debian/notmuch
1
0
Fork 0
mirror of https://git.notmuchmail.org/git/notmuch synced 2024-11-21 18:38:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
notmuch/test/T350-crypto.sh

470 lines
16 KiB
Bash
Raw Normal View History

test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
#!/usr/bin/env bash
# TODO:
# - decryption/verification with signer key not available
# - verification of signatures from expired/revoked keys
test_description='PGP/MIME signature verification and decryption'
test: use $(dirname "$0") for sourcing test-lib.sh Don't assume the tests are always run from within the source tree.
2017-09-25 22:38:19 +02:00
. $(dirname "$0")/test-lib.sh || exit 1
test: split emacs functionality to its own file This way it's easier to identify the tests that do require emacs stuff. Signed-off-by: Felipe Contreras <felipe.contreras@gmail.com>
2021-05-15 22:47:44 +02:00
. $(dirname "$0")/test-lib-emacs.sh || exit 1
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
##################################################
test: add external prereqs to many emacs tests The tests fail otherwise. Signed-off-by: Felipe Contreras <felipe.contreras@gmail.com>
2021-05-01 13:54:16 +02:00
test_require_emacs
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
add_gnupg_home
test: require test_begin_subtest before test_expect_success Unify the subtests by requiring test_begin_subtest before test_expect_success. (Similar change for test_expect_code will follow.) This increases clarity in the test scripts by having a separate line for the start of the subtest with the heading, and makes it possible to simplify the test infrastructure by making all subtests similar.
2017-02-26 14:43:00 +01:00
test_begin_subtest "emacs delivery of signed message"
test_expect_success \
test: add emacs_fcc_message that does not use smtp-dummy Most of the tests previously using emacs_deliver_message do not use the actual transmitted message, so we replace it with a simpler (and presumably more reliable function) that only saves (and indexes) an fcc copy of the message.
2013-12-14 15:39:54 +01:00
'emacs_fcc_message \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"test signed message 001" \
"This is a test signed message." \
"(mml-secure-message-sign)"'
test: signed and encrypted part content type indexing Add known broken subtests for searching signed and encrypted messages using mimetype: prefix search for the content-types of signed and encrypted parts.
2017-09-16 16:59:03 +02:00
test_begin_subtest "signed part content-type indexing"
output=$(notmuch search mimetype:multipart/signed and mimetype:application/pgp-signature | notmuch_search_sanitize)
test_expect_equal "$output" "thread:XXX 2000-01-01 [1/1] Notmuch Test Suite; test signed message 001 (inbox signed)"
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
test_begin_subtest "signature verification"
output=$(notmuch show --format=json --verify subject:"test signed message 001" \
| notmuch_json_show_sanitize \
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
| sed -e 's|"created": [1234567890]*|"created": 946728000|g')
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
expected='[[[{"id": "XXXXX",
"match": true,
test: update tests to reflect the exclude flag notmuch show outputs the exclude flag so many tests using notmuch show failed. This commit adds "excluded:0" or "excluded: false" to the expected outputs. After this commit there should be no failing tests.
2012-03-01 23:30:41 +01:00
"excluded": false,
cli/show: list all filenames of a message in the formatted output Instead of just having the first filename for the message, list all duplicate filenames of the message as a list in the formatted outputs. This bumps the format version to 3.
2017-02-25 14:31:31 +01:00
"filename": ["YYYYY"],
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"timestamp": 946728000,
"date_relative": "2000-01-01",
tag signed/encrypted during notmuch new This patch adds the tag "signed" to messages with any multipart/signed parts, and the tag "encrypted" to messages with any multipart/encrypted parts. This only occurs when messages are indexed during notmuch new, so a database rebuild is required to have old messages tagged.
2011-05-26 03:01:20 +02:00
"tags": ["inbox","signed"],
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
"crypto": {"signed": {"status": [{ "status": "good", "created": 946728000, "fingerprint": "'$FINGERPRINT'", "userid": "'"$SELF_USERID"'"}]}},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"headers": {"Subject": "test signed message 001",
"From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
"To": "test_suite@notmuchmail.org",
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"body": [{"id": 1,
"sigstatus": [{"status": "good",
"fingerprint": "'$FINGERPRINT'",
test/crypto: add_gnupg_home should have ultimate trust on "its own" key The typical use case for gpg is that if you control a secret key, you mark it with "ultimate" ownertrust. The opaque --import-ownertrust mechanism is GnuPG's standard mechanism to set up ultimate ownertrust (the ":6:" means "ultimate", for whatever reason). We adjust the test suite to match this change, inverting the sense of one test: since the default is now that the user ID of the suite's own key is valid, we change the test to make sure that the user ID is not emitted when it is *not* valid. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-04 23:33:28 +02:00
"created": 946728000,
"userid": "'"$SELF_USERID"'"}],
Do not replace multipart/signed part with content part when doing verification. Some folks have complained about the part renumbering that occurs when the entire multipart/signed part is replaced with the part contents after verification. This is primarily because it incurs an additional computational cost to retrieve individual parts, since verification has to be performed again to ensure that part numbering is consistent. This patch simply leaves the full multipart/signed part as is. The emacs crypto test is also updated to reflect this change.
2011-05-27 12:27:36 +02:00
"content-type": "multipart/signed",
"content": [{"id": 2,
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"content-type": "text/plain",
Do not replace multipart/signed part with content part when doing verification. Some folks have complained about the part renumbering that occurs when the entire multipart/signed part is replaced with the part contents after verification. This is primarily because it incurs an additional computational cost to retrieve individual parts, since verification has to be performed again to ensure that part numbering is consistent. This patch simply leaves the full multipart/signed part as is. The emacs crypto test is also updated to reflect this change.
2011-05-27 12:27:36 +02:00
"content": "This is a test signed message.\n"},
{"id": 3,
test: conform to content length, encoding fields Update tests to expect content-length and content-transfer-encoding fields in show --format=json output, for leaf parts with omitted body content.
2012-12-15 04:06:45 +01:00
"content-type": "application/pgp-signature",
tests: account for varying-size cryptographic signatures GnuPG 2.1.16 is now injecting the full issuer fingerprint in its signatures, which makes them about 32 octets larger when ascii-armored. This change in size means that the size of the MIME parts will vary depending on the version of gpg that the user has installed. at any rate, the signature part should be non-zero (this is true for basically any MIME part), so we just test for that instead of an exact size.
2016-11-23 18:57:22 +01:00
"content-length": "NONZERO"}]}]},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
[]]]]'
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
test_expect_equal_json \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"$output" \
"$expected"
test: add test for modified pgp/mime signed message This is a good thing to test in any case, but particularly as we hit the dark corners of the gmime crypto API.
2017-06-03 19:47:39 +02:00
test_begin_subtest "detection of modified signed contents"
emacs_fcc_message \
"bad signed message 001" \
"Incriminating stuff. This is a test signed message." \
"(mml-secure-message-sign)"
file=$(notmuch search --output=files subject:"bad signed message 001")
sed -i 's/Incriminating stuff. //' ${file}
output=$(notmuch show --format=json --verify subject:"bad signed message 001" \
| notmuch_json_show_sanitize \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
expected='[[[{"id": "XXXXX",
"match": true,
"excluded": false,
"filename": ["YYYYY"],
"timestamp": 946728000,
"date_relative": "2000-01-01",
"tags": ["inbox","signed"],
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
"crypto": {"signed": {"status": [{ "status": "bad", "keyid": "'$(echo $FINGERPRINT | cut -c 25-)'"}]}},
test: add test for modified pgp/mime signed message This is a good thing to test in any case, but particularly as we hit the dark corners of the gmime crypto API.
2017-06-03 19:47:39 +02:00
"headers": {"Subject": "bad signed message 001",
"From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
"To": "test_suite@notmuchmail.org",
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
"body": [{"id": 1,
"sigstatus": [{"status": "bad",
"keyid": "'$(echo $FINGERPRINT | cut -c 25-)'"}],
"content-type": "multipart/signed",
"content": [{"id": 2,
"content-type": "text/plain",
"content": "This is a test signed message.\n"},
{"id": 3,
"content-type": "application/pgp-signature",
"content-length": "NONZERO"}]}]},
[]]]]'
test_expect_equal_json \
"$output" \
"$expected"
test/crypto: add test for corrupted signatures Have an empty list of signatures is not the nicest mechanism to signal complete failure to verify, but it's the one we currently have.
2017-06-03 19:47:40 +02:00
test_begin_subtest "corrupted pgp/mime signature"
emacs_fcc_message \
"bad signed message 002" \
"Incriminating stuff. This is a test signed message." \
"(mml-secure-message-sign)"
file=$(notmuch search --output=files subject:"bad signed message 002")
awk '/-----BEGIN PGP SIGNATURE-----/{flag=1;print;next} \
/-----END PGP SIGNATURE-----/{flag=0;print;next} \
flag{gsub(/[A-Za-z]/,"0");print}!flag{print}' $file > $file.new
rm $file
mv $file.new $file
output=$(notmuch show --format=json --verify subject:"bad signed message 002" \
| notmuch_json_show_sanitize \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
expected='[[[{"id": "XXXXX",
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
"crypto": {},
test/crypto: add test for corrupted signatures Have an empty list of signatures is not the nicest mechanism to signal complete failure to verify, but it's the one we currently have.
2017-06-03 19:47:40 +02:00
"match": true,
"excluded": false,
"filename": ["YYYYY"],
"timestamp": 946728000,
"date_relative": "2000-01-01",
"tags": ["inbox","signed"],
"headers": {"Subject": "bad signed message 002",
"From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
"To": "test_suite@notmuchmail.org",
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
"body": [{"id": 1,
"sigstatus": [],
"content-type": "multipart/signed",
"content": [{"id": 2,
"content-type": "text/plain",
"content": "Incriminating stuff. This is a test signed message.\n"},
{"id": 3,
"content-type": "application/pgp-signature",
"content-length": "NONZERO"}]}]},
[]]]]'
test_expect_equal_json \
"$output" \
"$expected"
test/crypto: add_gnupg_home should have ultimate trust on "its own" key The typical use case for gpg is that if you control a secret key, you mark it with "ultimate" ownertrust. The opaque --import-ownertrust mechanism is GnuPG's standard mechanism to set up ultimate ownertrust (the ":6:" means "ultimate", for whatever reason). We adjust the test suite to match this change, inverting the sense of one test: since the default is now that the user ID of the suite's own key is valid, we change the test to make sure that the user ID is not emitted when it is *not* valid. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-04 23:33:28 +02:00
test_begin_subtest "signature verification without full user ID validity"
# give the key no owner trust, removes validity on all user IDs of the
# certificate in the absence of other trusted certifiers:
gpg --quiet --batch --no-tty --export-ownertrust > "$GNUPGHOME/ownertrust.bak"
echo "${FINGERPRINT}:3:" | gpg --quiet --batch --no-tty --import-ownertrust
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
output=$(notmuch show --format=json --verify subject:"test signed message 001" \
| notmuch_json_show_sanitize \
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
| sed -e 's|"created": [1234567890]*|"created": 946728000|g')
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
expected='[[[{"id": "XXXXX",
"match": true,
test: update tests to reflect the exclude flag notmuch show outputs the exclude flag so many tests using notmuch show failed. This commit adds "excluded:0" or "excluded: false" to the expected outputs. After this commit there should be no failing tests.
2012-03-01 23:30:41 +01:00
"excluded": false,
cli/show: list all filenames of a message in the formatted output Instead of just having the first filename for the message, list all duplicate filenames of the message as a list in the formatted outputs. This bumps the format version to 3.
2017-02-25 14:31:31 +01:00
"filename": ["YYYYY"],
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"timestamp": 946728000,
"date_relative": "2000-01-01",
tag signed/encrypted during notmuch new This patch adds the tag "signed" to messages with any multipart/signed parts, and the tag "encrypted" to messages with any multipart/encrypted parts. This only occurs when messages are indexed during notmuch new, so a database rebuild is required to have old messages tagged.
2011-05-26 03:01:20 +02:00
"tags": ["inbox","signed"],
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
"crypto": {"signed": {"status": [{ "status": "good", "created": 946728000, "fingerprint": "'$FINGERPRINT'"}]}},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"headers": {"Subject": "test signed message 001",
"From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
"To": "test_suite@notmuchmail.org",
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"body": [{"id": 1,
"sigstatus": [{"status": "good",
"fingerprint": "'$FINGERPRINT'",
test/crypto: add_gnupg_home should have ultimate trust on "its own" key The typical use case for gpg is that if you control a secret key, you mark it with "ultimate" ownertrust. The opaque --import-ownertrust mechanism is GnuPG's standard mechanism to set up ultimate ownertrust (the ":6:" means "ultimate", for whatever reason). We adjust the test suite to match this change, inverting the sense of one test: since the default is now that the user ID of the suite's own key is valid, we change the test to make sure that the user ID is not emitted when it is *not* valid. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-04 23:33:28 +02:00
"created": 946728000}],
Do not replace multipart/signed part with content part when doing verification. Some folks have complained about the part renumbering that occurs when the entire multipart/signed part is replaced with the part contents after verification. This is primarily because it incurs an additional computational cost to retrieve individual parts, since verification has to be performed again to ensure that part numbering is consistent. This patch simply leaves the full multipart/signed part as is. The emacs crypto test is also updated to reflect this change.
2011-05-27 12:27:36 +02:00
"content-type": "multipart/signed",
"content": [{"id": 2,
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"content-type": "text/plain",
Do not replace multipart/signed part with content part when doing verification. Some folks have complained about the part renumbering that occurs when the entire multipart/signed part is replaced with the part contents after verification. This is primarily because it incurs an additional computational cost to retrieve individual parts, since verification has to be performed again to ensure that part numbering is consistent. This patch simply leaves the full multipart/signed part as is. The emacs crypto test is also updated to reflect this change.
2011-05-27 12:27:36 +02:00
"content": "This is a test signed message.\n"},
{"id": 3,
test: conform to content length, encoding fields Update tests to expect content-length and content-transfer-encoding fields in show --format=json output, for leaf parts with omitted body content.
2012-12-15 04:06:45 +01:00
"content-type": "application/pgp-signature",
tests: account for varying-size cryptographic signatures GnuPG 2.1.16 is now injecting the full issuer fingerprint in its signatures, which makes them about 32 octets larger when ascii-armored. This change in size means that the size of the MIME parts will vary depending on the version of gpg that the user has installed. at any rate, the signature part should be non-zero (this is true for basically any MIME part), so we just test for that instead of an exact size.
2016-11-23 18:57:22 +01:00
"content-length": "NONZERO"}]}]},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
[]]]]'
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
test_expect_equal_json \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"$output" \
"$expected"
test/crypto: add_gnupg_home should have ultimate trust on "its own" key The typical use case for gpg is that if you control a secret key, you mark it with "ultimate" ownertrust. The opaque --import-ownertrust mechanism is GnuPG's standard mechanism to set up ultimate ownertrust (the ":6:" means "ultimate", for whatever reason). We adjust the test suite to match this change, inverting the sense of one test: since the default is now that the user ID of the suite's own key is valid, we change the test to make sure that the user ID is not emitted when it is *not* valid. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-04 23:33:28 +02:00
gpg --quiet --batch --no-tty --import-ownertrust < "$GNUPGHOME/ownertrust.bak"
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
test_begin_subtest "signature verification with signer key unavailable"
# move the gnupghome temporarily out of the way
mv "${GNUPGHOME}"{,.bak}
output=$(notmuch show --format=json --verify subject:"test signed message 001" \
| notmuch_json_show_sanitize \
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
| sed -e 's|"created": [1234567890]*|"created": 946728000|g')
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
expected='[[[{"id": "XXXXX",
"match": true,
test: update tests to reflect the exclude flag notmuch show outputs the exclude flag so many tests using notmuch show failed. This commit adds "excluded:0" or "excluded: false" to the expected outputs. After this commit there should be no failing tests.
2012-03-01 23:30:41 +01:00
"excluded": false,
cli/show: list all filenames of a message in the formatted output Instead of just having the first filename for the message, list all duplicate filenames of the message as a list in the formatted outputs. This bumps the format version to 3.
2017-02-25 14:31:31 +01:00
"filename": ["YYYYY"],
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"timestamp": 946728000,
"date_relative": "2000-01-01",
tag signed/encrypted during notmuch new This patch adds the tag "signed" to messages with any multipart/signed parts, and the tag "encrypted" to messages with any multipart/encrypted parts. This only occurs when messages are indexed during notmuch new, so a database rebuild is required to have old messages tagged.
2011-05-26 03:01:20 +02:00
"tags": ["inbox","signed"],
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
"crypto": {"signed": {"status": [{"errors": {"key-missing": true}, "keyid": "'$(echo $FINGERPRINT | cut -c 25-)'", "status": "error"}]}},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"headers": {"Subject": "test signed message 001",
"From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
"To": "test_suite@notmuchmail.org",
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"body": [{"id": 1,
"sigstatus": [{"status": "error",
"keyid": "'$(echo $FINGERPRINT | cut -c 25-)'",
cli: implement structured output version 4 Since the error field is unused by the emacs front end, no changes are needed other than bumping the format version number. As it is, this is a bit overengineered, but it will reduce duplication when we support gmime 3.0
2017-06-03 19:47:34 +02:00
"errors": {"key-missing": true}}],
Do not replace multipart/signed part with content part when doing verification. Some folks have complained about the part renumbering that occurs when the entire multipart/signed part is replaced with the part contents after verification. This is primarily because it incurs an additional computational cost to retrieve individual parts, since verification has to be performed again to ensure that part numbering is consistent. This patch simply leaves the full multipart/signed part as is. The emacs crypto test is also updated to reflect this change.
2011-05-27 12:27:36 +02:00
"content-type": "multipart/signed",
"content": [{"id": 2,
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"content-type": "text/plain",
Do not replace multipart/signed part with content part when doing verification. Some folks have complained about the part renumbering that occurs when the entire multipart/signed part is replaced with the part contents after verification. This is primarily because it incurs an additional computational cost to retrieve individual parts, since verification has to be performed again to ensure that part numbering is consistent. This patch simply leaves the full multipart/signed part as is. The emacs crypto test is also updated to reflect this change.
2011-05-27 12:27:36 +02:00
"content": "This is a test signed message.\n"},
{"id": 3,
test: conform to content length, encoding fields Update tests to expect content-length and content-transfer-encoding fields in show --format=json output, for leaf parts with omitted body content.
2012-12-15 04:06:45 +01:00
"content-type": "application/pgp-signature",
tests: account for varying-size cryptographic signatures GnuPG 2.1.16 is now injecting the full issuer fingerprint in its signatures, which makes them about 32 octets larger when ascii-armored. This change in size means that the size of the MIME parts will vary depending on the version of gpg that the user has installed. at any rate, the signature part should be non-zero (this is true for basically any MIME part), so we just test for that instead of an exact size.
2016-11-23 18:57:22 +01:00
"content-length": "NONZERO"}]}]},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
[]]]]'
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
test_expect_equal_json \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"$output" \
"$expected"
mv "${GNUPGHOME}"{.bak,}
test: require test_begin_subtest before test_expect_success Unify the subtests by requiring test_begin_subtest before test_expect_success. (Similar change for test_expect_code will follow.) This increases clarity in the test scripts by having a separate line for the start of the subtest with the heading, and makes it possible to simplify the test infrastructure by making all subtests similar.
2017-02-26 14:43:00 +01:00
test_begin_subtest "emacs delivery of encrypted message with attachment"
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
# create a test encrypted message with attachment
cat <<EOF >TESTATTACHMENT
This is a test file.
EOF
test: require test_begin_subtest before test_expect_success Unify the subtests by requiring test_begin_subtest before test_expect_success. (Similar change for test_expect_code will follow.) This increases clarity in the test scripts by having a separate line for the start of the subtest with the heading, and makes it possible to simplify the test infrastructure by making all subtests similar.
2017-02-26 14:43:00 +01:00
test_expect_success \
test: add emacs_fcc_message that does not use smtp-dummy Most of the tests previously using emacs_deliver_message do not use the actual transmitted message, so we replace it with a simpler (and presumably more reliable function) that only saves (and indexes) an fcc copy of the message.
2013-12-14 15:39:54 +01:00
'emacs_fcc_message \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"test encrypted message 001" \
"This is a test encrypted message.\n" \
"(mml-attach-file \"TESTATTACHMENT\") (mml-secure-message-encrypt)"'
test: signed and encrypted part content type indexing Add known broken subtests for searching signed and encrypted messages using mimetype: prefix search for the content-types of signed and encrypted parts.
2017-09-16 16:59:03 +02:00
test_begin_subtest "encrypted part content-type indexing"
output=$(notmuch search mimetype:multipart/encrypted and mimetype:application/pgp-encrypted and mimetype:application/octet-stream | notmuch_search_sanitize)
test_expect_equal "$output" "thread:XXX 2000-01-01 [1/1] Notmuch Test Suite; test encrypted message 001 (encrypted inbox)"
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
test_begin_subtest "decryption, --format=text"
cli/show: make --decrypt take a keyword. We also expand tab completion for it, update the emacs bindings, and update T350, T357, and T450 to match. Make use of the bool-to-keyword backward-compatibility feature.
2017-12-19 17:40:54 +01:00
output=$(notmuch show --format=text --decrypt=true subject:"test encrypted message 001" \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
| notmuch_show_sanitize_all \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
test: update tests to reflect the exclude flag notmuch show outputs the exclude flag so many tests using notmuch show failed. This commit adds "excluded:0" or "excluded: false" to the expected outputs. After this commit there should be no failing tests.
2012-03-01 23:30:41 +01:00
expected=' message{ id:XXXXX depth:0 match:1 excluded:0 filename:XXXXX
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
header{
tag signed/encrypted during notmuch new This patch adds the tag "signed" to messages with any multipart/signed parts, and the tag "encrypted" to messages with any multipart/encrypted parts. This only occurs when messages are indexed during notmuch new, so a database rebuild is required to have old messages tagged.
2011-05-26 03:01:20 +02:00
Notmuch Test Suite <test_suite@notmuchmail.org> (2000-01-01) (encrypted inbox)
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
Subject: test encrypted message 001
From: Notmuch Test Suite <test_suite@notmuchmail.org>
To: test_suite@notmuchmail.org
show: Simplify new text formatter code This makes the text formatter take advantage of the new code structure. The previously duplicated header logic is now unified, several things that we used to compute repeatedly across different callbacks are now computed once, and the code is simpler overall and 32% shorter. Unifying the header logic causes this to format some dates slightly differently, so the two affected test cases are updated.
2012-02-04 22:24:26 +01:00
Date: Sat, 01 Jan 2000 12:00:00 +0000
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
header}
body{
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
part{ ID: 1, Content-type: multipart/encrypted
part{ ID: 2, Content-type: application/pgp-encrypted
Non-text part: application/pgp-encrypted
part}
part{ ID: 3, Content-type: multipart/mixed
part{ ID: 4, Content-type: text/plain
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
This is a test encrypted message.
part}
test: fix tests after notmuch show output changes related to filenames Adding the filename propery alongside ID and Content-type. This makes the test suite pass again after the recent change.
2011-05-29 00:03:48 +02:00
attachment{ ID: 5, Filename: TESTATTACHMENT, Content-type: application/octet-stream
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
Non-text part: application/octet-stream
attachment}
part}
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
part}
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
body}
message}'
test_expect_equal \
"$output" \
"$expected"
test_begin_subtest "decryption, --format=json"
cli/show: make --decrypt take a keyword. We also expand tab completion for it, update the emacs bindings, and update T350, T357, and T450 to match. Make use of the bool-to-keyword backward-compatibility feature.
2017-12-19 17:40:54 +01:00
output=$(notmuch show --format=json --decrypt=true subject:"test encrypted message 001" \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
| notmuch_json_show_sanitize \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
expected='[[[{"id": "XXXXX",
"match": true,
test: update tests to reflect the exclude flag notmuch show outputs the exclude flag so many tests using notmuch show failed. This commit adds "excluded:0" or "excluded: false" to the expected outputs. After this commit there should be no failing tests.
2012-03-01 23:30:41 +01:00
"excluded": false,
cli/show: list all filenames of a message in the formatted output Instead of just having the first filename for the message, list all duplicate filenames of the message as a list in the formatted outputs. This bumps the format version to 3.
2017-02-25 14:31:31 +01:00
"filename": ["YYYYY"],
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"timestamp": 946728000,
"date_relative": "2000-01-01",
tag signed/encrypted during notmuch new This patch adds the tag "signed" to messages with any multipart/signed parts, and the tag "encrypted" to messages with any multipart/encrypted parts. This only occurs when messages are indexed during notmuch new, so a database rebuild is required to have old messages tagged.
2011-05-26 03:01:20 +02:00
"tags": ["encrypted","inbox"],
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
"crypto": {"decrypted": {"status": "full"}},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"headers": {"Subject": "test encrypted message 001",
"From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
"To": "test_suite@notmuchmail.org",
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"body": [{"id": 1,
"encstatus": [{"status": "good"}],
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
"content-type": "multipart/encrypted",
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"content": [{"id": 2,
test: conform to content length, encoding fields Update tests to expect content-length and content-transfer-encoding fields in show --format=json output, for leaf parts with omitted body content.
2012-12-15 04:06:45 +01:00
"content-type": "application/pgp-encrypted",
tests: account for varying-size cryptographic signatures GnuPG 2.1.16 is now injecting the full issuer fingerprint in its signatures, which makes them about 32 octets larger when ascii-armored. This change in size means that the size of the MIME parts will vary depending on the version of gpg that the user has installed. at any rate, the signature part should be non-zero (this is true for basically any MIME part), so we just test for that instead of an exact size.
2016-11-23 18:57:22 +01:00
"content-length": "NONZERO"},
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
{"id": 3,
"content-type": "multipart/mixed",
"content": [{"id": 4,
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"content-type": "text/plain",
"content": "This is a test encrypted message.\n"},
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
{"id": 5,
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"content-type": "application/octet-stream",
cli/show: add content-disposition to structured output message parts Help the clients decide how to display parts. Test updates by Mark Walters <markwalters1009@gmail.com>. One more test fix by db
2017-02-26 19:33:48 +01:00
"content-disposition": "attachment",
tests: account for varying-size cryptographic signatures GnuPG 2.1.16 is now injecting the full issuer fingerprint in its signatures, which makes them about 32 octets larger when ascii-armored. This change in size means that the size of the MIME parts will vary depending on the version of gpg that the user has installed. at any rate, the signature part should be non-zero (this is true for basically any MIME part), so we just test for that instead of an exact size.
2016-11-23 18:57:22 +01:00
"content-length": "NONZERO",
test: conform to content length, encoding fields Update tests to expect content-length and content-transfer-encoding fields in show --format=json output, for leaf parts with omitted body content.
2012-12-15 04:06:45 +01:00
"content-transfer-encoding": "base64",
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
"filename": "TESTATTACHMENT"}]}]}]},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
[]]]]'
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
test_expect_equal_json \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"$output" \
"$expected"
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
test_begin_subtest "decryption, --format=json, --part=4"
cli/show: make --decrypt take a keyword. We also expand tab completion for it, update the emacs bindings, and update T350, T357, and T450 to match. Make use of the bool-to-keyword backward-compatibility feature.
2017-12-19 17:40:54 +01:00
output=$(notmuch show --format=json --part=4 --decrypt=true subject:"test encrypted message 001" \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
| notmuch_json_show_sanitize \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
expected='{"id": 4,
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"content-type": "text/plain",
"content": "This is a test encrypted message.\n"}'
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
test_expect_equal_json \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"$output" \
"$expected"
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
test_begin_subtest "decrypt attachment (--part=5 --format=raw)"
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
notmuch show \
--format=raw \
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
--part=5 \
cli/show: make --decrypt take a keyword. We also expand tab completion for it, update the emacs bindings, and update T350, T357, and T450 to match. Make use of the bool-to-keyword backward-compatibility feature.
2017-12-19 17:40:54 +01:00
--decrypt=true \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
subject:"test encrypted message 001" >OUTPUT
test: standardize argument order to test_expect_equal_file It is annoying to debug failing tests when the interpretation of the diffs is reversed for some tests.
2017-04-05 02:36:29 +02:00
test_expect_equal_file TESTATTACHMENT OUTPUT
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
test_begin_subtest "decryption failure with missing key"
mv "${GNUPGHOME}"{,.bak}
cli/show: make --decrypt take a keyword. We also expand tab completion for it, update the emacs bindings, and update T350, T357, and T450 to match. Make use of the bool-to-keyword backward-compatibility feature.
2017-12-19 17:40:54 +01:00
output=$(notmuch show --format=json --decrypt=true subject:"test encrypted message 001" \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
| notmuch_json_show_sanitize \
tests: account for varying-size cryptographic signatures GnuPG 2.1.16 is now injecting the full issuer fingerprint in its signatures, which makes them about 32 octets larger when ascii-armored. This change in size means that the size of the MIME parts will vary depending on the version of gpg that the user has installed. at any rate, the signature part should be non-zero (this is true for basically any MIME part), so we just test for that instead of an exact size.
2016-11-23 18:57:22 +01:00
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
expected='[[[{"id": "XXXXX",
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
"crypto": {},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"match": true,
test: update tests to reflect the exclude flag notmuch show outputs the exclude flag so many tests using notmuch show failed. This commit adds "excluded:0" or "excluded: false" to the expected outputs. After this commit there should be no failing tests.
2012-03-01 23:30:41 +01:00
"excluded": false,
cli/show: list all filenames of a message in the formatted output Instead of just having the first filename for the message, list all duplicate filenames of the message as a list in the formatted outputs. This bumps the format version to 3.
2017-02-25 14:31:31 +01:00
"filename": ["YYYYY"],
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"timestamp": 946728000,
"date_relative": "2000-01-01",
tag signed/encrypted during notmuch new This patch adds the tag "signed" to messages with any multipart/signed parts, and the tag "encrypted" to messages with any multipart/encrypted parts. This only occurs when messages are indexed during notmuch new, so a database rebuild is required to have old messages tagged.
2011-05-26 03:01:20 +02:00
"tags": ["encrypted","inbox"],
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"headers": {"Subject": "test encrypted message 001",
"From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
"To": "test_suite@notmuchmail.org",
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"body": [{"id": 1,
"encstatus": [{"status": "bad"}],
"content-type": "multipart/encrypted",
"content": [{"id": 2,
test: conform to content length, encoding fields Update tests to expect content-length and content-transfer-encoding fields in show --format=json output, for leaf parts with omitted body content.
2012-12-15 04:06:45 +01:00
"content-type": "application/pgp-encrypted",
tests: account for varying-size cryptographic signatures GnuPG 2.1.16 is now injecting the full issuer fingerprint in its signatures, which makes them about 32 octets larger when ascii-armored. This change in size means that the size of the MIME parts will vary depending on the version of gpg that the user has installed. at any rate, the signature part should be non-zero (this is true for basically any MIME part), so we just test for that instead of an exact size.
2016-11-23 18:57:22 +01:00
"content-length": "NONZERO"},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
{"id": 3,
test: conform to content length, encoding fields Update tests to expect content-length and content-transfer-encoding fields in show --format=json output, for leaf parts with omitted body content.
2012-12-15 04:06:45 +01:00
"content-type": "application/octet-stream",
tests: account for varying-size cryptographic signatures GnuPG 2.1.16 is now injecting the full issuer fingerprint in its signatures, which makes them about 32 octets larger when ascii-armored. This change in size means that the size of the MIME parts will vary depending on the version of gpg that the user has installed. at any rate, the signature part should be non-zero (this is true for basically any MIME part), so we just test for that instead of an exact size.
2016-11-23 18:57:22 +01:00
"content-length": "NONZERO"}]}]},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
[]]]]'
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
test_expect_equal_json \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"$output" \
"$expected"
mv "${GNUPGHOME}"{.bak,}
test: require test_begin_subtest before test_expect_success Unify the subtests by requiring test_begin_subtest before test_expect_success. (Similar change for test_expect_code will follow.) This increases clarity in the test scripts by having a separate line for the start of the subtest with the heading, and makes it possible to simplify the test infrastructure by making all subtests similar.
2017-02-26 14:43:00 +01:00
test_begin_subtest "emacs delivery of encrypted + signed message"
test_expect_success \
test: add emacs_fcc_message that does not use smtp-dummy Most of the tests previously using emacs_deliver_message do not use the actual transmitted message, so we replace it with a simpler (and presumably more reliable function) that only saves (and indexes) an fcc copy of the message.
2013-12-14 15:39:54 +01:00
'emacs_fcc_message \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"test encrypted message 002" \
"This is another test encrypted message.\n" \
"(mml-secure-message-sign-encrypt)"'
test_begin_subtest "decryption + signature verification"
cli/show: make --decrypt take a keyword. We also expand tab completion for it, update the emacs bindings, and update T350, T357, and T450 to match. Make use of the bool-to-keyword backward-compatibility feature.
2017-12-19 17:40:54 +01:00
output=$(notmuch show --format=json --decrypt=true subject:"test encrypted message 002" \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
| notmuch_json_show_sanitize \
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
| sed -e 's|"created": [1234567890]*|"created": 946728000|g')
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
expected='[[[{"id": "XXXXX",
"match": true,
test: update tests to reflect the exclude flag notmuch show outputs the exclude flag so many tests using notmuch show failed. This commit adds "excluded:0" or "excluded: false" to the expected outputs. After this commit there should be no failing tests.
2012-03-01 23:30:41 +01:00
"excluded": false,
cli/show: list all filenames of a message in the formatted output Instead of just having the first filename for the message, list all duplicate filenames of the message as a list in the formatted outputs. This bumps the format version to 3.
2017-02-25 14:31:31 +01:00
"filename": ["YYYYY"],
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"timestamp": 946728000,
"date_relative": "2000-01-01",
tag signed/encrypted during notmuch new This patch adds the tag "signed" to messages with any multipart/signed parts, and the tag "encrypted" to messages with any multipart/encrypted parts. This only occurs when messages are indexed during notmuch new, so a database rebuild is required to have old messages tagged.
2011-05-26 03:01:20 +02:00
"tags": ["encrypted","inbox"],
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
"crypto": {"signed": {"status": [{ "status": "good", "created": 946728000, "fingerprint": "'$FINGERPRINT'", "userid": "'"$SELF_USERID"'"}],
"encrypted": true },
"decrypted": {"status": "full"}},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"headers": {"Subject": "test encrypted message 002",
"From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
"To": "test_suite@notmuchmail.org",
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"body": [{"id": 1,
"encstatus": [{"status": "good"}],
"sigstatus": [{"status": "good",
"fingerprint": "'$FINGERPRINT'",
"created": 946728000,
test: simplify user ID handling The user ID on the self-test is a little bit clunky-looking. It also may end up showing up elsewhere in the test suite. Centralizing the user ID in one place should make it easier to handle if it ever changes, and should make tests easier to read. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-04 23:33:27 +02:00
"userid": "'"$SELF_USERID"'"}],
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
"content-type": "multipart/encrypted",
"content": [{"id": 2,
test: conform to content length, encoding fields Update tests to expect content-length and content-transfer-encoding fields in show --format=json output, for leaf parts with omitted body content.
2012-12-15 04:06:45 +01:00
"content-type": "application/pgp-encrypted",
tests: account for varying-size cryptographic signatures GnuPG 2.1.16 is now injecting the full issuer fingerprint in its signatures, which makes them about 32 octets larger when ascii-armored. This change in size means that the size of the MIME parts will vary depending on the version of gpg that the user has installed. at any rate, the signature part should be non-zero (this is true for basically any MIME part), so we just test for that instead of an exact size.
2016-11-23 18:57:22 +01:00
"content-length": "NONZERO"},
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
{"id": 3,
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"content-type": "text/plain",
Render all parts of multipart/encrypted when decrypting. The primary goal here is to keep the decrypted output as similarly structured as undecrypted output as possible. Now, when decrypting parts, only the original encrypted part is replaced by the it's decrypted content. If this part isn't itself a multipart, then all part numbering should remain consistent during decryption. The only draw back here is that the useless application/pgp-encrypted sub-part of the multipart/encrypted part is also emitted. But this part can be easily ignored by clients.
2011-05-27 12:27:37 +02:00
"content": "This is another test encrypted message.\n"}]}]},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
[]]]]'
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
test_expect_equal_json \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"$output" \
"$expected"
test_begin_subtest "reply to encrypted message"
cli/reply: make --decrypt take a keyword This brings the --decrypt argument to "notmuch reply" into line with the other --decrypt arguments (in "show", "new", "insert", and "reindex"). This patch is really just about bringing consistency to the user interface. We also use the recommended form in the emacs MUA when replying, and update test T350 to match.
2017-12-19 17:40:55 +01:00
output=$(notmuch reply --decrypt=true subject:"test encrypted message 002" \
test/crypto: remove headers more robustly In [1], Vladimir Panteleev observed that the In-Reply-To and References headers could be wrapped in the 'default' output format of notmuch-reply, depending on the version of Emacs creating the message. In my own experiments notmuch-reply sometimes wraps headers with only one message-id if that message-id is long enough. However it happens, this causes the previous approach using grep to fail. Since I found the proposed unwrapping shell fragment in [1] a bit hard to follow, I decided to write a little python script instead. Then Tomi suggested a slight generalization of my script, and here we are. [1] id:20170817175145.3204-7-notmuch@thecybershadow.net
2017-09-02 01:59:47 +02:00
| notmuch_drop_mail_headers In-Reply-To References)
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
expected='From: Notmuch Test Suite <test_suite@notmuchmail.org>
Subject: Re: test encrypted message 002
reply: Include sender as recipient if they were the original recipient When generating a reply message, if the user was the originator and only recipient of the original message, include the user as a recipient of the reply.
2018-10-01 18:50:47 +02:00
To: test_suite@notmuchmail.org
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
On 01 Jan 2000 12:00:00 -0000, Notmuch Test Suite <test_suite@notmuchmail.org> wrote:
> This is another test encrypted message.'
test_expect_equal \
"$output" \
"$expected"
test/crypto: test reply to encrypted message in emacs This test considers the extra output about encryption/signature status as a bug, to be fixed in the next commit
2016-09-13 03:45:57 +02:00
test_begin_subtest "Reply within emacs to an encrypted message"
test_emacs "(let ((message-hidden-headers '())
(notmuch-crypto-process-mime 't))
(notmuch-show \"subject:test.encrypted.message.002\")
(notmuch-show-reply)
(test-output))"
reply: Include sender as recipient if they were the original recipient When generating a reply message, if the user was the originator and only recipient of the original message, include the user as a recipient of the reply.
2018-10-01 18:50:47 +02:00
grep -v -e '^In-Reply-To:' -e '^References:' -e '^Fcc:' < OUTPUT > OUTPUT.clean
test/crypto: test reply to encrypted message in emacs This test considers the extra output about encryption/signature status as a bug, to be fixed in the next commit
2016-09-13 03:45:57 +02:00
cat <<EOF >EXPECTED
From: Notmuch Test Suite <test_suite@notmuchmail.org>
reply: Include sender as recipient if they were the original recipient When generating a reply message, if the user was the originator and only recipient of the original message, include the user as a recipient of the reply.
2018-10-01 18:50:47 +02:00
To: test_suite@notmuchmail.org
test/crypto: test reply to encrypted message in emacs This test considers the extra output about encryption/signature status as a bug, to be fixed in the next commit
2016-09-13 03:45:57 +02:00
Subject: Re: test encrypted message 002
--text follows this line--
<#secure method=pgpmime mode=signencrypt>
Notmuch Test Suite <test_suite@notmuchmail.org> writes:
> This is another test encrypted message.
EOF
test_expect_equal_file EXPECTED OUTPUT.clean
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
test_begin_subtest "signature verification with revoked key"
fix sum moar typos [comments in source code] Various typo fixes in comments within the source code. Signed-off-by: Pieter Praet <pieter@praet.org> Edited-by: Carl Worth <cworth@cworth.org> Restricted to just source-code comments, (and fixed fix of "descriptios" to "descriptors" rather than "descriptions").
2011-06-20 22:14:21 +02:00
# generate revocation certificate and load it to revoke key
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
echo "y
1
Notmuch Test Suite key revocation (automated) $(date '+%F_%T%z')
y
" \
| gpg --no-tty --quiet --command-fd 0 --armor --gen-revoke "0x${FINGERPRINT}!" 2>/dev/null \
| gpg --no-tty --quiet --import
output=$(notmuch show --format=json --verify subject:"test signed message 001" \
| notmuch_json_show_sanitize \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
expected='[[[{"id": "XXXXX",
"match": true,
test: update tests to reflect the exclude flag notmuch show outputs the exclude flag so many tests using notmuch show failed. This commit adds "excluded:0" or "excluded: false" to the expected outputs. After this commit there should be no failing tests.
2012-03-01 23:30:41 +01:00
"excluded": false,
cli/show: list all filenames of a message in the formatted output Instead of just having the first filename for the message, list all duplicate filenames of the message as a list in the formatted outputs. This bumps the format version to 3.
2017-02-25 14:31:31 +01:00
"filename": ["YYYYY"],
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"timestamp": 946728000,
"date_relative": "2000-01-01",
tag signed/encrypted during notmuch new This patch adds the tag "signed" to messages with any multipart/signed parts, and the tag "encrypted" to messages with any multipart/encrypted parts. This only occurs when messages are indexed during notmuch new, so a database rebuild is required to have old messages tagged.
2011-05-26 03:01:20 +02:00
"tags": ["inbox","signed"],
cli/show: emit new whole-message crypto status output This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
2019-05-25 20:04:06 +02:00
"crypto": {"signed": {"status": [{"errors": {"key-revoked": true}, "keyid": "'$(echo $FINGERPRINT | cut -c 25-)'", "status": "error"}]}},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"headers": {"Subject": "test signed message 001",
"From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
"To": "test_suite@notmuchmail.org",
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"body": [{"id": 1,
"sigstatus": [{"status": "error",
"keyid": "6D92612D94E46381",
cli: implement structured output version 4 Since the error field is unused by the emacs front end, no changes are needed other than bumping the format version number. As it is, this is a bit overengineered, but it will reduce duplication when we support gmime 3.0
2017-06-03 19:47:34 +02:00
"errors": {"key-revoked": true}}],
Do not replace multipart/signed part with content part when doing verification. Some folks have complained about the part renumbering that occurs when the entire multipart/signed part is replaced with the part contents after verification. This is primarily because it incurs an additional computational cost to retrieve individual parts, since verification has to be performed again to ensure that part numbering is consistent. This patch simply leaves the full multipart/signed part as is. The emacs crypto test is also updated to reflect this change.
2011-05-27 12:27:36 +02:00
"content-type": "multipart/signed",
"content": [{"id": 2,
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"content-type": "text/plain",
Do not replace multipart/signed part with content part when doing verification. Some folks have complained about the part renumbering that occurs when the entire multipart/signed part is replaced with the part contents after verification. This is primarily because it incurs an additional computational cost to retrieve individual parts, since verification has to be performed again to ensure that part numbering is consistent. This patch simply leaves the full multipart/signed part as is. The emacs crypto test is also updated to reflect this change.
2011-05-27 12:27:36 +02:00
"content": "This is a test signed message.\n"},
{"id": 3,
test: conform to content length, encoding fields Update tests to expect content-length and content-transfer-encoding fields in show --format=json output, for leaf parts with omitted body content.
2012-12-15 04:06:45 +01:00
"content-type": "application/pgp-signature",
tests: account for varying-size cryptographic signatures GnuPG 2.1.16 is now injecting the full issuer fingerprint in its signatures, which makes them about 32 octets larger when ascii-armored. This change in size means that the size of the MIME parts will vary depending on the version of gpg that the user has installed. at any rate, the signature part should be non-zero (this is true for basically any MIME part), so we just test for that instead of an exact size.
2016-11-23 18:57:22 +01:00
"content-length": "NONZERO"}]}]},
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
[]]]]'
test: Uniformly canonicalize actual and expected JSON Previously, we used a variety of ad-hoc canonicalizations for JSON output in the test suite, but were ultimately very sensitive to JSON irrelevancies such as whitespace. This introduces a new test comparison function, test_expect_equal_json, that first pretty-prints *both* the actual and expected JSON and the compares the result. The current implementation of this simply uses Python's json.tool to perform pretty-printing (with a fallback to the identity function if parsing fails). However, since the interface it introduces is semantically high-level, we could swap in other mechanisms in the future, such as another pretty-printer or something that does not re-order object keys (if we decide that we care about that). In general, this patch does not remove the existing ad-hoc canonicalization because it does no harm. We do have to remove the newline-after-comma rule from notmuch_json_show_sanitize and filter_show_json because it results in invalid JSON that cannot be pretty-printed. Most of this patch simply replaces test_expect_equal and test_expect_equal_file with test_expect_equal_json. It changes the expected JSON in a few places where sanitizers had placed newlines after commas inside strings.
2012-08-03 03:14:47 +02:00
test_expect_equal_json \
test: add crypto tests for signature verification and decryption This adds a new "crypto" test script to the test suite to test PGP/MIME signature verification and message decryption. Included here is a test GNUPGHOME with a test secret key (passwordless), and test for: * signing/verification * signing/verification with full owner trust * verification with signer key unavailable * encryption/decryption * decryption failure with missing key * encryption/decryption + signing/verfifying * reply to encrypted message * verification of signature from revoked key These tests are not expected to pass now, but will as crypto functionality is included.
2011-05-26 03:01:16 +02:00
"$output" \
"$expected"
test_done
Reference in a new issue Copy permalink