dkim-filter does not properly handle verification of messages signed with a key that has been revoked in DNS (the p= flag set to an empty string).
Example key:
revoked._domainkey.loopted.com. TXT "v=DKIM1; g=*; k=rsa; p="
dkim-filter -t shows the actual error:
dkim-filter: dkim.c:3725: dkim_error: Assertion `format != ((void *)0)' failed.
Aborted
A backtrace is attached.
dkim-filter crash backtrace
trivial patch for revoked key handling on verify
As discussed in email, this does appear to be as simple as a missing entry for DKIM_SIGERROR_KEYREVOKED when calling dkim_code_to_name() for dkim_error(). I'm attaching a trivial patch just for completeness.
File Added: dkim-revoked.diff
Looks right. The patch is slightly more involved for total correctness, but your patch fixes the crash issue.
Full patch attached.
File Added: PATCH
Proposed patch #1
Also added a unit test which fails without the patch to verify correct handling.
Fix and new unit test will appear in 2.8.1, which I plan to release soon.
v2.8.1 released, containing this patch.