crypto: Test restore of cleartext index from stashed session keys
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>
Thu, 30 Nov 2017 08:59:31 +0000 (03:59 -0500)
committerDavid Bremner <david@tethera.net>
Tue, 5 Dec 2017 01:53:05 +0000 (21:53 -0400)
If you've got a notmuch dump that includes stashed session keys for
every decrypted message, and you've got your message archive, you
should be able to get back to the same index that you had before.

Here we add a simple test that give some flavor of how that works.

test/T357-index-decryption.sh

index 22e716c6536c2ad7dd6fad6bfb644056d8434ca4..11ea2074d57a776874a29f1393a482775e746841 100755 (executable)
@@ -156,6 +156,37 @@ test_expect_equal \
     "$output" \
     "$expected"
 
+add_email_corpus crypto
+
+test_begin_subtest "indexing message fails when secret key not available"
+notmuch reindex --try-decrypt id:simple-encrypted@crypto.notmuchmail.org
+output=$(notmuch dump )
+expected='#notmuch-dump batch-tag:3 config,properties,tags
++encrypted +inbox +unread -- id:simple-encrypted@crypto.notmuchmail.org
+#= simple-encrypted@crypto.notmuchmail.org index.decryption=failure'
+test_expect_equal \
+    "$output" \
+    "$expected"
+
+test_begin_subtest "cannot find cleartext index"
+output=$(notmuch search sekrit)
+expected=''
+test_expect_equal \
+    "$output" \
+    "$expected"
+
+test_begin_subtest "cleartext index recovery on reindexing with stashed session keys"
+notmuch restore <<EOF
+#notmuch-dump batch-tag:3 config,properties,tags
+#= simple-encrypted@crypto.notmuchmail.org session-key=9%3AFC09987F5F927CC0CC0EE80A96E4C5BBF4A499818FB591207705DFDDD6112CF9
+EOF
+notmuch reindex --try-decrypt id:simple-encrypted@crypto.notmuchmail.org
+output=$(notmuch search sekrit)
+expected='thread:0000000000000001   2016-12-22 [1/1] Daniel Kahn Gillmor; encrypted message (encrypted inbox unread)'
+test_expect_equal \
+    "$output" \
+    "$expected"
+
 
 # TODO: test removal of a message from the message store between
 # indexing and reindexing.