summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorazul <azul@riseup.net>2017-09-23 14:44:56 +0000
committerazul <azul@riseup.net>2017-09-23 14:44:56 +0000
commit787287318c54b019a12ef79525c9f5b10d93724d (patch)
tree653c56240d681e1aaf5f7f0ef00904d0bd24301f
parentbc48ac30c232f1e3fa5f5ad455f14d5fec17abeb (diff)
parentc0410a5a5c5dbdd5fa182ac25d72ebb99e48bbb3 (diff)
Merge branch 'wkd' into 'master'
Fetch keys from web key directory See merge request leap/nickserver!18
-rw-r--r--lib/nickserver/email_address.rb4
-rw-r--r--lib/nickserver/reel_server.rb2
-rw-r--r--lib/nickserver/wkd/Readme.md8
-rw-r--r--lib/nickserver/wkd/source.rb16
-rw-r--r--lib/nickserver/wkd/url.rb31
-rw-r--r--lib/zbase32.rb19
-rw-r--r--test/functional/sample_test.rb6
-rw-r--r--test/support/http_stub_helper.rb3
-rw-r--r--test/unit/email_address_test.rb5
-rw-r--r--test/unit/wkd/url_test.rb26
-rw-r--r--test/unit/zbase_test.rb35
11 files changed, 149 insertions, 6 deletions
diff --git a/lib/nickserver/email_address.rb b/lib/nickserver/email_address.rb
index c5d5df7..20f642c 100644
--- a/lib/nickserver/email_address.rb
+++ b/lib/nickserver/email_address.rb
@@ -37,6 +37,10 @@ module Nickserver
address.split('@')[1]
end
+ def local_part
+ address.split('@')[0]
+ end
+
def to_s
address
end
diff --git a/lib/nickserver/reel_server.rb b/lib/nickserver/reel_server.rb
index 9626466..db38e50 100644
--- a/lib/nickserver/reel_server.rb
+++ b/lib/nickserver/reel_server.rb
@@ -43,7 +43,7 @@ module Nickserver
handler.respond_to params(request), request.headers
end
end
- rescue StandardError => e
+ rescue StandardError
request.respond 500, "{}"
end
diff --git a/lib/nickserver/wkd/Readme.md b/lib/nickserver/wkd/Readme.md
new file mode 100644
index 0000000..c93e08c
--- /dev/null
+++ b/lib/nickserver/wkd/Readme.md
@@ -0,0 +1,8 @@
+Allow querying keys from web key directories offered by the users
+provider.
+
+Summary is here:
+ https://wiki.gnupg.org/WKD
+
+Specs are here:
+ https://tools.ietf.org/html/draft-koch-openpgp-webkey-service-00
diff --git a/lib/nickserver/wkd/source.rb b/lib/nickserver/wkd/source.rb
new file mode 100644
index 0000000..01f376e
--- /dev/null
+++ b/lib/nickserver/wkd/source.rb
@@ -0,0 +1,16 @@
+require 'nickserver/source'
+require 'nickserver/response'
+
+module Nickserver
+ module Wkd
+ class Source < Nickserver::Source
+
+ def query(email)
+ url = Url.new(email)
+ status, body = adapter.get url
+ return Nickserver::Response.new(status, body)
+ end
+
+ end
+ end
+end
diff --git a/lib/nickserver/wkd/url.rb b/lib/nickserver/wkd/url.rb
new file mode 100644
index 0000000..965e7ec
--- /dev/null
+++ b/lib/nickserver/wkd/url.rb
@@ -0,0 +1,31 @@
+require 'digest/sha1'
+require 'zbase32'
+
+module Nickserver
+ module Wkd
+ class Url
+
+ def initialize(email)
+ @domain = email.domain.downcase
+ @local_part = email.local_part.downcase
+ end
+
+ def to_s
+ "https://#{domain}/.well-known/openpgpkey" +
+ "/hu/#{domain}/#{encoded_digest}"
+ end
+
+ protected
+
+ attr_reader :domain, :local_part
+
+ def encoded_digest
+ ZBase32.encode32(digest.to_i(16).to_s(2))
+ end
+
+ def digest
+ Digest::SHA1.hexdigest local_part
+ end
+ end
+ end
+end
diff --git a/lib/zbase32.rb b/lib/zbase32.rb
new file mode 100644
index 0000000..754213d
--- /dev/null
+++ b/lib/zbase32.rb
@@ -0,0 +1,19 @@
+module ZBase32
+
+ ALPHABET = 'ybndrfg8ejkmcpqxot1uwisza345h769'.split('').freeze
+
+ def self.encode32(bin_string)
+ bin_string.scan(/[01]{1,5}/).map do |bits|
+ ALPHABET[bits.ljust(5, '0').to_i(2)]
+ end.join
+ end
+
+ def self.decode32(enc)
+ bin = enc.split('').map do |char|
+ ALPHABET.index(char).to_s(2).rjust(5, '0')
+ end.join
+ bin[0, (8 * (bin.length / 8))]
+ # .sub /10*$/ ,'1'
+ end
+
+end
diff --git a/test/functional/sample_test.rb b/test/functional/sample_test.rb
index 18fad74..2b49527 100644
--- a/test/functional/sample_test.rb
+++ b/test/functional/sample_test.rb
@@ -18,19 +18,19 @@ class SampleTest < FunctionalTest
# assert_lookup_status 400, 'invalid'
# end
- def test_nicknym
+ def test_nicknym_success
assert_lookup_status 200, 'test@mail.bitmask.net'
end
# Regression Tests
# #3 handle missing A records
- def test_nicknym
+ def test_nicknym_handles_missing_a_record
assert_lookup_status 404, 'postmaster@cs.ucl.ac.uk'
end
# platform/#8674 handle nonexisting domains
- def test_nicknym
+ def test_nicknym_handles_missing_domain
assert_lookup_status 404, 'postmaster@now-dont-you-dare-register-this-domain.coop'
end
diff --git a/test/support/http_stub_helper.rb b/test/support/http_stub_helper.rb
index 4e3d89b..cc9196e 100644
--- a/test/support/http_stub_helper.rb
+++ b/test/support/http_stub_helper.rb
@@ -27,8 +27,7 @@ module HttpStubHelper
def stub_couch_response(uid, response = {})
query = "\?key=#{"%22#{uid}%22"}&reduce=false"
- stub_http_get /#{Regexp.escape(config.couch_url)}.*#{query}/,
- response
+ stub_http_get(/#{Regexp.escape(config.couch_url)}.*#{query}/, response)
end
private
diff --git a/test/unit/email_address_test.rb b/test/unit/email_address_test.rb
index 6aecef7..2fea65d 100644
--- a/test/unit/email_address_test.rb
+++ b/test/unit/email_address_test.rb
@@ -10,6 +10,11 @@ class EmailAddressTest < Minitest::Test
assert !nick.domain?('est.me')
end
+ def test_local_part
+ nick = Nickserver::EmailAddress.new 'nick@test.me'
+ assert_equal 'nick', nick.local_part
+ end
+
def test_valid
nick = Nickserver::EmailAddress.new 'nick@remote.domain'
assert nick.valid?
diff --git a/test/unit/wkd/url_test.rb b/test/unit/wkd/url_test.rb
new file mode 100644
index 0000000..9bf8f64
--- /dev/null
+++ b/test/unit/wkd/url_test.rb
@@ -0,0 +1,26 @@
+require 'test_helper'
+require 'nickserver/wkd/url'
+require 'nickserver/email_address'
+
+module Nickserver::Wkd
+ class UrlTest < Minitest::Test
+ # TODO: test utf8 behavior
+
+ # https://tools.ietf.org/html/draft-koch-openpgp-webkey-service-00#section-3.1
+ def test_sample_from_draft
+ url = Url.new sample_email
+ assert_equal sample_url, url.to_s
+ end
+
+ protected
+
+ def sample_email
+ Nickserver::EmailAddress.new 'Joe.Doe@Example.ORG'
+ end
+
+ def sample_url
+ 'https://example.org/.well-known/openpgpkey/' +
+ 'hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q'
+ end
+ end
+end
diff --git a/test/unit/zbase_test.rb b/test/unit/zbase_test.rb
new file mode 100644
index 0000000..97f0fc5
--- /dev/null
+++ b/test/unit/zbase_test.rb
@@ -0,0 +1,35 @@
+$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/../lib')
+require 'minitest/autorun'
+require 'zbase32'
+
+class Zbase32Test < Minitest::Test
+
+ def test_samples
+ samples.each do |k,v|
+ assert_equal k, decode(v)
+ assert_equal v, encode(k)
+ end
+ end
+
+ protected
+
+ def samples
+ {
+ '111100001011111111000111' => '6n9hq',
+ '110101000111101000000100' => '4t7ye',
+ wkd_sample => 'iy9q119eutrkn8s1mk4r39qejnbu3n5q'
+ }
+ end
+
+ def wkd_sample
+ 'a83ee94be89c48a11ed25ab44cfdc848833c8b6e'.to_i(16).to_s(2)
+ end
+
+ def encode(string)
+ ZBase32.encode32 string
+ end
+
+ def decode(enc)
+ ZBase32.decode32 enc
+ end
+end