From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id BBC2D6DE0229 for ; Sat, 30 Jun 2018 08:31:27 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: 0.409 X-Spam-Level: X-Spam-Status: No, score=0.409 tagged_above=-999 required=5 tests=[AWL=-0.405, DATE_IN_PAST_12_24=0.804, RCVD_IN_DNSWL_NONE=-0.0001, T_SPF_PERMERROR=0.01] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oKYdnNUROF3Y for ; Sat, 30 Jun 2018 08:31:25 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTPS id C816B6DE021A for ; Sat, 30 Jun 2018 08:31:25 -0700 (PDT) Received: from fifthhorseman.net (cpe-74-71-53-242.nyc.res.rr.com [74.71.53.242]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 303E1F99F; Sat, 30 Jun 2018 11:31:22 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 77F37204BD; Fri, 29 Jun 2018 22:17:57 -0400 (EDT) From: Daniel Kahn Gillmor To: David Bremner , Notmuch Mail Subject: Re: [PATCH 10/20] cli/show: add tests for viewing protected headers In-Reply-To: <87h8lrhcsf.fsf@tethera.net> References: <20180511055544.13676-1-dkg@fifthhorseman.net> <20180511055544.13676-11-dkg@fifthhorseman.net> <87h8lrhcsf.fsf@tethera.net> Date: Fri, 29 Jun 2018 22:17:57 -0400 Message-ID: <87bmbtow4q.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Jun 2018 15:31:27 -0000 On Sun 2018-06-24 22:31:44 -0300, David Bremner wrote: > Daniel Kahn Gillmor writes: > >> + >> +# TODO: >> +# * check S/MIME as well as PGP/MIME > > Decrypting S/MIME would be good first step. Or is the feature there > (with gmime 3.0?) but tests missing? because T355-smime says there is no > S/MIME decryption. agreed, though you could argue that S/MIME signatures are relevant to the cryptographic envelope, even without decryption. regardless, i think that's orthogonal to this series, so i'm not going to try to address it now. >> +# * process headers protected by signature > >> + >> +test_description='Message decryption with protected headers' >> +. $(dirname "$0")/test-lib.sh || exit 1 >> + >> +################################################## >> + >> +add_gnupg_home >> +# Change this if we ship a new test key >> +FINGERPRINT="5AEAB11F5E33DCE875DDB75B6D92612D94E46381" > > I wonder if it would be reasonable for add_gnupg_home to define FINGERPRINT fine with me, i'll include that in the upcoming revised series. >> + >> +add_email_corpus protected-headers >> + >> +test_begin_subtest "verify protected header is not visible without decryption" >> +output=$(notmuch show --format=json id:protected-header@crypto.notmuchmail.org) >> +test_json_nodes <<<"$output" \ >> + 'no_crypto:[0][0][0]!"crypto"' \ >> + 'subject:[0][0][0]["headers"]["Subject"]="encrypted message"' > > maybe a pointer to where to find the docs for the json test syntax. I'll stick a pointer in lib/test-lib.sh's definition of test_json_nodes() because you suggest it, but i think it would be out of place to do it here in a specifis test. --dkg