def _verify_signed_message(self, content_type): if content_type != 'multipart/signed': raise AS2MdnException('content-type invalid when signed required') mdn_signature_thumbprint = self.context.agreement.outbound_agreement.message_encryption_certificate.thumbprint mdn_signature_cert_path = self.context.agreement.outbound_agreement.message_encryption_certificate.local_file_path mdn_signature_cert_ca_path = self.context.agreement.outbound_agreement.message_encryption_certificate.local_ca_file_path mdn_signature_cert_verify = self.context.agreement.outbound_agreement.message_encryption_certificate.is_need_verify try: if is_none_or_whitespace(mdn_signature_cert_ca_path): mdn_signature_cert_ca_path = mdn_signature_cert_path f_mime_string = SMIMEHelper.format_with_cr_lf( SMIMEHelper.mime_to_string(self.mime_message)) SMIMEHelper.verify_signed_text(f_mime_string, mdn_signature_cert_path, mdn_signature_cert_ca_path, mdn_signature_cert_verify) self.context.trace( "mdn signature verify finished; thumbprint: {thumbprint}, verify certificate: {verify}", thumbprint=mdn_signature_thumbprint, verify=mdn_signature_cert_verify) except: logger.exception( "mdn signature verify failed; mdn-message-id: {id}".format( id=self.mdn_message_id)) raise AS2MdnException( "mdn signature verify failed; thumbprint: {thumbprint}, verify certificate: {verify}, due to: {message}", thumbprint=mdn_signature_thumbprint, verify=mdn_signature_cert_verify, message=sys.exc_info()[1])
def _verify_signature(self): if not self.is_signed: self.context.trace("verify signature ignored") return content_type = self.mime_message.get_content_type().lower() if content_type != 'multipart/signed': raise AS2VerifySignatureException('verify signature failed; content-type:{type} invalid', type=content_type) cert_thumbprint = self.context.agreement.inbound_agreement.message_verify_certificate.thumbprint cert_local_file_path = self.context.agreement.inbound_agreement.message_verify_certificate.local_file_path cert_ca_local_file_path = self.context.agreement.inbound_agreement.message_verify_certificate.local_ca_file_path cert_verify = self.context.agreement.inbound_agreement.message_verify_certificate.is_need_verify try: if is_none_or_whitespace(cert_ca_local_file_path): cert_ca_local_file_path = cert_local_file_path for part in self.mime_message.get_payload(): if not isinstance(part, email.message.Message): continue part_type = part.get_content_type().lower() part_encoding = part.get('Content-Transfer-Encoding', '').lower() if 'application/pkcs7-signature' == part_type and 'base64' != part_encoding: del part['Content-Transfer-Encoding'] email.encoders.encode_base64(part) self.context.trace('signature content transfer encoding to base64') f_mime_string = SMIMEHelper.format_with_cr_lf( SMIMEHelper.mime_to_string(self.mime_message)) SMIMEHelper.verify_signed_text( f_mime_string, cert_local_file_path, cert_ca_local_file_path, cert_verify) self.mic_algorithm = self.mime_message.get_param('micalg').lower() parts = [part for part in self.mime_message.walk() if part.get_content_type() not in ['multipart/signed', 'application/pkcs7-signature']] if len(parts) != 1: raise AS2VerifySignatureException( "verify signature failed; due to multiple part content in mime message") self.mime_message = parts[0] self.context.trace("verify signature finished; thumbprint: {thumbprint}, verify certificate: {verify}", thumbprint=cert_thumbprint, verify=cert_verify) except: logger.exception("verify signature failed; message-id: {id}".format(id=self.message_id)) raise AS2VerifySignatureException( "verify signature failed; thumbprint: {thumbprint}, verify certificate: {verify}, due to: {message}", thumbprint=cert_thumbprint, verify=cert_verify, message=sys.exc_info()[1])
def test_verify_signed_data_no_verify_cert_without_ca(self): signed_msg = '''MIME-Version: 1.0 Content-Disposition: attachment; filename="smime.p7m" Content-Type: application/x-pkcs7-mime; smime-type=signed-data; name="smime.p7m" Content-Transfer-Encoding: base64 MIIJxAYJKoZIhvcNAQcCoIIJtTCCCbECAQExDzANBglghkgBZQMEAgEFADAnBgkq hkiG9w0BBwGgGgQYVGhpcyBpcyB0ZXN0IG1lc3NhZ2UuIA0KoIIHsjCCA9UwggK9 oAMCAQICCQC2XhVbIaoZvjANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCQ04x CzAJBgNVBAgMAlNDMQswCQYDVQQHDAJDRDEPMA0GA1UECgwGTmV3ZWdnMQwwCgYD VQQLDANFREkxGDAWBgNVBAMMD0FTMiBDZXJ0aWZpY2F0ZTEeMBwGCSqGSIb3DQEJ ARYPdHIyOUBuZXdlZ2cuY29tMB4XDTE3MDMyODA5Mzc1NloXDTE4MDMyODA5Mzc1 NlowgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwCQ0QxDzAN BgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIgQ2VydGlm aWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBANmjQYcuDWY3E/2vhyazv3PqI6VoalRg1ESH 5BouIRW7TB9yCB4O7gWuWNfSR+JnECUZDzDaTZxoY5Hb90MAfBdTzMZzH61nMJdZ vf3P86QyuV0MTw+N0E/u2yuOwZAbNM6xAjd78hJNoQsMj+UCv5cnRhPtLE0H5j+X 4VRlPEVPwGZaKAB7EAZJZQj6vGkMA0ib3OhwH/osjWtMGZXxqaA6HeeHNBAGIU++ gIo9V60isr1XgjuRsdAjtedxZO0ptvgprAlZ+xsctnFiEpNykevvbyHnLrYp7nEP ijCZz72AlqFQOUxNa1RrETNj4pROXj77zfynvKBTF0hD7hIVmrUCAwEAAaNQME4w HQYDVR0OBBYEFLDWAwHDmOVAN++FDMygl9kIyUNIMB8GA1UdIwQYMBaAFLDWAwHD mOVAN++FDMygl9kIyUNIMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB ALo3U+fAhvV8nZMX5n6BeCDfLuD8WiD1PZG/rqoZFp9yOPP2cuPSN6Jh7TO+85ho /7eY17tZwTgPAX7+dq+Np0HbRTRcLiqDLG3dy9sQMZNqPVuEamIzopOfRt1Q3wh2 xCqHx8yeC368ueIrPQRdvZfDCVq5wBT8CR+zn73WC728ZlmKoeG6JChpttb/93Xa CPYSRkVvcB2UtBzAHzUdReCLP+7l26rSWvSv2Pm8fU1vlch6ikC+Bazw61zukxh+ bqx1K4Y7gXtT9B0aYWxu1tcTeMMIEc69D6jX2qnC3ay1S/5s0wzlPK4618IAET+g FYEsHAdihG2FElL1tRNxafwwggPVMIICvaADAgECAgkAtl4VWyGqGb4wDQYJKoZI hvcNAQELBQAwgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwC Q0QxDzANBgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIg Q2VydGlmaWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbTAeFw0x NzAzMjgwOTM3NTZaFw0xODAzMjgwOTM3NTZaMIGAMQswCQYDVQQGEwJDTjELMAkG A1UECAwCU0MxCzAJBgNVBAcMAkNEMQ8wDQYDVQQKDAZOZXdlZ2cxDDAKBgNVBAsM A0VESTEYMBYGA1UEAwwPQVMyIENlcnRpZmljYXRlMR4wHAYJKoZIhvcNAQkBFg90 cjI5QG5ld2VnZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ o0GHLg1mNxP9r4cms79z6iOlaGpUYNREh+QaLiEVu0wfcggeDu4FrljX0kfiZxAl GQ8w2k2caGOR2/dDAHwXU8zGcx+tZzCXWb39z/OkMrldDE8PjdBP7tsrjsGQGzTO sQI3e/ISTaELDI/lAr+XJ0YT7SxNB+Y/l+FUZTxFT8BmWigAexAGSWUI+rxpDANI m9zocB/6LI1rTBmV8amgOh3nhzQQBiFPvoCKPVetIrK9V4I7kbHQI7XncWTtKbb4 KawJWfsbHLZxYhKTcpHr728h5y62Ke5xD4owmc+9gJahUDlMTWtUaxEzY+KUTl4+ +838p7ygUxdIQ+4SFZq1AgMBAAGjUDBOMB0GA1UdDgQWBBSw1gMBw5jlQDfvhQzM oJfZCMlDSDAfBgNVHSMEGDAWgBSw1gMBw5jlQDfvhQzMoJfZCMlDSDAMBgNVHRME BTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQC6N1PnwIb1fJ2TF+Z+gXgg3y7g/Fog 9T2Rv66qGRafcjjz9nLj0jeiYe0zvvOYaP+3mNe7WcE4DwF+/navjadB20U0XC4q gyxt3cvbEDGTaj1bhGpiM6KTn0bdUN8IdsQqh8fMngt+vLniKz0EXb2XwwlaucAU /Akfs5+91gu9vGZZiqHhuiQoabbW//d12gj2EkZFb3AdlLQcwB81HUXgiz/u5duq 0lr0r9j5vH1Nb5XIeopAvgWs8Otc7pMYfm6sdSuGO4F7U/QdGmFsbtbXE3jDCBHO vQ+o19qpwt2stUv+bNMM5TyuOtfCABE/oBWBLBwHYoRthRJS9bUTcWn8MYIBujCC AbYCAQEwgY4wgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwC Q0QxDzANBgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIg Q2VydGlmaWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbQIJALZe FVshqhm+MA0GCWCGSAFlAwQCAQUAMA0GCSqGSIb3DQEBAQUABIIBALtFk2AXjr97 XIdeY5w4XX9rOFyWg4pty4OMzqt1JlAwD31My4+3FQSmIx6rHFeH+HgLY4Amie2D cpUHTclMZzz4uEh8S9+o1fLGH4kORah5ndHuuR6LZMukzHFfbiY0Qk2h9HF0cPTj fvbGT6N8sMj/1aNl2GfNMdOeFxuXIH8TXELJrYrmdOpWA+RYGg96989beC9j54eB 2VX9KRtpG5576jeDH2iuCztEwksMqKxBeRw/byj4wryiKIcm+ThnM2/kKH/cFJbz HMlT8fyoImZ3gTRUMtWie32REMtmm32MLMMbgYAYRsnAV4ZVa+5mUx84hihWmmPK uxtwCuo/x84= ''' f_signed_msg = SMIMEHelper.format_with_cr_lf(signed_msg) crt_path = self.__get_cert_path('P1_public.cer') ca_crt_path = self.__get_cert_path('P1_public.cer') is_verify_cert = False rst = SMIMEHelper.verify_signed_text(f_signed_msg, crt_path, ca_crt_path, is_verify_cert) assert_equal(self.clearText, rst.strip())
def test_verify_signed_data_without_ca(self): signed_msg = '''MIME-Version: 1.0 Content-Disposition: attachment; filename="smime.p7m" Content-Type: application/x-pkcs7-mime; smime-type=signed-data; name="smime.p7m" Content-Transfer-Encoding: base64 MIIKqwYJKoZIhvcNAQcCoIIKnDCCCpgCAQExDzANBglghkgBZQMEAgEFADAnBgkq hkiG9w0BBwGgGgQYVGhpcyBpcyB0ZXN0IG1lc3NhZ2UuIA0KoIIHsjCCA9UwggK9 oAMCAQICCQC2XhVbIaoZvjANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCQ04x CzAJBgNVBAgMAlNDMQswCQYDVQQHDAJDRDEPMA0GA1UECgwGTmV3ZWdnMQwwCgYD VQQLDANFREkxGDAWBgNVBAMMD0FTMiBDZXJ0aWZpY2F0ZTEeMBwGCSqGSIb3DQEJ ARYPdHIyOUBuZXdlZ2cuY29tMB4XDTE3MDMyODA5Mzc1NloXDTE4MDMyODA5Mzc1 NlowgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwCQ0QxDzAN BgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIgQ2VydGlm aWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBANmjQYcuDWY3E/2vhyazv3PqI6VoalRg1ESH 5BouIRW7TB9yCB4O7gWuWNfSR+JnECUZDzDaTZxoY5Hb90MAfBdTzMZzH61nMJdZ vf3P86QyuV0MTw+N0E/u2yuOwZAbNM6xAjd78hJNoQsMj+UCv5cnRhPtLE0H5j+X 4VRlPEVPwGZaKAB7EAZJZQj6vGkMA0ib3OhwH/osjWtMGZXxqaA6HeeHNBAGIU++ gIo9V60isr1XgjuRsdAjtedxZO0ptvgprAlZ+xsctnFiEpNykevvbyHnLrYp7nEP ijCZz72AlqFQOUxNa1RrETNj4pROXj77zfynvKBTF0hD7hIVmrUCAwEAAaNQME4w HQYDVR0OBBYEFLDWAwHDmOVAN++FDMygl9kIyUNIMB8GA1UdIwQYMBaAFLDWAwHD mOVAN++FDMygl9kIyUNIMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB ALo3U+fAhvV8nZMX5n6BeCDfLuD8WiD1PZG/rqoZFp9yOPP2cuPSN6Jh7TO+85ho /7eY17tZwTgPAX7+dq+Np0HbRTRcLiqDLG3dy9sQMZNqPVuEamIzopOfRt1Q3wh2 xCqHx8yeC368ueIrPQRdvZfDCVq5wBT8CR+zn73WC728ZlmKoeG6JChpttb/93Xa CPYSRkVvcB2UtBzAHzUdReCLP+7l26rSWvSv2Pm8fU1vlch6ikC+Bazw61zukxh+ bqx1K4Y7gXtT9B0aYWxu1tcTeMMIEc69D6jX2qnC3ay1S/5s0wzlPK4618IAET+g FYEsHAdihG2FElL1tRNxafwwggPVMIICvaADAgECAgkAtl4VWyGqGb4wDQYJKoZI hvcNAQELBQAwgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwC Q0QxDzANBgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIg Q2VydGlmaWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbTAeFw0x NzAzMjgwOTM3NTZaFw0xODAzMjgwOTM3NTZaMIGAMQswCQYDVQQGEwJDTjELMAkG A1UECAwCU0MxCzAJBgNVBAcMAkNEMQ8wDQYDVQQKDAZOZXdlZ2cxDDAKBgNVBAsM A0VESTEYMBYGA1UEAwwPQVMyIENlcnRpZmljYXRlMR4wHAYJKoZIhvcNAQkBFg90 cjI5QG5ld2VnZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ o0GHLg1mNxP9r4cms79z6iOlaGpUYNREh+QaLiEVu0wfcggeDu4FrljX0kfiZxAl GQ8w2k2caGOR2/dDAHwXU8zGcx+tZzCXWb39z/OkMrldDE8PjdBP7tsrjsGQGzTO sQI3e/ISTaELDI/lAr+XJ0YT7SxNB+Y/l+FUZTxFT8BmWigAexAGSWUI+rxpDANI m9zocB/6LI1rTBmV8amgOh3nhzQQBiFPvoCKPVetIrK9V4I7kbHQI7XncWTtKbb4 KawJWfsbHLZxYhKTcpHr728h5y62Ke5xD4owmc+9gJahUDlMTWtUaxEzY+KUTl4+ +838p7ygUxdIQ+4SFZq1AgMBAAGjUDBOMB0GA1UdDgQWBBSw1gMBw5jlQDfvhQzM oJfZCMlDSDAfBgNVHSMEGDAWgBSw1gMBw5jlQDfvhQzMoJfZCMlDSDAMBgNVHRME BTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQC6N1PnwIb1fJ2TF+Z+gXgg3y7g/Fog 9T2Rv66qGRafcjjz9nLj0jeiYe0zvvOYaP+3mNe7WcE4DwF+/navjadB20U0XC4q gyxt3cvbEDGTaj1bhGpiM6KTn0bdUN8IdsQqh8fMngt+vLniKz0EXb2XwwlaucAU /Akfs5+91gu9vGZZiqHhuiQoabbW//d12gj2EkZFb3AdlLQcwB81HUXgiz/u5duq 0lr0r9j5vH1Nb5XIeopAvgWs8Otc7pMYfm6sdSuGO4F7U/QdGmFsbtbXE3jDCBHO vQ+o19qpwt2stUv+bNMM5TyuOtfCABE/oBWBLBwHYoRthRJS9bUTcWn8MYICoTCC Ap0CAQEwgY4wgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwC Q0QxDzANBgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIg Q2VydGlmaWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbQIJALZe FVshqhm+MA0GCWCGSAFlAwQCAQUAoIHkMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTE3MDQyNzA4NDgwM1owLwYJKoZIhvcNAQkEMSIE IH7HFu9Vg2a65GnbbfbJXxZA3v/uZ1JEfknhNXYAeFgAMHkGCSqGSIb3DQEJDzFs MGowCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBFjALBglghkgBZQMEAQIwCgYIKoZI hvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0G CCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABIIBAKw+XraBkJ71sdUjyitSpeLE lnorlkIeXqJo3KYaTqCaeR49GddkWFje1CpHnlHPCvI2JyC98W9PdKnP70cjIGDc 2V2rM3VD/cFvXjMbYIRB7gsTD1QmZPivXNQTSoTPYcuzLgxMYQIzROTWN9Ex5tLQ +IO4zRfVwjK6BsQPunLtPLBjZ0ibzPglGvU6nctj9QKaGSo6MtfX7zd3qF2Ufk2w Fr34/9qPnWHzvNAdTNjP9BNpFEBn4VTSv0LYGnjBKmV6pSk7gkL5Rna6H5fEQ2aD 1kAYa9en++gdVyhBZ/q76baX/rivop7N2fgkkxasGlru4aJK/8P1JdbGDFDGtDA= ''' f_signed_msg = SMIMEHelper.format_with_cr_lf(signed_msg) crt_path = self.__get_cert_path('P1_public.cer') ca_crt_path = self.__get_cert_path('P1_public.cer') is_verify_cert = True rst = SMIMEHelper.verify_signed_text(f_signed_msg, crt_path, ca_crt_path, is_verify_cert) assert_equal(self.clearText, rst.strip())
def test_verify_multipart_signed_text_with_ca(self): signed_msg = '''MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha1"; boundary="----61FD602D4D31C5FCAE3D9C6C0E9789D2" This is an S/MIME signed message ------61FD602D4D31C5FCAE3D9C6C0E9789D2 This is test message. ------61FD602D4D31C5FCAE3D9C6C0E9789D2 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIIPwYJKoZIhvcNAQcCoIIIMDCCCCwCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3 DQEHAaCCBTUwggUxMIIEGaADAgECAhAecXgg/TkHXQAAAABQ3DVzMA0GCSqGSIb3 DQEBCwUAMIG6MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEo MCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UE CxMwKGMpIDIwMTIgRW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVzZSBv bmx5MS4wLAYDVQQDEyVFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g TDFLMB4XDTE3MDQxNDAwMTAxOVoXDTIwMDUwMjAwNDAxOFowbTELMAkGA1UEBhMC VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExGTAXBgNVBAcTEENpdHkgb2YgSW5kdXN0 cnkxEzARBgNVBAoTCk5ld2VnZyBJbmMxGTAXBgNVBAMTEGVkaTA0Lm5ld2VnZy5j b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/UKcNeFVX30ZANlx6 ElFDGDVGfV0s/qWOduQxsP6WRm4J93vYe2sYngAyM+r+P5IOVbC9VyA6GBeC2yzl xLwV5eA50BfmpPRLEj+s86J8jV3yxs2NCku/kZqls/GvlpS78LWD51yhX8uoXvk+ 4sHpt2xB83Ok5sGiSiq5I97gOsUwQc8ASsW6Ha5VTFymZu6dU7hTzgS0DSQwcNcA G+fLHlMvAVfa0eW5y+bnFgXr15w/sfDigP1aAMb0oEeCKPLe2GDwJ6Av/M3GThI4 r6ZOLG9IDqt2dmJ5rcqeERfWZy3I7mtaWMEEeV7Cmy5M1KUvLPXWHbV4BcXiRcIH C4DxAgMBAAGjggF9MIIBeTAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYB BQUHAwEwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9s ZXZlbDFrLmNybDBLBgNVHSAERDBCMDYGCmCGSAGG+mwKAQUwKDAmBggrBgEFBQcC ARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQICMGgGCCsGAQUF BwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYI KwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNoYWluMjU2LmNl cjAbBgNVHREEFDASghBlZGkwNC5uZXdlZ2cuY29tMB8GA1UdIwQYMBaAFIKicHTd vFM/z3vU981/p2DGCky/MB0GA1UdDgQWBBSZd46F1MFczOuEYHhlf12dRxQPSjAJ BgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQC2w2bTD/R7UNsJWQFqkiT4kcNp /EJOeSPwoOVOM7FhBPcnM+vupB4CIlOHDLHBjWTFi1HClk8hiOwwO0kDgE5jI22a xIibOICBoP4ydE6z6jolBJ72uqkFAo+jBLbg30fhKDb94rvNJB0DJ9RnTKPk24wr 5WyOyS7IEypdsp2qVSRu9C0qJrQK93N6RCqu4pURjyNrM52F0/wIjAqCgqx2n1+q JzZvE4tcDdhfMYvylzH2Fegm6ADBtSaUSgIkIgfCGNxwFlDJr1w9aJwCIFwXlPNZ HoacVC1xoRThkE+nctF96mOUqwta7x4c2MHn9oL6DNERieE2v+WowjyNAl/PMYIC 0jCCAs4CAQEwgc8wgboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJ bmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkw NwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQg dXNlIG9ubHkxLjAsBgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3Jp dHkgLSBMMUsCEB5xeCD9OQddAAAAAFDcNXMwCQYFKw4DAhoFAKCB2DAYBgkqhkiG 9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNzA1MDIwNzQ1NDJa MCMGCSqGSIb3DQEJBDEWBBRNsmMYSxgjQ0t0wpH7Tcmeo4A0kjB5BgkqhkiG9w0B CQ8xbDBqMAsGCWCGSAFlAwQBKjALBglghkgBZQMEARYwCwYJYIZIAWUDBAECMAoG CCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMC BzANBggqhkiG9w0DAgIBKDANBgkqhkiG9w0BAQEFAASCAQBg5QsXfa4s5DTWp2AU Kprt+29YC+ahlmf6uh7DxS0Jr7RBdo6NLNLZV/X99Y7NHlfZsURfCwBDDg1QJK+J KC3lbopHmPfVmbDqLWKfOcKMoy3yFw6sGqAKqaqIAFcxCGeLFg/b1dSwawdrygj7 LjyT6DVbjfs/as7YRMWvuz3Y+zQoGzBWS5aU5yALnM1M3s2y01A5ZxIbe7TqzpAv QKpyMt9d/P22ryAQRABxi5VhG+BRcCLuMFBlTaTv0ZGbdEz/+G7c2Cp9RuULT5K8 V6Nr5D2Y9ek9YCMrC8F4iBL9nviLp+L76qTx2xYDyqOBx0sfxZD83zAvRqGOWzUU 25bW ------61FD602D4D31C5FCAE3D9C6C0E9789D2-- ''' f_signed_msg = SMIMEHelper.format_with_cr_lf(signed_msg) crt_path = self.__get_cert_path('edi04_with_ca.crt') ca_crt_path = self.__get_cert_path('edi04_ca_cert_chain.crt') is_verify_cert = False rst = SMIMEHelper.verify_signed_text(f_signed_msg, crt_path, ca_crt_path, is_verify_cert) assert_equal(self.clearText, rst.strip())
def test_verify_multipart_signed_text_without_ca(self): signed_msg = '''MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha1"; boundary="----E67033C32AF07C4C5BE242D36DB48F2F" This is an S/MIME signed message ------E67033C32AF07C4C5BE242D36DB48F2F This is test message. ------E67033C32AF07C4C5BE242D36DB48F2F Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIGogYJKoZIhvcNAQcCoIIGkzCCBo8CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3 DQEHAaCCA9kwggPVMIICvaADAgECAgkAtl4VWyGqGb4wDQYJKoZIhvcNAQELBQAw gYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwCQ0QxDzANBgNV BAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIgQ2VydGlmaWNh dGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbTAeFw0xNzAzMjgwOTM3 NTZaFw0xODAzMjgwOTM3NTZaMIGAMQswCQYDVQQGEwJDTjELMAkGA1UECAwCU0Mx CzAJBgNVBAcMAkNEMQ8wDQYDVQQKDAZOZXdlZ2cxDDAKBgNVBAsMA0VESTEYMBYG A1UEAwwPQVMyIENlcnRpZmljYXRlMR4wHAYJKoZIhvcNAQkBFg90cjI5QG5ld2Vn Zy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZo0GHLg1mNxP9 r4cms79z6iOlaGpUYNREh+QaLiEVu0wfcggeDu4FrljX0kfiZxAlGQ8w2k2caGOR 2/dDAHwXU8zGcx+tZzCXWb39z/OkMrldDE8PjdBP7tsrjsGQGzTOsQI3e/ISTaEL DI/lAr+XJ0YT7SxNB+Y/l+FUZTxFT8BmWigAexAGSWUI+rxpDANIm9zocB/6LI1r TBmV8amgOh3nhzQQBiFPvoCKPVetIrK9V4I7kbHQI7XncWTtKbb4KawJWfsbHLZx YhKTcpHr728h5y62Ke5xD4owmc+9gJahUDlMTWtUaxEzY+KUTl4++838p7ygUxdI Q+4SFZq1AgMBAAGjUDBOMB0GA1UdDgQWBBSw1gMBw5jlQDfvhQzMoJfZCMlDSDAf BgNVHSMEGDAWgBSw1gMBw5jlQDfvhQzMoJfZCMlDSDAMBgNVHRMEBTADAQH/MA0G CSqGSIb3DQEBCwUAA4IBAQC6N1PnwIb1fJ2TF+Z+gXgg3y7g/Fog9T2Rv66qGRaf cjjz9nLj0jeiYe0zvvOYaP+3mNe7WcE4DwF+/navjadB20U0XC4qgyxt3cvbEDGT aj1bhGpiM6KTn0bdUN8IdsQqh8fMngt+vLniKz0EXb2XwwlaucAU/Akfs5+91gu9 vGZZiqHhuiQoabbW//d12gj2EkZFb3AdlLQcwB81HUXgiz/u5duq0lr0r9j5vH1N b5XIeopAvgWs8Otc7pMYfm6sdSuGO4F7U/QdGmFsbtbXE3jDCBHOvQ+o19qpwt2s tUv+bNMM5TyuOtfCABE/oBWBLBwHYoRthRJS9bUTcWn8MYICkTCCAo0CAQEwgY4w gYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwCQ0QxDzANBgNV BAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIgQ2VydGlmaWNh dGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbQIJALZeFVshqhm+MAkG BSsOAwIaBQCggdgwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0B CQUxDxcNMTcwNDI2MDUwOTU2WjAjBgkqhkiG9w0BCQQxFgQUTbJjGEsYI0NLdMKR +03JnqOANJIweQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASowCwYJYIZIAWUD BAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYI KoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEB BQAEggEAckjU1ukVvN09owL+L9SCBm9yHcmIdzWI5EQOY0nbRLA08+a6gg2Ox6Hn 4Aa3iMFiSpaOWHUtE1IWOlUN9CdFTvkg3hTDya2hQHVM/6/zSuacsJvZf4WeT08Y ktp6zpEteaccswB0XFYHqt+jEA+lvwTcwKAQsEporSuL1Md1I99vcs19C5f/1fcD smk0rbKNs4ZvLaL3/LNdq4OLVKle0RmwX7UOn8ZWg7Ktr6SuBE8MvxFFgXDGpdto kps3+1aYZMB3Oal0n4nTwF28Fjem1aQNY8KSqV4/WhgPsdByDkSd+P+K40SD4NkN LrhHEL4SK7yeHG0bSM/D+t4EzgRohA== ------E67033C32AF07C4C5BE242D36DB48F2F-- ''' f_signed_msg = SMIMEHelper.format_with_cr_lf(signed_msg) crt_path = self.__get_cert_path('P1_public.cer') ca_crt_path = self.__get_cert_path('P1_public.cer') is_verify_cert = True rst = SMIMEHelper.verify_signed_text(f_signed_msg, crt_path, ca_crt_path, is_verify_cert) assert_equal(self.clearText, rst.strip())
def test_verify_mdn_multipart_signed_text_without_ca(self): signed_msg = '''message-id: <MOKOavlb2bapp02-node1-15d249455c2-1450468007ScanSourcePRD@avlb2bapp02> Content-Type: multipart/signed;protocol="application/pkcs7-signature";micalg=sha1;boundary="_=32151894939666303Sterling32151894939666303MOKO" --_=32151894939666303Sterling32151894939666303MOKO Content-Type: multipart/report;Report-Type=disposition-notification;boundary="_=6597787784037321Sterling6597787784037321MOKO" --_=6597787784037321Sterling6597787784037321MOKO Your message was successfully received and processed. --_=6597787784037321Sterling6597787784037321MOKO Content-Type: message/disposition-notification Original-Recipient: rfc822;ScanSourcePRD Final-Recipient: rfc822;ScanSourcePRD Original-Message-ID: <5787E1CB-1471-4262-BD68-1E06F3D5AE28@tr29-VirtualBox> Received-Content-MIC: 9mVaiezSK13edeEvNeXcRMIS4YQ=,sha1 Disposition: Automatic-action/mdn-sent-automatically;processed --_=6597787784037321Sterling6597787784037321MOKO-- --_=32151894939666303Sterling32151894939666303MOKO Content-Type: Application/pkcs7-signature;name=EDIINTSIG.p7s Content-Transfer-Encoding: base64 MIIIHgYJKoZIhvcNAQcCoIIIDzCCCAsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCBmcw ggZjMIIFS6ADAgECAhBfmdlsShevBcAkKDoJXbq9MA0GCSqGSIb3DQEBCwUAMEQxCzAJBgNVBAYT AlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQDExRHZW9UcnVzdCBTU0wgQ0EgLSBH MzAeFw0xNjA4MDEwMDAwMDBaFw0xODA4MTcyMzU5NTlaMG0xCzAJBgNVBAYTAlVTMRcwFQYDVQQI DA5Tb3V0aCBDYXJvbGluYTETMBEGA1UEBwwKR3JlZW52aWxsZTETMBEGA1UECgwKU2NhblNvdXJj ZTEbMBkGA1UEAwwSYjJiLnNjYW5zb3VyY2UuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEApwghg+IJ36HDfedTdRi0CRfEFsD6KmCG+t0g33LAEcV0NjWN+xmJOwEII63dFiJnPL65 lrMHP8bS2vWjVENbPv6FDxa0izAdbcumaNRGjawEe9tuLyvA1f5zLpVnN2mO2nhJWfM4ObNMqq4v eurRh2ExefnYKE3cUbutAVxdtSdau4Jjy0OvsZlK/XLMh4/AouY3ANINlo6l+zqYmFJsatiqdXDE b3JvzE3yuCF999exbD9ab6UVIZ+FHHKNxB7UCgUljv00TRxHeN/TPJV8At67Wgee6kmvyuoDVJ8k kbbaRpUyyLenWpV0fOM8zaLIs4lKkeESqTz+omAgoVWhCQIDAQABo4IDJjCCAyIwHQYDVR0RBBYw FIISYjJiLnNjYW5zb3VyY2UuY29tMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCsGA1UdHwQk MCIwIKAeoByGGmh0dHA6Ly9nbi5zeW1jYi5jb20vZ24uY3JsMIGdBgNVHSAEgZUwgZIwgY8GBmeB DAECAjCBhDA/BggrBgEFBQcCARYzaHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9y ZXBvc2l0b3J5L2xlZ2FsMEEGCCsGAQUFBwICMDUMM2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9y ZXNvdXJjZXMvcmVwb3NpdG9yeS9sZWdhbDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw HwYDVR0jBBgwFoAU0m/3lvSFP3I8MH0j2oV4m6N8WnwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUF BzABhhNodHRwOi8vZ24uc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vZ24uc3ltY2IuY29t L2duLmNydDCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYA3esdK3oNT6Ygi4GtgWhwfi6OnQHV XIiNPRHEzbbsvswAAAFWR57TPwAABAMARzBFAiEAmboDpI/sNfpZH2JrJ5vOpKSco57LtHggr3rY 8Ru++VoCIB+GiozlPBOjT60ZGg9SEAYqePaDLiw/rW6lRW0B3xYjAHYApLkJkLQYWBSHuxOizGdw Cjw1mAT5G9+443fNDsgN3BAAAAFWR57T5AAABAMARzBFAiEAisqkoq2XvdChPcvZjYaltl2nta7A OVPEj+KlBpYsiMQCIGdXH4ohiVPRo9fSGrWWucs+t2NcaHoVHsRG04XXCkjfAHYAaPaY+B9kgr46 jO65KB1M/HFRXWeT1ETRCmesu09P+8QAAAFWR57T5gAABAMARzBFAiB8Z/fKljEg29Pw/e3T+oJn 38RhZEUcLDYKK1z+Xa4uGgIhAIV5Mw0a7CdwsQLfxYxZvCUlcCArsg8aZNsfOYOsgWaxMA0GCSqG SIb3DQEBCwUAA4IBAQA9sbdzznGxTvuQMCMj7/LVuV6n9/nAt19dUcv8yWQZAC31hO0eQ6p0UE9I I7YnjcnDmdWeLk8T0VzUO7vNU09InoMVKVald697kW7Wii3pSXHE56pZJbGrKKgtqLaMsBBhti+j lT2Y3I2B4dNlpM6uQhf9anEc9eaN++bVnem8vndiT9OK8NItDrjRGtOlqPR8f0+6D+42wx8jQ/p/ lHvTtN/+ogSStUtXfvLErrsG0iDtzV4M5ihSo8uqn6Gj3tP+qePvFTwz0MUSZ8G0gm68xnD/MWMm hbQRw+4DlDzU9y5fUQumFQHJQ/EL2whP0YlTgshuoayqogLqQY7kSCxCMYIBfzCCAXsCAQEwWDBE MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg U1NMIENBIC0gRzMCEF+Z2WxKF68FwCQoOgldur0wCQYFKw4DAhoFADANBgkqhkiG9w0BAQEFAASC AQAFzW995IHYSfrYAlQbUkkCCQE5ewD+oQ1NUNsaMkxpFfmfNKcf/1xGImHBZiS70WbibR1/0REq e1vDxVPwFXjGZeu+vMC1hSYpB7+i1ryJH5IQqcUcch+/KmYprEvV30xstwi1lt4M/uqO0Wmjoq+j BZy6whjyXfxdoqlNdR+Cfj748Awo2VBOFUvbKQc8nuE1Nx7N03cu4PKeCad4z9eEMLULysBLNz1L RqGb0+IJTT1lvLJc7YLBk2+EVnfoyZJy02HlVc/6ETaKI1DhhSoUh9p21vnZIZN9azo6h34MFxhn x7bKm3h7pv/rnq/MuteNVqjpTk6/aQhzhjjZRueI --_=32151894939666303Sterling32151894939666303MOKO-- ''' s = email.message_from_string(signed_msg) # email parse issue fixed for m in s.walk(): if m.get_content_type() == 'message/disposition-notification': disposition = m.get_payload() if isinstance(disposition, (list, tuple)) and len(disposition) == 1: notify = disposition[0] notify_body = notify.get_payload() if notify_body is None or notify_body == '': m.set_payload(notify.as_string(unixfrom=False)[:-1]) f_signed_msg = SMIMEHelper.format_with_cr_lf(s.as_string(unixfrom=False)) crt_path = self.__get_cert_path('ScanSource_public.cer') ca_crt_path = self.__get_cert_path('ScanSource_CA_Cert_Chain.crt') is_verify_cert = False rst = SMIMEHelper.verify_signed_text(f_signed_msg, crt_path, ca_crt_path, is_verify_cert) assert_not_equal('', rst.strip())