mirror of
https://git.notmuchmail.org/git/notmuch
synced 2024-11-25 04:18:08 +01:00
test: add test for modified pgp/mime signed message
This is a good thing to test in any case, but particularly as we hit the dark corners of the gmime crypto API.
This commit is contained in:
parent
71f04b9a67
commit
4f48ae4a5f
1 changed files with 39 additions and 0 deletions
|
@ -68,6 +68,45 @@ test_expect_equal_json \
|
||||||
"$output" \
|
"$output" \
|
||||||
"$expected"
|
"$expected"
|
||||||
|
|
||||||
|
test_begin_subtest "detection of modified signed contents"
|
||||||
|
emacs_fcc_message \
|
||||||
|
"bad signed message 001" \
|
||||||
|
"Incriminating stuff. This is a test signed message." \
|
||||||
|
"(mml-secure-message-sign)"
|
||||||
|
|
||||||
|
file=$(notmuch search --output=files subject:"bad signed message 001")
|
||||||
|
|
||||||
|
sed -i 's/Incriminating stuff. //' ${file}
|
||||||
|
|
||||||
|
output=$(notmuch show --format=json --verify subject:"bad signed message 001" \
|
||||||
|
| notmuch_json_show_sanitize \
|
||||||
|
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
|
||||||
|
expected='[[[{"id": "XXXXX",
|
||||||
|
"match": true,
|
||||||
|
"excluded": false,
|
||||||
|
"filename": ["YYYYY"],
|
||||||
|
"timestamp": 946728000,
|
||||||
|
"date_relative": "2000-01-01",
|
||||||
|
"tags": ["inbox","signed"],
|
||||||
|
"headers": {"Subject": "bad signed message 001",
|
||||||
|
"From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
|
||||||
|
"To": "test_suite@notmuchmail.org",
|
||||||
|
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
|
||||||
|
"body": [{"id": 1,
|
||||||
|
"sigstatus": [{"status": "bad",
|
||||||
|
"keyid": "'$(echo $FINGERPRINT | cut -c 25-)'"}],
|
||||||
|
"content-type": "multipart/signed",
|
||||||
|
"content": [{"id": 2,
|
||||||
|
"content-type": "text/plain",
|
||||||
|
"content": "This is a test signed message.\n"},
|
||||||
|
{"id": 3,
|
||||||
|
"content-type": "application/pgp-signature",
|
||||||
|
"content-length": "NONZERO"}]}]},
|
||||||
|
[]]]]'
|
||||||
|
test_expect_equal_json \
|
||||||
|
"$output" \
|
||||||
|
"$expected"
|
||||||
|
|
||||||
test_begin_subtest "signature verification with full owner trust"
|
test_begin_subtest "signature verification with full owner trust"
|
||||||
# give the key full owner trust
|
# give the key full owner trust
|
||||||
echo "${FINGERPRINT}:6:" | gpg --no-tty --import-ownertrust >>"$GNUPGHOME"/trust.log 2>&1
|
echo "${FINGERPRINT}:6:" | gpg --no-tty --import-ownertrust >>"$GNUPGHOME"/trust.log 2>&1
|
||||||
|
|
Loading…
Reference in a new issue