Test case for verify problem with degenerate FWS.
This commit is contained in:
Stuart D. Gathman
@@ -0,0 +1,24 @@
|
|||||||
|
Comment: degenerate folding is ugly but legal, reported in Debian bug#711751
|
||||||
|
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
|
||||||
|
d=gmail.com; s=20120113;
|
||||||
|
h=mime-version:sender:from:date:x-google-sender-auth:message-id
|
||||||
|
:subject:to:content-type;
|
||||||
|
bh=NRDGmXYX648Rm6cs06aAQIE77gu68nsSHYB4kAMm7QQ=;
|
||||||
|
b=VaN3KmNPlU1uSNproy8wF+6qwTUKEcyzanoPSo/u8P0p8rtHgQpOW5/nJ+/ExQ9jKN
|
||||||
|
FWTyZ9PLecg/0De0QYV18GQovYb3PVUCDHS7dYzfWp072lFPAhISUancFc30amzRPXcy
|
||||||
|
J2lnvgoPcFuqDh5tLPchz8LdeIL0hMr2Xt+xEibHftqYT0JRXX4LXkZdO/b/i825qMtL
|
||||||
|
W51wBB0V6L1ZU156A9cZWQWvwnQ/lV7PV7AwRqGbIESguRLfCbM+UIAGoCR8QtTO0lkY
|
||||||
|
bGqPQucn+1eZZUNsEJAWFI6eo2MmxY/FABEURGYAukaTg13UC9W+O6kGPH5iS5aRpAAT eKbQ==
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Sender: kaner.mail@gmail.com
|
||||||
|
Received: by 10.42.92.137 with HTTP; Sun, 9 Jun 2013 02:37:02 -0700 (PDT)
|
||||||
|
From: Christian Fromme <cfr@strace.org>
|
||||||
|
Date: Sun, 9 Jun 2013 11:37:02 +0200
|
||||||
|
X-Google-Sender-Auth: ZkDaYkXZHozJZyNGgvWFlv78IRY
|
||||||
|
Message-ID: <CABop5ezogOsxQXV1pUHCZDf-w3XpOFPsbSm8o8Lx5CRX-eq4fg@mail.gmail.com>
|
||||||
|
Subject: DKIM test mail #1
|
||||||
|
To: gettor@gettor.torproject.org
|
||||||
|
Content-Type: text/plain; charset=ISO-8859-1
|
||||||
|
|
||||||
|
Hello, DKIM
|
||||||
|
|
||||||
+28
-10
@@ -53,12 +53,28 @@ class TestSignAndVerify(unittest.TestCase):
|
|||||||
self.key = read_test_data("test.private")
|
self.key = read_test_data("test.private")
|
||||||
|
|
||||||
def dnsfunc(self, domain):
|
def dnsfunc(self, domain):
|
||||||
|
sample_dns = """\
|
||||||
|
k=rsa; \
|
||||||
|
p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANmBe10IgY+u7h3enWTukkqtUD5PR52T\
|
||||||
|
b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ=="""
|
||||||
|
|
||||||
|
_dns_responses = {
|
||||||
|
'example._domainkey.canonical.com.': sample_dns,
|
||||||
|
'test._domainkey.example.com.': read_test_data("test.txt"),
|
||||||
|
'20120113._domainkey.gmail.com.': """k=rsa; \
|
||||||
|
p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Kd87/UeJjenpabgbFwh\
|
||||||
|
+eBCsSTrqmwIYYvywlbhbqoo2DymndFkbjOVIPIldNs/m40KF+yzMn1skyoxcTUGCQ\
|
||||||
|
s8g3FgD2Ap3ZB5DekAo5wMmk4wimDO+U8QzI3SD07y2+07wlNWwIt8svnxgdxGkVbb\
|
||||||
|
hzY8i+RQ9DpSVpPbF7ykQxtKXkv/ahW3KjViiAH+ghvvIhkx4xYSIc9oSwVmAl5Oct\
|
||||||
|
MEeWUwg8Istjqz8BZeTWbf41fbNhte7Y+YqZOwq1Sd0DbvYAD9NOZK9vlfuac0598H\
|
||||||
|
Y+vtSBczUiKERHv1yRbcaQtZFh5wtiRrN04BLUTD21MycBX5jYchHjPY/wIDAQAB"""
|
||||||
|
}
|
||||||
try:
|
try:
|
||||||
domain = domain.decode('ascii')
|
domain = domain.decode('ascii')
|
||||||
except UnicodeDecodeError:
|
except UnicodeDecodeError:
|
||||||
return None
|
return None
|
||||||
self.assertEqual('test._domainkey.example.com.', domain)
|
self.assertTrue(domain in _dns_responses,domain)
|
||||||
return read_test_data("test.txt")
|
return _dns_responses[domain]
|
||||||
|
|
||||||
def test_verifies(self):
|
def test_verifies(self):
|
||||||
# A message verifies after being signed.
|
# A message verifies after being signed.
|
||||||
@@ -118,12 +134,6 @@ b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ==
|
|||||||
-----END PUBLIC KEY-----
|
-----END PUBLIC KEY-----
|
||||||
"""
|
"""
|
||||||
|
|
||||||
sample_dns = """\
|
|
||||||
k=rsa; \
|
|
||||||
p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANmBe10IgY+u7h3enWTukkqtUD5PR52T\
|
|
||||||
b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ=="""
|
|
||||||
|
|
||||||
_dns_responses = {'example._domainkey.canonical.com.': sample_dns}
|
|
||||||
for header_mode in [dkim.Relaxed, dkim.Simple]:
|
for header_mode in [dkim.Relaxed, dkim.Simple]:
|
||||||
|
|
||||||
dkim_header = dkim.sign(sample_msg, 'example', 'canonical.com',
|
dkim_header = dkim.sign(sample_msg, 'example', 'canonical.com',
|
||||||
@@ -135,7 +145,7 @@ b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ=="""
|
|||||||
# simple canonicalization.
|
# simple canonicalization.
|
||||||
# http://tools.ietf.org/html/rfc4871#section-3.5
|
# http://tools.ietf.org/html/rfc4871#section-3.5
|
||||||
signed = dkim.fold(dkim_header) + sample_msg
|
signed = dkim.fold(dkim_header) + sample_msg
|
||||||
result = dkim.verify(signed,dnsfunc=lambda x: _dns_responses[x],
|
result = dkim.verify(signed,dnsfunc=self.dnsfunc,
|
||||||
minkey=512)
|
minkey=512)
|
||||||
self.assertTrue(result)
|
self.assertTrue(result)
|
||||||
dkim_header = dkim.fold(dkim_header)
|
dkim_header = dkim.fold(dkim_header)
|
||||||
@@ -143,9 +153,17 @@ b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ=="""
|
|||||||
pos = dkim_header.rindex(b'\r\n ')
|
pos = dkim_header.rindex(b'\r\n ')
|
||||||
dkim_header = dkim_header[:pos]+b'\r\n\t'+dkim_header[pos+3:]
|
dkim_header = dkim_header[:pos]+b'\r\n\t'+dkim_header[pos+3:]
|
||||||
result = dkim.verify(dkim_header + sample_msg,
|
result = dkim.verify(dkim_header + sample_msg,
|
||||||
dnsfunc=lambda x: _dns_responses[x], minkey=512)
|
dnsfunc=self.dnsfunc, minkey=512)
|
||||||
self.assertTrue(result)
|
self.assertTrue(result)
|
||||||
|
|
||||||
|
def test_degenerate_folding(self):
|
||||||
|
# <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711751>
|
||||||
|
# degenerate folding is ugly but legal
|
||||||
|
message = read_test_data("test2.message")
|
||||||
|
dv = dkim.DKIM(message)
|
||||||
|
res = dv.verify(dnsfunc=self.dnsfunc)
|
||||||
|
self.assertTrue(res)
|
||||||
|
|
||||||
def test_extra_headers(self):
|
def test_extra_headers(self):
|
||||||
# <https://bugs.launchpad.net/dkimpy/+bug/737311>
|
# <https://bugs.launchpad.net/dkimpy/+bug/737311>
|
||||||
# extra headers above From caused failure
|
# extra headers above From caused failure
|
||||||
|
|||||||
Reference in New Issue
Block a user