|
|
|
@ -3,11 +3,31 @@ load_fixtures |
|
|
|
|
status=;output=; #; populated by bats run() |
|
|
|
|
|
|
|
|
|
T_PASSWD="ExamplePassword" |
|
|
|
|
T_ARCHIVE_SYMMETRIC="$T_TMP/build_archive.symmetric" |
|
|
|
|
T_ARCHIVE_ASYMMETRIC="$T_TMP/build_archive.asymmetric" |
|
|
|
|
T_KEY_NAME="yadm-test1" |
|
|
|
|
T_KEY_FINGERPRINT="F8BBFC746C58945442349BCEBA54FFD04C599B1A" |
|
|
|
|
T_RECIPIENT_GOOD="[yadm]\n\tgpg-recipient = yadm-test1" |
|
|
|
|
T_RECIPIENT_BAD="[yadm]\n\tgpg-recipient = invalid" |
|
|
|
|
T_RECIPIENT_ASK="[yadm]\n\tgpg-recipient = ASK" |
|
|
|
|
|
|
|
|
|
function import_keys() { |
|
|
|
|
gpg --import "test/test_key" >/dev/null 2>&1 || true |
|
|
|
|
gpg --import-ownertrust < "test/ownertrust.txt" >/dev/null 2>&1 |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
function remove_keys() { |
|
|
|
|
gpg --batch --yes --delete-secret-keys "$T_KEY_FINGERPRINT" >/dev/null 2>&1 || true |
|
|
|
|
gpg --batch --yes --delete-key "$T_KEY_FINGERPRINT" >/dev/null 2>&1 || true |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
setup() { |
|
|
|
|
#; start fresh |
|
|
|
|
destroy_tmp |
|
|
|
|
|
|
|
|
|
#; import test keys |
|
|
|
|
import_keys |
|
|
|
|
|
|
|
|
|
#; create a worktree & repo |
|
|
|
|
build_repo |
|
|
|
|
|
|
|
|
@ -27,26 +47,37 @@ setup() { |
|
|
|
|
fi |
|
|
|
|
) |
|
|
|
|
|
|
|
|
|
#; encrypt YADM_ARCHIVE |
|
|
|
|
#; encrypt YADM_ARCHIVE (symmetric) |
|
|
|
|
expect <<EOF >/dev/null |
|
|
|
|
set timeout 2; |
|
|
|
|
spawn gpg --yes -c --output "$T_YADM_ARCHIVE" "$T_TMP/build_archive.tar" |
|
|
|
|
spawn gpg --yes -c --output "$T_ARCHIVE_SYMMETRIC" "$T_TMP/build_archive.tar" |
|
|
|
|
expect "passphrase:" {send "$T_PASSWD\n"} |
|
|
|
|
expect "passphrase:" {send "$T_PASSWD\n"} |
|
|
|
|
expect "$" |
|
|
|
|
foreach {pid spawnid os_error_flag value} [wait] break |
|
|
|
|
EOF |
|
|
|
|
|
|
|
|
|
#; encrypt YADM_ARCHIVE (asymmetric) |
|
|
|
|
gpg --yes --batch -e -r "$T_KEY_NAME" --output "$T_ARCHIVE_ASYMMETRIC" "$T_TMP/build_archive.tar" |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
teardown() { |
|
|
|
|
remove_keys |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
function validate_archive() { |
|
|
|
|
#; inventory what's in the archive |
|
|
|
|
expect <<EOF >/dev/null |
|
|
|
|
set timeout 2; |
|
|
|
|
spawn bash -c "(gpg -q -d '$T_YADM_ARCHIVE' || echo 1) | tar t | sort > $T_TMP/archive_list" |
|
|
|
|
expect "passphrase:" {send "$T_PASSWD\n"} |
|
|
|
|
expect "$" |
|
|
|
|
foreach {pid spawnid os_error_flag value} [wait] break |
|
|
|
|
if [ "$1" = "symmetric" ]; then |
|
|
|
|
expect <<EOF >/dev/null |
|
|
|
|
set timeout 2; |
|
|
|
|
spawn bash -c "(gpg -q -d '$T_YADM_ARCHIVE' || echo 1) | tar t | sort > $T_TMP/archive_list" |
|
|
|
|
expect "passphrase:" {send "$T_PASSWD\n"} |
|
|
|
|
expect "$" |
|
|
|
|
foreach {pid spawnid os_error_flag value} [wait] break |
|
|
|
|
EOF |
|
|
|
|
else |
|
|
|
|
gpg -q -d "$T_YADM_ARCHIVE" || echo 1 | tar t | sort > "$T_TMP/archive_list" |
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
#; inventory what is expected in the archive |
|
|
|
|
( |
|
|
|
@ -110,9 +141,6 @@ function validate_extraction() { |
|
|
|
|
Exit with 1 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; remove existing T_YADM_ARCHIVE |
|
|
|
|
rm -f "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
run expect <<EOF |
|
|
|
|
set timeout 2; |
|
|
|
@ -140,9 +168,6 @@ EOF |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; remove existing T_YADM_ARCHIVE |
|
|
|
|
rm -f "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
run expect <<EOF |
|
|
|
|
set timeout 2; |
|
|
|
@ -159,7 +184,7 @@ EOF |
|
|
|
|
[[ "$output" =~ Wrote\ new\ file:.+$T_YADM_ARCHIVE ]] |
|
|
|
|
|
|
|
|
|
#; validate the archive |
|
|
|
|
validate_archive |
|
|
|
|
validate_archive symmetric |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'encrypt' (comments in YADM_ARCHIVE)" { |
|
|
|
@ -172,9 +197,6 @@ EOF |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; remove existing T_YADM_ARCHIVE |
|
|
|
|
rm -f "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; add comment to YADM_ARCHIVE |
|
|
|
|
local original_encrypt |
|
|
|
|
original_encrypt=$(cat "$T_YADM_ENCRYPT") |
|
|
|
@ -199,7 +221,7 @@ EOF |
|
|
|
|
echo "$original_encrypt" > "$T_YADM_ENCRYPT" |
|
|
|
|
|
|
|
|
|
#; validate the archive |
|
|
|
|
validate_archive |
|
|
|
|
validate_archive symmetric |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'encrypt' (overwrite)" { |
|
|
|
@ -213,7 +235,7 @@ EOF |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; Explictly create an invalid archive |
|
|
|
|
#; Explicitly create an invalid archive |
|
|
|
|
echo "EXISTING ARCHIVE" > "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
@ -232,7 +254,7 @@ EOF |
|
|
|
|
[[ "$output" =~ Wrote\ new\ file:.+$T_YADM_ARCHIVE ]] |
|
|
|
|
|
|
|
|
|
#; validate the archive |
|
|
|
|
validate_archive |
|
|
|
|
validate_archive symmetric |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'decrypt' (missing YADM_ARCHIVE)" { |
|
|
|
@ -243,10 +265,7 @@ EOF |
|
|
|
|
Exit with 1 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; remove YADM_ARCHIVE |
|
|
|
|
rm -f "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
#; run decrypt |
|
|
|
|
run "${T_YADM_Y[@]}" decrypt |
|
|
|
|
|
|
|
|
|
#; validate status and output |
|
|
|
@ -263,7 +282,10 @@ EOF |
|
|
|
|
Exit with 1 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
#; use the symmetric archive |
|
|
|
|
cp -f "$T_ARCHIVE_SYMMETRIC" "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; run decrypt |
|
|
|
|
run expect <<EOF |
|
|
|
|
set timeout 2; |
|
|
|
|
spawn ${T_YADM_Y[*]} decrypt; |
|
|
|
@ -289,7 +311,10 @@ EOF |
|
|
|
|
Exit with 1 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
#; use the symmetric archive |
|
|
|
|
cp -f "$T_ARCHIVE_SYMMETRIC" "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; run decrypt |
|
|
|
|
run expect <<EOF |
|
|
|
|
set timeout 2; |
|
|
|
|
spawn ${T_YADM_Y[*]} decrypt -l; |
|
|
|
@ -314,11 +339,14 @@ EOF |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; use the symmetric archive |
|
|
|
|
cp -f "$T_ARCHIVE_SYMMETRIC" "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; empty the worktree |
|
|
|
|
rm -rf "$T_DIR_WORK" |
|
|
|
|
mkdir -p "$T_DIR_WORK" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
#; run decrypt |
|
|
|
|
run expect <<EOF |
|
|
|
|
set timeout 2; |
|
|
|
|
spawn ${T_YADM_Y[*]} decrypt; |
|
|
|
@ -346,12 +374,15 @@ EOF |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; use the symmetric archive |
|
|
|
|
cp -f "$T_ARCHIVE_SYMMETRIC" "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; alter the values of the archived files |
|
|
|
|
while IFS= read -r f; do |
|
|
|
|
echo "changed" >> "$T_DIR_WORK/$f" |
|
|
|
|
done < "$T_TMP/archived_files" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
#; run decrypt |
|
|
|
|
run expect <<EOF |
|
|
|
|
set timeout 2; |
|
|
|
|
spawn ${T_YADM_Y[*]} decrypt; |
|
|
|
@ -378,7 +409,10 @@ EOF |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
#; use the symmetric archive |
|
|
|
|
cp -f "$T_ARCHIVE_SYMMETRIC" "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; run decrypt |
|
|
|
|
run expect <<EOF |
|
|
|
|
set timeout 2; |
|
|
|
|
spawn ${T_YADM_Y[*]} decrypt -l; |
|
|
|
@ -400,3 +434,295 @@ EOF |
|
|
|
|
done < "$T_TMP/archived_files" |
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'encrypt' (asymmetric, missing key)" { |
|
|
|
|
echo " |
|
|
|
|
When 'encrypt' command is provided, |
|
|
|
|
and YADM_ENCRYPT is present |
|
|
|
|
and yadm.gpg-recipient refers to an invalid private key |
|
|
|
|
Report problem |
|
|
|
|
Exit with 1 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; manually set yadm.gpg-recipient in configuration |
|
|
|
|
make_parents "$T_YADM_CONFIG" |
|
|
|
|
echo -e "$T_RECIPIENT_BAD" > "$T_YADM_CONFIG" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
run "${T_YADM_Y[@]}" encrypt |
|
|
|
|
|
|
|
|
|
#; validate status and output |
|
|
|
|
[ "$status" -eq 1 ] |
|
|
|
|
[[ "$output" =~ invalid\ passphrase ]] |
|
|
|
|
[[ "$output" =~ Unable\ to\ write ]] |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@test "Command 'encrypt' (asymmetric)" { |
|
|
|
|
echo " |
|
|
|
|
When 'encrypt' command is provided, |
|
|
|
|
and YADM_ENCRYPT is present |
|
|
|
|
and yadm.gpg-recipient refers to a valid private key |
|
|
|
|
Create YADM_ARCHIVE |
|
|
|
|
Report the archive created |
|
|
|
|
Archive should be valid |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; manually set yadm.gpg-recipient in configuration |
|
|
|
|
make_parents "$T_YADM_CONFIG" |
|
|
|
|
echo -e "$T_RECIPIENT_GOOD" > "$T_YADM_CONFIG" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
run "${T_YADM_Y[@]}" encrypt |
|
|
|
|
|
|
|
|
|
#; validate status and output |
|
|
|
|
[ "$status" -eq 0 ] |
|
|
|
|
[[ "$output" =~ Wrote\ new\ file:.+$T_YADM_ARCHIVE ]] |
|
|
|
|
|
|
|
|
|
#; validate the archive |
|
|
|
|
validate_archive asymmetric |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'encrypt' (asymmetric, overwrite)" { |
|
|
|
|
echo " |
|
|
|
|
When 'encrypt' command is provided, |
|
|
|
|
and YADM_ENCRYPT is present |
|
|
|
|
and yadm.gpg-recipient refers to a valid private key |
|
|
|
|
and YADM_ARCHIVE already exists |
|
|
|
|
Overwrite YADM_ARCHIVE |
|
|
|
|
Report the archive created |
|
|
|
|
Archive should be valid |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; manually set yadm.gpg-recipient in configuration |
|
|
|
|
make_parents "$T_YADM_CONFIG" |
|
|
|
|
echo -e "$T_RECIPIENT_GOOD" > "$T_YADM_CONFIG" |
|
|
|
|
|
|
|
|
|
#; Explicitly create an invalid archive |
|
|
|
|
echo "EXISTING ARCHIVE" > "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
run "${T_YADM_Y[@]}" encrypt |
|
|
|
|
|
|
|
|
|
#; validate status and output |
|
|
|
|
[ "$status" -eq 0 ] |
|
|
|
|
[[ "$output" =~ Wrote\ new\ file:.+$T_YADM_ARCHIVE ]] |
|
|
|
|
|
|
|
|
|
#; validate the archive |
|
|
|
|
validate_archive asymmetric |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'encrypt' (asymmetric, ask)" { |
|
|
|
|
echo " |
|
|
|
|
When 'encrypt' command is provided, |
|
|
|
|
and YADM_ENCRYPT is present |
|
|
|
|
and yadm.gpg-recipient is set to ASK |
|
|
|
|
Ask for recipient |
|
|
|
|
Create YADM_ARCHIVE |
|
|
|
|
Report the archive created |
|
|
|
|
Archive should be valid |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; manually set yadm.gpg-recipient in configuration |
|
|
|
|
make_parents "$T_YADM_CONFIG" |
|
|
|
|
echo -e "$T_RECIPIENT_ASK" > "$T_YADM_CONFIG" |
|
|
|
|
|
|
|
|
|
#; run encrypt |
|
|
|
|
run expect <<EOF |
|
|
|
|
set timeout 2; |
|
|
|
|
spawn ${T_YADM_Y[*]} encrypt; |
|
|
|
|
expect "recipient:" {send "$T_KEY_NAME\n\n"} |
|
|
|
|
expect "$" |
|
|
|
|
foreach {pid spawnid os_error_flag value} [wait] break |
|
|
|
|
exit \$value |
|
|
|
|
EOF |
|
|
|
|
|
|
|
|
|
#; validate status and output |
|
|
|
|
[ "$status" -eq 0 ] |
|
|
|
|
[[ "$output" =~ Wrote\ new\ file:.+$T_YADM_ARCHIVE ]] |
|
|
|
|
|
|
|
|
|
#; validate the archive |
|
|
|
|
validate_archive asymmetric |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'decrypt' (asymmetric, missing YADM_ARCHIVE)" { |
|
|
|
|
echo " |
|
|
|
|
When 'decrypt' command is provided, |
|
|
|
|
and yadm.gpg-recipient refers to a valid private key |
|
|
|
|
and YADM_ARCHIVE does not exist |
|
|
|
|
Report problem |
|
|
|
|
Exit with 1 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; manually set yadm.gpg-recipient in configuration |
|
|
|
|
make_parents "$T_YADM_CONFIG" |
|
|
|
|
echo -e "$T_RECIPIENT_GOOD" > "$T_YADM_CONFIG" |
|
|
|
|
|
|
|
|
|
#; run decrypt |
|
|
|
|
run "${T_YADM_Y[@]}" decrypt |
|
|
|
|
|
|
|
|
|
#; validate status and output |
|
|
|
|
[ "$status" -eq 1 ] |
|
|
|
|
[[ "$output" =~ does\ not\ exist ]] |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'decrypt' (asymmetric, missing key)" { |
|
|
|
|
echo " |
|
|
|
|
When 'decrypt' command is provided, |
|
|
|
|
and yadm.gpg-recipient refers to a valid private key |
|
|
|
|
and YADM_ARCHIVE is present |
|
|
|
|
and the private key is not present |
|
|
|
|
Report problem |
|
|
|
|
Exit with 1 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; manually set yadm.gpg-recipient in configuration |
|
|
|
|
make_parents "$T_YADM_CONFIG" |
|
|
|
|
echo -e "$T_RECIPIENT_GOOD" > "$T_YADM_CONFIG" |
|
|
|
|
|
|
|
|
|
#; use the asymmetric archive |
|
|
|
|
cp -f "$T_ARCHIVE_ASYMMETRIC" "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; remove the private key |
|
|
|
|
remove_keys |
|
|
|
|
|
|
|
|
|
#; run decrypt |
|
|
|
|
run "${T_YADM_Y[@]}" decrypt |
|
|
|
|
|
|
|
|
|
#; validate status and output |
|
|
|
|
[ "$status" -eq 1 ] |
|
|
|
|
[[ "$output" =~ decryption\ failed ]] |
|
|
|
|
[[ "$output" =~ Unable\ to\ extract ]] |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'decrypt' -l (asymmetric, missing key)" { |
|
|
|
|
echo " |
|
|
|
|
When 'decrypt' command is provided, |
|
|
|
|
and '-l' is provided, |
|
|
|
|
and yadm.gpg-recipient refers to a valid private key |
|
|
|
|
and YADM_ARCHIVE is present |
|
|
|
|
and the private key is not present |
|
|
|
|
Report problem |
|
|
|
|
Exit with 1 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; manually set yadm.gpg-recipient in configuration |
|
|
|
|
make_parents "$T_YADM_CONFIG" |
|
|
|
|
echo -e "$T_RECIPIENT_GOOD" > "$T_YADM_CONFIG" |
|
|
|
|
|
|
|
|
|
#; use the asymmetric archive |
|
|
|
|
cp -f "$T_ARCHIVE_ASYMMETRIC" "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; remove the private key |
|
|
|
|
remove_keys |
|
|
|
|
|
|
|
|
|
#; run decrypt |
|
|
|
|
run "${T_YADM_Y[@]}" decrypt |
|
|
|
|
|
|
|
|
|
#; validate status and output |
|
|
|
|
[ "$status" -eq 1 ] |
|
|
|
|
[[ "$output" =~ decryption\ failed ]] |
|
|
|
|
[[ "$output" =~ Unable\ to\ extract ]] |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'decrypt' (asymmetric)" { |
|
|
|
|
echo " |
|
|
|
|
When 'decrypt' command is provided, |
|
|
|
|
and yadm.gpg-recipient refers to a valid private key |
|
|
|
|
and YADM_ARCHIVE is present |
|
|
|
|
Report the data created |
|
|
|
|
Data should be valid |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; manually set yadm.gpg-recipient in configuration |
|
|
|
|
make_parents "$T_YADM_CONFIG" |
|
|
|
|
echo -e "$T_RECIPIENT_GOOD" > "$T_YADM_CONFIG" |
|
|
|
|
|
|
|
|
|
#; use the asymmetric archive |
|
|
|
|
cp -f "$T_ARCHIVE_ASYMMETRIC" "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; empty the worktree |
|
|
|
|
rm -rf "$T_DIR_WORK" |
|
|
|
|
mkdir -p "$T_DIR_WORK" |
|
|
|
|
|
|
|
|
|
#; run decrypt |
|
|
|
|
run "${T_YADM_Y[@]}" decrypt |
|
|
|
|
|
|
|
|
|
#; validate status and output |
|
|
|
|
[ "$status" -eq 0 ] |
|
|
|
|
[[ "$output" =~ All\ files\ decrypted ]] |
|
|
|
|
|
|
|
|
|
#; validate the extracted files |
|
|
|
|
validate_extraction |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'decrypt' (asymmetric, overwrite)" { |
|
|
|
|
echo " |
|
|
|
|
When 'decrypt' command is provided, |
|
|
|
|
and yadm.gpg-recipient refers to a valid private key |
|
|
|
|
and YADM_ARCHIVE is present |
|
|
|
|
and archived content already exists |
|
|
|
|
Report the data overwritten |
|
|
|
|
Data should be valid |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; manually set yadm.gpg-recipient in configuration |
|
|
|
|
make_parents "$T_YADM_CONFIG" |
|
|
|
|
echo -e "$T_RECIPIENT_GOOD" > "$T_YADM_CONFIG" |
|
|
|
|
|
|
|
|
|
#; use the asymmetric archive |
|
|
|
|
cp -f "$T_ARCHIVE_ASYMMETRIC" "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; alter the values of the archived files |
|
|
|
|
while IFS= read -r f; do |
|
|
|
|
echo "changed" >> "$T_DIR_WORK/$f" |
|
|
|
|
done < "$T_TMP/archived_files" |
|
|
|
|
|
|
|
|
|
#; run decrypt |
|
|
|
|
run "${T_YADM_Y[@]}" decrypt |
|
|
|
|
|
|
|
|
|
#; validate status and output |
|
|
|
|
[ "$status" -eq 0 ] |
|
|
|
|
[[ "$output" =~ All\ files\ decrypted ]] |
|
|
|
|
|
|
|
|
|
#; validate the extracted files |
|
|
|
|
validate_extraction |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@test "Command 'decrypt' -l (asymmetric)" { |
|
|
|
|
echo " |
|
|
|
|
When 'decrypt' command is provided, |
|
|
|
|
and '-l' is provided, |
|
|
|
|
and yadm.gpg-recipient refers to a valid private key |
|
|
|
|
and YADM_ARCHIVE is present |
|
|
|
|
Report the contents of YADM_ARCHIVE |
|
|
|
|
Exit with 0 |
|
|
|
|
" |
|
|
|
|
|
|
|
|
|
#; manually set yadm.gpg-recipient in configuration |
|
|
|
|
make_parents "$T_YADM_CONFIG" |
|
|
|
|
echo -e "$T_RECIPIENT_GOOD" > "$T_YADM_CONFIG" |
|
|
|
|
|
|
|
|
|
#; use the asymmetric archive |
|
|
|
|
cp -f "$T_ARCHIVE_ASYMMETRIC" "$T_YADM_ARCHIVE" |
|
|
|
|
|
|
|
|
|
#; run decrypt |
|
|
|
|
run "${T_YADM_Y[@]}" decrypt -l |
|
|
|
|
|
|
|
|
|
#; validate status |
|
|
|
|
[ "$status" -eq 0 ] |
|
|
|
|
|
|
|
|
|
#; validate every file is listed in output |
|
|
|
|
while IFS= read -r f; do |
|
|
|
|
if [[ ! "$output" =~ $f ]]; then |
|
|
|
|
echo "ERROR: Did not find '$f' in output" |
|
|
|
|
return 1 |
|
|
|
|
fi |
|
|
|
|
done < "$T_TMP/archived_files" |
|
|
|
|
|
|
|
|
|
} |
|
|
|
|