From 0c6fdbf7c677e9b52c9233b625735baa79d52bea Mon Sep 17 00:00:00 2001
From: Scott Kitterman <scott@kitterman.com>
Date: Thu, 30 Nov 2017 14:33:01 -0500
Subject: [PATCH]     - Add new test, test_implicit_k, to verify that RSA
 processing is still       correct when the optional k= tag is not present in
 the DKIM public key       record

---
 ChangeLog               |  3 +++
 dkim/tests/test_dkim.py | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 3b6bc09..56ac64d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,9 @@ UNRELEASED Version 0.7.0
     - Fix arcverify tag requirements (LP: #1710312)
     - Fix empty body canonicalization for relaxed canonicalization (LP: #1727319)
        * Thanks to Matthew Palmer for the report and the proposed fix
+    - Add new test, test_implicit_k, to verify that RSA processing is still
+      correct when the optional k= tag is not present in the DKIM public key
+      record
 
 2017-05-30 Version 0.6.2
     - Fixed problem with header folding that caused the first line to be
diff --git a/dkim/tests/test_dkim.py b/dkim/tests/test_dkim.py
index 3962a72..5d47647 100644
--- a/dkim/tests/test_dkim.py
+++ b/dkim/tests/test_dkim.py
@@ -69,6 +69,30 @@ p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Kd87/UeJjenpabgbFwh\
 s8g3FgD2Ap3ZB5DekAo5wMmk4wimDO+U8QzI3SD07y2+07wlNWwIt8svnxgdxGkVbb\
 hzY8i+RQ9DpSVpPbF7ykQxtKXkv/ahW3KjViiAH+ghvvIhkx4xYSIc9oSwVmAl5Oct\
 MEeWUwg8Istjqz8BZeTWbf41fbNhte7Y+YqZOwq1Sd0DbvYAD9NOZK9vlfuac0598H\
+Y+vtSBczUiKERHv1yRbcaQtZFh5wtiRrN04BLUTD21MycBX5jYchHjPY/wIDAQAB"""
+        }
+        try:
+            domain = domain.decode('ascii')
+        except UnicodeDecodeError:
+            return None
+        self.assertTrue(domain in _dns_responses,domain)
+        return _dns_responses[domain]
+
+    def dnsfunc2(self, domain):
+        sample_dns = """\
+k=rsa; \
+p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANmBe10IgY+u7h3enWTukkqtUD5PR52T\
+b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ=="""
+
+        _dns_responses = {
+          'example._domainkey.canonical.com.': sample_dns,
+          'test._domainkey.example.com.': read_test_data("test2.txt"),
+          '20120113._domainkey.gmail.com.': """\
+p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Kd87/UeJjenpabgbFwh\
++eBCsSTrqmwIYYvywlbhbqoo2DymndFkbjOVIPIldNs/m40KF+yzMn1skyoxcTUGCQ\
+s8g3FgD2Ap3ZB5DekAo5wMmk4wimDO+U8QzI3SD07y2+07wlNWwIt8svnxgdxGkVbb\
+hzY8i+RQ9DpSVpPbF7ykQxtKXkv/ahW3KjViiAH+ghvvIhkx4xYSIc9oSwVmAl5Oct\
+MEeWUwg8Istjqz8BZeTWbf41fbNhte7Y+YqZOwq1Sd0DbvYAD9NOZK9vlfuac0598H\
 Y+vtSBczUiKERHv1yRbcaQtZFh5wtiRrN04BLUTD21MycBX5jYchHjPY/wIDAQAB"""
         }
         try:
@@ -88,6 +112,16 @@ Y+vtSBczUiKERHv1yRbcaQtZFh5wtiRrN04BLUTD21MycBX5jYchHjPY/wIDAQAB"""
                 res = dkim.verify(sig + self.message, dnsfunc=self.dnsfunc)
                 self.assertTrue(res)
 
+    def test_implicit_k(self):
+        # A message verifies after being signed.
+        for header_algo in (b"simple", b"relaxed"):
+            for body_algo in (b"simple", b"relaxed"):
+                sig = dkim.sign(
+                    self.message, b"test", b"example.com", self.key,
+                    canonicalize=(header_algo, body_algo))
+                res = dkim.verify(sig + self.message, dnsfunc=self.dnsfunc2)
+                self.assertTrue(res)
+
     def test_simple_signature(self):
         # A message verifies after being signed with SHOULD headers
         for header_algo in (b"simple", b"relaxed"):