We try this only for leaf parts that are explicitly marked as Content-Type: text/*, since we don't want to accidentally match on any other weird part that happens to contain the magic string, or on the payload child of a multipart/encrypted part. Of course, this only works for GMime 3.0 and later, because of how we're detecting the presence of the OpenPGP inline encrypted blob. --- mime-node.c | 4 ++ test/T359-inline-pgp-decryption.sh | 97 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 101 insertions(+) create mode 100755 test/T359-inline-pgp-decryption.sh diff --git a/mime-node.c b/mime-node.c index 973133d9..3c94bb62 100644 --- a/mime-node.c +++ b/mime-node.c @@ -325,6 +325,10 @@ _mime_node_create (mime_node_t *parent, GMimeObject *part) } else { node_verify (node, part, cryptoctx); } +#if (GMIME_MAJOR_VERSION >= 3) + } else if (GMIME_IS_TEXT_PART (part) && g_mime_part_get_openpgp_data (GMIME_PART (part)) == GMIME_OPENPGP_DATA_ENCRYPTED) { + node_decrypt_and_verify (node, part, cryptoctx); +#endif } return node; diff --git a/test/T359-inline-pgp-decryption.sh b/test/T359-inline-pgp-decryption.sh new file mode 100755 index 00000000..c0db8eaf --- /dev/null +++ b/test/T359-inline-pgp-decryption.sh @@ -0,0 +1,97 @@ +#!/usr/bin/env bash + +test_description='Decryption of inline PGP messages' +. $(dirname "$0")/test-lib.sh || exit 1 + +################################################## + +add_gnupg_home + +test_begin_subtest "Adding inline PGP encrypted message" +mkdir -p "$MAIL_DIR/cur" +cat <<EOF > "$MAIL_DIR/cur/inline-pgp-encrypted.eml" +Message-Id: inline-pgp-encrypted@testsuite.notmuchmail.org +Content-Type: text/plain +Subject: inline PGP encrypted message +Date: Sat, 01 Jan 2000 12:00:00 +0000 +From: test_suite@notmuchmail.org +To: test_suite@notmuchmail.org + +$(echo "this is the sekrit message" | gpg --no-tty --batch --quiet --trust-model=always --encrypt --armor --recipient test_suite@notmuchmail.org) +EOF +test_expect_success 'notmuch new' + +test_begin_subtest "inline PGP decryption, --format=json" +test_subtest_broken_gmime_2 +output=$(notmuch show --format=json --decrypt=true id:inline-pgp-encrypted@testsuite.notmuchmail.org \ + | notmuch_json_show_sanitize) +expected=' + [[[{"body": [{ + "content": "this is the sekrit message\n", + "content-type": "text/plain", + "encstatus": [{"status": "good" }], + "id": 1 + }], + "date_relative": "2000-01-01", + "excluded": false, + "filename": ["YYYYY"], + "headers": { + "Date": "Sat, 01 Jan 2000 12:00:00 +0000", + "From": "test_suite@notmuchmail.org", + "Subject": "inline PGP encrypted message", + "To": "test_suite@notmuchmail.org" + }, + "id": "XXXXX", + "match": true, + "tags": ["inbox", "unread"], + "timestamp": 946728000 + }, + []]]]' + +test_expect_equal_json \ + "$output" \ + "$expected" + +test_begin_subtest "inline PGP decryption for reply" +test_subtest_broken_gmime_2 +output=$(notmuch reply --format=json --decrypt=true id:inline-pgp-encrypted@testsuite.notmuchmail.org \ + | notmuch_json_show_sanitize) +expected=' + {"original": {"body": [{ + "content": "this is the sekrit message\n", + "content-type": "text/plain", + "encstatus": [{"status": "good" }], + "id": 1 + }], + "date_relative": "2000-01-01", + "excluded": false, + "filename": ["YYYYY"], + "headers": { + "Date": "Sat, 01 Jan 2000 12:00:00 +0000", + "From": "test_suite@notmuchmail.org", + "Subject": "inline PGP encrypted message", + "To": "test_suite@notmuchmail.org" + }, + "id": "XXXXX", + "match": false, + "tags": ["inbox", "unread"], + "timestamp": 946728000 + }, + "reply-headers": { + "From": "Notmuch Test Suite <test_suite@notmuchmail.org>", + "In-reply-to": "<inline-pgp-encrypted@testsuite.notmuchmail.org>", + "References": "<inline-pgp-encrypted@testsuite.notmuchmail.org>", + "Subject": "Re: inline PGP encrypted message" + } +}' + +test_expect_equal_json \ + "$output" \ + "$expected" + +test_begin_subtest "searching for cleartext of inline PGP encrypted message should fail" +output=$(notmuch search 'sekrit') +expected='' +test_expect_equal "$output" "$expected" + +test_done -- 2.15.1 _______________________________________________ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch