Home       Trees       Indices       Help   
Package dkim
[hide private]
[frames] | no frames]

Package dkim

source code

Submodules [hide private]

Classes [hide private]
  ARC
  AuthresNotFoundError
Authres Package not installed, needed for ARC
  DKIM
  DKIMException
Base class for DKIM errors.
  DomainSigner
  HashThrough
  InternalError
Internal error in dkim module.
  KeyFormatError
Key format error while parsing an RSA public or private key.
  MessageFormatError
RFC822 message format error.
  NaClNotFoundError
Nacl package not installed, needed for ed25119 signatures
  ParameterError
Input parameter error.
  UnknownKeyTypeError
Key type (k tag) is not known (rsa/ed25519)
  ValidationError
Validation error.
Functions [hide private]
 
arc_sign(message, selector, domain, privkey, srv_id, signature_algorithm='rsa-sha256', include_headers=None, timestamp=None, logger=None, standardize=False, linesep='\r\n')
Sign an RFC822 message and return the ARC set header lines for the next instance		 source code
 
arc_verify(message, logger=None, dnsfunc=<function get_txt at 0x215b050>, minkey=1024, timeout=5)
Verify the ARC chain on an RFC822 formatted message.		 source code
 
bitsize(x)
Return size of long in bits.		 source code
 
dkim_sign(message, selector, domain, privkey, identity=None, canonicalize=('relaxed', 'simple'), signature_algorithm='rsa-sha256', include_headers=None, length=False, logger=None, linesep='\r\n', tlsrpt=False)
Sign an RFC822 message and return the DKIM-Signature header line.		 source code
 
dkim_verify(message, logger=None, dnsfunc=<function get_txt at 0x215b050>, minkey=1024, timeout=5, tlsrpt=False)
Verify the first (topmost) DKIM signature on an RFC822 formatted message.		 source code
 
evaluate_pk(name, s) source code
 
fold(header, namelen=0, linesep='\r\n')
Fold a header line into multiple crlf-separated lines of text at column		 source code
 
hash_headers(hasher, canonicalize_headers, headers, include_headers, sigheader, sig)
Update hash for signed message header fields.		 source code
 
hash_headers_ed25519(pk, canonicalize_headers, headers, include_headers, sigheader, sig)
Update hash for signed message header fields.		 source code
 
load_pk_from_dns(name, dnsfunc=<function get_txt at 0x215b050>, timeout=5) source code
 
rfc822_parse(message)
Parse a message in RFC822 format.		 source code
 
select_headers(headers, include_headers)
Select message header fields to be signed/verified.		 source code
 
sign(message, selector, domain, privkey, identity=None, canonicalize=('relaxed', 'simple'), signature_algorithm='rsa-sha256', include_headers=None, length=False, logger=None, linesep='\r\n', tlsrpt=False)
Sign an RFC822 message and return the DKIM-Signature header line.		 source code
 
text(s)
Normalize bytes/str to str for python 2/3 compatible doctests.		 source code
 
validate_signature_fields(sig, mandatory_fields=['v', 'a', 'b', 'bh', 'd', 'h', 's'], arc=False)
Validate DKIM or ARC Signature fields.		 source code
 
verify(message, logger=None, dnsfunc=<function get_txt at 0x215b050>, minkey=1024, timeout=5, tlsrpt=False)
Verify the first (topmost) DKIM signature on an RFC822 formatted message.		 source code
Variables [hide private]
  CV_Fail = 'fail'
  CV_None = 'none'
  CV_Pass = 'pass'
  FWS = '(?:(?:\\s*\\r?\\n)?\\s+)?'
  RE_BTAG = re.compile(r'([;\s]b(?:(?:\s*\r?\n)?\s+)?=)(?:(?:(?:...
  Relaxed = 'relaxed'
  Simple = 'simple'
  __package__ = 'dkim'
  dkim_verify_async = verify_async
Function Details [hide private]

arc_sign(message, selector, domain, privkey, srv_id, signature_algorithm='rsa-sha256', include_headers=None, timestamp=None, logger=None, standardize=False, linesep='\r\n')

source code 

Sign an RFC822 message and return the ARC set header lines for the next instance

Parameters:
  • message - an RFC822 formatted message (with either \n or \r\n line endings)
  • selector - the DKIM selector value for the signature
  • domain - the DKIM domain value for the signature
  • privkey - a PKCS#1 private key in base64-encoded text form
  • srv_id - the authserv_id used to identify the ADMD's AR headers and to use for ARC authserv_id
  • signature_algorithm - the signing algorithm to use when signing
  • include_headers - a list of strings indicating which headers are to be signed (default all headers not listed as SHOULD NOT sign)
  • timestamp - the time in integer seconds when the message is sealed (default is int(time.time) based on platform, can be string or int)
  • logger - a logger to which debug info will be written (default None)
  • linesep - use this line seperator for folding the headers
Returns:
A list containing the ARC set of header fields for the next instance
Raises:
  • DKIMException - when the message, include_headers, or key are badly formed.

arc_verify(message, logger=None, dnsfunc=<function get_txt at 0x215b050>, minkey=1024, timeout=5)

source code 

Verify the ARC chain on an RFC822 formatted message.

Parameters:
  • message - an RFC822 formatted message (with either \n or \r\n line endings)
  • logger - a logger to which debug info will be written (default None)
  • dnsfunc - an optional function to lookup TXT resource records
  • minkey - the minimum key size to accept
  • timeout - number of seconds for DNS lookup timeout (default = 5)
Returns:
three-tuple of (CV Result (CV_Pass, CV_Fail or CV_None), list of result dictionaries, result reason)

dkim_sign(message, selector, domain, privkey, identity=None, canonicalize=('relaxed', 'simple'), signature_algorithm='rsa-sha256', include_headers=None, length=False, logger=None, linesep='\r\n', tlsrpt=False)

source code 

Sign an RFC822 message and return the DKIM-Signature header line.

Parameters:
  • message - an RFC822 formatted message (with either \n or \r\n line endings)
  • selector - the DKIM selector value for the signature
  • domain - the DKIM domain value for the signature
  • privkey - a PKCS#1 private key in base64-encoded text form
  • identity - the DKIM identity value for the signature (default "@"+domain)
  • canonicalize - the canonicalization algorithms to use (default (Simple, Simple))
  • signature_algorithm - the signing algorithm to use when signing
  • include_headers - a list of strings indicating which headers are to be signed (default all headers not listed as SHOULD NOT sign)
  • length - true if the l= tag should be included to indicate body length (default False)
  • logger - a logger to which debug info will be written (default None)
  • linesep - use this line seperator for folding the headers
  • tlsrpt - message is an RFC 8460 TLS report (default False) False: Not a tlsrpt, True: Is a tlsrpt, 'strict': tlsrpt, invalid if service type is missing. For signing, if True, length is never used.
Returns:
DKIM-Signature header field terminated by \r\n
Raises:
  • DKIMException - when the message, include_headers, or key are badly formed.

dkim_verify(message, logger=None, dnsfunc=<function get_txt at 0x215b050>, minkey=1024, timeout=5, tlsrpt=False)

source code 

Verify the first (topmost) DKIM signature on an RFC822 formatted message.

Parameters:
  • message - an RFC822 formatted message (with either \n or \r\n line endings)
  • logger - a logger to which debug info will be written (default None)
  • timeout - number of seconds for DNS lookup timeout (default = 5)
  • tlsrpt - message is an RFC 8460 TLS report (default False) False: Not a tlsrpt, True: Is a tlsrpt, 'strict': tlsrpt, invalid if service type is missing. For signing, if True, length is never used.
Returns:
True if signature verifies or False otherwise

fold(header, namelen=0, linesep='\r\n')

source code 

Fold a header line into multiple crlf-separated lines of text at column

  1. The crlf does not count for line length. 
>>> text(fold(b'foo'))
'foo'
>>> text(fold(b'foo  '+b'foo'*24).splitlines()[0])
'foo '
>>> text(fold(b'foo'*25).splitlines()[-1])
' foo'
>>> len(fold(b'foo'*25).splitlines()[0])
72
>>> text(fold(b'x'))
'x'
>>> text(fold(b'xyz'*24))
'xyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyzxyz'
>>> len(fold(b'xyz'*48))
150

rfc822_parse(message)

source code 

Parse a message in RFC822 format.

Parameters:
  • message - The message in RFC822 format. Either CRLF or LF is an accepted line separator.
Returns:
Returns a tuple of (headers, body) where headers is a list of (name, value) pairs. The body is a CRLF-separated string.

select_headers(headers, include_headers)

source code 

Select message header fields to be signed/verified.

>>> h = [('from','biz'),('foo','bar'),('from','baz'),('subject','boring')]
>>> i = ['from','subject','to','from']
>>> select_headers(h,i)
[('from', 'baz'), ('subject', 'boring'), ('from', 'biz')]
>>> h = [('From','biz'),('Foo','bar'),('Subject','Boring')]
>>> i = ['from','subject','to','from']
>>> select_headers(h,i)
[('From', 'biz'), ('Subject', 'Boring')]

sign(message, selector, domain, privkey, identity=None, canonicalize=('relaxed', 'simple'), signature_algorithm='rsa-sha256', include_headers=None, length=False, logger=None, linesep='\r\n', tlsrpt=False)

source code 

Sign an RFC822 message and return the DKIM-Signature header line.

Parameters:
  • message - an RFC822 formatted message (with either \n or \r\n line endings)
  • selector - the DKIM selector value for the signature
  • domain - the DKIM domain value for the signature
  • privkey - a PKCS#1 private key in base64-encoded text form
  • identity - the DKIM identity value for the signature (default "@"+domain)
  • canonicalize - the canonicalization algorithms to use (default (Simple, Simple))
  • signature_algorithm - the signing algorithm to use when signing
  • include_headers - a list of strings indicating which headers are to be signed (default all headers not listed as SHOULD NOT sign)
  • length - true if the l= tag should be included to indicate body length (default False)
  • logger - a logger to which debug info will be written (default None)
  • linesep - use this line seperator for folding the headers
  • tlsrpt - message is an RFC 8460 TLS report (default False) False: Not a tlsrpt, True: Is a tlsrpt, 'strict': tlsrpt, invalid if service type is missing. For signing, if True, length is never used.
Returns:
DKIM-Signature header field terminated by \r\n
Raises:
  • DKIMException - when the message, include_headers, or key are badly formed.

text(s)

source code 

Normalize bytes/str to str for python 2/3 compatible doctests. >>> text(b'foo') 'foo' >>> text(u'foo') 'foo' >>> text('foo') 'foo'

validate_signature_fields(sig, mandatory_fields=['v', 'a', 'b', 'bh', 'd', 'h', 's'], arc=False)

source code 

Validate DKIM or ARC Signature fields. Basic checks for presence and correct formatting of mandatory fields. Raises a ValidationError if checks fail, otherwise returns None.

Parameters:
  • sig - A dict mapping field keys to values.
  • mandatory_fields - A list of non-optional fields
  • arc - flag to differentiate between dkim & arc

verify(message, logger=None, dnsfunc=<function get_txt at 0x215b050>, minkey=1024, timeout=5, tlsrpt=False)

source code 

Verify the first (topmost) DKIM signature on an RFC822 formatted message.

Parameters:
  • message - an RFC822 formatted message (with either \n or \r\n line endings)
  • logger - a logger to which debug info will be written (default None)
  • timeout - number of seconds for DNS lookup timeout (default = 5)
  • tlsrpt - message is an RFC 8460 TLS report (default False) False: Not a tlsrpt, True: Is a tlsrpt, 'strict': tlsrpt, invalid if service type is missing. For signing, if True, length is never used.
Returns:
True if signature verifies or False otherwise

Variables Details [hide private]

RE_BTAG

Value:
re.compile(r'([;\s]b(?:(?:\s*\r?\n)?\s+)?=)(?:(?:(?:\s*\r?\n)?\s+)?[a-\
zA-Z0-9\+/=])*(?:\r?\n\Z)?')

   Home       Trees       Indices       Help   
Generated by Epydoc 3.0.1 on Mon Dec 16 12:46:42 2019 http://epydoc.sourceforge.net