From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id cB6/GzwbU2ER6AAAgWs5BA (envelope-from ) for ; Tue, 28 Sep 2021 15:40:12 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id +BpJFzwbU2GWSAAAbx9fmQ (envelope-from ) for ; Tue, 28 Sep 2021 13:40:12 +0000 Received: from mail.notmuchmail.org (nmbug.tethera.net [IPv6:2607:5300:201:3100::1657]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 802B2333B4 for ; Tue, 28 Sep 2021 15:40:11 +0200 (CEST) Received: from nmbug.tethera.net (localhost [127.0.0.1]) by mail.notmuchmail.org (Postfix) with ESMTP id 7187220678; Tue, 28 Sep 2021 09:40:07 -0400 (EDT) Received: from lahtoruutu.iki.fi (lahtoruutu.iki.fi [185.185.170.37]) by mail.notmuchmail.org (Postfix) with ESMTPS id E137E20532 for ; Tue, 28 Sep 2021 09:40:03 -0400 (EDT) Received: from guru.guru-group.fi (unknown [IPv6:2a02:2380:1:9:5054:ff:feb7:a4bc]) (using TLSv1.2 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: too) by lahtoruutu.iki.fi (Postfix) with ESMTPSA id 24A7A1B001C6; Tue, 28 Sep 2021 16:40:01 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=lahtoruutu; t=1632836401; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=BZqYcM6ssT04rx5WSNFX+ycOonhpO9qmGpO0R8s5wSs=; b=Xh67uPA7R+IJ7GmDlF+7rHkoc7ue9o6XioOTkjzP2IuBOBoOF0DQG3R8zj35h1FgKHZGzT jt0K8DJbYB7kPTl7PIJ1QOOL6elWwzJXoHliVSVUai4g9fNQNaaWn3uuGeb+leA3fYGLMG zpX6TmXFntXrsi/ax1D9iGyxriU0ov92UzZNigAQwzhuPZDRQQEREz12fFa/rvLsZ3tzpM IOg8MkabZ4E5EP0ueBFOYHpqb+PJLyMVz4RwZqONNKGJxSuFafTjrlHUCZzRh4zhiK8JuC 1hc/tz36jfUq/b8LcV2+EzZRKGubcrf2VN9ulBvI1tVPRgPgrsZ1RXf2GNx5uA== From: Tomi Ollila To: David Bremner , notmuch@notmuchmail.org Subject: Re: [PATCH] test/T355-smime: Use key as exported by gpgsm In-Reply-To: <20210928015522.2146200-1-david@tethera.net> References: <20210928015522.2146200-1-david@tethera.net> User-Agent: Notmuch/0.33+54~gcaf4513 (https://notmuchmail.org) Emacs/27.1 X-Face: HhBM'cA~ MIME-Version: 1.0 ARC-Seal: i=1; s=lahtoruutu; d=iki.fi; t=1632836401; a=rsa-sha256; cv=none; b=qtbcHXHEnLZ0TN7NcVCms/lBGdzgkjvNyw6Da6Ezexx1IbkSHhCbHgwRlx6cb53FMCjJKB 7z8dXNW7ZI7MUkhBagjVWcxU3jZsbOif5FT9TvqDTENmNOlxHPNTxYnQIl5INxcz5i2aKJ IN5rdh0Za4WNH2t3PSXaRWidI4TOE+PzLzz9m6+C/7avqrRoi0E12cBqIzsukBgFeD9i3k TTBWaPf8PLAMqYJKcCSSBbjvhZ9AhXYD8wS+kG1vdeiEHf1nNZzz2txToPwgU7s76He5nz m4931hp4gqY1IFOvx/XOmN1om+7G29BiCom8pF/k3xFPd7Dm7ivCvvDFg6jO7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=lahtoruutu; t=1632836401; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=BZqYcM6ssT04rx5WSNFX+ycOonhpO9qmGpO0R8s5wSs=; b=ApkyRR/4UIv7DUjtSWtrR8vkpJ1YcGnSngNAltxTyH/uJ1A0WgJBroXfeG+zcxffUBDd5B bH3zoGb2l9yCS6fLR3aXW9fryPlV56XFfzcVi//3a/3hn6EfhmGWvizu56Pm4/xFPakIrv xVWkkZlRIKYcJjPzeoxR8V8E6GLQUiLAW9z6ZeSj32YPBdIy7lk+8C+U9fRavWzafuVgp4 pDlVZdaYxNNLQboGGs5rdbVq2YGvMh+clLQ/gCUTQ2j79mLdDkbAavtTwmtJjeksb0AGHq aw9n8OitymhgOUQ/OceCbnUN5zD7LlE2BioWSUGM02DmSbFqnXDno5rZ2vaaeQ== ARC-Authentication-Results: i=1; ORIGINATING; auth=pass smtp.auth=too smtp.mailfrom=tomi.ollila@iki.fi Message-ID-Hash: LSQ5RP73NZTJ5UBRNBH3FJ4B7N4BNZAR X-Message-ID-Hash: LSQ5RP73NZTJ5UBRNBH3FJ4B7N4BNZAR X-MailFrom: tomi.ollila@iki.fi X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-notmuch.notmuchmail.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.1 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Help: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1632836412; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=H5wt1INloGy9UKvmFv7lp4mcxkcey4YdlCi7/Dpy59I=; b=Uczw2oOR55Ul+Cko43jA2qgQUGx7wg33D3lCDuXE5rFxVTR7taN4m30pjs4t2MRjqt8jkx SaEpMDJ9/m7hWC1A8ydygG3QL2UD2Z60jSKcblEsWlaMHE+S29EcC3an6UoLvUEwnutD2r IGMkR5jO9Bnau8QBrtXFhNe791Cz+LGMizEaV/G4dLvtzBg4+jgruHxr+1XQ5tJGEGqx9T ZJmPM3ApZ6mDCsOsz987bqm8nZUiHFwfrlpy04274XikybT5ZQXtKR0r1+WLu2+eq8vYxI x8UHuxfpns2Z26Iu9ekjQ/RoPjyOXDvhdMIaRwvjWMHEZRsRw2Dyw8F3gxBDxw== ARC-Seal: i=2; s=key1; d=yhetil.org; t=1632836412; a=rsa-sha256; cv=fail; b=CBFIR72aj4Kvut1coWCuYSS14qEZRhJxleQYeDySwVc1XyfuoFomoBM6fsfTKhYAW+3dv+ NM0qrz385wT67rtRMRORME790bWUZhLhmo+OlI+khrVpdsid9567jPq2dhbzQIGygWLZJo 78Gg5TMk6C/HdWrCYO25OeT9uL7QA3QaM+rJDo48nJ2uAUS2SWwU+IFnvnKPhxbrObI2hi P0+xPkeDqCj3d0jBP4XAvvEegHduzgM7ETQKqEf6Y+0aa50Y3r4QUO+8BHEf/TGI6esFS8 RHOevMZcZcJnWY3R5bQwoVkhBTHrvHkHz9YbCd5fh4i8zs+13fccMK3heusK5g== ARC-Authentication-Results: i=2; aspmx1.migadu.com; dkim=fail ("body hash did not verify") header.d=iki.fi header.s=lahtoruutu header.b=Xh67uPA7; arc=reject ("signature check failed: fail, {[1] = sig:iki.fi:reject}"); dmarc=none; spf=pass (aspmx1.migadu.com: domain of notmuch-bounces@notmuchmail.org designates 2607:5300:201:3100::1657 as permitted sender) smtp.mailfrom=notmuch-bounces@notmuchmail.org X-Migadu-Spam-Score: 0.93 Authentication-Results: aspmx1.migadu.com; dkim=fail ("body hash did not verify") header.d=iki.fi header.s=lahtoruutu header.b=Xh67uPA7; arc=reject ("signature check failed: fail, {[1] = sig:iki.fi:reject}"); dmarc=none; spf=pass (aspmx1.migadu.com: domain of notmuch-bounces@notmuchmail.org designates 2607:5300:201:3100::1657 as permitted sender) smtp.mailfrom=notmuch-bounces@notmuchmail.org X-Migadu-Queue-Id: 802B2333B4 X-Spam-Score: 0.93 X-Migadu-Scanner: scn0.migadu.com X-TUID: Ykd8O1BNywEA On Mon, Sep 27 2021, David Bremner wrote: > As reported in id:87h7pxiek3.fsf@tethera.net, the previous version of > the test is flaky. There is some so-far undebugged interaction between > openssl and gpgsm that causes the keys to fail to import. As a > potential workaround, use the key as exported by gpgsm, and eliminate > openssl from this particular pipeline. The change looks tolerable to me (and your test run sounds convincing) ;D Tomi > --- > test/smime/0xE0972A47.p12 | 62 +++++++++++++++++++++++++++++++++++++++ > test/test-lib.sh | 6 ++-- > 2 files changed, 64 insertions(+), 4 deletions(-) > create mode 100644 test/smime/0xE0972A47.p12 > > diff --git a/test/smime/0xE0972A47.p12 b/test/smime/0xE0972A47.p12 > new file mode 100644 > index 00000000..2c4a6d17 > --- /dev/null > +++ b/test/smime/0xE0972A47.p12 > @@ -0,0 +1,62 @@ > +Issuer ...: /CN=Notmuch Test Suite > +Serial ...: 6F748C94BD0C67A9 > +Subject ..: /CN=Notmuch Test Suite > + aka ..: test_suite@notmuchmail.org > +Keygrip ..: 1727B9C7108D50333614F3B1DD0807F624B31130 > + > +-----BEGIN PKCS12----- > +MIIJ+AIBAzCCCb4GCSqGSIb3DQEHAaCCCa8EggmrMIIJpzCCBAcGCSqGSIb3DQEH > +BqCCA/gwggP0AgEAMIID7QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIcfMY > +MS7tOpcCAggAgIIDwFu7ZRNrXCb0eKei44aeBZPRs9YI/5EpMcFuc8j4/8T1HkIt > +GuRe/HzRmoiLZcAMOzGC/hF8TkHlNeUZ7rOSpCg4UlBVWJS6avTMHHsakDvTV/7q > +X5VNi4pLUuyEToGTAPHV+s5P/gYYG6mFPkwG/pDDlAcgMhgtuPY/lQp6IS/E6CaR > +fhcnQiPq9ySTqO7UNwIyMwtAtSHkgBaje8UbOkQch4lg51i97rm9m4EMvklKtjXc > +Ud4aTEuoZguPmdBdLvF5QxqJf6Bm9lHa1Awhru2gBWQf9TjX8bwK9Xsv8G6gPOwc > +LVpIR9fMZtgBbc+heeJTjfn6VqEy881ckbkz+38hiN3pbLMuATM7QAY3u3N4whM6 > +Hmfyl3iqba84Pl93zaUzqazAUeFdqcqSpAUGkS4gU6klr9qi3NicaGbry1DySYU7 > +2h4xy3j7eiHxqdWaibdPoBC8CEbPaFj2qnOVsZykxG6zPvbEB+5sJ/a+T6xm1Btx > +N6vXR7ObbXlpC4pRkS32ehuRbY6wc6H2KKepOMCu7x10tN0Up5ccNxvkT26QIrEE > +LW296ijCLbsRhWymDtopWAZHcXXIu0fJ4tocSp2c3lojSEYu1jlMXR+Pa4R8EtgZ > +lb5+NqISxjUlMMWzGDyhrp9ImcsZmpv6N8zPcZVyU+M1/h+p9ur/IOVZU9P1vIKy > +kcM4pslr0JhLfnZCLZ+3Ux1yKAcndGZFPb1vZ83jyZKR38BVSGu53ODaBJBqSMHu > +Mv2Na/qzvQBSVJuWF9cAhiVd7v9R/EvT0zmljN4w7l4EXsB5wRsO1wvlL+MhwaET > +dIHbRH2GD3gERX6oTc3t3cgritVePk70rCxQDxn5zUbjW7dNIlIobAumLHBfgSxR > +QCE6gxdTm5MW2O9hnfTSQvliVaGU1gd0M3BRiqeNpPPxnloGKnOEODM381F4HxyR > +CzO2r/2aKJP+U5HxSf4cljp3/Lripxykzfqc9/xZshl+jGixsSSm+Ul916Hpj2Rt > +j9vHg4H9YfJTGdvzxZcvZCvNSy3ygtjx0++SrI5hGHKjpVJIK2/9Wi39q5s6LkiA > +RCjvuoBBcQXm++69X7QGWSsGFtwerCGnq3nAxGpHVKVGTvFYMAg6y1RR0zvE0SuM > +MZegD8w45QyrmiPqSRM7/RtqVdA+r/wiJwWerUBq+mrCvJHB2NRcjiUiCJY1bjRU > +ATMfB0uZaNInUXiLDGxp2mdBgdFVq7sYTbq+OvprzxeAjIvodxl3J9ThvJnt1fzK > +RPCJw5COI60ibE3XTTCCBZgGCSqGSIb3DQEHAaCCBYkEggWFMIIFgTCCBX0GCyqG > +SIb3DQEMCgECoIIE7jCCBOowHAYKKoZIhvcNAQwBAzAOBAiEe8CcxIIv9wICCAAE > +ggTIujut93lYPUsKc/JNhZhUWS/RHHog6d8ZAjpFvXpyD8Z2z4A4PpgIn8eUSRW5 > +Gwp8izR+16Tj3ht52pJ5Y1x27/S3l3sDlekEZ/33X/AdLFWAXbcibmwtRea1ucKZ > +ze3DJM7CvuRvVSBG8XubPGi3pZkEjHBGQqgtsTnxlBp0PXl7wxfyT7F6gOH2DGYP > +bYzNa2fnY8twEcUYhuksI/eh9Zwj9TrF0HWq1hwp0tDCfqutzshSX2GQ/p0raL3B > +C2stHBjl0OVUfDHpqQ5OJWbQvGcJntECqu4gmSJohunObaUKcN8xs+FzB5czpmsT > +W/pyR58nc8QhTttByqZN3EerhEogWDZj4tQ6dK8p6bqLO/0qqBehZGchfof5Evwj > +VFsvVGD8xVLQWWAFnrQs5+U56NQEbmZzN5RCI7FEK2VVOeG03dpXyoAQyxuYrsYU > +3znmoSleIqDDBFD21YePUcJZ0R8AQsvgV11tdwPWqr1hk0bIazLQ9rappGrTgkK8 > +DFdQKSH1dRvjqtbuDyY7j5PXXJTXthVv9T9N7Vp6qU+pWBQ1Mz30J+fHX2ilEnbi > +tQ49hwt1+/2Zkmwz3reoEnxYOKzCg/ySIpQ27/Hx4xZ+ecEzX/0IxCkHeAV3V3bB > +1z8wFxWEh1s9hL6C8lRk/wQ9KsKaxM7BdLw7RjiqEwR4HgeCqMPdCVQQpILARDC8 > +Poz8xUmjv7HyIvvyBUP12YdIj74Jjj0Mm2r/FDj7nsXxkjXMZEMMKK3oVaAMq8Bd > +cO4VQXDd7bgNzLF9PKxWNjoCuQcPJXwMPqlFoc06BLPstEaR4enafv0Pd4l0pyME > +YgezyVW+3yFEsbbB2UUs0r7oqxsDFU9/iHf8O3nu3NuKTJkux4uMlOTBKsm6sY7k > +GduP2UA+WU27jHrf4zQQbkDLG1lJFfcaKzlcOmz5B9iZwugBz9Y28w5f2/12Kqrh > +4tibFBUG0E85KAb1wnFUNUx06OMX229U1M0E1LHbcUJ9mcRipONPVn0FRi8XzaLK > +023XRoihuoWhVUiB1OJ2eZW1JnUYRztfa3nfmGjXv4VGkxYlnTkE9z0PAAhf6t5A > +7Ir0y1JUeOlBITTcojOp6qQ8tMQQ5wRk1oncHiw3WwJvFN6fOa9Q/+4ZmULHz0vV > +Xl+Qio8B7/4jqZoT4e/gK6U/zHriznLzqp63LjP47eFRXTfuXslaCt7YF75Mq2J6 > +VPA+qfYRw0K5BvDUkr8c+nLP2AiDaEYVBHGdBRTlWO9UkcB1F4cuZZiU5MZbxVrb > +Db+zGWW6AT+4XTO4z9KmAqgTTv1+BQrLxNI+RG8JfQapUKQyB794F4kXK2yhd1P3 > +XS9cwh24COiqbOpI1nB5qn7cn4RRHW156LWGF+VJFdxR6Wu3vZx/kZGevG9o1ARF > +z1l9mbGyhwnUJO1EQwjbppvRou1bZuNbuRgLmHKEVPAv+J+7hLXZAnRdwoV0x91t > +bpmy4qyxA/90DHguIhRVcKsYBrdShY7LXdZArECBhMY9R41D6v1yyhC6fL6PKR5g > +DaluN2K9TBALzZH7NnNdE14l+56+kLc9Fq8JXsq3rxdeBTsNl09fHPf9w5VLkq4I > +doNcPPlta0Q0xJNa/RYENCJpAMZdMFIJ558uMXwwVQYJKoZIhvcNAQkUMUgeRgBH > +AG4AdQBQAEcAIABlAHgAcABvAHIAdABlAGQAIABjAGUAcgB0AGkAZgBpAGMAYQB0 > +AGUAIABlADAAOQA3ADIAYQA0ADcwIwYJKoZIhvcNAQkVMRYEFGFvRs1zg0xjhHdW > +rw37ZKbglypHMDEwITAJBgUrDgMCGgUABBSluQBa+tVpYVYmB/zAZuPE9NnargQI > +XWSQTDEONWgCAggA > +-----END PKCS12----- > diff --git a/test/test-lib.sh b/test/test-lib.sh > index dc4962f5..32f710a5 100644 > --- a/test/test-lib.sh > +++ b/test/test-lib.sh > @@ -143,10 +143,8 @@ add_gpgsm_home () { > _gnupg_exit () { gpgconf --kill all 2>/dev/null || true; } > at_exit_function _gnupg_exit > mkdir -p -m 0700 "$GNUPGHOME" > - openssl pkcs12 -export -passout pass: -inkey "$NOTMUCH_SRCDIR/test/smime/key+cert.pem" \ > - < "$NOTMUCH_SRCDIR/test/smime/test.crt" | \ > - gpgsm --batch --no-tty --no-common-certs-import --pinentry-mode=loopback --passphrase-fd 3 \ > - --disable-dirmngr --import >"$GNUPGHOME"/import.log 2>&1 3<<<'' > + gpgsm --batch --no-tty --no-common-certs-import --pinentry-mode=loopback --passphrase-fd 3 \ > + --disable-dirmngr --import >"$GNUPGHOME"/import.log 2>&1 3<<<'' <$NOTMUCH_SRCDIR/test/smime/0xE0972A47.p12 > fpr=$(gpgsm --batch --list-key test_suite@notmuchmail.org | sed -n 's/.*fingerprint: //p') > echo "$fpr S relax" >> "$GNUPGHOME/trustlist.txt" > gpgsm --quiet --batch --no-tty --no-common-certs-import --disable-dirmngr --import < $NOTMUCH_SRCDIR/test/smime/ca.crt > -- > 2.33.0 > _______________________________________________ > notmuch mailing list -- notmuch@notmuchmail.org > To unsubscribe send an email to notmuch-leave@notmuchmail.org