From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <notmuch-bounces@notmuchmail.org>
Received: from mp1 ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms11 with LMTPS
	id EMDLDjghu162VQAA0tVLHw
	(envelope-from <notmuch-bounces@notmuchmail.org>)
	for <larch@yhetil.org>; Tue, 12 May 2020 22:20:40 +0000
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp1 with LMTPS
	id gANqK0Yhu16EawAAbx9fmQ
	(envelope-from <notmuch-bounces@notmuchmail.org>)
	for <larch@yhetil.org>; Tue, 12 May 2020 22:20:54 +0000
Received: from arlo.cworth.org (unknown [50.126.95.6])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 66E9A940FEB
	for <larch@yhetil.org>; Tue, 12 May 2020 22:20:48 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by arlo.cworth.org (Postfix) with ESMTP id 42C636DE13D3;
	Tue, 12 May 2020 15:20:29 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at cworth.org
Received: from arlo.cworth.org ([127.0.0.1])
	by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id lmqZpm3lwiyv; Tue, 12 May 2020 15:20:28 -0700 (PDT)
Received: from arlo.cworth.org (localhost [IPv6:::1])
	by arlo.cworth.org (Postfix) with ESMTP id 2F0986DE13BC;
	Tue, 12 May 2020 15:20:23 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
 by arlo.cworth.org (Postfix) with ESMTP id BE0F96DE13B6
 for <notmuch@notmuchmail.org>; Tue, 12 May 2020 15:20:21 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at cworth.org
Received: from arlo.cworth.org ([127.0.0.1])
 by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id qb-I3amxxfRf for <notmuch@notmuchmail.org>;
 Tue, 12 May 2020 15:20:18 -0700 (PDT)
Received: from che.mayfirst.org (unknown [162.247.75.117])
 by arlo.cworth.org (Postfix) with ESMTPS id 6C7356DE1385
 for <notmuch@notmuchmail.org>; Tue, 12 May 2020 15:20:17 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple;
 d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019;
 t=1589322016; h=from : to : subject : date : message-id : in-reply-to
 : references : mime-version : content-transfer-encoding : from;
 bh=Vx+KAVCDdNogmKZHDqo1TEEAkFM8b1Ga/HXF0Fi2BJs=;
 b=88enDyNjcbBTTpjFOf+y7FTuIh0bLg6Kfo+tSVUS8X1/sx82kOv7E6cDoNyoLlkAQliiD
 e8/fnYQetI2IiZjCg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net;
 i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1589322016; h=from : to
 : subject : date : message-id : in-reply-to : references :
 mime-version : content-transfer-encoding : from;
 bh=Vx+KAVCDdNogmKZHDqo1TEEAkFM8b1Ga/HXF0Fi2BJs=;
 b=xOom4qEjVdE46o0W/gYeYoBTrZFEkU2fDygQ3g76+HmJy0tsGNyq/te6WyBm1YyMOYtDW
 adX0RCpiQSV+ETKAWALfbujqL9bsqjrLm45v7gMeEEModpdpgcyoJQmTHJgKY5z0V8Knwvc
 BLnKSRhcKWpg117ALgor5e3LkGiJDuTsOGH9YQ9v7NxuYbWsdhHNxW2iArgf/2zfIN/7YDl
 IO7oMqo6sHxFfFryh0JIZSJ5VQ6TL1/XZbCPIMLmumtqXEidgXFuWDNInGdx9Y5dzL5FyA4
 vS823M9pmcinUPzfblxE/lkmLYUxI2ckkUdXYs3P6ed1jYPLvQi3ESWIlffw==
Received: from fifthhorseman.net (unknown
 [IPv6:2001:470:1f07:60d:f2de:f1ff:fec3:d109])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (No client certificate requested)
 by che.mayfirst.org (Postfix) with ESMTPSA id 2259AF9A7
 for <notmuch@notmuchmail.org>; Tue, 12 May 2020 18:20:14 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000)
 id 51E20209AB; Tue, 12 May 2020 18:20:10 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Notmuch Mail <notmuch@notmuchmail.org>
Subject: [PATCH 2/2 v2] smime: tests of X.509 certificate validity are
 known-broken on GMime < 3.2.7
Date: Tue, 12 May 2020 18:20:10 -0400
Message-Id: <20200512222010.371054-1-dkg@fifthhorseman.net>
X-Mailer: git-send-email 2.26.2
In-Reply-To: <20200506235438.100518-2-dkg@fifthhorseman.net>
References: <20200506235438.100518-2-dkg@fifthhorseman.net>
MIME-Version: 1.0
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Use and development of the notmuch mail system."
 <notmuch.notmuchmail.org>
List-Unsubscribe: <https://notmuchmail.org/mailman/options/notmuch>,
 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch/>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <https://notmuchmail.org/mailman/listinfo/notmuch>,
 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: notmuch-bounces@notmuchmail.org
Sender: "notmuch" <notmuch-bounces@notmuchmail.org>
X-Scanner: scn0
X-Spam-Score: 4.59
Authentication-Results: aspmx1.migadu.com;
	dkim=fail (body hash did not verify) header.d=fifthhorseman.net header.s=2019 header.b=88enDyNj;
	dkim=fail (body hash did not verify) header.d=fifthhorseman.net header.s=2019rsa header.b=xOom4qEj;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=fifthhorseman.net (policy=none);
	spf=pass (aspmx1.migadu.com: domain of notmuch-bounces@notmuchmail.org designates 50.126.95.6 as permitted sender) smtp.mailfrom=notmuch-bounces@notmuchmail.org
X-Scan-Result: default: False [4.59 / 13.00];
	 RCVD_VIA_SMTP_AUTH(0.00)[];
	 GENERIC_REPUTATION(0.00)[-0.44784573590486];
	 RDNS_NONE(1.00)[];
	 DWL_DNSWL_BLOCKED(0.00)[50.126.95.6:from];
	 R_SPF_ALLOW(-0.20)[+a:c];
	 R_DKIM_REJECT(1.00)[fifthhorseman.net:s=2019,fifthhorseman.net:s=2019rsa];
	 IP_REPUTATION_HAM(0.00)[asn: 27017(-0.18), country: US(-0.00), ip: 50.126.95.6(-0.45)];
	 FORGED_SENDER_MAILLIST(0.00)[];
	 TO_DN_ALL(0.00)[];
	 DKIM_TRACE(0.00)[fifthhorseman.net:-];
	 MX_GOOD(-0.50)[cached: notmuchmail.org];
	 MAILLIST(-0.20)[mailman];
	 MIME_TRACE(0.00)[0:+];
	 RCVD_TLS_LAST(0.00)[];
	 ASN(0.00)[asn:27017, ipnet:50.126.64.0/18, country:US];
	 FROM_NEQ_ENVFROM(0.00)[dkg@fifthhorseman.net,notmuch-bounces@notmuchmail.org];
	 RDNS_DNSFAIL(0.00)[];
	 ARC_NA(0.00)[];
	 URIBL_BLOCKED(0.00)[notmuchmail.org:email,fifthhorseman.net:email];
	 FROM_HAS_DN(0.00)[];
	 MIME_GOOD(-0.10)[text/plain];
	 PREVIOUSLY_DELIVERED(0.00)[notmuch@notmuchmail.org];
	 HAS_LIST_UNSUB(-0.01)[];
	 RCPT_COUNT_ONE(0.00)[1];
	 DNSWL_BLOCKED(0.00)[50.126.95.6:from];
	 MID_CONTAINS_FROM(1.00)[];
	 HFILTER_HOSTNAME_UNKNOWN(2.50)[];
	 RCVD_COUNT_SEVEN(0.00)[8];
	 DMARC_POLICY_SOFTFAIL(0.10)[fifthhorseman.net : SPF not aligned (relaxed),none]
X-TUID: W8kLrYC9r1j9

When checking cryptographic signatures, Notmuch relies on GMime to
tell it whether the certificate that signs a message has a valid User
ID or not.

If the User ID is not valid, then notmuch does not report the signer's
User ID to the user.  This means that the consumer of notmuch's
cryptographic summary of a message (or of its protected headers) can
be confident in relaying the reported identity to the user.

However, some versions of GMime before 3.2.7 cannot report Certificate
validity for X.509 certificates.  This is resolved upstream in GMime
at https://github.com/jstedfast/gmime/pull/90.

We adapt to this by marking tests of reported User IDs for
S/MIME-signed messages as known-broken if GMime is older than 3.2.7
and has not been patched.

If GMime >= 3.2.7 and certificate validity still doesn't work for
X.509 certs, then there has likely been a regression in GMime and we
should fail early, during ./configure.

To break out these specific User ID checks from other checks, i had to
split some tests into two parts, and reuse $output across the two
subtests.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
 configure                      | 79 ++++++++++++++++++++++++++++++++++
 test/T355-smime.sh             | 17 +++++---
 test/T356-protected-headers.sh | 13 +++++-
 3 files changed, 100 insertions(+), 9 deletions(-)

diff --git a/configure b/configure
index 0cfdaa6f..92e5bd1b 100755
--- a/configure
+++ b/configure
@@ -536,6 +536,82 @@ EOF
     if [ -n "$TEMP_GPG" -a -d "$TEMP_GPG" ]; then
         rm -rf "$TEMP_GPG"
     fi
+
+    # see https://github.com/jstedfast/gmime/pull/90
+    # should be fixed in GMime in 3.2.7, but some distros might patch
+    printf "Checking for GMime X.509 certificate validity... "
+
+    cat > _check_x509_validity.c <<EOF
+#include <stdio.h>
+#include <gmime/gmime.h>
+
+int main () {
+    GError *error = NULL;
+    GMimeParser *parser = NULL;
+    GMimeApplicationPkcs7Mime *body = NULL;
+    GMimeSignatureList *sig_list = NULL;
+    GMimeSignature *sig = NULL;
+    GMimeCertificate *cert = NULL;
+    GMimeObject *output = NULL;
+    GMimeValidity validity = GMIME_VALIDITY_UNKNOWN;
+    int len;
+
+    g_mime_init ();
+    parser = g_mime_parser_new ();
+    g_mime_parser_init_with_stream (parser, g_mime_stream_file_open("test/corpora/pkcs7/smime-onepart-signed.eml", "r", &error));
+    if (error) return !! fprintf (stderr, "failed to instantiate parser with test/corpora/pkcs7/smime-onepart-signed.eml\n");
+
+    body = GMIME_APPLICATION_PKCS7_MIME(g_mime_message_get_mime_part (g_mime_parser_construct_message (parser, NULL)));
+    if (body == NULL) return !!	fprintf (stderr, "did not find a application/pkcs7 message\n");
+
+    sig_list = g_mime_application_pkcs7_mime_verify (body, GMIME_VERIFY_NONE, &output, &error);
+    if (error || output == NULL) return !! fprintf (stderr, "verify failed\n");
+
+    if (sig_list == NULL) return !! fprintf (stderr, "no GMimeSignatureList found\n");
+    len = g_mime_signature_list_length (sig_list);
+    if (len != 1) return !! fprintf (stderr, "expected 1 signature, got %d\n", len);
+    sig = g_mime_signature_list_get_signature (sig_list, 0);
+    if (sig == NULL) return !! fprintf (stderr, "no GMimeSignature found at position 0\n");
+    cert = g_mime_signature_get_certificate (sig);
+    if (cert == NULL) return !! fprintf (stderr, "no GMimeCertificate found\n");
+    validity = g_mime_certificate_get_id_validity (cert);
+    if (validity != GMIME_VALIDITY_FULL) return !! fprintf (stderr, "Got validity %d, expected %d\n", validity, GMIME_VALIDITY_FULL);
+
+    return 0;
+}
+EOF
+    if ! TEMP_GPG=$(mktemp -d "${TMPDIR:-/tmp}/notmuch.XXXXXX"); then
+        printf 'No.\nCould not make tempdir for testing X.509 certificate validity support.\n'
+        errors=$((errors + 1))
+    elif ${CC} ${CFLAGS} ${gmime_cflags} _check_x509_validity.c ${gmime_ldflags} -o _check_x509_validity \
+            && echo disable-crl-checks > "$TEMP_GPG/gpgsm.conf" \
+            && echo "4D:E0:FF:63:C0:E9:EC:01:29:11:C8:7A:EE:DA:3A:9A:7F:6E:C1:0D S" >> "$TEMP_GPG/trustlist.txt" \
+            && GNUPGHOME=${TEMP_GPG} gpgsm --batch --quiet --import < "$srcdir"/test/smime/ca.crt
+    then
+        if GNUPGHOME=${TEMP_GPG} ./_check_x509_validity; then
+            gmime_x509_cert_validity=1
+            printf "Yes.\n"
+        else
+            gmime_x509_cert_validity=0
+            printf "No.\n"
+            if pkg-config --exists "gmime-3.0 >= 3.2.7"; then
+                cat <<EOF
+*** Error: GMime fails to calculate X.509 certificate validity, and
+is later than 3.2.7, which should have fixed this issue.
+
+Please follow up on https://github.com/jstedfast/gmime/pull/90 with
+more details.
+EOF
+                errors=$((errors + 1))
+            fi
+        fi
+    else
+        printf 'No.\nFailed to set up gpgsm for testing X.509 certificate validity support.\n'
+        errors=$((errors + 1))
+    fi
+    if [ -n "$TEMP_GPG" -a -d "$TEMP_GPG" ]; then
+        rm -rf "$TEMP_GPG"
+    fi
 else
     have_gmime=0
     printf "No.\n"
@@ -1334,6 +1410,9 @@ NOTMUCH_HAVE_XAPIAN_DB_RETRY_LOCK=${WITH_RETRY_LOCK}
 # Which backend will Xapian use by default?
 NOTMUCH_DEFAULT_XAPIAN_BACKEND=${default_xapian_backend}
 
+# Whether GMime can verify X.509 certificate validity
+NOTMUCH_GMIME_X509_CERT_VALIDITY=${gmime_x509_cert_validity}
+
 # do we have man pages?
 NOTMUCH_HAVE_MAN=$((have_sphinx))
 
diff --git a/test/T355-smime.sh b/test/T355-smime.sh
index 117fa2b9..f8e8e396 100755
--- a/test/T355-smime.sh
+++ b/test/T355-smime.sh
@@ -187,13 +187,16 @@ test_valid_json "$output"
 test_begin_subtest "Verify signature on PKCS#7 SignedData message"
 test_subtest_known_broken
 output=$(notmuch show --format=json id:smime-onepart-signed@protected-headers.example)
+
+test_json_nodes <<<"$output" \
+                'created:[0][0][0]["crypto"]["signed"]["status"][0]["created"]=1574813489' \
+                'expires:[0][0][0]["crypto"]["signed"]["status"][0]["expires"]=2611032858' \
+                'fingerprint:[0][0][0]["crypto"]["signed"]["status"][0]["fingerprint"]="702BA4B157F1E2B7D16B0C6A5FFC8A7DE2057DEB"' \
+                'status:[0][0][0]["crypto"]["signed"]["status"][0]["status"]="good"'
+
+test_begin_subtest "Verify signature on PKCS#7 SignedData message signer User ID"
+test_subtest_known_broken
 test_json_nodes <<<"$output" \
-                'crypto:[0][0][0]["crypto"]["signed"]["status"][0]={
-                        "created" : 1574813489,
-                        "expires" : 2611032858,
-                        "fingerprint" : "702BA4B157F1E2B7D16B0C6A5FFC8A7DE2057DEB",
-                        "userid" : "CN=Alice Lovelace",
-                        "status" : "good"
-                     }'
+                'userid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Alice Lovelace"'
 
 test_done
diff --git a/test/T356-protected-headers.sh b/test/T356-protected-headers.sh
index 520cb71c..5fd27434 100755
--- a/test/T356-protected-headers.sh
+++ b/test/T356-protected-headers.sh
@@ -163,8 +163,13 @@ for variant in multipart-signed onepart-signed; do
                     'signed_subject:[0][0][0]["crypto"]["signed"]["headers"]=["Subject"]' \
                     'sig_good:[0][0][0]["crypto"]["signed"]["status"][0]["status"]="good"' \
                     'sig_fpr:[0][0][0]["crypto"]["signed"]["status"][0]["fingerprint"]="702BA4B157F1E2B7D16B0C6A5FFC8A7DE2057DEB"' \
-                    'sig_uid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Alice Lovelace"' \
                     'not_encrypted:[0][0][0]["crypto"]!"decrypted"'
+    test_begin_subtest "verify signed PKCS#7 subject ($variant) signer User ID"
+    if [ $NOTMUCH_GMIME_X509_CERT_VALIDITY -ne 1 ] || [ "$variant" != multipart-signed ]; then
+        test_subtest_known_broken
+    fi
+    test_json_nodes <<<"$output" \
+                    'sig_uid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Alice Lovelace"'
 done
 
 for variant in sign+enc sign+enc+legacy-disp; do
@@ -175,8 +180,12 @@ for variant in sign+enc sign+enc+legacy-disp; do
                     'signed_subject:[0][0][0]["crypto"]["signed"]["headers"]=["Subject"]' \
                     'sig_good:[0][0][0]["crypto"]["signed"]["status"][0]["status"]="good"' \
                     'sig_fpr:[0][0][0]["crypto"]["signed"]["status"][0]["fingerprint"]="702BA4B157F1E2B7D16B0C6A5FFC8A7DE2057DEB"' \
-                    'sig_uid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Alice Lovelace"' \
                     'encrypted:[0][0][0]["crypto"]["decrypted"]={"status":"full","header-mask":{"Subject":"..."}}'
+    test_begin_subtest "confirm signed and encrypted PKCS#7 subject ($variant) signer User ID"
+    test_subtest_known_broken
+    test_json_nodes <<<"$output" \
+                    'sig_uid:[0][0][0]["crypto"]["signed"]["status"][0]["userid"]="CN=Alice Lovelace"'
+
 done
 
 test_begin_subtest "confirm encryption-protected PKCS#7 subject (enc+legacy-disp)"
-- 
2.26.2