dkimverify 0.0.1

data/dkim-query/lib/dkim/query/key.rb

@@ -0,0 +1,162 @@
+require_relative 'exceptions'
+require_relative 'parser'
+require_relative 'malformed_key'
+
+module DKIM
+  module Query
+    #
+    # Represents an individual DKIM signing key.
+    #
+    class Key
+
+      # DKIM version.
+      #
+      # @return [:DKIM1]
+      attr_reader :v
+      alias version v
+
+      # `g=` tag.
+      # 
+      # @return [String, nil]
+      attr_reader :g
+      alias granularity g
+
+      # `h=` tag.
+      #
+      # @return [:sha1, :sha256, Array<:sha1, :sha256, String>, nil]
+      attr_reader :h
+      alias hash h
+
+      # `k=` tag.
+      #
+      # @return [:rsa, String]
+      attr_reader :k
+      alias key k
+
+      # `n=` tag.
+      #
+      # @return [String, nil]
+      attr_reader :n
+      alias notes n
+
+      # `p=` tag.
+      #
+      # @return [String, nil]
+      attr_reader :p
+      alias public_key p
+
+      # `s=` tag.
+      #
+      # @return [:email, :*, String, Array<:email, :*, String>, nil]
+      attr_reader :s
+      alias service_type s
+
+      # `t=` tag.
+      #
+      # @return [:y, :s, String, nil]
+      attr_reader :t
+      alias flags t
+
+      #
+      # Initialize the key.
+      #
+      # @param [Hash{Symbol => Symbol,String}] tags
+      #   Tags for the key.
+      #
+      # @option tags [Symbol] :v
+      #
+      # @option tags [Symbol] :g
+      #
+      # @option tags [Symbol] :h
+      #
+      # @option tags [Symbol] :k
+      #
+      # @option tags [Symbol] :n
+      #
+      # @option tags [Symbol] :p
+      #
+      # @option tags [Symbol] :s
+      #
+      # @option tags [Symbol] :t
+      #
+      def initialize(tags={})
+        @v, @g, @h, @k, @n, @p, @s, @t = tags.values_at(:v,:g,:h,:k,:n,:p,:s,:t)
+      end
+
+      #
+      # Parses a DKIM Key record.
+      #
+      # @param [String] record
+      #   The DKIM key record.
+      #
+      # @return [Key]
+      #   The new key.
+      #
+      # @raise [InvalidKey]
+      #   Could not parse the DKIM Key record.
+      #
+      def self.parse!(record)
+        new(Parser.parse(record))
+      rescue Parslet::ParseFailed => error
+        raise(InvalidKey.new(error.message,error.cause))
+      end
+
+      #
+      # Parses a DKIM Key record.
+      #
+      # @param [String] record
+      #   The DKIM key record.
+      #
+      # @return [Key, MalformedKey]
+      #   The parsed key. If the key could not be parsed, a {MalformedKey}
+      #   will be returned.
+      #
+      def self.parse(record)
+        begin
+          parse!(record)
+        rescue Parslet::ParseFailed => error
+          MalformedKey.new(record,error.cause)
+        end
+      end
+
+      #
+      # Converts the key to a Hash.
+      #
+      # @return [Hash{:v,:g,:h,:k,:n,:p,:s,:t => Object}]
+      #
+      def to_hash
+        {
+          v: @v,
+          g: @g,
+          h: @h,
+          k: @k,
+          n: @n,
+          p: @p,
+          s: @s,
+          t: @t
+        }
+      end
+
+      #
+      # Converts the key back into a DKIM String.
+      #
+      # @return [String]
+      #
+      def to_s
+        tags = []
+
+        tags << "v=#{@v}" if @v
+        tags << "g=#{@g}" if @g
+        tags << "h=#{@h}" if @h
+        tags << "k=#{@k}" if @k
+        tags << "p=#{@p}" if @p
+        tags << "s=#{@s}" if @s
+        tags << "t=#{@t}" if @t
+        tags << "n=#{@n}" if @n
+
+        return tags.join('; ')
+      end
+
+    end
+  end
+end

data/dkim-query/lib/dkim/query/malformed_key.rb

@@ -0,0 +1,36 @@
+module DKIM
+  module Query
+    #
+    # Represents a unparsable DKIM key.
+    #
+    class MalformedKey
+
+      # Raw value of the DKIM key.
+      #
+      # @return [String]
+      attr_reader :value
+
+      # Cause of the parser failure.
+      #
+      # @return [Parslet::Cause]
+      attr_reader :cause
+
+      #
+      # Initializes the malformed key.
+      #
+      # @param [String] value
+      #   The raw DKIM key.
+      #
+      # @param [Parslet::Cause] cause
+      #   The cause of the parser failure.
+      #
+      def initialize(value,cause)
+        @value = value
+        @cause = cause
+      end
+
+      alias to_s value
+
+    end
+  end
+end

data/dkim-query/lib/dkim/query/parser.rb

@@ -0,0 +1,175 @@
+require 'parslet'
+require 'openssl'
+
+module DKIM
+  module Query
+    #
+    # DKIM parser.
+    #
+    # @see https://tools.ietf.org/html/rfc6376#section-3
+    #
+    class Parser < Parslet::Parser
+
+      root :record
+      rule(:record) do
+        (
+          fws? >> key_tag >> fws? >>
+          (str(';') >> fws? >> key_tag >> fws?).repeat(0) >> str(';').maybe
+        ).as(:tag_list)
+      end
+
+      rule(:key_tag) do
+        (
+          key_v_tag |
+          key_g_tag |
+          key_h_tag |
+          key_k_tag |
+          key_n_tag |
+          key_p_tag |
+          key_s_tag |
+          key_t_tag
+        ).as(:tag)
+      end
+
+      private
+
+      def self.key_tag_rule(name,&block)
+        rule(:"key_#{name}_tag") do
+          str(name).as(:name) >>
+          fws? >> str('=') >> fws? >>
+          instance_eval(&block).as(:value)
+        end
+      end
+
+      def symbol(name)
+        str(name).as(:symbol)
+      end
+
+      public
+
+      key_tag_rule('v') { symbol('DKIM1') }
+      key_tag_rule('g') { key_g_tag_lpart }
+      rule(:key_g_tag_lpart) do
+        (
+          dot_atom_text.maybe >>
+          (str('*') >> dot_atom_text.maybe).maybe
+        ).as(:string)
+      end
+      rule(:dot_atom_text) do
+        atext.repeat(1) >> (str('.') >> atext.repeat(1)).repeat(0)
+      end
+
+      key_tag_rule('h') do
+        key_h_tag_alg >> (fws? >> str(':') >> fws? >> key_h_tag_alg).repeat(0)
+      end
+      rule(:key_h_tag_alg) { symbol('sha1') | symbol('sha256') | x_key_h_tag_alg }
+      rule(:x_key_h_tag_alg) { hyphenated_word.as(:string) }
+
+      key_tag_rule('k') { key_k_tag_type }
+      rule(:key_k_tag_type) { symbol('rsa') | x_key_k_tag_type }
+      rule(:x_key_k_tag_type) { hyphenated_word.as(:string) }
+
+      key_tag_rule('n') { qp_section.as(:string) }
+      key_tag_rule('p') { base64string.as(:asn1).maybe }
+      key_tag_rule('s') do
+        key_s_tag_type >> (fws? >> str(':') >> fws? >> key_s_tag_type).repeat(0)
+      end
+      rule(:key_s_tag_type) { symbol('email') | symbol('*') | x_key_s_tag_type }
+      rule(:x_key_s_tag_type) { hyphenated_word.as(:string) }
+
+      key_tag_rule('t') do
+        key_t_tag_flag >> (fws? >> str(':') >> fws? >> key_t_tag_flag).repeat(0)
+      end
+      rule(:key_t_tag_flag) { match['ys'].as(:symbol) | x_key_t_tag_flag }
+      rule(:x_key_t_tag_flag) { hyphenated_word.as(:string) }
+
+      #
+      # Section 2.6: DKIM-Quoted-Printable
+      #
+      rule(:dkim_quoted_printable) do
+        (fws | hex_octet | dkim_safe_char).repeat(0)
+      end
+      rule(:dkim_safe_char) do
+        match['\x21-\x3a'] | str("\x3c") | match['\x3e-\x7e']
+      end
+
+      #
+      # Section 2.4: Common ABNF Tokens
+      #
+      rule(:hyphenated_word) do
+        alpha >> (
+          (str('-').absnt? >> (alpha | digit)) |
+          (str('-').repeat(0) >> (alpha | digit))
+        ).repeat(0)
+      end
+      rule(:base64string) do
+        (alpha | digit | str('+') | str('/') | fws).repeat(1) >>
+        (str('=') >> fws? >> (str('=') >> fws?)).maybe
+      end
+
+      #
+      # Section 2.3: Whitespace
+      #
+      rule(:sp)   { str(' ')    }
+      rule(:crlf) { str("\r\n") }
+      rule(:wsp)  { match['\t '] }
+      rule(:wsp?) { wsp.maybe }
+      rule(:lwsp) { (wsp | crlf >> wsp).repeat(0) }
+      rule(:fws)  { (wsp.repeat(0) >> crlf).maybe >> wsp.repeat(1) }
+      rule(:fws?) { fws.maybe }
+
+      #
+      # Character rules
+      #
+      rule(:alpha) { match['a-zA-Z'] }
+      rule(:digit) { match['0-9'] }
+      rule(:alnum) { match['a-zA-Z0-9'] }
+      rule(:valchar) { match['\x21-\x3a'] | match['\x3c-\x7e'] }
+      rule(:alnumpunc) { match['a-zA-Z0-9_'] }
+      rule(:atext) { alnum | match['!#$%&\'*+\-/=?^ `{|}~'] }
+
+      #
+      # Quoted printable
+      #
+      rule(:qp_section) do
+        (wsp? >> ptext.repeat(1) >> (wsp >> ptext.repeat(1)).repeat(0)).maybe
+      end
+      rule(:ptext) { hex_octet | safe_char }
+      rule(:safe_char) { match['\x21-\x3c'] | match['\x3e-\x7e'] }
+      rule(:hex_octet) { str('=') >> match['0-9A-F'].repeat(2,2) }
+
+      class Transform < Parslet::Transform
+
+        rule(:symbol => simple(:name)) { name.to_sym }
+        rule(:string => simple(:text)) { text.to_s }
+        # XXX: temporarily disable ASN1 decoding, due to an OpenSSL bug.
+        # rule(:asn1 => simple(:blob)) { OpenSSL::ASN1.decode(blob) }
+        rule(:asn1 => simple(:blob)) { blob }
+
+        rule(tag: {name: simple(:name), value: subtree(:value)}) do
+          {name.to_sym => value}
+        end
+
+        rule(tag_list: subtree(:hashes)) do
+          case hashes
+          when Array then hashes.reduce(&:merge!)
+          else            hashes
+          end
+        end
+
+      end
+
+      #
+      # Parses the text into structured data.
+      #
+      # @param [String] text
+      #
+      # @return [Hash]
+      #
+      def self.parse(text)
+        Transform.new.apply(new.parse(text))
+      end
+
+    end
+  end
+end

data/dkim-query/lib/dkim/query/query.rb

@@ -0,0 +1,74 @@
+require 'resolv'
+
+module DKIM
+  module Query
+    #
+    # Queries the domain for all DKIM selectors.
+    #
+    # @param [String] domain
+    #   The domain to query.
+    #
+    # @option options [Array<String>] :selectors
+    #   sub-domain selectors.
+    #
+    # @option options [Resolv::DNS] :resolver
+    #   Optional resolver to use.
+    #
+    # @return [Hash{String => String}]
+    #   The DKIM keys for the domain.
+    #
+    # @api semipublic
+    #
+    def self.query(domain,options={})
+      selectors = options.fetch(:selectors) { selectors_for(domain) }
+      resolver  = options.fetch(:resolver)  { Resolv::DNS.new }
+
+      keys = {}
+
+      selectors.each do |selector|
+        host = "#{selector}._domainkey.#{domain}"
+
+        begin
+          keys[selector] = resolver.getresource(
+            host, Resolv::DNS::Resource::IN::TXT
+          ).strings.join
+        rescue Resolv::ResolvError
+        end
+      end
+
+      return keys
+    end
+
+    # Default known selectors
+    SELECTORS = %w[default dkim google s1024 c1211 mandrill]
+
+    #
+    # DKIM query selectors for the host.
+    #
+    # @param [String] host
+    #
+    # @return [Array<String>]
+    #
+    # @api private
+    #
+    def self.selectors_for(host)
+      SELECTORS + [host_without_tld(host)]
+    end
+
+    #
+    # Removes the TLD from the hostname.
+    #
+    # @param [String] host
+    #
+    # @return [String]
+    #
+    # @api private
+    #
+    def self.host_without_tld(host)
+      if host.include?('.') then host[0,host.rindex('.')]
+      else                       host
+      end
+    end
+
+  end
+end

data/dkim-query/lib/dkim/query/version.rb

@@ -0,0 +1,6 @@
+module DKIM
+  module Query
+    # dkim-query version
+    VERSION = '0.2.6'
+  end
+end

data/dkim-query/lib/dkim/query.rb

@@ -0,0 +1,4 @@
+require_relative 'query/version'
+require_relative 'query/query'
+require_relative 'query/key'
+require_relative 'query/domain'

data/dkim-query/spec/domain_spec.rb

@@ -0,0 +1,96 @@
+require 'spec_helper'
+require 'dkim/query/domain'
+
+describe Domain do
+  let(:domain) { 'yahoo.com' }
+  let(:key) do
+    Key.new(
+      k: :rsa,
+      p: "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB",
+      n: "A 1024 bit key;",
+    )
+  end
+  let(:selector) { 's1024' }
+  let(:keys) { {selector => key} }
+
+  subject { described_class.new(domain,keys) }
+
+  describe "#initialize" do
+    it "should set name" do
+      expect(subject.name).to be domain
+    end
+
+    it "should set keys" do
+      expect(subject.keys).to be keys
+    end
+  end
+
+  describe ".parse" do
+    let(:key) do
+      %{k=rsa;  p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB; n=A 1024 bit key}
+    end
+    let(:keys) { {selector => key} }
+
+    subject { described_class.parse(domain,keys) }
+
+    it "should parse the keys" do
+      expect(subject.keys[selector]).to be_kind_of(Key)
+    end
+  end
+
+  describe ".query" do
+    subject { described_class.query(domain) }
+
+    it "should find all known keys" do
+      expect(subject.keys).to have_key('s1024')
+    end
+
+    context "with custom selectors" do
+      let(:selectors) { ['google', 's1024'] }
+
+      subject { described_class.query(domain, selectors: selectors) }
+
+      it "should query those selectors only" do
+        expect(subject.keys).to have_key('s1024')
+      end
+    end
+
+    context "with no selectors" do
+      let(:selectors) { [] }
+
+      subject { described_class.query(domain, selectors: selectors) }
+
+      it "should not find any keys" do
+        expect(subject.keys).to be_empty
+      end
+    end
+  end
+
+  describe "#each" do
+    context "when given a block" do
+      it "should yield each Key" do
+        expect { |b| subject.each(&b) }.to yield_with_args(key)
+      end
+    end
+
+    context "when not given a block" do
+      it "should return an Enumerator" do
+        expect(subject.each).to be_kind_of(Enumerator)
+      end
+    end
+  end
+
+  describe "#[]" do
+    context "when given a valid selector" do
+      it "should return the key" do
+        expect(subject[selector]).to be key
+      end
+    end
+
+    context "when given an unknown selector" do
+      it "should return nil" do
+        expect(subject['foo']).to be_nil
+      end
+    end
+  end
+end

data/dkim-query/spec/key_spec.rb

@@ -0,0 +1,117 @@
+require 'spec_helper'
+require 'dkim/query/key'
+
+describe Key do
+  let(:k) { :rsa }
+  let(:p) { "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB" }
+  let(:t) { :s }
+  let(:n) { "A 1024 bit key;" }
+
+  subject do
+    described_class.new(
+      k: k,
+      p: p,
+      t: t,
+      n: n
+    )
+  end
+
+  describe "#initialize" do
+    it "should set @k" do
+      expect(subject.k).to be k
+    end
+
+    it "should set @p" do
+      expect(subject.p).to be p
+    end
+
+    it "should set @t" do
+      expect(subject.t).to be t
+    end
+
+    it "should set @n" do
+      expect(subject.n).to be n
+    end
+  end
+
+  let(:record) { %{k=#{k};  p=#{p}; t=#{t}; n=#{n}} }
+  let(:invalid_record) { "v=spf1" }
+
+  describe ".parse!" do
+    context "when parsing a valid DKIM Key record" do
+      subject { described_class.parse!(record) }
+
+      it "should return a Key" do
+        expect(subject).to be_kind_of(described_class)
+      end
+
+      it "should parse k" do
+        expect(subject.k).to be k
+      end
+
+      it "should parse p" do
+        expect(subject.p).to be == p
+      end
+
+      it "should parse t" do
+        expect(subject.t).to be t
+      end
+
+      it "should parse n" do
+        expect(subject.n).to be == n
+      end
+    end
+
+    context "when parsing an invalid DKIM Key record" do
+      it "should raise an InvalidKey exception" do
+        expect {
+          described_class.parse!(invalid_record)
+        }.to raise_error(InvalidKey)
+      end
+    end
+  end
+
+  describe ".parse" do
+    context "when parsing a valid DKIM Key record" do
+      subject { described_class.parse(record) }
+
+      it "should return a Key" do
+        expect(subject).to be_kind_of(described_class)
+      end
+    end
+
+    context "when parsing an invalid DKIM Key record" do
+      subject { described_class.parse(invalid_record) }
+
+      it "should return a MalformedKey" do
+        expect(subject).to be_kind_of(MalformedKey)
+      end
+    end
+  end
+
+  describe "#to_hash" do
+    subject { super().to_hash }
+
+    it "should include :k" do
+      expect(subject[:k]).to be == k
+    end
+
+    it "should include :p" do
+      expect(subject[:p]).to be == p
+    end
+
+
+    it "should include :t" do
+      expect(subject[:t]).to be == t
+    end
+    it "should include :n" do
+      expect(subject[:n]).to be == n
+    end
+  end
+
+  describe "#to_s" do
+    it "should return a semicolon deliminited string" do
+      expect(subject.to_s).to be == "k=#{k}; p=#{p}; t=#{t}; n=#{n}"
+    end
+  end
+end

data/dkim-query/spec/malformed_key.rb

@@ -0,0 +1,15 @@
+require 'spec_helper'
+require 'dkim/query/malformed_key'
+
+describe MalformedKey do
+  describe "#to_s" do
+    let(:value) { "foo bar" }
+    let(:cause) { double(:parslet_error) }
+
+    subject { described_class.new(value,cause) }
+
+    it "should return the value" do
+      expect(subject.to_s).to be == value
+    end
+  end
+end