def test_sign(self):
data = "Hello World!"
for algorithm, hash_method in (
("rsa-sha1", hashlib.sha1,),
("rsa-sha256", hashlib.sha256,),
):
stream = MemoryStream(data)
headers = Headers()
headers.addRawHeader("Originator", "mailto:[email protected]")
headers.addRawHeader("Recipient", "mailto:[email protected]")
headers.setHeader("Content-Type", MimeType("text", "calendar", **{"component": "VEVENT", "charset": "utf-8"}))
request = DKIMRequest("POST", "/", headers, stream, "example.com", "dkim", self.private_keyfile, algorithm, ("Originator", "Recipient", "Content-Type",), True, True, True, 3600)
result = (yield request.sign())
# Manually create what should be the correct thing to sign and make sure signatures match
bodyhash = base64.b64encode(hash_method(DKIMUtils.canonicalizeBody(data)).digest())
sign_this = """originator:mailto:[email protected]
recipient:mailto:[email protected]
content-type:%s
ischedule-version:1.0
ischedule-message-id:%s
dkim-signature:v=1; d=example.com; s=dkim; t=%s; x=%s; a=%s; q=private-exchange:http/well-known:dns/txt; c=ischedule-relaxed/simple; h=Originator:Recipient:Content-Type:iSchedule-Version:iSchedule-Message-ID; bh=%s; b=""".replace("\n", "\r\n") % (headers.getRawHeaders("Content-Type")[0], request.message_id, request.time, request.expire, algorithm, bodyhash)
key = RSA.importKey(open(self.private_keyfile).read())
signature = DKIMUtils.sign(sign_this, key, DKIMUtils.hash_func(algorithm))
self.assertEqual(result, signature)
# Make sure header is updated in the request
updated_header = "v=1; d=example.com; s=dkim; t=%s; x=%s; a=%s; q=private-exchange:http/well-known:dns/txt; c=ischedule-relaxed/simple; h=Originator:Recipient:Content-Type:iSchedule-Version:iSchedule-Message-ID; bh=%s; b=%s" % (request.time, request.expire, algorithm, bodyhash, signature,)
self.assertEqual(request.headers.getRawHeaders("DKIM-Signature")[0], updated_header)
# Try to verify result using public key
pubkey = RSA.importKey(open(self.public_keyfile).read())
self.assertEqual(DKIMUtils.verify(sign_this, result, pubkey, DKIMUtils.hash_func(algorithm)), None)
def test_body_hash(self):
data = "Hello World!"
for algorithm, hash_method in (
(
"rsa-sha1",
hashlib.sha1,
),
(
"rsa-sha256",
hashlib.sha256,
),
):
stream = str(data)
headers = Headers()
headers.addRawHeader("Originator", "mailto:[email protected]")
headers.addRawHeader("Recipient", "mailto:[email protected]")
headers.setHeader(
"Content-Type",
MimeType("text", "calendar", **{
"component": "VEVENT",
"charset": "utf-8"
}))
request = DKIMRequest("POST", "/", headers, stream, "example.com",
"dkim", "/tmp/key", algorithm, (
"Originator",
"Recipient",
"Content-Type",
), True, True, True, 3600)
hash = base64.b64encode(
hash_method(DKIMUtils.canonicalizeBody(data)).digest())
result = (yield request.bodyHash())
self.assertEqual(result, hash)
def test_canonicalize_body(self):
"""
L{DKIMUtils.canonicalizeBody} correctly canonicalizes bodies.
"""
data = (
(
"""Simple""",
"""Simple\n""",
),
(
"""Simple\n""",
"""Simple\n""",
),
(
"""Simple\n\n""",
"""Simple\n""",
),
)
for text, result in data:
self.assertEqual(
DKIMUtils.canonicalizeBody(text.replace("\n", "\r\n")),
result.replace("\n", "\r\n"),
)
def test_canonicalize_body(self):
"""
L{DKIMUtils.canonicalizeBody} correctly canonicalizes bodies.
"""
data = (
(
"""Simple""",
"""Simple\n""",
),
(
"""Simple\n""",
"""Simple\n""",
),
(
"""Simple\n\n""",
"""Simple\n""",
),
)
for text, result in data:
self.assertEqual(
DKIMUtils.canonicalizeBody(text.replace("\n", "\r\n")),
result.replace("\n", "\r\n"),
)
def test_body_hash(self):
data = "Hello World!"
for algorithm, hash_method in (
("rsa-sha1", hashlib.sha1,),
("rsa-sha256", hashlib.sha256,),
):
stream = str(data)
headers = Headers()
headers.addRawHeader("Originator", "mailto:[email protected]")
headers.addRawHeader("Recipient", "mailto:[email protected]")
headers.setHeader("Content-Type", MimeType("text", "calendar", **{"component": "VEVENT", "charset": "utf-8"}))
request = DKIMRequest("POST", "/", headers, stream, "example.com", "dkim", "/tmp/key", algorithm, ("Originator", "Recipient", "Content-Type",), True, True, True, 3600)
hash = base64.b64encode(hash_method(DKIMUtils.canonicalizeBody(data)).digest())
result = (yield request.bodyHash())
self.assertEqual(result, hash)
