Extract parse_pem_private_key, and test it and parse_public_key.

dkim/__init__.py

@@ -28,7 +28,7 @@ import dns.resolver
 
 from dkim.crypto import (
     DigestTooLargeError,
-    parse_private_key,
+    parse_pem_private_key,
     parse_public_key,
     RSASSA_PKCS1_v1_5_sign,
     RSASSA_PKCS1_v1_5_verify,
@@ -268,17 +268,8 @@ def sign(message, selector, domain, privkey, identity=None, canonicalize=(Simple
 
     (headers, body) = rfc822_parse(message)
 
-    m = re.search("--\n(.*?)\n--", privkey, re.DOTALL)
-    if m is None:
-        raise KeyFormatError("Private key not found")
     try:
-        pkdata = base64.b64decode(m.group(1))
+        pk = parse_pem_private_key(privkey)
-    except TypeError, e:
-        raise KeyFormatError(str(e))
-    if debuglog is not None:
-        print >>debuglog, " ".join("%02x" % ord(x) for x in pkdata)
-    try:
-        pk = parse_private_key(pkdata)
     except UnparsableKeyError, e:
         raise KeyFormatError(str(e))
 

dkim/crypto.py

@@ -28,6 +28,9 @@ __all__ = [
     'UnparsableKeyError',
     ]
 
+import base64
+import re
+
 from dkim.asn1 import (
     ASN1FormatError,
     asn1_build,
@@ -127,6 +130,22 @@ def parse_private_key(data):
     return pk
 
 
+def parse_pem_private_key(data):
+    """Parse a PEM private key.
+
+    @param data: RFC3447 RSAPrivateKey in PEM format.
+    @return: RSA private key
+    """
+    m = re.search("--\n(.*?)\n--", data, re.DOTALL)
+    if m is None:
+        raise UnparsableKeyError("Private key not found")
+    try:
+        pkdata = base64.b64decode(m.group(1))
+    except TypeError, e:
+        raise UnparsableKeyError(str(e))
+    return parse_private_key(pkdata)
+
+
 def EMSA_PKCS1_v1_5_encode(digest, mlen, hashid):
     """Encode a digest with RFC3447 EMSA-PKCS1-v1_5.
 

dkim/tests/test_crypto.py

@@ -16,6 +16,7 @@
 #
 # Copyright (c) 2011 William Grant <me@williamgrant.id.au>
 
+import base64
 import unittest
 
 from dkim import (
@@ -26,9 +27,28 @@ from dkim.crypto import (
     DigestTooLargeError,
     EMSA_PKCS1_v1_5_encode,
     int2str,
+    parse_pem_private_key,
+    parse_public_key,
     perform_rsa,
     str2int,
     )
+from dkim.tests.test_dkim import read_test_data
+from dkim.util import parse_tag_value
+
+
+TEST_KEY_MODULUS = int(
+    '160190232090260054474895273563294777865179886824815261110923286158270437'
+    '657769966074370477716411064825849317279563494735400250019233722215662302'
+    '997403060159149904218292658425241195497467863155064737257198115261596066'
+    '733086923624062366294295557722551666415445482671442053150678674937682352'
+    '837105556539434741981')
+TEST_KEY_PUBLIC_EXPONENT = 65537
+TEST_KEY_PRIVATE_EXPONENT = int(
+    '219642251791061057038224045690185219631125389170665415924249912174530136'
+    '074693824121380763959239792563755125360354847443780863736947713174228520'
+    '489900956461640273471526152019568303807247290486052565153701534491987040'
+    '131529720476525111651818771481293273124837542067061293644354088836358900'
+    '29771161475005043329')
 
 
 class TestStrIntConversion(unittest.TestCase):
@@ -46,6 +66,21 @@ class TestStrIntConversion(unittest.TestCase):
         self.assertRaises(AssertionError, int2str, -1)
 
 
+class TestParseKeys(unittest.TestCase):
+
+    def test_parse_pem_private_key(self):
+        key = parse_pem_private_key(read_test_data('test.private'))
+        self.assertEquals(key['modulus'], TEST_KEY_MODULUS)
+        self.assertEquals(key['publicExponent'], TEST_KEY_PUBLIC_EXPONENT)
+        self.assertEquals(key['privateExponent'], TEST_KEY_PRIVATE_EXPONENT)
+
+    def test_parse_public_key(self):
+        data = read_test_data('test.txt')
+        key = parse_public_key(base64.b64decode(parse_tag_value(data)['p']))
+        self.assertEquals(key['modulus'], TEST_KEY_MODULUS)
+        self.assertEquals(key['publicExponent'], TEST_KEY_PUBLIC_EXPONENT)
+
+
 class TestEMSA_PKCS1_v1_5(unittest.TestCase):
 
     def test_encode_sha256(self):