From 22c6c80310a8d3d3abbd1006598b4fbaec98ffd0 Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 22 Sep 2017 15:30:40 +0200 Subject: wkd: implement basic lookup of keys through wkd wkd is the web key directory. See the Readme.md in /lib/nickserver/wkd --- lib/nickserver/wkd/source.rb | 23 ++++++++++++++++++++-- lib/nickserver/wkd/url.rb | 3 +-- test/files/dewey.pgp.asc | 11 +++++++++++ test/remote/hkp_source_test.rb | 8 +++----- test/remote/wkd_source_test.rb | 43 ++++++++++++++++++++++++++++++++++++++++++ test/unit/wkd/url_test.rb | 19 +++++++++++++++++-- 6 files changed, 96 insertions(+), 11 deletions(-) create mode 100644 test/files/dewey.pgp.asc create mode 100644 test/remote/wkd_source_test.rb diff --git a/lib/nickserver/wkd/source.rb b/lib/nickserver/wkd/source.rb index 01f376e..750d3fa 100644 --- a/lib/nickserver/wkd/source.rb +++ b/lib/nickserver/wkd/source.rb @@ -1,5 +1,7 @@ require 'nickserver/source' require 'nickserver/response' +require 'nickserver/wkd/url' +require 'nickserver/hkp/response' module Nickserver module Wkd @@ -7,10 +9,27 @@ module Nickserver def query(email) url = Url.new(email) - status, body = adapter.get url - return Nickserver::Response.new(status, body) + status, blob = adapter.get url + Hkp::Response.new(email.to_s, armor_key(blob)) if status == 200 end + protected + + def armor_key(blob) + header + encode(blob) + footer + end + + def encode(blob) + Base64.strict_encode64(blob).scan(/.{1,64}/).join "\n" + end + + def header + "-----BEGIN PGP PUBLIC KEY BLOCK-----\n\n" + end + + def footer + "\n-----END PGP PUBLIC KEY BLOCK-----\n" + end end end end diff --git a/lib/nickserver/wkd/url.rb b/lib/nickserver/wkd/url.rb index 965e7ec..1670628 100644 --- a/lib/nickserver/wkd/url.rb +++ b/lib/nickserver/wkd/url.rb @@ -11,8 +11,7 @@ module Nickserver end def to_s - "https://#{domain}/.well-known/openpgpkey" + - "/hu/#{domain}/#{encoded_digest}" + "https://#{domain}/.well-known/openpgpkey/hu/#{encoded_digest}" end protected diff --git a/test/files/dewey.pgp.asc b/test/files/dewey.pgp.asc new file mode 100644 index 0000000..a5306bd --- /dev/null +++ b/test/files/dewey.pgp.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEV3IffxYJKwYBBAHaRw8BAQdA0exktohYX2Qglxscg720r5ztQNXO8EP9sOE7 +HDy0V+W0FGRld2V5QHRlc3QuZ251cGcub3JniHkEExYIACEFAldyH38CGwMFCwkI +BwIGFQgJCgsCBBYCAwECHgECF4AACgkQ0Z0isG7nhmgbcwEA3rsFpACV7/rrzyAs +0d3s0ArpjjClmOldD9/si8rSkt8A/04ykHUX1lOQpKdQrT3FtxNnhyOlfF5Y5X1Y +HICUAAsGuDgEV3IffxIKKwYBBAGXVQEFAQEHQN/mRvG5CEKhvuvYdLmjWqUoROwV +D6+6+OdkKFIwjrpuAwEIB4hhBBgWCAAJBQJXch9/AhsMAAoJENGdIrBu54ZoFDEB +AIqlLFB7nxsrMDhmG8il8yUQ6ufvnXSkxkXUjWqqxH8uAP42Y30G+odkMcGHeUzg +4k5B+xPXFVetOsZAD5LILZ1QDw== +-----END PGP PUBLIC KEY BLOCK----- diff --git a/test/remote/hkp_source_test.rb b/test/remote/hkp_source_test.rb index ff61513..c246097 100644 --- a/test/remote/hkp_source_test.rb +++ b/test/remote/hkp_source_test.rb @@ -34,10 +34,9 @@ class RemoteHkpSourceTest < CelluloidTest protected def assert_key_info_for_uid(uid) - source.search uid do |status, keys| - assert_equal 200, status - yield keys - end + status, keys = source.search uid + assert_equal 200, status + yield keys rescue HTTP::ConnectionError => e skip "could not talk to hkp server: #{e}" end @@ -45,5 +44,4 @@ class RemoteHkpSourceTest < CelluloidTest def source Nickserver::Hkp::Source.new adapter end - end diff --git a/test/remote/wkd_source_test.rb b/test/remote/wkd_source_test.rb new file mode 100644 index 0000000..acb6759 --- /dev/null +++ b/test/remote/wkd_source_test.rb @@ -0,0 +1,43 @@ +require 'test_helper' +require 'file_content' +require 'support/celluloid_test' +require 'support/http_adapter_helper' +require 'nickserver/wkd/source' +require 'nickserver/email_address' + +class RemoteWkdSourceTest < CelluloidTest + include HttpAdapterHelper + include FileContent + + def test_existing_key + response = source.query email_with_key + assert_equal 200, response.status + assert_pgp_key_in response + end + + def test_missing_key + uid = 'thisemaildoesnotexist@test.gnupg.org' + email = Nickserver::EmailAddress.new uid + status, body = source.query email + assert_nil status + assert_nil body + end + + protected + + def assert_pgp_key_in(response) + json = JSON.parse response.content + assert_equal email_with_key.to_s, json["address"] + refute_empty json["openpgp"] + assert_equal file_content('dewey.pgp.asc'), json['openpgp'] + end + + def email_with_key + uid = 'dewey@test.gnupg.org' + email = Nickserver::EmailAddress.new uid + end + + def source + Nickserver::Wkd::Source.new adapter + end +end diff --git a/test/unit/wkd/url_test.rb b/test/unit/wkd/url_test.rb index 9bf8f64..1f875b5 100644 --- a/test/unit/wkd/url_test.rb +++ b/test/unit/wkd/url_test.rb @@ -12,15 +12,30 @@ module Nickserver::Wkd assert_equal sample_url, url.to_s end + # we can be pretty sure this works for the person who proposed it + def test_gnupg_testuser_email + url = Url.new test_user_email + assert_equal test_user_url, url.to_s + end + protected + def test_user_email + Nickserver::EmailAddress.new 'dewey@test.gnupg.org' + end + + def test_user_url + 'https://test.gnupg.org/.well-known/openpgpkey/hu/' + + '1g8totoxbt4zf6na1sukczp5fiewr1oe' + end + def sample_email Nickserver::EmailAddress.new 'Joe.Doe@Example.ORG' end def sample_url - 'https://example.org/.well-known/openpgpkey/' + - 'hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q' + 'https://example.org/.well-known/openpgpkey/hu/' + + 'iy9q119eutrkn8s1mk4r39qejnbu3n5q' end end end -- cgit v1.2.3