gitlab-org--gitlab-foss/spec/lib/gitlab/email/hook/smime_signature_interceptor...

require 'spec_helper'

describe Gitlab::Email::Hook::SmimeSignatureInterceptor do
  include SmimeHelper

  # cert generation is an expensive operation and they are used read-only,
  # so we share them as instance variables in all tests
  before :context do
    @root_ca = generate_root
    @cert = generate_cert(root_ca: @root_ca)
  end

  let(:root_certificate) do
    Gitlab::Email::Smime::Certificate.new(@root_ca[:key], @root_ca[:cert])
  end

  let(:certificate) do
    Gitlab::Email::Smime::Certificate.new(@cert[:key], @cert[:cert])
  end

  let(:mail) do
    ActionMailer::Base.mail(to: 'test@example.com', from: 'info@example.com', body: 'signed hello')
  end

  before do
    allow(Gitlab::Email::Smime::Certificate).to receive_messages(from_files: certificate)

    Mail.register_interceptor(described_class)
    mail.deliver_now
  end

  after do
    Mail.unregister_interceptor(described_class)
  end

  it 'signs the email appropriately with SMIME' do
    expect(mail.header['To'].value).to eq('test@example.com')
    expect(mail.header['From'].value).to eq('info@example.com')
    expect(mail.header['Content-Type'].value).to match('multipart/signed').and match('protocol="application/x-pkcs7-signature"')

    # verify signature and obtain pkcs7 encoded content
    p7enc = Gitlab::Email::Smime::Signer.verify_signature(
      cert: certificate.cert,
      ca_cert: root_certificate.cert,
      signed_data: mail.encoded)

    # envelope in a Mail object and obtain the body
    decoded_mail = Mail.new(p7enc.data)

    expect(decoded_mail.body.encoded).to eq('signed hello')
  end
end
feat: SMIME signed notification emails - Add mail interceptor the signs outgoing email with SMIME - Add lib and helpers to work with SMIME data - New configuration params for setting up SMIME key and cert files 2019-07-10 19:40:28 +00:00			`require 'spec_helper'`

			`describe Gitlab::Email::Hook::SmimeSignatureInterceptor do`
			`include SmimeHelper`

			`# cert generation is an expensive operation and they are used read-only,`
			`# so we share them as instance variables in all tests`
			`before :context do`
			`@root_ca = generate_root`
			`@cert = generate_cert(root_ca: @root_ca)`
			`end`

			`let(:root_certificate) do`
			`Gitlab::Email::Smime::Certificate.new(@root_ca[:key], @root_ca[:cert])`
			`end`

			`let(:certificate) do`
			`Gitlab::Email::Smime::Certificate.new(@cert[:key], @cert[:cert])`
			`end`

			`let(:mail) do`
			`ActionMailer::Base.mail(to: 'test@example.com', from: 'info@example.com', body: 'signed hello')`
			`end`

			`before do`
			`allow(Gitlab::Email::Smime::Certificate).to receive_messages(from_files: certificate)`

			`Mail.register_interceptor(described_class)`
			`mail.deliver_now`
			`end`

			`after do`
			`Mail.unregister_interceptor(described_class)`
			`end`

			`it 'signs the email appropriately with SMIME' do`
			`expect(mail.header['To'].value).to eq('test@example.com')`
			`expect(mail.header['From'].value).to eq('info@example.com')`
			`expect(mail.header['Content-Type'].value).to match('multipart/signed').and match('protocol="application/x-pkcs7-signature"')`

			`# verify signature and obtain pkcs7 encoded content`
			`p7enc = Gitlab::Email::Smime::Signer.verify_signature(`
			`cert: certificate.cert,`
			`ca_cert: root_certificate.cert,`
			`signed_data: mail.encoded)`

			`# envelope in a Mail object and obtain the body`
			`decoded_mail = Mail.new(p7enc.data)`

			`expect(decoded_mail.body.encoded).to eq('signed hello')`
			`end`
			`end`