blob: c74b31e73a7a6994b49c638cc49af3f43fb1c7cd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
#!/bin/bash
set -e
# This script creates additional S/MIME test files.
# It's called automatically by generate.sh.
# However, it can also be called directly, if the test data from NSS
# is still sufficiently fresh, and only the local test files need to
# be updated, e.g. when adding new tests.
if [ -n "$NSS_LIB_PATH" ]
then
export LD_LIBRARY_PATH=${NSS_LIB_PATH}:$LD_LIBRARY_PATH
export SHLIB_PATH=${NSS_LIB_PATH}:$SHLIB_PATH
export LIBPATH=${NSS_LIB_PATH}:$LIBPATH
export DYLD_LIBRARY_PATH=${NSS_LIB_PATH}:$DYLD_LIBRARY_PATH
fi
if ! test -e generate.sh || ! test -e local-gen.sh
then
echo "you must run this script from inside the directory that contains local-gen.sh and generate.sh"
exit
fi
if ! hash certutil || ! hash pk12util || ! hash atob || ! hash btoa
then
echo "Required NSS utilities cannot be executed. Add \$OBJDIR/dist/bin of a local Thunderbird build to both the PATH and (platform specific) library path environment variable (e.g. LD_LIBRARY_PATH or DYLD_LIBRARY_PATH)."
exit
fi
MILLDIR="$(pwd)/../../../../mail/test/browser/smime/data"
# When executing mozmill in the CI environment, the files from this
# directory aren't available. Copy all files that mozmill requires to
# the mozmill directory.
cp -rv Bob.p12 TestCA.pem "$MILLDIR"
TMPDIR="./tmp-local"
mkdir $TMPDIR
BOUNDARY="--------BOUNDARY"
EMAILDATE=$(date --rfc-email --utc)
MSGHEADER="MIME-Version: 1.0
Date: ${EMAILDATE}
From: Alice <alice@example.com>
To: Bob <bob@example.com>
Subject: a message
Content-Type: multipart/alternative; boundary=\"${BOUNDARY}\"
"
ENVHEADER="Content-Type: application/pkcs7-mime; smime-type=enveloped-data
Content-Transfer-Encoding: base64
"
certutil -d $TMPDIR -N --empty-password
pk12util -d $TMPDIR -i Alice.p12 -W nss
pk12util -d $TMPDIR -i Bob.p12 -W nss
certutil -d $TMPDIR -M -n TestCA -t C,C,
INPUT="Content-type: text/plain
SECRET-TEXT the attacker wants to steal
"
echo "$INPUT" | cmsutil -d $TMPDIR -E -r bob@example.com | btoa > $TMPDIR/prey.b64
INPUT="Content-type: text/html
<pre>Please reply to this harmless looking message</pre><style>.moz-text-plain, .moz-quote-pre, fieldset {display: none;}</style>"
echo "$INPUT" | cmsutil -d $TMPDIR -E -r bob@example.com | btoa > $TMPDIR/bait.b64
MSG=$TMPDIR/msg.eml
{
echo -n "$MSGHEADER"
echo "--$BOUNDARY"
echo -n "$ENVHEADER"
cat $TMPDIR/bait.b64
echo "--$BOUNDARY"
echo -n "$ENVHEADER"
cat $TMPDIR/prey.b64
echo "--$BOUNDARY"
} > $MSG
mv $MSG "$MILLDIR/multipart-alternative.eml"
# Create a message with a mismatching message date (use a later time,
# because the test certificates aren't valid at earlier times).
GOOD_DATE=$(grep ^Date "alice.dsig.SHA256.multipart.eml" | sed 's/^Date: //')
FUTURE_DATE=$(date --utc --rfc-email --date="${GOOD_DATE} + 6 hours")
sed "s/^Date: .*$/Date: ${FUTURE_DATE}/" "alice.dsig.SHA256.multipart.eml" > "alice.future.dsig.SHA256.multipart.eml"
rm -rf $TMPDIR
|
