Source Code for Module dkim.tests.test_arc

 1  # This software is provided 'as-is', without any express or implied 
 2  # warranty.  In no event will the author be held liable for any damages 
 3  # arising from the use of this software. 
 4  # 
 5  # Permission is granted to anyone to use this software for any purpose, 
 6  # including commercial applications, and to alter it and redistribute it 
 7  # freely, subject to the following restrictions: 
 8  # 
 9  # 1. The origin of this software must not be misrepresented; you must not 
10  #    claim that you wrote the original software. If you use this software 
11  #    in a product, an acknowledgment in the product documentation would be 
12  #    appreciated but is not required. 
13  # 2. Altered source versions must be plainly marked as such, and must not be 
14  #    misrepresented as being the original software. 
15  # 3. This notice may not be removed or altered from any source distribution. 
16  # 
17  # Copyright (c) 2011 William Grant <me@williamgrant.id.au> 
18  # 
19  # This has been modified from the original software. 
20  # Copyright (c) 2016 Google, Inc. 
21  # Contact: Brandon Long <blong@google.com> 
22   
23  import os.path 
24  import unittest 
25  import time 
26   
27  import dkim 
28   
29   
30 -def read_test_data(filename): 
31      """Get the content of the given test data file. 
32      """ 
33      path = os.path.join(os.path.dirname(__file__), 'data', filename) 
34      with open(path, 'rb') as f: 
35          return f.read() 
36   
37   
38 -class TestSignAndVerify(unittest.TestCase): 
39      """End-to-end signature and verification tests.""" 
40   
41 -    def setUp(self): 
42          self.message = read_test_data("test.message") 
43          self.key = read_test_data("test.private") 
44   
45 -    def dnsfunc(self, domain, timeout=5): 
46          sample_dns = """\ 
47  k=rsa; \ 
48  p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANmBe10IgY+u7h3enWTukkqtUD5PR52T\ 
49  b/mPfjC0QJTocVBq6Za/PlzfV+Py92VaCak19F4WrbVTK5Gg5tW220MCAwEAAQ==""" 
50   
51          _dns_responses = { 
52            'example._domainkey.canonical.com.': sample_dns, 
53            'test._domainkey.example.com.': read_test_data("test.txt"), 
54            # dnsfunc returns empty if no txt record 
55            'missing._domainkey.example.com.': '', 
56            '20120113._domainkey.gmail.com.': """k=rsa; \ 
57  p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Kd87/UeJjenpabgbFwh\ 
58  +eBCsSTrqmwIYYvywlbhbqoo2DymndFkbjOVIPIldNs/m40KF+yzMn1skyoxcTUGCQ\ 
59  s8g3FgD2Ap3ZB5DekAo5wMmk4wimDO+U8QzI3SD07y2+07wlNWwIt8svnxgdxGkVbb\ 
60  hzY8i+RQ9DpSVpPbF7ykQxtKXkv/ahW3KjViiAH+ghvvIhkx4xYSIc9oSwVmAl5Oct\ 
61  MEeWUwg8Istjqz8BZeTWbf41fbNhte7Y+YqZOwq1Sd0DbvYAD9NOZK9vlfuac0598H\ 
62  Y+vtSBczUiKERHv1yRbcaQtZFh5wtiRrN04BLUTD21MycBX5jYchHjPY/wIDAQAB""" 
63          } 
64          try: 
65              domain = domain.decode('ascii') 
66          except UnicodeDecodeError: 
67              return None 
68          self.assertTrue(domain in _dns_responses,domain) 
69          return _dns_responses[domain] 
70   
71 -    def test_signs_and_verifies(self): 
72          # A message verifies after being signed 
73          self.maxDiff = None 
74          sig_lines = dkim.arc_sign( 
75              self.message, b"test", b"example.com", self.key, b"lists.example.org", timestamp="12345") 
76   
77          expected_sig = [b'ARC-Seal: i=1; cv=none; a=rsa-sha256; d=example.com; s=test; t=12345;\r\n b=MBw2+L1/4PuYWJlt1tZlDtbOvyfbyH2t2N6DinFV/BIaB2LqbDKTYjXXk9HuuK1/qEkTd\r\n TxCYScIrtVO7pFbGiSawMuLatVzHNCqTURa1zBTXr2mKW1hgdmrtMMUcMVCYxr1AJpu6IYX\r\n VMIoOAn7tIDdO0VLokK6FnIXTWEAplQ=\r\n', b'ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;\r\n d=example.com; s=test; t=12345; h=message-id : date : from : to :\r\n subject : from; bh=wE7NXSkgnx9PGiavN4OZhJztvkqPDlemV3OGuEnLwNo=;\r\n b=a0f6qc3k9eECTSR155A0TQS+LjqPFWfI/brQBA83EUz00SNxj1wmWykvs1hhBVeM0r1kE\r\n Qc6CKbzRYaBNSiFj4q8JBpRIujLz1qLyGmPuAI6ddu/Z/1hQxgpVcp/odmI1UMV2R+d+yQ7\r\n tUp3EQxF/GYNt22rV4rNmDmANZVqJ90=\r\n', b'ARC-Authentication-Results: i=1; lists.example.org; arc=none;\r\n  spf=pass smtp.mfrom=jqd@d1.example;\r\n  dkim=pass (1024-bit key) header.i=@d1.example;\r\n  dmarc=pass\r\n'] 
78          self.assertEqual(expected_sig, sig_lines) 
79   
80          (cv, res, reason) = dkim.arc_verify(b''.join(sig_lines) + self.message, dnsfunc=self.dnsfunc) 
81          self.assertEqual(cv, dkim.CV_Pass) 
82   
83 -    def test_fails_h_in_as(self): 
84          # ARC 4.1.3, h= not allowed in AS 
85          self.maxDiff = None 
86          sig_lines = [b'ARC-Seal: i=1; cv=none; a=rsa-sha256; d=example.com; s=test; t=12345;\r\n h=message-id : date : from : to : subject : from;\r\n b=mIurIuLl0/wAxWhA4DBS1wsUE15IBnmJ7o3sH15hIuesdD4smz1cCLXVhRtxQE\r\n rVtVLv4OgNCgdFsB5zbSOUao2bSSYP6y0BGyCWvr+hU4tai5axIc1Kfwbtv/0Mqg\r\n waiGJPreOAAeZOJ4vPfdaAbSXlN5MI4PHW89U82FSIBKI=\r\n', b'ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;\r\n d=example.com; s=test; t=12345; h=message-id :\r\n date : from : to : subject : from;\r\n bh=wE7NXSkgnx9PGiavN4OZhJztvkqPDlemV3OGuEnLwNo=;\r\n b=a0f6qc3k9eECTSR155A0TQS+LjqPFWfI/brQBA83EUz00SNxj\r\n 1wmWykvs1hhBVeM0r1kEQc6CKbzRYaBNSiFj4q8JBpRIujLz1qL\r\n yGmPuAI6ddu/Z/1hQxgpVcp/odmI1UMV2R+d+yQ7tUp3EQxF/GY\r\n Nt22rV4rNmDmANZVqJ90=\r\n', b'ARC-Authentication-Results: i=1; lists.example.org; arc=none;\r\n  spf=pass smtp.mfrom=jqd@d1.example;\r\n  dkim=pass (1024-bit key) header.i=@d1.example;\r\n  dmarc=pass\r\n'] 
87   
88          (cv, res, reason) = dkim.arc_verify(b''.join(sig_lines) + self.message, dnsfunc=self.dnsfunc) 
89          self.assertEqual(cv, dkim.CV_Fail) 
90   
91   
92   
93 -def test_suite(): 
94      from unittest import TestLoader 
95      return TestLoader().loadTestsFromName(__name__) 
96