def test_verifies(self):
# A message verifies after being signed.
sig_lines = dkim.arc_sign(self.message, b"test", b"example.com",
self.key, b"test.domain: none", dkim.CV_None)
(cv, res, reason) = dkim.arc_verify(b''.join(sig_lines) + self.message,
dnsfunc=self.dnsfunc)
self.assertEquals(cv, dkim.CV_Pass)
def main():
if len(sys.argv) != 5:
print("Usage: arcsign.py selector domain privatekeyfile srv_id",
file=sys.stderr)
sys.exit(1)
if sys.version_info[0] >= 3:
# Make sys.stdin and stdout binary streams.
sys.stdin = sys.stdin.detach()
sys.stdout = sys.stdout.detach()
selector = sys.argv[1].encode('ascii')
domain = sys.argv[2].encode('ascii')
privatekeyfile = sys.argv[3]
srv_id = sys.argv[4].encode('ascii')
message = sys.stdin.read()
# Pick a cv status
cv = dkim.CV_None
if re.search(b'arc-seal', message, re.IGNORECASE):
cv = dkim.CV_Pass
#try:
sig = dkim.arc_sign(message,
selector,
domain,
open(privatekeyfile, "rb").read(),
srv_id,
cv,
linesep=dkim.util.get_linesep(message))
for line in sig:
sys.stdout.write(line)
def test_signs_and_verifies(self):
# A message verifies after being signed
self.maxDiff = None
sig_lines = dkim.arc_sign(self.message,
b"test",
b"example.com",
self.key,
b"lists.example.org",
timestamp="12345")
expected_sig = [
b'ARC-Seal: i=1; cv=none; a=rsa-sha256; d=example.com; s=test; t=12345;\r\n b=MBw2+L1/4PuYWJlt1tZlDtbOvyfbyH2t2N6DinFV/BIaB2LqbDKTYjXXk9HuuK1/qEkTd\r\n TxCYScIrtVO7pFbGiSawMuLatVzHNCqTURa1zBTXr2mKW1hgdmrtMMUcMVCYxr1AJpu6IYX\r\n VMIoOAn7tIDdO0VLokK6FnIXTWEAplQ=\r\n',
b'ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;\r\n d=example.com; s=test; t=12345; h=message-id : date : from : to :\r\n subject : from; bh=wE7NXSkgnx9PGiavN4OZhJztvkqPDlemV3OGuEnLwNo=;\r\n b=a0f6qc3k9eECTSR155A0TQS+LjqPFWfI/brQBA83EUz00SNxj1wmWykvs1hhBVeM0r1kE\r\n Qc6CKbzRYaBNSiFj4q8JBpRIujLz1qLyGmPuAI6ddu/Z/1hQxgpVcp/odmI1UMV2R+d+yQ7\r\n tUp3EQxF/GYNt22rV4rNmDmANZVqJ90=\r\n',
b'ARC-Authentication-Results: i=1; lists.example.org; arc=none;\r\n spf=pass [email protected];\r\n dkim=pass (1024-bit key) [email protected];\r\n dmarc=pass\r\n'
]
self.assertEqual(expected_sig, sig_lines)
(cv, res, reason) = dkim.arc_verify(b''.join(sig_lines) + self.message,
dnsfunc=self.dnsfunc)
self.assertEqual(cv, dkim.CV_Pass)
def arctestdns(name):
try:
q = DNSRecord.question(name.decode("utf-8"), "TXT")
a = q.send("localhost", int(sys.argv[2]))
r = DNSRecord.parse(a)
if not r.get_a().rdata:
return None
return "".join([x.decode('utf-8') for x in r.get_a().rdata.data])
except:
return None
if (sys.argv[9].lower() == 'true'):
logging.basicConfig(level=10)
with open(sys.argv[1], 'rb') as mf, open(sys.argv[3], 'rb') as pkf:
message = mf.read()
privatekey = pkf.read()
srv_id = sys.argv[4]
sig = dkim.arc_sign(message,
sys.argv[5].encode(),
sys.argv[6].encode(),
privatekey,
srv_id.encode(),
include_headers=sys.argv[7].encode().split(b':'),
timestamp=sys.argv[8],
standardize=True)
sys.stdout.write(b"\n".join(sig).decode('utf-8'))
results_list += [arc_res]
except Exception as e:
sys.stdout.write("X-MTA-Error: qmail-arc failed ARC verifying ({}).".
format(e).encode("utf-8") + linesep)
#raise
pass
try:
### PREP AUTH RESULT
auth_res = authres.AuthenticationResultsHeader(authserv_id=AUTHSERV_ID,
results=results_list)
auth_res_str = str(auth_res).encode("utf-8") + linesep
message = auth_res_str + message
# parameters: message, selector, domain, privkey, srv_id, signature_algorithm
sig = dkim.arc_sign(message, DKIM_SELECTOR, DKIM_DOMAIN, privkey,
b"eukelade.uberspace.de")
#sys.stdout.write(repr(sig).encode("utf-8"))
for line in sig:
sys.stdout.write(line)
except Exception as e:
sys.stdout.write("X-MTA-Error: qmail-arc failed ARC signing ({}).".format(
e).encode("utf-8") + linesep)
#raise
pass
#sys.exit(0)
sys.stdout.write(message)