def check_dkim_signature(self, msg):
self.dkim_checked_signature = 1
self.dkim_signed = 1
self.dkim_valid = 1
self.dkim_signatures_dependable = 1
self.dkim_has_valid_author_sig = 1
message = msg.raw_msg
if not self.author_domains:
self._get_authors(msg)
signature = msg.msg.get('DKIM-Signature', "")
if not signature:
self.dkim_signed = 0
parsed_signature = dkim.util.parse_tag_value(signature.encode())
try:
if parsed_signature[b'd'] not in self.author_domains:
self.dkim_valid = 0
self.dkim_signed = 0
self.dkim_has_valid_author_sig = 0
self.dkim_signatures_dependable = 0
except KeyError:
self.dkim_valid = 0
try:
minimum_key_bits = self["dkim_minimum_key_bits"]
if minimum_key_bits < 0:
minimum_key_bits = 0
result = dkim.verify(message.encode(),
dnsfunc=self.get_txt,
minkey=minimum_key_bits)
if not result:
self.is_valid = 0
self.dkim_valid = 0
dkim.validate_signature_fields(parsed_signature)
except dkim.MessageFormatError:
self.dkim_valid = 0
self.dkim_has_valid_author_sig = 0
except dkim.ValidationError:
self.dkim_valid = 0
self.dkim_has_valid_author_sig = 0
except dkim.KeyFormatError:
self.dkim_valid = 0
self.dkim_has_valid_author_sig = 0
def test_validate_signature_fields(self):
sig = {b'v': b'1',
b'a': b'rsa-sha256',
b'b': b'K/UUOt8lCtgjp3kSTogqBm9lY1Yax/NwZ+bKm39/WKzo5KYe3L/6RoIA/0oiDX4kO\n \t Qut49HCV6ZUe6dY9V5qWBwLanRs1sCnObaOGMpFfs8tU4TWpDSVXaNZAqn15XVW0WH\n \t EzOzUfVuatpa1kF4voIgSbmZHR1vN3WpRtcTBe/I=',
b'bh': b'n0HUwGCP28PkesXBPH82Kboy8LhNFWU9zUISIpAez7M=',
b'c': b'simple/simple',
b'd': b'kitterman.com',
b'i': b'*****@*****.**',
b'h': b'From:To:Subject:Date:Cc:MIME-Version:Content-Type:\n \t Content-Transfer-Encoding:Message-Id',
b's': b'2007-00',
b't': b'1299525798'}
dkim.validate_signature_fields(sig)
# try new version
sigVer = sig.copy()
sigVer[b'v'] = 2
self.assertRaises(dkim.ValidationError, dkim.validate_signature_fields, sigVer)
# try with x
sigX = sig.copy()
sigX[b'x'] = b'1399525798'
dkim.validate_signature_fields(sig)
# try with late t
sigX[b't'] = b'1400000000'
self.assertRaises(dkim.ValidationError, dkim.validate_signature_fields, sigX)
# try without t
now = int(time.time())
sigX[b'x'] = str(now+400000).encode('ascii')
dkim.validate_signature_fields(sigX)
# try when expired a day ago
sigX[b'x'] = str(now - 24*3600).encode('ascii')
self.assertRaises(dkim.ValidationError, dkim.validate_signature_fields, sigX)
def test_validate_signature_fields(self):
sig = {b'v': b'1',
b'a': b'rsa-sha256',
b'b': b'K/UUOt8lCtgjp3kSTogqBm9lY1Yax/NwZ+bKm39/WKzo5KYe3L/6RoIA/0oiDX4kO\n \t Qut49HCV6ZUe6dY9V5qWBwLanRs1sCnObaOGMpFfs8tU4TWpDSVXaNZAqn15XVW0WH\n \t EzOzUfVuatpa1kF4voIgSbmZHR1vN3WpRtcTBe/I=',
b'bh': b'n0HUwGCP28PkesXBPH82Kboy8LhNFWU9zUISIpAez7M=',
b'c': b'simple/simple',
b'd': b'kitterman.com',
b'i': b'*****@*****.**',
b'h': b'From:To:Subject:Date:Cc:MIME-Version:Content-Type:\n \t Content-Transfer-Encoding:Message-Id',
b's': b'2007-00',
b't': b'1299525798'}
dkim.validate_signature_fields(sig)
# try new version
sigVer = sig.copy()
sigVer[b'v'] = 2
self.assertRaises(dkim.ValidationError, dkim.validate_signature_fields, sigVer)
# try with x
sigX = sig.copy()
sigX[b'x'] = b'1399525798'
dkim.validate_signature_fields(sig)
# try with late t
sigX[b't'] = b'1400000000'
self.assertRaises(dkim.ValidationError, dkim.validate_signature_fields, sigX)
# try without t
now = int(time.time())
sigX[b'x'] = str(now+400000).encode('ascii')
dkim.validate_signature_fields(sigX)
# try when expired a day ago
sigX[b'x'] = str(now - 24*3600).encode('ascii')
self.assertRaises(dkim.ValidationError, dkim.validate_signature_fields, sigX)
