diff options
author | Lars Wirzenius <liw@liw.fi> | 2014-01-12 14:56:43 +0000 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2014-01-12 14:56:43 +0000 |
commit | c3b8d11d5395a4ab8eb55680638ee3962179476a (patch) | |
tree | a9d46a02a603c46cfdf94cf5ff835a605993fcc5 /yarns/0060-encryption.yarn | |
parent | f9e7a6522af273346d77debce154dedd5e14c5a8 (diff) | |
download | obnam-c3b8d11d5395a4ab8eb55680638ee3962179476a.tar.gz |
More encryption tests
Diffstat (limited to 'yarns/0060-encryption.yarn')
-rw-r--r-- | yarns/0060-encryption.yarn | 51 |
1 files changed, 48 insertions, 3 deletions
diff --git a/yarns/0060-encryption.yarn b/yarns/0060-encryption.yarn index 6903de8f..8ba2e704 100644 --- a/yarns/0060-encryption.yarn +++ b/yarns/0060-encryption.yarn @@ -60,9 +60,54 @@ second one, and verifying that we can, or can't, access the backup with the second key, depending on whether it has or hasn't been added to the client. -# obnam [options] client-keys -# obnam [options] add-key [CLIENT-NAME]... -# obnam [options] remove-key [CLIENT-NAME]... +First of all, we make a simple encrypted backup as the first client. + + SCENARIO adding and removing encryption keys to clients + GIVEN user U1 uses encryption key "Test Key One" from test-data/keyring-1 + AND directory L1 with interesting filesystem objects + WHEN user U1 backs up directory L1 to repository R + THEN user U1 uses key "Test Key One" in repository R + +Then we add the key of the second client to the repository. This is +necessary, because by now the client list is already encrypted using +only the first client's key, meaning the second client has no access +to the client list, and thus can't add itself. + + WHEN user U1 imports public key "Test Key Two" from test-data/keyring-2 + AND user U1 adds key "Test Key Two" to repository R + +Then we make a backup as the second client. + + GIVEN user U2 uses encryption key "Test Key Two" from test-data/keyring-2 + AND directory L2 with interesting filesystem objects + WHEN user U2 backs up directory L2 to repository R + THEN user U2 uses key "Test Key Two" in repository R + +Let's make sure both clients can still restore their own data. + + GIVEN a manifest of directory L1 in M1 + WHEN user U1 restores their latest generation in repository R into X1 + THEN L1, restored to X1, matches manifest M1 + + GIVEN a manifest of directory L2 in M2 + WHEN user U2 restores their latest generation in repository R into X2 + THEN L2, restored to X2, matches manifest M2 + +An unrelated client, which happens to use the same name as the first +client, should not be able to access the data. + + GIVEN a user U3 calling themselves U1 + WHEN user U3 attempts to restore their latest generation in repository R into X3 + THEN the attempt failed with exit code 1 + AND the error message matches "need more than 1 value to unpack" + +Likewise, even if a client has access to their own data, they should +not have access to another client's data. + + GIVEN a user U2 calling themselves U1 + WHEN user U2 attempts to restore their latest generation in repository R into X4 + THEN the attempt failed with exit code 1 + AND the error message matches "secret key not available" Key queries ----------- |