diff --git a/src/bin/proxmox-backup-client.rs b/src/bin/proxmox-backup-client.rs index 58f8740d..4a783abe 100644 --- a/src/bin/proxmox-backup-client.rs +++ b/src/bin/proxmox-backup-client.rs @@ -675,6 +675,129 @@ fn keyfile_parameters(param: &Value) -> Result<(Option>, CryptMode), Err }) } +#[test] +// WARNING: there must only be one test for keyfile_parameters as the default key handling is not +// safe w.r.t. concurrency +fn test_keyfile_parameters_handling() -> Result<(), Error> { + let some_key = Some(vec![1;1]); + let default_key = Some(vec![2;1]); + + let no_key_res: (Option>, CryptMode) = (None, CryptMode::None); + let some_key_res = (some_key.clone(), CryptMode::Encrypt); + let some_key_sign_res = (some_key.clone(), CryptMode::SignOnly); + let default_key_res = (default_key.clone(), CryptMode::Encrypt); + let default_key_sign_res = (default_key.clone(), CryptMode::SignOnly); + + let keypath = "./tests/keyfile.test"; + replace_file(&keypath, some_key.as_ref().unwrap(), CreateOptions::default())?; + let invalid_keypath = "./tests/invalid_keyfile.test"; + + // no params, no default key == no key + let res = keyfile_parameters(&json!({})); + assert_eq!(res.unwrap(), no_key_res); + + // keyfile param == key from keyfile + let res = keyfile_parameters(&json!({"keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // crypt mode none == no key + let res = keyfile_parameters(&json!({"crypt-mode": "none"})); + assert_eq!(res.unwrap(), no_key_res); + + // crypt mode encrypt/sign-only, no keyfile, no default key == Error + assert!(keyfile_parameters(&json!({"crypt-mode": "sign-only"})).is_err()); + assert!(keyfile_parameters(&json!({"crypt-mode": "encrypt"})).is_err()); + + // crypt mode none with explicit key == Error + assert!(keyfile_parameters(&json!({"crypt-mode": "none", "keyfile": keypath})).is_err()); + + // crypt mode sign-only/encrypt with keyfile == key from keyfile with correct mode + let res = keyfile_parameters(&json!({"crypt-mode": "sign-only", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_sign_res); + let res = keyfile_parameters(&json!({"crypt-mode": "encrypt", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // invalid keyfile parameter always errors + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "none"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "sign-only"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "encrypt"})).is_err()); + + // now set a default key + unsafe { key::set_test_encryption_key(Ok(default_key.clone())); } + + // and repeat + + // no params but default key == default key + let res = keyfile_parameters(&json!({})); + assert_eq!(res.unwrap(), default_key_res); + + // keyfile param == key from keyfile + let res = keyfile_parameters(&json!({"keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // crypt mode none == no key + let res = keyfile_parameters(&json!({"crypt-mode": "none"})); + assert_eq!(res.unwrap(), no_key_res); + + // crypt mode encrypt/sign-only, no keyfile, default key == default key with correct mode + let res = keyfile_parameters(&json!({"crypt-mode": "sign-only"})); + assert_eq!(res.unwrap(), default_key_sign_res); + let res = keyfile_parameters(&json!({"crypt-mode": "encrypt"})); + assert_eq!(res.unwrap(), default_key_res); + + // crypt mode none with explicit key == Error + assert!(keyfile_parameters(&json!({"crypt-mode": "none", "keyfile": keypath})).is_err()); + + // crypt mode sign-only/encrypt with keyfile == key from keyfile with correct mode + let res = keyfile_parameters(&json!({"crypt-mode": "sign-only", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_sign_res); + let res = keyfile_parameters(&json!({"crypt-mode": "encrypt", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // invalid keyfile parameter always errors + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "none"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "sign-only"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "encrypt"})).is_err()); + + // now make default key retrieval error + unsafe { key::set_test_encryption_key(Err(format_err!("test error"))); } + + // and repeat + + // no params, default key retrieval errors == Error + assert!(keyfile_parameters(&json!({})).is_err()); + + // keyfile param == key from keyfile + let res = keyfile_parameters(&json!({"keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // crypt mode none == no key + let res = keyfile_parameters(&json!({"crypt-mode": "none"})); + assert_eq!(res.unwrap(), no_key_res); + + // crypt mode encrypt/sign-only, no keyfile, default key error == Error + assert!(keyfile_parameters(&json!({"crypt-mode": "sign-only"})).is_err()); + assert!(keyfile_parameters(&json!({"crypt-mode": "encrypt"})).is_err()); + + // crypt mode none with explicit key == Error + assert!(keyfile_parameters(&json!({"crypt-mode": "none", "keyfile": keypath})).is_err()); + + // crypt mode sign-only/encrypt with keyfile == key from keyfile with correct mode + let res = keyfile_parameters(&json!({"crypt-mode": "sign-only", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_sign_res); + let res = keyfile_parameters(&json!({"crypt-mode": "encrypt", "keyfile": keypath})); + assert_eq!(res.unwrap(), some_key_res); + + // invalid keyfile parameter always errors + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "none"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "sign-only"})).is_err()); + assert!(keyfile_parameters(&json!({"keyfile": invalid_keypath, "crypt-mode": "encrypt"})).is_err()); + Ok(()) +} + #[api( input: { properties: { diff --git a/src/bin/proxmox_backup_client/key.rs b/src/bin/proxmox_backup_client/key.rs index 8a55e1ab..070f2a0b 100644 --- a/src/bin/proxmox_backup_client/key.rs +++ b/src/bin/proxmox_backup_client/key.rs @@ -51,12 +51,33 @@ pub fn place_default_encryption_key() -> Result { ) } +#[cfg(not(test))] pub fn read_optional_default_encryption_key() -> Result>, Error> { find_default_encryption_key()? .map(file_get_contents) .transpose() } +#[cfg(test)] +static mut TEST_DEFAULT_ENCRYPTION_KEY: Result>, Error> = Ok(None); + +#[cfg(test)] +pub fn read_optional_default_encryption_key() -> Result>, Error> { + // not safe when multiple concurrent test cases end up here! + unsafe { + match &TEST_DEFAULT_ENCRYPTION_KEY { + Ok(key) => Ok(key.clone()), + Err(_) => bail!("test error"), + } + } +} + +#[cfg(test)] +// not safe when multiple concurrent test cases end up here! +pub unsafe fn set_test_encryption_key(value: Result>, Error>) { + TEST_DEFAULT_ENCRYPTION_KEY = value; +} + pub fn get_encryption_key_password() -> Result, Error> { // fixme: implement other input methods