dkim-query 0.2.1

data/lib/dkim/query/parser.rb

@@ -0,0 +1,163 @@
+require 'parslet'
+require 'openssl'
+
+module DKIM
+  module Query
+    #
+    # DKIM parser.
+    #
+    # @see https://tools.ietf.org/html/rfc6376#section-3
+    #
+    class Parser < Parslet::Parser
+
+      root :record
+      rule(:record) do
+        (
+          fws? >> key_tag >> fws? >>
+          (str(';') >> fws? >> key_tag >> fws?).repeat(0) >> str(';').maybe
+        ).as(:tag_list)
+      end
+
+      rule(:key_tag) do
+        (
+          key_v_tag |
+          key_g_tag |
+          key_h_tag |
+          key_k_tag |
+          key_n_tag |
+          key_p_tag |
+          key_s_tag |
+          key_t_tag
+        ).as(:tag)
+      end
+
+      def self.key_tag_rule(name,&block)
+        rule(:"key_#{name}_tag") do
+          str(name).as(:name) >>
+          fws? >> str('=') >> fws? >>
+          instance_eval(&block).as(:value)
+        end
+      end
+
+      def symbol(name)
+        str(name).as(:symbol)
+      end
+
+      key_tag_rule('v') { symbol('DKIM1') }
+      key_tag_rule('g') { key_g_tag_lpart }
+      rule(:key_g_tag_lpart) do
+        dot_atom_text.maybe >> (str('*') >> dot_atom_text.maybe).maybe
+      end
+      rule(:dot_atom_text) { atext.repeat(1) >> (str('.') >> atext.repeat(1)).repeat(0) }
+
+      key_tag_rule('h') do
+        key_h_tag_alg >>
+        (fws? >> str(':') >> fws? >> key_h_tag_alg).repeat(0)
+      end
+      rule(:key_h_tag_alg) { symbol('sha1') | symbol('sha256') | x_key_h_tag_alg }
+      rule(:x_key_h_tag_alg) { hyphenated_word }
+
+      key_tag_rule('k') { key_k_tag_type }
+      rule(:key_k_tag_type) { symbol('rsa') | x_key_k_tag_type }
+      rule(:x_key_k_tag_type) { hyphenated_word }
+
+      key_tag_rule('n') { qp_section }
+      key_tag_rule('p') { base64string.as(:asn1).maybe }
+      key_tag_rule('s') do
+        key_s_tag_type >> (fws? >> str(':') >> fws? >> key_s_tag_type).repeat(0)
+      end
+      rule(:key_s_tag_type) { symbol('email') | symbol('*') | x_key_s_tag_type }
+      rule(:x_key_s_tag_type) { hyphenated_word }
+
+      key_tag_rule('t') do
+        key_t_tag_flag >> (fws? >> str(':') >> fws? >> key_t_tag_flag).repeat(0)
+      end
+      rule(:key_t_tag_flag) { match['ys'] | x_key_t_tag_flag }
+      rule(:x_key_t_tag_flag) { hyphenated_word }
+
+      #
+      # Section 2.6: DKIM-Quoted-Printable
+      #
+      rule(:dkim_quoted_printable) do
+        (fws | hex_octet | dkim_safe_char).repeat(0)
+      end
+      rule(:dkim_safe_char) do
+        match['\x21-\x3a'] | str("\x3c") | match['\x3e-\x7e']
+      end
+
+      #
+      # Section 2.4: Common ABNF Tokens
+      #
+      rule(:hypthenated_word) do
+        alpha >> ((alpha | digit | str('-')).repeat(0) >> (alpha | digit)).maybe
+      end
+      rule(:base64string) do
+        (alpha | digit | str('+') | str('/') | fws).repeat(1) >>
+        (str('=') >> fws? >> (str('=') >> fws?)).maybe
+      end
+
+      #
+      # Section 2.3: Whitespace
+      #
+      rule(:sp)   { str(' ')    }
+      rule(:crlf) { str("\r\n") }
+      rule(:wsp)  { match['\t '] }
+      rule(:wsp?) { wsp.maybe }
+      rule(:lwsp) { (wsp | crlf >> wsp).repeat(0) }
+      rule(:fws)  { (wsp.repeat(0) >> crlf).maybe >> wsp.repeat(1) }
+      rule(:fws?) { fws.maybe }
+
+      #
+      # Character rules
+      #
+      rule(:alpha) { match['a-zA-Z'] }
+      rule(:digit) { match['0-9'] }
+      rule(:alnum) { match['a-zA-Z0-9'] }
+      rule(:valchar) { match['\x21-\x3a'] | match['\x3c-\x7e'] }
+      rule(:alnumpunc) { match['a-zA-Z0-9_'] }
+      rule(:atext) { alnum | match['!#$%&\'*+\-/=?^ `{|}~'] }
+
+      #
+      # Quoted printable
+      #
+      rule(:qp_section) do
+        (wsp? >> ptext.repeat(1) >> (wsp >> ptext.repeat(1)).repeat(0)).maybe
+      end
+      rule(:ptext) { hex_octet | safe_char }
+      rule(:safe_char) { match['\x21-\x3c'] | match['\x3e-\x7e'] }
+      rule(:hex_octet) { str('=') >> match['0-9A-F'].repeat(2,2) }
+
+      class Transform < Parslet::Transform
+
+        rule(:symbol => simple(:name)) { name.to_sym }
+        # XXX: temporarily disable ASN1 decoding, due to an OpenSSL bug.
+        # rule(:asn1 => simple(:blob)) { OpenSSL::ASN1.decode(blob) }
+        rule(:asn1 => simple(:blob)) { blob }
+
+        rule(tag: {name: simple(:name), value: subtree(:value)}) do
+          {name.to_sym => value}
+        end
+
+        rule(tag_list: subtree(:hashes)) do
+          case hashes
+          when Array then hashes.reduce(&:merge!)
+          else            hashes
+          end
+        end
+
+      end
+
+      #
+      # Parses the text into structured data.
+      #
+      # @param [String] text
+      #
+      # @return [Hash]
+      #
+      def self.parse(text)
+        Transform.new.apply(new.parse(text))
+      end
+
+    end
+  end
+end

data/lib/dkim/query/query.rb

@@ -0,0 +1,60 @@
+require 'resolv'
+
+module DKIM
+  module Query
+    #
+    # Queries the domain for all DKIM selectors.
+    #
+    # @param [String] domain
+    #   The domain to query.
+    #
+    # @option options [Array<String>] :selectors
+    #   sub-domain selectors.
+    #
+    # @option options [Resolv::DNS] :resolver
+    #   Optional resolver to use.
+    #
+    # @return [Hash{String => String}]
+    #   The DKIM keys for the domain.
+    #
+    # @api semipublic
+    #
+    def self.query(domain,options={})
+      selectors = options.fetch(:selectors) { selectors_for(domain) }
+      resolver  = options.fetch(:resolver)  { Resolv::DNS.new }
+
+      keys = {}
+
+      selectors.each do |selector|
+        host = "#{selector}._domainkey.#{domain}"
+
+        begin
+          keys[selector] = resolver.getresource(
+            host, Resolv::DNS::Resource::IN::TXT
+          ).strings.join
+        rescue Resolv::ResolvError
+        end
+      end
+
+      return keys
+    end
+
+    # Default known selectors
+    SELECTORS = %w[default dkim s1024 c1211]
+
+    #
+    # @api private
+    #
+    def self.selectors_for(host)
+      SELECTORS + [host_without_tld(host)]
+    end
+
+    #
+    # @api private
+    #
+    def self.host_without_tld(host)
+      host[0,host.rindex('.')]
+    end
+
+  end
+end

data/lib/dkim/query/version.rb

@@ -0,0 +1,5 @@
+module DKIM
+  module Query
+    VERSION = '0.2.1'
+  end
+end

data/lib/dkim/query.rb

@@ -0,0 +1,4 @@
+require 'dkim/query/version'
+require 'dkim/query/query'
+require 'dkim/query/key'
+require 'dkim/query/domain'

data/spec/domain_spec.rb

@@ -0,0 +1,96 @@
+require 'spec_helper'
+require 'dkim/query/domain'
+
+describe Domain do
+  let(:domain) { 'yahoo.com' }
+  let(:key) do
+    Key.new(
+      k: :rsa,
+      p: "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB",
+      n: "A 1024 bit key;",
+    )
+  end
+  let(:selector) { 's1024' }
+  let(:keys) { {selector => key} }
+
+  subject { described_class.new(domain,keys) }
+
+  describe "#initialize" do
+    it "should set name" do
+      expect(subject.name).to be domain
+    end
+
+    it "should set keys" do
+      expect(subject.keys).to be keys
+    end
+  end
+
+  describe ".parse" do
+    let(:key) do
+      %{k=rsa;  p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB; n=A 1024 bit key}
+    end
+    let(:keys) { {selector => key} }
+
+    subject { described_class.parse(domain,keys) }
+
+    it "should parse the keys" do
+      expect(subject.keys[selector]).to be_kind_of(Key)
+    end
+  end
+
+  describe ".query" do
+    subject { described_class.query(domain) }
+
+    it "should find all known keys" do
+      expect(subject.keys).to have_key('s1024')
+    end
+
+    context "with custom selectors" do
+      let(:selectors) { ['google', 's1024'] }
+
+      subject { described_class.query(domain, selectors: selectors) }
+
+      it "should query those selectors only" do
+        expect(subject.keys).to have_key('s1024')
+      end
+    end
+
+    context "with no selectors" do
+      let(:selectors) { [] }
+
+      subject { described_class.query(domain, selectors: selectors) }
+
+      it "should not find any keys" do
+        expect(subject.keys).to be_empty
+      end
+    end
+  end
+
+  describe "#each" do
+    context "when given a block" do
+      it "should yield each Key" do
+        expect { |b| subject.each(&b) }.to yield_with_args(key)
+      end
+    end
+
+    context "when not given a block" do
+      it "should return an Enumerator" do
+        expect(subject.each).to be_kind_of(Enumerator)
+      end
+    end
+  end
+
+  describe "#[]" do
+    context "when given a valid selector" do
+      it "should return the key" do
+        expect(subject[selector]).to be key
+      end
+    end
+
+    context "when given an unknown selector" do
+      it "should return nil" do
+        expect(subject['foo']).to be_nil
+      end
+    end
+  end
+end

data/spec/key_spec.rb

@@ -0,0 +1,91 @@
+require 'spec_helper'
+require 'dkim/query/key'
+
+describe Key do
+  let(:k) { :rsa }
+  let(:p) { "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB" }
+  let(:n) { "A 1024 bit key;" }
+
+  subject do
+    described_class.new(
+      k: k,
+      p: p,
+      n: n
+    )
+  end
+
+  describe "#initialize" do
+    it "should set @k" do
+      expect(subject.k).to be k
+    end
+
+    it "should set @p" do
+      expect(subject.p).to be p
+    end
+
+    it "should set @n" do
+      expect(subject.n).to be n
+    end
+  end
+
+  let(:record) { %{k=#{k};  p=#{p}; n=#{n}} }
+  let(:invalid_record) { "v=spf1" }
+
+  describe ".parse!" do
+    context "when parsing a valid DKIM Key record" do
+      subject { described_class.parse!(record) }
+
+      it "should return a Key" do
+        expect(subject).to be_kind_of(described_class)
+      end
+    end
+
+    context "when parsing an invalid DKIM Key record" do
+      it "should raise an InvalidKey exception" do
+        expect {
+          described_class.parse!(invalid_record)
+        }.to raise_error(InvalidKey)
+      end
+    end
+  end
+
+  describe ".parse" do
+    context "when parsing a valid DKIM Key record" do
+      subject { described_class.parse(record) }
+
+      it "should return a Key" do
+        expect(subject).to be_kind_of(described_class)
+      end
+    end
+
+    context "when parsing an invalid DKIM Key record" do
+      subject { described_class.parse(invalid_record) }
+
+      it "should return a MalformedKey" do
+        expect(subject).to be_kind_of(MalformedKey)
+      end
+    end
+  end
+
+  describe "#to_hash" do
+    subject { super().to_hash }
+
+    it "should include :k" do
+      expect(subject[:k]).to be == k
+    end
+
+    it "should include :p" do
+      expect(subject[:p]).to be == p
+    end
+
+    it "should include :n" do
+      expect(subject[:n]).to be == n
+    end
+  end
+
+  describe "#to_s" do
+    it "should return a semicolon deliminited string" do
+      expect(subject.to_s).to be == "k=#{k}; p=#{p}; n=#{n}"
+    end
+  end
+end

data/spec/parser_spec.rb

@@ -0,0 +1,243 @@
+require 'spec_helper'
+require 'dkim/query/parser'
+
+describe Parser do
+  describe ".parse" do
+    subject { described_class }
+
+    let(:dkim) do
+      %{k=rsa;  p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB; n=A 1024 bit key;}
+    end
+
+    it "should parse a DKIM record into a Hash" do
+      expect(subject.parse(dkim)).to be == {
+        k: :rsa,
+        p: %{MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB},
+        n: "A 1024 bit key;"
+      }
+    end
+  end
+
+  describe "tags" do
+    describe "v" do
+      subject { super().key_v_tag }
+
+      it "should parse v=DKIM1" do
+        expect(subject.parse('v=DKIM1')).to be == {
+          name: 'v',
+          value: {symbol: 'DKIM1'}
+        }
+      end
+    end
+
+    describe "g" do
+      subject { super().key_g_tag }
+    end
+
+    describe "h" do
+      subject { super().key_h_tag }
+
+      it "should parse h=sha1" do
+        expect(subject.parse('h=sha1')).to be == {
+          name: 'h',
+          value: {symbol: 'sha1'}
+        }
+      end
+
+      it "should parse h=sha256" do
+        expect(subject.parse('h=sha256')).to be == {
+          name: 'h',
+          value: {symbol: 'sha256'}
+        }
+      end
+
+      it "should parse h=sha1:sha256" do
+        expect(subject.parse('h=sha1:sha256')).to be == {
+          name: 'h',
+          value: [
+            {symbol: 'sha1'},
+            {symbol: 'sha256'}
+          ]
+        }
+      end
+    end
+
+    describe "k" do
+      subject { super().key_k_tag }
+
+      it "should parse k=rsa" do
+        expect(subject.parse('k=rsa')).to be == {
+          name: 'k',
+          value: {symbol: 'rsa'}
+        }
+      end
+    end
+
+    describe "n" do
+      subject { super().key_n_tag }
+
+      let(:notes) { %{A 1024 bit key} }
+
+      it "should parse n=..." do
+        expect(subject.parse("n=#{notes}")).to be == {
+          name: 'n',
+          value: notes
+        }
+      end
+    end
+
+    describe "p" do
+      subject { super().key_p_tag }
+
+      let(:base64) { %{MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB} }
+
+      it "should parse p=..." do
+        expect(subject.parse("p=#{base64}")).to be == {
+          name: 'p',
+          value: {asn1: base64}
+        }
+      end
+    end
+
+    describe "s" do
+      subject { super().key_s_tag }
+
+      it "should parse s=email" do
+        expect(subject.parse('s=email')).to be == {
+          name: 's',
+          value: {symbol: 'email'}
+        }
+      end
+
+      it "should parse s=*" do
+        expect(subject.parse('s=*')).to be == {
+          name: 's',
+          value: {symbol: '*'}
+        }
+      end
+
+      it "should parse s=email:*" do
+        expect(subject.parse('s=email:*')).to be == {
+          name: 's',
+          value: [{symbol: 'email'}, {symbol: '*'}]
+        }
+      end
+    end
+
+    describe "t" do
+      subject { super().key_t_tag }
+
+      it "should parse t=y" do
+        expect(subject.parse('t=y')).to be == {
+          name: 't',
+          value: 'y'
+        }
+      end
+
+      it "should parse t=s" do
+        expect(subject.parse('t=s')).to be == {
+          name: 't',
+          value: 's'
+        }
+      end
+    end
+  end
+
+  describe "rules" do
+    describe "dkim_quoted_printable" do
+    end
+
+    describe "dkim_safe_char" do
+    end
+
+    describe "hyphenated_word" do
+    end
+
+    describe "base64string" do
+    end
+
+    describe "qp_section" do
+      subject { super().qp_section }
+
+      it "should parse \"A\"" do
+        expect(subject.parse('A')).to be == 'A'
+      end
+
+      it "should parse \"AAA\"" do
+        expect(subject.parse('AAA')).to be == 'AAA'
+      end
+
+      it "should parse \" A\"" do
+        expect(subject.parse(' A')).to be == ' A'
+      end
+
+      it "should parse \"A B\"" do
+        expect(subject.parse('A B')).to be == 'A B'
+      end
+
+      it "should not parse \" \"" do
+        expect {
+          subject.parse(' ')
+        }.to raise_error(Parslet::ParseFailed)
+      end
+
+      it "should not parse \"A \"" do
+        expect {
+          subject.parse('A ')
+        }.to raise_error(Parslet::ParseFailed)
+      end
+    end
+
+    describe "hex_octet" do
+    end
+  end
+
+  describe Parser::Transform do
+    context "when given {symbol: ...}" do
+      let(:string) { 'foo' }
+
+      it "should convert the string into a Symbol" do
+        expect(subject.apply(symbol: string)).to be == string.to_sym
+      end
+    end
+
+    context "when given {tag: {name: ..., value: ...}}" do
+      let(:name)  { 'foo' }
+      let(:value) { 'bar' }
+
+      it "should convert the string into Hash" do
+        expect(subject.apply(
+          {tag: {name: name, value: value}}
+        )).to be == {name.to_sym => value}
+      end
+    end
+
+    context "when given {tag: {name: ..., value: [...]}}" do
+      let(:name)  { 'foo' }
+      let(:value) { ['a', 'b'] }
+
+      it "should convert the string into Hash" do
+        expect(subject.apply(
+          {tag: {name: name, value: value}}
+        )).to be == {name.to_sym => value}
+      end
+    end
+
+    context "when {tag_list: {...}}" do
+      let(:hash) { {foo: 'bar'} }
+
+      it "should return the single Hash" do
+        expect(subject.apply({tag_list: hash})).to be == hash
+      end
+    end
+
+    context "when {tag_list: [{...}, ...]}" do
+      let(:hashes) { [{foo: 'bar'}, {baz: 'quix'}] }
+      let(:hash)   { {foo: 'bar', baz: 'quix'} }
+
+      it "should merge the Hashes together" do
+        expect(subject.apply({tag_list: hashes})).to be == hash
+      end
+    end
+  end
+end