#!/usr/bin/env bash
-# TODO:
-# * check S/MIME as well as PGP/MIME
-
test_description='Message decryption with protected headers'
. $(dirname "$0")/test-lib.sh || exit 1
##################################################
+test_require_external_prereq gpgsm
+
add_gnupg_home
+add_gpgsm_home
add_email_corpus protected-headers
test_begin_subtest "show cryptographic envelope on signed mail"
output=$(notmuch show --verify --format=json id:simple-signed-mail@crypto.notmuchmail.org)
test_json_nodes <<<"$output" \
- 'crypto:[0][0][0]["crypto"]={"signed": {"status": [{"created": 1525609971, "fingerprint": "'$FINGERPRINT'", "userid": "'"$SELF_USERID"'", "status": "good"}]}}'
+ 'crypto:[0][0][0]["crypto"]={"signed": {"status": [{"created": 1525609971, "fingerprint": "'$FINGERPRINT'", "email": "'"$SELF_EMAIL"'", "userid": "'"$SELF_USERID"'", "status": "good"}]}}'
test_begin_subtest "verify signed protected header"
output=$(notmuch show --verify --format=json id:signed-protected-header@crypto.notmuchmail.org)
test_json_nodes <<<"$output" \
- 'crypto:[0][0][0]["crypto"]={"signed": {"status": [{"created": 1525350527, "fingerprint": "'$FINGERPRINT'", "userid": "'"$SELF_USERID"'", "status": "good"}], "headers": ["Subject"]}}'
+ 'crypto:[0][0][0]["crypto"]={"signed": {"status": [{"created": 1525350527, "fingerprint": "'$FINGERPRINT'", "email": "'"$SELF_EMAIL"'", "userid": "'"$SELF_USERID"'", "status": "good"}], "headers": ["Subject"]}}'
test_begin_subtest "protected subject does not leak by default in replies"
output=$(notmuch reply --decrypt=true --format=json id:protected-header@crypto.notmuchmail.org)
output=$(notmuch show --decrypt=true --format=json id:encrypted-signed@crypto.notmuchmail.org)
test_json_nodes <<<"$output" \
'crypto:[0][0][0]["crypto"]={
- "signed":{"status": [{"status": "good", "fingerprint": "'$FINGERPRINT'", "userid": "'"$SELF_USERID"'", "created": 1525812676}],
+ "signed":{"status": [{"status": "good", "fingerprint": "'$FINGERPRINT'", "email": "'"$SELF_EMAIL"'", "userid": "'"$SELF_USERID"'", "created": 1525812676}],
"encrypted": true, "headers": ["Subject"]},"decrypted": {"status": "full", "header-mask": {"Subject": "Subject Unavailable"}}}' \
'subject:[0][0][0]["headers"]["Subject"]="Rhinoceros dinner"'
output=$(notmuch show --decrypt=true --format=json id:encrypted-signed-not-masked@crypto.notmuchmail.org)
test_json_nodes <<<"$output" \
'crypto:[0][0][0]["crypto"]={
- "signed":{"status": [{"status": "good", "fingerprint": "'$FINGERPRINT'", "userid": "'"$SELF_USERID"'", "created": 1525812676}],
+ "signed":{"status": [{"status": "good", "fingerprint": "'$FINGERPRINT'", "userid": "'"$SELF_USERID"'", "email": "'"$SELF_EMAIL"'", "created": 1525812676}],
"encrypted": true, "headers": ["Subject"]},"decrypted": {"status": "full"}}' \
'subject:[0][0][0]["headers"]["Subject"]="Rhinoceros dinner"'
output=$(notmuch search --output=messages property:index.repaired=skip-protected-headers-legacy-display)
test_expect_equal "$output" id:protected-with-legacy-display@crypto.notmuchmail.org
+for variant in multipart-signed onepart-signed; do
+ test_begin_subtest "verify signed PKCS#7 subject ($variant)"
+ output=$(notmuch show --verify --format=json "id:smime-${variant}@protected-headers.example")
+ test_json_nodes <<<"$output" \
+ 'signed_subject:[0][0][0]["crypto"]["signed"]["headers"]=["Subject"]' \
+ 'sig_good:[0][0][0]["crypto"]["signed"]["status"][0]["status"]="good"' \
+ 'sig_fpr:[0][0][0]["crypto"]["signed"]["status"][0]["fingerprint"]="702BA4B157F1E2B7D16B0C6A5FFC8A7DE2057DEB"' \
+ 'not_encrypted:[0][0][0]["crypto"]!"decrypted"'
+ test_begin_subtest "verify signed PKCS#7 subject ($variant) signer User ID"
+ if [ $NOTMUCH_GMIME_X509_CERT_VALIDITY -ne 1 ]; then
+ test_subtest_known_broken
+ fi
+ test_json_nodes <<<"$output" \
+ 'sig_uid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Alice Lovelace"'
+done
+
+for variant in sign+enc sign+enc+legacy-disp; do
+ test_begin_subtest "confirm signed and encrypted PKCS#7 subject ($variant)"
+ output=$(notmuch show --decrypt=true --format=json "id:smime-${variant}@protected-headers.example")
+ test_json_nodes <<<"$output" \
+ 'signed_subject:[0][0][0]["crypto"]["signed"]["headers"]=["Subject"]' \
+ 'sig_good:[0][0][0]["crypto"]["signed"]["status"][0]["status"]="good"' \
+ 'sig_fpr:[0][0][0]["crypto"]["signed"]["status"][0]["fingerprint"]="702BA4B157F1E2B7D16B0C6A5FFC8A7DE2057DEB"' \
+ 'encrypted:[0][0][0]["crypto"]["decrypted"]={"status":"full","header-mask":{"Subject":"..."}}'
+ test_begin_subtest "confirm signed and encrypted PKCS#7 subject ($variant) signer User ID"
+ if [ $NOTMUCH_GMIME_X509_CERT_VALIDITY -ne 1 ]; then
+ test_subtest_known_broken
+ fi
+ test_json_nodes <<<"$output" \
+ 'sig_uid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Alice Lovelace"'
+
+done
+
+test_begin_subtest "confirm encryption-protected PKCS#7 subject (enc+legacy-disp)"
+output=$(notmuch show --decrypt=true --format=json "id:smime-enc+legacy-disp@protected-headers.example")
+test_json_nodes <<<"$output" \
+ 'encrypted:[0][0][0]["crypto"]["decrypted"]={"status":"full","header-mask":{"Subject":"..."}}' \
+ 'no_sig:[0][0][0]["crypto"]!"signed"'
+
+
# TODO: test that a part that looks like a legacy-display in
# multipart/signed, but not encrypted, is indexed and not stripped.