1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
require 'test_helper'
# test cases for PGP inline signed messages (i.e. non-mime)
class InlineSignedMessageTest < MailGpgTestCase
context "InlineSignedMessage" do
setup do
(@mails = Mail::TestMailer.deliveries).clear
@mail = Mail.new do
to 'jane@foo.bar'
from 'joe@foo.bar'
subject 'test'
body 'i am unencrypted'
end
end
context 'strip_inline_signature' do
should 'strip signature from signed text' do
body = self.class.inline_sign(@mail, 'i am signed')
assert stripped_body = Mail::Gpg::InlineSignedMessage.strip_inline_signature(body)
assert_equal "-----BEGIN PGP SIGNED MESSAGE-----\n\ni am signed\n-----END PGP SIGNED MESSAGE-----", stripped_body
end
should 'not change unsigned text' do
assert stripped_body = Mail::Gpg::InlineSignedMessage.strip_inline_signature("foo\nbar\n")
assert_equal "foo\nbar\n", stripped_body
end
end
context "signed message" do
should "verify body" do
mail = Mail.new(@mail)
mail.body = self.class.inline_sign(mail, mail.body.to_s)
assert !mail.multipart?
assert mail.signed?
assert verified = mail.verify
assert verified.signature_valid?
assert sig = verified.signatures.first
assert sig.to_s=~ /Joe/
assert sig.valid?
end
should "detect invalid sig" do
mail = Mail.new(@mail)
mail.body = self.class.inline_sign(mail, mail.body.to_s).gsub /i am/, 'i was'
assert !mail.multipart?
assert mail.signed?
assert verified = mail.verify
assert !verified.signature_valid?
assert vr = verified.verify_result
assert sig = verified.signatures.first
assert sig.to_s=~ /Joe/
assert !sig.valid?
end
end
context "message with signed attachment" do
should "check attachment signature" do
mail = Mail.new(@mail)
mail.body = 'foobar'
mail.part do |p|
p.body = self.class.inline_sign(mail, 'sign me!')
end
assert mail.multipart?
assert mail.signed?
assert verified = mail.verify
assert verified.signature_valid?
assert vr = verified.parts.last.verify_result
assert !verified.parts.first.signed?
assert verified.parts.last.signed?
assert Mail::Gpg.signed_inline?(verified.parts.last)
assert_equal [vr], verified.verify_result
assert sig = verified.signatures.first
assert sig.to_s=~ /Joe/
assert sig.valid?
end
should "detect invalid sig" do
mail = Mail.new(@mail)
mail.body = 'foobar'
mail.part do |p|
p.body = self.class.inline_sign(mail, 'i am signed!').gsub /i am/, 'i was'
end
mail.part do |p|
p.body = self.class.inline_sign(mail, 'i am signed!')
end
assert mail.multipart?
assert mail.signed?
assert verified = mail.verify
assert !verified.signature_valid?
assert vr = verified.verify_result
assert_equal 2, vr.size
invalid = verified.parts[1]
assert !invalid.signature_valid?
assert sig = invalid.verify_result.signatures.first
assert sig.to_s=~ /Joe/
assert !sig.valid?
valid = verified.parts[2]
assert valid.signature_valid?
assert sig = valid.verify_result.signatures.first
assert sig.to_s=~ /Joe/
assert sig.valid?
end
end
end
def self.inline_sign(mail, plain, armor = true)
GPGME::Crypto.new.clearsign(plain,
password: 'abc',
signers: mail.from,
armor: armor).to_s
end
end
|
