mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-12-22 18:18:59 +00:00
documentation and runtests fixes
This commit is contained in:
parent
6bb1385c69
commit
a4f597d86c
@ -13,7 +13,7 @@ German translation by x3nu.
|
||||
|
||||
Testing, reviews and documentation are contributed by Dreamer, Shining
|
||||
the Translucent, Mancausoft, Asbesto Molesto, Nignux, Vlax, The Grugq,
|
||||
Reiven, GDrooid, Alphazo and the Linux Action Show!
|
||||
Reiven, GDrooid, Alphazo, Brian May and the Linux Action Show!
|
||||
|
||||
Cryptsetup was developed by Christophe Saout and Clemens Fruhwirth.
|
||||
|
||||
|
16
INSTALL.md
16
INSTALL.md
@ -70,10 +70,10 @@ The Gtk3 tray adds a nifty tomb skull into the desktop toolbar: one can use it t
|
||||
|
||||
To have it enter `extras/gtk-tray` then
|
||||
|
||||
1- make sure libnotify and gtk+-3.0 dev packages are available
|
||||
2- run `make` inside the directory to build `tomb-gtk-tray`
|
||||
3- optionally copy tomb-gtk-tray into your PATH (/usr/local/bin)
|
||||
4- start `tomb-gtk-tray tombname` for each tomb
|
||||
1. make sure libnotify and gtk+-3.0 dev packages are available
|
||||
2. run `make` inside the directory to build `tomb-gtk-tray`
|
||||
3. optionally copy tomb-gtk-tray into your PATH (/usr/local/bin)
|
||||
4. start `tomb-gtk-tray tombname` for each tomb
|
||||
|
||||
One can include the launch of tomb-gtk-tray from scripts.
|
||||
|
||||
@ -85,10 +85,10 @@ In case an attacker comes in possession of both a tomb and its key, the easy to
|
||||
|
||||
To have it enter `extras/kdf-keys` then
|
||||
|
||||
1- make sure libgcrypt dev packages are available
|
||||
2- run `make` inside the directory to build tomb-kdb-* executables
|
||||
3- optionally copy tomb-kdb-* into your PATH (/usr/local/bin)
|
||||
4- always use tomb using the `--kdf` flag: forge, lock, open etc.
|
||||
1. make sure libgcrypt dev packages are available
|
||||
2. run `make` inside the directory to build tomb-kdb-* executables
|
||||
3. optionally copy tomb-kdb-* into your PATH (/usr/local/bin)
|
||||
4. always use tomb using the `--kdf` flag: forge, lock, open etc.
|
||||
|
||||
In case one creates and uses KDF keys then the --kdf flag must be always present for tomb to work correctly. It might be handy to create an alias tomb=`tomb --kdf`.
|
||||
|
||||
|
@ -218,8 +218,8 @@ terms) Tomb provides machine-readable output and interaction via some flags:
|
||||
|
||||
Yet please consider that these flags may introduce vulnerabilities and
|
||||
other people logged on the same system can easily log your passwords
|
||||
while such commands are executing. We only recommend using the
|
||||
pinentry input for your passwords.
|
||||
while such commands are executing.
|
||||
We only recommend using the pinentry to input your passwords.
|
||||
|
||||
## Python
|
||||
|
||||
|
@ -62,7 +62,7 @@ test-tomb-create() {
|
||||
notice "Testing creation: forge"
|
||||
|
||||
tt forge /tmp/test.tomb.key \
|
||||
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom
|
||||
--ignore-swap --unsafe --tomb-pwd ${dummypass} --use-urandom
|
||||
|
||||
{ test $? = 0 } && {
|
||||
results+=(forge SUCCESS)
|
||||
@ -77,7 +77,7 @@ test-tomb-create() {
|
||||
notice "Testing creation: lock"
|
||||
|
||||
tt lock /tmp/test.tomb -k /tmp/test.tomb.key \
|
||||
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass}
|
||||
--ignore-swap --unsafe --tomb-pwd ${dummypass}
|
||||
|
||||
{ test $? = 0 } && { results+=(lock SUCCESS) }
|
||||
}
|
||||
@ -86,7 +86,7 @@ test-bind-hooks() {
|
||||
notice "Testing bind hooks"
|
||||
tt list test
|
||||
[[ $? = 0 ]] || {
|
||||
tt --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} \
|
||||
tt --ignore-swap --unsafe --tomb-pwd ${dummypass} \
|
||||
open /tmp/test.tomb -k /tmp/test.tomb.key }
|
||||
rnd=$RANDOM
|
||||
bindtest="dyne-tomb-bind-test-$rnd"
|
||||
@ -95,7 +95,7 @@ test-bind-hooks() {
|
||||
echo "$bindtest $bindtest" > /media/test.tomb/bind-hooks
|
||||
touch $HOME/$bindtest
|
||||
tt close test
|
||||
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||
tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||
rnd2=`cat $HOME/$bindtest`
|
||||
if [ "$rnd" = "$rnd2" ]; then
|
||||
notice "Bind hook on file matches"
|
||||
@ -116,11 +116,11 @@ test-set-key() {
|
||||
|
||||
sudo rm -f /tmp/test.tomb.new.key
|
||||
|
||||
tt forge -k /tmp/test.tomb.new.key --force --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom
|
||||
tt forge -k /tmp/test.tomb.new.key --force --unsafe --tomb-pwd ${dummypass} --use-urandom
|
||||
|
||||
tt setkey -k /tmp/test.tomb.new.key --unsecure-dev-mode --tomb-pwd ${dummypass} --tomb-old-pwd ${dummypass} /tmp/test.tomb.key /tmp/test.tomb
|
||||
tt setkey -k /tmp/test.tomb.new.key --unsafe --tomb-pwd ${dummypass} --tomb-old-pwd ${dummypass} /tmp/test.tomb.key /tmp/test.tomb
|
||||
|
||||
tt open -k /tmp/test.tomb.new.key --unsecure-dev-mode --tomb-pwd ${dummypass} /tmp/test.tomb
|
||||
tt open -k /tmp/test.tomb.new.key --unsafe --tomb-pwd ${dummypass} /tmp/test.tomb
|
||||
|
||||
[[ $? = 0 ]] && {
|
||||
notice "Setkey succesfully swapped tomb key"
|
||||
@ -150,7 +150,7 @@ test-tomb-create
|
||||
|
||||
notice "Testing open with wrong password"
|
||||
|
||||
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd wrongpassword open /tmp/test.tomb
|
||||
tt -k /tmp/test.tomb.key --unsafe --tomb-pwd wrongpassword open /tmp/test.tomb
|
||||
|
||||
{ test $? = 0 } || { results+=(badpass SUCCESS) }
|
||||
|
||||
@ -158,7 +158,7 @@ tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd wrongpassword open /tmp/
|
||||
|
||||
notice "Testing open with good password"
|
||||
|
||||
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||
tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||
|
||||
{ test $? = 0 } && { results+=(open SUCCESS) }
|
||||
|
||||
@ -171,10 +171,10 @@ tt close test
|
||||
notice "Testing changing tomb password"
|
||||
|
||||
tt passwd /tmp/test.tomb \
|
||||
-k /tmp/test.tomb.key --unsecure-dev-mode --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew}
|
||||
-k /tmp/test.tomb.key --unsafe --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew}
|
||||
|
||||
tt passwd /tmp/test.tomb \
|
||||
-k /tmp/test.tomb.key --unsecure-dev-mode --tomb-old-pwd ${dummypassnew} --tomb-pwd ${dummypass}
|
||||
-k /tmp/test.tomb.key --unsafe --tomb-old-pwd ${dummypassnew} --tomb-pwd ${dummypass}
|
||||
|
||||
{ test $? = 0 } && { results+=(passwd SUCCESS) }
|
||||
|
||||
@ -184,19 +184,19 @@ tt passwd /tmp/test.tomb \
|
||||
|
||||
notice "Generating content for file integrity test"
|
||||
|
||||
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||
tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||
|
||||
tt dig -s 10 /media/test.tomb/datacheck.raw
|
||||
|
||||
crc="sha256 /media/test.tomb/datacheck.raw"
|
||||
echo "$crc" > /media/test.tomb/datacheck.sha
|
||||
|
||||
tt --unsecure-dev-mode close test
|
||||
tt --unsafe close test
|
||||
|
||||
{ test $RESIZER = 1 } && {
|
||||
notice "Testing resize to 30 MiB"
|
||||
|
||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} -k /tmp/test.tomb.key resize /tmp/test.tomb -s 30
|
||||
tt --unsafe --tomb-pwd ${dummypass} -k /tmp/test.tomb.key resize /tmp/test.tomb -s 30
|
||||
|
||||
{ test $? = 0 } && { results+=(resize SUCCESS) }
|
||||
|
||||
@ -204,7 +204,7 @@ tt --unsecure-dev-mode close test
|
||||
|
||||
notice "Testing contents integrity"
|
||||
|
||||
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||
tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||
|
||||
{ test $? = 0 } && {
|
||||
|
||||
@ -246,23 +246,23 @@ test-set-key
|
||||
notice "Testing KDF key"
|
||||
sudo rm -f /tmp/test.tomb.kdf /tmp/kdf.tomb
|
||||
|
||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom --kdf 1 forge -k /tmp/test.tomb.kdf
|
||||
tt --unsafe --tomb-pwd ${dummypass} --use-urandom --kdf 1 forge -k /tmp/test.tomb.kdf
|
||||
|
||||
{ test $? = 0 } && { results+=(kdforge SUCCESS) }
|
||||
|
||||
tt passwd --unsecure-dev-mode --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew} --kdf 1 -k /tmp/test.tomb.kdf
|
||||
tt passwd --unsafe --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew} --kdf 1 -k /tmp/test.tomb.kdf
|
||||
|
||||
{ test $? = 0 } && { results+=(kdfpass SUCCESS) }
|
||||
|
||||
tt dig -s 10 /tmp/kdf.tomb
|
||||
|
||||
tt lock /tmp/kdf.tomb -k /tmp/test.tomb.kdf \
|
||||
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypassnew} --kdf 1
|
||||
--ignore-swap --unsafe --tomb-pwd ${dummypassnew} --kdf 1
|
||||
|
||||
{ test $? = 0 } && { results+=(kdflock SUCCESS) }
|
||||
|
||||
tt open /tmp/kdf.tomb -k /tmp/test.tomb.kdf \
|
||||
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypassnew} --kdf 1
|
||||
--ignore-swap --unsafe --tomb-pwd ${dummypassnew} --kdf 1
|
||||
|
||||
{ test $? = 0 } && { results+=(kdfopen SUCCESS) }
|
||||
|
||||
@ -277,25 +277,25 @@ test-set-key
|
||||
cp -f arditi.jpg /tmp/tomb.jpg
|
||||
sudo rm -f /tmp/test.steg.key
|
||||
|
||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} bury -k /tmp/test.tomb.key /tmp/tomb.jpg
|
||||
tt --unsafe --tomb-pwd ${dummypass} bury -k /tmp/test.tomb.key /tmp/tomb.jpg
|
||||
|
||||
{ test $? = 0 } && { results+=(stgin SUCCESS) }
|
||||
|
||||
rm -f /tmp/test.steg.key
|
||||
|
||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} exhume -k /tmp/test.steg.key /tmp/tomb.jpg
|
||||
tt --unsafe --tomb-pwd ${dummypass} exhume -k /tmp/test.steg.key /tmp/tomb.jpg
|
||||
|
||||
{ test $? = 0 } && { results+=(stgout SUCCESS) }
|
||||
|
||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k /tmp/test.steg.key /tmp/test.tomb
|
||||
tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/test.steg.key /tmp/test.tomb
|
||||
|
||||
{ test $? = 0 } && { results+=(stgopen SUCCESS) }
|
||||
|
||||
${T} close test
|
||||
|
||||
# test piping keys using -k -
|
||||
tkey=`tt --unsecure-dev-mode --tomb-pwd ${dummypass} exhume /tmp/tomb.jpg`
|
||||
print "$tkey" | tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k - /tmp/test.tomb
|
||||
tkey=`tt --unsafe --tomb-pwd ${dummypass} exhume /tmp/tomb.jpg`
|
||||
print "$tkey" | tt --unsafe --tomb-pwd ${dummypass} open -k - /tmp/test.tomb
|
||||
{ test $? = 0 } && { results+=(stgpipe SUCCESS) }
|
||||
|
||||
${T} close test
|
||||
@ -303,7 +303,7 @@ test-set-key
|
||||
|
||||
notice "test using open -k image.jpeg"
|
||||
|
||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k /tmp/tomb.jpg /tmp/test.tomb
|
||||
tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/tomb.jpg /tmp/test.tomb
|
||||
{ test $? = 0 } && { results+=(stgimpl SUCCESS) }
|
||||
|
||||
tt close test
|
||||
|
Loading…
Reference in New Issue
Block a user