tdocumentation and test improvements - tomb - the crypto undertaker
HTML git clone git://parazyd.org/tomb.git
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit f3c18819d24976213554625be822ac1ccab2ae05
DIR parent 551a7839f500a9ba4b26cd63774019d91615cb16
HTML Author: Jaromil <jaromil@dyne.org>
Date: Thu, 20 Jun 2013 10:26:12 +0200
documentation and test improvements
also renamed 'backup' command into 'engrave'
Diffstat:
M extras/test/runtests | 11 ++++++-----
M tomb | 52 ++++++++++++++++++-------------
2 files changed, 37 insertions(+), 26 deletions(-)
---
DIR diff --git a/extras/test/runtests b/extras/test/runtests
t@@ -11,7 +11,7 @@ error() { _warning " ${@}"; }
tt() {
start_loops=(`sudo losetup -a |cut -d: -f1`)
start_temps=(`find /dev/shm -name 'tomb*'`)
- ${T} ${=@}
+ ${T} -D ${=@}
res=$?
loops=(`sudo losetup -a |cut -d: -f1`)
temps=(`find /dev/shm -name 'tomb*'`)
t@@ -47,16 +47,20 @@ startloops=(`sudo losetup -a |cut -d: -f1`)
-notice "Testing creation"
+notice "Testing creation: dig"
tt dig -s 20 /tmp/test.tomb
{ test $? = 0 } && { results+=(dig SUCCESS) }
+notice "Testing creation: forge"
+
tt --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom forge /tmp/test.tomb.key
{ test $? = 0 } && { results+=(forge SUCCESS) }
+notice "Testing creation: lock"
+
tt --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} lock /tmp/test.tomb -k /tmp/test.tomb.key
{ test $? = 0 } && { results+=(lock SUCCESS) }
t@@ -126,9 +130,6 @@ if [ "$rnd" = "$rnd2" ]; then
else
error "Bind hook on file reports incongruence"
fi
-sudo umount $HOME/test-$rnd
-rm /media/test.tomb/bind-hooks
-rm /media/test.tomb/test-$rnd
tt close test
DIR diff --git a/tomb b/tomb
t@@ -254,43 +254,43 @@ is_valid_tomb() {
usage() {
cat <<EOF
-Syntax: tomb [options] command [file] [place]
+Syntax: tomb [options] command [arguments]
Commands:
+ // Creation:
dig create a new empty TOMB file of --size in MB
forge create a new KEY file and set its password
lock installs a lock on a TOMB to use it with KEY
+ // Operations on tombs:
open open an existing TOMB
-
index update the search indexes of tombs
search looks for filenames matching text patterns
-
- list list open TOMBs
-
- close close a TOMB (or all)
+ list list of open TOMBs and information on them
+ close close a specific TOMB (or 'all')
slam slam a TOMB killing all programs using it
+ // Operations on keys:
passwd change the password of a KEY
change change the KEY locking a TOMB (needs old one)
EOF
+ if [ "$RESIZER" = 1 ]; then
+ cat <<EOF
+ resize resize a TOMB to a new --size (can only grow)
+EOF
+ fi
{ test "$QRENCODE" = "1" } && {
cat <<EOF
- backup makes a QR code of a KEY to be saved on paper
+ engrave makes a QR code of a KEY to be saved on paper
EOF
}
- if [ "$RESIZER" = 1 ]; then
- cat <<EOF
- resize resize a TOMB to a new --size (can only grow)
-EOF
- fi
if [ "$STEGHIDE" = 1 ]; then
cat <<EOF
- bury hide a KEY inside a JPEG image
- exhume extract a KEY from a JPEG image
+ bury hide a KEY inside a JPEG image
+ exhume extract a KEY from a JPEG image
EOF
fi
cat <<EOF
t@@ -305,7 +305,7 @@ Options:
EOF
{ test "$KDF" = 1 } && {
cat <<EOF
- --kdf seconds generate passwords against dictionary attacks
+ --kdf generate passwords armored against dictionary attacks
EOF
}
t@@ -773,6 +773,7 @@ gen_key() {
# KDF is a new key strenghtening technique against brute forcing
# see: https://github.com/dyne/Tomb/issues/82
itertime="`option_value --kdf`"
+ { test "$itertime" = "" } && { itertime=".5" }
_verbose "KDF itertime chosen: $itertime"
# --kdf takes one parameter: iter time (on present machine) in seconds
local -i microseconds
t@@ -901,7 +902,7 @@ exhume_key() {
# Produces a printable image of the key contents so that it can be
# backuped on paper and hidden in books etc.
-backup_key() {
+engrave_key() {
# load key from options
tombkey="`load_key $1`"
{ test $? = 0 } || { die "No key specified." }
t@@ -2102,7 +2103,7 @@ main() {
subcommands_opts[dig]="f -force -ignore-swap s: -size=s "
subcommands_opts[lock]="f -force -ignore-swap k: -key=k o: -sudo-pwd: -tomb-pwd: "
subcommands_opts[change]="f -force -ignore-swap k: -key=k -sudo-pwd: -tomb-pwd: "
- subcommands_opts[backup]="k: -key=k "
+ subcommands_opts[engrave]="k: -key=k "
subcommands_opts[passwd]="f -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: "
subcommands_opts[close]="-sudo-pwd: "
t@@ -2234,10 +2235,10 @@ main() {
change_tomb_key ${=PARAM}
;;
- backup)
+ engrave)
{ test "$QRENCODE" = 0 } && {
- die "QREncode not installed: cannot backup keys on paper." }
- backup_key ${=PARAM}
+ die "QREncode not installed: cannot engrave keys on paper." }
+ engrave_key ${=PARAM}
;;
# backward compat
t@@ -2306,8 +2307,17 @@ Tomb $VERSION - a strong and gentle undertaker for your secrets
EOF
option_is_set -v && {
cat <<EOF
+ This source code is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ Please refer to the GNU Public License for more details.
+
+System utils:
-Key forging algorithms (GnuPG symmetric ciphers):
+ `sudo -V | head -n1`
+ `cryptsetup --version`
+ `pinentry --version`
+ `gpg --version | head -n1` - key forging algorithms (GnuPG symmetric ciphers):
`list_gnupg_ciphers`
EOF
return 0