From 6bf0a5cb5034a7e684dcc3500e841785237ce2dd Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 19:32:43 +0200 Subject: Adding upstream version 1:115.7.0. Signed-off-by: Daniel Baumann --- comm/mailnews/test/data/smime/local-gen.sh | 97 ++++++++++++++++++++++++++++++ 1 file changed, 97 insertions(+) create mode 100755 comm/mailnews/test/data/smime/local-gen.sh (limited to 'comm/mailnews/test/data/smime/local-gen.sh') diff --git a/comm/mailnews/test/data/smime/local-gen.sh b/comm/mailnews/test/data/smime/local-gen.sh new file mode 100755 index 0000000000..c74b31e73a --- /dev/null +++ b/comm/mailnews/test/data/smime/local-gen.sh @@ -0,0 +1,97 @@ +#!/bin/bash + +set -e + +# This script creates additional S/MIME test files. +# It's called automatically by generate.sh. +# However, it can also be called directly, if the test data from NSS +# is still sufficiently fresh, and only the local test files need to +# be updated, e.g. when adding new tests. + +if [ -n "$NSS_LIB_PATH" ] +then + export LD_LIBRARY_PATH=${NSS_LIB_PATH}:$LD_LIBRARY_PATH + export SHLIB_PATH=${NSS_LIB_PATH}:$SHLIB_PATH + export LIBPATH=${NSS_LIB_PATH}:$LIBPATH + export DYLD_LIBRARY_PATH=${NSS_LIB_PATH}:$DYLD_LIBRARY_PATH +fi + +if ! test -e generate.sh || ! test -e local-gen.sh +then + echo "you must run this script from inside the directory that contains local-gen.sh and generate.sh" + exit +fi + +if ! hash certutil || ! hash pk12util || ! hash atob || ! hash btoa +then + echo "Required NSS utilities cannot be executed. Add \$OBJDIR/dist/bin of a local Thunderbird build to both the PATH and (platform specific) library path environment variable (e.g. LD_LIBRARY_PATH or DYLD_LIBRARY_PATH)." + exit +fi + +MILLDIR="$(pwd)/../../../../mail/test/browser/smime/data" + +# When executing mozmill in the CI environment, the files from this +# directory aren't available. Copy all files that mozmill requires to +# the mozmill directory. +cp -rv Bob.p12 TestCA.pem "$MILLDIR" + +TMPDIR="./tmp-local" +mkdir $TMPDIR + +BOUNDARY="--------BOUNDARY" + +EMAILDATE=$(date --rfc-email --utc) + +MSGHEADER="MIME-Version: 1.0 +Date: ${EMAILDATE} +From: Alice +To: Bob +Subject: a message +Content-Type: multipart/alternative; boundary=\"${BOUNDARY}\" + +" + +ENVHEADER="Content-Type: application/pkcs7-mime; smime-type=enveloped-data +Content-Transfer-Encoding: base64 + +" + +certutil -d $TMPDIR -N --empty-password +pk12util -d $TMPDIR -i Alice.p12 -W nss +pk12util -d $TMPDIR -i Bob.p12 -W nss +certutil -d $TMPDIR -M -n TestCA -t C,C, + +INPUT="Content-type: text/plain + +SECRET-TEXT the attacker wants to steal +" +echo "$INPUT" | cmsutil -d $TMPDIR -E -r bob@example.com | btoa > $TMPDIR/prey.b64 + +INPUT="Content-type: text/html + +
Please reply to this harmless looking message
" +echo "$INPUT" | cmsutil -d $TMPDIR -E -r bob@example.com | btoa > $TMPDIR/bait.b64 + +MSG=$TMPDIR/msg.eml + +{ + echo -n "$MSGHEADER" + echo "--$BOUNDARY" + echo -n "$ENVHEADER" + cat $TMPDIR/bait.b64 + echo "--$BOUNDARY" + echo -n "$ENVHEADER" + cat $TMPDIR/prey.b64 + echo "--$BOUNDARY" +} > $MSG + +mv $MSG "$MILLDIR/multipart-alternative.eml" + +# Create a message with a mismatching message date (use a later time, +# because the test certificates aren't valid at earlier times). + +GOOD_DATE=$(grep ^Date "alice.dsig.SHA256.multipart.eml" | sed 's/^Date: //') +FUTURE_DATE=$(date --utc --rfc-email --date="${GOOD_DATE} + 6 hours") +sed "s/^Date: .*$/Date: ${FUTURE_DATE}/" "alice.dsig.SHA256.multipart.eml" > "alice.future.dsig.SHA256.multipart.eml" + +rm -rf $TMPDIR -- cgit v1.2.3