static void TestEmptyBody(DkimSignatureAlgorithm signatureAlgorithm, DkimCanonicalizationAlgorithm bodyAlgorithm, string expectedHash)
{
var signer = CreateSigner(signatureAlgorithm, DkimCanonicalizationAlgorithm.Simple, bodyAlgorithm);
var headers = new [] { HeaderId.From, HeaderId.To, HeaderId.Subject, HeaderId.Date };
var verifier = new DkimVerifier(new DummyPublicKeyLocator(DkimKeys.Public));
var message = new MimeMessage();
message.From.Add(new MailboxAddress("", "*****@*****.**"));
message.To.Add(new MailboxAddress("", "*****@*****.**"));
message.Subject = "This is an empty message";
message.Date = DateTimeOffset.Now;
message.Body = new TextPart("plain")
{
Text = ""
};
message.Prepare(EncodingConstraint.SevenBit);
signer.Sign(message, headers);
VerifyDkimBodyHash(message, signatureAlgorithm, expectedHash);
var dkim = message.Headers[0];
if (signatureAlgorithm == DkimSignatureAlgorithm.RsaSha1)
{
Assert.IsFalse(verifier.Verify(message, dkim), "DKIM-Signature using rsa-sha1 should not verify.");
// now enable rsa-sha1 to verify again, this time it should pass...
verifier.Enable(DkimSignatureAlgorithm.RsaSha1);
}
Assert.IsTrue(verifier.Verify(message, dkim), "Failed to verify DKIM-Signature.");
}
public static void Main(string[] args)
{
if (args.Length == 0)
{
Help();
return;
}
for (int i = 0; i < args.Length; i++)
{
if (args[i] == "--help")
{
Help();
return;
}
}
var locator = new DkimPublicKeyLocator();
var verifier = new DkimVerifier(locator);
// RSA-SHA1 is disabled by default starting with MimeKit 2.2.0
verifier.Enable(DkimSignatureAlgorithm.RsaSha1);
for (int i = 0; i < args.Length; i++)
{
if (!File.Exists(args[i]))
{
Console.Error.WriteLine("{0}: No such file.", args[i]);
continue;
}
Console.Write("{0} -> ", args[i]);
var message = MimeMessage.Load(args[i]);
var index = message.Headers.IndexOf(HeaderId.DkimSignature);
if (index == -1)
{
Console.WriteLine("NO SIGNATURE");
continue;
}
var dkim = message.Headers[index];
if (verifier.Verify(message, dkim))
{
// the DKIM-Signature header is valid!
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("VALID");
Console.ResetColor();
}
else
{
// the DKIM-Signature is invalid!
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("INVALID");
Console.ResetColor();
}
}
}
public void TestDkimVerifierEnableDisable()
{
var verifier = new DkimVerifier(new DummyPublicKeyLocator(DkimKeys.Public));
Assert.IsFalse(verifier.IsEnabled(DkimSignatureAlgorithm.RsaSha1), "initial value");
verifier.Enable(DkimSignatureAlgorithm.RsaSha1);
Assert.IsTrue(verifier.IsEnabled(DkimSignatureAlgorithm.RsaSha1), "rsa-sha1 enabled");
verifier.Disable(DkimSignatureAlgorithm.RsaSha1);
Assert.IsFalse(verifier.IsEnabled(DkimSignatureAlgorithm.RsaSha1), "rsa-sha1 disabled");
}
static void TestDkimSignVerify(MimeMessage message, DkimSignatureAlgorithm signatureAlgorithm, DkimCanonicalizationAlgorithm headerAlgorithm, DkimCanonicalizationAlgorithm bodyAlgorithm)
{
var headers = new HeaderId[] { HeaderId.From, HeaderId.Subject, HeaderId.Date };
var verifier = new DkimVerifier(new DummyPublicKeyLocator(DkimKeys.Public));
var signer = CreateSigner(signatureAlgorithm, headerAlgorithm, bodyAlgorithm);
signer.Sign(message, headers);
var dkim = message.Headers[0];
if (signatureAlgorithm == DkimSignatureAlgorithm.RsaSha1)
{
Assert.IsFalse(verifier.Verify(message, dkim), "DKIM-Signature using rsa-sha1 should not verify.");
// now enable rsa-sha1 to verify again, this time it should pass...
verifier.Enable(DkimSignatureAlgorithm.RsaSha1);
}
Assert.IsTrue(verifier.Verify(message, dkim), "Failed to verify DKIM-Signature.");
message.Headers.RemoveAt(0);
}
static void TestUnicode(DkimSignatureAlgorithm signatureAlgorithm, DkimCanonicalizationAlgorithm bodyAlgorithm, string expectedHash)
{
var signer = CreateSigner(signatureAlgorithm, DkimCanonicalizationAlgorithm.Simple, bodyAlgorithm);
var headers = new [] { HeaderId.From, HeaderId.To, HeaderId.Subject, HeaderId.Date };
var verifier = new DkimVerifier(new DummyPublicKeyLocator(DkimKeys.Public));
var message = new MimeMessage();
message.From.Add(new MailboxAddress("", "*****@*****.**"));
message.To.Add(new MailboxAddress("", "*****@*****.**"));
message.Subject = "This is a unicode message";
message.Date = DateTimeOffset.Now;
var builder = new BodyBuilder();
builder.TextBody = " تست ";
builder.HtmlBody = " <div> تست </div> ";
message.Body = builder.ToMessageBody();
((Multipart)message.Body).Boundary = "=-MultipartAlternativeBoundary";
((Multipart)message.Body)[1].ContentId = null;
message.Prepare(EncodingConstraint.EightBit);
signer.Sign(message, headers);
var dkim = message.Headers[0];
VerifyDkimBodyHash(message, signatureAlgorithm, expectedHash);
if (signatureAlgorithm == DkimSignatureAlgorithm.RsaSha1)
{
Assert.IsFalse(verifier.Verify(message, dkim), "DKIM-Signature using rsa-sha1 should not verify.");
// now enable rsa-sha1 to verify again, this time it should pass...
verifier.Enable(DkimSignatureAlgorithm.RsaSha1);
}
Assert.IsTrue(verifier.Verify(message, dkim), "Failed to verify DKIM-Signature.");
}