def test_verifies(self): # A message verifies after being signed. sig_lines = dkim.arc_sign(self.message, b"test", b"example.com", self.key, b"test.domain: none", dkim.CV_None) (cv, res, reason) = dkim.arc_verify(b''.join(sig_lines) + self.message, dnsfunc=self.dnsfunc) self.assertEquals(cv, dkim.CV_Pass)
def main(): if len(sys.argv) != 5: print("Usage: arcsign.py selector domain privatekeyfile srv_id", file=sys.stderr) sys.exit(1) if sys.version_info[0] >= 3: # Make sys.stdin and stdout binary streams. sys.stdin = sys.stdin.detach() sys.stdout = sys.stdout.detach() selector = sys.argv[1].encode('ascii') domain = sys.argv[2].encode('ascii') privatekeyfile = sys.argv[3] srv_id = sys.argv[4].encode('ascii') message = sys.stdin.read() # Pick a cv status cv = dkim.CV_None if re.search(b'arc-seal', message, re.IGNORECASE): cv = dkim.CV_Pass #try: sig = dkim.arc_sign(message, selector, domain, open(privatekeyfile, "rb").read(), srv_id, cv, linesep=dkim.util.get_linesep(message)) for line in sig: sys.stdout.write(line)
def test_signs_and_verifies(self): # A message verifies after being signed self.maxDiff = None sig_lines = dkim.arc_sign(self.message, b"test", b"example.com", self.key, b"lists.example.org", timestamp="12345") expected_sig = [ b'ARC-Seal: i=1; cv=none; a=rsa-sha256; d=example.com; s=test; t=12345;\r\n b=MBw2+L1/4PuYWJlt1tZlDtbOvyfbyH2t2N6DinFV/BIaB2LqbDKTYjXXk9HuuK1/qEkTd\r\n TxCYScIrtVO7pFbGiSawMuLatVzHNCqTURa1zBTXr2mKW1hgdmrtMMUcMVCYxr1AJpu6IYX\r\n VMIoOAn7tIDdO0VLokK6FnIXTWEAplQ=\r\n', b'ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;\r\n d=example.com; s=test; t=12345; h=message-id : date : from : to :\r\n subject : from; bh=wE7NXSkgnx9PGiavN4OZhJztvkqPDlemV3OGuEnLwNo=;\r\n b=a0f6qc3k9eECTSR155A0TQS+LjqPFWfI/brQBA83EUz00SNxj1wmWykvs1hhBVeM0r1kE\r\n Qc6CKbzRYaBNSiFj4q8JBpRIujLz1qLyGmPuAI6ddu/Z/1hQxgpVcp/odmI1UMV2R+d+yQ7\r\n tUp3EQxF/GYNt22rV4rNmDmANZVqJ90=\r\n', b'ARC-Authentication-Results: i=1; lists.example.org; arc=none;\r\n spf=pass [email protected];\r\n dkim=pass (1024-bit key) [email protected];\r\n dmarc=pass\r\n' ] self.assertEqual(expected_sig, sig_lines) (cv, res, reason) = dkim.arc_verify(b''.join(sig_lines) + self.message, dnsfunc=self.dnsfunc) self.assertEqual(cv, dkim.CV_Pass)
def arctestdns(name): try: q = DNSRecord.question(name.decode("utf-8"), "TXT") a = q.send("localhost", int(sys.argv[2])) r = DNSRecord.parse(a) if not r.get_a().rdata: return None return "".join([x.decode('utf-8') for x in r.get_a().rdata.data]) except: return None if (sys.argv[9].lower() == 'true'): logging.basicConfig(level=10) with open(sys.argv[1], 'rb') as mf, open(sys.argv[3], 'rb') as pkf: message = mf.read() privatekey = pkf.read() srv_id = sys.argv[4] sig = dkim.arc_sign(message, sys.argv[5].encode(), sys.argv[6].encode(), privatekey, srv_id.encode(), include_headers=sys.argv[7].encode().split(b':'), timestamp=sys.argv[8], standardize=True) sys.stdout.write(b"\n".join(sig).decode('utf-8'))
results_list += [arc_res] except Exception as e: sys.stdout.write("X-MTA-Error: qmail-arc failed ARC verifying ({}).". format(e).encode("utf-8") + linesep) #raise pass try: ### PREP AUTH RESULT auth_res = authres.AuthenticationResultsHeader(authserv_id=AUTHSERV_ID, results=results_list) auth_res_str = str(auth_res).encode("utf-8") + linesep message = auth_res_str + message # parameters: message, selector, domain, privkey, srv_id, signature_algorithm sig = dkim.arc_sign(message, DKIM_SELECTOR, DKIM_DOMAIN, privkey, b"eukelade.uberspace.de") #sys.stdout.write(repr(sig).encode("utf-8")) for line in sig: sys.stdout.write(line) except Exception as e: sys.stdout.write("X-MTA-Error: qmail-arc failed ARC signing ({}).".format( e).encode("utf-8") + linesep) #raise pass #sys.exit(0) sys.stdout.write(message)