sup

A curses threads-with-tags style email client

sup.git

git clone https://supmua.dev/git/sup/ 
commit 26f5b3361a015e6be63aa372261a0da3af3be037
parent b22a9fb3dd2d31ce805ea51581de5a51ba413839
Author: Dan Callaghan <djc@djc.id.au>
Date:   Mon, 14 Oct 2024 18:43:09 +1100

fix tests for GPG signature verification

They were not checking that the verification actually succeeded, nor
which key was being used.

Regenerate test keys with a new ECC key for sup-fake-ecc@fake.fake,
which is used by the test_verify_unknown_keytype test case.

Diffstat:
M Manifest.txt | 4 +++-
A test/gnupg_test_home/private-keys-v1.d/26C05E44706A8E230B3255BB9532B34DC9420232.key | 42 ++++++++++++++++++++++++++++++++++++++++++
D test/gnupg_test_home/private-keys-v1.d/306D2EE90FF0014B5B9FD07E265C751791674140.key | 0
A test/gnupg_test_home/private-keys-v1.d/D187ADC90EC4DEB7047678EAA37E33A53A465D47.key | 5 +++++
A test/gnupg_test_home/private-keys-v1.d/FB2D9BD3B1BE90B5BCF697781F8404224B0FCF5B.key | 5 +++++
M test/gnupg_test_home/pubring.gpg | 0
M test/gnupg_test_home/receiver_pubring.gpg | 0
M test/gnupg_test_home/receiver_secring.gpg | 0
M test/gnupg_test_home/regen_keys.sh | 13 +++++++++++--
M test/gnupg_test_home/secring.gpg | 0
M test/gnupg_test_home/sup-test-2@foo.bar.asc | 40 ++++++++++++++++++++--------------------
M test/test_crypto.rb | 12 ++++++++++-- 
12 files changed, 96 insertions(+), 25 deletions(-)
diff --git a/Manifest.txt b/Manifest.txt
@@ -146,7 +146,9 @@ test/fixtures/utf8-header.eml
 test/fixtures/zimbra-quote-with-bottom-post.eml
 test/gnupg_test_home/.gpg-v21-migrated
 test/gnupg_test_home/gpg.conf
-test/gnupg_test_home/private-keys-v1.d/306D2EE90FF0014B5B9FD07E265C751791674140.key
+test/gnupg_test_home/private-keys-v1.d/26C05E44706A8E230B3255BB9532B34DC9420232.key
+test/gnupg_test_home/private-keys-v1.d/D187ADC90EC4DEB7047678EAA37E33A53A465D47.key
+test/gnupg_test_home/private-keys-v1.d/FB2D9BD3B1BE90B5BCF697781F8404224B0FCF5B.key
 test/gnupg_test_home/pubring.gpg
 test/gnupg_test_home/receiver_pubring.gpg
 test/gnupg_test_home/receiver_secring.gpg
diff --git a/test/gnupg_test_home/private-keys-v1.d/26C05E44706A8E230B3255BB9532B34DC9420232.key b/test/gnupg_test_home/private-keys-v1.d/26C05E44706A8E230B3255BB9532B34DC9420232.key
@@ -0,0 +1,42 @@
+Created: 20241014T073358
+Key: (private-key (rsa (n #00C0EF24D44D17ABD33603EDED46A2F639BDB90C9A72
+ E6AD03E83B597169BF7B8F6DEF42A5EED6F9BBDD0BDE326075969886D11D2875FB6972
+ D8D73ECC98F6A14AB083E93990567C78EEDA09260096B4B99C67824B39005DEA7D75B5
+ ECF3F03D042EEEB49E9871AA3B2DC4552FC7598B8DDAD6454EF0CCD11D8C4BAEEFEBCC
+ CF4BCDB4FBB05BCC026910D4249E24BB657BD2287E6999FD2C499C54C29CE079437CB3
+ 8AE685C6D733749B046FF2235A29B22822C23EFFF38302B3A8EEC81CE9505BF8D4CCF5
+ EB958AFBDE50488F56E14B3CC116E413CE5E449D65537DDFB90F841A3B6580BEA20783
+ 002699B584F53EE4C29C7381071536659E50BE9AA445068F5B2B2B0185E850DF4790FD
+ 455A91135FE29A79A0E7EF73A8C6B6328603C5B46466B1A674AE205256C79B8A39E73D
+ 15587A123C2FEC23C14CD2ADD2D41344408E713A10D986766F17F93011998788DEF294
+ DA6C3E86CEC1562FB574014CA2937FA7ACF7C57D80E9925994FCF8EA55102FC987FAD6
+ 7393E2011515856AE9FEB6DDB9#)(e #010001#)(d
+  #1AC7D73BE4EB993D3B2D36748E2E86B12325B19B2AC1DC58437F217E3DA887B53414
+ 5713036131CF22F2C7C8045DAE26C3E7F8FD29CB592AC8F0AFD5E491AF77D7A2A7D806
+ B20A9B1AC4872A90405B1BBC9B1D99E572A896A90D92D02E5835900417BC589B5E83BB
+ AD31A885764D76B29D22CB021728C70A2BF441772A2B06C745E98E5A3F93C4EDE2991F
+ F017B72F720D8CF3672329E260E1635E943A107B0EAF3963A04426910CE98BA7225C47
+ E2ABC92872001EB52585557CE8903C7B225D342894EFB6CCA4ED2397E970EAB675BE69
+ 70F1009E87396923D13A6B4B1E941EA9433C386EFA94843C67C5C5D08B688BDCD3075D
+ 29ACB0D3D3F156562ABB19345B547040782FA7DD199F20CA7042D8548FF72FAB96394C
+ 2ADFCAFA4E38196AED778C777BA8BF4646A8E4F5DA3E44C0330AC71AFAD1FCF1C792F2
+ 34C7D0BFA59E1435813695CC813C1395DDCD61BE60B1693B89DC5B8480DE5BD5065AED
+ 3822B865574D55155FCACDB51807679040D6952E073982C6075E07111A205D7EBEA015
+ #)(p #00D8DF87835F964777CC15BA16559A04CD40D570084AF06117224D9B6DE56CB5
+ DCC0F5A66DEAF9DBA1542475808017B318D152FA7425376508A48E1591C75605504799
+ 184C0F11059B5625C799356CC895314DD684A25CC36775DFB2270DBB1E92E7457773BB
+ 9E2C1BCDB93BD7A9E4AE316F23FC06D9AC6E538A7A9A53D454B1548A80291777704EA7
+ B5D798C8378C4C7B040A4BD64875755A8CC092D4D1C340D22CA798F177F0A0A9893BC7
+ 026A9023660CBF155F22CC295880965E75832AA01F#)(q
+  #00E3BDF8A4560327A98A63D6B00B7474FC0F918F043CF0A99253F41EEEF4895BFAF8
+ 50AFDC107C4A741958667F7B567F280632C8B3454494CA1B253A33DD4E45ACC5194F53
+ 1B67DD975D15470FA52CF2C71CEA669B1471CF1B8B76EE0E5925F5CC1103D75184D7C3
+ BB8EE7498ECC34483EEDD5516AF5F234ADA9C0BFDE2E3A15F7027B109E136C56C4779C
+ 6E032DC25B5D2E68D7079C5CEBC15B25ADE6481A1E1E78305B067C452C677908BE6D16
+ EC7B1869689FC9F70FB4D45449C336D9B46727#)(u
+  #009C3200C269390035DB78F0259D81B22712470EE1FBA278564DDDE0C667EA48A511
+ 7B8AB17C2DAEFD2078BF99CE548A72661E8FCA2288BE39447854F79AFDAFB4415BB60A
+ C72562E2DDB31D52DDE9D638EEDBF9636AB6BCDD2870E6C9B59AFAB04C169CF51433BE
+ C75EC697575686029F36FA2537896ACCD35EB766BB3A2EBC84DBFC24C0D049699813B1
+ 1A7679D87D38B222ECD1238DCFB84AB58D5C4D8B5E90D627D9C1BEA3793AC2AEA225FC
+ 7C7021EA0FA08CAF614286537134929A47097D#)))
diff --git a/test/gnupg_test_home/private-keys-v1.d/306D2EE90FF0014B5B9FD07E265C751791674140.key b/test/gnupg_test_home/private-keys-v1.d/306D2EE90FF0014B5B9FD07E265C751791674140.key
Binary files differ.
diff --git a/test/gnupg_test_home/private-keys-v1.d/D187ADC90EC4DEB7047678EAA37E33A53A465D47.key b/test/gnupg_test_home/private-keys-v1.d/D187ADC90EC4DEB7047678EAA37E33A53A465D47.key
@@ -0,0 +1,5 @@
+Created: 20241014T073400
+Key: (private-key (ecc (curve Ed25519)(flags eddsa)(q
+  #4049C4EFC8EEB81658624601387C3ECCDE9A3D76476C10773DE55E025580B9AE17#)
+ (d #C9A9E5DAE378425DDCFBC4B565845883A198F96B86E31D3F4763665633D9F51E#)
+ ))
diff --git a/test/gnupg_test_home/private-keys-v1.d/FB2D9BD3B1BE90B5BCF697781F8404224B0FCF5B.key b/test/gnupg_test_home/private-keys-v1.d/FB2D9BD3B1BE90B5BCF697781F8404224B0FCF5B.key
@@ -0,0 +1,5 @@
+Created: 20241014T073400
+Key: (private-key (ecc (curve Curve25519)(flags djb-tweak)(q
+  #404F9277B8281579076BE50AF2D30484B4B72E56035A3F36A99F38A6FA06065521#)
+ (d #5390C4E04165F6AAF4CDCA43C6FF4C5B6FF3F55137B11A5BC64CE8C7B67E3948#)
+ ))
diff --git a/test/gnupg_test_home/pubring.gpg b/test/gnupg_test_home/pubring.gpg
Binary files differ.
diff --git a/test/gnupg_test_home/receiver_pubring.gpg b/test/gnupg_test_home/receiver_pubring.gpg
Binary files differ.
diff --git a/test/gnupg_test_home/receiver_secring.gpg b/test/gnupg_test_home/receiver_secring.gpg
Binary files differ.
diff --git a/test/gnupg_test_home/regen_keys.sh b/test/gnupg_test_home/regen_keys.sh
@@ -67,6 +67,15 @@ gpg2 \
     --passphrase '' \
     --quick-generate-key sup-test-1@foo.bar rsa encrypt,sign 0
 
+echo "Generating key pair for sender alternate address (email sup-fake-ecc@fake.fake)"
+gpg2 \
+    --homedir . \
+    --batch \
+    --pinentry-mode loopback \
+    --passphrase '' \
+    --default-new-key-algo "ed25519/cert,sign+cv25519/encr" \
+    --quick-generate-key sup-fake-ecc@fake.fake default default 0
+
 echo "Importing public key for receiver, into sender's key store"
 gpg2 \
     --homedir . \
@@ -80,10 +89,10 @@ gpg2 \
 
 echo "Done."
 
-echo "We now have two non-expiring public keys (receiver & sender):"
+echo "We now have some non-expiring public keys:"
 gpg2 --homedir . --list-keys
 
-echo "And we also have only *one* corresponding private key (sender only):"
+echo "And we also have some corresponding private keys:"
 gpg2 --homedir . --list-secret-keys
 
 popd
diff --git a/test/gnupg_test_home/secring.gpg b/test/gnupg_test_home/secring.gpg
Binary files differ.
diff --git a/test/gnupg_test_home/sup-test-2@foo.bar.asc b/test/gnupg_test_home/sup-test-2@foo.bar.asc
@@ -1,23 +1,23 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 
-mQGNBF7leTkBDAC3auy8xodH6jxoISylFZTpVqy/0L2ul879YUb/QbC58+F/H36S
-CjLfPxFlq0FAOXHelOvktxaybg+BG5UpSvTgBLbcArq5nctee+04TMXCzQzrG2V1
-zb9gIRT665fX3+WYncSIXdr4LAp7r8Jw3RT3tTOZqbaencumCWaJblnvfFwPrMKf
-AXWa/NVndNMAXmJ5uBf1MRr45KXaQ2tczPIeHqSOKhKNnKZPRqPs0fg4i3d0Vb6G
-yItgtJapfBo50FV+PvtodMHo3LDlz/BBjdEJHSvghqEjb1S7xGo+hdXs+lfCMfa0
-3PAWoj+OeHNorbK0YbVKOtS0E0xYvScbyC7bfwtA9yb3LZYmy7VHsKJmQfygCNQ6
-wIKQGAVN1NcQcJsvWyAwk9+WMN5oqB5lb76u40beoWlUjSJRlph2VvWvkGuh/huU
-sVGqcN7EO4SFkwi2YQLoWfQRGur3mids/PQTBywpGE1SyziPZK76pT6SqP8b+OpI
-CG1QbcTZzYpbv6kAEQEAAbQSc3VwLXRlc3QtMkBmb28uYmFyiQHOBBMBCgA4FiEE
-e0oXvVeqMzUcfd1s2bF8xbTizW8FAl7leTkCGw8FCwkIBwIGFQoJCAsCBBYCAwEC
-HgECF4AACgkQ2bF8xbTizW92TAv/WGlYfDTKNEmJ0K+kxt33T2ldmZXaJKL04Mft
-h5s5KlRZWDNpkCC/L55uyaeEg+Uy+BEEQKLAEeJrrLMV8UMJwMPDOizSTT9uLyiz
-b8RjnQw4iMT8wt9TQboXGaTMslwdXvFPii7w44KgCimE7VuPetJuLMLMbnl147G8
-+QhkNUsrB51TuPS8xZJ4qjbH+K/Y2NlvwLtJrxNE3SRQuy2ApYJxKPZIj1KpUL8M
-7Jy/2hI8DaRm/0Fpu8HwRIVsd6/dgdkqdj1uVyLj+wyhgdzqV5WrPLFCRVhd3icd
-lPNRIDjg8YKCh353LVHjKwefOW4SnkOPn4uVMdCP9gUFd9zpMP9lMFpjk0o0tcYO
-NiFrOclS4q5qZ5jrj1MnBF0NaGhuC83DDgRfKV+p5noVeJxg0nXYZSlsSMfAT/K7
-FbdNEg0XUsrLgWVzhvWv/ebMetFPSfGHIveZ7lhiq1qpA5hLBNfSSBb1JJsFmtQt
-cEUluymdNe5W7Y6UGs1CpvcIvbj+
-=Cy9S
+mQGNBGcMyWQBDADDsDnBPhnEKSH2qSJq00/nxe1zFhwc5yiD5kwutfOCG/46Wtqs
+vETmZfAaWOrfFectT51zLlG2/zju63NEiImt8KBxB02lI8uanLdKxNpAuN3OuNTF
+RapqLTCwThlNZlGXM4fvC7uuFxtSV3yE5wIOQIT4IvpGc2/P7NuDg+aYoAkfNH5Y
+1E3II/tRUYZn63t5ihmOH1b2Gc8qyD05gc7O836ZgKHL1FfCf4A8tgQEOFgkkYdH
+fX8x57RbZAqfzpH5oxcZNa5LAC+m+3EmLF5cvNWqLh8wAnYb+krDvZ9sg8OjY5YN
+K4SDTnKfg0zofdEHeZFqDOg1N/0Ri79EYJBINBeERj1OMPUD8uim+AeJjLbL1XiH
+l31zEQOoTCSutGeA7sKS3YTaNcpvKfneW3MHN4y4jqLLI2g1PGGGTXYpr/t3/8uG
+fzlkcxBDzl3IX1lvIBEhF4P1uSSc2Oa+IizzfDVPoKzy7+bLP/JvF3cTKKZHe63P
+p/9hy34IOdKKw7sAEQEAAbQSc3VwLXRlc3QtMkBmb28uYmFyiQHRBBMBCAA7FiEE
+IJRwaSVB2pkxecFGpaPGNeoyUYoFAmcMyWQCGw8FCwkIBwICIgIGFQoJCAsCBBYC
+AwECHgcCF4AACgkQpaPGNeoyUYq1NwwAuurXiq3hnmTbg/Lxn1FtcwW0xKdBmUbB
+LWg+fWZvo87wU5TxsdAu1Y8YiWqusSX9ZYg8po0/dgBKdrPREF3rCWOw6wVwWg4E
+aydajoefUa10CPf4VeOLbVReQLsueWycp5uw3Pm8Zc78RyKL9QmY+k3ez6kspHS6
+gWeiLv9XazBll/o1YYLQX7gI29aseBkbLS81Z1ea+a6cqvzm/MzAYiDf8ETQ3/Sm
+Nd/HoPWJ9/aHuuBUQsX2uWCI70YgvTh/kKfaNr3up5BmCjwgQCo2zjZOGDUqnajd
+2I5qV3uabNXTwgdjWoqN9nmBeEpW5haw+NwuhQT0H5tWfiL4wyXv01KZxPxv1tAq
+Tu9frSOk4ziRWbUQMelIiGbIRB6VNHEIyM3F/UpboDDPn9lIVuG6ARNfPemHsErI
+rIdC2PXMibdO5U1d+0oY5xf7YxnWWgWstsjlgyXBUnX3R5xXGm5Sf66VwR+0Vo9J
+EFqKZ/vYa3YwJ+hfzIBVKGxBKXpXQv83
+=kQ2o
 -----END PGP PUBLIC KEY BLOCK-----
diff --git a/test/test_crypto.rb b/test/test_crypto.rb
@@ -119,7 +119,11 @@ class TestCryptoManager < Minitest::Test
       signed = CryptoManager.sign @from_email, @to_email, "ABCDEFG"
       assert_instance_of RMail::Message, signed
       assert_instance_of String, (signed.body[1].body)
-      CryptoManager.verify signed.body[0], signed.body[1], true
+      chunk = CryptoManager.verify signed.body[0], signed.body[1], true
+      assert_instance_of Redwood::Chunk::CryptoNotice, chunk
+      assert_match(/^Signature made .* using RSA key ID 072B50BE/,
+                   chunk.lines[0])
+      assert_equal "Good signature from \"#{@from_email}\"", chunk.lines[1]
     end
 
     def test_verify_unknown_keytype
@@ -128,7 +132,11 @@ class TestCryptoManager < Minitest::Test
       signed = CryptoManager.sign @from_email_ecc, @to_email, "ABCDEFG"
       assert_instance_of RMail::Message, signed
       assert_instance_of String, (signed.body[1].body)
-      CryptoManager.verify signed.body[0], signed.body[1], true
+      chunk = CryptoManager.verify signed.body[0], signed.body[1], true
+      assert_instance_of Redwood::Chunk::CryptoNotice, chunk
+      assert_match(/^Signature made .* using unknown key type \(303\) key ID AC34B83C/,
+                   chunk.lines[0])
+      assert_equal "Good signature from \"#{@from_email_ecc}\"", chunk.lines[1]
     end
 
     def test_verify_nested_parts