From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 847EE6DE0C66 for ; Thu, 30 Nov 2017 00:59:59 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.015 X-Spam-Level: X-Spam-Status: No, score=-0.015 tagged_above=-999 required=5 tests=[AWL=-0.015] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cb1LornX_KIO for ; Thu, 30 Nov 2017 00:59:57 -0800 (PST) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTPS id 62B416DE0191 for ; Thu, 30 Nov 2017 00:59:57 -0800 (PST) Received: from fifthhorseman.net (ool-6c3a0662.static.optonline.net [108.58.6.98]) by che.mayfirst.org (Postfix) with ESMTPSA id B9D0CF99D for ; Thu, 30 Nov 2017 03:59:56 -0500 (EST) Received: by fifthhorseman.net (Postfix, from userid 1000) id ED82120D8E; Thu, 30 Nov 2017 03:59:52 -0500 (EST) From: Daniel Kahn Gillmor To: Notmuch Mail Subject: [PATCH v2 06/21] crypto: Test restore of cleartext index from stashed session keys Date: Thu, 30 Nov 2017 03:59:31 -0500 Message-Id: <20171130085946.11332-7-dkg@fifthhorseman.net> X-Mailer: git-send-email 2.15.0 In-Reply-To: <20171130085946.11332-1-dkg@fifthhorseman.net> References: <20171130085946.11332-1-dkg@fifthhorseman.net> X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Nov 2017 08:59:59 -0000 If you've got a notmuch dump that includes stashed session keys for every decrypted message, and you've got your message archive, you should be able to get back to the same index that you had before. Here we add a simple test that give some flavor of how that works. --- test/T357-index-decryption.sh | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/test/T357-index-decryption.sh b/test/T357-index-decryption.sh index 22e716c6..11ea2074 100755 --- a/test/T357-index-decryption.sh +++ b/test/T357-index-decryption.sh @@ -156,6 +156,37 @@ test_expect_equal \ "$output" \ "$expected" +add_email_corpus crypto + +test_begin_subtest "indexing message fails when secret key not available" +notmuch reindex --try-decrypt id:simple-encrypted@crypto.notmuchmail.org +output=$(notmuch dump ) +expected='#notmuch-dump batch-tag:3 config,properties,tags ++encrypted +inbox +unread -- id:simple-encrypted@crypto.notmuchmail.org +#= simple-encrypted@crypto.notmuchmail.org index.decryption=failure' +test_expect_equal \ + "$output" \ + "$expected" + +test_begin_subtest "cannot find cleartext index" +output=$(notmuch search sekrit) +expected='' +test_expect_equal \ + "$output" \ + "$expected" + +test_begin_subtest "cleartext index recovery on reindexing with stashed session keys" +notmuch restore <