, or the signature verification
	189	failed. This means the message was modified.
	190	Check verify_ext_status for the exact reason.
	191
	192	PDKIM_VERIFY_PASS Verification succeeded.
	193	*/
	194	int verify_status;
	195
	196	/* Extended verification status. Verification only. Depending on the value
	197	of verify_status, it can contain:
	198
	199	For verify_status == PDKIM_VERIFY_INVALID:
	200
	201	PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE
	202	Unable to retrieve a public key container.
	203
	204	PDKIM_VERIFY_INVALID_BUFFER_SIZE
	205	Either the DNS name constructed to retrieve the public key record
	206	does not fit into PDKIM_DNS_TXT_MAX_NAMELEN bytes, or the retrieved
	207	record is longer than PDKIM_DNS_TXT_MAX_RECLEN bytes.
	208
	209	PDKIM_VERIFY_INVALID_PUBKEY_PARSING
	210	(Syntax) error while parsing the retrieved public key record.
	211
	212
	213	For verify_status == PDKIM_VERIFY_FAIL:
	214
	215	PDKIM_VERIFY_FAIL_BODY
	216	The calculated body hash does not match the advertised body hash
	217	from the bh= tag of the signature.
	218
	219	PDKIM_VERIFY_FAIL_MESSAGE
	220	RSA verification of the signature (b= tag) failed.
	221	*/
	222	int verify_ext_status;
	223
	224	/* Pointer to a public key record that was used to verify the signature.
	225	See pdkim_pubkey declaration above for more information.
	226	Caution: is NULL if signing or if no record was retrieved. */
	227	pdkim_pubkey *pubkey;
	228
	229	/* Pointer to the next pdkim_signature signature. NULL if signing or if
	230	this is the last signature. */
	231	void *next;
	232
	233	/* Properties below this point are used internally only ------------- */
	234
	235	/* Per-signature helper variables ----------------------------------- */
dcd03763	236	hctx body_hash_ctx;
2592e6c0	237
80a47a2c	238	unsigned long signed_body_bytes; /* How many body bytes we hashed */
cb224393	239	pdkim_stringlist headers; / Raw headers included in the sig */
80a47a2c	240	/* Signing specific ------------------------------------------------- */
ca9cb170 JH	241	uschar * rsa_privkey; /* Private RSA key */
	242	uschar * sign_headers; /* To-be-signed header names */
	243	uschar * rawsig_no_b_val; /* Original signature header w/o b= tag value. */
80a47a2c TK	244	} pdkim_signature;
	245
	246
	247	/* -------------------------------------------------------------------------- */
	248	/* Context to keep state between all operations. */
80a47a2c TK	249	typedef struct pdkim_ctx {
80a47a2c TK	250
e983e85a JH	251	#define PDKIM_MODE_SIGN BIT(0) /* if unset, mode==verify */
e983e85a JH	252	#define PDKIM_DOT_TERM BIT(1) /* dot termination and unstuffing */
b895f4b2 JH	253	#define PDKIM_SEEN_CR BIT(2)
b895f4b2 JH	254	#define PDKIM_SEEN_LF BIT(3)
e983e85a	255	#define PDKIM_PAST_HDRS BIT(4)
b895f4b2	256	#define PDKIM_SEEN_EOD BIT(5)
e983e85a	257	unsigned flags;
80a47a2c	258
80a47a2c TK	259	/* One (signing) or several chained (verification) signatures */
	260	pdkim_signature *sig;
	261
	262	/* Callback for dns/txt query method (verification only) */
	263	int(dns_txt_callback)(char , char *);
	264
	265	/* Coder's little helpers */
ca9cb170 JH	266	uschar *cur_header;
	267	int cur_header_size;
	268	int cur_header_len;
80a47a2c TK	269	char *linebuf;
80a47a2c TK	270	int linebuf_offset;
80a47a2c TK	271	int num_buffered_crlf;
80a47a2c TK	272	int num_headers;
37f8b554	273	pdkim_stringlist headers; / Raw headers for verification */
80a47a2c TK	274	} pdkim_ctx;
	275
	276
	277	/* -------------------------------------------------------------------------- */
	278	/* API functions. Please see the sample code in sample/test_sign.c and
	279	sample/test_verify.c for documentation.
	280	*/
	281
	282	#ifdef __cplusplus
	283	extern "C" {
	284	#endif
	285
2592e6c0 JH	286	void pdkim_init (void);
2592e6c0 JH	287
80a47a2c	288	DLLEXPORT
cd1a5fe0 JH	289	pdkim_ctx pdkim_init_sign (char , char , char , int,
cd1a5fe0 JH	290	BOOL, int()(char , char *));
80a47a2c TK	291
80a47a2c TK	292	DLLEXPORT
e983e85a	293	pdkim_ctx pdkim_init_verify (int()(char , char ), BOOL);
80a47a2c TK	294
	295	DLLEXPORT
	296	int pdkim_set_optional (pdkim_ctx , char , char *,int, int,
f444c2c7	297	long,
80a47a2c TK	298	unsigned long,
	299	unsigned long);
	300
	301	DLLEXPORT
	302	int pdkim_feed (pdkim_ctx , char , int);
	303	DLLEXPORT
	304	int pdkim_feed_finish (pdkim_ctx , pdkim_signature *);
	305
	306	DLLEXPORT
	307	void pdkim_free_ctx (pdkim_ctx *);
	308
f7302073 JH	309
	310	const char * pdkim_errstr(int);
	311
80a47a2c TK	312	#ifdef __cplusplus
	313	}
	314	#endif
2592e6c0 JH	315
2592e6c0 JH	316	#endif