diff --git a/dkim/__init__.py b/dkim/__init__.py index 9a42462..72b762a 100644 --- a/dkim/__init__.py +++ b/dkim/__init__.py @@ -28,7 +28,7 @@ import dns.resolver from dkim.crypto import ( DigestTooLargeError, - parse_private_key, + parse_pem_private_key, parse_public_key, RSASSA_PKCS1_v1_5_sign, RSASSA_PKCS1_v1_5_verify, @@ -268,17 +268,8 @@ def sign(message, selector, domain, privkey, identity=None, canonicalize=(Simple (headers, body) = rfc822_parse(message) - m = re.search("--\n(.*?)\n--", privkey, re.DOTALL) - if m is None: - raise KeyFormatError("Private key not found") try: - pkdata = base64.b64decode(m.group(1)) - except TypeError, e: - raise KeyFormatError(str(e)) - if debuglog is not None: - print >>debuglog, " ".join("%02x" % ord(x) for x in pkdata) - try: - pk = parse_private_key(pkdata) + pk = parse_pem_private_key(privkey) except UnparsableKeyError, e: raise KeyFormatError(str(e)) diff --git a/dkim/crypto.py b/dkim/crypto.py index b7011d3..9ed6116 100644 --- a/dkim/crypto.py +++ b/dkim/crypto.py @@ -28,6 +28,9 @@ __all__ = [ 'UnparsableKeyError', ] +import base64 +import re + from dkim.asn1 import ( ASN1FormatError, asn1_build, @@ -127,6 +130,22 @@ def parse_private_key(data): return pk +def parse_pem_private_key(data): + """Parse a PEM private key. + + @param data: RFC3447 RSAPrivateKey in PEM format. + @return: RSA private key + """ + m = re.search("--\n(.*?)\n--", data, re.DOTALL) + if m is None: + raise UnparsableKeyError("Private key not found") + try: + pkdata = base64.b64decode(m.group(1)) + except TypeError, e: + raise UnparsableKeyError(str(e)) + return parse_private_key(pkdata) + + def EMSA_PKCS1_v1_5_encode(digest, mlen, hashid): """Encode a digest with RFC3447 EMSA-PKCS1-v1_5. diff --git a/dkim/tests/test_crypto.py b/dkim/tests/test_crypto.py index 12eff95..f033c4b 100644 --- a/dkim/tests/test_crypto.py +++ b/dkim/tests/test_crypto.py @@ -16,6 +16,7 @@ # # Copyright (c) 2011 William Grant +import base64 import unittest from dkim import ( @@ -26,9 +27,28 @@ from dkim.crypto import ( DigestTooLargeError, EMSA_PKCS1_v1_5_encode, int2str, + parse_pem_private_key, + parse_public_key, perform_rsa, str2int, ) +from dkim.tests.test_dkim import read_test_data +from dkim.util import parse_tag_value + + +TEST_KEY_MODULUS = int( + '160190232090260054474895273563294777865179886824815261110923286158270437' + '657769966074370477716411064825849317279563494735400250019233722215662302' + '997403060159149904218292658425241195497467863155064737257198115261596066' + '733086923624062366294295557722551666415445482671442053150678674937682352' + '837105556539434741981') +TEST_KEY_PUBLIC_EXPONENT = 65537 +TEST_KEY_PRIVATE_EXPONENT = int( + '219642251791061057038224045690185219631125389170665415924249912174530136' + '074693824121380763959239792563755125360354847443780863736947713174228520' + '489900956461640273471526152019568303807247290486052565153701534491987040' + '131529720476525111651818771481293273124837542067061293644354088836358900' + '29771161475005043329') class TestStrIntConversion(unittest.TestCase): @@ -46,6 +66,21 @@ class TestStrIntConversion(unittest.TestCase): self.assertRaises(AssertionError, int2str, -1) +class TestParseKeys(unittest.TestCase): + + def test_parse_pem_private_key(self): + key = parse_pem_private_key(read_test_data('test.private')) + self.assertEquals(key['modulus'], TEST_KEY_MODULUS) + self.assertEquals(key['publicExponent'], TEST_KEY_PUBLIC_EXPONENT) + self.assertEquals(key['privateExponent'], TEST_KEY_PRIVATE_EXPONENT) + + def test_parse_public_key(self): + data = read_test_data('test.txt') + key = parse_public_key(base64.b64decode(parse_tag_value(data)['p'])) + self.assertEquals(key['modulus'], TEST_KEY_MODULUS) + self.assertEquals(key['publicExponent'], TEST_KEY_PUBLIC_EXPONENT) + + class TestEMSA_PKCS1_v1_5(unittest.TestCase): def test_encode_sha256(self):