documentation and runtests fixes

This commit is contained in:
Jaromil 2014-11-22 01:50:08 +01:00
parent 6bb1385c69
commit a4f597d86c
4 changed files with 36 additions and 36 deletions

View File

@ -13,7 +13,7 @@ German translation by x3nu.
Testing, reviews and documentation are contributed by Dreamer, Shining Testing, reviews and documentation are contributed by Dreamer, Shining
the Translucent, Mancausoft, Asbesto Molesto, Nignux, Vlax, The Grugq, the Translucent, Mancausoft, Asbesto Molesto, Nignux, Vlax, The Grugq,
Reiven, GDrooid, Alphazo and the Linux Action Show! Reiven, GDrooid, Alphazo, Brian May and the Linux Action Show!
Cryptsetup was developed by Christophe Saout and Clemens Fruhwirth. Cryptsetup was developed by Christophe Saout and Clemens Fruhwirth.

View File

@ -70,10 +70,10 @@ The Gtk3 tray adds a nifty tomb skull into the desktop toolbar: one can use it t
To have it enter `extras/gtk-tray` then To have it enter `extras/gtk-tray` then
1- make sure libnotify and gtk+-3.0 dev packages are available 1. make sure libnotify and gtk+-3.0 dev packages are available
2- run `make` inside the directory to build `tomb-gtk-tray` 2. run `make` inside the directory to build `tomb-gtk-tray`
3- optionally copy tomb-gtk-tray into your PATH (/usr/local/bin) 3. optionally copy tomb-gtk-tray into your PATH (/usr/local/bin)
4- start `tomb-gtk-tray tombname` for each tomb 4. start `tomb-gtk-tray tombname` for each tomb
One can include the launch of tomb-gtk-tray from scripts. One can include the launch of tomb-gtk-tray from scripts.
@ -85,10 +85,10 @@ In case an attacker comes in possession of both a tomb and its key, the easy to
To have it enter `extras/kdf-keys` then To have it enter `extras/kdf-keys` then
1- make sure libgcrypt dev packages are available 1. make sure libgcrypt dev packages are available
2- run `make` inside the directory to build tomb-kdb-* executables 2. run `make` inside the directory to build tomb-kdb-* executables
3- optionally copy tomb-kdb-* into your PATH (/usr/local/bin) 3. optionally copy tomb-kdb-* into your PATH (/usr/local/bin)
4- always use tomb using the `--kdf` flag: forge, lock, open etc. 4. always use tomb using the `--kdf` flag: forge, lock, open etc.
In case one creates and uses KDF keys then the --kdf flag must be always present for tomb to work correctly. It might be handy to create an alias tomb=`tomb --kdf`. In case one creates and uses KDF keys then the --kdf flag must be always present for tomb to work correctly. It might be handy to create an alias tomb=`tomb --kdf`.

View File

@ -218,8 +218,8 @@ terms) Tomb provides machine-readable output and interaction via some flags:
Yet please consider that these flags may introduce vulnerabilities and Yet please consider that these flags may introduce vulnerabilities and
other people logged on the same system can easily log your passwords other people logged on the same system can easily log your passwords
while such commands are executing. We only recommend using the while such commands are executing.
pinentry input for your passwords. We only recommend using the pinentry to input your passwords.
## Python ## Python

View File

@ -62,7 +62,7 @@ test-tomb-create() {
notice "Testing creation: forge" notice "Testing creation: forge"
tt forge /tmp/test.tomb.key \ tt forge /tmp/test.tomb.key \
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom --ignore-swap --unsafe --tomb-pwd ${dummypass} --use-urandom
{ test $? = 0 } && { { test $? = 0 } && {
results+=(forge SUCCESS) results+=(forge SUCCESS)
@ -77,7 +77,7 @@ test-tomb-create() {
notice "Testing creation: lock" notice "Testing creation: lock"
tt lock /tmp/test.tomb -k /tmp/test.tomb.key \ tt lock /tmp/test.tomb -k /tmp/test.tomb.key \
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} --ignore-swap --unsafe --tomb-pwd ${dummypass}
{ test $? = 0 } && { results+=(lock SUCCESS) } { test $? = 0 } && { results+=(lock SUCCESS) }
} }
@ -86,7 +86,7 @@ test-bind-hooks() {
notice "Testing bind hooks" notice "Testing bind hooks"
tt list test tt list test
[[ $? = 0 ]] || { [[ $? = 0 ]] || {
tt --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} \ tt --ignore-swap --unsafe --tomb-pwd ${dummypass} \
open /tmp/test.tomb -k /tmp/test.tomb.key } open /tmp/test.tomb -k /tmp/test.tomb.key }
rnd=$RANDOM rnd=$RANDOM
bindtest="dyne-tomb-bind-test-$rnd" bindtest="dyne-tomb-bind-test-$rnd"
@ -95,7 +95,7 @@ test-bind-hooks() {
echo "$bindtest $bindtest" > /media/test.tomb/bind-hooks echo "$bindtest $bindtest" > /media/test.tomb/bind-hooks
touch $HOME/$bindtest touch $HOME/$bindtest
tt close test tt close test
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
rnd2=`cat $HOME/$bindtest` rnd2=`cat $HOME/$bindtest`
if [ "$rnd" = "$rnd2" ]; then if [ "$rnd" = "$rnd2" ]; then
notice "Bind hook on file matches" notice "Bind hook on file matches"
@ -116,11 +116,11 @@ test-set-key() {
sudo rm -f /tmp/test.tomb.new.key sudo rm -f /tmp/test.tomb.new.key
tt forge -k /tmp/test.tomb.new.key --force --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom tt forge -k /tmp/test.tomb.new.key --force --unsafe --tomb-pwd ${dummypass} --use-urandom
tt setkey -k /tmp/test.tomb.new.key --unsecure-dev-mode --tomb-pwd ${dummypass} --tomb-old-pwd ${dummypass} /tmp/test.tomb.key /tmp/test.tomb tt setkey -k /tmp/test.tomb.new.key --unsafe --tomb-pwd ${dummypass} --tomb-old-pwd ${dummypass} /tmp/test.tomb.key /tmp/test.tomb
tt open -k /tmp/test.tomb.new.key --unsecure-dev-mode --tomb-pwd ${dummypass} /tmp/test.tomb tt open -k /tmp/test.tomb.new.key --unsafe --tomb-pwd ${dummypass} /tmp/test.tomb
[[ $? = 0 ]] && { [[ $? = 0 ]] && {
notice "Setkey succesfully swapped tomb key" notice "Setkey succesfully swapped tomb key"
@ -150,7 +150,7 @@ test-tomb-create
notice "Testing open with wrong password" notice "Testing open with wrong password"
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd wrongpassword open /tmp/test.tomb tt -k /tmp/test.tomb.key --unsafe --tomb-pwd wrongpassword open /tmp/test.tomb
{ test $? = 0 } || { results+=(badpass SUCCESS) } { test $? = 0 } || { results+=(badpass SUCCESS) }
@ -158,7 +158,7 @@ tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd wrongpassword open /tmp/
notice "Testing open with good password" notice "Testing open with good password"
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
{ test $? = 0 } && { results+=(open SUCCESS) } { test $? = 0 } && { results+=(open SUCCESS) }
@ -171,10 +171,10 @@ tt close test
notice "Testing changing tomb password" notice "Testing changing tomb password"
tt passwd /tmp/test.tomb \ tt passwd /tmp/test.tomb \
-k /tmp/test.tomb.key --unsecure-dev-mode --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew} -k /tmp/test.tomb.key --unsafe --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew}
tt passwd /tmp/test.tomb \ tt passwd /tmp/test.tomb \
-k /tmp/test.tomb.key --unsecure-dev-mode --tomb-old-pwd ${dummypassnew} --tomb-pwd ${dummypass} -k /tmp/test.tomb.key --unsafe --tomb-old-pwd ${dummypassnew} --tomb-pwd ${dummypass}
{ test $? = 0 } && { results+=(passwd SUCCESS) } { test $? = 0 } && { results+=(passwd SUCCESS) }
@ -184,19 +184,19 @@ tt passwd /tmp/test.tomb \
notice "Generating content for file integrity test" notice "Generating content for file integrity test"
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
tt dig -s 10 /media/test.tomb/datacheck.raw tt dig -s 10 /media/test.tomb/datacheck.raw
crc="sha256 /media/test.tomb/datacheck.raw" crc="sha256 /media/test.tomb/datacheck.raw"
echo "$crc" > /media/test.tomb/datacheck.sha echo "$crc" > /media/test.tomb/datacheck.sha
tt --unsecure-dev-mode close test tt --unsafe close test
{ test $RESIZER = 1 } && { { test $RESIZER = 1 } && {
notice "Testing resize to 30 MiB" notice "Testing resize to 30 MiB"
tt --unsecure-dev-mode --tomb-pwd ${dummypass} -k /tmp/test.tomb.key resize /tmp/test.tomb -s 30 tt --unsafe --tomb-pwd ${dummypass} -k /tmp/test.tomb.key resize /tmp/test.tomb -s 30
{ test $? = 0 } && { results+=(resize SUCCESS) } { test $? = 0 } && { results+=(resize SUCCESS) }
@ -204,7 +204,7 @@ tt --unsecure-dev-mode close test
notice "Testing contents integrity" notice "Testing contents integrity"
tt -k /tmp/test.tomb.key --unsecure-dev-mode --tomb-pwd ${dummypass} open /tmp/test.tomb tt -k /tmp/test.tomb.key --unsafe --tomb-pwd ${dummypass} open /tmp/test.tomb
{ test $? = 0 } && { { test $? = 0 } && {
@ -246,23 +246,23 @@ test-set-key
notice "Testing KDF key" notice "Testing KDF key"
sudo rm -f /tmp/test.tomb.kdf /tmp/kdf.tomb sudo rm -f /tmp/test.tomb.kdf /tmp/kdf.tomb
tt --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom --kdf 1 forge -k /tmp/test.tomb.kdf tt --unsafe --tomb-pwd ${dummypass} --use-urandom --kdf 1 forge -k /tmp/test.tomb.kdf
{ test $? = 0 } && { results+=(kdforge SUCCESS) } { test $? = 0 } && { results+=(kdforge SUCCESS) }
tt passwd --unsecure-dev-mode --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew} --kdf 1 -k /tmp/test.tomb.kdf tt passwd --unsafe --tomb-old-pwd ${dummypass} --tomb-pwd ${dummypassnew} --kdf 1 -k /tmp/test.tomb.kdf
{ test $? = 0 } && { results+=(kdfpass SUCCESS) } { test $? = 0 } && { results+=(kdfpass SUCCESS) }
tt dig -s 10 /tmp/kdf.tomb tt dig -s 10 /tmp/kdf.tomb
tt lock /tmp/kdf.tomb -k /tmp/test.tomb.kdf \ tt lock /tmp/kdf.tomb -k /tmp/test.tomb.kdf \
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypassnew} --kdf 1 --ignore-swap --unsafe --tomb-pwd ${dummypassnew} --kdf 1
{ test $? = 0 } && { results+=(kdflock SUCCESS) } { test $? = 0 } && { results+=(kdflock SUCCESS) }
tt open /tmp/kdf.tomb -k /tmp/test.tomb.kdf \ tt open /tmp/kdf.tomb -k /tmp/test.tomb.kdf \
--ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypassnew} --kdf 1 --ignore-swap --unsafe --tomb-pwd ${dummypassnew} --kdf 1
{ test $? = 0 } && { results+=(kdfopen SUCCESS) } { test $? = 0 } && { results+=(kdfopen SUCCESS) }
@ -277,25 +277,25 @@ test-set-key
cp -f arditi.jpg /tmp/tomb.jpg cp -f arditi.jpg /tmp/tomb.jpg
sudo rm -f /tmp/test.steg.key sudo rm -f /tmp/test.steg.key
tt --unsecure-dev-mode --tomb-pwd ${dummypass} bury -k /tmp/test.tomb.key /tmp/tomb.jpg tt --unsafe --tomb-pwd ${dummypass} bury -k /tmp/test.tomb.key /tmp/tomb.jpg
{ test $? = 0 } && { results+=(stgin SUCCESS) } { test $? = 0 } && { results+=(stgin SUCCESS) }
rm -f /tmp/test.steg.key rm -f /tmp/test.steg.key
tt --unsecure-dev-mode --tomb-pwd ${dummypass} exhume -k /tmp/test.steg.key /tmp/tomb.jpg tt --unsafe --tomb-pwd ${dummypass} exhume -k /tmp/test.steg.key /tmp/tomb.jpg
{ test $? = 0 } && { results+=(stgout SUCCESS) } { test $? = 0 } && { results+=(stgout SUCCESS) }
tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k /tmp/test.steg.key /tmp/test.tomb tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/test.steg.key /tmp/test.tomb
{ test $? = 0 } && { results+=(stgopen SUCCESS) } { test $? = 0 } && { results+=(stgopen SUCCESS) }
${T} close test ${T} close test
# test piping keys using -k - # test piping keys using -k -
tkey=`tt --unsecure-dev-mode --tomb-pwd ${dummypass} exhume /tmp/tomb.jpg` tkey=`tt --unsafe --tomb-pwd ${dummypass} exhume /tmp/tomb.jpg`
print "$tkey" | tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k - /tmp/test.tomb print "$tkey" | tt --unsafe --tomb-pwd ${dummypass} open -k - /tmp/test.tomb
{ test $? = 0 } && { results+=(stgpipe SUCCESS) } { test $? = 0 } && { results+=(stgpipe SUCCESS) }
${T} close test ${T} close test
@ -303,7 +303,7 @@ test-set-key
notice "test using open -k image.jpeg" notice "test using open -k image.jpeg"
tt --unsecure-dev-mode --tomb-pwd ${dummypass} open -k /tmp/tomb.jpg /tmp/test.tomb tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/tomb.jpg /tmp/test.tomb
{ test $? = 0 } && { results+=(stgimpl SUCCESS) } { test $? = 0 } && { results+=(stgimpl SUCCESS) }
tt close test tt close test