X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/d5b80e59458182b2d557a929a18cb8c70cd56b68..f3fe5970b320bd6f8c9d01f11881fa6d6b5e7384:/test/scripts/4500-DKIM/4500 diff --git a/test/scripts/4500-DKIM/4500 b/test/scripts/4500-DKIM/4500 index 6b3ff5fcf..112fda506 100644 --- a/test/scripts/4500-DKIM/4500 +++ b/test/scripts/4500-DKIM/4500 @@ -1,12 +1,15 @@ # DKIM verify, simple canonicalisation # -exim -DSERVER=server -bd -oX PORT_D +exim -DSERVER=server -DMSIZE='rsa=512 ed25519=250' -bd -oX PORT_D **** # +# (A) # This should pass. # - sha1, 1024b # Mail original in aux-fixed/4500.msg1.txt # Sig generated by: perl aux-fixed/dkim/sign.pl --method=simple/simple < aux-fixed/4500.msg1.txt +# NB: simple canon does not affect tabs-vs-spaces in header continuation lines, which +# likely matters in the DKIM sig header. Take care! client 127.0.0.1 PORT_D ??? 220 HELO xxx @@ -19,10 +22,10 @@ DATA ??? 354 DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=test.ex; h=from:to :date:message-id:subject; s=sel; bh=OB9dZVu7+5/ufs3TH9leIcEpXSo=; b= - PeUA8iBGfStWv+9/BBKkvCEYj/AVMl4e9k+AqWOXKyuEUfHxqAnV+sPnOejpmvT8 - 41kuM4u0bICvK371YvB/yO61vtliRhyqU76Y2e55p2uvMADb3UyDhLyzpco4+yBo - 1w0AuIxu0VU4TK8UmOLyCw/1hxrh1DcEInbEMEKJ7kI= -From: mrgus@text.ex + CoaRNB2Z59hSnhTzT8bYbMIN3P57XAVcFeV5oGEl4aKmhm6Mtu2uIc7B2z9k5+A/ + +KFIE9HRj7eg9kPzagoPIvI84WE5PN5yRehMjJI6WqhM3V+bQDHkb8ubSmiaYxY5 + B2Pd/kEGgHUlMDB0Hug4FMMt7GcFxagKspthOT/Pso0= +From: mrgus@test.ex To: bakawolf@yahoo.com Date: Thu, 19 Nov 2015 17:00:07 -0700 Message-ID: @@ -35,6 +38,7 @@ QUIT ??? 221 **** # +# (B) # This should pass. # - sha1, 512b # Mail original in aux-fixed/4500.msg1.txt @@ -67,6 +71,7 @@ QUIT ??? 221 **** # +# (C) # This should pass. # - sha256, 1024b # Mail original in aux-fixed/4500.msg1.txt @@ -101,6 +106,7 @@ QUIT **** # # +# (D) # This should pass. The pubkey dns decord has a additional sha1-only h= field # # - sha1, 512b @@ -136,5 +142,121 @@ QUIT # # killdaemon +# +# A verifier that refuses sha1 +exim -DSERVER=server -DOPTION -DMSIZE='rsa=512 ed25519c=32' -bd -oX PORT_D +**** +# +# (E) +# This should fail despite being a passing submission above (with the unlimited verifier). +# - sha1, 1024b +# Mail original in aux-fixed/4500.msg1.txt +# Sig generated by: perl aux-fixed/dkim/sign.pl --method=simple/simple < aux-fixed/4500.msg1.txt +client 127.0.0.1 PORT_D +??? 220 +HELO xxx +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=test.ex; h=from:to + :date:message-id:subject; s=sel; bh=OB9dZVu7+5/ufs3TH9leIcEpXSo=; b= + PeUA8iBGfStWv+9/BBKkvCEYj/AVMl4e9k+AqWOXKyuEUfHxqAnV+sPnOejpmvT8 + 41kuM4u0bICvK371YvB/yO61vtliRhyqU76Y2e55p2uvMADb3UyDhLyzpco4+yBo + 1w0AuIxu0VU4TK8UmOLyCw/1hxrh1DcEInbEMEKJ7kI= +From: mrgus@text.ex +To: bakawolf@yahoo.com +Date: Thu, 19 Nov 2015 17:00:07 -0700 +Message-ID: +Subject: simple test + +This is a simple test. +. +??? 250 +QUIT +??? 221 +**** +killdaemon +# +# +# +# +# +# +# (F) +# With the default keysize minima, a 512b key should fail +exim -DSERVER=server -bd -oX PORT_D +**** +# - sha1, 512b +# Mail original in aux-fixed/4500.msg1.txt +# Sig generated by: perl aux-fixed/dkim/sign.pl --method=simple/simple --selector=ses \ +# --keyfile=aux-fixed/dkim/dkim512.private < aux-fixed/4500.msg1.txt +client 127.0.0.1 PORT_D +??? 220 +HELO xxx +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=test.ex; h=from:to + :date:message-id:subject; s=ses; bh=OB9dZVu7+5/ufs3TH9leIcEpXSo=; b= + cIErF1eueIT9AU4qG54FyT3yrlVDDM7RZnuU6fWTevZpAuMqhYcRO8tU3U4vtKWB + +I2vd+F1gzqCzBcRtfLhZg== +From: mrgus@text.ex +To: bakawolf@yahoo.com +Date: Thu, 19 Nov 2015 17:00:07 -0700 +Message-ID: +Subject: simple test + +This is a simple test. +. +??? 250 +QUIT +??? 221 +**** +# +# +# (G) +# Two signature, one pass one fail. Checking for "at least one pass". +# Sigs from (F) and (C) above +client 127.0.0.1 PORT_D +??? 220 +HELO xxx +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=test.ex; h=from:to + :date:message-id:subject; s=ses; bh=OB9dZVu7+5/ufs3TH9leIcEpXSo=; b= + cIErF1eueIT9AU4qG54FyT3yrlVDDM7RZnuU6fWTevZpAuMqhYcRO8tU3U4vtKWB + +I2vd+F1gzqCzBcRtfLhZg== +DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=test.ex; h=from:to + :date:message-id:subject; s=sel; bh=3UbbJTudPxmejzh7U1Zg33U3QT+1 + 6kfV2eOTvMeiEis=; b=xQSD/JMqz0C+xKf0A1NTkPTbkDuDdJbpBuyjjT9iYvyP + Zez+xl0TkoPobFGVa6EN8+ZeYV18zjifhtWYLSsNmPinUtcpKQLG1zxAKmmS0JEh + +qihlWbeGJ5+tK588ugUzXHPj+4JBW0H6kxHvdH0l2SlQE5xs/cdggnx5QX5USY= +From: mrgus@text.ex +To: bakawolf@yahoo.com +Date: Thu, 19 Nov 2015 17:00:07 -0700 +Message-ID: +Subject: simple test + +This is a simple test. +. +??? 250 +QUIT +??? 221 +**** +killdaemon +# no_stdout_check no_msglog_check