DKIM: Ed25519 signatures (GnuTLS 3.6.0 and later)

3 files changed, 108 insertions, 1 deletions

diff --git a/test/scripts/4500-DKIM/4505 b/test/scripts/4500-DKIM/4505
new file mode 100644
index 000000000..0be08ea31
--- /dev/null
+++ b/test/scripts/4500-DKIM/4505
@@ -0,0 +1,83 @@
+# DKIM verify, ed25519
+#
+exim -DSERVER=server -bd -oX PORT_D
+****
+#
+# This should pass, only Mail::DKIM::Signer does not handle ed25519-sha256 yet
+#
+# Mail original (will be)in aux-fixed/4500.msg1.txt
+# Sig generated by: perl aux-fixed/dkim/sign.pl --algorithm=ed255190sha256 \
+#			--method=simple/simple < aux-fixed/4500.msg1.txt
+#
+# TODO - until we have that we can only test internal consistency,
+# signing vs. verification.  For now, use a message we signed with
+# the Exim GnuTLS implementation (then we can test GnuTLS vs. others)
+#
+client 127.0.0.1 PORT_D
+??? 220
+HELO xxx
+??? 250
+MAIL FROM:<CALLER@bloggs.com>
+??? 250
+RCPT TO:<a@test.ex>
+??? 250
+DATA
+??? 354
+DKIM-Signature: v=1; a=ed25519-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex
+	; s=sed; h=From:To:Subject; bh=/Ab0giHZitYQbDhFszoqQRUkgqueaX9zatJttIU/plc=;
+	 b=5fhyD3EILDrnL4DnkD4hDaeis7+GSzL9GMHrhIDZJjuJ00WD5iI8SQ1q9rDfzFL/Kdw0VIyB4R
+	Dq0a4H6HI+Bw==;
+Received: from jgh by myhost.test.ex with local (Exim x.yz)
+	envelope-from <jgh@myhost.test.ex>)
+	 1dtXln-0000YP-Hb
+	 a@test.ex; Sun, 17 Sep 2017 12:29:51 +0100
+From: nobody@example.com
+Message-Id: <E1dtXln-0000YP-Hb@myhost.test.ex>
+Sender: CALLER_NAME <jgh@myhost.test.ex>
+Date: Sun, 17 Sep 2017 12:29:51 +0100
+
+content
+.
+??? 250
+QUIT
+??? 221
+****
+#
+#
+# This should pass, an independently-generated sample from Scott Kitterman.
+# I don't want to retain this longterm as it hits an external DNS record,
+# not under the testsuite.
+client 127.0.0.1 PORT_D
+??? 220
+HELO xxx
+??? 250
+MAIL FROM:<CALLER@bloggs.com>
+??? 250
+RCPT TO:<a@test.ex>
+??? 250
+DATA
+??? 354
+DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.org;
+ i=@kitterman.org; q=dns/txt; s=ed25519; t=1517847601;
+ h=message-id : date : from : to : subject : date : from :
+ subject; bh=wE7NXSkgnx9PGiavN4OZhJztvkqPDlemV3OGuEnLwNo=;
+ b=sEnnE99Xsjpcqa/cNf8k/KQCEgjJ/4tswIKoNvq2q0fFQL6XBORJ2fQb
+ Fvt34Tb4sOxlZtBYu01kEJlmGz4uCw==
+Authentication-Results: lists.example.org; arc=none; spf=pass smtp.mfrom=example.com; dmarc=pass
+Received: from localhost
+Message-ID: <example@example.com>
+Date: Mon, 01 Jan 2011 01:02:03 +0400
+From: Test User <test@example.com>
+To: somebody@example.com
+Subject: Testing
+
+This is a test message.
+.
+??? 250
+QUIT
+??? 221
+****
+#
+killdaemon
+no_stdout_check
+no_msglog_check
diff --git a/test/scripts/4500-DKIM/4525 b/test/scripts/4500-DKIM/4525
new file mode 100644
index 000000000..cc53a96c0
--- /dev/null
+++ b/test/scripts/4500-DKIM/4525
@@ -0,0 +1,24 @@
+# DKIM signing, ed25519
+#
+exim -bd -DSERVER=server -oX PORT_D
+****
+#
+# Privkey used here is:  aux-fixed/dkim/dkim_ed25519.private (set in the conf)
+#
+exim -DSELECTOR=sed -DOPT=From:To:Subject -odf a@test.ex
+From: nobody@example.com
+
+content
+****
+#
+# Multiple-signing test (rsa + ed25519)
+#
+exim -DSELECTOR=sed:sel -DOPT=From: -odf b@test.ex
+From: nobody@example.com
+
+content
+****
+#
+millisleep 500
+killdaemon
+no_msglog_check
diff --git a/test/scripts/4500-DKIM/4530 b/test/scripts/4500-DKIM/4530
index 1465d5896..fb98e5564 100644
--- a/test/scripts/4500-DKIM/4530
+++ b/test/scripts/4500-DKIM/4530
@@ -1,6 +1,6 @@
 # DKIM, CHUNKING, wireformat-spoolfile
 #
-exim -bd -DSERVER=server -DOPT=dkim -oX PORT_S:PORT_D
+exim -bd -DSERVER=server -DOPT=dkim -DLIST=Subject -oX PORT_S:PORT_D
 ****
 #
 # 1: non-CHUNKING injection; will not be stored as wireformat therefore