tdocumentation and runtests fixes - tomb - the crypto undertaker HTML git clone git://parazyd.org/tomb.git DIR Log DIR Files DIR Refs DIR README DIR LICENSE --- DIR commit a4f597d86ccb891e901454609d6028c2954448c1 DIR parent 6bb1385c69888960baa167aa1346ab2a779e2bab HTML Author: Jaromil <jaromil@dyne.org> Date: Sat, 22 Nov 2014 01:50:08 +0100 documentation and runtests fixes Diffstat: M AUTHORS.md | 2 +- M INSTALL.md | 16 ++++++++-------- M README.md | 4 ++-- M extras/test/runtests | 50 ++++++++++++++++---------------- 4 files changed, 36 insertions(+), 36 deletions(-) --- DIR diff --git a/AUTHORS.md b/AUTHORS.md t@@ -13,7 +13,7 @@ German translation by x3nu. Testing, reviews and documentation are contributed by Dreamer, Shining the Translucent, Mancausoft, Asbesto Molesto, Nignux, Vlax, The Grugq, -Reiven, GDrooid, Alphazo and the Linux Action Show! +Reiven, GDrooid, Alphazo, Brian May and the Linux Action Show! Cryptsetup was developed by Christophe Saout and Clemens Fruhwirth. DIR diff --git a/INSTALL.md b/INSTALL.md t@@ -70,10 +70,10 @@ The Gtk3 tray adds a nifty tomb skull into the desktop toolbar: one can use it t To have it enter `extras/gtk-tray` then - 1- make sure libnotify and gtk+-3.0 dev packages are available - 2- run `make` inside the directory to build `tomb-gtk-tray` - 3- optionally copy tomb-gtk-tray into your PATH (/usr/local/bin) - 4- start `tomb-gtk-tray tombname` for each tomb + 1. make sure libnotify and gtk+-3.0 dev packages are available + 2. run `make` inside the directory to build `tomb-gtk-tray` + 3. optionally copy tomb-gtk-tray into your PATH (/usr/local/bin) + 4. start `tomb-gtk-tray tombname` for each tomb One can include the launch of tomb-gtk-tray from scripts. t@@ -85,10 +85,10 @@ In case an attacker comes in possession of both a tomb and its key, the easy to To have it enter `extras/kdf-keys` then - 1- make sure libgcrypt dev packages are available - 2- run `make` inside the directory to build tomb-kdb-* executables - 3- optionally copy tomb-kdb-* into your PATH (/usr/local/bin) - 4- always use tomb using the `--kdf` flag: forge, lock, open etc. + 1. make sure libgcrypt dev packages are available + 2. run `make` inside the directory to build tomb-kdb-* executables + 3. optionally copy tomb-kdb-* into your PATH (/usr/local/bin) + 4. always use tomb using the `--kdf` flag: forge, lock, open etc. In case one creates and uses KDF keys then the --kdf flag must be always present for tomb to work correctly. It might be handy to create an alias tomb=`tomb --kdf`. DIR diff --git a/README.md b/README.md t@@ -218,8 +218,8 @@ terms) Tomb provides machine-readable output and interaction via some flags: Yet please consider that these flags may introduce vulnerabilities and other people logged on the same system can easily log your passwords -while such commands are executing. We only recommend using the -pinentry input for your passwords. +while such commands are executing. +We only recommend using the pinentry to input your passwords. ## Python DIR diff --git a/extras/test/runtests b/extras/test/runtests t@@ -62,7 +62,7 @@ test-tomb-create() { notice "Testing creation: forge" tt forge /tmp/test.tomb.key \ - --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom + --ignore-swap --unsafe --tomb-pwd ${dummypass} --use-urandom { test $? = 0 } && { results+=(forge SUCCESS) t@@ -77,7 +77,7 @@ test-tomb-create() { notice "Testing creation: lock" tt lock /tmp/test.tomb -k /tmp/test.tomb.key \ - --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} + --ignore-swap --unsafe --tomb-pwd ${dummypass} { test $? = 0 } && { results+=(lock SUCCESS) } } t@@ -86,7 +86,7 @@ test-bind-hooks() { notice "Testing bind hooks" tt list test [[ $? = 0 ]] || { - tt --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} \ + tt --ignore-swap --unsafe --tomb-pwd ${dummypass} \ open /tmp/test.tomb -k /tmp/test.tomb.key } rnd=$RANDOM bindtest="dyne-tomb-bind-test-$rnd" t@@ -95,7 +95,7 @@ test-bind-hooks() { echo "$bindtest $bindtest" > /media/test.tomb/bind-hooks touch $HOME/$bindtest tt close test - tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb + tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb rnd2=`cat $HOME/$bindtest` if [ "$rnd" = "$rnd2" ]; then notice "Bind hook on file matches" t@@ -116,11 +116,11 @@ test-set-key() { sudo rm -f /tmp/test.tomb.new.key - tt forge -k /tmp/test.tomb.new.key --force --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom + tt forge -k /tmp/test.tomb.new.key --force --unsafe --tomb-pwd ${dummypass} --use-urandom - tt setkey -k /tmp/test.tomb.new.key --unsecure-dev-mode --tomb-pwd ${dummypass} --tomb-old-pwd ${dummypass} /tmp/test.tomb.key /tmp/test.tomb + tt setkey -k /tmp/test.tomb.new.key --unsafe --tomb-pwd ${dummypass} --tomb-old-pwd ${dummypass} /tmp/test.tomb.key /tmp/test.tomb - tt open -k /tmp/test.tomb.new.key --unsecure-dev-mode --tomb-pwd ${dummypass} /tmp/test.tomb + tt open -k /tmp/test.tomb.new.key --unsafe --tomb-pwd ${dummypass} /tmp/test.tomb [[ $? = 0 ]] && { notice "Setkey succesfully swapped tomb key" t@@ -150,7 +150,7 @@ test-tomb-create notice "Testing open with wrong password" -tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd wrongpassword open /tmp/test.tomb +tt -k /tmp/test.tomb.key --unsafe --tomb-pwd wrongpassword open /tmp/test.tomb { test $? = 0 } || { results+=(badpass SUCCESS) } t@@ -158,7 +158,7 @@ tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd wrongpassword open /tmp/ notice "Testing open with good password" -tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb +tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb { test $? = 0 } && { results+=(open SUCCESS) } t@@ -171,10 +171,10 @@ tt close test notice "Testing changing tomb password" tt passwd /tmp/test.tomb \ - -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew} + -k /tmp/test.tomb.key --unsafe --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew} tt passwd /tmp/test.tomb \ - -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-old-pwd ${dummypassnew} --tomb-pwd ${dummypass} + -k /tmp/test.tomb.key --unsafe --tomb-old-pwd ${dummypassnew} --tomb-pwd ${dummypass} { test $? = 0 } && { results+=(passwd SUCCESS) } t@@ -184,19 +184,19 @@ tt passwd /tmp/test.tomb \ notice "Generating content for file integrity test" -tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb +tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb tt dig -s 10 /media/test.tomb/datacheck.raw crc="sha256 /media/test.tomb/datacheck.raw" echo "$crc" > /media/test.tomb/datacheck.sha -tt --unsecure-dev-mode close test +tt --unsafe close test { test $RESIZER = 1 } && { notice "Testing resize to 30 MiB" - tt --unsecure-dev-mode --tomb-pwd ${dummypass} -k /tmp/test.tomb.key resize /tmp/test.tomb -s 30 + tt --unsafe --tomb-pwd ${dummypass} -k /tmp/test.tomb.key resize /tmp/test.tomb -s 30 { test $? = 0 } && { results+=(resize SUCCESS) } t@@ -204,7 +204,7 @@ tt --unsecure-dev-mode close test notice "Testing contents integrity" -tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb +tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb { test $? = 0 } && { t@@ -246,23 +246,23 @@ test-set-key notice "Testing KDF key" sudo rm -f /tmp/test.tomb.kdf /tmp/kdf.tomb - tt --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom --kdf 1 forge -k /tmp/test.tomb.kdf + tt --unsafe --tomb-pwd ${dummypass} --use-urandom --kdf 1 forge -k /tmp/test.tomb.kdf { test $? = 0 } && { results+=(kdforge SUCCESS) } - tt passwd --unsecure-dev-mode --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew} --kdf 1 -k /tmp/test.tomb.kdf + tt passwd --unsafe --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew} --kdf 1 -k /tmp/test.tomb.kdf { test $? = 0 } && { results+=(kdfpass SUCCESS) } tt dig -s 10 /tmp/kdf.tomb tt lock /tmp/kdf.tomb -k /tmp/test.tomb.kdf \ - --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypassnew} --kdf 1 + --ignore-swap --unsafe --tomb-pwd ${dummypassnew} --kdf 1 { test $? = 0 } && { results+=(kdflock SUCCESS) } tt open /tmp/kdf.tomb -k /tmp/test.tomb.kdf \ - --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypassnew} --kdf 1 + --ignore-swap --unsafe --tomb-pwd ${dummypassnew} --kdf 1 { test $? = 0 } && { results+=(kdfopen SUCCESS) } t@@ -277,25 +277,25 @@ test-set-key cp -f arditi.jpg /tmp/tomb.jpg sudo rm -f /tmp/test.steg.key - tt --unsecure-dev-mode --tomb-pwd ${dummypass} bury -k /tmp/test.tomb.key /tmp/tomb.jpg + tt --unsafe --tomb-pwd ${dummypass} bury -k /tmp/test.tomb.key /tmp/tomb.jpg { test $? = 0 } && { results+=(stgin SUCCESS) } rm -f /tmp/test.steg.key - tt --unsecure-dev-mode --tomb-pwd ${dummypass} exhume -k /tmp/test.steg.key /tmp/tomb.jpg + tt --unsafe --tomb-pwd ${dummypass} exhume -k /tmp/test.steg.key /tmp/tomb.jpg { test $? = 0 } && { results+=(stgout SUCCESS) } - tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k /tmp/test.steg.key /tmp/test.tomb + tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/test.steg.key /tmp/test.tomb { test $? = 0 } && { results+=(stgopen SUCCESS) } ${T} close test # test piping keys using -k - - tkey=`tt --unsecure-dev-mode --tomb-pwd ${dummypass} exhume /tmp/tomb.jpg` - print "$tkey" | tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k - /tmp/test.tomb + tkey=`tt --unsafe --tomb-pwd ${dummypass} exhume /tmp/tomb.jpg` + print "$tkey" | tt --unsafe --tomb-pwd ${dummypass} open -k - /tmp/test.tomb { test $? = 0 } && { results+=(stgpipe SUCCESS) } ${T} close test t@@ -303,7 +303,7 @@ test-set-key notice "test using open -k image.jpeg" - tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k /tmp/tomb.jpg /tmp/test.tomb + tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/tomb.jpg /tmp/test.tomb { test $? = 0 } && { results+=(stgimpl SUCCESS) } tt close test