If you've got a notmuch dump that includes stashed session keys for every decrypted message, and you've got your message archive, you should be able to get back to the same index that you had before. Here we add a simple test that give some flavor of how that works. --- test/T357-index-decryption.sh | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/test/T357-index-decryption.sh b/test/T357-index-decryption.sh index 22e716c6..11ea2074 100755 --- a/test/T357-index-decryption.sh +++ b/test/T357-index-decryption.sh @@ -156,6 +156,37 @@ test_expect_equal \ "$output" \ "$expected" +add_email_corpus crypto + +test_begin_subtest "indexing message fails when secret key not available" +notmuch reindex --try-decrypt id:simple-encrypted@crypto.notmuchmail.org +output=$(notmuch dump ) +expected='#notmuch-dump batch-tag:3 config,properties,tags ++encrypted +inbox +unread -- id:simple-encrypted@crypto.notmuchmail.org +#= simple-encrypted@crypto.notmuchmail.org index.decryption=failure' +test_expect_equal \ + "$output" \ + "$expected" + +test_begin_subtest "cannot find cleartext index" +output=$(notmuch search sekrit) +expected='' +test_expect_equal \ + "$output" \ + "$expected" + +test_begin_subtest "cleartext index recovery on reindexing with stashed session keys" +notmuch restore <<EOF +#notmuch-dump batch-tag:3 config,properties,tags +#= simple-encrypted@crypto.notmuchmail.org session-key=9%3AFC09987F5F927CC0CC0EE80A96E4C5BBF4A499818FB591207705DFDDD6112CF9 +EOF +notmuch reindex --try-decrypt id:simple-encrypted@crypto.notmuchmail.org +output=$(notmuch search sekrit) +expected='thread:0000000000000001 2016-12-22 [1/1] Daniel Kahn Gillmor; encrypted message (encrypted inbox unread)' +test_expect_equal \ + "$output" \ + "$expected" + # TODO: test removal of a message from the message store between # indexing and reindexing. -- 2.14.2 _______________________________________________ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch