gmime and S/MIME

gmime and S/MIME

[David Bremner]

With a few others, I've been attempting to get S/MIME supported in
notmuch (which as you might or might not remember is using gmime
underneath). The signature verification part is working OK, but I've
gotten a bit bogged down trying to get decryption working.

What I have learned is that according RFC5751, smime message (parts)
look like

   Media type:  application/pkcs7-mime
   parameters:  any
   file suffix: any

   Media type:  multipart/signed
   parameters:  protocol="application/pkcs7-signature"
   file suffix: any

   Media type:  application/octet-stream
   parameters:  any
   file suffix: p7m, p7s, p7c, p7z

Unless I miss something, out of the box there is only support for
decrypting multipart/encrypted.  In particular the gmime tests for
S/MIME use this "container format" [1].

So I'm wondering if I'm confused about the RFC(s), or about GMIME, or is
one suppose to write analogs of g_mime_multipart_encrypted_decrypt for
other top level parts?

Cheers,

David

[1]: https://github.com/GNOME/gmime/blob/master/tests/test-smime.c

Re: [gmime-devel] gmime and S/MIME

[Jeffrey Stedfast]

Hi David,

On 1/29/2015 7:42 AM, David Bremner wrote:
> With a few others, I've been attempting to get S/MIME supported in
> notmuch (which as you might or might not remember is using gmime
> underneath). The signature verification part is working OK, but I've
> gotten a bit bogged down trying to get decryption working.
>
> What I have learned is that according RFC5751, smime message (parts)
> look like
>
>     Media type:  application/pkcs7-mime
>     parameters:  any
>     file suffix: any
>
>     Media type:  multipart/signed
>     parameters:  protocol="application/pkcs7-signature"
>     file suffix: any
>
>     Media type:  application/octet-stream
>     parameters:  any
>     file suffix: p7m, p7s, p7c, p7z
>
> Unless I miss something, out of the box there is only support for
> decrypting multipart/encrypted.  In particular the gmime tests for
> S/MIME use this "container format" [1].

Correct, I don't think I ever got around to implementing the 
GMimeApplicationPkcs7Mime class.

>
> So I'm wondering if I'm confused about the RFC(s), or about GMIME, or is
> one suppose to write analogs of g_mime_multipart_encrypted_decrypt for
> other top level parts?

You are not confused. I would probably hesitate to say that it was my 
*intention* for everyone to implement their own S/MIME class for 
pkcs7-mime, but in any case, that is what needs to be done right now :(

FWIW, I've written another library called MimeKit in C# which shares a 
similar design to GMime that is hosted on GitHub that implements the 
pkcs7-mime class:

https://github.com/jstedfast/MimeKit/blob/master/MimeKit/Cryptography/ApplicationPkcs7Mime.cs

Hopefully that helps provide you with ideas on how to implement the same 
sort of thing using GMime for notmuch.

(btw, if you end up implementing this, I'd love to accept your patches 
into GMime proper)

Jeff

(no subject)

[David Bremner]

It turns out S/MIME encryption requires non-trivial additional code in libgmime. There is no reason to wait for that to support signtures (via emacs+openssl|epg), and verification (via notmuch-cli).

Here we also test encryption, relying on emacs message-mode facilities.

(At least) two things could be improved here:

- we are using some unholy mix of openssl and gpgsm, and it would
  probably be best to get everything working with gpgsm, since
  we are already working with gpg and gpg-agent.

- It should be possible to do S/MIME decryption on the emacs level  using e.g. smime-decrype-region.

On the other hand, it seems like supporting signature verification
is a step forward.

[PATCH 1/8] crypto: refactor context creation to facilitate further work

[David Bremner]

From: Jani Nikula <jani@nikula.org>

Let the context creation functions decide how to handle multiple calls
and cache the crypto context. No functional changes.
---
 crypto.c | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/crypto.c b/crypto.c
index a6eb27d..1187ad7 100644
--- a/crypto.c
+++ b/crypto.c
@@ -22,14 +22,20 @@
 
 /* Create a GPG context (GMime 2.6) */
 static notmuch_crypto_context_t *
-create_gpg_context (const char *gpgpath)
+create_gpg_context (notmuch_crypto_t *crypto)
 {
     notmuch_crypto_context_t *gpgctx;
 
+    if (crypto->gpgctx)
+	return crypto->gpgctx;
+
     /* TODO: GMimePasswordRequestFunc */
-    gpgctx = g_mime_gpg_context_new (NULL, gpgpath ? gpgpath : "gpg");
-    if (! gpgctx)
+    gpgctx = g_mime_gpg_context_new (NULL, crypto->gpgpath ? crypto->gpgpath : "gpg");
+    if (! gpgctx) {
+	fprintf (stderr, "Failed to construct gpg context.\n");
 	return NULL;
+    }
+    crypto->gpgctx = gpgctx;
 
     g_mime_gpg_context_set_use_agent ((GMimeGpgContext *) gpgctx, TRUE);
     g_mime_gpg_context_set_always_trust ((GMimeGpgContext *) gpgctx, FALSE);
@@ -57,12 +63,7 @@ notmuch_crypto_get_context (notmuch_crypto_t *crypto, const char *protocol)
      */
     if (strcasecmp (protocol, "application/pgp-signature") == 0 ||
 	strcasecmp (protocol, "application/pgp-encrypted") == 0) {
-	if (! crypto->gpgctx) {
-	    crypto->gpgctx = create_gpg_context (crypto->gpgpath);
-	    if (! crypto->gpgctx)
-		fprintf (stderr, "Failed to construct gpg context.\n");
-	}
-	cryptoctx = crypto->gpgctx;
+	cryptoctx = create_gpg_context (crypto);
     } else {
 	fprintf (stderr, "Unknown or unsupported cryptographic protocol.\n");
     }
-- 
2.5.0

[PATCH 2/8] crypto: make crypto ctx initialization an array

[David Bremner]

From: Jani Nikula <jani@nikula.org>

Make it trivial to add handlers for new protocols without duplicating
code. No functional changes.
---
 crypto.c | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/crypto.c b/crypto.c
index 1187ad7..f415abd 100644
--- a/crypto.c
+++ b/crypto.c
@@ -49,6 +49,7 @@ notmuch_crypto_context_t *
 notmuch_crypto_get_context (notmuch_crypto_t *crypto, const char *protocol)
 {
     notmuch_crypto_context_t *cryptoctx = NULL;
+    size_t i;
 
     if (! protocol) {
 	fprintf (stderr, "Cryptographic protocol is empty.\n");
@@ -61,14 +62,14 @@ notmuch_crypto_get_context (notmuch_crypto_t *crypto, const char *protocol)
      * parameter names as defined in this document are
      * case-insensitive."  Thus, we use strcasecmp for the protocol.
      */
-    if (strcasecmp (protocol, "application/pgp-signature") == 0 ||
-	strcasecmp (protocol, "application/pgp-encrypted") == 0) {
-	cryptoctx = create_gpg_context (crypto);
-    } else {
-	fprintf (stderr, "Unknown or unsupported cryptographic protocol.\n");
+    for (i = 0; i < ARRAY_SIZE (protocols); i++) {
+	if (strcasecmp (protocol, protocols[i].protocol) == 0)
+	    return protocols[i].get_context (crypto);
     }
 
-    return cryptoctx;
+    fprintf (stderr, "Unknown or unsupported cryptographic protocol.\n");
+
+    return NULL;
 }
 
 int
-- 
2.5.0

[PATCH 3/8] cli: let the user know which protocol is unknown or unsupported

[David Bremner]

From: Jani Nikula <jani@nikula.org>

The current error message is not helpful.
---
 crypto.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/crypto.c b/crypto.c
index f415abd..11c167e 100644
--- a/crypto.c
+++ b/crypto.c
@@ -67,7 +67,8 @@ notmuch_crypto_get_context (notmuch_crypto_t *crypto, const char *protocol)
 	    return protocols[i].get_context (crypto);
     }
 
-    fprintf (stderr, "Unknown or unsupported cryptographic protocol.\n");
+    fprintf (stderr, "Unknown or unsupported cryptographic protocol %s.\n",
+	     protocol);
 
     return NULL;
 }
-- 
2.5.0

[PATCH 4/8] test: initial tests for S/MIME and notmuch-emacs

[David Bremner]

Test the ability of notmuch-mua-mail to send S/MIME signed (and
encrypted) messages; this really relies on existing functionality in
message-mode.

The dependency on openssl to generate keys seems acceptable since
that's the method I got to work for smime signing in emacs.

The generated keys and messages will later be useful for testing the
notmuch CLI.
---
 test/T355-smime.sh             | 53 ++++++++++++++++++++++++++++++++++++++++++
 test/smime/openssl-ca-req.conf | 13 +++++++++++
 test/smime/openssl-req.conf    | 13 +++++++++++
 test/test-lib.el               | 10 ++++++++
 test/test-lib.sh               |  2 +-
 5 files changed, 90 insertions(+), 1 deletion(-)
 create mode 100755 test/T355-smime.sh
 create mode 100644 test/smime/openssl-ca-req.conf
 create mode 100644 test/smime/openssl-req.conf

diff --git a/test/T355-smime.sh b/test/T355-smime.sh
new file mode 100755
index 0000000..5f3ff12
--- /dev/null
+++ b/test/T355-smime.sh
@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+test_description='S/MIME signature verification and decryption'
+. ./test-lib.sh
+
+test_require_external_prereq openssl
+
+test_begin_subtest "Generate CA Cert"
+openssl genpkey -algorithm RSA -out ca.key -pass pass:test -des3 1024
+openssl req -new -x509 -key ca.key -passin pass:test \
+	-config $TEST_DIRECTORY/smime/openssl-ca-req.conf -out ca.crt
+test_expect_equal "$(openssl verify ca.crt | tail -1)" "OK"
+
+test_begin_subtest "Generate User Cert"
+openssl genpkey -algorithm RSA  -out smime.key 1024
+openssl req -config $TEST_DIRECTORY/smime/openssl-req.conf \
+	-new -key smime.key -passin pass:test -nodes \
+	-out smime.csr
+openssl x509 -req -in smime.csr -passin pass:test -CA ca.crt -CAkey ca.key -set_serial 1 -out test_suite.crt -setalias "Self Signed SMIME" -addtrust emailProtection -addreject clientAuth -addreject serverAuth -trustout
+# we need one file with the cert and private key
+cat test_suite.crt smime.key > test_suite.pem
+test_expect_equal "$(openssl verify -purpose smimesign -CAfile ca.crt test_suite.pem)" "test_suite.pem: OK"
+
+test_expect_success 'emacs delivery of S/MIME signed message' \
+     'emacs_fcc_message \
+     "test signed message 001" \
+     "This is a test signed message." \
+     "(mml-secure-message-sign \"smime\")"'
+
+# Hard code the MML to avoid several interactive questions
+test_expect_success 'emacs delivery of S/MIME encrypted + signed message' \
+'emacs_fcc_message \
+    "test encrypted message 001" \
+    "<#secure method=smime mode=signencrypt keyfile=\\\"test_suite.pem\\\" certfile=\\\"test_suite.pem\\\">\nThis is a test encrypted message.\n"'
+
+test_begin_subtest "Signature verification (openssl)"
+notmuch show --format=raw subject:"test signed message 001" |\
+    openssl smime -verify -CAfile ca.crt 2>OUTPUT
+cat <<EOF > EXPECTED
+Verification successful
+EOF
+test_expect_equal_file OUTPUT EXPECTED
+
+test_begin_subtest "Decryption and signature verification (openssl)"
+notmuch show --format=raw subject:"test encrypted message 001" |\
+    openssl smime -decrypt -recip test_suite.pem |\
+    openssl smime -verify -CAfile ca.crt 2>OUTPUT
+cat <<EOF > EXPECTED
+Verification successful
+EOF
+test_expect_equal_file OUTPUT EXPECTED
+
+test_done
diff --git a/test/smime/openssl-ca-req.conf b/test/smime/openssl-ca-req.conf
new file mode 100644
index 0000000..49572ee
--- /dev/null
+++ b/test/smime/openssl-ca-req.conf
@@ -0,0 +1,13 @@
+ [ req ]
+ distinguished_name     = req_distinguished_name
+ prompt                 = no
+
+
+ [ req_distinguished_name ]
+ C                      = OZ
+ ST                     = Munchkinlandia
+ L                      = Emerald City
+ O                      = Organization Name
+ OU                     = Dept. of Fake Certs
+ CN                     = Fast Eddies Certs and Chips
+ emailAddress           = fake-ca@example.com
diff --git a/test/smime/openssl-req.conf b/test/smime/openssl-req.conf
new file mode 100644
index 0000000..c6b9de7
--- /dev/null
+++ b/test/smime/openssl-req.conf
@@ -0,0 +1,13 @@
+ [ req ]
+ distinguished_name     = req_distinguished_name
+ prompt                 = no
+
+
+ [ req_distinguished_name ]
+ C                      = OZ
+ ST                     = Munchkinlandia
+ L                      = Emerald City
+ O                      = Not much organization
+ OU                     = Dept. of Testing
+ CN                     = Notmuch Test Suite
+ emailAddress           = test_suite@notmuchmail.org
diff --git a/test/test-lib.el b/test/test-lib.el
index 04c8d63..596a705 100644
--- a/test/test-lib.el
+++ b/test/test-lib.el
@@ -188,3 +188,13 @@ nothing."
 ;; environments
 
 (setq mm-text-html-renderer 'html2text)
+
+;; Set some variables for S/MIME tests.
+
+(setq smime-keys '(("" "test_suite.pem" nil)))
+
+(setq mml-smime-use 'openssl)
+
+;; all test keys are without passphrase
+(eval-after-load 'smime
+  '(defun smime-ask-passphrase (cache)  nil))
diff --git a/test/test-lib.sh b/test/test-lib.sh
index 0bf7163..198d2bb 100644
--- a/test/test-lib.sh
+++ b/test/test-lib.sh
@@ -1175,7 +1175,6 @@ test_C () {
     sed "s,${PWD},CWD,g"  OUTPUT.stdout OUTPUT.stderr > OUTPUT
 }
 
-
 # Creates a script that counts how much time it is executed and calls
 # notmuch.  $notmuch_counter_command is set to the path to the
 # generated script.  Use notmuch_counter_value() function to get the
@@ -1320,4 +1319,5 @@ test_declare_external_prereq emacs
 test_declare_external_prereq ${TEST_EMACSCLIENT}
 test_declare_external_prereq gdb
 test_declare_external_prereq gpg
+test_declare_external_prereq openssl
 test_declare_external_prereq ${NOTMUCH_PYTHON}
-- 
2.5.0

[PATCH 5/8] test: add broken S/MIME signature verification test for notmuch CLI

[David Bremner]

The test is pretty much cut and paste from the PGP/MIME version, with
obvious updates taken from notmuch output.  This also requires setting
up gpgsm infrastucture.
---
 test/T355-smime.sh | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
 test/test-lib.sh   |  1 +
 2 files changed, 51 insertions(+)

diff --git a/test/T355-smime.sh b/test/T355-smime.sh
index 5f3ff12..b3cc76e 100755
--- a/test/T355-smime.sh
+++ b/test/T355-smime.sh
@@ -3,7 +3,17 @@
 test_description='S/MIME signature verification and decryption'
 . ./test-lib.sh
 
+add_gpgsm_home ()
+{
+    local output
+    [ -d ${GNUPGHOME} ] && return
+    mkdir -m 0700 "$GNUPGHOME"
+    gpgsm --no-tty --import < test_suite.pem >"$GNUPGHOME"/import.log 2>&1
+    test_debug "cat $GNUPGHOME/import.log"
+}
+
 test_require_external_prereq openssl
+test_require_external_prereq gpgsm
 
 test_begin_subtest "Generate CA Cert"
 openssl genpkey -algorithm RSA -out ca.key -pass pass:test -des3 1024
@@ -21,6 +31,10 @@ openssl x509 -req -in smime.csr -passin pass:test -CA ca.crt -CAkey ca.key -set_
 cat test_suite.crt smime.key > test_suite.pem
 test_expect_equal "$(openssl verify -purpose smimesign -CAfile ca.crt test_suite.pem)" "test_suite.pem: OK"
 
+add_gpgsm_home
+
+FINGERPRINT=$(openssl x509 -fingerprint -in test_suite.crt -noout | sed -e 's/^.*=//' -e s/://g)
+
 test_expect_success 'emacs delivery of S/MIME signed message' \
      'emacs_fcc_message \
      "test signed message 001" \
@@ -41,6 +55,42 @@ Verification successful
 EOF
 test_expect_equal_file OUTPUT EXPECTED
 
+test_begin_subtest "signature verification (notmuch CLI)"
+test_subtest_known_broken
+output=$(notmuch show --format=json --verify subject:"test signed message 001" \
+    | notmuch_json_show_sanitize \
+    | sed -e 's|"created": [1234567890]*|"created": 946728000|' \
+	  -e 's|"expires": [1234567890]*|"expires": 424242424|' )
+expected='[[[{"id": "XXXXX",
+ "match": true,
+ "excluded": false,
+ "filename": "YYYYY",
+ "timestamp": 946728000,
+ "date_relative": "2000-01-01",
+ "tags": ["inbox","signed"],
+ "headers": {"Subject": "test signed message 001",
+ "From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
+ "To": "test_suite@notmuchmail.org",
+ "Date": "Sat, 01 Jan 2000 12:00:00 +0000"},
+ "body": [{"id": 1,
+ "sigstatus": [{"status": "good",
+ "fingerprint": "'$FINGERPRINT'",
+ "expires": 424242424,
+ "created": 946728000}],
+ "content-type": "multipart/signed",
+ "content": [{"id": 2,
+ "content-type": "text/plain",
+ "content": "This is a test signed message.\n"},
+ {"id": 3,
+  "content-length": 1930,
+  "content-transfer-encoding": "base64",
+  "content-type": "application/x-pkcs7-signature",
+  "filename": "smime.p7s"}]}]},
+ []]]]'
+test_expect_equal_json \
+    "$output" \
+    "$expected"
+
 test_begin_subtest "Decryption and signature verification (openssl)"
 notmuch show --format=raw subject:"test encrypted message 001" |\
     openssl smime -decrypt -recip test_suite.pem |\
diff --git a/test/test-lib.sh b/test/test-lib.sh
index 198d2bb..dff8c7a 100644
--- a/test/test-lib.sh
+++ b/test/test-lib.sh
@@ -1320,4 +1320,5 @@ test_declare_external_prereq ${TEST_EMACSCLIENT}
 test_declare_external_prereq gdb
 test_declare_external_prereq gpg
 test_declare_external_prereq openssl
+test_declare_external_prereq gpgsm
 test_declare_external_prereq ${NOTMUCH_PYTHON}
-- 
2.5.0

[PATCH 6/8] cli: crypto: S/MIME verification support

[David Bremner]

From: Jani Nikula <jani@nikula.org>

notmuch-show --verify will now also process S/MIME multiparts if
encountered. Requires gmime-2.6 and gpgsm.

Based on work by Jameson Graef Rollins <jrollins@finestructure.net>.
---
 crypto.c           | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
 notmuch-client.h   |  7 +++++--
 test/T355-smime.sh |  1 -
 3 files changed, 55 insertions(+), 3 deletions(-)

diff --git a/crypto.c b/crypto.c
index 11c167e..ce683d2 100644
--- a/crypto.c
+++ b/crypto.c
@@ -43,6 +43,51 @@ create_gpg_context (notmuch_crypto_t *crypto)
     return gpgctx;
 }
 
+/* Create a PKCS7 context (GMime 2.6) */
+static notmuch_crypto_context_t *
+create_pkcs7_context (notmuch_crypto_t *crypto)
+{
+    notmuch_crypto_context_t *pkcs7ctx;
+
+    if (crypto->pkcs7ctx)
+	return crypto->pkcs7ctx;
+
+    /* TODO: GMimePasswordRequestFunc */
+    pkcs7ctx = g_mime_pkcs7_context_new (NULL);
+    if (! pkcs7ctx) {
+	fprintf (stderr, "Failed to construct pkcs7 context.\n");
+	return NULL;
+    }
+    crypto->pkcs7ctx = pkcs7ctx;
+
+    g_mime_pkcs7_context_set_always_trust ((GMimePkcs7Context *) pkcs7ctx,
+					   FALSE);
+
+    return pkcs7ctx;
+}
+
+static const struct {
+    const char *protocol;
+    notmuch_crypto_context_t *(*get_context) (notmuch_crypto_t *crypto);
+} protocols[] = {
+    {
+	.protocol = "application/pgp-signature",
+	.get_context = create_gpg_context,
+    },
+    {
+	.protocol = "application/pgp-encrypted",
+	.get_context = create_gpg_context,
+    },
+    {
+	.protocol = "application/pkcs7-signature",
+	.get_context = create_pkcs7_context,
+    },
+    {
+	.protocol = "application/x-pkcs7-signature",
+	.get_context = create_pkcs7_context,
+    },
+};
+
 /* for the specified protocol return the context pointer (initializing
  * if needed) */
 notmuch_crypto_context_t *
@@ -81,5 +126,10 @@ notmuch_crypto_cleanup (notmuch_crypto_t *crypto)
 	crypto->gpgctx = NULL;
     }
 
+    if (crypto->pkcs7ctx) {
+	g_object_unref (crypto->pkcs7ctx);
+	crypto->pkcs7ctx = NULL;
+    }
+
     return 0;
 }
diff --git a/notmuch-client.h b/notmuch-client.h
index 1f82656..774b620 100644
--- a/notmuch-client.h
+++ b/notmuch-client.h
@@ -31,6 +31,8 @@
 #include <gmime/gmime.h>
 
 typedef GMimeCryptoContext notmuch_crypto_context_t;
+/* This is automatically included only since gmime 2.6.10 */
+#include <gmime/gmime-pkcs7-context.h>
 
 #include "notmuch.h"
 
@@ -69,6 +71,7 @@ typedef struct notmuch_show_format {
 
 typedef struct notmuch_crypto {
     notmuch_crypto_context_t* gpgctx;
+    notmuch_crypto_context_t* pkcs7ctx;
     notmuch_bool_t verify;
     notmuch_bool_t decrypt;
     const char *gpgpath;
@@ -406,8 +409,8 @@ struct mime_node {
 /* Construct a new MIME node pointing to the root message part of
  * message. If crypto->verify is true, signed child parts will be
  * verified. If crypto->decrypt is true, encrypted child parts will be
- * decrypted.  If crypto->gpgctx is NULL, it will be lazily
- * initialized.
+ * decrypted.  If the crypto contexts (crypto->gpgctx or
+ * crypto->pkcs7) are NULL, they will be lazily initialized.
  *
  * Return value:
  *
diff --git a/test/T355-smime.sh b/test/T355-smime.sh
index b3cc76e..caedf5e 100755
--- a/test/T355-smime.sh
+++ b/test/T355-smime.sh
@@ -56,7 +56,6 @@ EOF
 test_expect_equal_file OUTPUT EXPECTED
 
 test_begin_subtest "signature verification (notmuch CLI)"
-test_subtest_known_broken
 output=$(notmuch show --format=json --verify subject:"test signed message 001" \
     | notmuch_json_show_sanitize \
     | sed -e 's|"created": [1234567890]*|"created": 946728000|' \
-- 
2.5.0

[PATCH 7/8] debian: Recommend gpgsm for S/MIME support

[David Bremner]

From: Jameson Graef Rollins <jrollins@finestructure.net>

---
 debian/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/debian/control b/debian/control
index 4bc4cd9..05cd04f 100644
--- a/debian/control
+++ b/debian/control
@@ -31,7 +31,7 @@ Vcs-Browser: http://git.notmuchmail.org/git/notmuch
 Package: notmuch
 Architecture: any
 Depends: libnotmuch4 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}
-Recommends: notmuch-emacs | notmuch-vim | notmuch-mutt | alot,  gnupg-agent
+Recommends: notmuch-emacs | notmuch-vim | notmuch-mutt | alot,  gnupg-agent, gpgsm
 Description: thread-based email index, search and tagging
  Notmuch is a system for indexing, searching, reading, and tagging
  large collections of email messages in maildir or mh format. It uses
-- 
2.5.0

[PATCH 8/8] debian: add gpgsm as build dependency

[David Bremner]

It's not needed for the actual build, but it is needed to run
the SMIME tests.
---
 debian/control | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/control b/debian/control
index 05cd04f..37ecedd 100644
--- a/debian/control
+++ b/debian/control
@@ -22,6 +22,7 @@ Build-Depends:
  emacs23-nox | emacs23 (>=23~) | emacs23-lucid (>=23~),
  gdb [!s390x !ia64 !armel],
  dtach (>= 0.8),
+ gpgsm, 
  bash-completion (>=1.9.0~)
 Standards-Version: 3.9.6
 Homepage: http://notmuchmail.org/
-- 
2.5.0

Re: [PATCH 6/8] cli: crypto: S/MIME verification support

[Jani Nikula]

On Sun, 16 Aug 2015, David Bremner <david@tethera.net> wrote:
> From: Jani Nikula <jani@nikula.org>
>
> notmuch-show --verify will now also process S/MIME multiparts if
> encountered. Requires gmime-2.6 and gpgsm.
>
> Based on work by Jameson Graef Rollins <jrollins@finestructure.net>.
> ---
>  crypto.c           | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
>  notmuch-client.h   |  7 +++++--
>  test/T355-smime.sh |  1 -
>  3 files changed, 55 insertions(+), 3 deletions(-)
>
> diff --git a/crypto.c b/crypto.c
> index 11c167e..ce683d2 100644
> --- a/crypto.c
> +++ b/crypto.c
> @@ -43,6 +43,51 @@ create_gpg_context (notmuch_crypto_t *crypto)
>      return gpgctx;
>  }
>  
> +/* Create a PKCS7 context (GMime 2.6) */
> +static notmuch_crypto_context_t *
> +create_pkcs7_context (notmuch_crypto_t *crypto)
> +{
> +    notmuch_crypto_context_t *pkcs7ctx;
> +
> +    if (crypto->pkcs7ctx)
> +	return crypto->pkcs7ctx;
> +
> +    /* TODO: GMimePasswordRequestFunc */
> +    pkcs7ctx = g_mime_pkcs7_context_new (NULL);
> +    if (! pkcs7ctx) {
> +	fprintf (stderr, "Failed to construct pkcs7 context.\n");
> +	return NULL;
> +    }
> +    crypto->pkcs7ctx = pkcs7ctx;
> +
> +    g_mime_pkcs7_context_set_always_trust ((GMimePkcs7Context *) pkcs7ctx,
> +					   FALSE);
> +
> +    return pkcs7ctx;
> +}
> +
> +static const struct {
> +    const char *protocol;
> +    notmuch_crypto_context_t *(*get_context) (notmuch_crypto_t *crypto);
> +} protocols[] = {
> +    {
> +	.protocol = "application/pgp-signature",
> +	.get_context = create_gpg_context,
> +    },
> +    {
> +	.protocol = "application/pgp-encrypted",
> +	.get_context = create_gpg_context,
> +    },
> +    {
> +	.protocol = "application/pkcs7-signature",
> +	.get_context = create_pkcs7_context,
> +    },
> +    {
> +	.protocol = "application/x-pkcs7-signature",
> +	.get_context = create_pkcs7_context,
> +    },
> +};

The array itself should be added in patch 2 as it depends on it, and
this patch should only add the pkcs7 ones. I guess this got broken at
some rebase.

BR,
Jani.


> +
>  /* for the specified protocol return the context pointer (initializing
>   * if needed) */
>  notmuch_crypto_context_t *
> @@ -81,5 +126,10 @@ notmuch_crypto_cleanup (notmuch_crypto_t *crypto)
>  	crypto->gpgctx = NULL;
>      }
>  
> +    if (crypto->pkcs7ctx) {
> +	g_object_unref (crypto->pkcs7ctx);
> +	crypto->pkcs7ctx = NULL;
> +    }
> +
>      return 0;
>  }
> diff --git a/notmuch-client.h b/notmuch-client.h
> index 1f82656..774b620 100644
> --- a/notmuch-client.h
> +++ b/notmuch-client.h
> @@ -31,6 +31,8 @@
>  #include <gmime/gmime.h>
>  
>  typedef GMimeCryptoContext notmuch_crypto_context_t;
> +/* This is automatically included only since gmime 2.6.10 */
> +#include <gmime/gmime-pkcs7-context.h>
>  
>  #include "notmuch.h"
>  
> @@ -69,6 +71,7 @@ typedef struct notmuch_show_format {
>  
>  typedef struct notmuch_crypto {
>      notmuch_crypto_context_t* gpgctx;
> +    notmuch_crypto_context_t* pkcs7ctx;
>      notmuch_bool_t verify;
>      notmuch_bool_t decrypt;
>      const char *gpgpath;
> @@ -406,8 +409,8 @@ struct mime_node {
>  /* Construct a new MIME node pointing to the root message part of
>   * message. If crypto->verify is true, signed child parts will be
>   * verified. If crypto->decrypt is true, encrypted child parts will be
> - * decrypted.  If crypto->gpgctx is NULL, it will be lazily
> - * initialized.
> + * decrypted.  If the crypto contexts (crypto->gpgctx or
> + * crypto->pkcs7) are NULL, they will be lazily initialized.
>   *
>   * Return value:
>   *
> diff --git a/test/T355-smime.sh b/test/T355-smime.sh
> index b3cc76e..caedf5e 100755
> --- a/test/T355-smime.sh
> +++ b/test/T355-smime.sh
> @@ -56,7 +56,6 @@ EOF
>  test_expect_equal_file OUTPUT EXPECTED
>  
>  test_begin_subtest "signature verification (notmuch CLI)"
> -test_subtest_known_broken
>  output=$(notmuch show --format=json --verify subject:"test signed message 001" \
>      | notmuch_json_show_sanitize \
>      | sed -e 's|"created": [1234567890]*|"created": 946728000|' \
> -- 
> 2.5.0

Re: [PATCH 8/8] debian: add gpgsm as build dependency

[Daniel Kahn Gillmor]

On Sun 2015-08-16 13:41:16 -0400, David Bremner wrote:
> It's not needed for the actual build, but it is needed to run
> the SMIME tests.
> ---
>  debian/control | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/debian/control b/debian/control
> index 05cd04f..37ecedd 100644
> --- a/debian/control
> +++ b/debian/control
> @@ -22,6 +22,7 @@ Build-Depends:
>   emacs23-nox | emacs23 (>=23~) | emacs23-lucid (>=23~),
>   gdb [!s390x !ia64 !armel],
>   dtach (>= 0.8),
> + gpgsm, 
>   bash-completion (>=1.9.0~)
>  Standards-Version: 3.9.6
>  Homepage: http://notmuchmail.org/
> -- 
> 2.5.0
>

Apparently you can now indicate that the build-dep is only necessary for
tests with <!nocheck>, like so:

--- a/debian/control
+++ b/debian/control
@@ -22,6 +22,7 @@ Build-Depends:
  emacs23-nox | emacs23 (>=23~) | emacs23-lucid (>=23~),
  gdb [!s390x !ia64 !armel],
  dtach (>= 0.8),
+ gpgsm <!nocheck>, 
  bash-completion (>=1.9.0~)
 Standards-Version: 3.9.6
 Homepage: http://notmuchmail.org/


See
https://wiki.debian.org/BuildProfileSpec#Build-Depends_syntax_extension_.28restriction_formulas.29
for more details.

    --dkg