dkimverify 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: be888e240c37308c063950bd2bab4b67c28d0b62
+  data.tar.gz: 2726298b7ec6e5ac4dc7c00392908de20ad33744
+SHA512:
+  metadata.gz: 33a309ba077205dd8d3683a6460a9bc89afc6177cbef24601628b2368886ebd81fae09ed500b6333bc7973f91e4c3d7a5297514fc0615e60f3ceb14e966acd15
+  data.tar.gz: 7078d239bbc4d4a2efbccbcd1c36b7267945d70150937245f1397d463da747837e65f6e77c80592077e7108104655b76717ebb6aa427071bd95037e20faf2d17

data/.gitignore

@@ -0,0 +1,4 @@
+pydkim
+*.gem
+Gemfile.lock # becuase this is a gem and apparently you're not supposed to check that in for gems
+Gemfile.lock

data/Gemfile

@@ -0,0 +1,3 @@
+source "https://rubygems.org"
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 Jeremy B. F. Merrill
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,28 @@
+dkimverify
+==========
+
+a gem for verifying DKIM signatures in Ruby
+
+this gem does not sign mail messages (but a PR to enable it would likely be accepted, I just have no use for it.)
+
+with a debt of gratitude to:
+----------------------------
+
+  - [pydkim](https://github.com/ghewgill/pydkim) by @ghewgill which I used as a reference implementation
+  - [dkim-query](https://github.com/trailofbits/dkim-query) by @trailofbits (and included here in slightly-modified form)
+  - [mail](https://github.com/mikel/mail) by @mikel
+  - [carsonreinke's fork of the jhawthorne's dkim gem](https://github.com/carsonreinke/dkim/tree/feature_verification) which I wish I had found before I started this.
+  - [rfc6376 authors](https://tools.ietf.org/html/rfc6376)
+
+not yet implemented
+-------------------
+checking expiration dates (x=, t=)
+accounting for length limits (l= tag)
+tests (which I really ought to add)
+
+by
+--
+
+Jeremy B. Merrill  
+The New York Times  
+January 2017  

data/dkim-query/.gitignore

@@ -0,0 +1,51 @@
+<<<<<<< HEAD
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log
+=======
+*.gem
+*.rbc
+/.config
+/coverage/
+/InstalledFiles
+/pkg/
+/spec/reports/
+/test/tmp/
+/test/version_tmp/
+/tmp/
+
+## Specific to RubyMotion:
+.dat*
+.repl_history
+build/
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalisation:
+/.bundle/
+/lib/bundler/man/
+
+# for a library or gem, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+# Gemfile.lock
+# .ruby-version
+# .ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc
+>>>>>>> 62c17ee30b1a7d25ef12fab39fd6c2de0bcbadbc

data/dkim-query/.rspec

@@ -0,0 +1 @@
+--colour --format documentation

data/dkim-query/.travis.yml

@@ -0,0 +1,16 @@
+language: ruby
+rvm:
+- 2.1.8
+- 2.2.4
+- 2.3.0
+- jruby
+- rbx-2
+matrix:
+  allow_failures:
+  - rvm: rbx-2
+addons:
+  code_climate:
+    repo_token: 151a667c2c51ff76ac825c07c33e8e63c1ae9956a73f4d0ec7a043d877d05c95
+notifications:
+  slack:
+    secure: Ykcz/gLRZcXhyOGedVgj1u3CDUbZS4y/nL1dREBE0Ar73Vrz+ulcMhri3VzfVBQGkWw06EjqHcIwsIomEInLJKxk3RTfpcYQAdYN+5iEDNOri9a5NK618WdrCuaCS3sKqYbJ/KB0slJDcJ1W+EXkr4GRqZTr5rPdmllUnoaqDCQ=

data/dkim-query/.yardopts

@@ -0,0 +1 @@
+--markup markdown --title "DKIM::Query Documentation" --protected

data/dkim-query/ChangeLog.md

@@ -0,0 +1,25 @@
+### 0.2.6 / 2016-08-3
+
+* Fixed a typo in the parser rules.
+
+### 0.2.5 / 2016-06-17
+
+* Added `mandrill` and `google` to the list of default DKIM selectors.
+
+### 0.2.4 / 2015-08-13
+
+* Fixed a bug where the queried host has no TLD (ex: `test`).
+
+### 0.2.3 / 2015-07-22
+
+* Fixed a typo in the `dkim-query` util.
+* Convert all text into Strings.
+* Convert `t=y` or `t=s` values to Symbols.
+
+### 0.2.2 / 2015-07-04
+
+* Fixed {DKIM::Query::MalformedKey#to_s}.
+
+### 0.2.1 / 2015-07-01
+
+* Initial release.

data/dkim-query/Gemfile

@@ -0,0 +1,19 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in dkim-query.gemspec
+gemspec
+
+group :development do
+  gem 'rake'
+  gem 'rubygems-tasks', '~> 0.2'
+
+  gem 'rspec', '~> 3.0'
+
+  gem 'kramdown'
+  gem 'yard', '~> 0.8'
+end
+
+group :test do
+  gem 'json'
+  gem 'codeclimate-test-reporter', require: nil
+end

data/dkim-query/LICENSE.txt

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Trail of Bits
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/dkim-query/README.md

@@ -0,0 +1,105 @@
+# dkim-query
+
+[![Code Climate](https://codeclimate.com/github/trailofbits/dkim-query/badges/gpa.svg)](https://codeclimate.com/github/trailofbits/dkim-query)
+[![Test Coverage](https://codeclimate.com/github/trailofbits/dkim-query/badges/coverage.svg)](https://codeclimate.com/github/trailofbits/dkim-query)
+[![Build Status](https://travis-ci.org/trailofbits/dkim-query.svg)](https://travis-ci.org/trailofbits/dkim-query)
+
+The `dkim-query` library searches the [DKIM] records for a host. We assume the
+host uses standard dkim 'selectors', and also check if they use their own
+'selector'.
+
+## Examples
+
+Parse a DKIM record:
+
+    require 'dkim/query'
+
+    key = DKIM::Query::Key.parse("k=rsa;  p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB; n=A 1024 bit key")
+    
+    key.v
+    # => nil
+
+    key.g
+    # => nil
+
+    key.h
+    # => nil
+
+    key.k
+    # => :rsa
+
+    key.n
+    # => "A 1024 bit key"
+
+    key.p
+    # => "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB"
+
+    key.s
+    # => nil
+
+    key.t
+    # => nil
+
+Query all keys for a domain:
+
+    domain = DKIM::Query::Domain.query('yahoo.com')
+    # => #<DKIM::Query::Domain:0x0000000315c950 @name="yahoo.com", @keys={"s1024"=>#<DKIM::Query::Key:0x0000000315c9f0 @v=nil, @g=nil, @h=nil, @k=:rsa, @n="A 1024 bit key;", @p="MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB", @s=nil, @t=nil>}>
+
+    domain['s1024']
+    # => #<DKIM::Query::Key:0x0000000315c9f0 @v=nil, @g=nil, @h=nil, @k=:rsa, @n="A 1024 bit key;", @p="MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB", @s=nil, @t=nil>
+
+    domain.each do |key|
+      # ...
+    end
+
+## Synopsis
+
+Query a domain:
+
+    dkim-query google.com
+    ____________________________
+    DKIM record search for google.com
+      - using selectors: ["default", "dkim", "google"]
+      - no DKIM record found for google.com
+    ____________________________
+
+
+Query multiple domains:
+
+    dkim-query trailofbits.com facebook.com yahoo.com
+    ____________________________
+    DKIM record search for trailofbits.com
+      - using selectors: ["default", "dkim", "google", "trailofbits"]
+      - found DKIM record for trailofbits.com at trailofbits._domainkey.trailofbits.com:
+      v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwe04g1hSR55ACcRiLAg0MoEiY5BBviJHJHq/d9r6o+F50fa1TrNNulwKXaST+WCEcW6D2KZ+dt9JvgB9ApIEAFCzHRXhawga0GsfDkOllvpXgT95IPcnYrSkM+rJSbaqHh+YI5sV9sKnvzZDVmB7l5gU3yD74aDmjs9wSg8RC5wIDAQAB
+    ____________________________
+    
+    ____________________________
+    DKIM record search for facebook.com
+      - using selectors: ["default", "dkim", "google", "facebook"]
+      - found DKIM record for facebook.com at default._domainkey.facebook.com:
+      t=y; k=rsa; p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhALkZ4wTn2SQ3EW0vVBExi8izmZZnjZH8JIY5Y964jzDORZku43o6ooFq6HLMjBxmcDYOrJFRdcsKDWtI0Be/uLfc/rClXuyEbcENXfadg77HHv35BI85RNy4TKeai3hxoQIDAQAB;
+    ____________________________
+    
+    ____________________________
+    DKIM record search for yahoo.com
+      - using selectors: ["default", "dkim", "google", "yahoo"]
+      - no DKIM record found for yahoo.com
+    ____________________________
+
+## Requirements
+
+* [ruby] >= 1.9.1
+* [parslet] ~> 1.6
+
+## Install
+
+    $ gem install dkim-query
+
+## License
+
+See the {file:LICENSE.txt} file.
+
+[DKIM]: https://tools.ietf.org/html/rfc6376
+[ruby]: https://www.ruby-lang.org/
+[parslet]: http://kschiess.github.io/parslet/

data/dkim-query/Rakefile

@@ -0,0 +1,24 @@
+# encoding: utf-8
+require 'rubygems'
+
+begin
+  require 'bundler/setup'
+rescue LoadError => e
+  warn e.message
+  warn "Run `gem install bundler` to install Bundler."
+  exit -1
+end
+
+require 'rake'
+require 'rubygems/tasks'
+Gem::Tasks.new
+
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new
+
+task :test    => :spec
+task :default => :spec
+
+require 'yard'
+YARD::Rake::YardocTask.new  
+task :doc => :yard

data/dkim-query/bin/dkim-query

@@ -0,0 +1,34 @@
+#!/usr/bin/env ruby
+
+lib_dir = File.expand_path('../../lib',__FILE__)
+$LOAD_PATH.unshift(lib_dir) unless $LOAD_PATH.include?(lib_dir)
+
+require 'dkim/query'
+
+unless ARGV[0]
+  warn "Please supply at least one host name"
+  exit
+end
+
+ARGV.each do |arg|
+  puts "____________________________\n"
+  puts "DKIM record search for #{arg}"
+
+  domain = DKIM::Query::Domain.query(arg)
+
+  unless domain.keys.empty?
+    puts "- found DKIM record for #{arg}"
+
+    domain.keys.each do |selector,key|
+      puts "  #{selector}:"
+
+      [:v, :g, :h, :k, :n, :p, :s, :t].each do |field|
+        value = key.send(field)
+        puts "    #{field}: #{value}" if value
+      end
+    end
+  else
+    puts "- no DKIM record found for #{arg}"
+  end
+  puts "____________________________\n\n"
+end

data/dkim-query/dkim-query.gemspec

@@ -0,0 +1,26 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'dkim/query/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = "dkim-query"
+  gem.version       = DKIM::Query::VERSION
+  gem.authors       = ["nicktitle"]
+  gem.email         = ["nick.esposito@trailofbits.com"]
+  gem.summary       = %q{DKIM Retriever and Parser}
+  gem.description   = %q{Search and retrieve DKIM records for any number of hosts}
+  gem.homepage      = "https://github.com/trailofbits/dkim-query#readme"
+  gem.license       = "MIT"
+
+  gem.files         = `git ls-files -z`.split("\x0")
+  gem.executables   = ['dkim-query']
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+  gem.required_ruby_version = '>= 1.9.1'
+
+  gem.add_dependency "parslet", "~> 1.6"
+
+  gem.add_development_dependency "bundler", "~> 1.6"
+  gem.add_development_dependency "rake", "~> 10.0"
+end

data/dkim-query/lib/dkim/query/domain.rb

@@ -0,0 +1,141 @@
+require_relative 'query'
+require_relative 'key'
+
+require 'resolv'
+
+module DKIM
+  module Query
+    #
+    # Represents the DKIM keys of a domain.
+    #
+    class Domain
+
+      include Enumerable
+
+      # Name of the domain
+      #
+      # @return [String]
+      attr_reader :name
+
+      # DKIM Keys of the domain
+      #
+      # @return [Hash{String => Key}]
+      attr_reader :keys
+
+      #
+      # Initializes the domain.
+      #
+      # @param [String] name
+      #   The domain name.
+      #
+      # @param [Hash{String => Key}] keys
+      #   The DKIM Keys of the domain.
+      #
+      # @api public
+      #
+      def initialize(name,keys={})
+        @name = name
+        @keys = keys
+      end
+
+      #
+      # Parses the DKIM Keys.
+      #
+      # @param [String] domain
+      #   The domain the keys belong to.
+      #
+      # @param [Hash{String => String}] keys
+      #   The DKIM selectors and keys.
+      #
+      # @return [Domain]
+      #   The domain and it's parsed DKIM keys.
+      #
+      # @api semipublic
+      #
+      def self.parse(domain,keys={})
+        keys = Hash[keys.map { |selector,record|
+          [selector, Key.parse(record)]
+        }]
+
+        return new(domain,keys)
+      end
+
+      #
+      # Parses the DKIM Keys.
+      #
+      # @param [String] domain
+      #   The domain the keys belong to.
+      #
+      # @param [Hash{String => String}] keys
+      #   The DKIM selectors and keys.
+      #
+      # @return [Domain]
+      #   The domain and it's parsed DKIM keys.
+      #
+      # @raise [Parslet::ParseFailed]
+      #   One of the keys was invalid.
+      #
+      # @api semipublic
+      #
+      def self.parse!(domain,keys={})
+        keys = Hash[keys.map { |selector,record|
+          [selector, Key.parse!(record)]
+        }]
+
+        return new(domain,keys)
+      end
+
+      #
+      # Queries the domain for all DKIM selectors.
+      #
+      # @param [String] domain
+      #   The domain to query.
+      #
+      # @option options [Array<String>] :selectors
+      #   sub-domain selectors.
+      #
+      # @option options [Resolv::DNS] :resolver
+      #
+      # @return [Domain]
+      #   The domain and it's DKIM Keys.
+      #
+      # @api public
+      #
+      def self.query(domain,options={})
+        parse(domain,Query.query(domain,options))
+      end
+
+      #
+      # Enumerates over each individual key.
+      #
+      # @yield [key]
+      #   The given block will be passed each key.
+      #
+      # @yieldparam [DKIM::Query::Key] key
+      #   A key belonging to the domain.
+      #
+      # @return [Enumerator]
+      #   If no block was given, an Enumerator will be returned.
+      #
+      # @api public
+      #
+      def each(&block)
+        @keys.each_value(&block)
+      end
+
+      #
+      # Selects a key from the domain.
+      #
+      # @param [String] selector 
+      #   The selector.
+      #
+      # @return [Key, nil]
+      #   The key within that selector.
+      #
+      def [](selector)
+        @keys[selector]
+      end
+
+    end
+  end
+end

data/dkim-query/lib/dkim/query/exceptions.rb

@@ -0,0 +1,8 @@
+require 'parslet'
+
+module DKIM
+  module Query
+    class InvalidKey < Parslet::ParseFailed
+    end
+  end
+end