diff options
| author | David Bremner <david@tethera.net> | 2017-06-03 14:47:40 -0300 |
|---|---|---|
| committer | David Bremner <david@tethera.net> | 2017-07-05 07:36:20 -0300 |
| commit | 87ca29b7a737a9b52f1916156aef9511939b4376 (patch) | |
| tree | 8955f226121fb137241a03807d08c711a4a25efc /test | |
| parent | 4f48ae4a5fcc842b1c010ba11aff902cd67ddc6f (diff) | |
test/crypto: add test for corrupted signatures
Have an empty list of signatures is not the nicest mechanism to signal
complete failure to verify, but it's the one we currently have.
Diffstat (limited to 'test')
| -rwxr-xr-x | test/T350-crypto.sh | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/test/T350-crypto.sh b/test/T350-crypto.sh index bcf3b13b..7de0ed6a 100755 --- a/test/T350-crypto.sh +++ b/test/T350-crypto.sh @@ -107,6 +107,49 @@ test_expect_equal_json \ "$output" \ "$expected" +test_begin_subtest "corrupted pgp/mime signature" +emacs_fcc_message \ + "bad signed message 002" \ + "Incriminating stuff. This is a test signed message." \ + "(mml-secure-message-sign)" + +file=$(notmuch search --output=files subject:"bad signed message 002") + +awk '/-----BEGIN PGP SIGNATURE-----/{flag=1;print;next} \ + /-----END PGP SIGNATURE-----/{flag=0;print;next} \ + flag{gsub(/[A-Za-z]/,"0");print}!flag{print}' $file > $file.new + +rm $file +mv $file.new $file + +output=$(notmuch show --format=json --verify subject:"bad signed message 002" \ + | notmuch_json_show_sanitize \ + | sed -e 's|"created": [1234567890]*|"created": 946728000|') +expected='[[[{"id": "XXXXX", + "match": true, + "excluded": false, + "filename": ["YYYYY"], + "timestamp": 946728000, + "date_relative": "2000-01-01", + "tags": ["inbox","signed"], + "headers": {"Subject": "bad signed message 002", + "From": "Notmuch Test Suite <test_suite@notmuchmail.org>", + "To": "test_suite@notmuchmail.org", + "Date": "Sat, 01 Jan 2000 12:00:00 +0000"}, + "body": [{"id": 1, + "sigstatus": [], + "content-type": "multipart/signed", + "content": [{"id": 2, + "content-type": "text/plain", + "content": "Incriminating stuff. This is a test signed message.\n"}, + {"id": 3, + "content-type": "application/pgp-signature", + "content-length": "NONZERO"}]}]}, + []]]]' +test_expect_equal_json \ + "$output" \ + "$expected" + test_begin_subtest "signature verification with full owner trust" # give the key full owner trust echo "${FINGERPRINT}:6:" | gpg --no-tty --import-ownertrust >>"$GNUPGHOME"/trust.log 2>&1 |