Re: [PATCH] test: initial tests for smime

Subject: Re: [PATCH] test: initial tests for smime

Date: Sat, 17 Jan 2015 23:29:11 +0100

To: Jameson Graef Rollins, Notmuch Mail

Cc:

Jameson Graef Rollins <jrollins@finestructure.net> writes:

> For some reason PATCH 3/4 no longer applies after substituting in this
> patch as PATCH 1/4.

Ah, I guess I need to send the whole series again.

>
> But do we really need to test the message output of openssl?  It seems
> like it's broken, and if it ever gets fixed we'll need to change this
> test.

I think it's not so much broken as "canonical". There is some discussion
in the openssl-smime man page that pointed me to RFC5751
para 3.1.1

   MIME entities of major type "text" MUST have both their line endings
   and character set canonicalized.  The line ending MUST be the pair of
   characters <CR><LF>

> But all we really care about is that openssl is properly verifying the
> message, yes?  Why not just test that and forget about the rest of
> openssl's output?

Maybe it doesn't add too much as long as the message is using the "clear
signed" multipart/signed format. On the other hand there is an opaque
signed format (application/pkcs7-mime with Signeddata) too, where it
would be interesting to check for mangling of the text. Similarly, when
we add a similar test for encryption, I think we do want to check the
content, so we'll have to figure this out at some point.

Cheers,

d

Previous message (by thread): Re: [PATCH] test: initial tests for smime

Thread:

Jameson Graef Rollins—S/MIME support [inbox, unread]
- Jameson Graef Rollins—[PATCH 1/2] cli: S/MIME verification/decryption support [inbox, notmuch::obsolete, notmuch::patch, unread]
  - Jameson Graef Rollins—[PATCH 2/2] debian: Recommend gpgsm for S/MIME support [inbox, notmuch::obsolete, notmuch::patch, unread]
- Bryant, Daniel B.—RE: S/MIME support [inbox, unread]
  - Jameson Graef Rollins—RE: S/MIME support [inbox, signed, unread]
    - David Bremner—RE: S/MIME support [inbox, unread]
- Jameson Graef Rollins—S/MIME support, rebased [inbox, unread]
  - Jameson Graef Rollins—[PATCH 1/2] cli: S/MIME verification/decryption support [inbox, notmuch::obsolete, notmuch::patch, unread]
    - Jameson Graef Rollins—[PATCH 2/2] debian: Recommend gpgsm for S/MIME support [inbox, notmuch::obsolete, notmuch::patch, unread]
    - David Bremner—Re: [PATCH 1/2] cli: S/MIME verification/decryption support [attachment, inbox, unread]
      - Jameson Graef Rollins—Re: [PATCH 1/2] cli: S/MIME verification/decryption support [inbox, signed, unread]
        David Bremner—Re: [PATCH 1/2] cli: S/MIME verification/decryption support [inbox, unread]
  - David Bremner—SMIME patches v3, with some tests [inbox, unread]
    - David Bremner—[PATCH 1/4] test: initial tests for smime [inbox, notmuch::obsolete, notmuch::patch, unread]
    - David Bremner—[PATCH 2/4] cli: S/MIME verification/decryption support [inbox, notmuch::obsolete, notmuch::patch, unread]
    - David Bremner—[PATCH 3/4] test: add S/MIME signature verification test for notmuch CLI [inbox, notmuch::obsolete, notmuch::patch, unread]
    - David Bremner—[PATCH 4/4] debian: Recommend gpgsm for S/MIME support [inbox, notmuch::obsolete, notmuch::patch, unread]
    - Jameson Graef Rollins—Re: SMIME patches v3, with some tests [inbox, signed, unread]
      - David Bremner—[PATCH] test: initial tests for smime [inbox, notmuch::obsolete, notmuch::patch, unread]
        Jameson Graef Rollins—Re: [PATCH] test: initial tests for smime [inbox, signed, unread]
        David Bremner—Re: [PATCH] test: initial tests for smime [inbox, unread]
        Jameson Graef Rollins—Re: [PATCH] test: initial tests for smime [inbox, signed, unread]