def _verify_signed_message(self, content_type):
if content_type != 'multipart/signed':
raise AS2MdnException('content-type invalid when signed required')
mdn_signature_thumbprint = self.context.agreement.outbound_agreement.message_encryption_certificate.thumbprint
mdn_signature_cert_path = self.context.agreement.outbound_agreement.message_encryption_certificate.local_file_path
mdn_signature_cert_ca_path = self.context.agreement.outbound_agreement.message_encryption_certificate.local_ca_file_path
mdn_signature_cert_verify = self.context.agreement.outbound_agreement.message_encryption_certificate.is_need_verify
try:
if is_none_or_whitespace(mdn_signature_cert_ca_path):
mdn_signature_cert_ca_path = mdn_signature_cert_path
f_mime_string = SMIMEHelper.format_with_cr_lf(
SMIMEHelper.mime_to_string(self.mime_message))
SMIMEHelper.verify_signed_text(f_mime_string,
mdn_signature_cert_path,
mdn_signature_cert_ca_path,
mdn_signature_cert_verify)
self.context.trace(
"mdn signature verify finished; thumbprint: {thumbprint}, verify certificate: {verify}",
thumbprint=mdn_signature_thumbprint,
verify=mdn_signature_cert_verify)
except:
logger.exception(
"mdn signature verify failed; mdn-message-id: {id}".format(
id=self.mdn_message_id))
raise AS2MdnException(
"mdn signature verify failed; thumbprint: {thumbprint}, verify certificate: {verify}, due to: {message}",
thumbprint=mdn_signature_thumbprint,
verify=mdn_signature_cert_verify,
message=sys.exc_info()[1])
def _verify_signature(self):
if not self.is_signed:
self.context.trace("verify signature ignored")
return
content_type = self.mime_message.get_content_type().lower()
if content_type != 'multipart/signed':
raise AS2VerifySignatureException('verify signature failed; content-type:{type} invalid',
type=content_type)
cert_thumbprint = self.context.agreement.inbound_agreement.message_verify_certificate.thumbprint
cert_local_file_path = self.context.agreement.inbound_agreement.message_verify_certificate.local_file_path
cert_ca_local_file_path = self.context.agreement.inbound_agreement.message_verify_certificate.local_ca_file_path
cert_verify = self.context.agreement.inbound_agreement.message_verify_certificate.is_need_verify
try:
if is_none_or_whitespace(cert_ca_local_file_path):
cert_ca_local_file_path = cert_local_file_path
for part in self.mime_message.get_payload():
if not isinstance(part, email.message.Message):
continue
part_type = part.get_content_type().lower()
part_encoding = part.get('Content-Transfer-Encoding', '').lower()
if 'application/pkcs7-signature' == part_type and 'base64' != part_encoding:
del part['Content-Transfer-Encoding']
email.encoders.encode_base64(part)
self.context.trace('signature content transfer encoding to base64')
f_mime_string = SMIMEHelper.format_with_cr_lf(
SMIMEHelper.mime_to_string(self.mime_message))
SMIMEHelper.verify_signed_text(
f_mime_string,
cert_local_file_path,
cert_ca_local_file_path,
cert_verify)
self.mic_algorithm = self.mime_message.get_param('micalg').lower()
parts = [part for part in self.mime_message.walk() if
part.get_content_type() not in ['multipart/signed', 'application/pkcs7-signature']]
if len(parts) != 1:
raise AS2VerifySignatureException(
"verify signature failed; due to multiple part content in mime message")
self.mime_message = parts[0]
self.context.trace("verify signature finished; thumbprint: {thumbprint}, verify certificate: {verify}",
thumbprint=cert_thumbprint,
verify=cert_verify)
except:
logger.exception("verify signature failed; message-id: {id}".format(id=self.message_id))
raise AS2VerifySignatureException(
"verify signature failed; thumbprint: {thumbprint}, verify certificate: {verify}, due to: {message}",
thumbprint=cert_thumbprint,
verify=cert_verify,
message=sys.exc_info()[1])
def test_verify_signed_data_no_verify_cert_without_ca(self):
signed_msg = '''MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/x-pkcs7-mime; smime-type=signed-data; name="smime.p7m"
Content-Transfer-Encoding: base64
MIIJxAYJKoZIhvcNAQcCoIIJtTCCCbECAQExDzANBglghkgBZQMEAgEFADAnBgkq
hkiG9w0BBwGgGgQYVGhpcyBpcyB0ZXN0IG1lc3NhZ2UuIA0KoIIHsjCCA9UwggK9
oAMCAQICCQC2XhVbIaoZvjANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCQ04x
CzAJBgNVBAgMAlNDMQswCQYDVQQHDAJDRDEPMA0GA1UECgwGTmV3ZWdnMQwwCgYD
VQQLDANFREkxGDAWBgNVBAMMD0FTMiBDZXJ0aWZpY2F0ZTEeMBwGCSqGSIb3DQEJ
ARYPdHIyOUBuZXdlZ2cuY29tMB4XDTE3MDMyODA5Mzc1NloXDTE4MDMyODA5Mzc1
NlowgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwCQ0QxDzAN
BgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIgQ2VydGlm
aWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBANmjQYcuDWY3E/2vhyazv3PqI6VoalRg1ESH
5BouIRW7TB9yCB4O7gWuWNfSR+JnECUZDzDaTZxoY5Hb90MAfBdTzMZzH61nMJdZ
vf3P86QyuV0MTw+N0E/u2yuOwZAbNM6xAjd78hJNoQsMj+UCv5cnRhPtLE0H5j+X
4VRlPEVPwGZaKAB7EAZJZQj6vGkMA0ib3OhwH/osjWtMGZXxqaA6HeeHNBAGIU++
gIo9V60isr1XgjuRsdAjtedxZO0ptvgprAlZ+xsctnFiEpNykevvbyHnLrYp7nEP
ijCZz72AlqFQOUxNa1RrETNj4pROXj77zfynvKBTF0hD7hIVmrUCAwEAAaNQME4w
HQYDVR0OBBYEFLDWAwHDmOVAN++FDMygl9kIyUNIMB8GA1UdIwQYMBaAFLDWAwHD
mOVAN++FDMygl9kIyUNIMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
ALo3U+fAhvV8nZMX5n6BeCDfLuD8WiD1PZG/rqoZFp9yOPP2cuPSN6Jh7TO+85ho
/7eY17tZwTgPAX7+dq+Np0HbRTRcLiqDLG3dy9sQMZNqPVuEamIzopOfRt1Q3wh2
xCqHx8yeC368ueIrPQRdvZfDCVq5wBT8CR+zn73WC728ZlmKoeG6JChpttb/93Xa
CPYSRkVvcB2UtBzAHzUdReCLP+7l26rSWvSv2Pm8fU1vlch6ikC+Bazw61zukxh+
bqx1K4Y7gXtT9B0aYWxu1tcTeMMIEc69D6jX2qnC3ay1S/5s0wzlPK4618IAET+g
FYEsHAdihG2FElL1tRNxafwwggPVMIICvaADAgECAgkAtl4VWyGqGb4wDQYJKoZI
hvcNAQELBQAwgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwC
Q0QxDzANBgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIg
Q2VydGlmaWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbTAeFw0x
NzAzMjgwOTM3NTZaFw0xODAzMjgwOTM3NTZaMIGAMQswCQYDVQQGEwJDTjELMAkG
A1UECAwCU0MxCzAJBgNVBAcMAkNEMQ8wDQYDVQQKDAZOZXdlZ2cxDDAKBgNVBAsM
A0VESTEYMBYGA1UEAwwPQVMyIENlcnRpZmljYXRlMR4wHAYJKoZIhvcNAQkBFg90
cjI5QG5ld2VnZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ
o0GHLg1mNxP9r4cms79z6iOlaGpUYNREh+QaLiEVu0wfcggeDu4FrljX0kfiZxAl
GQ8w2k2caGOR2/dDAHwXU8zGcx+tZzCXWb39z/OkMrldDE8PjdBP7tsrjsGQGzTO
sQI3e/ISTaELDI/lAr+XJ0YT7SxNB+Y/l+FUZTxFT8BmWigAexAGSWUI+rxpDANI
m9zocB/6LI1rTBmV8amgOh3nhzQQBiFPvoCKPVetIrK9V4I7kbHQI7XncWTtKbb4
KawJWfsbHLZxYhKTcpHr728h5y62Ke5xD4owmc+9gJahUDlMTWtUaxEzY+KUTl4+
+838p7ygUxdIQ+4SFZq1AgMBAAGjUDBOMB0GA1UdDgQWBBSw1gMBw5jlQDfvhQzM
oJfZCMlDSDAfBgNVHSMEGDAWgBSw1gMBw5jlQDfvhQzMoJfZCMlDSDAMBgNVHRME
BTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQC6N1PnwIb1fJ2TF+Z+gXgg3y7g/Fog
9T2Rv66qGRafcjjz9nLj0jeiYe0zvvOYaP+3mNe7WcE4DwF+/navjadB20U0XC4q
gyxt3cvbEDGTaj1bhGpiM6KTn0bdUN8IdsQqh8fMngt+vLniKz0EXb2XwwlaucAU
/Akfs5+91gu9vGZZiqHhuiQoabbW//d12gj2EkZFb3AdlLQcwB81HUXgiz/u5duq
0lr0r9j5vH1Nb5XIeopAvgWs8Otc7pMYfm6sdSuGO4F7U/QdGmFsbtbXE3jDCBHO
vQ+o19qpwt2stUv+bNMM5TyuOtfCABE/oBWBLBwHYoRthRJS9bUTcWn8MYIBujCC
AbYCAQEwgY4wgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwC
Q0QxDzANBgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIg
Q2VydGlmaWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbQIJALZe
FVshqhm+MA0GCWCGSAFlAwQCAQUAMA0GCSqGSIb3DQEBAQUABIIBALtFk2AXjr97
XIdeY5w4XX9rOFyWg4pty4OMzqt1JlAwD31My4+3FQSmIx6rHFeH+HgLY4Amie2D
cpUHTclMZzz4uEh8S9+o1fLGH4kORah5ndHuuR6LZMukzHFfbiY0Qk2h9HF0cPTj
fvbGT6N8sMj/1aNl2GfNMdOeFxuXIH8TXELJrYrmdOpWA+RYGg96989beC9j54eB
2VX9KRtpG5576jeDH2iuCztEwksMqKxBeRw/byj4wryiKIcm+ThnM2/kKH/cFJbz
HMlT8fyoImZ3gTRUMtWie32REMtmm32MLMMbgYAYRsnAV4ZVa+5mUx84hihWmmPK
uxtwCuo/x84=
'''
f_signed_msg = SMIMEHelper.format_with_cr_lf(signed_msg)
crt_path = self.__get_cert_path('P1_public.cer')
ca_crt_path = self.__get_cert_path('P1_public.cer')
is_verify_cert = False
rst = SMIMEHelper.verify_signed_text(f_signed_msg, crt_path, ca_crt_path, is_verify_cert)
assert_equal(self.clearText, rst.strip())
def test_verify_signed_data_without_ca(self):
signed_msg = '''MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/x-pkcs7-mime; smime-type=signed-data; name="smime.p7m"
Content-Transfer-Encoding: base64
MIIKqwYJKoZIhvcNAQcCoIIKnDCCCpgCAQExDzANBglghkgBZQMEAgEFADAnBgkq
hkiG9w0BBwGgGgQYVGhpcyBpcyB0ZXN0IG1lc3NhZ2UuIA0KoIIHsjCCA9UwggK9
oAMCAQICCQC2XhVbIaoZvjANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCQ04x
CzAJBgNVBAgMAlNDMQswCQYDVQQHDAJDRDEPMA0GA1UECgwGTmV3ZWdnMQwwCgYD
VQQLDANFREkxGDAWBgNVBAMMD0FTMiBDZXJ0aWZpY2F0ZTEeMBwGCSqGSIb3DQEJ
ARYPdHIyOUBuZXdlZ2cuY29tMB4XDTE3MDMyODA5Mzc1NloXDTE4MDMyODA5Mzc1
NlowgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwCQ0QxDzAN
BgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIgQ2VydGlm
aWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBANmjQYcuDWY3E/2vhyazv3PqI6VoalRg1ESH
5BouIRW7TB9yCB4O7gWuWNfSR+JnECUZDzDaTZxoY5Hb90MAfBdTzMZzH61nMJdZ
vf3P86QyuV0MTw+N0E/u2yuOwZAbNM6xAjd78hJNoQsMj+UCv5cnRhPtLE0H5j+X
4VRlPEVPwGZaKAB7EAZJZQj6vGkMA0ib3OhwH/osjWtMGZXxqaA6HeeHNBAGIU++
gIo9V60isr1XgjuRsdAjtedxZO0ptvgprAlZ+xsctnFiEpNykevvbyHnLrYp7nEP
ijCZz72AlqFQOUxNa1RrETNj4pROXj77zfynvKBTF0hD7hIVmrUCAwEAAaNQME4w
HQYDVR0OBBYEFLDWAwHDmOVAN++FDMygl9kIyUNIMB8GA1UdIwQYMBaAFLDWAwHD
mOVAN++FDMygl9kIyUNIMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
ALo3U+fAhvV8nZMX5n6BeCDfLuD8WiD1PZG/rqoZFp9yOPP2cuPSN6Jh7TO+85ho
/7eY17tZwTgPAX7+dq+Np0HbRTRcLiqDLG3dy9sQMZNqPVuEamIzopOfRt1Q3wh2
xCqHx8yeC368ueIrPQRdvZfDCVq5wBT8CR+zn73WC728ZlmKoeG6JChpttb/93Xa
CPYSRkVvcB2UtBzAHzUdReCLP+7l26rSWvSv2Pm8fU1vlch6ikC+Bazw61zukxh+
bqx1K4Y7gXtT9B0aYWxu1tcTeMMIEc69D6jX2qnC3ay1S/5s0wzlPK4618IAET+g
FYEsHAdihG2FElL1tRNxafwwggPVMIICvaADAgECAgkAtl4VWyGqGb4wDQYJKoZI
hvcNAQELBQAwgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwC
Q0QxDzANBgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIg
Q2VydGlmaWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbTAeFw0x
NzAzMjgwOTM3NTZaFw0xODAzMjgwOTM3NTZaMIGAMQswCQYDVQQGEwJDTjELMAkG
A1UECAwCU0MxCzAJBgNVBAcMAkNEMQ8wDQYDVQQKDAZOZXdlZ2cxDDAKBgNVBAsM
A0VESTEYMBYGA1UEAwwPQVMyIENlcnRpZmljYXRlMR4wHAYJKoZIhvcNAQkBFg90
cjI5QG5ld2VnZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ
o0GHLg1mNxP9r4cms79z6iOlaGpUYNREh+QaLiEVu0wfcggeDu4FrljX0kfiZxAl
GQ8w2k2caGOR2/dDAHwXU8zGcx+tZzCXWb39z/OkMrldDE8PjdBP7tsrjsGQGzTO
sQI3e/ISTaELDI/lAr+XJ0YT7SxNB+Y/l+FUZTxFT8BmWigAexAGSWUI+rxpDANI
m9zocB/6LI1rTBmV8amgOh3nhzQQBiFPvoCKPVetIrK9V4I7kbHQI7XncWTtKbb4
KawJWfsbHLZxYhKTcpHr728h5y62Ke5xD4owmc+9gJahUDlMTWtUaxEzY+KUTl4+
+838p7ygUxdIQ+4SFZq1AgMBAAGjUDBOMB0GA1UdDgQWBBSw1gMBw5jlQDfvhQzM
oJfZCMlDSDAfBgNVHSMEGDAWgBSw1gMBw5jlQDfvhQzMoJfZCMlDSDAMBgNVHRME
BTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQC6N1PnwIb1fJ2TF+Z+gXgg3y7g/Fog
9T2Rv66qGRafcjjz9nLj0jeiYe0zvvOYaP+3mNe7WcE4DwF+/navjadB20U0XC4q
gyxt3cvbEDGTaj1bhGpiM6KTn0bdUN8IdsQqh8fMngt+vLniKz0EXb2XwwlaucAU
/Akfs5+91gu9vGZZiqHhuiQoabbW//d12gj2EkZFb3AdlLQcwB81HUXgiz/u5duq
0lr0r9j5vH1Nb5XIeopAvgWs8Otc7pMYfm6sdSuGO4F7U/QdGmFsbtbXE3jDCBHO
vQ+o19qpwt2stUv+bNMM5TyuOtfCABE/oBWBLBwHYoRthRJS9bUTcWn8MYICoTCC
Ap0CAQEwgY4wgYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwC
Q0QxDzANBgNVBAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIg
Q2VydGlmaWNhdGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbQIJALZe
FVshqhm+MA0GCWCGSAFlAwQCAQUAoIHkMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B
BwEwHAYJKoZIhvcNAQkFMQ8XDTE3MDQyNzA4NDgwM1owLwYJKoZIhvcNAQkEMSIE
IH7HFu9Vg2a65GnbbfbJXxZA3v/uZ1JEfknhNXYAeFgAMHkGCSqGSIb3DQEJDzFs
MGowCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBFjALBglghkgBZQMEAQIwCgYIKoZI
hvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0G
CCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABIIBAKw+XraBkJ71sdUjyitSpeLE
lnorlkIeXqJo3KYaTqCaeR49GddkWFje1CpHnlHPCvI2JyC98W9PdKnP70cjIGDc
2V2rM3VD/cFvXjMbYIRB7gsTD1QmZPivXNQTSoTPYcuzLgxMYQIzROTWN9Ex5tLQ
+IO4zRfVwjK6BsQPunLtPLBjZ0ibzPglGvU6nctj9QKaGSo6MtfX7zd3qF2Ufk2w
Fr34/9qPnWHzvNAdTNjP9BNpFEBn4VTSv0LYGnjBKmV6pSk7gkL5Rna6H5fEQ2aD
1kAYa9en++gdVyhBZ/q76baX/rivop7N2fgkkxasGlru4aJK/8P1JdbGDFDGtDA=
'''
f_signed_msg = SMIMEHelper.format_with_cr_lf(signed_msg)
crt_path = self.__get_cert_path('P1_public.cer')
ca_crt_path = self.__get_cert_path('P1_public.cer')
is_verify_cert = True
rst = SMIMEHelper.verify_signed_text(f_signed_msg, crt_path, ca_crt_path, is_verify_cert)
assert_equal(self.clearText, rst.strip())
def test_verify_multipart_signed_text_with_ca(self):
signed_msg = '''MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";
micalg="sha1"; boundary="----61FD602D4D31C5FCAE3D9C6C0E9789D2"
This is an S/MIME signed message
------61FD602D4D31C5FCAE3D9C6C0E9789D2
This is test message.
------61FD602D4D31C5FCAE3D9C6C0E9789D2
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
MIIIPwYJKoZIhvcNAQcCoIIIMDCCCCwCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3
DQEHAaCCBTUwggUxMIIEGaADAgECAhAecXgg/TkHXQAAAABQ3DVzMA0GCSqGSIb3
DQEBCwUAMIG6MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEo
MCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UE
CxMwKGMpIDIwMTIgRW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVzZSBv
bmx5MS4wLAYDVQQDEyVFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g
TDFLMB4XDTE3MDQxNDAwMTAxOVoXDTIwMDUwMjAwNDAxOFowbTELMAkGA1UEBhMC
VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExGTAXBgNVBAcTEENpdHkgb2YgSW5kdXN0
cnkxEzARBgNVBAoTCk5ld2VnZyBJbmMxGTAXBgNVBAMTEGVkaTA0Lm5ld2VnZy5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/UKcNeFVX30ZANlx6
ElFDGDVGfV0s/qWOduQxsP6WRm4J93vYe2sYngAyM+r+P5IOVbC9VyA6GBeC2yzl
xLwV5eA50BfmpPRLEj+s86J8jV3yxs2NCku/kZqls/GvlpS78LWD51yhX8uoXvk+
4sHpt2xB83Ok5sGiSiq5I97gOsUwQc8ASsW6Ha5VTFymZu6dU7hTzgS0DSQwcNcA
G+fLHlMvAVfa0eW5y+bnFgXr15w/sfDigP1aAMb0oEeCKPLe2GDwJ6Av/M3GThI4
r6ZOLG9IDqt2dmJ5rcqeERfWZy3I7mtaWMEEeV7Cmy5M1KUvLPXWHbV4BcXiRcIH
C4DxAgMBAAGjggF9MIIBeTAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYB
BQUHAwEwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9s
ZXZlbDFrLmNybDBLBgNVHSAERDBCMDYGCmCGSAGG+mwKAQUwKDAmBggrBgEFBQcC
ARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQICMGgGCCsGAQUF
BwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYI
KwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNoYWluMjU2LmNl
cjAbBgNVHREEFDASghBlZGkwNC5uZXdlZ2cuY29tMB8GA1UdIwQYMBaAFIKicHTd
vFM/z3vU981/p2DGCky/MB0GA1UdDgQWBBSZd46F1MFczOuEYHhlf12dRxQPSjAJ
BgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQC2w2bTD/R7UNsJWQFqkiT4kcNp
/EJOeSPwoOVOM7FhBPcnM+vupB4CIlOHDLHBjWTFi1HClk8hiOwwO0kDgE5jI22a
xIibOICBoP4ydE6z6jolBJ72uqkFAo+jBLbg30fhKDb94rvNJB0DJ9RnTKPk24wr
5WyOyS7IEypdsp2qVSRu9C0qJrQK93N6RCqu4pURjyNrM52F0/wIjAqCgqx2n1+q
JzZvE4tcDdhfMYvylzH2Fegm6ADBtSaUSgIkIgfCGNxwFlDJr1w9aJwCIFwXlPNZ
HoacVC1xoRThkE+nctF96mOUqwta7x4c2MHn9oL6DNERieE2v+WowjyNAl/PMYIC
0jCCAs4CAQEwgc8wgboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJ
bmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkw
NwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQg
dXNlIG9ubHkxLjAsBgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
dHkgLSBMMUsCEB5xeCD9OQddAAAAAFDcNXMwCQYFKw4DAhoFAKCB2DAYBgkqhkiG
9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNzA1MDIwNzQ1NDJa
MCMGCSqGSIb3DQEJBDEWBBRNsmMYSxgjQ0t0wpH7Tcmeo4A0kjB5BgkqhkiG9w0B
CQ8xbDBqMAsGCWCGSAFlAwQBKjALBglghkgBZQMEARYwCwYJYIZIAWUDBAECMAoG
CCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMC
BzANBggqhkiG9w0DAgIBKDANBgkqhkiG9w0BAQEFAASCAQBg5QsXfa4s5DTWp2AU
Kprt+29YC+ahlmf6uh7DxS0Jr7RBdo6NLNLZV/X99Y7NHlfZsURfCwBDDg1QJK+J
KC3lbopHmPfVmbDqLWKfOcKMoy3yFw6sGqAKqaqIAFcxCGeLFg/b1dSwawdrygj7
LjyT6DVbjfs/as7YRMWvuz3Y+zQoGzBWS5aU5yALnM1M3s2y01A5ZxIbe7TqzpAv
QKpyMt9d/P22ryAQRABxi5VhG+BRcCLuMFBlTaTv0ZGbdEz/+G7c2Cp9RuULT5K8
V6Nr5D2Y9ek9YCMrC8F4iBL9nviLp+L76qTx2xYDyqOBx0sfxZD83zAvRqGOWzUU
25bW
------61FD602D4D31C5FCAE3D9C6C0E9789D2--
'''
f_signed_msg = SMIMEHelper.format_with_cr_lf(signed_msg)
crt_path = self.__get_cert_path('edi04_with_ca.crt')
ca_crt_path = self.__get_cert_path('edi04_ca_cert_chain.crt')
is_verify_cert = False
rst = SMIMEHelper.verify_signed_text(f_signed_msg, crt_path, ca_crt_path, is_verify_cert)
assert_equal(self.clearText, rst.strip())
def test_verify_multipart_signed_text_without_ca(self):
signed_msg = '''MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";
micalg="sha1"; boundary="----E67033C32AF07C4C5BE242D36DB48F2F"
This is an S/MIME signed message
------E67033C32AF07C4C5BE242D36DB48F2F
This is test message.
------E67033C32AF07C4C5BE242D36DB48F2F
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
MIIGogYJKoZIhvcNAQcCoIIGkzCCBo8CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3
DQEHAaCCA9kwggPVMIICvaADAgECAgkAtl4VWyGqGb4wDQYJKoZIhvcNAQELBQAw
gYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwCQ0QxDzANBgNV
BAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIgQ2VydGlmaWNh
dGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbTAeFw0xNzAzMjgwOTM3
NTZaFw0xODAzMjgwOTM3NTZaMIGAMQswCQYDVQQGEwJDTjELMAkGA1UECAwCU0Mx
CzAJBgNVBAcMAkNEMQ8wDQYDVQQKDAZOZXdlZ2cxDDAKBgNVBAsMA0VESTEYMBYG
A1UEAwwPQVMyIENlcnRpZmljYXRlMR4wHAYJKoZIhvcNAQkBFg90cjI5QG5ld2Vn
Zy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZo0GHLg1mNxP9
r4cms79z6iOlaGpUYNREh+QaLiEVu0wfcggeDu4FrljX0kfiZxAlGQ8w2k2caGOR
2/dDAHwXU8zGcx+tZzCXWb39z/OkMrldDE8PjdBP7tsrjsGQGzTOsQI3e/ISTaEL
DI/lAr+XJ0YT7SxNB+Y/l+FUZTxFT8BmWigAexAGSWUI+rxpDANIm9zocB/6LI1r
TBmV8amgOh3nhzQQBiFPvoCKPVetIrK9V4I7kbHQI7XncWTtKbb4KawJWfsbHLZx
YhKTcpHr728h5y62Ke5xD4owmc+9gJahUDlMTWtUaxEzY+KUTl4++838p7ygUxdI
Q+4SFZq1AgMBAAGjUDBOMB0GA1UdDgQWBBSw1gMBw5jlQDfvhQzMoJfZCMlDSDAf
BgNVHSMEGDAWgBSw1gMBw5jlQDfvhQzMoJfZCMlDSDAMBgNVHRMEBTADAQH/MA0G
CSqGSIb3DQEBCwUAA4IBAQC6N1PnwIb1fJ2TF+Z+gXgg3y7g/Fog9T2Rv66qGRaf
cjjz9nLj0jeiYe0zvvOYaP+3mNe7WcE4DwF+/navjadB20U0XC4qgyxt3cvbEDGT
aj1bhGpiM6KTn0bdUN8IdsQqh8fMngt+vLniKz0EXb2XwwlaucAU/Akfs5+91gu9
vGZZiqHhuiQoabbW//d12gj2EkZFb3AdlLQcwB81HUXgiz/u5duq0lr0r9j5vH1N
b5XIeopAvgWs8Otc7pMYfm6sdSuGO4F7U/QdGmFsbtbXE3jDCBHOvQ+o19qpwt2s
tUv+bNMM5TyuOtfCABE/oBWBLBwHYoRthRJS9bUTcWn8MYICkTCCAo0CAQEwgY4w
gYAxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTQzELMAkGA1UEBwwCQ0QxDzANBgNV
BAoMBk5ld2VnZzEMMAoGA1UECwwDRURJMRgwFgYDVQQDDA9BUzIgQ2VydGlmaWNh
dGUxHjAcBgkqhkiG9w0BCQEWD3RyMjlAbmV3ZWdnLmNvbQIJALZeFVshqhm+MAkG
BSsOAwIaBQCggdgwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0B
CQUxDxcNMTcwNDI2MDUwOTU2WjAjBgkqhkiG9w0BCQQxFgQUTbJjGEsYI0NLdMKR
+03JnqOANJIweQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASowCwYJYIZIAWUD
BAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYI
KoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEB
BQAEggEAckjU1ukVvN09owL+L9SCBm9yHcmIdzWI5EQOY0nbRLA08+a6gg2Ox6Hn
4Aa3iMFiSpaOWHUtE1IWOlUN9CdFTvkg3hTDya2hQHVM/6/zSuacsJvZf4WeT08Y
ktp6zpEteaccswB0XFYHqt+jEA+lvwTcwKAQsEporSuL1Md1I99vcs19C5f/1fcD
smk0rbKNs4ZvLaL3/LNdq4OLVKle0RmwX7UOn8ZWg7Ktr6SuBE8MvxFFgXDGpdto
kps3+1aYZMB3Oal0n4nTwF28Fjem1aQNY8KSqV4/WhgPsdByDkSd+P+K40SD4NkN
LrhHEL4SK7yeHG0bSM/D+t4EzgRohA==
------E67033C32AF07C4C5BE242D36DB48F2F--
'''
f_signed_msg = SMIMEHelper.format_with_cr_lf(signed_msg)
crt_path = self.__get_cert_path('P1_public.cer')
ca_crt_path = self.__get_cert_path('P1_public.cer')
is_verify_cert = True
rst = SMIMEHelper.verify_signed_text(f_signed_msg, crt_path, ca_crt_path, is_verify_cert)
assert_equal(self.clearText, rst.strip())
def test_verify_mdn_multipart_signed_text_without_ca(self):
signed_msg = '''message-id: <MOKOavlb2bapp02-node1-15d249455c2-1450468007ScanSourcePRD@avlb2bapp02>
Content-Type: multipart/signed;protocol="application/pkcs7-signature";micalg=sha1;boundary="_=32151894939666303Sterling32151894939666303MOKO"
--_=32151894939666303Sterling32151894939666303MOKO
Content-Type: multipart/report;Report-Type=disposition-notification;boundary="_=6597787784037321Sterling6597787784037321MOKO"
--_=6597787784037321Sterling6597787784037321MOKO
Your message was successfully received and processed.
--_=6597787784037321Sterling6597787784037321MOKO
Content-Type: message/disposition-notification
Original-Recipient: rfc822;ScanSourcePRD
Final-Recipient: rfc822;ScanSourcePRD
Original-Message-ID: <5787E1CB-1471-4262-BD68-1E06F3D5AE28@tr29-VirtualBox>
Received-Content-MIC: 9mVaiezSK13edeEvNeXcRMIS4YQ=,sha1
Disposition: Automatic-action/mdn-sent-automatically;processed
--_=6597787784037321Sterling6597787784037321MOKO--
--_=32151894939666303Sterling32151894939666303MOKO
Content-Type: Application/pkcs7-signature;name=EDIINTSIG.p7s
Content-Transfer-Encoding: base64
MIIIHgYJKoZIhvcNAQcCoIIIDzCCCAsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCCBmcw
ggZjMIIFS6ADAgECAhBfmdlsShevBcAkKDoJXbq9MA0GCSqGSIb3DQEBCwUAMEQxCzAJBgNVBAYT
AlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQDExRHZW9UcnVzdCBTU0wgQ0EgLSBH
MzAeFw0xNjA4MDEwMDAwMDBaFw0xODA4MTcyMzU5NTlaMG0xCzAJBgNVBAYTAlVTMRcwFQYDVQQI
DA5Tb3V0aCBDYXJvbGluYTETMBEGA1UEBwwKR3JlZW52aWxsZTETMBEGA1UECgwKU2NhblNvdXJj
ZTEbMBkGA1UEAwwSYjJiLnNjYW5zb3VyY2UuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApwghg+IJ36HDfedTdRi0CRfEFsD6KmCG+t0g33LAEcV0NjWN+xmJOwEII63dFiJnPL65
lrMHP8bS2vWjVENbPv6FDxa0izAdbcumaNRGjawEe9tuLyvA1f5zLpVnN2mO2nhJWfM4ObNMqq4v
eurRh2ExefnYKE3cUbutAVxdtSdau4Jjy0OvsZlK/XLMh4/AouY3ANINlo6l+zqYmFJsatiqdXDE
b3JvzE3yuCF999exbD9ab6UVIZ+FHHKNxB7UCgUljv00TRxHeN/TPJV8At67Wgee6kmvyuoDVJ8k
kbbaRpUyyLenWpV0fOM8zaLIs4lKkeESqTz+omAgoVWhCQIDAQABo4IDJjCCAyIwHQYDVR0RBBYw
FIISYjJiLnNjYW5zb3VyY2UuY29tMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCsGA1UdHwQk
MCIwIKAeoByGGmh0dHA6Ly9nbi5zeW1jYi5jb20vZ24uY3JsMIGdBgNVHSAEgZUwgZIwgY8GBmeB
DAECAjCBhDA/BggrBgEFBQcCARYzaHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9y
ZXBvc2l0b3J5L2xlZ2FsMEEGCCsGAQUFBwICMDUMM2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9y
ZXNvdXJjZXMvcmVwb3NpdG9yeS9sZWdhbDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
HwYDVR0jBBgwFoAU0m/3lvSFP3I8MH0j2oV4m6N8WnwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUF
BzABhhNodHRwOi8vZ24uc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vZ24uc3ltY2IuY29t
L2duLmNydDCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYA3esdK3oNT6Ygi4GtgWhwfi6OnQHV
XIiNPRHEzbbsvswAAAFWR57TPwAABAMARzBFAiEAmboDpI/sNfpZH2JrJ5vOpKSco57LtHggr3rY
8Ru++VoCIB+GiozlPBOjT60ZGg9SEAYqePaDLiw/rW6lRW0B3xYjAHYApLkJkLQYWBSHuxOizGdw
Cjw1mAT5G9+443fNDsgN3BAAAAFWR57T5AAABAMARzBFAiEAisqkoq2XvdChPcvZjYaltl2nta7A
OVPEj+KlBpYsiMQCIGdXH4ohiVPRo9fSGrWWucs+t2NcaHoVHsRG04XXCkjfAHYAaPaY+B9kgr46
jO65KB1M/HFRXWeT1ETRCmesu09P+8QAAAFWR57T5gAABAMARzBFAiB8Z/fKljEg29Pw/e3T+oJn
38RhZEUcLDYKK1z+Xa4uGgIhAIV5Mw0a7CdwsQLfxYxZvCUlcCArsg8aZNsfOYOsgWaxMA0GCSqG
SIb3DQEBCwUAA4IBAQA9sbdzznGxTvuQMCMj7/LVuV6n9/nAt19dUcv8yWQZAC31hO0eQ6p0UE9I
I7YnjcnDmdWeLk8T0VzUO7vNU09InoMVKVald697kW7Wii3pSXHE56pZJbGrKKgtqLaMsBBhti+j
lT2Y3I2B4dNlpM6uQhf9anEc9eaN++bVnem8vndiT9OK8NItDrjRGtOlqPR8f0+6D+42wx8jQ/p/
lHvTtN/+ogSStUtXfvLErrsG0iDtzV4M5ihSo8uqn6Gj3tP+qePvFTwz0MUSZ8G0gm68xnD/MWMm
hbQRw+4DlDzU9y5fUQumFQHJQ/EL2whP0YlTgshuoayqogLqQY7kSCxCMYIBfzCCAXsCAQEwWDBE
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
U1NMIENBIC0gRzMCEF+Z2WxKF68FwCQoOgldur0wCQYFKw4DAhoFADANBgkqhkiG9w0BAQEFAASC
AQAFzW995IHYSfrYAlQbUkkCCQE5ewD+oQ1NUNsaMkxpFfmfNKcf/1xGImHBZiS70WbibR1/0REq
e1vDxVPwFXjGZeu+vMC1hSYpB7+i1ryJH5IQqcUcch+/KmYprEvV30xstwi1lt4M/uqO0Wmjoq+j
BZy6whjyXfxdoqlNdR+Cfj748Awo2VBOFUvbKQc8nuE1Nx7N03cu4PKeCad4z9eEMLULysBLNz1L
RqGb0+IJTT1lvLJc7YLBk2+EVnfoyZJy02HlVc/6ETaKI1DhhSoUh9p21vnZIZN9azo6h34MFxhn
x7bKm3h7pv/rnq/MuteNVqjpTk6/aQhzhjjZRueI
--_=32151894939666303Sterling32151894939666303MOKO--
'''
s = email.message_from_string(signed_msg)
# email parse issue fixed
for m in s.walk():
if m.get_content_type() == 'message/disposition-notification':
disposition = m.get_payload()
if isinstance(disposition, (list, tuple)) and len(disposition) == 1:
notify = disposition[0]
notify_body = notify.get_payload()
if notify_body is None or notify_body == '':
m.set_payload(notify.as_string(unixfrom=False)[:-1])
f_signed_msg = SMIMEHelper.format_with_cr_lf(s.as_string(unixfrom=False))
crt_path = self.__get_cert_path('ScanSource_public.cer')
ca_crt_path = self.__get_cert_path('ScanSource_CA_Cert_Chain.crt')
is_verify_cert = False
rst = SMIMEHelper.verify_signed_text(f_signed_msg, crt_path, ca_crt_path, is_verify_cert)
assert_not_equal('', rst.strip())