diff --git a/dkim/tests/data/test2.message b/dkim/tests/data/test2.message new file mode 100644 index 0000000..d689fbf --- /dev/null +++ b/dkim/tests/data/test2.message @@ -0,0 +1,24 @@ +Comment: degenerate folding is ugly but legal, reported in Debian bug#711751 +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=gmail.com; s=20120113; + h=mime-version:sender:from:date:x-google-sender-auth:message-id + :subject:to:content-type; + bh=NRDGmXYX648Rm6cs06aAQIE77gu68nsSHYB4kAMm7QQ=; + b=VaN3KmNPlU1uSNproy8wF+6qwTUKEcyzanoPSo/u8P0p8rtHgQpOW5/nJ+/ExQ9jKN + FWTyZ9PLecg/0De0QYV18GQovYb3PVUCDHS7dYzfWp072lFPAhISUancFc30amzRPXcy + J2lnvgoPcFuqDh5tLPchz8LdeIL0hMr2Xt+xEibHftqYT0JRXX4LXkZdO/b/i825qMtL + W51wBB0V6L1ZU156A9cZWQWvwnQ/lV7PV7AwRqGbIESguRLfCbM+UIAGoCR8QtTO0lkY + bGqPQucn+1eZZUNsEJAWFI6eo2MmxY/FABEURGYAukaTg13UC9W+O6kGPH5iS5aRpAAT eKbQ== +MIME-Version: 1.0 +Sender: kaner.mail@gmail.com +Received: by 10.42.92.137 with HTTP; Sun, 9 Jun 2013 02:37:02 -0700 (PDT) +From: Christian Fromme +Date: Sun, 9 Jun 2013 11:37:02 +0200 +X-Google-Sender-Auth: ZkDaYkXZHozJZyNGgvWFlv78IRY +Message-ID: +Subject: DKIM test mail #1 +To: gettor@gettor.torproject.org +Content-Type: text/plain; charset=ISO-8859-1 + +Hello, DKIM + diff --git a/dkim/tests/test_dkim.py b/dkim/tests/test_dkim.py index bc00077..f59837b 100644 --- a/dkim/tests/test_dkim.py +++ b/dkim/tests/test_dkim.py @@ -53,12 +53,28 @@ class TestSignAndVerify(unittest.TestCase): self.key = read_test_data("test.private") def dnsfunc(self, domain): + sample_dns = """\ +k=rsa; \ +p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANmBe10IgY+u7h3enWTukkqtUD5PR52T\ +b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ==""" + + _dns_responses = { + 'example._domainkey.canonical.com.': sample_dns, + 'test._domainkey.example.com.': read_test_data("test.txt"), + '20120113._domainkey.gmail.com.': """k=rsa; \ +p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Kd87/UeJjenpabgbFwh\ ++eBCsSTrqmwIYYvywlbhbqoo2DymndFkbjOVIPIldNs/m40KF+yzMn1skyoxcTUGCQ\ +s8g3FgD2Ap3ZB5DekAo5wMmk4wimDO+U8QzI3SD07y2+07wlNWwIt8svnxgdxGkVbb\ +hzY8i+RQ9DpSVpPbF7ykQxtKXkv/ahW3KjViiAH+ghvvIhkx4xYSIc9oSwVmAl5Oct\ +MEeWUwg8Istjqz8BZeTWbf41fbNhte7Y+YqZOwq1Sd0DbvYAD9NOZK9vlfuac0598H\ +Y+vtSBczUiKERHv1yRbcaQtZFh5wtiRrN04BLUTD21MycBX5jYchHjPY/wIDAQAB""" + } try: domain = domain.decode('ascii') except UnicodeDecodeError: return None - self.assertEqual('test._domainkey.example.com.', domain) - return read_test_data("test.txt") + self.assertTrue(domain in _dns_responses,domain) + return _dns_responses[domain] def test_verifies(self): # A message verifies after being signed. @@ -118,12 +134,6 @@ b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ== -----END PUBLIC KEY----- """ - sample_dns = """\ -k=rsa; \ -p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANmBe10IgY+u7h3enWTukkqtUD5PR52T\ -b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ==""" - - _dns_responses = {'example._domainkey.canonical.com.': sample_dns} for header_mode in [dkim.Relaxed, dkim.Simple]: dkim_header = dkim.sign(sample_msg, 'example', 'canonical.com', @@ -135,7 +145,7 @@ b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ==""" # simple canonicalization. # http://tools.ietf.org/html/rfc4871#section-3.5 signed = dkim.fold(dkim_header) + sample_msg - result = dkim.verify(signed,dnsfunc=lambda x: _dns_responses[x], + result = dkim.verify(signed,dnsfunc=self.dnsfunc, minkey=512) self.assertTrue(result) dkim_header = dkim.fold(dkim_header) @@ -143,9 +153,17 @@ b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ==""" pos = dkim_header.rindex(b'\r\n ') dkim_header = dkim_header[:pos]+b'\r\n\t'+dkim_header[pos+3:] result = dkim.verify(dkim_header + sample_msg, - dnsfunc=lambda x: _dns_responses[x], minkey=512) + dnsfunc=self.dnsfunc, minkey=512) self.assertTrue(result) + def test_degenerate_folding(self): + # + # degenerate folding is ugly but legal + message = read_test_data("test2.message") + dv = dkim.DKIM(message) + res = dv.verify(dnsfunc=self.dnsfunc) + self.assertTrue(res) + def test_extra_headers(self): # # extra headers above From caused failure