From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 58222605A4 for ; Fri, 5 Feb 2021 16:36:22 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 563EEB044 for ; Fri, 5 Feb 2021 16:36:22 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [212.186.127.180]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 873B4B036 for ; Fri, 5 Feb 2021 16:36:21 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 4DEC1461F6 for ; Fri, 5 Feb 2021 16:36:21 +0100 (CET) From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= To: pbs-devel@lists.proxmox.com Date: Fri, 5 Feb 2021 16:35:30 +0100 Message-Id: <20210205153535.2578184-6-f.gruenbichler@proxmox.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210205153535.2578184-1-f.gruenbichler@proxmox.com> References: <20210205153535.2578184-1-f.gruenbichler@proxmox.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.026 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [key.rs, proxmox-backup-client.rs] Subject: [pbs-devel] [PATCH proxmox-backup 04/10] client: add test for keyfile_parameters X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Feb 2021 15:36:22 -0000 this will get more complex soon, so add test to document current behaviour. Signed-off-by: Fabian Grünbichler --- src/bin/proxmox-backup-client.rs | 123 +++++++++++++++++++++++++++ src/bin/proxmox_backup_client/key.rs | 21 +++++ 2 files changed, 144 insertions(+) diff --git a/src/bin/proxmox-backup-client.rs b/src/bin/proxmox-backup-client.rs index 58f8740d..4a783abe 100644 --- a/src/bin/proxmox-backup-client.rs +++ b/src/bin/proxmox-backup-client.rs @@ -675,6 +675,129 @@ fn keyfile_parameters(param: &Value) -> Result<(Option>, CryptMode), Err }) } +#[test] +// WARNING: there must only be one test for keyfile_parameters as the default key handling is not +// safe w.r.t. concurrency +fn test_keyfile_parameters_handling() -> Result<(), Error> { + let some_key = Some(vec![1;1]); + let default_key = Some(vec![2;1]); + + let no_key_res: (Option>, CryptMode) = (None, CryptMode::None); + let some_key_res = (some_key.clone(), CryptMode::Encrypt); + let some_key_sign_res = (some_key.clone(), CryptMode::SignOnly); + let default_key_res = (default_key.clone(), CryptMode::Encrypt); + let default_key_sign_res = (default_key.clone(), CryptMode::SignOnly); + + let keypath = "./tests/keyfile.test"; + replace_file(&keypath, some_key.as_ref().unwrap(), CreateOptions::default())?; + let invalid_keypath = "./tests/invalid_keyfile.test"; + + // no params, no default key == no key + let res = keyfile_parameters(&json!({})); + assert_eq!(res.unwrap(), no_key_res); + + // keyfile param == key from keyfile + let res = keyfile_parameters(&json!({"keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // crypt mode none == no key + let res = keyfile_parameters(&json!({"crypt-mode": "none"})); + assert_eq!(res.unwrap(), no_key_res); + + // crypt mode encrypt/sign-only, no keyfile, no default key == Error + assert!(keyfile_parameters(&json!({"crypt-mode": "sign-only"})).is_err()); + assert!(keyfile_parameters(&json!({"crypt-mode": "encrypt"})).is_err()); + + // crypt mode none with explicit key == Error + assert!(keyfile_parameters(&json!({"crypt-mode": "none", "keyfile": keypath})).is_err()); + + // crypt mode sign-only/encrypt with keyfile == key from keyfile with correct mode + let res = keyfile_parameters(&json!({"crypt-mode": "sign-only", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_sign_res); + let res = keyfile_parameters(&json!({"crypt-mode": "encrypt", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // invalid keyfile parameter always errors + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "none"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "sign-only"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "encrypt"})).is_err()); + + // now set a default key + unsafe { key::set_test_encryption_key(Ok(default_key.clone())); } + + // and repeat + + // no params but default key == default key + let res = keyfile_parameters(&json!({})); + assert_eq!(res.unwrap(), default_key_res); + + // keyfile param == key from keyfile + let res = keyfile_parameters(&json!({"keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // crypt mode none == no key + let res = keyfile_parameters(&json!({"crypt-mode": "none"})); + assert_eq!(res.unwrap(), no_key_res); + + // crypt mode encrypt/sign-only, no keyfile, default key == default key with correct mode + let res = keyfile_parameters(&json!({"crypt-mode": "sign-only"})); + assert_eq!(res.unwrap(), default_key_sign_res); + let res = keyfile_parameters(&json!({"crypt-mode": "encrypt"})); + assert_eq!(res.unwrap(), default_key_res); + + // crypt mode none with explicit key == Error + assert!(keyfile_parameters(&json!({"crypt-mode": "none", "keyfile": keypath})).is_err()); + + // crypt mode sign-only/encrypt with keyfile == key from keyfile with correct mode + let res = keyfile_parameters(&json!({"crypt-mode": "sign-only", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_sign_res); + let res = keyfile_parameters(&json!({"crypt-mode": "encrypt", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // invalid keyfile parameter always errors + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "none"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "sign-only"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "encrypt"})).is_err()); + + // now make default key retrieval error + unsafe { key::set_test_encryption_key(Err(format_err!("test error"))); } + + // and repeat + + // no params, default key retrieval errors == Error + assert!(keyfile_parameters(&json!({})).is_err()); + + // keyfile param == key from keyfile + let res = keyfile_parameters(&json!({"keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // crypt mode none == no key + let res = keyfile_parameters(&json!({"crypt-mode": "none"})); + assert_eq!(res.unwrap(), no_key_res); + + // crypt mode encrypt/sign-only, no keyfile, default key error == Error + assert!(keyfile_parameters(&json!({"crypt-mode": "sign-only"})).is_err()); + assert!(keyfile_parameters(&json!({"crypt-mode": "encrypt"})).is_err()); + + // crypt mode none with explicit key == Error + assert!(keyfile_parameters(&json!({"crypt-mode": "none", "keyfile": keypath})).is_err()); + + // crypt mode sign-only/encrypt with keyfile == key from keyfile with correct mode + let res = keyfile_parameters(&json!({"crypt-mode": "sign-only", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_sign_res); + let res = keyfile_parameters(&json!({"crypt-mode": "encrypt", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // invalid keyfile parameter always errors + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "none"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "sign-only"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "encrypt"})).is_err()); + Ok(()) +} + #[api( input: { properties: { diff --git a/src/bin/proxmox_backup_client/key.rs b/src/bin/proxmox_backup_client/key.rs index 8a55e1ab..070f2a0b 100644 --- a/src/bin/proxmox_backup_client/key.rs +++ b/src/bin/proxmox_backup_client/key.rs @@ -51,12 +51,33 @@ pub fn place_default_encryption_key() -> Result { ) } +#[cfg(not(test))] pub fn read_optional_default_encryption_key() -> Result>, Error> { find_default_encryption_key()? .map(file_get_contents) .transpose() } +#[cfg(test)] +static mut TEST_DEFAULT_ENCRYPTION_KEY: Result>, Error> = Ok(None); + +#[cfg(test)] +pub fn read_optional_default_encryption_key() -> Result>, Error> { + // not safe when multiple concurrent test cases end up here! + unsafe { + match &TEST_DEFAULT_ENCRYPTION_KEY { + Ok(key) => Ok(key.clone()), + Err(_) => bail!("test error"), + } + } +} + +#[cfg(test)] +// not safe when multiple concurrent test cases end up here! +pub unsafe fn set_test_encryption_key(value: Result>, Error>) { + TEST_DEFAULT_ENCRYPTION_KEY = value; +} + pub fn get_encryption_key_password() -> Result, Error> { // fixme: implement other input methods -- 2.20.1