Re: [PATCH 10/20] cli/show: add tests for viewing protected headers
On Sun 2018-06-24 22:31:44 -0300, David Bremner wrote: > Daniel Kahn Gillmor writes: > >> + >> +# TODO: >> +# * check S/MIME as well as PGP/MIME > > Decrypting S/MIME would be good first step. Or is the feature there > (with gmime 3.0?) but tests missing? because T355-smime says there is no > S/MIME decryption. agreed, though you could argue that S/MIME signatures are relevant to the cryptographic envelope, even without decryption. regardless, i think that's orthogonal to this series, so i'm not going to try to address it now. >> +# * process headers protected by signature > >> + >> +test_description='Message decryption with protected headers' >> +. $(dirname "$0")/test-lib.sh || exit 1 >> + >> +## >> + >> +add_gnupg_home >> +# Change this if we ship a new test key >> +FINGERPRINT="5AEAB11F5E33DCE875DDB75B6D92612D94E46381" > > I wonder if it would be reasonable for add_gnupg_home to define FINGERPRINT fine with me, i'll include that in the upcoming revised series. >> + >> +add_email_corpus protected-headers >> + >> +test_begin_subtest "verify protected header is not visible without >> decryption" >> +output=$(notmuch show --format=json >> id:protected-hea...@crypto.notmuchmail.org) >> +test_json_nodes <<<"$output" \ >> +'no_crypto:[0][0][0]!"crypto"' \ >> +'subject:[0][0][0]["headers"]["Subject"]="encrypted >> message"' > > maybe a pointer to where to find the docs for the json test syntax. I'll stick a pointer in lib/test-lib.sh's definition of test_json_nodes() because you suggest it, but i think it would be out of place to do it here in a specifis test. --dkg ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
Re: [PATCH 10/20] cli/show: add tests for viewing protected headers
Daniel Kahn Gillmor writes: > + > +# TODO: > +# * check S/MIME as well as PGP/MIME Decrypting S/MIME would be good first step. Or is the feature there (with gmime 3.0?) but tests missing? because T355-smime says there is no S/MIME decryption. > +# * process headers protected by signature > + > +test_description='Message decryption with protected headers' > +. $(dirname "$0")/test-lib.sh || exit 1 > + > +## > + > +add_gnupg_home > +# Change this if we ship a new test key > +FINGERPRINT="5AEAB11F5E33DCE875DDB75B6D92612D94E46381" I wonder if it would be reasonable for add_gnupg_home to define FINGERPRINT > + > +add_email_corpus protected-headers > + > +test_begin_subtest "verify protected header is not visible without > decryption" > +output=$(notmuch show --format=json > id:protected-hea...@crypto.notmuchmail.org) > +test_json_nodes <<<"$output" \ > +'no_crypto:[0][0][0]!"crypto"' \ > +'subject:[0][0][0]["headers"]["Subject"]="encrypted message"' maybe a pointer to where to find the docs for the json test syntax. ___ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch
[PATCH 10/20] cli/show: add tests for viewing protected headers
Here we add several variant e-mail messages, some of which have correctly-structured protected headers, and some of which do not. The goal of the tests is to ensure that the right protected subjects get reported. --- test/T356-protected-headers.sh| 69 +++ ...le-wrapped-with-phony-protected-header.eml | 38 ++ .../misplaced-protected-header.eml| 35 ++ .../nested-rfc822-message.eml | 32 + .../no-protected-header-attribute.eml | 29 .../phony-protected-header-bad-encryption.eml | 30 .../protected-headers/protected-header.eml| 30 .../wrapped-protected-header.eml | 39 +++ 8 files changed, 302 insertions(+) create mode 100755 test/T356-protected-headers.sh create mode 100644 test/corpora/protected-headers/double-wrapped-with-phony-protected-header.eml create mode 100644 test/corpora/protected-headers/misplaced-protected-header.eml create mode 100644 test/corpora/protected-headers/nested-rfc822-message.eml create mode 100644 test/corpora/protected-headers/no-protected-header-attribute.eml create mode 100644 test/corpora/protected-headers/phony-protected-header-bad-encryption.eml create mode 100644 test/corpora/protected-headers/protected-header.eml create mode 100644 test/corpora/protected-headers/wrapped-protected-header.eml diff --git a/test/T356-protected-headers.sh b/test/T356-protected-headers.sh new file mode 100755 index ..9c6fe467 --- /dev/null +++ b/test/T356-protected-headers.sh @@ -0,0 +1,69 @@ +#!/usr/bin/env bash + +# TODO: +# * check S/MIME as well as PGP/MIME +# * process headers protected by signature + +test_description='Message decryption with protected headers' +. $(dirname "$0")/test-lib.sh || exit 1 + +## + +add_gnupg_home +# Change this if we ship a new test key +FINGERPRINT="5AEAB11F5E33DCE875DDB75B6D92612D94E46381" + +add_email_corpus protected-headers + +test_begin_subtest "verify protected header is not visible without decryption" +output=$(notmuch show --format=json id:protected-hea...@crypto.notmuchmail.org) +test_json_nodes <<<"$output" \ +'no_crypto:[0][0][0]!"crypto"' \ +'subject:[0][0][0]["headers"]["Subject"]="encrypted message"' + +test_begin_subtest "verify protected header is visible with decryption" +output=$(notmuch show --decrypt=true --format=json id:protected-hea...@crypto.notmuchmail.org) +test_subtest_known_broken +test_json_nodes <<<"$output" \ +'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full"}}' \ +'subject:[0][0][0]["headers"]["Subject"]="This is a protected header"' + + +test_begin_subtest "misplaced protected headers should not be made visible during decryption" +output=$(notmuch show --decrypt=true --format=json id:misplaced-protected-hea...@crypto.notmuchmail.org) +test_json_nodes <<<"$output" \ +'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full"}}' \ +'subject:[0][0][0]["headers"]["Subject"]="encrypted message"' + +test_begin_subtest "verify double-wrapped phony protected header is not visible when inner decryption fails" +output=$(notmuch show --decrypt=true --format=json id:double-wrapped-with-phony-protected-hea...@crypto.notmuchmail.org) +test_json_nodes <<<"$output" \ +'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full"}}' \ +'subject:[0][0][0]["headers"]["Subject"]="encrypted message"' + +test_begin_subtest "cleartext phony protected headers should not be made visible when decryption fails" +output=$(notmuch show --decrypt=true --format=json id:phony-protected-header-bad-encrypt...@crypto.notmuchmail.org) +test_json_nodes <<<"$output" \ +'no_crypto:[0][0][0]!"crypto"' \ +'subject:[0][0][0]["headers"]["Subject"]="encrypted message"' + +test_begin_subtest "wrapped protected headers should not be made visible during decryption" +output=$(notmuch show --decrypt=true --format=json id:wrapped-protected-hea...@crypto.notmuchmail.org) +test_json_nodes <<<"$output" \ +'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "partial"}}' \ +'subject:[0][0][0]["headers"]["Subject"]="[mailing-list] encrypted message"' + +test_begin_subtest "internal headers without protected-header attribute should be skipped" +output=$(notmuch show --decrypt=true --format=json id:no-protected-header-attrib...@crypto.notmuchmail.org) +test_json_nodes <<<"$output" \ +'crypto:[0][0][0]["crypto"]={"decrypted": {"status": "full"}}' \ +'subject:[0][0][0]["headers"]["Subject"]="encrypted message"' + +test_begin_subtest "verify nested message/rfc822 protected header is visible" +output=$(notmuch show --decrypt=true --format=json id:nested-rfc822-mess...@crypto.notmuchmail.org) +test_subtest_known_broken