tomb

the crypto undertaker
git clone git://parazyd.org/tomb.git
Log | Files | Refs | README | LICENSE
commit f3c18819d24976213554625be822ac1ccab2ae05
parent 551a7839f500a9ba4b26cd63774019d91615cb16
Author: Jaromil <jaromil@dyne.org>
Date:   Thu, 20 Jun 2013 10:26:12 +0200

documentation and test improvements

also renamed 'backup' command into 'engrave'

Diffstat:

Mextras/test/runtests | 11++++++-----


Mtomb | 52+++++++++++++++++++++++++++++++---------------------


2 files changed, 37 insertions(+), 26 deletions(-)

diff --git a/extras/test/runtests b/extras/test/runtests
@@ -11,7 +11,7 @@ error() { _warning "     ${@}"; }
 tt() {
 	start_loops=(`sudo losetup -a |cut -d: -f1`)
 	start_temps=(`find /dev/shm -name 'tomb*'`)
-	${T} ${=@}
+	${T} -D ${=@}
 	res=$?
 	loops=(`sudo losetup -a |cut -d: -f1`)
 	temps=(`find /dev/shm -name 'tomb*'`)
@@ -47,16 +47,20 @@ startloops=(`sudo losetup -a |cut -d: -f1`)
 
 
 
-notice "Testing creation"
+notice "Testing creation: dig"
 
 tt dig -s 20 /tmp/test.tomb
 
 { test $? = 0 } && { results+=(dig SUCCESS) }
 
+notice "Testing creation: forge"
+
 tt --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} --use-urandom forge /tmp/test.tomb.key
 
 { test $? = 0 } && { results+=(forge SUCCESS) }
 
+notice "Testing creation: lock"
+
 tt --ignore-swap --unsecure-dev-mode --tomb-pwd ${dummypass} lock /tmp/test.tomb -k /tmp/test.tomb.key
 
 { test $? = 0 } && { results+=(lock SUCCESS) }
@@ -126,9 +130,6 @@ if [ "$rnd" = "$rnd2" ]; then
 else
 	error "Bind hook on file reports incongruence"
 fi
-sudo umount $HOME/test-$rnd
-rm /media/test.tomb/bind-hooks
-rm /media/test.tomb/test-$rnd
 tt close test
 
 
diff --git a/tomb b/tomb
@@ -254,43 +254,43 @@ is_valid_tomb() {
 usage() {
     cat <<EOF
 
-Syntax: tomb [options] command [file] [place]
+Syntax: tomb [options] command [arguments]
 
 Commands:
 
+ // Creation:
  dig     create a new empty TOMB file of --size in MB
  forge   create a new KEY file and set its password
  lock    installs a lock on a TOMB to use it with KEY
 
+ // Operations on tombs:
  open    open an existing TOMB
-
  index   update the search indexes of tombs
  search  looks for filenames matching text patterns
-
- list    list open TOMBs
-
- close   close a TOMB (or all)
+ list    list of open TOMBs and information on them
+ close   close a specific TOMB (or 'all')
  slam    slam a TOMB killing all programs using it
 
+ // Operations on keys:
  passwd  change the password of a KEY
  change  change the KEY locking a TOMB (needs old one)
 EOF
+    if [ "$RESIZER" = 1 ]; then
+	cat <<EOF
+ resize  resize a TOMB to a new --size (can only grow)
+EOF
+    fi
 
     { test "$QRENCODE" = "1" } && {
 	cat <<EOF
- backup  makes a QR code of a KEY to be saved on paper
+ engrave makes a QR code of a KEY to be saved on paper
 EOF
     }
 
-    if [ "$RESIZER" = 1 ]; then
-	cat <<EOF
- resize  resize a TOMB to a new --size (can only grow)
-EOF
-    fi
     if [ "$STEGHIDE" = 1 ]; then
 	cat <<EOF
- bury       hide a KEY inside a JPEG image
- exhume     extract a KEY from a JPEG image
+ bury    hide a KEY inside a JPEG image
+ exhume  extract a KEY from a JPEG image
 EOF
     fi
     cat <<EOF
@@ -305,7 +305,7 @@ Options:
 EOF
     { test "$KDF" = 1 } && {
 	cat <<EOF
- --kdf  seconds generate passwords against dictionary attacks
+ --kdf  generate passwords armored against dictionary attacks
 EOF
     }
 
@@ -773,6 +773,7 @@ gen_key() {
     # KDF is a new key strenghtening technique against brute forcing
     # see: https://github.com/dyne/Tomb/issues/82
 	itertime="`option_value --kdf`"
+	{ test "$itertime" = "" } && { itertime=".5" }
 	_verbose "KDF itertime chosen: $itertime"
 	    # --kdf takes one parameter: iter time (on present machine) in seconds
 	local -i microseconds
@@ -901,7 +902,7 @@ exhume_key() {
 
 # Produces a printable image of the key contents so that it can be
 # backuped on paper and hidden in books etc.
-backup_key() {
+engrave_key() {
     # load key from options
     tombkey="`load_key $1`"
     { test $? = 0 } || { die "No key specified." }
@@ -2102,7 +2103,7 @@ main() {
     subcommands_opts[dig]="f -force -ignore-swap s: -size=s "
     subcommands_opts[lock]="f -force -ignore-swap k: -key=k o: -sudo-pwd: -tomb-pwd: "
     subcommands_opts[change]="f -force -ignore-swap k: -key=k -sudo-pwd: -tomb-pwd: "
-    subcommands_opts[backup]="k: -key=k "
+    subcommands_opts[engrave]="k: -key=k "
 
     subcommands_opts[passwd]="f -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: "
     subcommands_opts[close]="-sudo-pwd: "
@@ -2234,10 +2235,10 @@ main() {
 	    change_tomb_key ${=PARAM}
 	    ;;
 
-	backup)
+	engrave)
 	    { test "$QRENCODE" = 0 } && {
-		die "QREncode not installed: cannot backup keys on paper." }
-	    backup_key ${=PARAM}
+		die "QREncode not installed: cannot engrave keys on paper." }
+	    engrave_key ${=PARAM}
 	    ;;
 
 	# backward compat
@@ -2306,8 +2307,17 @@ Tomb $VERSION - a strong and gentle undertaker for your secrets
 EOF
 	    option_is_set -v && {
 		cat <<EOF
+ This source code is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ Please refer to the GNU Public License for more details.
+
+System utils:
 
-Key forging algorithms (GnuPG symmetric ciphers):
+ `sudo -V | head -n1`
+ `cryptsetup --version`
+ `pinentry --version`
+ `gpg --version | head -n1` - key forging algorithms (GnuPG symmetric ciphers):
 `list_gnupg_ciphers`
 EOF
 		return 0