This allows MUAs that don't want to think about per-mime-part cryptographic status to have a simple high-level overview of the message's cryptographic state. Sensibly structured encrypted and/or signed messages will work fine with this. The only requirement for the simplest encryption + signing is that the message have all of its encryption and signing protection (the "cryptographic envelope") in a contiguous set of MIME layers at the very outside of the message itself. This is because messages with some subparts signed or encrypted, but with other subparts with no cryptographic protection is very difficult to reason about, and even harder for the user to make sense of or work with. For further characterization of the Cryptographic Envelope and some of the usability tradeoffs, see here: https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope --- devel/schemata | 18 ++++++++++++++++++ notmuch-show.c | 29 +++++++++++++++++++++++++++++ test/T350-crypto.sh | 17 +++++++++++++---- test/T355-smime.sh | 5 +++-- 4 files changed, 63 insertions(+), 6 deletions(-) diff --git a/devel/schemata b/devel/schemata index 42b1bcf3..33633ab3 100644 --- a/devel/schemata +++ b/devel/schemata @@ -33,6 +33,8 @@ v3 v4 - replace signature error integer bitmask with a set of flags for individual errors. +- (notmuch 0.29) added message.crypto to identify overall message + cryptographic state Common non-terminals -------------------- @@ -73,9 +75,25 @@ message = { tags: [string*], headers: headers, + crypto?: crypto, # omitted if crypto disabled, or if no part was signed or encrypted. body?: [part] # omitted if --body=false } +# when showing the message, was any or all of it decrypted? +msgdecstatus: "full"|"partial" + +# The overall cryptographic state of the message as a whole: +crypto = { + signed?: { + status: sigstatus, + # was the set of signatures described under encrypted cover? + encrypted: bool, + }, + decrypted?: { + status: msgdecstatus, + } +} + # A MIME part (format_part_sprinter) part = { id: int|string, # part id (currently DFS part number) diff --git a/notmuch-show.c b/notmuch-show.c index b95fc389..c5a814ad 100644 --- a/notmuch-show.c +++ b/notmuch-show.c @@ -628,6 +628,35 @@ format_part_sprinter (const void *ctx, sprinter_t *sp, mime_node_t *node, format_part_sprinter (ctx, sp, mime_node_child (node, 0), true, include_html); sp->end (sp); } + + if (notmuch_format_version >= 4) { + const _notmuch_message_crypto_t *msg_crypto = mime_node_get_message_crypto_status (node); + if (msg_crypto->sig_list || + msg_crypto->decryption_status != NOTMUCH_MESSAGE_DECRYPTED_NONE) { + sp->map_key (sp, "crypto"); + sp->begin_map (sp); + if (msg_crypto->sig_list) { + sp->map_key (sp, "signed"); + sp->begin_map (sp); + sp->map_key (sp, "status"); + format_part_sigstatus_sprinter (sp, msg_crypto->sig_list); + if (msg_crypto->signature_encrypted) { + sp->map_key (sp, "encrypted"); + sp->boolean (sp, msg_crypto->signature_encrypted); + } + sp->end (sp); + } + if (msg_crypto->decryption_status != NOTMUCH_MESSAGE_DECRYPTED_NONE) { + sp->map_key (sp, "decrypted"); + sp->begin_map (sp); + sp->map_key (sp, "status"); + sp->string (sp, msg_crypto->decryption_status == NOTMUCH_MESSAGE_DECRYPTED_FULL ? "full" : "partial"); + sp->end (sp); + } + sp->end (sp); + } + } + sp->end (sp); return; } diff --git a/test/T350-crypto.sh b/test/T350-crypto.sh index 3539bafe..c3f8138e 100755 --- a/test/T350-crypto.sh +++ b/test/T350-crypto.sh @@ -25,7 +25,7 @@ test_expect_equal "$output" "thread:XXX 2000-01-01 [1/1] Notmuch Test Suite; t test_begin_subtest "signature verification" output=$(notmuch show --format=json --verify subject:"test signed message 001" \ | notmuch_json_show_sanitize \ - | sed -e 's|"created": [1234567890]*|"created": 946728000|') + | sed -e 's|"created": [1234567890]*|"created": 946728000|g') expected='[[[{"id": "XXXXX", "match": true, "excluded": false, @@ -33,6 +33,7 @@ expected='[[[{"id": "XXXXX", "timestamp": 946728000, "date_relative": "2000-01-01", "tags": ["inbox","signed"], + "crypto": {"signed": {"status": [{ "status": "good", "created": 946728000, "fingerprint": "'$FINGERPRINT'", "userid": "'"$SELF_USERID"'"}]}}, "headers": {"Subject": "test signed message 001", "From": "Notmuch Test Suite <test_suite@notmuchmail.org>", "To": "test_suite@notmuchmail.org", @@ -74,6 +75,7 @@ expected='[[[{"id": "XXXXX", "timestamp": 946728000, "date_relative": "2000-01-01", "tags": ["inbox","signed"], + "crypto": {"signed": {"status": [{ "status": "bad", "keyid": "'$(echo $FINGERPRINT | cut -c 25-)'"}]}}, "headers": {"Subject": "bad signed message 001", "From": "Notmuch Test Suite <test_suite@notmuchmail.org>", "To": "test_suite@notmuchmail.org", @@ -143,7 +145,7 @@ gpg --quiet --batch --no-tty --export-ownertrust > "$GNUPGHOME/ownertrust.bak" echo "${FINGERPRINT}:3:" | gpg --quiet --batch --no-tty --import-ownertrust output=$(notmuch show --format=json --verify subject:"test signed message 001" \ | notmuch_json_show_sanitize \ - | sed -e 's|"created": [1234567890]*|"created": 946728000|') + | sed -e 's|"created": [1234567890]*|"created": 946728000|g') expected='[[[{"id": "XXXXX", "match": true, "excluded": false, @@ -151,6 +153,7 @@ expected='[[[{"id": "XXXXX", "timestamp": 946728000, "date_relative": "2000-01-01", "tags": ["inbox","signed"], + "crypto": {"signed": {"status": [{ "status": "good", "created": 946728000, "fingerprint": "'$FINGERPRINT'"}]}}, "headers": {"Subject": "test signed message 001", "From": "Notmuch Test Suite <test_suite@notmuchmail.org>", "To": "test_suite@notmuchmail.org", @@ -177,7 +180,7 @@ test_begin_subtest "signature verification with signer key unavailable" mv "${GNUPGHOME}"{,.bak} output=$(notmuch show --format=json --verify subject:"test signed message 001" \ | notmuch_json_show_sanitize \ - | sed -e 's|"created": [1234567890]*|"created": 946728000|') + | sed -e 's|"created": [1234567890]*|"created": 946728000|g') expected='[[[{"id": "XXXXX", "match": true, "excluded": false, @@ -185,6 +188,7 @@ expected='[[[{"id": "XXXXX", "timestamp": 946728000, "date_relative": "2000-01-01", "tags": ["inbox","signed"], + "crypto": {"signed": {"status": [{"errors": {"key-missing": true}, "keyid": "'$(echo $FINGERPRINT | cut -c 25-)'", "status": "error"}]}}, "headers": {"Subject": "test signed message 001", "From": "Notmuch Test Suite <test_suite@notmuchmail.org>", "To": "test_suite@notmuchmail.org", @@ -264,6 +268,7 @@ expected='[[[{"id": "XXXXX", "timestamp": 946728000, "date_relative": "2000-01-01", "tags": ["encrypted","inbox"], + "crypto": {"decrypted": {"status": "full"}}, "headers": {"Subject": "test encrypted message 001", "From": "Notmuch Test Suite <test_suite@notmuchmail.org>", "To": "test_suite@notmuchmail.org", @@ -350,7 +355,7 @@ test_expect_success \ test_begin_subtest "decryption + signature verification" output=$(notmuch show --format=json --decrypt=true subject:"test encrypted message 002" \ | notmuch_json_show_sanitize \ - | sed -e 's|"created": [1234567890]*|"created": 946728000|') + | sed -e 's|"created": [1234567890]*|"created": 946728000|g') expected='[[[{"id": "XXXXX", "match": true, "excluded": false, @@ -358,6 +363,9 @@ expected='[[[{"id": "XXXXX", "timestamp": 946728000, "date_relative": "2000-01-01", "tags": ["encrypted","inbox"], + "crypto": {"signed": {"status": [{ "status": "good", "created": 946728000, "fingerprint": "'$FINGERPRINT'", "userid": "'"$SELF_USERID"'"}], + "encrypted": true }, + "decrypted": {"status": "full"}}, "headers": {"Subject": "test encrypted message 002", "From": "Notmuch Test Suite <test_suite@notmuchmail.org>", "To": "test_suite@notmuchmail.org", @@ -433,6 +441,7 @@ expected='[[[{"id": "XXXXX", "timestamp": 946728000, "date_relative": "2000-01-01", "tags": ["inbox","signed"], + "crypto": {"signed": {"status": [{"errors": {"key-revoked": true}, "keyid": "'$(echo $FINGERPRINT | cut -c 25-)'", "status": "error"}]}}, "headers": {"Subject": "test signed message 001", "From": "Notmuch Test Suite <test_suite@notmuchmail.org>", "To": "test_suite@notmuchmail.org", diff --git a/test/T355-smime.sh b/test/T355-smime.sh index e410286b..336da917 100755 --- a/test/T355-smime.sh +++ b/test/T355-smime.sh @@ -50,8 +50,8 @@ test_expect_equal_file EXPECTED OUTPUT test_begin_subtest "signature verification (notmuch CLI)" output=$(notmuch show --format=json --verify subject:"test signed message 001" \ | notmuch_json_show_sanitize \ - | sed -e 's|"created": [-1234567890]*|"created": 946728000|' \ - -e 's|"expires": [-1234567890]*|"expires": 424242424|' ) + | sed -e 's|"created": [-1234567890]*|"created": 946728000|g' \ + -e 's|"expires": [-1234567890]*|"expires": 424242424|g' ) expected='[[[{"id": "XXXXX", "match": true, "excluded": false, @@ -59,6 +59,7 @@ expected='[[[{"id": "XXXXX", "timestamp": 946728000, "date_relative": "2000-01-01", "tags": ["inbox","signed"], + "crypto": {"signed": {"status": [{"fingerprint": "'$FINGERPRINT'", "status": "good","userid": "CN=Notmuch Test Suite","expires": 424242424, "created": 946728000}]}}, "headers": {"Subject": "test signed message 001", "From": "Notmuch Test Suite <test_suite@notmuchmail.org>", "To": "test_suite@notmuchmail.org", -- 2.20.1 _______________________________________________ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch