Add tests for mml-sec.el

36 files changed, 890 insertions, 0 deletions

diff --git a/test/data/mml-sec/.gpg-v21-migrated b/test/data/mml-sec/.gpg-v21-migrated
new file mode 100644
index 00000000000..e69de29bb2d
--- /dev/null
+++ b/test/data/mml-sec/.gpg-v21-migrated
diff --git a/test/data/mml-sec/gpg-agent.conf b/test/data/mml-sec/gpg-agent.conf
new file mode 100644
index 00000000000..20192990caf
--- /dev/null
+++ b/test/data/mml-sec/gpg-agent.conf
@@ -0,0 +1,5 @@
+# pinentry-program /usr/bin/pinentry-gtk-2
+
+# verbose
+# log-file /tmp/gpg-agent.log
+# debug-all
diff --git a/test/data/mml-sec/private-keys-v1.d/02089CDDC6DFE93B8EA10D9E876F983E61FEC476.key b/test/data/mml-sec/private-keys-v1.d/02089CDDC6DFE93B8EA10D9E876F983E61FEC476.key
new file mode 100644
index 00000000000..58fd0b5edbc
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/02089CDDC6DFE93B8EA10D9E876F983E61FEC476.key
diff --git a/test/data/mml-sec/private-keys-v1.d/171B444DE92BEF997229000D9784118A94EEC1C9.key b/test/data/mml-sec/private-keys-v1.d/171B444DE92BEF997229000D9784118A94EEC1C9.key
new file mode 100644
index 00000000000..62f4ab25a69
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/171B444DE92BEF997229000D9784118A94EEC1C9.key
diff --git a/test/data/mml-sec/private-keys-v1.d/19FFEBC04DF3E037E16F6A4474DCB7984406975D.key b/test/data/mml-sec/private-keys-v1.d/19FFEBC04DF3E037E16F6A4474DCB7984406975D.key
new file mode 100644
index 00000000000..2a8ce135fb2
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/19FFEBC04DF3E037E16F6A4474DCB7984406975D.key
diff --git a/test/data/mml-sec/private-keys-v1.d/1E36D27DF9DAB96302D35268DADC5CE73EF45A2A.key b/test/data/mml-sec/private-keys-v1.d/1E36D27DF9DAB96302D35268DADC5CE73EF45A2A.key
new file mode 100644
index 00000000000..9f8de71c5e2
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/1E36D27DF9DAB96302D35268DADC5CE73EF45A2A.key
diff --git a/test/data/mml-sec/private-keys-v1.d/293109315BE584AB2EFEFCFCAD64666221D8B36C.key b/test/data/mml-sec/private-keys-v1.d/293109315BE584AB2EFEFCFCAD64666221D8B36C.key
new file mode 100644
index 00000000000..6e4a4e548fd
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/293109315BE584AB2EFEFCFCAD64666221D8B36C.key
diff --git a/test/data/mml-sec/private-keys-v1.d/335689599E1C0F66D73ADCF51E03EE36C97D121F.key b/test/data/mml-sec/private-keys-v1.d/335689599E1C0F66D73ADCF51E03EE36C97D121F.key
new file mode 100644
index 00000000000..cff58edaa89
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/335689599E1C0F66D73ADCF51E03EE36C97D121F.key
diff --git a/test/data/mml-sec/private-keys-v1.d/40BF94E540E3726CB150A1ADF7C1B514444B3FA6.key b/test/data/mml-sec/private-keys-v1.d/40BF94E540E3726CB150A1ADF7C1B514444B3FA6.key
new file mode 100644
index 00000000000..14af8662f79
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/40BF94E540E3726CB150A1ADF7C1B514444B3FA6.key
diff --git a/test/data/mml-sec/private-keys-v1.d/515D4637EFC6C09DB1F78BE8C2F2A3D63E7756C3.key b/test/data/mml-sec/private-keys-v1.d/515D4637EFC6C09DB1F78BE8C2F2A3D63E7756C3.key
new file mode 100644
index 00000000000..207a7237d3a
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/515D4637EFC6C09DB1F78BE8C2F2A3D63E7756C3.key
diff --git a/test/data/mml-sec/private-keys-v1.d/5A11B1935C46D0B227A73978DCA1293A85604F1D.key b/test/data/mml-sec/private-keys-v1.d/5A11B1935C46D0B227A73978DCA1293A85604F1D.key
new file mode 100644
index 00000000000..85ca78da04d
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/5A11B1935C46D0B227A73978DCA1293A85604F1D.key
diff --git a/test/data/mml-sec/private-keys-v1.d/62643CEBC7AEBE6817577A34399483700D76BD64.key b/test/data/mml-sec/private-keys-v1.d/62643CEBC7AEBE6817577A34399483700D76BD64.key
new file mode 100644
index 00000000000..79f3cd2b841
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/62643CEBC7AEBE6817577A34399483700D76BD64.key
diff --git a/test/data/mml-sec/private-keys-v1.d/680D01F368916A0021C14E3453B27B3C5F900683.key b/test/data/mml-sec/private-keys-v1.d/680D01F368916A0021C14E3453B27B3C5F900683.key
new file mode 100644
index 00000000000..776ddf7e9e2
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/680D01F368916A0021C14E3453B27B3C5F900683.key
diff --git a/test/data/mml-sec/private-keys-v1.d/6DF2D9DF7AED06F0524BEB642DF0FB48EFDBDB93.key b/test/data/mml-sec/private-keys-v1.d/6DF2D9DF7AED06F0524BEB642DF0FB48EFDBDB93.key
new file mode 100644
index 00000000000..2b464f0ccbe
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/6DF2D9DF7AED06F0524BEB642DF0FB48EFDBDB93.key
diff --git a/test/data/mml-sec/private-keys-v1.d/78C17E134E86E691297F7B719B2F2CDF41976234.key b/test/data/mml-sec/private-keys-v1.d/78C17E134E86E691297F7B719B2F2CDF41976234.key
new file mode 100644
index 00000000000..28a07668b21
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/78C17E134E86E691297F7B719B2F2CDF41976234.key
diff --git a/test/data/mml-sec/private-keys-v1.d/7F714F4D9D9676638214991E96D45704E4FFC409.key b/test/data/mml-sec/private-keys-v1.d/7F714F4D9D9676638214991E96D45704E4FFC409.key
new file mode 100644
index 00000000000..137659693bd
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/7F714F4D9D9676638214991E96D45704E4FFC409.key
diff --git a/test/data/mml-sec/private-keys-v1.d/854752F5D8090CA36EFBDD79C72BDFF6FA2D1FF0.key b/test/data/mml-sec/private-keys-v1.d/854752F5D8090CA36EFBDD79C72BDFF6FA2D1FF0.key
new file mode 100644
index 00000000000..c99824ccd43
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/854752F5D8090CA36EFBDD79C72BDFF6FA2D1FF0.key
diff --git a/test/data/mml-sec/private-keys-v1.d/93FF37C268FDBF0767F5FFDC49409DDAC9388B2C.key b/test/data/mml-sec/private-keys-v1.d/93FF37C268FDBF0767F5FFDC49409DDAC9388B2C.key
new file mode 100644
index 00000000000..49c2dc58bd8
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/93FF37C268FDBF0767F5FFDC49409DDAC9388B2C.key
diff --git a/test/data/mml-sec/private-keys-v1.d/A3BA94EAE83509CC90DB1B77B54A51959D8DABEA.key b/test/data/mml-sec/private-keys-v1.d/A3BA94EAE83509CC90DB1B77B54A51959D8DABEA.key
new file mode 100644
index 00000000000..ca128408952
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/A3BA94EAE83509CC90DB1B77B54A51959D8DABEA.key
diff --git a/test/data/mml-sec/private-keys-v1.d/A73E9D01F0465B518E8E7D5AD529077AAC1603B4.key b/test/data/mml-sec/private-keys-v1.d/A73E9D01F0465B518E8E7D5AD529077AAC1603B4.key
new file mode 100644
index 00000000000..3f14b40927a
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/A73E9D01F0465B518E8E7D5AD529077AAC1603B4.key
diff --git a/test/data/mml-sec/private-keys-v1.d/AE6A24B17A8D0CAF9B7E000AA77F0B41D7BFFFCF.key b/test/data/mml-sec/private-keys-v1.d/AE6A24B17A8D0CAF9B7E000AA77F0B41D7BFFFCF.key
new file mode 100644
index 00000000000..06adc06c427
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/AE6A24B17A8D0CAF9B7E000AA77F0B41D7BFFFCF.key
diff --git a/test/data/mml-sec/private-keys-v1.d/C072AF82DCCCB9A7F1B85FFA10B802DC4ED16703.key b/test/data/mml-sec/private-keys-v1.d/C072AF82DCCCB9A7F1B85FFA10B802DC4ED16703.key
new file mode 100644
index 00000000000..cf9a60d233b
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/C072AF82DCCCB9A7F1B85FFA10B802DC4ED16703.key
diff --git a/test/data/mml-sec/private-keys-v1.d/C43E1A079B28DFAEBB39CBA01793BDE11EF4B490.key b/test/data/mml-sec/private-keys-v1.d/C43E1A079B28DFAEBB39CBA01793BDE11EF4B490.key
new file mode 100644
index 00000000000..0ed35172fe0
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/C43E1A079B28DFAEBB39CBA01793BDE11EF4B490.key
diff --git a/test/data/mml-sec/private-keys-v1.d/C67DAD345455EAD6D51368008FC3A53B8D195B5A.key b/test/data/mml-sec/private-keys-v1.d/C67DAD345455EAD6D51368008FC3A53B8D195B5A.key
new file mode 100644
index 00000000000..090059d9e81
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/C67DAD345455EAD6D51368008FC3A53B8D195B5A.key
diff --git a/test/data/mml-sec/private-keys-v1.d/CB5E00CE582C2645D2573FC16B2F14F85A7F47AA.key b/test/data/mml-sec/private-keys-v1.d/CB5E00CE582C2645D2573FC16B2F14F85A7F47AA.key
new file mode 100644
index 00000000000..9061f675121
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/CB5E00CE582C2645D2573FC16B2F14F85A7F47AA.key
diff --git a/test/data/mml-sec/private-keys-v1.d/CC68630A06B048F5A91136C162C7A3273E20DE6F.key b/test/data/mml-sec/private-keys-v1.d/CC68630A06B048F5A91136C162C7A3273E20DE6F.key
new file mode 100644
index 00000000000..89f6013100d
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/CC68630A06B048F5A91136C162C7A3273E20DE6F.key
diff --git a/test/data/mml-sec/private-keys-v1.d/E7E73903E1BF93481DE0E7C9769D6C31E1863CFF.key b/test/data/mml-sec/private-keys-v1.d/E7E73903E1BF93481DE0E7C9769D6C31E1863CFF.key
new file mode 100644
index 00000000000..41dac37574e
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/E7E73903E1BF93481DE0E7C9769D6C31E1863CFF.key
diff --git a/test/data/mml-sec/private-keys-v1.d/F0117468BE801ED4B81972E159A98FDD4814DCEC.key b/test/data/mml-sec/private-keys-v1.d/F0117468BE801ED4B81972E159A98FDD4814DCEC.key
new file mode 100644
index 00000000000..5df7b4a5953
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/F0117468BE801ED4B81972E159A98FDD4814DCEC.key
diff --git a/test/data/mml-sec/private-keys-v1.d/F4C5EFD5779BE892CAFD5B721D68DED677C9B151.key b/test/data/mml-sec/private-keys-v1.d/F4C5EFD5779BE892CAFD5B721D68DED677C9B151.key
new file mode 100644
index 00000000000..03daf80975b
--- /dev/null
+++ b/test/data/mml-sec/private-keys-v1.d/F4C5EFD5779BE892CAFD5B721D68DED677C9B151.key
diff --git a/test/data/mml-sec/pubring.gpg b/test/data/mml-sec/pubring.gpg
new file mode 100644
index 00000000000..6bd169963df
--- /dev/null
+++ b/test/data/mml-sec/pubring.gpg
diff --git a/test/data/mml-sec/pubring.kbx b/test/data/mml-sec/pubring.kbx
new file mode 100644
index 00000000000..399a0414fd2
--- /dev/null
+++ b/test/data/mml-sec/pubring.kbx
diff --git a/test/data/mml-sec/random_seed b/test/data/mml-sec/random_seed
new file mode 100644
index 00000000000..530fd76c1e5
--- /dev/null
+++ b/test/data/mml-sec/random_seed
diff --git a/test/data/mml-sec/secring.gpg b/test/data/mml-sec/secring.gpg
new file mode 100644
index 00000000000..b323c072c04
--- /dev/null
+++ b/test/data/mml-sec/secring.gpg
diff --git a/test/data/mml-sec/trustdb.gpg b/test/data/mml-sec/trustdb.gpg
new file mode 100644
index 00000000000..09ebd8db114
--- /dev/null
+++ b/test/data/mml-sec/trustdb.gpg
diff --git a/test/data/mml-sec/trustlist.txt b/test/data/mml-sec/trustlist.txt
new file mode 100644
index 00000000000..f886572d283
--- /dev/null
+++ b/test/data/mml-sec/trustlist.txt
@@ -0,0 +1,26 @@
+# This is the list of trusted keys.  Comment lines, like this one, as
+# well as empty lines are ignored.  Lines have a length limit but this
+# is not a serious limitation as the format of the entries is fixed and
+# checked by gpg-agent.  A non-comment line starts with optional white
+# space, followed by the SHA-1 fingerpint in hex, followed by a flag
+# which may be one of 'P', 'S' or '*' and optionally followed by a list of
+# other flags.  The fingerprint may be prefixed with a '!' to mark the
+# key as not trusted.  You should give the gpg-agent a HUP or run the
+# command "gpgconf --reload gpg-agent" after changing this file.
+
+
+# Include the default trust list
+include-default
+
+
+# CN=No Expiry
+D0:6A:A1:18:65:3C:C3:8E:9D:0C:AF:56:ED:7A:21:35:E1:58:21:77 S relax
+
+# CN=Second Key Pair
+0E:58:22:9B:80:EE:33:95:9F:F7:18:FE:EF:25:40:2B:47:9D:C6:E2 S relax
+
+# CN=No Expiry two UIDs
+D4:CA:78:E1:47:0B:9F:C2:AE:45:D7:84:64:9B:8C:E6:4E:BB:32:0C S relax
+
+# CN=Different subkeys
+4F:96:2A:B7:F4:76:61:6A:78:3D:72:AA:40:35:D5:9B:5F:88:E9:FC S relax
diff --git a/test/lisp/gnus/mml-sec-tests.el b/test/lisp/gnus/mml-sec-tests.el
new file mode 100644
index 00000000000..28be3b9bd46
--- /dev/null
+++ b/test/lisp/gnus/mml-sec-tests.el
@@ -0,0 +1,859 @@
+;;; gnustest-mml-sec.el --- Tests mml-sec.el, see README-mml-secure.txt.
+;; Copyright (C) 2015 Free Software Foundation, Inc.
+
+;; Author: Jens Lechtenbörger <jens.lechtenboerger@fsfe.org>
+
+;; This file is not part of GNU Emacs.
+
+;; GNU Emacs is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3, or (at your option)
+;; any later version.
+
+;; GNU Emacs is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+
+;; You should have received a copy of the GNU General Public License
+;; along with GNU Emacs.  If not, see <http://www.gnu.org/licenses/>.
+
+;;; Commentary:
+
+;;; Code:
+
+(require 'ert)
+
+(require 'message)
+(require 'epa)
+(require 'epg)
+(require 'mml-sec)
+(require 'gnus-sum)
+
+(defvar with-smime nil
+  "If nil, exclude S/MIME from tests as passphrases need to entered manually.
+Mostly, the empty passphrase is used.  However, the keys for
+ \"No Expiry two UIDs\" have the passphrase \"Passphrase\" (for OpenPGP as well
+ as S/MIME).")
+
+(defun enc-standards ()
+  (if with-smime '(enc-pgp enc-pgp-mime enc-smime)
+    '(enc-pgp enc-pgp-mime)))
+(defun enc-sign-standards ()
+  (if with-smime
+      '(enc-sign-pgp enc-sign-pgp-mime enc-sign-smime)
+    '(enc-sign-pgp enc-sign-pgp-mime)))
+(defun sign-standards ()
+  (if with-smime
+      '(sign-pgp sign-pgp-mime sign-smime)
+    '(sign-pgp sign-pgp-mime)))
+
+(defun mml-secure-test-fixture (body &optional interactive)
+  "Setup GnuPG home containing test keys and prepare environment for BODY.
+If optional INTERACTIVE is non-nil, allow questions to the user in case of
+key problems.
+This fixture temporarily unsets GPG_AGENT_INFO to enable passphrase tests,
+which will neither work with gpgsm nor GnuPG 2.1 any longer, I guess.
+Actually, I'm not sure why people would want to cache passwords in Emacs
+instead of gpg-agent."
+  (unwind-protect
+      (let ((agent-info (getenv "GPG_AGENT_INFO"))
+	    (gpghome (getenv "GNUPGHOME")))
+	(condition-case error
+	    (let ((epg-gpg-home-directory
+                   (expand-file-name "test/data/mml-sec" source-directory))
+                  (mml-secure-allow-signing-with-unknown-recipient t)
+		  (mml-smime-use 'epg)
+		  ;; Create debug output in empty epg-debug-buffer.
+		  (epg-debug t)
+		  (epg-debug-buffer (get-buffer-create " *epg-test*"))
+		  (mml-secure-fail-when-key-problem (not interactive)))
+	      (with-current-buffer epg-debug-buffer
+		(erase-buffer))
+	      ;; Unset GPG_AGENT_INFO to enable passphrase caching inside Emacs.
+	      ;; Just for testing.  Jens does not recommend this for daily use.
+	      (setenv "GPG_AGENT_INFO")
+	      ;; Set GNUPGHOME as gpg-agent started by gpgsm does
+	      ;; not look in the proper places otherwise, see:
+	      ;; https://bugs.gnupg.org/gnupg/issue2126
+	      (setenv "GNUPGHOME" epg-gpg-home-directory)
+	      (funcall body))
+	  (error
+	   (setenv "GPG_AGENT_INFO" agent-info)
+	   (setenv "GNUPGHOME" gpghome)
+	   (signal (car error) (cdr error))))
+	(setenv "GPG_AGENT_INFO" agent-info)
+	(setenv "GNUPGHOME" gpghome))))
+
+(defun mml-secure-test-message-setup (method to from &optional text bcc)
+  "Setup a buffer with MML METHOD, TO, and FROM headers.
+Optionally, a message TEXT and BCC header can be passed."
+  (with-temp-buffer
+    (when bcc (insert (format "Bcc: %s\n" bcc)))
+    (insert (format "To: %s
+From: %s
+Subject: Test
+%s\n" to from mail-header-separator))
+    (if text
+	(insert (format "%s" text))
+      (spook))
+    (cond ((eq method 'enc-pgp-mime)
+	   (mml-secure-message-encrypt-pgpmime 'nosig))
+	  ((eq method 'enc-sign-pgp-mime)
+	   (mml-secure-message-encrypt-pgpmime))
+	  ((eq method 'enc-pgp) (mml-secure-message-encrypt-pgp 'nosig))
+	  ((eq method 'enc-sign-pgp) (mml-secure-message-encrypt-pgp))
+	  ((eq method 'enc-smime) (mml-secure-message-encrypt-smime 'nosig))
+	  ((eq method 'enc-sign-smime) (mml-secure-message-encrypt-smime))
+	  ((eq method 'sign-pgp-mime) (mml-secure-message-sign-pgpmime))
+	  ((eq method 'sign-pgp) (mml-secure-message-sign-pgp))
+	  ((eq method 'sign-smime) (mml-secure-message-sign-smime))
+	  (t (error "Unknown method")))
+    (buffer-string)))
+
+(defun mml-secure-test-mail-fixture (method to from body2
+					    &optional interactive)
+  "Setup buffer encrypted using METHOD for TO from FROM, call BODY2.
+Pass optional INTERACTIVE to mml-secure-test-fixture."
+  (mml-secure-test-fixture
+   (lambda ()
+     (let ((context (if (memq method '(enc-smime enc-sign-smime sign-smime))
+			(epg-make-context 'CMS)
+		      (epg-make-context 'OpenPGP)))
+	   ;; Verify and decrypt by default.
+	   (mm-verify-option 'known)
+	   (mm-decrypt-option 'known)
+	   (plaintext "The Magic Words are Squeamish Ossifrage"))
+       (with-temp-buffer
+	 (insert (mml-secure-test-message-setup method to from plaintext))
+	 (message-options-set-recipient)
+	 (message-encode-message-body)
+	 ;; Replace separator line with newline.
+	 (goto-char (point-min))
+	 (re-search-forward
+	  (concat "^" (regexp-quote mail-header-separator) "\n"))
+	 (replace-match "\n")
+	 ;; The following treatment of handles, plainbuf, and multipart
+	 ;; resulted from trial-and-error.
+	 ;; Someone with more knowledge on how to decrypt messages and verify
+	 ;; signatures might know more appropriate functions to invoke
+	 ;; instead.
+	 (let* ((handles (or (mm-dissect-buffer)
+			     (mm-uu-dissect)))
+		(isplain (bufferp (car handles)))
+		(ismultipart (equal (car handles) "multipart/mixed"))
+		(plainbuf (if isplain
+			      (car handles)
+			    (if ismultipart
+				(car (cadadr handles))
+			      (caadr handles))))
+		(decrypted
+		 (with-current-buffer plainbuf (buffer-string)))
+		(gnus-info
+		 (if isplain
+		     nil
+		   (if ismultipart
+		       (or (mm-handle-multipart-ctl-parameter
+			    (cadr handles) 'gnus-details)
+			   (mm-handle-multipart-ctl-parameter
+			    (cadr handles) 'gnus-info))
+		     (mm-handle-multipart-ctl-parameter
+		      handles 'gnus-info)))))
+	   (funcall body2 gnus-info plaintext decrypted)))))
+   interactive))
+
+;; TODO If the variable BODY3 is renamed to BODY, an infinite recursion
+;; occurs.  Emacs bug?
+(defun mml-secure-test-key-fixture (body3)
+  "Customize unique keys for sub@example.org and call BODY3.
+For OpenPGP, we have:
+- 1E6B FA97 3D9E 3103 B77F  D399 C399 9CF1 268D BEA2
+  uid                  Different subkeys <sub@example.org>
+- 1463 2ECA B9E2 2736 9C8D  D97B F7E7 9AB7 AE31 D471
+  uid                  Second Key Pair <sub@example.org>
+
+For S/MIME:
+          ID: 0x479DC6E2
+      Subject: /CN=Second Key Pair
+          aka: sub@example.org
+  fingerprint: 0E:58:22:9B:80:EE:33:95:9F:F7:18:FE:EF:25:40:2B:47:9D:C6:E2
+
+           ID: 0x5F88E9FC
+      Subject: /CN=Different subkeys
+          aka: sub@example.org
+  fingerprint: 4F:96:2A:B7:F4:76:61:6A:78:3D:72:AA:40:35:D5:9B:5F:88:E9:FC
+
+In both cases, the first key is customized for signing and encryption."
+  (mml-secure-test-fixture
+   (lambda ()
+     (let* ((mml-secure-key-preferences
+	     '((OpenPGP (sign) (encrypt)) (CMS (sign) (encrypt))))
+	    (pcontext (epg-make-context 'OpenPGP))
+	    (pkey (epg-list-keys pcontext "C3999CF1268DBEA2"))
+	    (scontext (epg-make-context 'CMS))
+	    (skey (epg-list-keys scontext "0x479DC6E2")))
+       (mml-secure-cust-record-keys pcontext 'encrypt "sub@example.org" pkey)
+       (mml-secure-cust-record-keys pcontext 'sign "sub@example.org" pkey)
+       (mml-secure-cust-record-keys scontext 'encrypt "sub@example.org" skey)
+       (mml-secure-cust-record-keys scontext 'sign "sub@example.org" skey)
+       (funcall body3)))))
+
+(ert-deftest mml-secure-key-checks ()
+  "Test mml-secure-check-user-id and mml-secure-check-sub-key on sample keys."
+  (mml-secure-test-fixture
+   (lambda ()
+     (let* ((context (epg-make-context 'OpenPGP))
+	    (keys1 (epg-list-keys context "expired@example.org"))
+	    (keys2 (epg-list-keys context "no-exp@example.org"))
+	    (keys3 (epg-list-keys context "sub@example.org"))
+	    (keys4 (epg-list-keys context "revoked-uid@example.org"))
+	    (keys5 (epg-list-keys context "disabled@example.org"))
+	    (keys6 (epg-list-keys context "sign@example.org"))
+	    (keys7 (epg-list-keys context "jens.lechtenboerger@fsfe"))
+	    )
+       (should (and (= 1 (length keys1)) (= 1 (length keys2))
+		    (= 2 (length keys3))
+		    (= 1 (length keys4)) (= 1 (length keys5))
+		    ))
+       ;; key1 is expired
+       (should-not (mml-secure-check-user-id (car keys1) "expired@example.org"))
+       (should-not (mml-secure-check-sub-key context (car keys1) 'encrypt))
+       (should-not (mml-secure-check-sub-key context (car keys1) 'sign))
+
+       ;; key2 does not expire, but does not have the UID expired@example.org
+       (should-not (mml-secure-check-user-id (car keys2) "expired@example.org"))
+       (should (mml-secure-check-user-id (car keys2) "no-exp@example.org"))
+       (should (mml-secure-check-sub-key context (car keys2) 'encrypt))
+       (should (mml-secure-check-sub-key context (car keys2) 'sign))
+
+       ;; Two keys exist for sub@example.org.
+       (should (mml-secure-check-user-id (car keys3) "sub@example.org"))
+       (should (mml-secure-check-sub-key context (car keys3) 'encrypt))
+       (should (mml-secure-check-sub-key context (car keys3) 'sign))
+       (should (mml-secure-check-user-id (cadr keys3) "sub@example.org"))
+       (should (mml-secure-check-sub-key context (cadr keys3) 'encrypt))
+       (should (mml-secure-check-sub-key context (cadr keys3) 'sign))
+
+       ;; The UID revoked-uid@example.org is revoked.  The key itself is
+       ;; usable, though (with the UID sub@example.org).
+       (should-not
+	(mml-secure-check-user-id (car keys4) "revoked-uid@example.org"))
+       (should (mml-secure-check-sub-key context (car keys4) 'encrypt))
+       (should (mml-secure-check-sub-key context (car keys4) 'sign))
+       (should (mml-secure-check-user-id (car keys4) "sub@example.org"))
+
+       ;; The next key is disabled and, thus, unusable.
+       (should (mml-secure-check-user-id (car keys5) "disabled@example.org"))
+       (should-not (mml-secure-check-sub-key context (car keys5) 'encrypt))
+       (should-not (mml-secure-check-sub-key context (car keys5) 'sign))
+
+       ;; The next key has multiple subkeys.
+       ;; 42466F0F is valid sign subkey, 501FFD98 is expired
+       (should (mml-secure-check-sub-key context (car keys6) 'sign "42466F0F"))
+       (should-not
+	(mml-secure-check-sub-key context (car keys6) 'sign "501FFD98"))
+       ;; DC7F66E7 is encrypt subkey
+       (should
+	(mml-secure-check-sub-key context (car keys6) 'encrypt "DC7F66E7"))
+       (should-not
+	(mml-secure-check-sub-key context (car keys6) 'sign "DC7F66E7"))
+       (should-not
+	(mml-secure-check-sub-key context (car keys6) 'encrypt "42466F0F"))
+
+       ;; The final key is just a public key.
+       (should (mml-secure-check-sub-key context (car keys7) 'encrypt))
+       (should-not (mml-secure-check-sub-key context (car keys7) 'sign))
+       ))))
+
+(ert-deftest mml-secure-find-usable-keys-1 ()
+  "Make sure that expired and disabled keys and revoked UIDs are not used."
+  (mml-secure-test-fixture
+   (lambda ()
+     (let ((context (epg-make-context 'OpenPGP)))
+       (should-not
+	(mml-secure-find-usable-keys context "expired@example.org" 'encrypt))
+       (should-not
+	(mml-secure-find-usable-keys context "expired@example.org" 'sign))
+
+       (should-not
+	(mml-secure-find-usable-keys context "disabled@example.org" 'encrypt))
+       (should-not
+	(mml-secure-find-usable-keys context "disabled@example.org" 'sign))
+
+       (should-not
+	(mml-secure-find-usable-keys
+	 context "<revoked-uid@example.org>" 'encrypt))
+       (should-not
+	(mml-secure-find-usable-keys
+	 context "<revoked-uid@example.org>" 'sign))
+       ;; Same test without ankles.  Will fail for Ma Gnus v0.14 and earlier.
+       (should-not
+	(mml-secure-find-usable-keys
+	 context "revoked-uid@example.org" 'encrypt))
+
+       ;; Expired key should not be usable.
+       ;; Will fail for Ma Gnus v0.14 and earlier.
+       ;; sign@example.org has the expired subkey 0x501FFD98.
+       (should-not
+	(mml-secure-find-usable-keys context "0x501FFD98" 'sign))
+
+       (should
+	(mml-secure-find-usable-keys context "no-exp@example.org" 'encrypt))
+       (should
+	(mml-secure-find-usable-keys context "no-exp@example.org" 'sign))
+       ))))
+
+(ert-deftest mml-secure-find-usable-keys-2 ()
+  "Test different ways to search for keys."
+  (mml-secure-test-fixture
+   (lambda ()
+     (let ((context (epg-make-context 'OpenPGP)))
+       ;; Plain substring search is not supported.
+       (should
+	(= 0 (length
+	      (mml-secure-find-usable-keys context "No Expiry" 'encrypt))))
+       (should
+	(= 0 (length
+	      (mml-secure-find-usable-keys context "No Expiry" 'sign))))
+
+       ;; Search for e-mail addresses works with and without ankle brackets.
+       (should
+	(= 1 (length (mml-secure-find-usable-keys
+		      context "<no-exp@example.org>" 'encrypt))))
+       (should
+	(= 1 (length (mml-secure-find-usable-keys
+		      context "<no-exp@example.org>" 'sign))))
+       (should
+	(= 1 (length (mml-secure-find-usable-keys
+		      context "no-exp@example.org" 'encrypt))))
+       (should
+	(= 1 (length (mml-secure-find-usable-keys
+		      context "no-exp@example.org" 'sign))))
+
+       ;; Use full UID string.
+       (should
+	(= 1 (length (mml-secure-find-usable-keys
+		      context "No Expiry <no-exp@example.org>" 'encrypt))))
+       (should
+	(= 1 (length (mml-secure-find-usable-keys
+		      context "No Expiry <no-exp@example.org>" 'sign))))
+
+       ;; If just the public key is present, only encryption is possible.
+       ;; Search works with key IDs, with and without prefix "0x".
+       (should
+	(= 1 (length (mml-secure-find-usable-keys
+		      context "A142FD84" 'encrypt))))
+       (should
+	(= 1 (length (mml-secure-find-usable-keys
+		      context "0xA142FD84" 'encrypt))))
+       (should
+	(= 0 (length (mml-secure-find-usable-keys
+		      context "A142FD84" 'sign))))
+       (should
+	(= 0 (length (mml-secure-find-usable-keys
+		      context "0xA142FD84" 'sign))))
+       ))))
+
+(ert-deftest mml-secure-select-preferred-keys-1 ()
+  "If only one key exists for an e-mail address, it is the preferred one."
+  (mml-secure-test-fixture
+   (lambda ()
+     (let ((context (epg-make-context 'OpenPGP)))
+       (should (equal "832F3CC6518D37BC658261B802372A42CA6D40FB"
+		      (mml-secure-fingerprint
+		       (car (mml-secure-select-preferred-keys
+			     context '("no-exp@example.org") 'encrypt)))))))))
+
+(ert-deftest mml-secure-select-preferred-keys-2 ()
+  "If multiple keys exists for an e-mail address, customization is necessary."
+  (mml-secure-test-fixture
+   (lambda ()
+     (let* ((context (epg-make-context 'OpenPGP))
+	    (mml-secure-key-preferences
+	     '((OpenPGP (sign) (encrypt)) (CMS (sign) (encrypt))))
+	    (pref (car (mml-secure-find-usable-keys
+			context "sub@example.org" 'encrypt))))
+       (should-error (mml-secure-select-preferred-keys
+		      context '("sub@example.org") 'encrypt))
+       (mml-secure-cust-record-keys
+	context 'encrypt "sub@example.org" (list pref))
+       (should (mml-secure-select-preferred-keys
+		context '("sub@example.org") 'encrypt))
+       (should-error (mml-secure-select-preferred-keys
+		      context '("sub@example.org") 'sign))
+       (should (mml-secure-select-preferred-keys
+                context '("sub@example.org") 'encrypt))
+       (should
+	(equal (list (mml-secure-fingerprint pref))
+	       (mml-secure-cust-fpr-lookup context 'encrypt "sub@example.org")))
+       (should (mml-secure-cust-remove-keys context 'encrypt "sub@example.org"))
+       (should-error (mml-secure-select-preferred-keys
+                      context '("sub@example.org") 'encrypt))))))
+
+(ert-deftest mml-secure-select-preferred-keys-3 ()
+  "Expired customized keys are removed if multiple keys are available."
+  (mml-secure-test-fixture
+   (lambda ()
+     (let ((context (epg-make-context 'OpenPGP))
+	   (mml-secure-key-preferences
+	    '((OpenPGP (sign) (encrypt)) (CMS (sign) (encrypt)))))
+       ;; sub@example.org has two keys (268DBEA2, AE31D471).
+       ;; Normal preference works.
+       (mml-secure-cust-record-keys
+        context 'encrypt "sub@example.org" (epg-list-keys context "268DBEA2"))
+       (should (mml-secure-select-preferred-keys
+		context '("sub@example.org") 'encrypt))
+       (mml-secure-cust-remove-keys context 'encrypt "sub@example.org")
+
+       ;; Fake preference for expired (unrelated) key CE15FAE7,
+       ;; results in error (and automatic removal of outdated preference).
+       (mml-secure-cust-record-keys
+        context 'encrypt "sub@example.org" (epg-list-keys context "CE15FAE7"))
+       (should-error (mml-secure-select-preferred-keys
+		      context '("sub@example.org") 'encrypt))
+       (should-not
+	(mml-secure-cust-remove-keys context 'encrypt "sub@example.org"))))))
+
+(ert-deftest mml-secure-select-preferred-keys-4 ()
+  "Multiple keys can be recorded per recipient or signature."
+  (mml-secure-test-fixture
+   (lambda ()
+     (let ((pcontext (epg-make-context 'OpenPGP))
+	   (scontext (epg-make-context 'CMS))
+	   (pkeys '("1E6BFA973D9E3103B77FD399C3999CF1268DBEA2"
+		    "14632ECAB9E227369C8DD97BF7E79AB7AE31D471"))
+	   (skeys  '("0x5F88E9FC" "0x479DC6E2"))
+	   (mml-secure-key-preferences
+	    '((OpenPGP (sign) (encrypt)) (CMS (sign) (encrypt)))))
+
+       ;; OpenPGP preferences via pcontext
+       (dolist (key pkeys nil)
+	 (mml-secure-cust-record-keys
+	  pcontext 'encrypt "sub@example.org" (epg-list-keys pcontext key))
+	 (mml-secure-cust-record-keys
+	  pcontext 'sign "sub@example.org" (epg-list-keys pcontext key 'secret)))
+       (let ((p-e-fprs (mml-secure-cust-fpr-lookup
+			pcontext 'encrypt "sub@example.org"))
+	     (p-s-fprs (mml-secure-cust-fpr-lookup
+			pcontext 'sign "sub@example.org")))
+	 (should (= 2 (length p-e-fprs)))
+	 (should (= 2 (length p-s-fprs)))
+	 (should (member "1E6BFA973D9E3103B77FD399C3999CF1268DBEA2" p-e-fprs))
+	 (should (member "14632ECAB9E227369C8DD97BF7E79AB7AE31D471" p-e-fprs))
+	 (should (member "1E6BFA973D9E3103B77FD399C3999CF1268DBEA2" p-s-fprs))
+	 (should (member "14632ECAB9E227369C8DD97BF7E79AB7AE31D471" p-s-fprs)))
+       ;; Duplicate record does not change anything.
+       (mml-secure-cust-record-keys
+	pcontext 'encrypt "sub@example.org"
+	(epg-list-keys pcontext "1E6BFA973D9E3103B77FD399C3999CF1268DBEA2"))
+       (mml-secure-cust-record-keys
+	pcontext 'sign "sub@example.org"
+	(epg-list-keys pcontext "1E6BFA973D9E3103B77FD399C3999CF1268DBEA2"))
+       (let ((p-e-fprs (mml-secure-cust-fpr-lookup
+			pcontext 'encrypt "sub@example.org"))
+	     (p-s-fprs (mml-secure-cust-fpr-lookup
+			pcontext 'sign "sub@example.org")))
+	 (should (= 2 (length p-e-fprs)))
+	 (should (= 2 (length p-s-fprs))))
+
+       ;; S/MIME preferences via scontext
+       (dolist (key skeys nil)
+	 (mml-secure-cust-record-keys
+	  scontext 'encrypt "sub@example.org"
+	  (epg-list-keys scontext key))
+	 (mml-secure-cust-record-keys
+	  scontext 'sign "sub@example.org"
+	  (epg-list-keys scontext key 'secret)))
+       (let ((s-e-fprs (mml-secure-cust-fpr-lookup
+			scontext 'encrypt "sub@example.org"))
+	     (s-s-fprs (mml-secure-cust-fpr-lookup
+			scontext 'sign "sub@example.org")))
+	 (should (= 2 (length s-e-fprs)))
+	 (should (= 2 (length s-s-fprs))))
+       ))))
+
+(defun mml-secure-test-en-decrypt
+    (method to from
+	    &optional checksig checkplain enc-keys expectfail interactive)
+  "Encrypt message using METHOD, addressed to TO, from FROM.
+If optional CHECKSIG is non-nil, it must be a number, and a signature check is
+performed; the number indicates how many signatures are expected.
+If optional CHECKPLAIN is non-nil, the expected plaintext should be obtained
+via decryption.
+If optional ENC-KEYS is non-nil, it is a list of pairs of encryption keys (for
+OpenPGP and S/SMIME) expected in `epg-debug-buffer'.
+If optional EXPECTFAIL is non-nil, a decryption failure is expected.
+Pass optional INTERACTIVE to mml-secure-test-mail-fixture."
+  (mml-secure-test-mail-fixture method to from
+   (lambda (gnus-info plaintext decrypted)
+     (if expectfail
+	 (should-not (equal plaintext decrypted))
+       (when checkplain
+	 (should (equal plaintext decrypted)))
+       (let ((protocol (if (memq method
+				 '(enc-smime enc-sign-smime sign-smime))
+			   'CMS
+			 'OpenPGP)))
+	 (when checksig
+	   (let* ((context (epg-make-context protocol))
+		  (signer-names (mml-secure-signer-names protocol from))
+		  (signer-keys (mml-secure-signers context signer-names))
+		  (signer-fprs (mapcar 'mml-secure-fingerprint signer-keys)))
+	     (should (eq checksig (length signer-fprs)))
+	     (if (eq checksig 0)
+		 ;; First key in keyring
+		 (should (string-match-p
+			  (concat "Good signature from "
+				  (if (eq protocol 'CMS)
+				      "0E58229B80EE33959FF718FEEF25402B479DC6E2"
+				    "02372A42CA6D40FB"))
+			  gnus-info)))
+	     (dolist (fpr signer-fprs nil)
+	       ;; OpenPGP: "Good signature from 02372A42CA6D40FB No Expiry <no-exp@example.org> (trust undefined) created ..."
+	       ;; S/MIME:  "Good signature from D06AA118653CC38E9D0CAF56ED7A2135E1582177 /CN=No Expiry (trust full) ..."
+	       (should (string-match-p
+			(concat "Good signature from "
+				(if (eq protocol 'CMS)
+				    fpr
+				  (substring fpr -16 nil)))
+			gnus-info)))))
+	 (when enc-keys
+	   (with-current-buffer epg-debug-buffer
+	     (goto-char (point-min))
+	     ;; The following regexp does not necessarily match at the
+	     ;; start of the line as a path may or may not be present.
+	     ;; Also note that gpg.* matches gpg2 and gpgsm as well.
+	     (let* ((line (concat "gpg.*--encrypt.*$"))
+		    (end (re-search-forward line))
+		    (match (match-string 0)))
+	       (should (and end match))
+	       (dolist (pair enc-keys nil)
+		 (let ((fpr (if (eq protocol 'OpenPGP)
+				(car pair)
+			      (cdr pair))))
+		   (should (string-match-p (concat "-r " fpr) match))))
+	       (goto-char (point-max))
+	       ))))))
+   interactive))
+
+(defun mml-secure-test-en-decrypt-with-passphrase
+    (method to from checksig jl-passphrase do-cache
+	    &optional enc-keys expectfail)
+  "Call mml-secure-test-en-decrypt with changed passphrase caching.
+Args METHOD, TO, FROM, CHECKSIG are passed to mml-secure-test-en-decrypt.
+JL-PASSPHRASE is fixed as return value for `read-passwd',
+boolean DO-CACHE determines whether to cache the passphrase.
+If optional ENC-KEYS is non-nil, it is a list of encryption keys expected
+in `epg-debug-buffer'.
+If optional EXPECTFAIL is non-nil, a decryption failure is expected."
+  (let ((mml-secure-cache-passphrase do-cache)
+	(mml1991-cache-passphrase do-cache)
+	(mml2015-cache-passphrase do-cache)
+	(mml-smime-cache-passphrase do-cache)
+	)
+    (cl-letf (((symbol-function 'read-passwd)
+	       (lambda (prompt &optional confirm default) jl-passphrase)))
+      (mml-secure-test-en-decrypt method to from checksig t enc-keys expectfail)
+      )))
+
+(ert-deftest mml-secure-en-decrypt-1 ()
+  "Encrypt message; then decrypt and test for expected result.
+In this test, the single matching key is chosen automatically."
+  (dolist (method (enc-standards) nil)
+    ;; no-exp@example.org with single encryption key
+    (mml-secure-test-en-decrypt
+     method "no-exp@example.org" "sub@example.org" nil t
+     (list (cons "02372A42CA6D40FB" "ED7A2135E1582177")))))
+
+(ert-deftest mml-secure-en-decrypt-2 ()
+  "Encrypt message; then decrypt and test for expected result.
+In this test, the encryption key needs to fixed among multiple ones."
+  ;; sub@example.org with multiple candidate keys,
+  ;; fixture customizes preferred ones.
+  (mml-secure-test-key-fixture
+   (lambda ()
+     (dolist (method (enc-standards) nil)
+       (mml-secure-test-en-decrypt
+	method "sub@example.org" "no-exp@example.org" nil t
+	(list (cons "C3999CF1268DBEA2" "EF25402B479DC6E2")))))))
+
+(ert-deftest mml-secure-en-decrypt-3 ()
+  "Encrypt message; then decrypt and test for expected result.
+In this test, encrypt-to-self variables are set to t."
+  ;; sub@example.org with multiple candidate keys,
+  ;; fixture customizes preferred ones.
+  (mml-secure-test-key-fixture
+   (lambda ()
+     (let ((mml-secure-openpgp-encrypt-to-self t)
+	   (mml-secure-smime-encrypt-to-self t))
+       (dolist (method (enc-standards) nil)
+	 (mml-secure-test-en-decrypt
+	  method "sub@example.org" "no-exp@example.org" nil t
+	  (list (cons "C3999CF1268DBEA2" "EF25402B479DC6E2")
+		(cons "02372A42CA6D40FB" "ED7A2135E1582177"))))))))
+
+(ert-deftest mml-secure-en-decrypt-4 ()
+  "Encrypt message; then decrypt and test for expected result.
+In this test, encrypt-to-self variables are set to lists."
+  ;; Send from sub@example.org, which has two keys; encrypt to both.
+  (let ((mml-secure-openpgp-encrypt-to-self
+	 '("C3999CF1268DBEA2" "F7E79AB7AE31D471"))
+	(mml-secure-smime-encrypt-to-self
+	 '("EF25402B479DC6E2" "4035D59B5F88E9FC")))
+    (dolist (method (enc-standards) nil)
+      (mml-secure-test-en-decrypt
+       method "no-exp@example.org" "sub@example.org" nil t
+       (list (cons "C3999CF1268DBEA2" "EF25402B479DC6E2")
+	     (cons "F7E79AB7AE31D471" "4035D59B5F88E9FC"))))))
+
+(ert-deftest mml-secure-en-decrypt-sign-1 ()
+  "Sign and encrypt message; then decrypt and test for expected result.
+In this test, just multiple encryption and signing keys may be available."
+  (mml-secure-test-key-fixture
+   (lambda ()
+     (let ((mml-secure-openpgp-sign-with-sender t)
+	   (mml-secure-smime-sign-with-sender t))
+       (dolist (method (enc-sign-standards) nil)
+	 ;; no-exp with just one key
+	 (mml-secure-test-en-decrypt
+	  method "no-exp@example.org" "no-exp@example.org" 1 t)
+	 ;; customized choice for encryption key
+	 (mml-secure-test-en-decrypt
+	  method "sub@example.org" "no-exp@example.org" 1 t)
+	 ;; customized choice for signing key
+	 (mml-secure-test-en-decrypt
+	  method "no-exp@example.org" "sub@example.org" 1 t)
+	 ;; customized choice for both keys
+	 (mml-secure-test-en-decrypt
+	  method "sub@example.org" "sub@example.org" 1 t)
+	 )
+
+       ;; Now use both keys to sign.  The customized one via sign-with-sender,
+       ;; the other one via the following setting.
+       (let ((mml-secure-openpgp-signers '("F7E79AB7AE31D471"))
+	     (mml-secure-smime-signers '("0x5F88E9FC")))
+	 (dolist (method (enc-sign-standards) nil)
+	   (mml-secure-test-en-decrypt
+	    method "no-exp@example.org" "sub@example.org" 2 t)
+	 )))
+
+     ;; Now use both keys for sub@example.org to sign an e-mail from
+     ;; a different address (without associated keys).
+     (let ((mml-secure-openpgp-sign-with-sender nil)
+	   (mml-secure-smime-sign-with-sender nil)
+	   (mml-secure-openpgp-signers
+	    '("F7E79AB7AE31D471" "C3999CF1268DBEA2"))
+	   (mml-secure-smime-signers '("0x5F88E9FC" "0x479DC6E2")))
+       (dolist (method (enc-sign-standards) nil)
+	 (mml-secure-test-en-decrypt
+	  method "no-exp@example.org" "no-keys@example.org" 2 t)
+	 )))))
+
+(ert-deftest mml-secure-en-decrypt-sign-2 ()
+  "Sign and encrypt message; then decrypt and test for expected result.
+In this test, lists of encryption and signing keys are customized."
+  (mml-secure-test-key-fixture
+   (lambda ()
+     (let ((mml-secure-key-preferences
+	    '((OpenPGP (sign) (encrypt)) (CMS (sign) (encrypt))))
+	   (pcontext (epg-make-context 'OpenPGP))
+	   (scontext (epg-make-context 'CMS))
+	   (mml-secure-openpgp-sign-with-sender t)
+	   (mml-secure-smime-sign-with-sender t))
+       (dolist (key '("F7E79AB7AE31D471" "C3999CF1268DBEA2") nil)
+	 (mml-secure-cust-record-keys
+	  pcontext 'encrypt "sub@example.org" (epg-list-keys pcontext key))
+	 (mml-secure-cust-record-keys
+	  pcontext 'sign "sub@example.org" (epg-list-keys pcontext key t)))
+       (dolist (key '("0x5F88E9FC" "0x479DC6E2") nil)
+	 (mml-secure-cust-record-keys
+	  scontext 'encrypt "sub@example.org" (epg-list-keys scontext key))
+	 (mml-secure-cust-record-keys
+	  scontext 'sign "sub@example.org" (epg-list-keys scontext key t)))
+       (dolist (method (enc-sign-standards) nil)
+	 ;; customized choice for encryption key
+	 (mml-secure-test-en-decrypt
+	  method "sub@example.org" "no-exp@example.org" 1 t)
+	 ;; customized choice for signing key
+	 (mml-secure-test-en-decrypt
+	  method "no-exp@example.org" "sub@example.org" 2 t)
+	 ;; customized choice for both keys
+	 (mml-secure-test-en-decrypt
+	  method "sub@example.org" "sub@example.org" 2 t)
+	 )))))
+
+(ert-deftest mml-secure-en-decrypt-sign-3 ()
+  "Sign and encrypt message; then decrypt and test for expected result.
+Use sign-with-sender and encrypt-to-self."
+  (mml-secure-test-key-fixture
+   (lambda ()
+     (let ((mml-secure-openpgp-sign-with-sender t)
+	   (mml-secure-openpgp-encrypt-to-self t)
+	   (mml-secure-smime-sign-with-sender t)
+	   (mml-secure-smime-encrypt-to-self t))
+       (dolist (method (enc-sign-standards) nil)
+	 (mml-secure-test-en-decrypt
+	  method "sub@example.org" "no-exp@example.org" 1 t
+	  (list (cons "C3999CF1268DBEA2" "EF25402B479DC6E2")
+		(cons "02372A42CA6D40FB" "ED7A2135E1582177"))))
+       ))))
+
+(ert-deftest mml-secure-sign-verify-1 ()
+  "Sign message with sender; then verify and test for expected result."
+  (mml-secure-test-key-fixture
+   (lambda ()
+     (dolist (method (sign-standards) nil)
+       (let ((mml-secure-openpgp-sign-with-sender t)
+	     (mml-secure-smime-sign-with-sender t))
+	 ;; A single signing key for sender sub@example.org is customized
+	 ;; in the fixture.
+	 (mml-secure-test-en-decrypt
+	  method "uid1@example.org" "sub@example.org" 1 nil)
+
+	 ;; From sub@example.org, sign with two keys;
+	 ;; sign-with-sender and one from signers-variable:
+	 (let ((mml-secure-openpgp-signers '("02372A42CA6D40FB"))
+	       (mml-secure-smime-signers
+		'("D06AA118653CC38E9D0CAF56ED7A2135E1582177")))
+	   (mml-secure-test-en-decrypt
+	    method "no-exp@example.org" "sub@example.org" 2 nil))
+	 )))))
+
+(ert-deftest mml-secure-sign-verify-2 ()
+  "Sign message without sender; then verify and test for expected result."
+  (mml-secure-test-key-fixture
+   (lambda ()
+     (dolist (method (sign-standards) nil)
+       (let ((mml-secure-openpgp-sign-with-sender nil)
+	     (mml-secure-smime-sign-with-sender nil))
+	 ;; A single signing key for sender sub@example.org is customized
+	 ;; in the fixture, but not used here.
+	 ;; By default, gpg uses the first secret key in the keyring, which
+	 ;; is 02372A42CA6D40FB (OpenPGP) or
+	 ;; 0E58229B80EE33959FF718FEEF25402B479DC6E2 (S/MIME) here.
+	 (mml-secure-test-en-decrypt
+	  method "uid1@example.org" "sub@example.org" 0 nil)
+
+	 ;; From sub@example.org, sign with specified key:
+	 (let ((mml-secure-openpgp-signers '("02372A42CA6D40FB"))
+	       (mml-secure-smime-signers
+		'("D06AA118653CC38E9D0CAF56ED7A2135E1582177")))
+	   (mml-secure-test-en-decrypt
+	    method "no-exp@example.org" "sub@example.org" 1 nil))
+
+	 ;; From sub@example.org, sign with different specified key:
+	 (let ((mml-secure-openpgp-signers '("C3999CF1268DBEA2"))
+	       (mml-secure-smime-signers
+		'("0E58229B80EE33959FF718FEEF25402B479DC6E2")))
+	   (mml-secure-test-en-decrypt
+	    method "no-exp@example.org" "sub@example.org" 1 nil))
+	 )))))
+
+(ert-deftest mml-secure-sign-verify-3 ()
+  "Try to sign message with expired OpenPGP subkey, which raises an error.
+With Ma Gnus v0.14 and earlier a signature would be created with a wrong key."
+  (should-error
+   (mml-secure-test-key-fixture
+    (lambda ()
+      (let ((with-smime nil)
+	    (mml-secure-openpgp-sign-with-sender nil)
+	    (mml-secure-openpgp-signers '("501FFD98")))
+	(dolist (method (sign-standards) nil)
+	  (mml-secure-test-en-decrypt
+	   method "no-exp@example.org" "sign@example.org" 1 nil)
+	  ))))))
+
+;; TODO Passphrase passing and caching in Emacs does not seem to work
+;; with gpgsm at all.
+;; Independently of caching settings, a pinentry dialogue is displayed.
+;; Thus, the following tests require the user to enter the correct gpgsm
+;; passphrases at the correct points in time.  (Either empty string or
+;; "Passphrase".)
+(ert-deftest mml-secure-en-decrypt-passphrase-cache ()
+  "Encrypt message; then decrypt and test for expected result.
+In this test, a key is used that requires the passphrase \"Passphrase\".
+In the first decryption this passphrase is hardcoded, in the second one it
+ is taken from a cache."
+  (ert-skip "Requires passphrase")
+  (mml-secure-test-key-fixture
+   (lambda ()
+     (dolist (method (enc-standards) nil)
+       (mml-secure-test-en-decrypt-with-passphrase
+	method "uid1@example.org" "sub@example.org" nil
+	;; Beware!  For passphrases copy-sequence is necessary, as they may
+	;; be erased, which actually changes the function's code and causes
+	;; multiple invokations to fail.  I was surprised...
+	(copy-sequence "Passphrase") t)
+       (mml-secure-test-en-decrypt-with-passphrase
+	method "uid1@example.org" "sub@example.org" nil
+	(copy-sequence "Incorrect") t)))))
+
+(defun mml-secure-en-decrypt-passphrase-no-cache (method)
+  "Encrypt message with METHOD; then decrypt and test for expected result.
+In this test, a key is used that requires the passphrase \"Passphrase\".
+In the first decryption this passphrase is hardcoded, but caching disabled.
+So the second decryption fails."
+  (mml-secure-test-key-fixture
+   (lambda ()
+     (mml-secure-test-en-decrypt-with-passphrase
+      method "uid1@example.org" "sub@example.org" nil
+      (copy-sequence "Passphrase") nil)
+     (mml-secure-test-en-decrypt-with-passphrase
+      method "uid1@example.org" "sub@example.org" nil
+      (copy-sequence "Incorrect") nil nil t))))
+
+(ert-deftest mml-secure-en-decrypt-passphrase-no-cache-openpgp-todo ()
+  "Passphrase caching with OpenPGP only for GnuPG 1.x."
+  (skip-unless (string< (cdr (assq 'version (epg-configuration))) "2"))
+  (mml-secure-en-decrypt-passphrase-no-cache 'enc-pgp)
+  (mml-secure-en-decrypt-passphrase-no-cache 'enc-pgp-mime))
+
+(ert-deftest mml-secure-en-decrypt-passphrase-no-cache-smime-todo ()
+  "Passphrase caching does not work with S/MIME (and gpgsm)."
+  :expected-result :failed
+  (if with-smime
+      (mml-secure-en-decrypt-passphrase-no-cache 'enc-smime)
+    (should nil)))
+
+
+;; Test truncation of question in y-or-n-p.
+(defun mml-secure-select-preferred-keys-todo ()
+  "Manual customization with truncated question."
+  (mml-secure-test-key-fixture
+   (lambda ()
+     (mml-secure-test-en-decrypt
+      'enc-pgp-mime
+      "jens.lechtenboerger@informationelle-selbstbestimmung-im-internet.de"
+      "no-exp@example.org" nil t nil nil t))))
+
+(defun mml-secure-select-preferred-keys-ok ()
+  "Manual customization with entire question."
+  (mml-secure-test-fixture
+   (lambda ()
+     (mml-secure-select-preferred-keys
+      (epg-make-context 'OpenPGP)
+      '("jens.lechtenboerger@informationelle-selbstbestimmung-im-internet.de")
+      'encrypt))
+   t))
+
+
+;; ERT entry points
+(defun mml-secure-run-tests ()
+    "Run all tests with defaults."
+  (ert-run-tests-batch))
+
+(defun mml-secure-run-tests-with-gpg2 ()
+  "Run all tests with gpg2 instead of gpg."
+  (let* ((epg-gpg-program "gpg2"); ~/local/gnupg-2.1.9/PLAY/inst/bin/gpg2
+	 (gpg-version (cdr (assq 'version (epg-configuration))))
+	 ;; Empty passphrases do not seem to work with gpgsm in 2.1.x:
+	 ;; https://lists.gnupg.org/pipermail/gnupg-users/2015-October/054575.html
+	 (with-smime (string< gpg-version "2.1")))
+    (ert-run-tests-batch)))
+
+(defun mml-secure-run-tests-without-smime ()
+    "Skip S/MIME tests (as they require manual passphrase entry)."
+  (let ((with-smime nil))
+    (ert-run-tests-batch)))
+
+;;; gnustest-mml-sec.el ends here