mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-12-23 02:28:58 +00:00
documentation and runtests fixes
This commit is contained in:
parent
6bb1385c69
commit
a4f597d86c
@ -13,7 +13,7 @@ German translation by x3nu.
|
|||||||
|
|
||||||
Testing, reviews and documentation are contributed by Dreamer, Shining
|
Testing, reviews and documentation are contributed by Dreamer, Shining
|
||||||
the Translucent, Mancausoft, Asbesto Molesto, Nignux, Vlax, The Grugq,
|
the Translucent, Mancausoft, Asbesto Molesto, Nignux, Vlax, The Grugq,
|
||||||
Reiven, GDrooid, Alphazo and the Linux Action Show!
|
Reiven, GDrooid, Alphazo, Brian May and the Linux Action Show!
|
||||||
|
|
||||||
Cryptsetup was developed by Christophe Saout and Clemens Fruhwirth.
|
Cryptsetup was developed by Christophe Saout and Clemens Fruhwirth.
|
||||||
|
|
||||||
|
16
INSTALL.md
16
INSTALL.md
@ -70,10 +70,10 @@ The Gtk3 tray adds a nifty tomb skull into the desktop toolbar: one can use it t
|
|||||||
|
|
||||||
To have it enter `extras/gtk-tray` then
|
To have it enter `extras/gtk-tray` then
|
||||||
|
|
||||||
1- make sure libnotify and gtk+-3.0 dev packages are available
|
1. make sure libnotify and gtk+-3.0 dev packages are available
|
||||||
2- run `make` inside the directory to build `tomb-gtk-tray`
|
2. run `make` inside the directory to build `tomb-gtk-tray`
|
||||||
3- optionally copy tomb-gtk-tray into your PATH (/usr/local/bin)
|
3. optionally copy tomb-gtk-tray into your PATH (/usr/local/bin)
|
||||||
4- start `tomb-gtk-tray tombname` for each tomb
|
4. start `tomb-gtk-tray tombname` for each tomb
|
||||||
|
|
||||||
One can include the launch of tomb-gtk-tray from scripts.
|
One can include the launch of tomb-gtk-tray from scripts.
|
||||||
|
|
||||||
@ -85,10 +85,10 @@ In case an attacker comes in possession of both a tomb and its key, the easy to
|
|||||||
|
|
||||||
To have it enter `extras/kdf-keys` then
|
To have it enter `extras/kdf-keys` then
|
||||||
|
|
||||||
1- make sure libgcrypt dev packages are available
|
1. make sure libgcrypt dev packages are available
|
||||||
2- run `make` inside the directory to build tomb-kdb-* executables
|
2. run `make` inside the directory to build tomb-kdb-* executables
|
||||||
3- optionally copy tomb-kdb-* into your PATH (/usr/local/bin)
|
3. optionally copy tomb-kdb-* into your PATH (/usr/local/bin)
|
||||||
4- always use tomb using the `--kdf` flag: forge, lock, open etc.
|
4. always use tomb using the `--kdf` flag: forge, lock, open etc.
|
||||||
|
|
||||||
In case one creates and uses KDF keys then the --kdf flag must be always present for tomb to work correctly. It might be handy to create an alias tomb=`tomb --kdf`.
|
In case one creates and uses KDF keys then the --kdf flag must be always present for tomb to work correctly. It might be handy to create an alias tomb=`tomb --kdf`.
|
||||||
|
|
||||||
|
@ -218,8 +218,8 @@ terms) Tomb provides machine-readable output and interaction via some flags:
|
|||||||
|
|
||||||
Yet please consider that these flags may introduce vulnerabilities and
|
Yet please consider that these flags may introduce vulnerabilities and
|
||||||
other people logged on the same system can easily log your passwords
|
other people logged on the same system can easily log your passwords
|
||||||
while such commands are executing. We only recommend using the
|
while such commands are executing.
|
||||||
pinentry input for your passwords.
|
We only recommend using the pinentry to input your passwords.
|
||||||
|
|
||||||
## Python
|
## Python
|
||||||
|
|
||||||
|
@ -62,7 +62,7 @@ test-tomb-create() {
|
|||||||
notice "Testing creation: forge"
|
notice "Testing creation: forge"
|
||||||
|
|
||||||
tt forge /tmp/test.tomb.key \
|
tt forge /tmp/test.tomb.key \
|
||||||
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom
|
--ignore-swap --unsafe --tomb-pwd ${dummypass} --use-urandom
|
||||||
|
|
||||||
{ test $? = 0 } && {
|
{ test $? = 0 } && {
|
||||||
results+=(forge SUCCESS)
|
results+=(forge SUCCESS)
|
||||||
@ -77,7 +77,7 @@ test-tomb-create() {
|
|||||||
notice "Testing creation: lock"
|
notice "Testing creation: lock"
|
||||||
|
|
||||||
tt lock /tmp/test.tomb -k /tmp/test.tomb.key \
|
tt lock /tmp/test.tomb -k /tmp/test.tomb.key \
|
||||||
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass}
|
--ignore-swap --unsafe --tomb-pwd ${dummypass}
|
||||||
|
|
||||||
{ test $? = 0 } && { results+=(lock SUCCESS) }
|
{ test $? = 0 } && { results+=(lock SUCCESS) }
|
||||||
}
|
}
|
||||||
@ -86,7 +86,7 @@ test-bind-hooks() {
|
|||||||
notice "Testing bind hooks"
|
notice "Testing bind hooks"
|
||||||
tt list test
|
tt list test
|
||||||
[[ $? = 0 ]] || {
|
[[ $? = 0 ]] || {
|
||||||
tt --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} \
|
tt --ignore-swap --unsafe --tomb-pwd ${dummypass} \
|
||||||
open /tmp/test.tomb -k /tmp/test.tomb.key }
|
open /tmp/test.tomb -k /tmp/test.tomb.key }
|
||||||
rnd=$RANDOM
|
rnd=$RANDOM
|
||||||
bindtest="dyne-tomb-bind-test-$rnd"
|
bindtest="dyne-tomb-bind-test-$rnd"
|
||||||
@ -95,7 +95,7 @@ test-bind-hooks() {
|
|||||||
echo "$bindtest $bindtest" > /media/test.tomb/bind-hooks
|
echo "$bindtest $bindtest" > /media/test.tomb/bind-hooks
|
||||||
touch $HOME/$bindtest
|
touch $HOME/$bindtest
|
||||||
tt close test
|
tt close test
|
||||||
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb
|
tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||||
rnd2=`cat $HOME/$bindtest`
|
rnd2=`cat $HOME/$bindtest`
|
||||||
if [ "$rnd" = "$rnd2" ]; then
|
if [ "$rnd" = "$rnd2" ]; then
|
||||||
notice "Bind hook on file matches"
|
notice "Bind hook on file matches"
|
||||||
@ -116,11 +116,11 @@ test-set-key() {
|
|||||||
|
|
||||||
sudo rm -f /tmp/test.tomb.new.key
|
sudo rm -f /tmp/test.tomb.new.key
|
||||||
|
|
||||||
tt forge -k /tmp/test.tomb.new.key --force --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom
|
tt forge -k /tmp/test.tomb.new.key --force --unsafe --tomb-pwd ${dummypass} --use-urandom
|
||||||
|
|
||||||
tt setkey -k /tmp/test.tomb.new.key --unsecure-dev-mode --tomb-pwd ${dummypass} --tomb-old-pwd ${dummypass} /tmp/test.tomb.key /tmp/test.tomb
|
tt setkey -k /tmp/test.tomb.new.key --unsafe --tomb-pwd ${dummypass} --tomb-old-pwd ${dummypass} /tmp/test.tomb.key /tmp/test.tomb
|
||||||
|
|
||||||
tt open -k /tmp/test.tomb.new.key --unsecure-dev-mode --tomb-pwd ${dummypass} /tmp/test.tomb
|
tt open -k /tmp/test.tomb.new.key --unsafe --tomb-pwd ${dummypass} /tmp/test.tomb
|
||||||
|
|
||||||
[[ $? = 0 ]] && {
|
[[ $? = 0 ]] && {
|
||||||
notice "Setkey succesfully swapped tomb key"
|
notice "Setkey succesfully swapped tomb key"
|
||||||
@ -150,7 +150,7 @@ test-tomb-create
|
|||||||
|
|
||||||
notice "Testing open with wrong password"
|
notice "Testing open with wrong password"
|
||||||
|
|
||||||
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd wrongpassword open /tmp/test.tomb
|
tt -k /tmp/test.tomb.key --unsafe --tomb-pwd wrongpassword open /tmp/test.tomb
|
||||||
|
|
||||||
{ test $? = 0 } || { results+=(badpass SUCCESS) }
|
{ test $? = 0 } || { results+=(badpass SUCCESS) }
|
||||||
|
|
||||||
@ -158,7 +158,7 @@ tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd wrongpassword open /tmp/
|
|||||||
|
|
||||||
notice "Testing open with good password"
|
notice "Testing open with good password"
|
||||||
|
|
||||||
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb
|
tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||||
|
|
||||||
{ test $? = 0 } && { results+=(open SUCCESS) }
|
{ test $? = 0 } && { results+=(open SUCCESS) }
|
||||||
|
|
||||||
@ -171,10 +171,10 @@ tt close test
|
|||||||
notice "Testing changing tomb password"
|
notice "Testing changing tomb password"
|
||||||
|
|
||||||
tt passwd /tmp/test.tomb \
|
tt passwd /tmp/test.tomb \
|
||||||
-k /tmp/test.tomb.key --unsecure-dev-mode --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew}
|
-k /tmp/test.tomb.key --unsafe --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew}
|
||||||
|
|
||||||
tt passwd /tmp/test.tomb \
|
tt passwd /tmp/test.tomb \
|
||||||
-k /tmp/test.tomb.key --unsecure-dev-mode --tomb-old-pwd ${dummypassnew} --tomb-pwd ${dummypass}
|
-k /tmp/test.tomb.key --unsafe --tomb-old-pwd ${dummypassnew} --tomb-pwd ${dummypass}
|
||||||
|
|
||||||
{ test $? = 0 } && { results+=(passwd SUCCESS) }
|
{ test $? = 0 } && { results+=(passwd SUCCESS) }
|
||||||
|
|
||||||
@ -184,19 +184,19 @@ tt passwd /tmp/test.tomb \
|
|||||||
|
|
||||||
notice "Generating content for file integrity test"
|
notice "Generating content for file integrity test"
|
||||||
|
|
||||||
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb
|
tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||||
|
|
||||||
tt dig -s 10 /media/test.tomb/datacheck.raw
|
tt dig -s 10 /media/test.tomb/datacheck.raw
|
||||||
|
|
||||||
crc="sha256 /media/test.tomb/datacheck.raw"
|
crc="sha256 /media/test.tomb/datacheck.raw"
|
||||||
echo "$crc" > /media/test.tomb/datacheck.sha
|
echo "$crc" > /media/test.tomb/datacheck.sha
|
||||||
|
|
||||||
tt --unsecure-dev-mode close test
|
tt --unsafe close test
|
||||||
|
|
||||||
{ test $RESIZER = 1 } && {
|
{ test $RESIZER = 1 } && {
|
||||||
notice "Testing resize to 30 MiB"
|
notice "Testing resize to 30 MiB"
|
||||||
|
|
||||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} -k /tmp/test.tomb.key resize /tmp/test.tomb -s 30
|
tt --unsafe --tomb-pwd ${dummypass} -k /tmp/test.tomb.key resize /tmp/test.tomb -s 30
|
||||||
|
|
||||||
{ test $? = 0 } && { results+=(resize SUCCESS) }
|
{ test $? = 0 } && { results+=(resize SUCCESS) }
|
||||||
|
|
||||||
@ -204,7 +204,7 @@ tt --unsecure-dev-mode close test
|
|||||||
|
|
||||||
notice "Testing contents integrity"
|
notice "Testing contents integrity"
|
||||||
|
|
||||||
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb
|
tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
|
||||||
|
|
||||||
{ test $? = 0 } && {
|
{ test $? = 0 } && {
|
||||||
|
|
||||||
@ -246,23 +246,23 @@ test-set-key
|
|||||||
notice "Testing KDF key"
|
notice "Testing KDF key"
|
||||||
sudo rm -f /tmp/test.tomb.kdf /tmp/kdf.tomb
|
sudo rm -f /tmp/test.tomb.kdf /tmp/kdf.tomb
|
||||||
|
|
||||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom --kdf 1 forge -k /tmp/test.tomb.kdf
|
tt --unsafe --tomb-pwd ${dummypass} --use-urandom --kdf 1 forge -k /tmp/test.tomb.kdf
|
||||||
|
|
||||||
{ test $? = 0 } && { results+=(kdforge SUCCESS) }
|
{ test $? = 0 } && { results+=(kdforge SUCCESS) }
|
||||||
|
|
||||||
tt passwd --unsecure-dev-mode --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew} --kdf 1 -k /tmp/test.tomb.kdf
|
tt passwd --unsafe --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew} --kdf 1 -k /tmp/test.tomb.kdf
|
||||||
|
|
||||||
{ test $? = 0 } && { results+=(kdfpass SUCCESS) }
|
{ test $? = 0 } && { results+=(kdfpass SUCCESS) }
|
||||||
|
|
||||||
tt dig -s 10 /tmp/kdf.tomb
|
tt dig -s 10 /tmp/kdf.tomb
|
||||||
|
|
||||||
tt lock /tmp/kdf.tomb -k /tmp/test.tomb.kdf \
|
tt lock /tmp/kdf.tomb -k /tmp/test.tomb.kdf \
|
||||||
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypassnew} --kdf 1
|
--ignore-swap --unsafe --tomb-pwd ${dummypassnew} --kdf 1
|
||||||
|
|
||||||
{ test $? = 0 } && { results+=(kdflock SUCCESS) }
|
{ test $? = 0 } && { results+=(kdflock SUCCESS) }
|
||||||
|
|
||||||
tt open /tmp/kdf.tomb -k /tmp/test.tomb.kdf \
|
tt open /tmp/kdf.tomb -k /tmp/test.tomb.kdf \
|
||||||
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypassnew} --kdf 1
|
--ignore-swap --unsafe --tomb-pwd ${dummypassnew} --kdf 1
|
||||||
|
|
||||||
{ test $? = 0 } && { results+=(kdfopen SUCCESS) }
|
{ test $? = 0 } && { results+=(kdfopen SUCCESS) }
|
||||||
|
|
||||||
@ -277,25 +277,25 @@ test-set-key
|
|||||||
cp -f arditi.jpg /tmp/tomb.jpg
|
cp -f arditi.jpg /tmp/tomb.jpg
|
||||||
sudo rm -f /tmp/test.steg.key
|
sudo rm -f /tmp/test.steg.key
|
||||||
|
|
||||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} bury -k /tmp/test.tomb.key /tmp/tomb.jpg
|
tt --unsafe --tomb-pwd ${dummypass} bury -k /tmp/test.tomb.key /tmp/tomb.jpg
|
||||||
|
|
||||||
{ test $? = 0 } && { results+=(stgin SUCCESS) }
|
{ test $? = 0 } && { results+=(stgin SUCCESS) }
|
||||||
|
|
||||||
rm -f /tmp/test.steg.key
|
rm -f /tmp/test.steg.key
|
||||||
|
|
||||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} exhume -k /tmp/test.steg.key /tmp/tomb.jpg
|
tt --unsafe --tomb-pwd ${dummypass} exhume -k /tmp/test.steg.key /tmp/tomb.jpg
|
||||||
|
|
||||||
{ test $? = 0 } && { results+=(stgout SUCCESS) }
|
{ test $? = 0 } && { results+=(stgout SUCCESS) }
|
||||||
|
|
||||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k /tmp/test.steg.key /tmp/test.tomb
|
tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/test.steg.key /tmp/test.tomb
|
||||||
|
|
||||||
{ test $? = 0 } && { results+=(stgopen SUCCESS) }
|
{ test $? = 0 } && { results+=(stgopen SUCCESS) }
|
||||||
|
|
||||||
${T} close test
|
${T} close test
|
||||||
|
|
||||||
# test piping keys using -k -
|
# test piping keys using -k -
|
||||||
tkey=`tt --unsecure-dev-mode --tomb-pwd ${dummypass} exhume /tmp/tomb.jpg`
|
tkey=`tt --unsafe --tomb-pwd ${dummypass} exhume /tmp/tomb.jpg`
|
||||||
print "$tkey" | tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k - /tmp/test.tomb
|
print "$tkey" | tt --unsafe --tomb-pwd ${dummypass} open -k - /tmp/test.tomb
|
||||||
{ test $? = 0 } && { results+=(stgpipe SUCCESS) }
|
{ test $? = 0 } && { results+=(stgpipe SUCCESS) }
|
||||||
|
|
||||||
${T} close test
|
${T} close test
|
||||||
@ -303,7 +303,7 @@ test-set-key
|
|||||||
|
|
||||||
notice "test using open -k image.jpeg"
|
notice "test using open -k image.jpeg"
|
||||||
|
|
||||||
tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k /tmp/tomb.jpg /tmp/test.tomb
|
tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/tomb.jpg /tmp/test.tomb
|
||||||
{ test $? = 0 } && { results+=(stgimpl SUCCESS) }
|
{ test $? = 0 } && { results+=(stgimpl SUCCESS) }
|
||||||
|
|
||||||
tt close test
|
tt close test
|
||||||
|
Loading…
Reference in New Issue
Block a user