test: add test for modified pgp/mime signed message

This is a good thing to test in any case, but particularly as we hit
the dark corners of the gmime crypto API.
This commit is contained in:
David Bremner 2017-06-03 14:47:39 -03:00
parent 71f04b9a67
commit 4f48ae4a5f

View file

@ -68,6 +68,45 @@ test_expect_equal_json \
"$output" \ "$output" \
"$expected" "$expected"
test_begin_subtest "detection of modified signed contents"
emacs_fcc_message \
"bad signed message 001" \
"Incriminating stuff. This is a test signed message." \
"(mml-secure-message-sign)"
file=$(notmuch search --output=files subject:"bad signed message 001")
sed -i 's/Incriminating stuff. //' ${file}
output=$(notmuch show --format=json --verify subject:"bad signed message 001" \
| notmuch_json_show_sanitize \
| sed -e 's|"created": [1234567890]*|"created": 946728000|')
expected='[[[{"id": "XXXXX",
"match": true,
"excluded": false,
"filename": ["YYYYY"],
"timestamp": 946728000,
"date_relative": "2000-01-01",
"tags": ["inbox","signed"],
"headers": {"Subject": "bad signed message 001",
"From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
"To": "test_suite@notmuchmail.org",
"Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
"body": [{"id": 1,
"sigstatus": [{"status": "bad",
"keyid": "'$(echo $FINGERPRINT | cut -c 25-)'"}],
"content-type": "multipart/signed",
"content": [{"id": 2,
"content-type": "text/plain",
"content": "This is a test signed message.\n"},
{"id": 3,
"content-type": "application/pgp-signature",
"content-length": "NONZERO"}]}]},
[]]]]'
test_expect_equal_json \
"$output" \
"$expected"
test_begin_subtest "signature verification with full owner trust" test_begin_subtest "signature verification with full owner trust"
# give the key full owner trust # give the key full owner trust
echo "${FINGERPRINT}:6:" | gpg --no-tty --import-ownertrust >>"$GNUPGHOME"/trust.log 2>&1 echo "${FINGERPRINT}:6:" | gpg --no-tty --import-ownertrust >>"$GNUPGHOME"/trust.log 2>&1