Beispiel #1
0
    def test_dkim_signature_canonicalization(self):
        # <https://bugs.launchpad.net/ubuntu/+source/pydkim/+bug/587783>
        # Relaxed-mode header signing is wrong
        # <https://bugs.launchpad.net/dkimpy/+bug/939128>
        # Simple-mode signature header verification is wrong
        # (should ignore FWS anywhere in signature tag: b=)
        sample_msg = b"""\
From: [email protected]
To: [email protected]
Subject: this is my
    test message
""".replace(b'\n', b'\r\n')

        sample_privkey = b"""\
-----BEGIN RSA PRIVATE KEY-----
MIIBOwIBAAJBANmBe10IgY+u7h3enWTukkqtUD5PR52Tb/mPfjC0QJTocVBq6Za/
PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQJAYFUKsD+uMlcFu1D3YNaR
EGYGXjJ6w32jYGJ/P072M3yWOq2S1dvDthI3nRT8MFjZ1wHDAYHrSpfDNJ3v2fvZ
cQIhAPgRPmVYn+TGd59asiqG1SZqh+p+CRYHW7B8BsicG5t3AiEA4HYNOohlgWan
8tKgqLJgUdPFbaHZO1nDyBgvV8hvWZUCIQDDdCq6hYKuKeYUy8w3j7cgJq3ih922
2qNWwdJCfCWQbwIgTY0cBvQnNe0067WQIpj2pG7pkHZR6qqZ9SE+AjNTHX0CIQCI
Mgq55Y9MCq5wqzy141rnxrJxTwK9ABo3IAFMWEov3g==
-----END RSA PRIVATE KEY-----
"""

        sample_pubkey = """\
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANmBe10IgY+u7h3enWTukkqtUD5PR52T
b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ==
-----END PUBLIC KEY-----
"""

        for header_mode in [dkim.Relaxed, dkim.Simple]:

            dkim_header = dkim.sign(sample_msg,
                                    b'example',
                                    b'canonical.com',
                                    sample_privkey,
                                    canonicalize=(header_mode, dkim.Relaxed))
            # Folding dkim_header affects b= tag only, since dkim.sign folds
            # sig_value with empty b= before hashing, and then appends the
            # signature.  So folding dkim_header again adds FWS to
            # the b= tag only.  This should be ignored even with
            # simple canonicalization.
            # http://tools.ietf.org/html/rfc4871#section-3.5
            signed = dkim.fold(dkim_header) + sample_msg
            result = dkim.verify(signed, dnsfunc=self.dnsfunc, minkey=512)
            self.assertTrue(result)
            dkim_header = dkim.fold(dkim_header)
            # use a tab for last fold to test tab in FWS bug
            pos = dkim_header.rindex(b'\r\n ')
            dkim_header = dkim_header[:pos] + b'\r\n\t' + dkim_header[pos + 3:]
            result = dkim.verify(dkim_header + sample_msg,
                                 dnsfunc=self.dnsfunc,
                                 minkey=512)
            self.assertTrue(result)
    def test_dkim_signature_canonicalization(self):
      # <https://bugs.launchpad.net/ubuntu/+source/pydkim/+bug/587783>
      # Relaxed-mode header signing is wrong
      # <https://bugs.launchpad.net/dkimpy/+bug/939128>
      # Simple-mode signature header verification is wrong
      # (should ignore FWS anywhere in signature tag: b=)
      sample_msg = b"""\
From: [email protected]
To: [email protected]
Subject: this is my
    test message
""".replace(b'\n', b'\r\n')

      sample_privkey = b"""\
-----BEGIN RSA PRIVATE KEY-----
MIIBOwIBAAJBANmBe10IgY+u7h3enWTukkqtUD5PR52Tb/mPfjC0QJTocVBq6Za/
PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQJAYFUKsD+uMlcFu1D3YNaR
EGYGXjJ6w32jYGJ/P072M3yWOq2S1dvDthI3nRT8MFjZ1wHDAYHrSpfDNJ3v2fvZ
cQIhAPgRPmVYn+TGd59asiqG1SZqh+p+CRYHW7B8BsicG5t3AiEA4HYNOohlgWan
8tKgqLJgUdPFbaHZO1nDyBgvV8hvWZUCIQDDdCq6hYKuKeYUy8w3j7cgJq3ih922
2qNWwdJCfCWQbwIgTY0cBvQnNe0067WQIpj2pG7pkHZR6qqZ9SE+AjNTHX0CIQCI
Mgq55Y9MCq5wqzy141rnxrJxTwK9ABo3IAFMWEov3g==
-----END RSA PRIVATE KEY-----
"""

      sample_pubkey = """\
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANmBe10IgY+u7h3enWTukkqtUD5PR52T
b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ==
-----END PUBLIC KEY-----
"""

      for header_mode in [dkim.Relaxed, dkim.Simple]:

        dkim_header = dkim.sign(sample_msg, b'example', b'canonical.com',
            sample_privkey, canonicalize=(header_mode, dkim.Relaxed))
        # Folding dkim_header affects b= tag only, since dkim.sign folds
        # sig_value with empty b= before hashing, and then appends the
        # signature.  So folding dkim_header again adds FWS to
        # the b= tag only.  This should be ignored even with
        # simple canonicalization.  
        # http://tools.ietf.org/html/rfc4871#section-3.5
        signed = dkim.fold(dkim_header) + sample_msg
        result = dkim.verify(signed,dnsfunc=self.dnsfunc,
                minkey=512)
        self.assertTrue(result)
        dkim_header = dkim.fold(dkim_header)
        # use a tab for last fold to test tab in FWS bug
        pos = dkim_header.rindex(b'\r\n ')
        dkim_header = dkim_header[:pos]+b'\r\n\t'+dkim_header[pos+3:]
        result = dkim.verify(dkim_header + sample_msg,
                dnsfunc=self.dnsfunc, minkey=512)
        self.assertTrue(result)
    def test_dkim_signature_canonicalization(self):
        # <https://bugs.launchpad.net/ubuntu/+source/pydkim/+bug/587783>
        # Relaxed-mode header signing is wrong
        # <https://bugs.launchpad.net/dkimpy/+bug/939128>
        # Simple-mode signature header verification is wrong
        # (should ignore FWS anywhere in signature tag: b=)
        sample_msg = b"""\
From: [email protected]
To: [email protected]
Subject: this is my
    test message
""".replace(b'\n', b'\r\n')

        sample_privkey = b"""\
fL+5V9EquCZAovKik3pA6Lk9zwCzoEtjIuIqK9ZXHHA=\
"""

        sample_pubkey = """\
yi50DjK5O9pqbFpNHklsv9lqaS0ArSYu02qp1S0DW1Y=\
"""

        for header_mode in [dkim.Relaxed, dkim.Simple]:

            dkim_header = dkim.sign(sample_msg,
                                    b'example',
                                    b'canonical.com',
                                    sample_privkey,
                                    canonicalize=(header_mode, dkim.Relaxed),
                                    signature_algorithm=b'ed25519-sha256')
            # Folding dkim_header affects b= tag only, since dkim.sign folds
            # sig_value with empty b= before hashing, and then appends the
            # signature.  So folding dkim_header again adds FWS to
            # the b= tag only.  This should be ignored even with
            # simple canonicalization.
            # http://tools.ietf.org/html/rfc4871#section-3.5
            signed = dkim.fold(dkim_header) + sample_msg
            result = dkim.verify(signed, dnsfunc=self.dnsfunc)
            self.assertTrue(result)
            dkim_header = dkim.fold(dkim_header)
            # use a tab for last fold to test tab in FWS bug
            pos = dkim_header.rindex(b'\r\n ')
            dkim_header = dkim_header[:pos] + b'\r\n\t' + dkim_header[pos + 3:]
            result = dkim.verify(dkim_header + sample_msg,
                                 dnsfunc=self.dnsfunc)
            self.assertTrue(result)
Beispiel #4
0
 def test_long_line(self):
     # The function is terribly broken, not passing even this simple
     # test.
     self.assertEqual(b"foo" * 24 + b"\r\n foo", dkim.fold(b"foo" * 25))
Beispiel #5
0
 def test_short_line(self):
     self.assertEqual(b"foo", dkim.fold(b"foo"))
 def test_long_line(self):
     # The function is terribly broken, not passing even this simple
     # test.
     self.assertEqual(
         b"foo" * 24 + b"\r\n foo", dkim.fold(b"foo" * 25))
 def test_short_line(self):
     self.assertEqual(
         b"foo", dkim.fold(b"foo"))
Beispiel #8
0
 def test_linesep(self):
     self.assertEqual(b"foo" * 24 + b"\n foo",
                      dkim.fold(b"foo" * 25, linesep=b"\n"))