Re: Inconsistencies in handling command flags: `--flag=value` different than `--flag value`
On Mon 2020-04-27 22:21:36 +0300, Ciprian Dorin Craciun wrote: > On Mon, Apr 27, 2020 at 9:21 PM Tomi Ollila wrote: >>> [dkg wrote:] >>> release, remove the suggestion to use a whitespace separator from the >>> documentation, and eventually phase it out entirely in some future >>> release. >> >> Alternatively we could check that next arg is (case-insensitively) >> (subset of) 'true', 'false', 'yes', 'no', '0', '1', 't', 'nil' >> (but not tpyoes of these ;) and in that case have that as an option >> value... > > This would be perhaps the best approach. However I don't think it > would solve the issues for integrators that would not see these > warnings in the logs, until it is too late. this looks really ugly to me, in that some legitimate queries (e.g. those that include terms like "true" or "1") might not be accessible, unless the user supplies --booloption=true instead of --booloption. I mean, these are all slightly idiosyncratic corner cases, but this particular corner case looks super ugly and hard to explain to me. i'm trying to imagine writing some example text that explains it for the man page, and it comes out horribly complex! If we can't explain it succinctly in the manpage, should we be implementing it? > Perhaps there could be an additional option (either on the command > line or in the configuration) that would apply "strict" checking, and > not letting any other form except `--argument=value`, including the > boolean flags, and failing loudly. > > I think this third option would enable much safer integrations. > > (BTW, this "strict" option could also apply to the parsing of the > search terms, which most of the time are under the control of the end > user.) I've spent many years helping to maintain GnuPG now, and i'm pretty wary of having contextually different modes of argument parsing and interacting/intersecting arguments. It also leads to some weird ambiguities: if --strict is supplied on the command line, then does it need to be first on the command line? or could parsing the command line turn out different if you tack on --strict at the end? Seems like we'd be injecting additional idiosyncracies to chase after the first. One final way we could normalize everything and make it less idiosyncratic, with shorter, simpler man pages: deprecate and then drop the --booloption/--no-booloption mechanisms, requiring --booloption=true or --booloption=false instead. Once they're dropped, allow whitespace between "--booloption true" and "--booloption false" just like every other type of option. in case it's not clear: I believe that "we have succinct and yet complete man pages" is a convenient shorthand for "have we made this command-line program behave in an understandable/usable way?" --dkg signature.asc Description: PGP signature ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
Re: [PATCH 03/15] tests/smime: Include the Sample LAMPS Certificate Authority
Daniel Kahn Gillmor writes: > This CA is useful for test suites and the like, but is not an > actually-secure CA, because its secret key material is also published. > > I plan to use it for its intended purpose in the notmuch test suite. > > It was copied from this Internet Draft: > > https://www.ietf.org/id/draft-dkg-lamps-samples-01.html#name-certificate-authority-certi This page is not found for me. d ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 05/15] tests/smime: Use gpgsm instead of openssl for mml creation of S/MIME msgs
The documentation for message mode clearly states that EasyPG (which uses GnuPG) is the default and recommended way to use S/MIME with mml-secure: [0] https://www.gnu.org/software/emacs/manual/html_node/message/Using-S_002fMIME.html To ensure that this mode works, we just need to import the secret key in question into gpgsm in addition to the public key. gpgsm should be able pick the right keys+certificates to use based on To/From headers, so we don't have to specify anything manually in the #secure mml tag. The import process from the OpenSSL-preferred form (cert+secretkey) is rather ugly, because gpgsm wants to see a PKCS#12 object when importing secret keys. Note that EasyPG generates the more modern Content-Type: application/pkcs7-signature instead of application/x-pkcs7-signature for the detached signature. We are also obliged to manually set gpgsm's include-certs setting to 1 because gpgsm defaults to send "everything but the root cert". In our weird test case, the certificate we're using is self-signed, so it *is* the root cert, which means that gpgsm doesn't include it by default. Setting it to 1 forces inclusion of the signer's cert, which satisfies openssl's smime subcommand. See https://dev.gnupg.org/T4878 for more details. Signed-off-by: Daniel Kahn Gillmor --- test/T355-smime.sh | 4 ++-- test/test-lib.el | 10 -- test/test-lib.sh | 6 +- 3 files changed, 7 insertions(+), 13 deletions(-) diff --git a/test/T355-smime.sh b/test/T355-smime.sh index 84be515a..9debf2da 100755 --- a/test/T355-smime.sh +++ b/test/T355-smime.sh @@ -24,7 +24,7 @@ test_begin_subtest "emacs delivery of S/MIME encrypted + signed message" test_expect_success \ 'emacs_fcc_message \ "test encrypted message 001" \ -"<#secure method=smime mode=signencrypt keyfile=\\\"test_suite.pem\\\" certfile=\\\"test_suite.pem\\\">\nThis is a test encrypted message.\n"' +"<#secure method=smime mode=signencrypt>\nThis is a test encrypted message.\n"' test_begin_subtest "Signature verification (openssl)" notmuch show --format=raw subject:"test signed message 001" |\ @@ -65,7 +65,7 @@ expected='[[[{"id": "X", "content-disposition": "attachment", "content-length": "NONZERO", "content-transfer-encoding": "base64", - "content-type": "application/x-pkcs7-signature", + "content-type": "application/pkcs7-signature", "filename": "smime.p7s"}]}]}, [' test_expect_equal_json \ diff --git a/test/test-lib.el b/test/test-lib.el index 3ae7a090..b47b388e 100644 --- a/test/test-lib.el +++ b/test/test-lib.el @@ -193,13 +193,3 @@ nothing." ;; environments (setq mm-text-html-renderer 'html2text) - -;; Set some variables for S/MIME tests. - -(setq smime-keys '(("" "test_suite.pem" nil))) - -(setq mml-smime-use 'openssl) - -;; all test keys are without passphrase -(eval-after-load 'smime - '(defun smime-ask-passphrase (cache) nil)) diff --git a/test/test-lib.sh b/test/test-lib.sh index 31f37ed7..ac1b9315 100644 --- a/test/test-lib.sh +++ b/test/test-lib.sh @@ -136,11 +136,15 @@ add_gpgsm_home () _gnupg_exit () { gpgconf --kill all 2>/dev/null || true; } at_exit_function _gnupg_exit mkdir -m 0700 "$GNUPGHOME" -gpgsm --batch --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/test.crt >"$GNUPGHOME"/import.log 2>&1 +openssl pkcs12 -export -passout pass: -inkey "$NOTMUCH_SRCDIR/test/smime/key+cert.pem" \ +< "$NOTMUCH_SRCDIR/test/smime/test.crt" | \ +gpgsm --batch --no-tty --no-common-certs-import --pinentry-mode=loopback --passphrase-fd 3 \ + --disable-dirmngr --import >"$GNUPGHOME"/import.log 2>&1 3<<<'' fpr=$(gpgsm --batch --list-key test_su...@notmuchmail.org | sed -n 's/.*fingerprint: //p') echo "$fpr S relax" >> "$GNUPGHOME/trustlist.txt" gpgsm --quiet --batch --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/ca.crt echo "4D:E0:FF:63:C0:E9:EC:01:29:11:C8:7A:EE:DA:3A:9A:7F:6E:C1:0D S" >> "$GNUPGHOME/trustlist.txt" +echo include-certs::1 | gpgconf --output /dev/null --change-options gpgsm test_debug "cat $GNUPGHOME/import.log" } -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 03/15] tests/smime: Include the Sample LAMPS Certificate Authority
This CA is useful for test suites and the like, but is not an actually-secure CA, because its secret key material is also published. I plan to use it for its intended purpose in the notmuch test suite. It was copied from this Internet Draft: https://www.ietf.org/id/draft-dkg-lamps-samples-01.html#name-certificate-authority-certi Signed-off-by: Daniel Kahn Gillmor --- test/smime/README | 2 ++ test/smime/ca.crt | 20 test/test-lib.sh | 2 ++ 3 files changed, 24 insertions(+) create mode 100644 test/smime/ca.crt diff --git a/test/smime/README b/test/smime/README index 46211922..88633bcc 100644 --- a/test/smime/README +++ b/test/smime/README @@ -5,3 +5,5 @@ key+cert.pem: cert + unencryped private % gpgsm --import test.crt % gpgsm --export-private-key-p12 -out foo.p12 (no passphrase) % openssl pkcs12 -in ns.p12 -clcerts -nodes > key+cert.pem + +ca.crt: from https://www.ietf.org/id/draft-dkg-lamps-samples-01.html#name-certificate-authority-certi diff --git a/test/smime/ca.crt b/test/smime/ca.crt new file mode 100644 index ..b33d087f --- /dev/null +++ b/test/smime/ca.crt @@ -0,0 +1,20 @@ +-BEGIN CERTIFICATE- +MIIDLTCCAhWgAwIBAgIULXcNXGI2bZp38sV7cF6VcQfnKDwwDQYJKoZIhvcNAQEN +BQAwLTErMCkGA1UEAxMiU2FtcGxlIExBTVBTIENlcnRpZmljYXRlIEF1dGhvcml0 +eTAgFw0xOTExMjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowLTErMCkGA1UEAxMi +U2FtcGxlIExBTVBTIENlcnRpZmljYXRlIEF1dGhvcml0eTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAMUfZ8+NYSh6h36zQcXBo5B6ficAcBJ1f3aLxyN8 +QXB83XuP8aDRWQ9uJvJpQkWVH4zx96/E/zI0t0lDMYtZNqra16h+gxbHJgoq2pRw +RCOiyYu/p2vzvvZ1dtFTMc/mIigjA/73kokui62j1EFy//fNVIihkVS3rAweq+fI +8qJHSMhdc2aYa9wOP0eGe/HTiDYgT4L4f2HTGMGGwQgj1vub0gpR4YHmNqr0GyEA +63mHUQUZpnmN1FEl+nVFA5Ntu4uF++qf/tkTji89/eXYBdKX2yUdTeTIKoCI65IL +EXxezjTc8aFjf/8E0aWGVZR/DtCsjWOh/s/mV7n/YPyb4+ECAwEAAaNDMEEwDwYD +VR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0GA1UdDgQWBBS3Uk1zwIg9 +ssN6WgzzlPf3gKJ32zANBgkqhkiG9w0BAQ0FAAOCAQEALsU91Bmhc6EgCNr7inY2 +2gYPnosJ+kZ1eC0hvHIK9e0Tx74RmhTOe8M2C9YXQKehHpRaX+DLcjup6scoH/bT +u0THbmzeOy29TTiFcyV9BK+SEKQWW4s98Fwdk9fPWcflHtYvqxjooAV3vHbt6Xmp +KrKDz/jdg7t0ptI4zSqAf3wNppiJoswlOHBUnH2W1MIYkWQ4jYj5socblVlklHOr +ykKUiEZAbjU+C1+0FhT4HgLjBB9R4H1H0JRKsggWiZBBJ6UpN0dTN4iD0mDVa0jy +sJqqWnIViy/xaSDcNaWJmU3o2KmkMkdpinoJ5uLkAHQqXjFaujdU1PkufeA7v3uG +Rw== +-END CERTIFICATE- diff --git a/test/test-lib.sh b/test/test-lib.sh index d4fcea5a..1ffedb25 100644 --- a/test/test-lib.sh +++ b/test/test-lib.sh @@ -139,6 +139,8 @@ add_gpgsm_home () gpgsm --batch --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/test.crt >"$GNUPGHOME"/import.log 2>&1 fpr=$(gpgsm --batch --list-key test_su...@notmuchmail.org | sed -n 's/.*fingerprint: //p') echo "$fpr S relax" >> $GNUPGHOME/trustlist.txt +gpgsm --quiet --batch --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/ca.crt +echo "4D:E0:FF:63:C0:E9:EC:01:29:11:C8:7A:EE:DA:3A:9A:7F:6E:C1:0D S" >> "$GNUPGHOME/trustlist.txt" test_debug "cat $GNUPGHOME/import.log" } -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 04/15] tests/smime: consistently quote $GNUPGHOME
Signed-off-by: Daniel Kahn Gillmor --- test/test-lib.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/test-lib.sh b/test/test-lib.sh index 1ffedb25..31f37ed7 100644 --- a/test/test-lib.sh +++ b/test/test-lib.sh @@ -132,13 +132,13 @@ add_gnupg_home () add_gpgsm_home () { local fpr -[ -d ${GNUPGHOME} ] && return +[ -d "$GNUPGHOME" ] && return _gnupg_exit () { gpgconf --kill all 2>/dev/null || true; } at_exit_function _gnupg_exit mkdir -m 0700 "$GNUPGHOME" gpgsm --batch --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/test.crt >"$GNUPGHOME"/import.log 2>&1 fpr=$(gpgsm --batch --list-key test_su...@notmuchmail.org | sed -n 's/.*fingerprint: //p') -echo "$fpr S relax" >> $GNUPGHOME/trustlist.txt +echo "$fpr S relax" >> "$GNUPGHOME/trustlist.txt" gpgsm --quiet --batch --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/ca.crt echo "4D:E0:FF:63:C0:E9:EC:01:29:11:C8:7A:EE:DA:3A:9A:7F:6E:C1:0D S" >> "$GNUPGHOME/trustlist.txt" test_debug "cat $GNUPGHOME/import.log" -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 14/15] test/protected-headers: Add tests for S/MIME protected headers
Recognize the protected subject for S/MIME example protected header messages. Signed-off-by: Daniel Kahn Gillmor --- test/T356-protected-headers.sh | 38 +++--- 1 file changed, 35 insertions(+), 3 deletions(-) diff --git a/test/T356-protected-headers.sh b/test/T356-protected-headers.sh index 925805df..b7a83715 100755 --- a/test/T356-protected-headers.sh +++ b/test/T356-protected-headers.sh @@ -1,14 +1,14 @@ #!/usr/bin/env bash -# TODO: -# * check S/MIME as well as PGP/MIME - test_description='Message decryption with protected headers' . $(dirname "$0")/test-lib.sh || exit 1 ## +test_require_external_prereq gpgsm + add_gnupg_home +add_gpgsm_home add_email_corpus protected-headers @@ -155,6 +155,38 @@ test_begin_subtest "identify message that had a legacy display part skipped duri output=$(notmuch search --output=messages property:index.repaired=skip-protected-headers-legacy-display) test_expect_equal "$output" id:protected-with-legacy-disp...@crypto.notmuchmail.org +for variant in multipart-signed onepart-signed; do +test_begin_subtest "verify signed PKCS#7 subject ($variant)" +test_subtest_known_broken +output=$(notmuch show --verify --format=json "id:smime-${variant}@protected-headers.example") +test_json_nodes <<<"$output" \ + 'signed_subject:[0][0][0]["crypto"]["signed"]["headers"]=["Subject"]' \ + 'sig_good:[0][0][0]["crypto"]["signed"]["status"][0]["status"]="good"' \ + 'sig_fpr:[0][0][0]["crypto"]["signed"]["status"][0]["fingerprint"]="702BA4B157F1E2B7D16B0C6A5FFC8A7DE2057DEB"' \ + 'sig_uid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Alice Lovelace"' \ +'not_encrypted:[0][0][0]["crypto"]!"decrypted"' +done + +for variant in sign+enc sign+enc+legacy-disp; do +test_begin_subtest "confirm signed and encrypted PKCS#7 subject ($variant)" +test_subtest_known_broken +output=$(notmuch show --decrypt=true --format=json "id:smime-${variant}@protected-headers.example") +test_json_nodes <<<"$output" \ + 'signed_subject:[0][0][0]["crypto"]["signed"]["headers"]=["Subject"]' \ + 'sig_good:[0][0][0]["crypto"]["signed"]["status"][0]["status"]="good"' \ + 'sig_fpr:[0][0][0]["crypto"]["signed"]["status"][0]["fingerprint"]="702BA4B157F1E2B7D16B0C6A5FFC8A7DE2057DEB"' \ + 'sig_uid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Alice Lovelace"' \ + 'encrypted:[0][0][0]["crypto"]["decrypted"]={"status":"full","header-mask":{"Subject":"..."}}' +done + +test_begin_subtest "confirm encryption-protected PKCS#7 subject (enc+legacy-disp)" +test_subtest_known_broken +output=$(notmuch show --decrypt=true --format=json "id:smime-enc+legacy-disp@protected-headers.example") +test_json_nodes <<<"$output" \ + 'encrypted:[0][0][0]["crypto"]["decrypted"]={"status":"full","header-mask":{"Subject":"..."}}' \ +'no_sig:[0][0][0]["crypto"]!"signed"' + + # TODO: test that a part that looks like a legacy-display in # multipart/signed, but not encrypted, is indexed and not stripped. -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 15/15] tests: disable CRL checks from gpgsm
GPGME has a strange failure mode when it is in offline mode, and/or when certificates don't have any CRLs: in particular, it refuses to accept the validity of any certificate other than a "root" cert. This can be worked around by setting the `disable-crl-checks` configuration variable for gpgsm. I've reported this to the GPGME upstream at https://dev.gnupg.org/T4883, but I have no idea how it will be resolved. In the meantime, we'll just work around it. Note that this fixes the test for verification of id:smime-multipart-signed@protected-headers.example, because multipart/signed messages are already handled correctly (one-part PKCS#7 messages will get fixed later). Signed-off-by: Daniel Kahn Gillmor --- test/T356-protected-headers.sh | 2 +- test/test-lib.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/test/T356-protected-headers.sh b/test/T356-protected-headers.sh index b7a83715..520cb71c 100755 --- a/test/T356-protected-headers.sh +++ b/test/T356-protected-headers.sh @@ -157,7 +157,7 @@ test_expect_equal "$output" id:protected-with-legacy-display@crypto.notmuchmail. for variant in multipart-signed onepart-signed; do test_begin_subtest "verify signed PKCS#7 subject ($variant)" -test_subtest_known_broken +[ "$variant" = multipart-signed ] || test_subtest_known_broken output=$(notmuch show --verify --format=json "id:smime-${variant}@protected-headers.example") test_json_nodes <<<"$output" \ 'signed_subject:[0][0][0]["crypto"]["signed"]["headers"]=["Subject"]' \ diff --git a/test/test-lib.sh b/test/test-lib.sh index 6f47994e..2a7cbbb1 100644 --- a/test/test-lib.sh +++ b/test/test-lib.sh @@ -144,7 +144,7 @@ add_gpgsm_home () echo "$fpr S relax" >> "$GNUPGHOME/trustlist.txt" gpgsm --quiet --batch --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/ca.crt echo "4D:E0:FF:63:C0:E9:EC:01:29:11:C8:7A:EE:DA:3A:9A:7F:6E:C1:0D S" >> "$GNUPGHOME/trustlist.txt" -echo include-certs::1 | gpgconf --output /dev/null --change-options gpgsm +printf '%s::1\n' include-certs disable-crl-checks | gpgconf --output /dev/null --change-options gpgsm gpgsm --batch --no-tty --no-common-certs-import --pinentry-mode=loopback --passphrase-fd 3 \ --disable-dirmngr --import $NOTMUCH_SRCDIR/test/smime/bob.p12 >>"$GNUPGHOME"/import.log 2>&1 3<<<'' test_debug "cat $GNUPGHOME/import.log" -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 11/15] tests/smime: Test indexing cleartext of envelopedData
These tests describe some simple behavior we would expect to work if we were to correctly index the cleartext of encrypted S/MIME messages (PKCS#7 envelopedData). Of course, they don't currently pass, so we mark them known-broken. Signed-off-by: Daniel Kahn Gillmor --- test/T355-smime.sh | 22 ++ 1 file changed, 22 insertions(+) diff --git a/test/T355-smime.sh b/test/T355-smime.sh index f3956a34..14e4531d 100755 --- a/test/T355-smime.sh +++ b/test/T355-smime.sh @@ -97,4 +97,26 @@ test_json_nodes <<<"$output" \ 'crypto_fpr:[0][0][0]["crypto"]["signed"]["status"][0]["fingerprint"]="616F46CD73834C63847756AF0DFB64A6E0972A47"' \ 'crypto_uid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Notmuch Test Suite"' +test_begin_subtest "encrypted+signed message is known to be encrypted, but signature is unknown" +test_subtest_known_broken +output=$(notmuch search subject:"test encrypted message 001") +test_expect_equal "$output" "thread:0002 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message 001 (encrypted inbox)" + +test_begin_subtest "Encrypted body is not indexed" +output=$(notmuch search 'this is a test encrypted message') +test_expect_equal "$output" "" + +test_begin_subtest "Reindex cleartext" +test_expect_success "notmuch reindex --decrypt=true subject:'test encrypted message 001'" + +test_begin_subtest "signature is now known" +test_subtest_known_broken +output=$(notmuch search subject:"test encrypted message 001") +test_expect_equal "$output" "thread:0002 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message 001 (encrypted inbox signed)" + +test_begin_subtest "Encrypted body is indexed" +test_subtest_known_broken +output=$(notmuch search 'this is a test encrypted message') +test_expect_equal "$output" "thread:0002 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message 001 (encrypted inbox signed)" + test_done -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 07/15] test: Allow tests to have both gpg and gpgsm active at once
Without this fix, we couldn't run both add_gnupg_home and add_gpgsm_home in the same test script. Signed-off-by: Daniel Kahn Gillmor --- test/test-lib.sh | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/test/test-lib.sh b/test/test-lib.sh index ac1b9315..d9997b27 100644 --- a/test/test-lib.sh +++ b/test/test-lib.sh @@ -110,10 +110,10 @@ unset ALTERNATE_EDITOR add_gnupg_home () { local output -[ -d ${GNUPGHOME} ] && return +[ -e ${GNUPGHOME}/gpg.conf ] && return _gnupg_exit () { gpgconf --kill all 2>/dev/null || true; } at_exit_function _gnupg_exit -mkdir -m 0700 "$GNUPGHOME" +mkdir -p -m 0700 "$GNUPGHOME" gpg --no-tty --import <$NOTMUCH_SRCDIR/test/gnupg-secret-key.asc >"$GNUPGHOME"/import.log 2>&1 test_debug "cat $GNUPGHOME/import.log" if (gpg --quick-random --version >/dev/null 2>&1) ; then @@ -132,10 +132,10 @@ add_gnupg_home () add_gpgsm_home () { local fpr -[ -d "$GNUPGHOME" ] && return +[ -e "$GNUPGHOME/gpgsm.conf" ] && return _gnupg_exit () { gpgconf --kill all 2>/dev/null || true; } at_exit_function _gnupg_exit -mkdir -m 0700 "$GNUPGHOME" +mkdir -p -m 0700 "$GNUPGHOME" openssl pkcs12 -export -passout pass: -inkey "$NOTMUCH_SRCDIR/test/smime/key+cert.pem" \ < "$NOTMUCH_SRCDIR/test/smime/test.crt" | \ gpgsm --batch --no-tty --no-common-certs-import --pinentry-mode=loopback --passphrase-fd 3 \ -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 13/15] tests/smime: add tests for S/MIME SignedData
Add a simple S/MIME SignedData message, taken from an upcoming draft of https://datatracker.ietf.org/doc/draft-autocrypt-lamps-protected-headers/ RFC 8551 describes a SignedData, a one-part clearsigned object that is more resistant to common patterns of MTA message munging than multipart/signed (but has the downside that it is only readable by clients that implement S/MIME). To make sure sure notmuch can handle this kind of object, we want to know a few things: Already working: - Is the content of the SignedData object indexed? It actually is right now because of dumb luck -- i think we're indexing the raw CMS object and it happens to contain the cleartext of the message in a way that we can consume it before passing it on to Xapian. - Are we accidentally indexing the embedded PKCS#7 certificates? We don't want to, and for some reason I don't understand, our indexing is actually skipping the embedded certificates already. That's good! Still need fixing: - do we know the MIME type of the embedded part? - do we know that the message is signed? - can notmuch-show read its content? - can notmuch-show indicate the signature validity? - can notmuch-reply properly quote and attribute content? Signed-off-by: Daniel Kahn Gillmor --- test/T355-smime.sh | 77 + test/corpora/pkcs7/smime-onepart-signed.eml | 51 ++ 2 files changed, 128 insertions(+) create mode 100644 test/corpora/pkcs7/smime-onepart-signed.eml diff --git a/test/T355-smime.sh b/test/T355-smime.sh index 14e4531d..117fa2b9 100755 --- a/test/T355-smime.sh +++ b/test/T355-smime.sh @@ -119,4 +119,81 @@ test_subtest_known_broken output=$(notmuch search 'this is a test encrypted message') test_expect_equal "$output" "thread:0002 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message 001 (encrypted inbox signed)" +add_email_corpus pkcs7 + +test_begin_subtest "index PKCS#7 SignedData message" +output=$(notmuch search --output=messages Thanks) +expected=id:smime-onepart-signed@protected-headers.example +test_expect_equal "$expected" "$output" + +test_begin_subtest "do not index embedded certificates from PKCS#7 SignedData" +output=$(notmuch search --output=messages 'LAMPS Certificate') +expected='' +test_expect_equal "$expected" "$output" + +test_begin_subtest "know the MIME type of the embedded part in PKCS#7 SignedData" +test_subtest_known_broken +output=$(notmuch search --output=messages 'mimetype:text/plain') +expected=id:smime-onepart-signed@protected-headers.example +test_expect_equal "$expected" "$output" + +test_begin_subtest "PKCS#7 SignedData message is tagged 'signed'" +test_subtest_known_broken +output=$(notmuch dump id:smime-onepart-signed@protected-headers.example) +expected='#notmuch-dump batch-tag:3 config,properties,tags ++inbox +signed +unread -- id:smime-onepart-signed@protected-headers.example' +test_expect_equal "$expected" "$output" + +test_begin_subtest "show contents of PKCS#7 SignedData message" +test_subtest_known_broken +output=$(notmuch show --format=raw --part=2 id:smime-onepart-signed@protected-headers.example) +whitespace=' ' +expected="Bob, we need to cancel this contract. + +Please start the necessary processes to make that happen today. + +Thanks, Alice +--${whitespace} +Alice Lovelace +President +OpenPGP Example Corp" +test_expect_equal "$expected" "$output" + +test_begin_subtest "reply to PKCS#7 SignedData message with proper quoting and attribution" +test_subtest_known_broken +output=$(notmuch reply id:smime-onepart-signed@protected-headers.example) +expected="From: Notmuch Test Suite +Subject: Re: The FooCorp contract +To: Alice Lovelace , Bob Babbage +In-Reply-To: +References: + +On Tue, 26 Nov 2019 20:11:29 -0400, Alice Lovelace wrote: +> Bob, we need to cancel this contract. +>${whitespace} +> Please start the necessary processes to make that happen today. +>${whitespace} +> Thanks, Alice +> --${whitespace} +> Alice Lovelace +> President +> OpenPGP Example Corp" +test_expect_equal "$expected" "$output" + +test_begin_subtest "show PKCS#7 SignedData outputs valid JSON" +output=$(notmuch show --format=json id:smime-onepart-signed@protected-headers.example) +test_valid_json "$output" + +test_begin_subtest "Verify signature on PKCS#7 SignedData message" +test_subtest_known_broken +output=$(notmuch show --format=json id:smime-onepart-signed@protected-headers.example) +test_json_nodes <<<"$output" \ +'crypto:[0][0][0]["crypto"]["signed"]["status"][0]={ +"created" : 1574813489, +"expires" : 2611032858, +"fingerprint" : "702BA4B157F1E2B7D16B0C6A5FFC8A7DE2057DEB", +"userid" : "CN=Alice Lovelace", +"status" : "good" + }' + test_done diff --git a/test/corpora/pkcs7/smime-onepart-signed.eml b/test/corpora/pkcs7/smime-onepart-signed.eml new file mode
[PATCH 12/15] test-lib.sh: add test_valid_json
This test does exactly what it says on the tin. It expects JSON data to be parseable by Python, at least. Signed-off-by: Daniel Kahn Gillmor --- test/test-lib.sh | 6 ++ 1 file changed, 6 insertions(+) diff --git a/test/test-lib.sh b/test/test-lib.sh index dd7fdfaa..6f47994e 100644 --- a/test/test-lib.sh +++ b/test/test-lib.sh @@ -524,6 +524,12 @@ test_expect_equal_json () { test_expect_equal "$output" "$expected" "$@" } +# Ensure that the argument is valid JSON data. +test_valid_json () { +PYTHONIOENCODING=utf-8 $NOTMUCH_PYTHON -c "import sys, json; json.load(sys.stdin)" <<<"$1" +test_expect_equal "$?" 0 +} + # Sort the top-level list of JSON data from stdin. test_sort_json () { PYTHONIOENCODING=utf-8 $NOTMUCH_PYTHON -c \ -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 06/15] tests/smime: avoid copying the key+cert.pem around
No functional change. We no longer need to identify the key and cert to mml-mode when sending an S/MIME message, so making a copy of key+cert.pem to test_suite.pem is superfluous. Get rid of the extra file. Signed-off-by: Daniel Kahn Gillmor --- test/T355-smime.sh | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/test/T355-smime.sh b/test/T355-smime.sh index 9debf2da..e92a7b16 100755 --- a/test/T355-smime.sh +++ b/test/T355-smime.sh @@ -6,9 +6,7 @@ test_description='S/MIME signature verification and decryption' test_require_external_prereq openssl test_require_external_prereq gpgsm -cp $NOTMUCH_SRCDIR/test/smime/key+cert.pem test_suite.pem - -FINGERPRINT=$(openssl x509 -fingerprint -in test_suite.pem -noout | sed -e 's/^.*=//' -e s/://g) +FINGERPRINT=$(openssl x509 -fingerprint -in "$NOTMUCH_SRCDIR/test/smime/key+cert.pem" -noout | sed -e 's/^.*=//' -e s/://g) add_gpgsm_home @@ -74,7 +72,7 @@ test_expect_equal_json \ test_begin_subtest "Decryption and signature verification (openssl)" notmuch show --format=raw subject:"test encrypted message 001" |\ -openssl smime -decrypt -recip test_suite.pem |\ +openssl smime -decrypt -recip $NOTMUCH_SRCDIR/test/smime/key+cert.pem |\ openssl smime -verify -CAfile $NOTMUCH_SRCDIR/test/smime/test.crt 2>OUTPUT cat < EXPECTED Verification successful -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 09/15] tests: Add S/MIME messages to protected-headers corpus
These sample messages are taken directly from the Protected Headers draft: https://www.ietf.org/id/draft-autocrypt-lamps-protected-headers-02.html Note that this commit doesn't strictly pass the common git pre-commit hook due to introducing some trailing whitespace. That's just the nature of the corpus, though. We should have that trailing whitespace, so I've made this commit with --no-verify. Signed-off-by: Daniel Kahn Gillmor --- .../smime-enc+legacy-disp.eml | 50 + .../smime-multipart-signed.eml| 68 .../smime-onepart-signed.eml | 54 ++ .../smime-sign+enc+legacy-disp.eml| 102 ++ .../protected-headers/smime-sign+enc.eml | 95 5 files changed, 369 insertions(+) create mode 100644 test/corpora/protected-headers/smime-enc+legacy-disp.eml create mode 100644 test/corpora/protected-headers/smime-multipart-signed.eml create mode 100644 test/corpora/protected-headers/smime-onepart-signed.eml create mode 100644 test/corpora/protected-headers/smime-sign+enc+legacy-disp.eml create mode 100644 test/corpora/protected-headers/smime-sign+enc.eml diff --git a/test/corpora/protected-headers/smime-enc+legacy-disp.eml b/test/corpora/protected-headers/smime-enc+legacy-disp.eml new file mode 100644 index ..6f5c9417 --- /dev/null +++ b/test/corpora/protected-headers/smime-enc+legacy-disp.eml @@ -0,0 +1,50 @@ +Received: from localhost (localhost [127.0.0.1]); Wed, 27 Nov 2019 + 01:27:28 -0700 (UTC-07:00) +MIME-Version: 1.0 +Content-Transfer-Encoding: base64 +Content-Type: application/pkcs7-mime; name="smime.p7m"; + smime-type="enveloped-data" +From: Alice Lovelace +To: Bob Babbage +Date: Wed, 27 Nov 2019 01:27:00 -0700 +Message-ID: +Subject: ... + +MIIG5QYJKoZIhvcNAQcDoIIG1jCCBtICAQAxggLCMIIBXQIBADBFMC0xKzApBgNV +BAMTIlNhbXBsZSBMQU1QUyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkCFCJT7jBtAgsf +As31ycE+Ot95phvCMA0GCSqGSIb3DQEBAQUABIIBADEhlzhFzYj6tUAdsRCrSiLl +d9cgKtlAesJ4cDY4szFWAbnwrCmEcFxjFDUOjbfQCYCG80Sxd+xntni73I7PI2rR +QLjk3w9VhLwFRyzy7qyJi2CavjKTxysX9f36+FXA+THfVQRM5ypiyYJg91X51PNX +hJj3DHrnxqKeSl/z1hdt9r+s6XAUCBSvL99BGnODWhNIZtPDzt8fMNcgarfw+D5F +IZJb6+wX30tkztHkpHHKrrDPveyfnlS/p06Gi3ekrrhBtMQMRb9PA/E+ivDPktsm +aKg0Oauw4oZSKW3f4ukYhbnndbbagNsnTfs/QFy/p+hhKTrfCd0h1N8mTzedVX0w +ggFdAgEAMEUwLTErMCkGA1UEAxMiU2FtcGxlIExBTVBTIENlcnRpZmljYXRlIEF1 +dGhvcml0eQIUZ4K0WXNSS8H0cUcZavD9EYqqTAswDQYJKoZIhvcNAQEBBQAEggEA +FaK5QaPXJ133D2uybQt//oeDm6PkCAFW9YVOgjnLLz6FD54Dt2i1KCQu1Xlg9W3P +1zJdYXOftDgilylNfmt/muEsvbRfFtMWUq0VGirHz//BWmY2cW/ocinFO514iviL +MLE1umsXRNwVIVIk/uh7AmqXjPkRZgRgIMUbSbtmW4DDja+ZM0vmqFQ1iUIlApth +FpjFfPDHHD8isLTbGi2iK6dEN3DIJFGbg5o3nK6yAhVZ7x3LfFNSNVDDSY5mPFG9 +Vm6uRgEE3Y5P6DbXXo6MHTgg0XY2f4y6MEWhOg37NT9aFAfzBBxJ1oSBWpOOfZnV +K1DvAwPaemSRz9oWDcBM8DCCBAUGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIsFkN +8DEx8muAggPgWGF2WsPq3/a9jUa5GA0YFPiINuETCGTNaEXiVxnT0h0CF+EhZ0T2 +HFCiZEM0dzO05zt9WdVvAREaCSh7ZWG9D9wJF9x+tqQbzMuJ2AdKuoOH73kClvkx +pHxANLhkY7hzIqRb/eLG5D7Xh8iCDiFecXDh7EHqD/R+sfLN9aHKOcKyY36kesBQ +R8aHZbbFnnD+oXSDNIPcntGG3BSGMxsWuOp+rpTKeIHWFIungDNKsLIy3kWleENw +FVIcjUF6QhI1HYW6BeXuVq40GV2OOkmB24rYEW1Jg0hAtY+5rn2mRoyxvUC87bjQ +hLu6xgPmhun9J324eM5aYVwkmVBnRW9hyxClZ7Sv0zlL7lGQ0VQG+zWHeJ+h/M2j +mQpLgAUEGxxNCm5ASHuXPIN6pSvrOVplrT8kKLPpmMYEwmTX2/rBO4P8I8uNrqYD +AyX8p0/l2ArczkWzGTz2luBahrD+cTZPApe5SeyXOxWBl1Lmb0G8o4twBeeBLiHP +XwYvttx0JYG/hc/lmMpEemJqwj9uZ3wGD03dIhhDX2Oj4ek/7jT6yqJh8C1H+PqA ++HNfNXsFQDrRORoqJS8YVEiYRDQNyePy2ugzLTh88nPtJp92hY7bk9zl3AYaiVFH ++szlLoyzfM9D+geZemR8XfI2ijGnrWMlnyPah/zA6J6RwemhuiMklZGYG85hMU9H +K4CFVM+m7xYxKpwFVnmkVZjzWInirJhehElhtCXpx/IFGxH9CPbCyEZV1WVStrl/ +0fWTGicMXez6hVQCadWCXy96/eLIXOrC54gSoIJX2TD6jdVEu1YptutyGI6KdQ2p +yXwhs98Uj7DM3nmFeAcjjN3e8pPoX7aG8eP+MfmHlWN6jA44jMaJmIdp9J20g74J +MdjvnHa/cGibW/RamPiFObN0F94A83vcpUfU/zZ8cFHi/3/lN6Rm9+3/giGRZa9E +Y6e2/CEq1cUbPQ09fPwRJmjZCfDce71DKe+ZFGdYtFR7JwDEeZ6BB4Ff4rXctcWD +PgUJqUGv/SXBcFn4cNUK9MYYqVu1ovd/T7FMf+i3c5MH6BRCvft/i5aeBR+A26Gk +2awtBPYdHW6+AslrFjncBbtPDlU6vX9AWuC0k0MQYnNkTWS8gTvsriXJZ6Zu5iFE +ExNuFz7YcnMKnguOn2ph5azzeMm83AYzWXzZPu3mdr5Siuu/Ke38oADKP+BZ08Za +XVvKvvfnRPXO9kG9hgvEMRU9KOcxn82XoGPNZib+9SPa2zYx5P6HX1Bqe/cmKAen +FKEiJLSTP2/pc6AWAICqJl978HaUHfMFiN7jEUppAifpAWqNcIGSW5w= + diff --git a/test/corpora/protected-headers/smime-multipart-signed.eml b/test/corpora/protected-headers/smime-multipart-signed.eml new file mode 100644 index ..f05d2d98 --- /dev/null +++ b/test/corpora/protected-headers/smime-multipart-signed.eml @@ -0,0 +1,68 @@ +Received: from localhost (localhost [127.0.0.1]); Tue, 26 Nov 2019 + 20:03:17 -0400 (UTC-04:00) +MIME-Version: 1.0 +Content-Type: multipart/signed; boundary="179"; + protocol="application/pkcs7-signature"; micalg="sha-256" +From: Alice Lovelace +To: Bob Babbage +Date: Tue, 26 Nov 2019 20:03:00 -0400 +Subject: The FooCorp contract +Message-ID: + +--179 +Content-Type: text/plain; charset="us-ascii"; protected-headers="v1" +From: Alice Lovelace +To: Bob Babbage
[PATCH 02/15] tests/smime: Always use --batch with gpgsm
GnuPG's gpgsm, like gpg, should always be used with --batch when it is invoked in a non-interactive environment. Signed-off-by: Daniel Kahn Gillmor --- test/test-lib.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/test-lib.sh b/test/test-lib.sh index 6a62b5c1..d4fcea5a 100644 --- a/test/test-lib.sh +++ b/test/test-lib.sh @@ -136,8 +136,8 @@ add_gpgsm_home () _gnupg_exit () { gpgconf --kill all 2>/dev/null || true; } at_exit_function _gnupg_exit mkdir -m 0700 "$GNUPGHOME" -gpgsm --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/test.crt >"$GNUPGHOME"/import.log 2>&1 -fpr=$(gpgsm --list-key test_su...@notmuchmail.org | sed -n 's/.*fingerprint: //p') +gpgsm --batch --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/test.crt >"$GNUPGHOME"/import.log 2>&1 +fpr=$(gpgsm --batch --list-key test_su...@notmuchmail.org | sed -n 's/.*fingerprint: //p') echo "$fpr S relax" >> $GNUPGHOME/trustlist.txt test_debug "cat $GNUPGHOME/import.log" } -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 08/15] tests/smime: include secret key material for Bob
This is taken from the same Internet Draft that test/smime/ca.crt comes from. See that draft for more details. https://www.ietf.org/id/draft-dkg-lamps-samples-02.html#name-pkcs12-object-for-bob We don't use it yet, but it will be used to decrypt other messages in the test suite. Note that we include it here with an empty passphrase, rather than with the passphrase "bob" that it is supplied with in the I-D. The underlying cryptographic material is the same, but this way we can import cleanly into gpgsm without having a passphrase set on it (gpgsm converts an empty-string passphrase into no passphrase at all on import). Signed-off-by: Daniel Kahn Gillmor --- test/smime/bob.p12 | 58 ++ test/test-lib.sh | 2 ++ 2 files changed, 60 insertions(+) create mode 100644 test/smime/bob.p12 diff --git a/test/smime/bob.p12 b/test/smime/bob.p12 new file mode 100644 index ..774c77d0 --- /dev/null +++ b/test/smime/bob.p12 @@ -0,0 +1,58 @@ +-BEGIN PKCS12- +MIIKWAIBAzCCCh4GCSqGSIb3DQEHAaCCCg8EggoLMIIKBzCCBGcGCSqGSIb3DQEH +BqCCBFgwggRUAgEAMIIETQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQICE8J +3kMad9UCAggAgIIEIPvHjK0eRQrnowMUsz1z1x/IxslNvG6DjPZjNHCkNYYmiRsg +Leu5nqKf4emWVvYpnlh+4Gql7pyJm3G3zSNhobPkW+P1Eh80tTBoUk7TIvvvmtrE +YEc/nRR1p1MgjISq4Q/CM6ccCCw6YEiQcj/0mSS7gmHUegD5glcWbVuqAT8M/p1z +98OP3z37G8ARRLNj1yyp0SVlt59Sx3WNbmYBqkQ96iukjMJvmjV7o6BFYUx46Llb +tphhdRgKXbK2r1R0TUlvE659TUwlrpGlaFpaGj1kLdzVAnjh1ZWnWO2a2BSj0LzG +qRyiLwqDFPLJLQEckfV+RPWiRrSewME8URNKdk6eewtHdhrehMo4ZJnOIum8qcSz +giW61SSyZJsFvILpmMYghIxWmPd/8cNIHBrdFEa7z3QKh5jcJNTCxz6yO9f8F830 +d+WDK7DbGkUW4mVTGg/lEYnCFZDF6S1mr0hx+cew1FbKjLpxfQllIIrLf5d2BF8H +0STpuylQDVVBFdTRHyeS6td5nulANgOProrRzy3aAKQmZ6iullKl+i2t/2TwfVP/ +gG+yszpOEf8U9txuvbiZ7j4XV158zdaaGiduDqMKLOvbdctwHAsR9ecx5C3NTRDl +ZlttNoXN9zhT4CkWk1w4sFk2KUurjVraIcjWVT7yOreaaK+6N09M0tnLPDJDTrow +8WwP/rZhA+t+CMrhqkFBxXsyo5VTM0jWJGO/NLpYXPhDPBsRq8rs1OCrUoVr34aR +cpUTNhyXkvJUarWDHs88lg0ps0G9/1dXI1AbEsQQg8u+QT2ztGYrg2OQxQyi1Mo4 +u/FkAcEbtlYYLmJjj/S2qVRPJgBALVjw9k5hnYRdAXWVDCJ96PMn1SKORvlMxnZ7 +djlhaztOhTLsiDzywVDYWLvQElunWcAGeDZykWNytwcEagc0VjWKHMibc0JOZQ1T +crGyOzTlt09xHj1NrItYefIwdtKuJfkAh03B5xI6rJ9ZbK9xidcVxyeRX0lEqdo9 +WHQrhHefAmeyo0TlfsN67kFDp5FLpwEtNaN0lyzpkl30aWZdtP5vkvtfmy5ugYIO +bXoVa+tO6k5V/VfUFUKdaY7xAX7XRzUUg4jB0D0CuaX+YS+GL+5wuQwIY1y2ihBb +CuCxlcP1lVEU4CVQba60VTudJtWyE7QpPhf+y81f1wRjwIihFvwzpUFWf8JVEppe +v3Yot3OWGBmhEqLkC9LELth8o5gLfyYHaXTYNd9aRTiI+0ZC5U3O4wUwYLTG3exM +rIDTzEMk/p4DYIHkNKVUiRJfGYdAwuRxf3IMcYWARTXlSzl1C3hWmZfvTPlKs1bB +OHTHP/P+qdOFjxOh+fbyqXPJauBAhHvHgrp3iI6t834wJou26oWNihM7OnWuyQRt +9DVxG4l+1VjtbQZfTDCCBZgGCSqGSIb3DQEHAaCCBYkEggWFMIIFgTCCBX0GCyqG +SIb3DQEMCgECoIIE7jCCBOowHAYKKoZIhvcNAQwBAzAOBAjqo0x2p5SqLAICCAAE +ggTIe6Ws+lu0CoNlCXGM2BEPV09wuRHTJe+KnesrmRbXPF9linG3d6G++tTkBHz/ +yr77/DV5aDYciV1pGAbLuX2lMwuqdxzJ4OBPBAjuX5H+IPRaTbxfHYYIwhG8oZzy +aHyVhHr9j0h7lzW7xSTYJuBNEJ58L42dfzpNRw9dyRPmcuhZqW14Z3xyDm8yjHfB +2p99y9/A4qSyJJSUM3O3nLdtIar3ktSTRAijgqq+s9wnsfozQRzWpYaqiRrdzwfO +HqXk54l3/lMSyLpfPl9LW7er6JbGI4jEyQ3x8WijATM5h/lkZKejh/mOaWCvs6G6 +fGzV4P35EsToYbOk9GX4jl4SyDBt3iEHYm5teDUhJmTcR39lAQuAfxN6rOn/TkoO +YLxtdD5DLiTfYZPCFyavLEsamr8A4p93torF6Rs7GsaHE6PmCcprzqx71KV0DZKv +tMY86RoiWPKLFxZcYt1yz9/95c1SO1s4i1GvLpJTEgQxLM2OhfEwDNKd2rMJoq1I +YIRPSP204dIVwwNdXN1vB2slhN2+/QMOqsEkWtTOpW2QoTGSze49hfmJGdu+91jd +XZBBMJQfY4q066/eE4IOW7ZZId5uMYxDRnGdEQjJsxyW8YHWLRGQvBC8gMkdbj8e +0wkXbe+jML7vG7t3hDhLEbj5sTquIMTWrTirPw4SxLCuGZAyJHFN3/nCaOSMFlCG +wEZHrAozgQXPBYU7p+uIkJ4lDc2ZtW8NM8U15gKZLDFfAE6Vg0jAtfFMqvNnX630 +xfo1z4jBd7VXbBFrPzrmvlTnb1XxNFcPycowzW9tgtN4YnNroCq98VpMC914tdpJ ++C/PI0eJ7M2ir3ajN0RabSm02JO9Hdwoa5OgqLwPYDwiFyQvKFGKqAF8Ph6pSEiZ +10OnH+DVgEY70A+Le+ZSDosMdrhZfHbCcIFitZJ3sYV/7Q118QckW3szcjmLHS5g +M6Whl2HhjLsAfsmCnoRlIwjx4g0TiuZcb4hGysq8QjD3Z8qqFK28m6OMHbASQfWg +U+Qg3vmEvVsnBxStFEIImS3QYQoaT0pk6zKUYsI/fOBnEgxsY0XwTfXzVw7hZDct +yhNIQVWmfgVZwUw0wLoNu3A5hupjUwQzQr4TPnKkFPI8qHmRrJgP8EA0U0019y3W +MlK0h/LAJEaUBS0goLJCJ8+1EWr6femjnyuU5hMizOm+3j0JexjWz5TQttioS7Q/ +vcxt5pA9yAWQdH9j72saKEoKmDi+kIPr4mimKJz99LhKp9A6Hj0f1P2V3As8JWyW +ZKmJKW7qMMCFADlALolobqzA60j6Zeo5jiEj/j2lVlUPPz47WO+uKeb+rx+hgTUc +Xrhq0+an5tvEXt/8wy3PJFqP+qqHGhOIuPLuhqPyzNowuXirIXsiWnI44/X48W91 +HPEoL3xaebQ6oyTP8dI4CCkkHgiLWL5mskjHMEXvcdR6k0ygmu8DGQCPfUweUZqZ +wfkhD/jwbVpLR5Y3chpatW0cJ2bsAWdxwtuxF05+fVEePUsR0x+2/v/8eDEHKYwt +aYlAhI48nyrKKVMmqvqcXnzmJlUaq05GnEcglFbv4MUExL7CxClls6QnVNiZFPrV +ffVsYT2A300xrm4pan89n3nuavjJn7L1JJdmMXwwVQYJKoZIhvcNAQkUMUgeRgBH +AG4AdQBQAEcAIABlAHgAcABvAHIAdABlAGQAIABjAGUAcgB0AGkAZgBpAGMAYQB0 +AGUAIAA0ADIAYgBiADIANAAwADYwIwYJKoZIhvcNAQkVMRYEFGaI9k+ZdE9/rxBZ +4rSdH1BCuyQGMDEwITAJBgUrDgMCGgUABBRJfL4XyIHpXmjbziCGCbSAOK9jKgQI +drOMeIgXcCYCAggA +-END PKCS12- diff --git a/test/test-lib.sh b/test/test-lib.sh index d9997b27..dd7fdfaa 100644 --- a/test/test-lib.sh +++ b/test/test-lib.sh @@ -145,6 +145,8 @@ add_gpgsm_home () gpgsm --quiet --batch --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/ca.crt echo
Add tests for S/MIME PKCS#7 messages
S/MIME messages that use PKCS#7 are not currently well-handled by notmuch. This series introduces a set of tests that cover such messages, most of which are initially broken. A future (shorter) series will resolve these tests. Some S/MIME messages *are* handled correctly by notmuch already: in particular, multipart/signed messages where the detached signature is a PKCS#7 signature object (as opposed to one-part S/MIME SignedData messages) are already working. There should be no functional change to notmuch from applying this series, just a more complete test suite. Comments and feedback welcome, as always! Regards, --dkg ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 01/15] tests: move add_gpgsm_home to test-lib.sh
This allows us to test S/MIME messages in other tests. Signed-off-by: Daniel Kahn Gillmor --- test/T355-smime.sh | 13 - test/test-lib.sh | 13 + 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/test/T355-smime.sh b/test/T355-smime.sh index 11a4d6cd..84be515a 100755 --- a/test/T355-smime.sh +++ b/test/T355-smime.sh @@ -3,19 +3,6 @@ test_description='S/MIME signature verification and decryption' . $(dirname "$0")/test-lib.sh || exit 1 -add_gpgsm_home () -{ -local fpr -[ -d ${GNUPGHOME} ] && return -_gnupg_exit () { gpgconf --kill all 2>/dev/null || true; } -at_exit_function _gnupg_exit -mkdir -m 0700 "$GNUPGHOME" -gpgsm --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/test.crt >"$GNUPGHOME"/import.log 2>&1 -fpr=$(gpgsm --list-key test_su...@notmuchmail.org | sed -n 's/.*fingerprint: //p') -echo "$fpr S relax" >> $GNUPGHOME/trustlist.txt -test_debug "cat $GNUPGHOME/import.log" -} - test_require_external_prereq openssl test_require_external_prereq gpgsm diff --git a/test/test-lib.sh b/test/test-lib.sh index 7f8a3a4d..6a62b5c1 100644 --- a/test/test-lib.sh +++ b/test/test-lib.sh @@ -129,6 +129,19 @@ add_gnupg_home () printf '%s:6:\n' "$FINGERPRINT" | gpg --quiet --batch --no-tty --import-ownertrust } +add_gpgsm_home () +{ +local fpr +[ -d ${GNUPGHOME} ] && return +_gnupg_exit () { gpgconf --kill all 2>/dev/null || true; } +at_exit_function _gnupg_exit +mkdir -m 0700 "$GNUPGHOME" +gpgsm --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/test.crt >"$GNUPGHOME"/import.log 2>&1 +fpr=$(gpgsm --list-key test_su...@notmuchmail.org | sed -n 's/.*fingerprint: //p') +echo "$fpr S relax" >> $GNUPGHOME/trustlist.txt +test_debug "cat $GNUPGHOME/import.log" +} + # Each test should start with something like this, after copyright notices: # # test_description='Description of this test... -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 10/15] tests/smime: Verify cryptographic message status
When consuming a signed+encrypted S/MIME message generated by emacs, we expect to see the same cryptographic properties for the message as a whole. This is not done correctly yet, so the test is marked as known broken. Signed-off-by: Daniel Kahn Gillmor --- test/T355-smime.sh | 9 + 1 file changed, 9 insertions(+) diff --git a/test/T355-smime.sh b/test/T355-smime.sh index e92a7b16..f3956a34 100755 --- a/test/T355-smime.sh +++ b/test/T355-smime.sh @@ -88,4 +88,13 @@ This is a test encrypted message. EOF test_expect_equal_file EXPECTED OUTPUT +test_begin_subtest "Cryptographic message status (encrypted+signed)" +test_subtest_known_broken +output=$(notmuch show --format=json --decrypt=true subject:"test encrypted message 001") +test_json_nodes <<<"$output" \ + 'crypto_encrypted:[0][0][0]["crypto"]["decrypted"]["status"]="full"' \ + 'crypto_sigok:[0][0][0]["crypto"]["signed"]["status"][0]["status"]="good"' \ + 'crypto_fpr:[0][0][0]["crypto"]["signed"]["status"][0]["fingerprint"]="616F46CD73834C63847756AF0DFB64A6E0972A47"' \ + 'crypto_uid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Notmuch Test Suite"' + test_done -- 2.26.2 ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
Re: [PATCH] util/zlib-extra: de-inline gzerror_str
David Bremner writes: > It turns out the behaviour of inline functions in C header files is > not a good idea, and can cause linking problems if the compiler > decides not to inline them. In principle this is solvable by using a > "static inline" declaration, but this potentially makes a copy in > every compilation unit. Since we don't actually care about the > performance of this function, just use a non-inline function. pushed to master, with slightly tweaked commit message d ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch