From a52a4682de55b96fd2c61b336757fc1b78a4a2f9 Mon Sep 17 00:00:00 2001 From: David Bremner Date: Sun, 18 Jan 2015 09:02:45 +0100 Subject: [PATCH] [Patch v4 3/5] test: add S/MIME signature verification test for notmuch CLI --- 85/9b4a692a7af6d3fb56435b9c99651a9b6b91cb | 144 ++++++++++++++++++++++ 1 file changed, 144 insertions(+) create mode 100644 85/9b4a692a7af6d3fb56435b9c99651a9b6b91cb diff --git a/85/9b4a692a7af6d3fb56435b9c99651a9b6b91cb b/85/9b4a692a7af6d3fb56435b9c99651a9b6b91cb new file mode 100644 index 000000000..1372ee359 --- /dev/null +++ b/85/9b4a692a7af6d3fb56435b9c99651a9b6b91cb @@ -0,0 +1,144 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by olra.theworths.org (Postfix) with ESMTP id F1E5E431FB6 + for ; Sun, 18 Jan 2015 00:03:19 -0800 (PST) +X-Virus-Scanned: Debian amavisd-new at olra.theworths.org +X-Spam-Flag: NO +X-Spam-Score: 2.438 +X-Spam-Level: ** +X-Spam-Status: No, score=2.438 tagged_above=-999 required=5 + tests=[DNS_FROM_AHBL_RHSBL=2.438] autolearn=disabled +Received: from olra.theworths.org ([127.0.0.1]) + by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id a8fFG1j+0SUg for ; + Sun, 18 Jan 2015 00:03:18 -0800 (PST) +Received: from yantan.tethera.net (yantan.tethera.net [199.188.72.155]) + (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) + (No client certificate requested) + by olra.theworths.org (Postfix) with ESMTPS id 7A752431FC4 + for ; Sun, 18 Jan 2015 00:03:11 -0800 (PST) +Received: from remotemail by yantan.tethera.net with local (Exim 4.80) + (envelope-from ) + id 1YCkpC-0004qc-N4; Sun, 18 Jan 2015 04:03:10 -0400 +Received: (nullmailer pid 18925 invoked by uid 1000); Sun, 18 Jan 2015 + 08:02:54 -0000 +From: David Bremner +To: notmuch@notmuchmail.org +Subject: [Patch v4 3/5] test: add S/MIME signature verification test for + notmuch CLI +Date: Sun, 18 Jan 2015 09:02:45 +0100 +Message-Id: <1421568167-18683-4-git-send-email-david@tethera.net> +X-Mailer: git-send-email 2.1.4 +In-Reply-To: <1421568167-18683-1-git-send-email-david@tethera.net> +References: <1421568167-18683-1-git-send-email-david@tethera.net> +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.13 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Sun, 18 Jan 2015 08:03:20 -0000 + +The test is pretty much cut and paste from the PGP/MIME version, with +obvious updates taken from notmuch output. This also requires setting +up gpgsm infrastucture. +--- + test/T355-smime.sh | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ + test/test-lib.sh | 1 + + 2 files changed, 50 insertions(+) + +diff --git a/test/T355-smime.sh b/test/T355-smime.sh +index 5f3ff12..caedf5e 100755 +--- a/test/T355-smime.sh ++++ b/test/T355-smime.sh +@@ -3,7 +3,17 @@ + test_description='S/MIME signature verification and decryption' + . ./test-lib.sh + ++add_gpgsm_home () ++{ ++ local output ++ [ -d ${GNUPGHOME} ] && return ++ mkdir -m 0700 "$GNUPGHOME" ++ gpgsm --no-tty --import < test_suite.pem >"$GNUPGHOME"/import.log 2>&1 ++ test_debug "cat $GNUPGHOME/import.log" ++} ++ + test_require_external_prereq openssl ++test_require_external_prereq gpgsm + + test_begin_subtest "Generate CA Cert" + openssl genpkey -algorithm RSA -out ca.key -pass pass:test -des3 1024 +@@ -21,6 +31,10 @@ openssl x509 -req -in smime.csr -passin pass:test -CA ca.crt -CAkey ca.key -set_ + cat test_suite.crt smime.key > test_suite.pem + test_expect_equal "$(openssl verify -purpose smimesign -CAfile ca.crt test_suite.pem)" "test_suite.pem: OK" + ++add_gpgsm_home ++ ++FINGERPRINT=$(openssl x509 -fingerprint -in test_suite.crt -noout | sed -e 's/^.*=//' -e s/://g) ++ + test_expect_success 'emacs delivery of S/MIME signed message' \ + 'emacs_fcc_message \ + "test signed message 001" \ +@@ -41,6 +55,41 @@ Verification successful + EOF + test_expect_equal_file OUTPUT EXPECTED + ++test_begin_subtest "signature verification (notmuch CLI)" ++output=$(notmuch show --format=json --verify subject:"test signed message 001" \ ++ | notmuch_json_show_sanitize \ ++ | sed -e 's|"created": [1234567890]*|"created": 946728000|' \ ++ -e 's|"expires": [1234567890]*|"expires": 424242424|' ) ++expected='[[[{"id": "XXXXX", ++ "match": true, ++ "excluded": false, ++ "filename": "YYYYY", ++ "timestamp": 946728000, ++ "date_relative": "2000-01-01", ++ "tags": ["inbox","signed"], ++ "headers": {"Subject": "test signed message 001", ++ "From": "Notmuch Test Suite ", ++ "To": "test_suite@notmuchmail.org", ++ "Date": "Sat, 01 Jan 2000 12:00:00 +0000"}, ++ "body": [{"id": 1, ++ "sigstatus": [{"status": "good", ++ "fingerprint": "'$FINGERPRINT'", ++ "expires": 424242424, ++ "created": 946728000}], ++ "content-type": "multipart/signed", ++ "content": [{"id": 2, ++ "content-type": "text/plain", ++ "content": "This is a test signed message.\n"}, ++ {"id": 3, ++ "content-length": 1930, ++ "content-transfer-encoding": "base64", ++ "content-type": "application/x-pkcs7-signature", ++ "filename": "smime.p7s"}]}]}, ++ []]]]' ++test_expect_equal_json \ ++ "$output" \ ++ "$expected" ++ + test_begin_subtest "Decryption and signature verification (openssl)" + notmuch show --format=raw subject:"test encrypted message 001" |\ + openssl smime -decrypt -recip test_suite.pem |\ +diff --git a/test/test-lib.sh b/test/test-lib.sh +index 00612d9..a0d44e1 100644 +--- a/test/test-lib.sh ++++ b/test/test-lib.sh +@@ -1305,3 +1305,4 @@ test_declare_external_prereq gpg + test_declare_external_prereq python + test_declare_external_prereq python2 + test_declare_external_prereq openssl ++test_declare_external_prereq gpgsm +-- +2.1.4 + -- 2.26.2