Convert encryption-replaces-key cmdtest to yarn

Merge branch 'liw/enc-cmdtest-conv'

3 files changed, 96 insertions, 6 deletions

diff --git a/yarns/0060-encryption.yarn b/yarns/0060-encryption.yarn
index 485a1233..f0a95ced 100644
--- a/yarns/0060-encryption.yarn
+++ b/yarns/0060-encryption.yarn
@@ -74,7 +74,7 @@ only the first client's key, meaning the second client has no access
 to the client list, and thus can't add itself.
 
     WHEN user U1 imports public key "Test Key Two" from test-data/keyring-2
-    AND user U1 adds key "Test Key Two" to repository R
+    AND user U1 adds key "Test Key Two" to repository R only
 
 Then we make a backup as the second client.
 
@@ -115,6 +115,33 @@ not have access to another client's data.
     THEN the attempt failed with exit code 1
     AND the error message matches "secret key not available"
 
+Replace a key for a client
+--------------------------
+
+If we replace the key for a client in a repository, and then the
+client gets rid of the old key, the new key should be able to restore
+old backups.
+
+First, backup using the old key.
+
+    SCENARIO replace client key
+    GIVEN user U uses encryption key "Test Key One" from test-data/keyring-1
+    AND 1kB of new data in directory L
+    AND a manifest of L in M
+    WHEN user U backs up directory L to repository R
+
+Then, replace the old key with the new one and get rid of the old key.
+
+    GIVEN user U uses encryption key "Test Key Two" from test-data/keyring-2
+    WHEN user U adds key "Test Key Two" to repository R and self
+    AND user U removes key "Test Key One" from repository R
+    WHEN user U no longer has key "Test Key One"
+
+Finally, verify that restores still work with the new key.
+
+    WHEN user U restores their latest generation in repository R into X
+    THEN L, restored to X, matches manifest M
+
 Key queries
 -----------
 
@@ -142,6 +169,6 @@ remain.
     WHEN user U1 backs up directory L to repository R
     THEN user U1 uses key "Test Key One" in repository R
     WHEN user U1 imports public key "Test Key Two" from test-data/keyring-2
-    AND user U1 adds key "Test Key Two" to repository R
+    AND user U1 adds key "Test Key Two" to repository R only
     AND user U2 removes user U1 from repository R
     THEN user U2 can't see user U1 in repository R
diff --git a/yarns/9000-implements.yarn b/yarns/9000-implements.yarn
index 121627a6..5591370f 100644
--- a/yarns/9000-implements.yarn
+++ b/yarns/9000-implements.yarn
@@ -179,7 +179,18 @@ use. We store that.
         mkdir "$DATADIR/$MATCH_1.gnupg"
         cp -a "$SRCDIR/$MATCH_3/." "$DATADIR/$MATCH_1.gnupg/."
         add_to_env "$MATCH_1" GNUPGHOME "$DATADIR/$MATCH_1.gnupg"
+    else
+        # Export public and secret keys from new keyring.
+        export GNUPGHOME="$SRCDIR/$MATCH_3"
+        gpg --export "$MATCH_2" > "$DATADIR/public.key"
+        gpg --export-secret-keys "$MATCH_2" > "$DATADIR/secret.key"
+
+        # Import into the keyring uses for tests.
+        export GNUPGHOME="$DATADIR/$MATCH_1.gnupg"
+        gpg --import "$DATADIR/public.key"
+        gpg --import "$DATADIR/secret.key"
     fi
+
     add_to_config "$MATCH_1" encrypt-with "$MATCH_2"
 
 Encryption scenarions, at least, also need users that pretend to be
@@ -395,10 +406,35 @@ Import a key into one user's keyring from another keyring.
     GNUPGHOME="$SRCDIR/$MATCH_3" gpg --export --armor "$MATCH_2" |
     GNUPGHOME="$DATADIR/$MATCH_1.gnupg" gpg --import
 
-Add a public key to a repository.
+Add a public key to a repository, but not to the calling user, only to
+the shared parts.
+
+    IMPLEMENTS WHEN user (\S+) adds key "(.+)" to repository (\S+) only
+    run_obnam "$MATCH_1" -r "$DATADIR/$MATCH_3" \
+        add-key --keyid "$MATCH_2"
+
+Add a public key to a repository, and the calling user.
+
+    IMPLEMENTS WHEN user (\S+) adds key "(.+)" to repository (\S+) and self
+    run_obnam "$MATCH_1" -r "$DATADIR/$MATCH_3" \
+        add-key --keyid "$MATCH_2" "$MATCH_1"
+
+Remove a public key from a repository.
 
-    IMPLEMENTS WHEN user (\S+) adds key "(.+)" to repository (\S+)
-    run_obnam "$MATCH_1" -r "$DATADIR/$MATCH_3" add-key --keyid "$MATCH_2"
+    IMPLEMENTS WHEN user (\S+) removes key "(.+)" from repository (\S+)
+    export GNUPGHOME="$DATADIR/$MATCH_1.gnupg"
+    keyid="$(
+        get_fingerprint "$MATCH_2" |
+        awk '{ print substr($0, length-16) }')"
+    run_obnam "$MATCH_1" -r "$DATADIR/$MATCH_3" \
+        remove-key --keyid "$keyid" \
+
+Forget a key from the user's keyring.
+
+    IMPLEMENTS WHEN user (\S+) no longer has key "(.+)"
+    export GNUPGHOME="$DATADIR/$MATCH_1.gnupg"
+    fingerprint="$(get_fingerprint "$MATCH_2")"
+    gpg --batch --delete-secret-key "$fingerprint"
 
 Client management
 -----------------
@@ -443,6 +479,15 @@ test the results in various ways as separate steps.
     IMPLEMENTS THEN the attempt failed with exit code (\d+)
     attempt_exit_was "$MATCH_1"
 
+We want to match the stdout against a regular expression.
+    
+    IMPLEMENTS THEN the output matches "(.+)"
+    echo -----------------------
+    echo stdout being matched:
+    cat "$DATADIR/attempt.stdout"
+    echo -----------------------
+    attempt_matches stdout "$MATCH_1"
+
 We can also match the stderr against a regular expression.
     
     IMPLEMENTS THEN the error message matches "(.+)"
@@ -535,4 +580,3 @@ Run the Nagios monitoring subcommand.
     IMPLEMENTS WHEN user (\S+) attempts nagios-last-backup-age against repository (\S+)
     attempt run_obnam "$MATCH_1" nagios-last-backup-age \
         -r "$DATADIR/$MATCH_2"
-
diff --git a/yarns/obnam.sh b/yarns/obnam.sh
index 50080d2b..54d76c02 100644
--- a/yarns/obnam.sh
+++ b/yarns/obnam.sh
@@ -158,6 +158,25 @@ manifest()
 }
 
 
+# Get a GPG fingerprint given a username.
+
+get_fingerprint()
+{
+    gpg --fingerprint "$1" |
+    sed -n '/^ *Key fingerprint = /s///p' |
+    sed 's/ *//g'
+}
+
+
+# Get a GPG keyid given a username.
+
+get_keyid()
+{
+    get_fingerprint "$1" |
+    awk '{ print substr($0, length-8) }'
+}
+
+
 # Create a dummy $HOME that actually exists.
 export HOME="$DATADIR/home"
 mkdir -p "$HOME"