Merge branch 'wkd' into 'master'

Fetch keys from web key directory See merge request leap/nickserver!18
author: azul <azul@riseup.net> 2017-09-23 14:44:56 +0000
committer: azul <azul@riseup.net> 2017-09-23 14:44:56 +0000
commit: 787287318c54b019a12ef79525c9f5b10d93724d (patch)
tree: 653c56240d681e1aaf5f7f0ef00904d0bd24301f
parent: bc48ac30c232f1e3fa5f5ad455f14d5fec17abeb (diff)
parent: c0410a5a5c5dbdd5fa182ac25d72ebb99e48bbb3 (diff)
11 files changed, 149 insertions, 6 deletions
diff --git a/lib/nickserver/email_address.rb b/lib/nickserver/email_address.rb
index c5d5df7..20f642c 100644
--- a/lib/nickserver/email_address.rb
+++ b/lib/nickserver/email_address.rb
@@ -37,6 +37,10 @@ module Nickserver
       address.split('@')[1]
     end
 
+    def local_part
+      address.split('@')[0]
+    end
+
     def to_s
       address
     end
diff --git a/lib/nickserver/reel_server.rb b/lib/nickserver/reel_server.rb
index 9626466..db38e50 100644
--- a/lib/nickserver/reel_server.rb
+++ b/lib/nickserver/reel_server.rb
@@ -43,7 +43,7 @@ module Nickserver
           handler.respond_to params(request), request.headers
         end
       end
-    rescue StandardError => e
+    rescue StandardError
       request.respond 500, "{}"
     end
 
diff --git a/lib/nickserver/wkd/Readme.md b/lib/nickserver/wkd/Readme.md
new file mode 100644
index 0000000..c93e08c
--- /dev/null
+++ b/lib/nickserver/wkd/Readme.md
@@ -0,0 +1,8 @@
+Allow querying keys from web key directories offered by the users
+provider.
+
+Summary is here:
+  https://wiki.gnupg.org/WKD
+
+Specs are here:
+  https://tools.ietf.org/html/draft-koch-openpgp-webkey-service-00
diff --git a/lib/nickserver/wkd/source.rb b/lib/nickserver/wkd/source.rb
new file mode 100644
index 0000000..01f376e
--- /dev/null
+++ b/lib/nickserver/wkd/source.rb
@@ -0,0 +1,16 @@
+require 'nickserver/source'
+require 'nickserver/response'
+
+module Nickserver
+  module Wkd
+    class Source < Nickserver::Source
+
+      def query(email)
+        url = Url.new(email)
+        status, body = adapter.get url
+        return Nickserver::Response.new(status, body)
+      end
+
+    end
+  end
+end
diff --git a/lib/nickserver/wkd/url.rb b/lib/nickserver/wkd/url.rb
new file mode 100644
index 0000000..965e7ec
--- /dev/null
+++ b/lib/nickserver/wkd/url.rb
@@ -0,0 +1,31 @@
+require 'digest/sha1'
+require 'zbase32'
+
+module Nickserver
+  module Wkd
+    class Url
+
+      def initialize(email)
+        @domain = email.domain.downcase
+        @local_part = email.local_part.downcase
+      end
+
+      def to_s
+        "https://#{domain}/.well-known/openpgpkey" +
+          "/hu/#{domain}/#{encoded_digest}"
+      end
+
+      protected
+
+      attr_reader :domain, :local_part
+
+      def encoded_digest
+        ZBase32.encode32(digest.to_i(16).to_s(2))
+      end
+
+      def digest
+        Digest::SHA1.hexdigest local_part
+      end
+    end
+  end
+end
diff --git a/lib/zbase32.rb b/lib/zbase32.rb
new file mode 100644
index 0000000..754213d
--- /dev/null
+++ b/lib/zbase32.rb
@@ -0,0 +1,19 @@
+module ZBase32
+
+  ALPHABET = 'ybndrfg8ejkmcpqxot1uwisza345h769'.split('').freeze
+
+  def self.encode32(bin_string)
+    bin_string.scan(/[01]{1,5}/).map do |bits|
+      ALPHABET[bits.ljust(5, '0').to_i(2)]
+    end.join
+  end
+
+  def self.decode32(enc)
+    bin = enc.split('').map do |char|
+      ALPHABET.index(char).to_s(2).rjust(5, '0')
+    end.join
+    bin[0, (8 * (bin.length / 8))]
+     # .sub /10*$/ ,'1'
+  end
+
+end
diff --git a/test/functional/sample_test.rb b/test/functional/sample_test.rb
index 18fad74..2b49527 100644
--- a/test/functional/sample_test.rb
+++ b/test/functional/sample_test.rb
@@ -18,19 +18,19 @@ class SampleTest < FunctionalTest
   #   assert_lookup_status 400, 'invalid'
   # end
 
-  def test_nicknym
+  def test_nicknym_success
     assert_lookup_status 200, 'test@mail.bitmask.net'
   end
 
   # Regression Tests
 
   # #3 handle missing A records
-  def test_nicknym
+  def test_nicknym_handles_missing_a_record
     assert_lookup_status 404, 'postmaster@cs.ucl.ac.uk'
   end
 
   # platform/#8674 handle nonexisting domains
-  def test_nicknym
+  def test_nicknym_handles_missing_domain
     assert_lookup_status 404, 'postmaster@now-dont-you-dare-register-this-domain.coop'
   end
 
diff --git a/test/support/http_stub_helper.rb b/test/support/http_stub_helper.rb
index 4e3d89b..cc9196e 100644
--- a/test/support/http_stub_helper.rb
+++ b/test/support/http_stub_helper.rb
@@ -27,8 +27,7 @@ module HttpStubHelper
 
   def stub_couch_response(uid, response = {})
     query = "\?key=#{"%22#{uid}%22"}&reduce=false"
-    stub_http_get /#{Regexp.escape(config.couch_url)}.*#{query}/,
-      response
+    stub_http_get(/#{Regexp.escape(config.couch_url)}.*#{query}/, response)
   end
 
   private
diff --git a/test/unit/email_address_test.rb b/test/unit/email_address_test.rb
index 6aecef7..2fea65d 100644
--- a/test/unit/email_address_test.rb
+++ b/test/unit/email_address_test.rb
@@ -10,6 +10,11 @@ class EmailAddressTest < Minitest::Test
     assert !nick.domain?('est.me')
   end
 
+  def test_local_part
+    nick = Nickserver::EmailAddress.new 'nick@test.me'
+    assert_equal 'nick', nick.local_part
+  end
+
   def test_valid
     nick = Nickserver::EmailAddress.new 'nick@remote.domain'
     assert nick.valid?
diff --git a/test/unit/wkd/url_test.rb b/test/unit/wkd/url_test.rb
new file mode 100644
index 0000000..9bf8f64
--- /dev/null
+++ b/test/unit/wkd/url_test.rb
@@ -0,0 +1,26 @@
+require 'test_helper'
+require 'nickserver/wkd/url'
+require 'nickserver/email_address'
+
+module Nickserver::Wkd
+  class UrlTest < Minitest::Test
+    # TODO: test utf8 behavior
+
+    # https://tools.ietf.org/html/draft-koch-openpgp-webkey-service-00#section-3.1
+    def test_sample_from_draft
+      url = Url.new sample_email
+      assert_equal sample_url, url.to_s
+    end
+
+    protected
+
+    def sample_email
+      Nickserver::EmailAddress.new 'Joe.Doe@Example.ORG'
+    end
+
+    def sample_url
+      'https://example.org/.well-known/openpgpkey/' +
+        'hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q'
+    end
+  end
+end
diff --git a/test/unit/zbase_test.rb b/test/unit/zbase_test.rb
new file mode 100644
index 0000000..97f0fc5
--- /dev/null
+++ b/test/unit/zbase_test.rb
@@ -0,0 +1,35 @@
+$LOAD_PATH.unshift File.expand_path(File.dirname(__FILE__) + '/../lib')
+require 'minitest/autorun'
+require 'zbase32'
+
+class Zbase32Test < Minitest::Test
+
+  def test_samples
+    samples.each do |k,v|
+      assert_equal k, decode(v)
+      assert_equal v, encode(k)
+    end
+  end
+
+  protected
+
+  def samples
+    {
+      '111100001011111111000111' => '6n9hq',
+      '110101000111101000000100' => '4t7ye',
+      wkd_sample => 'iy9q119eutrkn8s1mk4r39qejnbu3n5q'
+    }
+  end
+
+  def wkd_sample
+    'a83ee94be89c48a11ed25ab44cfdc848833c8b6e'.to_i(16).to_s(2)
+  end
+
+  def encode(string)
+    ZBase32.encode32 string
+  end
+
+  def decode(enc)
+    ZBase32.decode32 enc
+  end
+end
author	azul <azul@riseup.net>	2017-09-23 14:44:56 +0000
committer	azul <azul@riseup.net>	2017-09-23 14:44:56 +0000
commit	787287318c54b019a12ef79525c9f5b10d93724d (patch)
tree	653c56240d681e1aaf5f7f0ef00904d0bd24301f
parent	bc48ac30c232f1e3fa5f5ad455f14d5fec17abeb (diff)
parent	c0410a5a5c5dbdd5fa182ac25d72ebb99e48bbb3 (diff)