Commit Graph

882 Commits

Author SHA1 Message Date
Alexandre Pujol
d720e4b2ce
Remove --shared flag when sharing a tomb key. See #252 2017-03-24 20:08:33 +00:00
Jaromil
6c2077fee1 make documentation less opinionated about the u/random issue
fix #253
2017-03-22 16:40:21 +01:00
Jaromil
ba9c0481cc Merge pull request #250 from roddhjav/gpg-support
Options for GnuPG Key
2017-03-20 21:03:03 +01:00
Alexandre Pujol
bb77de0815
Fix compatibility with GnuPG 2.2.19
GnuPG 2.2.19 added a warning when no command was given. Some invocations
do not specify a command, added --decrypt in this these cases.
2017-03-20 19:14:47 +00:00
Alexandre Pujol
29a177aa05
Fix issue #251 2017-03-20 19:07:04 +00:00
Jaromil
69f52bee25 information about compatible software 2017-03-18 15:24:01 +01:00
Alexandre Pujol
c793e0b132
Add support for non hidden and hidden recipient
Use -r to provide non-hidden recipient,
Use -R to provide hidden recipient.
2017-03-03 21:19:04 +00:00
Alexandre Pujol
6352a1d417
Add GPG default key support for key encryption
If the option -r is not set, use the gpg default key to encrypt
a tomb key
2017-03-03 20:36:50 +00:00
Jaromil
0644ebe951 updated manual to reflect final stage of gpg asymmetric encryption 2017-02-21 15:39:54 +01:00
Jaromil
b0815b514b small improvement to ISO compliancy documentation 2017-02-20 22:13:43 +01:00
Jaromil
3f06bce8eb failed bind-hooks (missing target) no more abort the mount operation
a warning is printed and the mounting goes forward without the hooks
2017-02-20 22:13:43 +01:00
Jaromil
e37982d114 Merge pull request #244 from roddhjav/gnupg-key-support
GnuPG Key Support
2017-02-20 22:09:48 +01:00
Jaromil
bea7fe3f7c Merge branch 'master' into gnupg-key-support 2017-02-20 20:47:06 +01:00
Jaromil
1f022d10f1 Merge pull request #248 from mesbahamin/open_read_only
Open non-writable Tomb files with "read only " mount option
2017-02-18 20:30:33 +01:00
Jaromil
2bc7e43198 Merge pull request #245 from Arusekk/master
Totally fixed spaces handling in tomb and tomber
2017-02-14 10:58:35 +01:00
Amin Mesbah
70334f58fb Skip writable check when mounting with "ro" option.
When opening a tomb file with "ro" passed through the -o option, the
writability check in is-valid-tomb() is skipped. This allows tomb files
to be opened without write permission.

test-open-read-only() now succeeds.
2017-02-12 17:44:55 -08:00
Amin Mesbah
f4f8c4e024 Add failing test for opening read-only tomb.
Adds a test function called test-open-read-only(). The test prepares a
tomb file, removes the "write" permissions from it, and then attempts to
open it with "read-only" mount options (`-o ro,noatime,nodev`).

The test currently fails as expected.
2017-02-12 16:39:39 -08:00
Arusekk
f4cdc1a0c5 Fixed spaces handling in Tomb 2017-02-10 21:05:04 +01:00
Alexandre Pujol
4a7019715f Use --hidden-recipient by default instead of --recipient.
Due to the hidden-recipient, GPG will try all the available keys. User
can speed up this process providing the recipent using the -r
option. Therefore, 'tomb open' optionaly support the -r option.
2017-02-09 20:59:10 +00:00
Alexandre Pujol
c63fcf2730 Fix is_valid_recipients private key detection 2017-02-09 19:18:02 +00:00
Alexandre Pujol
528140738a Add -g/--gpgkey option to tell tomb to use GPG key to encrypt a tomb key
Option -r is now only used to provide the recipient
Option -R removed, the new recipient can be given by the -r option.
2017-02-09 18:57:34 +00:00
Jaromil
8832471170 Merge pull request #246 from Narrat/bug/slam
lsof should be correctly detected now
2017-02-09 02:23:10 +01:00
Narrat
e69795fe71 lsof should be correctly detected now
LSOF would be set everytime otherwise
2017-02-07 03:30:25 +01:00
Jaromil
5b7f875f3d Merge pull request #243 from Narrat/bug/slam
Use of lsof to fix slam for specific mountpoint
2017-02-06 11:52:08 +01:00
Narrat
b2ee2114cf Make lsof an optional dep
tomb doesn't need lsof for anything else, and can work regulary without it.
So make it an optional feature, which allows to slam a tomb if lsof is installed

Updates additionally the man page and generates a new pdf from it
2017-02-05 20:03:29 +01:00
Alexandre Pujol
bfe5bb9707 Update the man page with GPG key support 2017-02-03 23:57:52 +00:00
Alexandre Pujol
f27130053d Add new options description in tomb -h 2017-02-03 23:57:52 +00:00
Alexandre Pujol
6cfffef137 Update function comments & description with GPG recipient support. 2017-02-03 23:57:52 +00:00
Alexandre Pujol
dfc593f9d6 Add support for GPG key in the tomb outputs. 2017-02-03 23:57:52 +00:00
Alexandre Pujol
e8384ec7ac Allow opening a tomb without giving a valid recipient.
The -r option always requires an arguments. However GPG does not need
any recipient when decrypting a key. In order to be able to open a tomb
without writing (the long) recipient, the user can use the -f option to
short-cut the valid recipient checking. A dummy recipient is still required.
2017-02-03 23:57:52 +00:00
Alexandre Pujol
6f89dbd2fe Add '--shared' in order to activate sharing support.
Sharing feature is a very sensitive action, the user needs to trust the
GPG public key it is going to share its tomb. This is why this feature
needs to be explicitly activated using in more the flag --shared
on the key encryption commands.
2017-02-03 23:57:52 +00:00
Alexandre Pujol
15164f5578 Add sharing support for tomb key.
A tomb key can be encrypted with more than one recipient. Therefore, a
tomb can be shared between different user. The multiple recipients are
given using the -r (or/and -R) option and must be separated by ','.

Multiple recipients can be given for the commands: forge, setket and passwd
2017-02-03 23:57:52 +00:00
Alexandre Pujol
53b7460274 Add tomb setkey support for GPG key 2017-02-03 23:57:52 +00:00
Alexandre Pujol
a200448de2 Add tomb resize support for GPG key 2017-02-03 23:57:52 +00:00
Alexandre Pujol
47ddeebbc4 Add support to change the GPG key used to encrypt a tomb key. (tomb passwd) 2017-02-03 23:57:52 +00:00
Alexandre Pujol
5a35ab9668 Improve key encryption/decryption using GPG key.
Decryption/Encryption works without these improvment, however, there
are needed in order to have clean key (without empty line).

Moreover, tests showed not doing cause troubles when changing the GPG key
used to encrypt a tomb key.
2017-02-03 23:57:52 +00:00
Alexandre Pujol
8f8dc0a0d4 Improve exhumation of key when opening a tomb 2017-02-03 23:57:52 +00:00
Alexandre Pujol
b23e9aa028 Add --tomb-pwd support for GPG key on steganography functions 2017-02-03 23:57:52 +00:00
Alexandre Pujol
e2fe8e508e Add unit tests for steganography feature using GPG key 2017-02-03 23:57:52 +00:00
Alexandre Pujol
d1b016b3c1 Add GPG recipient support for steganography function (bury and exhume)
The tomb policy is to use the same password to encrypt
the key and to bury it. However, steganography cannot be
done with GPG key. Therefore, we check the user can
decrypt the tomb with its GPG key and we ask for a
steganography password. Having different method is a
technical requirement and should enhance security.
2017-02-03 23:57:52 +00:00
Alexandre Pujol
2d516cbaed Check if the GPG key given is a valid.
Add the function 'is_valid_recipients'
A key is valid if both public and private keys are present
in the GPG database
2017-02-03 23:57:52 +00:00
Alexandre Pujol
902860fd9f Add GPG recipient support when generating a new tomb key 2017-02-03 23:57:52 +00:00
Alexandre Pujol
db7109da4a Add tests for GPG recipient support in tomb 2017-02-03 23:57:52 +00:00
Alexandre Pujol
f72534790a Fix test suite error in the return code: GLOBAL_RESULT were always true. 2017-02-03 23:57:52 +00:00
Alexandre Pujol
e78af47c56 Add a GPG database in 'extras/test/gnupg' for test suite purpose
The GPG Key are unencrypted. Do not use them for an other purpose
than a test suite.
2017-02-03 23:57:52 +00:00
Alexandre Pujol
6c0d89cab1 Use -r option to shortcut interactive tomb password popup 2017-02-03 23:57:52 +00:00
Alexandre Pujol
9ee0a1550e Add -r option to enable GPG key integration.
The flag -r (for recipient like in GPG itself) takes a mandatory
argument, the GPG key ID.
2017-02-03 23:57:52 +00:00
Narrat
537bb6aaeb Use of lsof to fix slam for specific mountpoint
Apparantly fuser didn't report back, if the tomb was mounted in a subdir of /run (whereas /run itself is often a tmpfs mount).
With no list of process ids those couldn't be killed, so slamming the tomb failed.
lsof is capable to report back the sought information.

Fixes #220

Additionally fixing the debug output, where a hardcoded mountpoint was used
2017-02-03 17:46:16 +01:00
Jaromil
1f852908ae improved readme, section on compliancy 2017-02-01 09:19:09 +01:00
Jaromil
9110ccd9d1 really use key-size 512 on luksFormat 2017-01-29 21:54:46 +01:00